If you get “permission denied while trying to connect to the Docker daemon socket” when running Docker commands in WSL, your user doesn’t have access to the Docker socket. This is the most common Docker error on WSL and takes about 30 seconds to fix.
The Error
Running docker ps or any Docker command returns:
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json": dial unix /var/run/docker.sock: connect: permission deniedThis happens because /var/run/docker.sock is owned by the docker group, and your user isn’t a member of that group.
Fix 1: Enable Docker Desktop WSL Integration
If you’re using Docker Desktop on Windows (the most common setup for WSL), make sure WSL integration is enabled for your distro:
- Open Docker Desktop
- Go to Settings > Resources > WSL Integration
- Toggle on your Ubuntu distribution
- Click Apply & restart
After Docker Desktop restarts, open a new WSL terminal and try docker ps again. If it still fails, continue to Fix 2.
Fix 2: Add Your User to the Docker Group
This is the standard fix for the WSL permission denied Docker daemon error. Add your user to the docker group so you can run Docker commands without sudo:
sudo usermod -aG docker $USER-aG appends the docker group to your user without removing existing groups.
For the group change to take effect, restart WSL. From PowerShell or Windows Terminal:
wsl --shutdownReopen your WSL terminal and verify:
docker psIf you see an empty container list (or your running containers), the fix worked.
You can confirm your user is in the docker group with:
groups $USERThe output should include docker in the list.
Fix 3: Fix Socket Permissions (If Needed)
If you’re in the docker group but still get permission denied, the socket file itself may have wrong ownership. Reset it:
sudo chown root:docker /var/run/docker.sock
sudo chmod 660 /var/run/docker.sockThis sets the socket to be owned by root with group docker, and allows read/write access for the owner and group only.
Do not use chmod 666 on the Docker socket. That gives every user on the system full access to Docker, which is a security risk — anyone with socket access can run containers as root.
Still Not Working?
- Docker daemon not running — if you see “Is the docker daemon running?” instead of “permission denied”, the issue is different. Make sure Docker Desktop is running on Windows, or start the Docker service with
sudo service docker startif you installed Docker Engine directly in WSL. - Using
newgrpas a temporary fix — runningnewgrp dockerapplies the group change to your current shell session without restarting WSL. Useful if you can’t restart right now. - WSL integration not appearing in Docker Desktop — make sure your WSL distro is version 2, not version 1. Check with
wsl -l -vin PowerShell. If it shows version 1, convert it withwsl --set-version Ubuntu 2.
Conclusion
The Docker permission denied error on WSL is almost always fixed by adding your user to the docker group and restarting WSL. Once Docker is working, you can start pulling images and building containers. For Docker cleanup tips, see How to Remove All None Tag Docker Images. If you’re setting up your WSL environment, check out How to Connect Visual Studio Code with WSL 2 for Linux Ubuntu.