Docker: systemctl – Failed to get D-Bus connection: Operation not permitted

The Problem

Attempts at running a service from within a CentOS 7 container fail with “Failed to get D-Bus connection: Operation not permitted”

The Solution

The first pass would probably be to get the centos/systemd base container and build on that, but this was not an option for me (for bureaucratic reasons that aren’t very exciting or worth getting into).

Fortunately, the official centos image has some documentation on how to get systemd enabled in a Docker container, which didn’t work for me (I got an error ​​​​​[!!!!!!] Failed to mount API filesystems, freezing when trying to run it as-is), but that was useful as a baseline for figuring out how to get the various bits I needed into an existing Dockerfile with some docker-compose yaml for extra flavour.

The big “ah-ha” moment for me was when I finally understood that  you have to enable your service before calling /usr/sbin/init since this program was the magic sauce that started the service in question.

I created a demo repo, the Dockerfile there looks like this:

You can build this image and run a container by executing the following commands manually (from within the dir that contains the Dockerfile):

docker build --rm -t centos7-systemd-docker-demo .

docker run -tid -v /sys/fs/cgroup:/sys/fs/cgroup:ro --cap-add SYS_ADMIN -p 80:80 --name centosdemo centos7-systemd-docker-demo

Note the --cap-add option passed to the run command!

Once your container is running, confirm that the httpd service is live by logging into the container:

docker exec -it centosdemo /bin/bash

and checking the status:

[root@bd3bfb7520b6 /]# systemctl status httpd
● httpd.service – The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2018-03-01 01:34:59 UTC; 48s ago
Docs: man:httpd(8)
Main PID: 18 (httpd)
Status: “Total requests: 0; Current requests/sec: 0; Current traffic: 0 B/sec”
CGroup: /docker/bd3bfb7520b65cbdf6d3b0c3e442acbb5e4148d8fc8413afb250a24a3b2f945b/system.slice/httpd.service
├─18 /usr/sbin/httpd -DFOREGROUND
├─20 /usr/sbin/httpd -DFOREGROUND
├─21 /usr/sbin/httpd -DFOREGROUND
├─22 /usr/sbin/httpd -DFOREGROUND
├─23 /usr/sbin/httpd -DFOREGROUND
└─24 /usr/sbin/httpd -DFOREGROUND

Mar 01 01:34:59 bd3bfb7520b6 systemd[1]: Starting The Apache HTTP Server…
Mar 01 01:34:59 bd3bfb7520b6 httpd[18]: AH00558: httpd: Could not reliably d…e
Mar 01 01:34:59 bd3bfb7520b6 systemd[1]: Started The Apache HTTP Server.
Hint: Some lines were ellipsized, use -l to show in full.


If you are more inclined to using docker-compose, here are the above run commands nicely wrapped up:

10 thoughts on “Docker: systemctl – Failed to get D-Bus connection: Operation not permitted

  1. Hello, my entrypoint in my Dockerfile points to a script that runs `systemctl start nginx.service`, but when I try to do `docker run`, the container starts up then immediately shuts down with error message “Failed to get D-Bus connection: Operation not permitted”. Do you know how to fix this? Thanks!

  2. I used to have problem to start NTP on my container and thanks to this image I am able to run all services now. Thanks !

  3. Hihi, I am using your Dockerfile but still getting the same error using podman rhel 7.7; is this something you came across in the past? Many thanks

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s