docker-credential-helpers: Credentials store docker-credential-osxkeychain exited with "User interaction is not allowed."

When I run docker-compose locally, it works just fine, but if I ssh into the machine I get the following:

$ docker-compose up                                                                             
Building web
Traceback (most recent call last):
  File "docker-compose", line 3, in <module>
  File "compose/cli/main.py", line 68, in main
  File "compose/cli/main.py", line 118, in perform_command
  File "compose/cli/main.py", line 926, in up
  File "compose/project.py", line 401, in up
  File "compose/service.py", line 311, in ensure_image_exists
  File "compose/service.py", line 888, in build
  File "site-packages/docker/api/build.py", line 207, in build
  File "site-packages/docker/api/build.py", line 254, in _set_auth_headers
  File "site-packages/docker/auth.py", line 85, in resolve_authconfig
  File "site-packages/docker/auth.py", line 129, in _resolve_authconfig_credstore
docker.errors.DockerException: Credentials store error: StoreError('Credentials store docker-credential-osxkeychain exited with "User interaction is not allowed.".',)
Failed to execute script docker-compose

Any ideas?

About this issue

  • Original URL
  • State: open
  • Created 7 years ago
  • Comments: 19 (2 by maintainers)

Most upvoted comments

Running security unlock-keychain in the problematic terminal session works for me.

It started to do this to me every time I log in via SSH or use tmux, since one of the last Docker updates (I’m on 17.12.0-ce-mac49 now).

+189
mprihoda on Feb 21, 2018

If I click on the docker icon in the menu bar -> preferences -> and I untick “Securely store docker logins in macOS keychain” this problem goes away.

+176
tetherit on Aug 11, 2017

@antipin to me it happens after an OSX crash and somehow the recovered iterm2 sessions are unusable. Open a new iterm2 tab solves the problem.

+46
ivanrvpereira on Oct 20, 2017

Recently I experienced this issue. I went to Keychain Access and locked/unlocked my local keychain. Then I restarted Docker for Mac.

+13
wcgcoder on Jan 11, 2018

This error means that your keychain is locked and credentials can’t be accessed by the current session. Eg. it may stop working when you log in via ssh like https://github.com/docker/docker-credential-helpers/issues/82#issuecomment-743946708 describes. To unlock the keychain run:

security -v unlock-keychain  ~/Library/Keychains/login.keychain-db

We should improve the error and print instructions for unlocking the keychain in the message.

+10
tonistiigi on Dec 22, 2020

Shut down docker. Remove the line:

  "credsStore" : "desktop"

from ~/.docker/config.json Restart docker. Worked for me. Solution failed at by reading this other issue: https://github.com/docker/for-mac/issues/3774

+8
ajslater on Dec 14, 2020

I’m experiencing the same issue. Unticking as suggested by @xanview worked for me too, but it would good to know how to fix it without that workaround.

+6
juancarlosfarah on Sep 3, 2017

Trying the solution offered by @ghost i.e. clicking on the docker icon in the menu bar -> preferences -> and unticking “Securely store docker logins in macOS keychain” yielded an initialization error:

dockerpycreds.errors.InitializationError: docker-credential-osxkeychain not installed or not available in PATH I reticked the “Securely store docker logins in macOS keychain” and did a docker login afresh. This solved the issue for me.

+3
collinsmetto on Jul 22, 2019

If it can help someone, I’ve got the same error when executed docker-compose up with no PATH env variable available. It could happen if you are running docker-compose through some other tool. In my case it was an utility that merges .env files and runs next command with correspondent environment variables.

+2
antipin on Oct 13, 2017

This is still an issue. ssh into my macbook pro running docker desktop for mac, 2.5.0.1 (49550). If I try docker login via a remote SSH session I get the following:

(base) ➜  ~ docker login
Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one.
Username: <my-username>
Password:
Error saving credentials: error storing credentials - err: exit status 1, out: `User interaction is not allowed.`

In iTerm2 running directly on macbook pro, everything is fine. Definitely related to remote SSH sessions on mac.

system.log

When I tail -f /var/log/system.log I see the following error message regardless of whether I am running locally or remotely.

Dec 12 23:30:15 myhost com.apple.xpc.launchd[1] (com.apple.xpc.launchd.domain.pid.docker-credenti.13519): Failed to bootstrap path: path = /usr/local/bin/docker-credential-osxkeychain, error = 2: No such file or directory

In both the success and failure scenarios, this error is logged upon entering the docker login command. After I enter username and password, the error is logged two more times in the successful scenario, but only logged one more time in the failure scenario.

+1
vatervonacht on Dec 13, 2020

For Windows and Docker Hub: Docker -> rightclick -> settings -> Shared Drives -> activate your drive(probably C)

+1
Downvote-Hunter on Oct 16, 2019
Read more comments on GitHub
← compose: WINDOWS: unable to build simple docker-compose.yml with changed context
docker-credential-helpers: docker-credential-helpers segfaults (free(): invalid pointer) if list() fails →