docker tutorials

Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock), are you root ?

This tutorial guides you to resolve errors Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), are you root ? and Could not open lock file /var/lib/dpkg/lock-frontend – open (13: Permission denied) when you are trying to install softwares in your docker container.

Error: Unable to acquire the dpkg frontend lock, are you root ?

Let’s use standard docker ubuntu image for our example. The below docker run command will result in error because non-root user are not allowed to install software in the docker container. Let’s see how to install required softwares in the docker container.

$ docker run -d ubuntu apt-get update && apt-get install -y openssh-server && /usr/sbin/sshd -D
You are running apt-get inside of Cloud Shell. Note that your Cloud Shell
machine is ephemeral and no system-wide change will persist beyond session end.

To suppress this warning, create an empty ~/.cloudshell/no-apt-get-warning file.
The command will automatically proceed in 5 seconds or on any key.

Visit for more information.
E: Could not open lock file /var/lib/dpkg/lock-frontend - open (13: Permission denied)
E: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), are you root?

First, run the following docker command which will start bash session with root user. Then in the bash prompt run apt-get commands as shown.

$ docker run -it ubuntu bash
//bash session
root@35ef2af2110d:/# apt-get update && apt-get install -y openssh-server
Creating config file /etc/ssh/sshd_config with new version
Creating SSH2 RSA key; this may take some time ...
3072 SHA256:TfRXuNvNIZXYKb6mEQYfsdPlw+hbsAFRpFZf0+h407c root@35ef2af2110d (RSA)
Creating SSH2 ECDSA key; this may take some time ...
256 SHA256:P8/CM7WpDygPx0A8fcZXyCmhSdYORqg0jS10C8Oh6hM root@35ef2af2110d (ECDSA)
Creating SSH2 ED25519 key; this may take some time ...
256 SHA256:J+z0EYlWJ5UvRAGHCN2Zp2I+O2mO51QGYaehZNYTz98 root@35ef2af2110d (ED25519)
Created symlink /etc/systemd/system/sshd.service → /lib/systemd/system/ssh.service.
Created symlink /etc/systemd/system/ → /lib/systemd/system/ssh.service.
invoke-rc.d: could not determine current runlevel
invoke-rc.d: policy-rc.d denied execution of start.
Setting up python3-chardet (3.0.4-4build1) ...
Setting up python3-requests (2.22.0-2ubuntu1) ...
Setting up networkd-dispatcher (2.0.1-1) ...
Created symlink /etc/systemd/system/ → /lib/systemd/system/networkd-dispatcher.service.
Setting up ssh-import-id (5.10-0ubuntu1) ...
Attempting to convert /etc/ssh/ssh_import_id
Processing triggers for systemd (245.4-4ubuntu3.2) ...
Processing triggers for libc-bin (2.31-0ubuntu9) ...
Processing triggers for ca-certificates (20190110ubuntu1.1) ...
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...

Next, run the following commands to make necessary changes in the softwares installed and in the container’s file system.

root@35ef2af2110d:/# mkdir /var/run/sshd

root@35ef2af2110d:/# adduser admin
Adding user `admin' ...
Adding new group `admin' (1000) ...
Adding new user `admin' (1000) with group `admin' ...
Creating home directory `/home/admin' ...
Copying files from `/etc/skel' ...
New password:
Retype new password:
passwd: password updated successfully
Changing the user information for admin
Enter the new value, or press ENTER for the default
        Full Name []: Admin
        Room Number []: 1
        Work Phone []: 1234567890
        Home Phone []: 2345678901
        Other []:
Is the information correct? [Y/n] y

root@35ef2af2110d:/# usermod -aG sudo admin

root@35ef2af2110d:/# sed 's@session\s*required\s* optional' -i /etc/pam.d/sshd

root@35ef2af2110d:/# echo 'export NOTVISIBLE="in users profile"' >> ~/.bashrc

root@35ef2af2110d:/# echo "export VISIBLE=now" >> /etc/profile

root@35ef2af2110d:/# exit

Once you are done with the required changes, you can create a copy image (ubuntu_sshd) of your modified container with the following docker commit command.

$ docker commit `docker ps -lq` ubuntu_sshd

$ docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
ubuntu_sshd         latest              a382afed9966        10 seconds ago      222MB
ubuntu              latest              1e4467b07108        10 days ago         73.9MB

Now, you can use new image and run docker instance using the following command. This command will start new container and run sshd daemon in the container.

$ docker run -d -p 2222:22 ubuntu_sshd /bin/bash -c "/usr/sbin/sshd -D"

$ docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                      PORTS                   NAMES
a574cef96dfc        ubuntu_sshd         "/bin/bash -c '/usr/…"   5 minutes ago       Up 5 minutes      >22/tcp    pensive_agnesi
35ef2af2110d        ubuntu              "bash"                   16 minutes ago      Exited (0) 8 minutes ago                            laughing_nobel

Finally, you can SSH in to your docker container using the following command.

$ ssh admin@localhost -p 2222
The authenticity of host '[localhost]:2222 ([]:2222)' can't be established.
ECDSA key fingerprint is SHA256:P8/CM7WpDygPx0A8fcZXyCmhSdYORqg0jS10C8Oh6hM.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[localhost]:2222' (ECDSA) to the list of known hosts.
admin@localhost's password:
Welcome to Ubuntu 20.04 LTS (GNU/Linux 4.19.112+ x86_64)

 * Documentation:
 * Management:
 * Support:

This system has been minimized by removing packages and content that are
not required on a system that users do not log into.

To restore this content, you can run the 'unminimize' command.

The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.


Once you SSH in to docker container with non-root user (admin) as shown above, then you can install any softwares using non root user as well and you should not see those errors.

Hope it helped 🙂

Also See:


Notify of

Inline Feedbacks
View all comments