Docker mcp gateway starts in WSL2, but calling docker tool fails with docker-entrypoint.sh: exec: line 61: : Permission denied #440
Description
Environment
- Windows 11
- Docker Desktop with WSL2 integration enabled
- WSL2 distro: Ubuntu
- Docker MCP launched from inside WSL2
- Docker CLI plugin available inside WSL
- Docker mcp version = v0.40.1
What works
DOCKER_MCP_IN_CONTAINER=1 docker mcp server lsDOCKER_MCP_IN_CONTAINER=1 docker mcp gateway run --servers docker- MCP initialize succeeds
- tools/list succeeds
Configuration
The MCP client uses:
- command:
docker - args:
["mcp", "gateway", "run", "--servers", "docker"] - env:
DOCKER_MCP_IN_CONTAINER=1
Observed behavior
The MCP gateway starts successfully, but calling the exported docker tool fails.
Example log output:
Calling tool docker with arguments: {"command":"ps"}Running container docker:cli@sha256:067c301efe497cd5d174d468b7b3422a485ae4aca8f7ec1ffd4655c9fa383af2 with args [run --rm -i --init --security-opt no-new-privileges --cpus 1 --memory 2Gb --pull never -l docker-mcp=true -l docker-mcp-tool-type=mcp -l docker-mcp-name=docker -l docker-mcp-transport=stdio -v /var/run/docker.sock:/var/run/docker.sock docker:cli@sha256:067c301efe497cd5d174d468b7b3422a485ae4aca8f7ec1ffd4655c9fa383af2 ]/usr/local/bin/docker-entrypoint.sh: exec: line 61: : Permission denied
Actual result
- gateway process starts
- Docker MCP handshake succeeds
- tool invocation fails
- MCP returns an error result
Expected result
Calling the exported docker tool should execute the requested Docker CLI operation, for example ps.
Notes
- Without
DOCKER_MCP_IN_CONTAINER=1, some Docker MCP CLI commands inside WSL2 reportDocker Desktop is not running - With
DOCKER_MCP_IN_CONTAINER=1, gateway startup works - The failure seems to happen specifically at tool execution time
- From the logs, it looks like the
docker:clicontainer starts, but no executable command is actually passed into the container, so this may be an argv/tool-invocation bug rather than a WSL startup issue