Using podman 3.2.0 and starting the docker API as a regular user, i.e. systemctl --user start podman yield the same issues that SELinux forbids reading /run/user/1000/podman/podman.sock The socket is readable from outside a container, but from the inside SELinux is preventing access to it. Setting SELinux to permissive fixes the access issue.