Я следовал этому руководству для установки докера на новом сервере Ubuntu 17. Однако я не могу заставить докера работать.

Установка докера через sudo apt-get install docker-ce урожаи:

...
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /lib/systemd/system/docker.service.
Created symlink /etc/systemd/system/sockets.target.wants/docker.socket → /lib/systemd/system/docker.socket.
Job for docker.service failed because the control process exited with error code.
See "systemctl status docker.service" and "journalctl -xe" for details.
invoke-rc.d: initscript docker, action "start" failed.
● docker.service - Docker Application Container Engine
   Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
   Active: activating (auto-restart) (Result: exit-code) since Mon 2017-10-16 08:57:52 UTC; 8ms ago
     Docs: https://docs.docker.com
  Process: 7325 ExecStart=/usr/bin/dockerd -H fd:// (code=exited, status=1/FAILURE)
 Main PID: 7325 (code=exited, status=1/FAILURE)
      CPU: 49ms

Проверка sudo journalctl -u docker дает

    Oct 16 08:57:51 vm1 systemd[1]: docker.service: Failed to reset devices.list: Operation not permitted
Oct 16 08:57:51 vm1 systemd[1]: Starting Docker Application Container Engine...
Oct 16 08:57:51 vm1 dockerd[7325]: time="2017-10-16T08:57:51.743612657Z" level=info msg="libcontainerd: new containerd process, pid: 7335"
Oct 16 08:57:52 vm1 dockerd[7325]: time="2017-10-16T08:57:52.816490740Z" level=warning msg="failed to rename /var/lib/docker/tmp for background deletion: rename /var/lib/docker/tmp /var/lib/docker/tmp-old
Oct 16 08:57:52 vm1 dockerd[7325]: time="2017-10-16T08:57:52.816839404Z" level=error msg="Could not check if docker-default AppArmor profile was loaded: open /sys/kernel/security/apparmor/profiles: permis
Oct 16 08:57:52 vm1 dockerd[7325]: Error starting daemon: couldn't create plugin manager: error setting plugin manager root to private: permission denied
Oct 16 08:57:52 vm1 systemd[1]: docker.service: Main process exited, code=exited, status=1/FAILURE
Oct 16 08:57:52 vm1 systemd[1]: Failed to start Docker Application Container Engine.
Oct 16 08:57:52 vm1 systemd[1]: docker.service: Unit entered failed state.
Oct 16 08:57:52 vm1 systemd[1]: docker.service: Failed with result 'exit-code'.
Oct 16 08:57:53 vm1 systemd[1]: docker.service: Service hold-off time over, scheduling restart.
Oct 16 08:57:53 vm1 systemd[1]: Stopped Docker Application Container Engine.
Oct 16 08:57:53 vm1 systemd[1]: docker.service: Failed to reset devices.list: Operation not permitted
Oct 16 08:57:53 vm1 systemd[1]: Starting Docker Application Container Engine...
Oct 16 08:57:53 vm1 dockerd[7369]: time="2017-10-16T08:57:53.224145403Z" level=info msg="libcontainerd: new containerd process, pid: 7390"
Oct 16 08:57:54 vm1 dockerd[7369]: time="2017-10-16T08:57:54.241186206Z" level=error msg="Could not check if docker-default AppArmor profile was loaded: open /sys/kernel/security/apparmor/profiles: permis
Oct 16 08:57:54 vm1 dockerd[7369]: Error starting daemon: couldn't create plugin manager: error setting plugin manager root to private: permission denied

То, что я нахожу странными, является строкой failed to rename /var/lib/docker/tmp как будто у докера нет разрешений на работу в его каталоге образов /var/lib/docker.

Какая-либо идея что не так или как зафиксировать это?Спасибо!

Править

Я смог установить более старую версию докера: docker-ce_17.03.2~ce-0~ubuntu-xenial_amd64.deb.

Но теперь выполняя изображение как sudo docker run hello-world сбои с

Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
5b0f327be733: Extracting [==================================================>]    974 B/974 B
docker: failed to register layer: ApplyLayer exit status 1 stdout:  stderr: permission denied.