Many Linux administrators encounter this frustrating scenario when trying to clean up Docker files:
$ sudo rm -rf /var/lib/docker/
rm: cannot remove '/var/lib/docker/aufs': Device or resource busyStandard tools like lsof and ps often fail to identify the culprit:
$ sudo lsof +D /var/lib/docker/
lsof: WARNING: can't stat() fuse.gvfsd-fuse file system
$ ps aux | grep docker
user 5349 0.0 0.0 14224 1024 pts/18 S+ 15:21 0:00 grep dockerTry these more thorough approaches:
$ sudo fuser -vm /var/lib/docker/
USER PID ACCESS COMMAND
/var/lib/docker: root kernel mount /var/lib/dockerFor systems without fuser:
$ sudo apt install psmisc # For Debian/Ubuntu
$ sudo yum install psmisc # For RHEL/CentOSCheck for mounted filesystems:
$ mount | grep docker
aufs on /var/lib/docker/aufs type aufs (rw,relatime,si=abc123)When all else fails:
$ sudo umount -l /var/lib/docker/aufs
$ sudo rm -rf /var/lib/docker/Always stop Docker service first:
$ sudo systemctl stop docker
$ sudo systemctl stop docker.socket
$ sudo rm -rf /var/lib/docker/For containerized processes:
$ sudo lsns -t mnt
$ sudo nsenter -t [PID] -m -- umount /var/lib/docker/aufsWhen attempting to remove Docker directories like /var/lib/docker/, you might encounter the frustrating "Device or resource busy" error. This typically occurs when:
- Docker daemon or containers are still running
- Filesystems are mounted from that location
- Kernel processes maintain open file handles
The standard lsof approach often fails with Docker storage drivers. Here are more effective alternatives:
# Check for mount points
mount | grep /var/lib/docker
# Find processes using the directory (more reliable than lsof)
sudo fuser -vm /var/lib/docker/
# Alternative if fuser isn't available
sudo ls -l /proc/*/fd/ 2>/dev/null | grep /var/lib/docker
When you've confirmed no critical processes are running:
# First attempt graceful shutdown
sudo systemctl stop docker docker.socket containerd
# If still busy, use namespace inspection
sudo nsenter -m -u -n -i -p -t $(pgrep dockerd) -- umount /var/lib/docker/aufs
# Nuclear option (only if absolutely necessary)
sudo umount -l /var/lib/docker/aufs
sudo rm -rf /var/lib/docker
For production systems, consider these safer alternatives:
# Proper Docker cleanup
sudo docker system prune --all --volumes --force
# Reinitialize Docker storage
sudo systemctl stop docker
sudo rm -rf /var/lib/docker/*
sudo systemctl start docker