AdGuardHome icon indicating copy to clipboard operation
AdGuardHome copied to clipboard

Published 20 hours ago verified publisher icon AdguardTeam

Failed to start DHCP server in Podman container

Open skerit opened this issue 2 years ago • 2 comments

Prerequisites

  • [X] I have checked the Wiki and Discussions and found no answer

  • [X] I have searched other issues and found no duplicates

  • [X] I want to report a bug and not ask a question

Operating system type

Linux, Other (please mention the version in the description)

CPU architecture

AMD64

Installation

Docker

Setup

On one machine

AdGuard Home version

v0.107.11

Description

What did you do?

I installed AdguardHome:

podman run --name adguardhome\
    --restart unless-stopped\
    -v /usr/local/etc/adguard/work:/opt/adguardhome/work\
    -v /usr/local/etc/adguard/conf:/opt/adguardhome/conf\
    --network host\
    -d adguard/adguardhome

Expected result

It should act as a DHCP server

Actual result

I got this error in the log:

starting dhcp server: dhcpv4: creating raw udp connection: listen packet 04:d4:c4:58:3d:69: socket: operation not permitted

It would also really help if this was somehow apparent in the web interface.

skerit avatar Sep 03 '22 12:09 skerit

Installation

Docker

Docker != Podman.

Related to #2809.

agneevX avatar Sep 03 '22 18:09 agneevX

I'm not familiar with Podman, but it seems like if you're running a rootless installation, binding to privileged ports is not possible. See their documentation. I'll leave this issue open, in case anyone else has some input.

ainar-g avatar Sep 05 '22 17:09 ainar-g

I've got AdGuardHome working in a Podman container with DHCP. I'm using Quadlet to configure the container, the config is as follows:

[Install]
WantedBy=default.target

[Unit]
Description=AdGuard Home DNS
After=network-online.target

[Container]
Image=docker.io/adguard/adguardhome:latest
Label=io.containers.autoupdate=registry
Volume=<insert conf here>:/opt/adguardhome/conf
Volume=<insert work here>:/opt/adguardhome/work
Network=host
AddCapability=NET_RAW

Alternatively you should just be able to do something like podman run --net host --add-cap NET_RAW -v <volumes> docker.io/adguard/adguardhome:latest

The important things are:

  • --net host: Same as Docker. Allows the container to use the host's network interfaces.
  • --add-cap NET_RAW: Allows the container to use raw networking, needed for DHCP specifically (that's why you get the operation not permitted)

bobobo1618 avatar Feb 25 '23 17:02 bobobo1618

  • --add-cap NET_RAW: Allows the container to use raw networking, needed for DHCP specifically (that's why you get the operation not permitted)

so close, so helpful, it's --cap-add. Thanks for pointing me in the right direction.

videoMonkey avatar Sep 15 '23 12:09 videoMonkey