docker
UAC requires elevation prompt every time after reboot OS
Description
After every OS reboot i get UAC elevation prompt for "Docker Desktop Privileged Helper" for program location ["C:\Program Files\Docker\Docker\resources\com.docker.admin.exe" wsl-update]. After restart Docker Desktop i don't get UAC prompt.
Reproduce
- Reboot OS.
Expected behavior
No response
docker version
Client:
Cloud integration: v1.0.35+desktop.5
Version: 24.0.6
API version: 1.43
Go version: go1.20.7
Git commit: ed223bc
Built: Mon Sep 4 12:32:48 2023
OS/Arch: windows/amd64
Context: default
Server: Docker Desktop 4.25.2 (129061)
Engine:
Version: 24.0.6
API version: 1.43 (minimum version 1.12)
Go version: go1.20.7
Git commit: 1a79695
Built: Mon Sep 4 12:32:16 2023
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.6.22
GitCommit: 8165feabfdfe38c65b599c4993d227328c231fca
runc:
Version: 1.1.8
GitCommit: v1.1.8-0-g82f18fe
docker-init:
Version: 0.19.0
GitCommit: de40ad0
docker info
Client:
Version: 24.0.6
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.11.2-desktop.5
Path: C:\Program Files\Docker\cli-plugins\docker-buildx.exe
compose: Docker Compose (Docker Inc.)
Version: v2.23.0-desktop.1
Path: C:\Program Files\Docker\cli-plugins\docker-compose.exe
dev: Docker Dev Environments (Docker Inc.)
Version: v0.1.0
Path: C:\Program Files\Docker\cli-plugins\docker-dev.exe
extension: Manages Docker extensions (Docker Inc.)
Version: v0.2.20
Path: C:\Program Files\Docker\cli-plugins\docker-extension.exe
init: Creates Docker-related starter files for your project (Docker Inc.)
Version: v0.1.0-beta.9
Path: C:\Program Files\Docker\cli-plugins\docker-init.exe
sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc.)
Version: 0.6.0
Path: C:\Program Files\Docker\cli-plugins\docker-sbom.exe
scan: Docker Scan (Docker Inc.)
Version: v0.26.0
Path: C:\Program Files\Docker\cli-plugins\docker-scan.exe
scout: Docker Scout (Docker Inc.)
Version: v1.0.9
Path: C:\Program Files\Docker\cli-plugins\docker-scout.exe
Server:
Containers: 2
Running: 0
Paused: 0
Stopped: 2
Images: 2
Server Version: 24.0.6
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 8165feabfdfe38c65b599c4993d227328c231fca
runc version: v1.1.8-0-g82f18fe
init version: de40ad0
Security Options:
seccomp
Profile: unconfined
Kernel Version: 5.15.133.1-microsoft-standard-WSL2
Operating System: Docker Desktop
OSType: linux
Architecture: x86_64
CPUs: 12
Total Memory: 899.6MiB
Name: MICHAELHOME
ID: df80417f-325c-47a5-b367-3f50687c814c
Docker Root Dir: /var/lib/docker
Debug Mode: false
HTTP Proxy: http.docker.internal:3128
HTTPS Proxy: http.docker.internal:3128
No Proxy: hubproxy.docker.internal
Experimental: false
Insecure Registries:
hubproxy.docker.internal:5555
127.0.0.0/8
Live Restore Enabled: false
WARNING: No blkio throttle.read_bps_device support
WARNING: No blkio throttle.write_bps_device support
WARNING: No blkio throttle.read_iops_device support
WARNING: No blkio throttle.write_iops_device support
WARNING: daemon is not using the default seccomp profile
Diagnostics ID
5EC7FB5E-78B0-408A-929F-8F706FFE9D65/20231124051504
Additional Info
No response
Me too, after setting Docker Desktop to start al Windows login. On my old computer, a year ago or so, it was set this way, but no UAC dialog at login.
After updating to 4.33.0, I get this popup when I sign-in.
It's annoying because I sign-out when I go to meetings or lunch breaks, so I get the popup several times a day.
I appears fixed after upgrade to 4.33.1 (maybe related to #14222? that's the only fix mentioned in release notes)
Also started getting this today after upgrade to v4.33.1
Edit: WSL version: 2.2.4.0 Kernel version: 5.15.153.1-2 WSLg version: 1.0.61 MSRDC version: 1.2.5326 Direct3D version: 1.611.1-81528511 DXCore version: 10.0.26091.1-240325-1447.ge-release Windows version: 10.0.22631.3958
Edit 03/08/2024: I repeated the build process on an identical Windows machine using "Docker Desktop Installer.exe" v4.32.0.0 & then followed the upgrade to v4.33.1 and got the same UAC error. I de-installed Docker & reinstalled v4.32.0.0, built my containers & rebooted & (not that surprisingly) I don't get the UAC prompt every time Docker starts.
Same here, as @tackarama
Edit : launched wsl --update --pre-release in pwsh, have WSL version: 2.3.14.0 right now, coming from 2.2.4 and new Kernel version for WSL, Docker Desktop works fine now, but all images are lost ☹ . So good so far ...
4.33.1 fixed issue that was caused by 4.33.0, YMMV
UPDATE: After the week, the popup was back. Not sure why it didn't display after restarts last week.
with 4.33.1 I am now stuck with endless UAC requests .. it tries to start the engine, stops and asks for UAC again.
if I cancel the UAC, I see that it tries to run the "wsl --update" cmd
edit:
found the issue: wsl update to 2.2.4 was not possible. I had to remove the installation manually and install the update myself. Docker desktop works again now with up to date wsl kernel
Hi all,
thanks for reporting the issue.
The root cause of the WSL Update prompts is a bug in the Docker Desktop startup error handling code that was introduced in 4.33.0. The bug causes every startup to be incorrectly classified as a "WSL not up to date" problem, causing the prompts to update WSL that you are experiencing.
Please, try out this development build (installer - md5sum: b355d0d2253556fd5cb6dd5f23c30bbd). Compared to 4.33.1:
- It fixes the error classification errors, so you should no longer see WSL update prompts but the original error - which should help resolution.
- It fixes a common error in 4.33.1, which was also wrongly classified as "WSL update required" and I have spotted in several of the diagnostics shared.
Please, let us know how that goes.
That dev build works for me - Windows 11, WSL 2.2.4.0. No more UA messages on startup. Many thanks for the resolution.
Excellent - works for me, Thanks.
Edit 08/08/2024: Just rebooted & Docker failed to start as per image. Tried to restart the PC & it would not reboot after waiting 15 mins. Crashed PC & logged in removed v4.33.1 (revised version supplied above) reinstall v4.32.0, recreated containers (only 2) and they came up.
Spoke too soon: on a subsequent reboot it gave the screen below. A manual restart of Docker Desktop did then work though.
The diagnostics ID is A28AE790-279C-4CA2-89C1-ED7EA701D72E/20240807062618.
Hey @NorthNick , all - thanks for the feedback.
@NorthNick , looking at your latest diagnostics it looks like WSL2 was in a state were processes could not be killed. I'll look more into it, but it may be a "one off" issue, which should be solvable with just a Stop Docker Desktop + wsl.exe --shutdown + Start Docker Desktop (quicker than a reboot).
Please, let us know if it keeps happening (feel free to open a new issue).
@andrea-reale The same issue that NorthNick described happen to me. I think it was caused by the container which had 'restart' set to 'always'. I.e. this container (and some dependency) tried to run on system start. I'm using your dev. build.
Thank you.
@andrea-reale no luck
error spotted in wslbootstrap log: "[2024-08-08T03:48:10.849907057Z][wsl-bootstrap][F] mounting /lib/modules to /tmp/docker-desktop-<USER>/lib/modules: no such file or directory
A89CF936-1CF7-4B13-AD32-CF7D80A703F4/20240808035123
EDIT:
solved by commenting out my custom kernel in wslconfig
[wsl2]
# kernel=C:\\Users\\dragon\\bzImage-5-15-153-1
and now it starts fine all images and containers shown.
@andrea-reale can you estimate when your changes will be incorporated in an official 4.33.2 release or something? because of CVE-2024–41110 id like to update ASAP.
i keep refreshing https://docs.docker.com/desktop/release-notes/ ;)
That dev build works for me - Windows 11, WSL 2.2.4.0. No more UA messages on startup. Many thanks for the resolution.
Same here.
will installing the dev build keep me on track to receiving 4.33.2 when it comes out, as normal?
I have installed a version that @andrea-reale provided but everything still stuck with me I have done everything I can find on this topic.
My diagnostics ID: 5C239589-AAFE-4C89-8BCE-766D3858F7AC/20240812105158
@levi-vu it looks like you're really running an old WSL version. Could you try to update with a recent one, for example this is the latest stable for x86_64: https://github.com/microsoft/WSL/releases/download/2.2.4/wsl.2.2.4.0.x64.msi
@levi-vu it looks like you're really running an old WSL version. Could you try to update with a recent one, for example this is the latest stable for x86_64: https://github.com/microsoft/WSL/releases/download/2.2.4/wsl.2.2.4.0.x64.msi
I have updated wsl by cmd Wsl --update but it not work I will try to update it manually Btw, thank you show much for reply me immediately
@andrea-reale no luck
error spotted in wslbootstrap log: "[2024-08-08T03:48:10.849907057Z][wsl-bootstrap][F] mounting /lib/modules to /tmp/docker-desktop-/lib/modules: no such file or directory
A89CF936-1CF7-4B13-AD32-CF7D80A703F4/20240808035123
EDIT:
solved by commenting out my custom kernel in wslconfig
[wsl2] # kernel=C:\\Users\\dragon\\bzImage-5-15-153-1and now it starts fine all images and containers shown.
Thanks for this, I was able to get past this blowing up on Windows Arm64. I happened to have a custom kernel also 😅
I'm also running into this and the updated build does not resolve this...
error spotted in wslbootstrap log: "[2024-08-14T12:04:42.149177253Z][wsl-bootstrap][F] mounting /lib/modules to /tmp/docker-desktop-<USER>/lib/modules: no such file or directory"
