docker-firefox
docker-firefox copied to clipboard
Published
20 hours ago •
jlesage
jlesage
How to add self-signed CA certificates to the Firefox container?
The README mentions the location to store custom certificates.
I tried to bind a directory with the self-signed certificates to /config/certs/.
According to the README, any changes to this /config directory would make Firefox up-to-date with the newly added certificates.
However, nothing is happening.
I'm definitely overlooking something. But what? 🫠
Note that by default it could take up to a minute before doing the update.
- Did you check the container's log (
docker logs <container name>) to make sure no error occurred ? - If you restart the container, does it use the new certs ?
@jlesage , I waited 15mins to after starting the container, followed by:
docker logs firefox
[init ] container is starting...
[cont-env ] loading container environment variables...
[cont-env ] APP_NAME: loading...
[cont-env ] APP_VERSION: loading...
[cont-env ] DISPLAY: executing...
[cont-env ] DISPLAY: terminated successfully.
[cont-env ] DISPLAY: loading...
[cont-env ] DOCKER_IMAGE_PLATFORM: loading...
[cont-env ] DOCKER_IMAGE_VERSION: loading...
[cont-env ] GTK2_RC_FILES: executing...
[cont-env ] GTK2_RC_FILES: terminated successfully.
[cont-env ] GTK2_RC_FILES: loading...
[cont-env ] GTK_THEME: executing...
[cont-env ] GTK_THEME: terminated successfully.
[cont-env ] GTK_THEME: loading...
[cont-env ] HOME: loading...
[cont-env ] QT_STYLE_OVERRIDE: executing...
[cont-env ] QT_STYLE_OVERRIDE: terminated successfully.
[cont-env ] QT_STYLE_OVERRIDE: loading...
[cont-env ] TAKE_CONFIG_OWNERSHIP: loading...
[cont-env ] XDG_CACHE_HOME: loading...
[cont-env ] XDG_CONFIG_HOME: loading...
[cont-env ] XDG_DATA_HOME: loading...
[cont-env ] XDG_RUNTIME_DIR: loading...
[cont-env ] XDG_STATE_HOME: loading...
[cont-env ] container environment variables initialized.
[cont-secrets] loading container secrets...
[cont-secrets] container secrets loaded.
[cont-init ] executing container initialization scripts...
[cont-init ] 10-certs.sh: executing...
[cont-init ] 10-certs.sh: terminated successfully.
[cont-init ] 10-check-app-niceness.sh: executing...
[cont-init ] 10-check-app-niceness.sh: terminated successfully.
[cont-init ] 10-cjk-font.sh: executing...
[cont-init ] 10-cjk-font.sh: terminated successfully.
[cont-init ] 10-clean-logmonitor-states.sh: executing...
[cont-init ] 10-clean-logmonitor-states.sh: terminated successfully.
[cont-init ] 10-clean-tmp-dir.sh: executing...
[cont-init ] 10-clean-tmp-dir.sh: terminated successfully.
[cont-init ] 10-fontconfig-cache-dir.sh: executing...
[cont-init ] 10-fontconfig-cache-dir.sh: terminated successfully.
[cont-init ] 10-init-users.sh: executing...
[cont-init ] 10-init-users.sh: terminated successfully.
[cont-init ] 10-nginx.sh: executing...
[cont-init ] 10-nginx.sh: terminated successfully.
[cont-init ] 10-openbox.sh: executing...
[cont-init ] 10-openbox.sh: terminated successfully.
[cont-init ] 10-set-tmp-dir-perms.sh: executing...
[cont-init ] 10-set-tmp-dir-perms.sh: terminated successfully.
[cont-init ] 10-vnc-password.sh: executing...
[cont-init ] 10-vnc-password.sh: terminated successfully.
[cont-init ] 10-web-data.sh: executing...
[cont-init ] 10-web-data.sh: terminated successfully.
[cont-init ] 10-x11-unix.sh: executing...
[cont-init ] 10-x11-unix.sh: terminated successfully.
[cont-init ] 10-xdg-runtime-dir.sh: executing...
[cont-init ] 10-xdg-runtime-dir.sh: terminated successfully.
[cont-init ] 15-install-pkgs.sh: executing...
[cont-init ] 15-install-pkgs.sh: terminated successfully.
[cont-init ] 55-check-snd.sh: executing...
[cont-init ] 55-check-snd.sh: sound not supported: device /dev/snd not exposed to the container.
[cont-init ] 55-check-snd.sh: terminated successfully.
[cont-init ] 55-firefox.sh: executing...
[cont-init ] 55-firefox.sh: generating machine-id...
[cont-init ] 55-firefox.sh: terminated successfully.
[cont-init ] 56-firefox-set-prefs-from-env.sh: executing...
[cont-init ] 56-firefox-set-prefs-from-env.sh: terminated successfully.
[cont-init ] 85-take-config-ownership.sh: executing...
[cont-init ] 85-take-config-ownership.sh: terminated successfully.
[cont-init ] 89-info.sh: executing...
╭――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――╮
│ │
│ Application: Firefox │
│ Application Version: 109.0.1-r0 │
│ Docker Image Version: 23.03.1 │
│ Docker Image Platform: linux/arm64 │
│ │
╰――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――╯
[cont-init ] 89-info.sh: terminated successfully.
[cont-init ] all container initialization scripts executed.
[init ] giving control to process supervisor.
[supervisor ] loading services...
[supervisor ] loading service 'default'...
[supervisor ] loading service 'logmonitor'...
[supervisor ] service 'logmonitor' is disabled.
[supervisor ] loading service 'app'...
[supervisor ] loading service 'gui'...
[supervisor ] loading service 'openbox'...
[supervisor ] loading service 'xvnc'...
[supervisor ] loading service 'nginx'...
[supervisor ] loading service 'certsmonitor'...
[supervisor ] service 'certsmonitor' is disabled.
[supervisor ] loading service 'logrotate'...
[supervisor ] all services loaded.
[supervisor ] starting services...
[supervisor ] starting service 'xvnc'...
[xvnc ] Xvnc TigerVNC 1.13.0 - built Mar 4 2023 01:14:02
[xvnc ] Copyright (C) 1999-2022 TigerVNC Team and many others (see README.rst)
[xvnc ] See https://www.tigervnc.org for information on TigerVNC.
[xvnc ] Underlying X server release 12013000
[xvnc ] Fri Mar 17 22:37:17 2023
[xvnc ] vncext: VNC extension running!
[xvnc ] vncext: Listening for VNC connections on /tmp/vnc.sock (mode 0660)
[xvnc ] vncext: Listening for VNC connections on all interface(s), port 5900
[xvnc ] vncext: created VNC server for screen 0
[supervisor ] starting service 'openbox'...
[supervisor ] starting service 'nginx'...
[nginx ] Listening for HTTP connections on port 5800.
[supervisor ] starting service 'app'...
[app ] Mozilla Firefox 109.0.1
[supervisor ] all services started.
[xvnc ] Fri Mar 17 22:37:36 2023
[xvnc ] Connections: accepted: /tmp/vnc.sock
[xvnc ] SConnection: Client needs protocol version 3.8
[xvnc ] SConnection: Client requests security type None(1)
[xvnc ] VNCSConnST: Server default pixel format depth 24 (32bpp) little-endian rgb888
[xvnc ] VNCSConnST: Client pixel format depth 24 (32bpp) little-endian bgr888
[xvnc ] ComparingUpdateTracker: 0 pixels in / 0 pixels out
[xvnc ] ComparingUpdateTracker: (1:nan ratio)
[supervisor ] SIGTERM received, shutting down...
[init ] container is starting...
[cont-env ] loading container environment variables...
[cont-env ] APP_NAME: loading...
[cont-env ] APP_VERSION: loading...
[cont-env ] DISPLAY: executing...
[cont-env ] DISPLAY: terminated successfully.
[cont-env ] DISPLAY: loading...
[cont-env ] DOCKER_IMAGE_PLATFORM: loading...
[cont-env ] DOCKER_IMAGE_VERSION: loading...
[cont-env ] GTK2_RC_FILES: executing...
[cont-env ] GTK2_RC_FILES: terminated successfully.
[cont-env ] GTK2_RC_FILES: loading...
[cont-env ] GTK_THEME: executing...
[cont-env ] GTK_THEME: terminated successfully.
[cont-env ] GTK_THEME: loading...
[cont-env ] HOME: loading...
[cont-env ] QT_STYLE_OVERRIDE: executing...
[cont-env ] QT_STYLE_OVERRIDE: terminated successfully.
[cont-env ] QT_STYLE_OVERRIDE: loading...
[cont-env ] TAKE_CONFIG_OWNERSHIP: loading...
[cont-env ] XDG_CACHE_HOME: loading...
[cont-env ] XDG_CONFIG_HOME: loading...
[cont-env ] XDG_DATA_HOME: loading...
[cont-env ] XDG_RUNTIME_DIR: loading...
[cont-env ] XDG_STATE_HOME: loading...
[cont-env ] container environment variables initialized.
[cont-secrets] loading container secrets...
[cont-secrets] container secrets loaded.
[cont-init ] executing container initialization scripts...
[cont-init ] 10-certs.sh: executing...
[cont-init ] 10-certs.sh: terminated successfully.
[cont-init ] 10-check-app-niceness.sh: executing...
[cont-init ] 10-check-app-niceness.sh: terminated successfully.
[cont-init ] 10-cjk-font.sh: executing...
[cont-init ] 10-cjk-font.sh: terminated successfully.
[cont-init ] 10-clean-logmonitor-states.sh: executing...
[cont-init ] 10-clean-logmonitor-states.sh: terminated successfully.
[cont-init ] 10-clean-tmp-dir.sh: executing...
[cont-init ] 10-clean-tmp-dir.sh: terminated successfully.
[cont-init ] 10-fontconfig-cache-dir.sh: executing...
[cont-init ] 10-fontconfig-cache-dir.sh: terminated successfully.
[cont-init ] 10-init-users.sh: executing...
[cont-init ] 10-init-users.sh: terminated successfully.
[cont-init ] 10-nginx.sh: executing...
[cont-init ] 10-nginx.sh: terminated successfully.
[cont-init ] 10-openbox.sh: executing...
[cont-init ] 10-openbox.sh: terminated successfully.
[cont-init ] 10-set-tmp-dir-perms.sh: executing...
[cont-init ] 10-set-tmp-dir-perms.sh: terminated successfully.
[cont-init ] 10-vnc-password.sh: executing...
[cont-init ] 10-vnc-password.sh: terminated successfully.
[cont-init ] 10-web-data.sh: executing...
[cont-init ] 10-web-data.sh: terminated successfully.
[cont-init ] 10-x11-unix.sh: executing...
[cont-init ] 10-x11-unix.sh: terminated successfully.
[cont-init ] 10-xdg-runtime-dir.sh: executing...
[cont-init ] 10-xdg-runtime-dir.sh: terminated successfully.
[cont-init ] 15-install-pkgs.sh: executing...
[cont-init ] 15-install-pkgs.sh: terminated successfully.
[cont-init ] 55-check-snd.sh: executing...
[cont-init ] 55-check-snd.sh: sound not supported: device /dev/snd not exposed to the container.
[cont-init ] 55-check-snd.sh: terminated successfully.
[cont-init ] 55-firefox.sh: executing...
[cont-init ] 55-firefox.sh: generating machine-id...
[cont-init ] 55-firefox.sh: terminated successfully.
[cont-init ] 56-firefox-set-prefs-from-env.sh: executing...
[cont-init ] 56-firefox-set-prefs-from-env.sh: terminated successfully.
[cont-init ] 85-take-config-ownership.sh: executing...
[cont-init ] 85-take-config-ownership.sh: terminated successfully.
[cont-init ] 89-info.sh: executing...
╭――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――╮
│ │
│ Application: Firefox │
│ Application Version: 109.0.1-r0 │
│ Docker Image Version: 23.03.1 │
│ Docker Image Platform: linux/arm64 │
│ │
╰――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――╯
[cont-init ] 89-info.sh: terminated successfully.
[cont-init ] all container initialization scripts executed.
[init ] giving control to process supervisor.
[supervisor ] loading services...
[supervisor ] loading service 'default'...
[supervisor ] loading service 'logmonitor'...
[supervisor ] service 'logmonitor' is disabled.
[supervisor ] loading service 'app'...
[supervisor ] loading service 'gui'...
[supervisor ] loading service 'openbox'...
[supervisor ] loading service 'xvnc'...
[supervisor ] loading service 'nginx'...
[supervisor ] loading service 'certsmonitor'...
[supervisor ] service 'certsmonitor' is disabled.
[supervisor ] loading service 'logrotate'...
[supervisor ] all services loaded.
[supervisor ] starting services...
[supervisor ] starting service 'xvnc'...
[xvnc ] Xvnc TigerVNC 1.13.0 - built Mar 4 2023 01:14:02
[xvnc ] Copyright (C) 1999-2022 TigerVNC Team and many others (see README.rst)
[xvnc ] See https://www.tigervnc.org for information on TigerVNC.
[xvnc ] Underlying X server release 12013000
[xvnc ] Fri Mar 17 22:38:15 2023
[xvnc ] vncext: VNC extension running!
[xvnc ] vncext: Listening for VNC connections on /tmp/vnc.sock (mode 0660)
[xvnc ] vncext: Listening for VNC connections on all interface(s), port 5900
[xvnc ] vncext: created VNC server for screen 0
[supervisor ] starting service 'openbox'...
[supervisor ] starting service 'nginx'...
[nginx ] Listening for HTTP connections on port 5800.
[supervisor ] starting service 'app'...
[app ] Mozilla Firefox 109.0.1
[supervisor ] all services started.
[xvnc ] Fri Mar 17 22:38:19 2023
[xvnc ] Connections: accepted: /tmp/vnc.sock
[xvnc ] SConnection: Client needs protocol version 3.8
[xvnc ] SConnection: Client requests security type None(1)
[xvnc ] VNCSConnST: Server default pixel format depth 24 (32bpp) little-endian rgb888
[xvnc ] VNCSConnST: Client pixel format depth 24 (32bpp) little-endian bgr888
[xvnc ] ComparingUpdateTracker: 0 pixels in / 0 pixels out
[xvnc ] ComparingUpdateTracker: (1:nan ratio)
[xvnc ] Fri Mar 17 23:10:53 2023
[xvnc ] VNCSConnST: closing /tmp/vnc.sock: Clean disconnection
[xvnc ] EncodeManager: Framebuffer updates: 73
[xvnc ] EncodeManager: Tight:
[xvnc ] EncodeManager: Solid: 369 rects, 2.26335 Mpixels
[xvnc ] EncodeManager: 5.76562 KiB (1:1534.18 ratio)
[xvnc ] EncodeManager: Bitmap RLE: 17 rects, 6 kpixels
[xvnc ] EncodeManager: 533 B (1:45.4109 ratio)
[xvnc ] EncodeManager: Indexed RLE: 501 rects, 305.094 kpixels
[xvnc ] EncodeManager: 58.2842 KiB (1:20.5484 ratio)
[xvnc ] EncodeManager: Tight (JPEG):
[xvnc ] EncodeManager: Full Colour: 259 rects, 1.6965 Mpixels
[xvnc ] EncodeManager: 2.05094 MiB (1:3.15691 ratio)
[xvnc ] EncodeManager: Total: 1.146 krects, 4.27094 Mpixels
[xvnc ] EncodeManager: 2.11399 MiB (1:7.71312 ratio)
[xvnc ] Connections: closed: /tmp/vnc.sock
[xvnc ] ComparingUpdateTracker: 28.9905 Mpixels in / 2.96377 Mpixels out
[xvnc ] ComparingUpdateTracker: (1:9.78161 ratio)
[xvnc ] Fri Mar 17 23:20:15 2023
[xvnc ] Connections: accepted: /tmp/vnc.sock
[xvnc ] SConnection: Client needs protocol version 3.8
[xvnc ] SConnection: Client requests security type None(1)
[xvnc ] VNCSConnST: Server default pixel format depth 24 (32bpp) little-endian rgb888
[xvnc ] VNCSConnST: Client pixel format depth 24 (32bpp) little-endian bgr888
docker restart firefox
docker logs firefox
[init ] container is starting...
[cont-env ] loading container environment variables...
[cont-env ] APP_NAME: loading...
[cont-env ] APP_VERSION: loading...
[cont-env ] DISPLAY: executing...
[cont-env ] DISPLAY: terminated successfully.
[cont-env ] DISPLAY: loading...
[cont-env ] DOCKER_IMAGE_PLATFORM: loading...
[cont-env ] DOCKER_IMAGE_VERSION: loading...
[cont-env ] GTK2_RC_FILES: executing...
[cont-env ] GTK2_RC_FILES: terminated successfully.
[cont-env ] GTK2_RC_FILES: loading...
[cont-env ] GTK_THEME: executing...
[cont-env ] GTK_THEME: terminated successfully.
[cont-env ] GTK_THEME: loading...
[cont-env ] HOME: loading...
[cont-env ] QT_STYLE_OVERRIDE: executing...
[cont-env ] QT_STYLE_OVERRIDE: terminated successfully.
[cont-env ] QT_STYLE_OVERRIDE: loading...
[cont-env ] TAKE_CONFIG_OWNERSHIP: loading...
[cont-env ] XDG_CACHE_HOME: loading...
[cont-env ] XDG_CONFIG_HOME: loading...
[cont-env ] XDG_DATA_HOME: loading...
[cont-env ] XDG_RUNTIME_DIR: loading...
[cont-env ] XDG_STATE_HOME: loading...
[cont-env ] container environment variables initialized.
[cont-secrets] loading container secrets...
[cont-secrets] container secrets loaded.
[cont-init ] executing container initialization scripts...
[cont-init ] 10-certs.sh: executing...
[cont-init ] 10-certs.sh: terminated successfully.
[cont-init ] 10-check-app-niceness.sh: executing...
[cont-init ] 10-check-app-niceness.sh: terminated successfully.
[cont-init ] 10-cjk-font.sh: executing...
[cont-init ] 10-cjk-font.sh: terminated successfully.
[cont-init ] 10-clean-logmonitor-states.sh: executing...
[cont-init ] 10-clean-logmonitor-states.sh: terminated successfully.
[cont-init ] 10-clean-tmp-dir.sh: executing...
[cont-init ] 10-clean-tmp-dir.sh: terminated successfully.
[cont-init ] 10-fontconfig-cache-dir.sh: executing...
[cont-init ] 10-fontconfig-cache-dir.sh: terminated successfully.
[cont-init ] 10-init-users.sh: executing...
[cont-init ] 10-init-users.sh: terminated successfully.
[cont-init ] 10-nginx.sh: executing...
[cont-init ] 10-nginx.sh: terminated successfully.
[cont-init ] 10-openbox.sh: executing...
[cont-init ] 10-openbox.sh: terminated successfully.
[cont-init ] 10-set-tmp-dir-perms.sh: executing...
[cont-init ] 10-set-tmp-dir-perms.sh: terminated successfully.
[cont-init ] 10-vnc-password.sh: executing...
[cont-init ] 10-vnc-password.sh: terminated successfully.
[cont-init ] 10-web-data.sh: executing...
[cont-init ] 10-web-data.sh: terminated successfully.
[cont-init ] 10-x11-unix.sh: executing...
[cont-init ] 10-x11-unix.sh: terminated successfully.
[cont-init ] 10-xdg-runtime-dir.sh: executing...
[cont-init ] 10-xdg-runtime-dir.sh: terminated successfully.
[cont-init ] 15-install-pkgs.sh: executing...
[cont-init ] 15-install-pkgs.sh: terminated successfully.
[cont-init ] 55-check-snd.sh: executing...
[cont-init ] 55-check-snd.sh: sound not supported: device /dev/snd not exposed to the container.
[cont-init ] 55-check-snd.sh: terminated successfully.
[cont-init ] 55-firefox.sh: executing...
[cont-init ] 55-firefox.sh: generating machine-id...
[cont-init ] 55-firefox.sh: terminated successfully.
[cont-init ] 56-firefox-set-prefs-from-env.sh: executing...
[cont-init ] 56-firefox-set-prefs-from-env.sh: terminated successfully.
[cont-init ] 85-take-config-ownership.sh: executing...
[cont-init ] 85-take-config-ownership.sh: terminated successfully.
[cont-init ] 89-info.sh: executing...
╭――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――╮
│ │
│ Application: Firefox │
│ Application Version: 109.0.1-r0 │
│ Docker Image Version: 23.03.1 │
│ Docker Image Platform: linux/arm64 │
│ │
╰――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――╯
[cont-init ] 89-info.sh: terminated successfully.
[cont-init ] all container initialization scripts executed.
[init ] giving control to process supervisor.
[supervisor ] loading services...
[supervisor ] loading service 'default'...
[supervisor ] loading service 'logmonitor'...
[supervisor ] service 'logmonitor' is disabled.
[supervisor ] loading service 'app'...
[supervisor ] loading service 'gui'...
[supervisor ] loading service 'openbox'...
[supervisor ] loading service 'xvnc'...
[supervisor ] loading service 'nginx'...
[supervisor ] loading service 'certsmonitor'...
[supervisor ] service 'certsmonitor' is disabled.
[supervisor ] loading service 'logrotate'...
[supervisor ] all services loaded.
[supervisor ] starting services...
[supervisor ] starting service 'xvnc'...
[xvnc ] Xvnc TigerVNC 1.13.0 - built Mar 4 2023 01:14:02
[xvnc ] Copyright (C) 1999-2022 TigerVNC Team and many others (see README.rst)
[xvnc ] See https://www.tigervnc.org for information on TigerVNC.
[xvnc ] Underlying X server release 12013000
[xvnc ] Fri Mar 17 22:37:17 2023
[xvnc ] vncext: VNC extension running!
[xvnc ] vncext: Listening for VNC connections on /tmp/vnc.sock (mode 0660)
[xvnc ] vncext: Listening for VNC connections on all interface(s), port 5900
[xvnc ] vncext: created VNC server for screen 0
[supervisor ] starting service 'openbox'...
[supervisor ] starting service 'nginx'...
[nginx ] Listening for HTTP connections on port 5800.
[supervisor ] starting service 'app'...
[app ] Mozilla Firefox 109.0.1
[supervisor ] all services started.
[xvnc ] Fri Mar 17 22:37:36 2023
[xvnc ] Connections: accepted: /tmp/vnc.sock
[xvnc ] SConnection: Client needs protocol version 3.8
[xvnc ] SConnection: Client requests security type None(1)
[xvnc ] VNCSConnST: Server default pixel format depth 24 (32bpp) little-endian rgb888
[xvnc ] VNCSConnST: Client pixel format depth 24 (32bpp) little-endian bgr888
[xvnc ] ComparingUpdateTracker: 0 pixels in / 0 pixels out
[xvnc ] ComparingUpdateTracker: (1:nan ratio)
[supervisor ] SIGTERM received, shutting down...
[init ] container is starting...
[cont-env ] loading container environment variables...
[cont-env ] APP_NAME: loading...
[cont-env ] APP_VERSION: loading...
[cont-env ] DISPLAY: executing...
[cont-env ] DISPLAY: terminated successfully.
[cont-env ] DISPLAY: loading...
[cont-env ] DOCKER_IMAGE_PLATFORM: loading...
[cont-env ] DOCKER_IMAGE_VERSION: loading...
[cont-env ] GTK2_RC_FILES: executing...
[cont-env ] GTK2_RC_FILES: terminated successfully.
[cont-env ] GTK2_RC_FILES: loading...
[cont-env ] GTK_THEME: executing...
[cont-env ] GTK_THEME: terminated successfully.
[cont-env ] GTK_THEME: loading...
[cont-env ] HOME: loading...
[cont-env ] QT_STYLE_OVERRIDE: executing...
[cont-env ] QT_STYLE_OVERRIDE: terminated successfully.
[cont-env ] QT_STYLE_OVERRIDE: loading...
[cont-env ] TAKE_CONFIG_OWNERSHIP: loading...
[cont-env ] XDG_CACHE_HOME: loading...
[cont-env ] XDG_CONFIG_HOME: loading...
[cont-env ] XDG_DATA_HOME: loading...
[cont-env ] XDG_RUNTIME_DIR: loading...
[cont-env ] XDG_STATE_HOME: loading...
[cont-env ] container environment variables initialized.
[cont-secrets] loading container secrets...
[cont-secrets] container secrets loaded.
[cont-init ] executing container initialization scripts...
[cont-init ] 10-certs.sh: executing...
[cont-init ] 10-certs.sh: terminated successfully.
[cont-init ] 10-check-app-niceness.sh: executing...
[cont-init ] 10-check-app-niceness.sh: terminated successfully.
[cont-init ] 10-cjk-font.sh: executing...
[cont-init ] 10-cjk-font.sh: terminated successfully.
[cont-init ] 10-clean-logmonitor-states.sh: executing...
[cont-init ] 10-clean-logmonitor-states.sh: terminated successfully.
[cont-init ] 10-clean-tmp-dir.sh: executing...
[cont-init ] 10-clean-tmp-dir.sh: terminated successfully.
[cont-init ] 10-fontconfig-cache-dir.sh: executing...
[cont-init ] 10-fontconfig-cache-dir.sh: terminated successfully.
[cont-init ] 10-init-users.sh: executing...
[cont-init ] 10-init-users.sh: terminated successfully.
[cont-init ] 10-nginx.sh: executing...
[cont-init ] 10-nginx.sh: terminated successfully.
[cont-init ] 10-openbox.sh: executing...
[cont-init ] 10-openbox.sh: terminated successfully.
[cont-init ] 10-set-tmp-dir-perms.sh: executing...
[cont-init ] 10-set-tmp-dir-perms.sh: terminated successfully.
[cont-init ] 10-vnc-password.sh: executing...
[cont-init ] 10-vnc-password.sh: terminated successfully.
[cont-init ] 10-web-data.sh: executing...
[cont-init ] 10-web-data.sh: terminated successfully.
[cont-init ] 10-x11-unix.sh: executing...
[cont-init ] 10-x11-unix.sh: terminated successfully.
[cont-init ] 10-xdg-runtime-dir.sh: executing...
[cont-init ] 10-xdg-runtime-dir.sh: terminated successfully.
[cont-init ] 15-install-pkgs.sh: executing...
[cont-init ] 15-install-pkgs.sh: terminated successfully.
[cont-init ] 55-check-snd.sh: executing...
[cont-init ] 55-check-snd.sh: sound not supported: device /dev/snd not exposed to the container.
[cont-init ] 55-check-snd.sh: terminated successfully.
[cont-init ] 55-firefox.sh: executing...
[cont-init ] 55-firefox.sh: generating machine-id...
[cont-init ] 55-firefox.sh: terminated successfully.
[cont-init ] 56-firefox-set-prefs-from-env.sh: executing...
[cont-init ] 56-firefox-set-prefs-from-env.sh: terminated successfully.
[cont-init ] 85-take-config-ownership.sh: executing...
[cont-init ] 85-take-config-ownership.sh: terminated successfully.
[cont-init ] 89-info.sh: executing...
╭――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――╮
│ │
│ Application: Firefox │
│ Application Version: 109.0.1-r0 │
│ Docker Image Version: 23.03.1 │
│ Docker Image Platform: linux/arm64 │
│ │
╰――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――╯
[cont-init ] 89-info.sh: terminated successfully.
[cont-init ] all container initialization scripts executed.
[init ] giving control to process supervisor.
[supervisor ] loading services...
[supervisor ] loading service 'default'...
[supervisor ] loading service 'logmonitor'...
[supervisor ] service 'logmonitor' is disabled.
[supervisor ] loading service 'app'...
[supervisor ] loading service 'gui'...
[supervisor ] loading service 'openbox'...
[supervisor ] loading service 'xvnc'...
[supervisor ] loading service 'nginx'...
[supervisor ] loading service 'certsmonitor'...
[supervisor ] service 'certsmonitor' is disabled.
[supervisor ] loading service 'logrotate'...
[supervisor ] all services loaded.
[supervisor ] starting services...
[supervisor ] starting service 'xvnc'...
[xvnc ] Xvnc TigerVNC 1.13.0 - built Mar 4 2023 01:14:02
[xvnc ] Copyright (C) 1999-2022 TigerVNC Team and many others (see README.rst)
[xvnc ] See https://www.tigervnc.org for information on TigerVNC.
[xvnc ] Underlying X server release 12013000
[xvnc ] Fri Mar 17 22:38:15 2023
[xvnc ] vncext: VNC extension running!
[xvnc ] vncext: Listening for VNC connections on /tmp/vnc.sock (mode 0660)
[xvnc ] vncext: Listening for VNC connections on all interface(s), port 5900
[xvnc ] vncext: created VNC server for screen 0
[supervisor ] starting service 'openbox'...
[supervisor ] starting service 'nginx'...
[nginx ] Listening for HTTP connections on port 5800.
[supervisor ] starting service 'app'...
[app ] Mozilla Firefox 109.0.1
[supervisor ] all services started.
[xvnc ] Fri Mar 17 22:38:19 2023
[xvnc ] Connections: accepted: /tmp/vnc.sock
[xvnc ] SConnection: Client needs protocol version 3.8
[xvnc ] SConnection: Client requests security type None(1)
[xvnc ] VNCSConnST: Server default pixel format depth 24 (32bpp) little-endian rgb888
[xvnc ] VNCSConnST: Client pixel format depth 24 (32bpp) little-endian bgr888
[xvnc ] ComparingUpdateTracker: 0 pixels in / 0 pixels out
[xvnc ] ComparingUpdateTracker: (1:nan ratio)
[xvnc ] Fri Mar 17 23:10:53 2023
[xvnc ] VNCSConnST: closing /tmp/vnc.sock: Clean disconnection
[xvnc ] EncodeManager: Framebuffer updates: 73
[xvnc ] EncodeManager: Tight:
[xvnc ] EncodeManager: Solid: 369 rects, 2.26335 Mpixels
[xvnc ] EncodeManager: 5.76562 KiB (1:1534.18 ratio)
[xvnc ] EncodeManager: Bitmap RLE: 17 rects, 6 kpixels
[xvnc ] EncodeManager: 533 B (1:45.4109 ratio)
[xvnc ] EncodeManager: Indexed RLE: 501 rects, 305.094 kpixels
[xvnc ] EncodeManager: 58.2842 KiB (1:20.5484 ratio)
[xvnc ] EncodeManager: Tight (JPEG):
[xvnc ] EncodeManager: Full Colour: 259 rects, 1.6965 Mpixels
[xvnc ] EncodeManager: 2.05094 MiB (1:3.15691 ratio)
[xvnc ] EncodeManager: Total: 1.146 krects, 4.27094 Mpixels
[xvnc ] EncodeManager: 2.11399 MiB (1:7.71312 ratio)
[xvnc ] Connections: closed: /tmp/vnc.sock
[xvnc ] ComparingUpdateTracker: 28.9905 Mpixels in / 2.96377 Mpixels out
[xvnc ] ComparingUpdateTracker: (1:9.78161 ratio)
[xvnc ] Fri Mar 17 23:20:15 2023
[xvnc ] Connections: accepted: /tmp/vnc.sock
[xvnc ] SConnection: Client needs protocol version 3.8
[xvnc ] SConnection: Client requests security type None(1)
[xvnc ] VNCSConnST: Server default pixel format depth 24 (32bpp) little-endian rgb888
[xvnc ] VNCSConnST: Client pixel format depth 24 (32bpp) little-endian bgr888
[supervisor ] SIGTERM received, shutting down...
[supervisor ] stopping service 'app'...
[supervisor ] service 'app' exited (got signal SIGTERM).
[supervisor ] stopping service 'nginx'...
[xvnc ] Fri Mar 17 23:21:55 2023
[xvnc ] VNCSConnST: closing /tmp/vnc.sock: Clean disconnection
[xvnc ] EncodeManager: Framebuffer updates: 94
[xvnc ] EncodeManager: Tight:
[xvnc ] EncodeManager: Solid: 316 rects, 2.1928 Mpixels
[xvnc ] EncodeManager: 4.9375 KiB (1:1735.56 ratio)
[xvnc ] EncodeManager: Indexed RLE: 242 rects, 218.411 kpixels
[xvnc ] EncodeManager: 35.7471 KiB (1:23.9461 ratio)
[xvnc ] EncodeManager: Tight (JPEG):
[xvnc ] EncodeManager: Full Colour: 226 rects, 1.39678 Mpixels
[xvnc ] EncodeManager: 1.94456 MiB (1:2.74143 ratio)
[xvnc ] EncodeManager: Total: 784 rects, 3.80799 Mpixels
[xvnc ] EncodeManager: 1.98429 MiB (1:7.32518 ratio)
[xvnc ] Connections: closed: /tmp/vnc.sock
[xvnc ] ComparingUpdateTracker: 28.7682 Mpixels in / 2.4052 Mpixels out
[xvnc ] ComparingUpdateTracker: (1:11.9608 ratio)
[supervisor ] service 'nginx' exited (with status 0).
[supervisor ] stopping service 'openbox'...
[supervisor ] service 'openbox' exited (with status 0).
[supervisor ] stopping service 'xvnc'...
[xvnc ] ComparingUpdateTracker: 0 pixels in / 0 pixels out
[xvnc ] ComparingUpdateTracker: (1:nan ratio)
[supervisor ] service 'xvnc' exited (with status 0).
[finish ] executing container finish scripts...
[finish ] all container finish scripts executed.
[init ] container is starting...
[cont-env ] loading container environment variables...
[cont-env ] APP_NAME: loading...
[cont-env ] APP_VERSION: loading...
[cont-env ] DISPLAY: executing...
[cont-env ] DISPLAY: terminated successfully.
[cont-env ] DISPLAY: loading...
[cont-env ] DOCKER_IMAGE_PLATFORM: loading...
[cont-env ] DOCKER_IMAGE_VERSION: loading...
[cont-env ] GTK2_RC_FILES: executing...
[cont-env ] GTK2_RC_FILES: terminated successfully.
[cont-env ] GTK2_RC_FILES: loading...
[cont-env ] GTK_THEME: executing...
[cont-env ] GTK_THEME: terminated successfully.
[cont-env ] GTK_THEME: loading...
[cont-env ] HOME: loading...
[cont-env ] QT_STYLE_OVERRIDE: executing...
[cont-env ] QT_STYLE_OVERRIDE: terminated successfully.
[cont-env ] QT_STYLE_OVERRIDE: loading...
[cont-env ] TAKE_CONFIG_OWNERSHIP: loading...
[cont-env ] XDG_CACHE_HOME: loading...
[cont-env ] XDG_CONFIG_HOME: loading...
[cont-env ] XDG_DATA_HOME: loading...
[cont-env ] XDG_RUNTIME_DIR: loading...
[cont-env ] XDG_STATE_HOME: loading...
[cont-env ] container environment variables initialized.
[cont-secrets] loading container secrets...
[cont-secrets] container secrets loaded.
[cont-init ] executing container initialization scripts...
[cont-init ] 10-certs.sh: executing...
[cont-init ] 10-certs.sh: terminated successfully.
[cont-init ] 10-check-app-niceness.sh: executing...
[cont-init ] 10-check-app-niceness.sh: terminated successfully.
[cont-init ] 10-cjk-font.sh: executing...
[cont-init ] 10-cjk-font.sh: terminated successfully.
[cont-init ] 10-clean-logmonitor-states.sh: executing...
[cont-init ] 10-clean-logmonitor-states.sh: terminated successfully.
[cont-init ] 10-clean-tmp-dir.sh: executing...
[cont-init ] 10-clean-tmp-dir.sh: terminated successfully.
[cont-init ] 10-fontconfig-cache-dir.sh: executing...
[cont-init ] 10-fontconfig-cache-dir.sh: terminated successfully.
[cont-init ] 10-init-users.sh: executing...
[cont-init ] 10-init-users.sh: terminated successfully.
[cont-init ] 10-nginx.sh: executing...
[cont-init ] 10-nginx.sh: terminated successfully.
[cont-init ] 10-openbox.sh: executing...
[cont-init ] 10-openbox.sh: terminated successfully.
[cont-init ] 10-set-tmp-dir-perms.sh: executing...
[cont-init ] 10-set-tmp-dir-perms.sh: terminated successfully.
[cont-init ] 10-vnc-password.sh: executing...
[cont-init ] 10-vnc-password.sh: terminated successfully.
[cont-init ] 10-web-data.sh: executing...
[cont-init ] 10-web-data.sh: terminated successfully.
[cont-init ] 10-x11-unix.sh: executing...
[cont-init ] 10-x11-unix.sh: terminated successfully.
[cont-init ] 10-xdg-runtime-dir.sh: executing...
[cont-init ] 10-xdg-runtime-dir.sh: terminated successfully.
[cont-init ] 15-install-pkgs.sh: executing...
[cont-init ] 15-install-pkgs.sh: terminated successfully.
[cont-init ] 55-check-snd.sh: executing...
[cont-init ] 55-check-snd.sh: sound not supported: device /dev/snd not exposed to the container.
[cont-init ] 55-check-snd.sh: terminated successfully.
[cont-init ] 55-firefox.sh: executing...
[cont-init ] 55-firefox.sh: fixed display size in /config/profile/sessionstore-backups/recovery.jsonlz4.
[cont-init ] 55-firefox.sh: terminated successfully.
[cont-init ] 56-firefox-set-prefs-from-env.sh: executing...
[cont-init ] 56-firefox-set-prefs-from-env.sh: terminated successfully.
[cont-init ] 85-take-config-ownership.sh: executing...
[cont-init ] 85-take-config-ownership.sh: terminated successfully.
[cont-init ] 89-info.sh: executing...
╭――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――╮
│ │
│ Application: Firefox │
│ Application Version: 109.0.1-r0 │
│ Docker Image Version: 23.03.1 │
│ Docker Image Platform: linux/arm64 │
│ │
╰――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――╯
[cont-init ] 89-info.sh: terminated successfully.
[cont-init ] all container initialization scripts executed.
[init ] giving control to process supervisor.
[supervisor ] loading services...
[supervisor ] loading service 'default'...
[supervisor ] loading service 'logmonitor'...
[supervisor ] service 'logmonitor' is disabled.
[supervisor ] loading service 'app'...
[supervisor ] loading service 'gui'...
[supervisor ] loading service 'openbox'...
[supervisor ] loading service 'xvnc'...
[supervisor ] loading service 'nginx'...
[supervisor ] loading service 'certsmonitor'...
[supervisor ] service 'certsmonitor' is disabled.
[supervisor ] loading service 'logrotate'...
[supervisor ] all services loaded.
[supervisor ] starting services...
[supervisor ] starting service 'xvnc'...
[xvnc ] Xvnc TigerVNC 1.13.0 - built Mar 4 2023 01:14:02
[xvnc ] Copyright (C) 1999-2022 TigerVNC Team and many others (see README.rst)
[xvnc ] See https://www.tigervnc.org for information on TigerVNC.
[xvnc ] Underlying X server release 12013000
[xvnc ] Fri Mar 17 23:21:57 2023
[xvnc ] vncext: VNC extension running!
[xvnc ] vncext: Listening for VNC connections on /tmp/vnc.sock (mode 0660)
[xvnc ] vncext: Listening for VNC connections on all interface(s), port 5900
[xvnc ] vncext: created VNC server for screen 0
[supervisor ] starting service 'openbox'...
[supervisor ] starting service 'nginx'...
[nginx ] Listening for HTTP connections on port 5800.
[supervisor ] starting service 'app'...
[app ] Mozilla Firefox 109.0.1
[supervisor ] all services started.
[xvnc ] Fri Mar 17 23:22:03 2023
[xvnc ] Connections: accepted: /tmp/vnc.sock
[xvnc ] SConnection: Client needs protocol version 3.8
[xvnc ] SConnection: Client requests security type None(1)
[xvnc ] VNCSConnST: Server default pixel format depth 24 (32bpp) little-endian rgb888
[xvnc ] VNCSConnST: Client pixel format depth 24 (32bpp) little-endian bgr888
[xvnc ] ComparingUpdateTracker: 0 pixels in / 0 pixels out
[xvnc ] ComparingUpdateTracker: (1:nan ratio)
docker exec -it firefox ls -l /config/certs
total 16
-rw-r--r-- 1 app app 1854 Mar 17 22:31 ca-private.key
-rw-r--r-- 1 app app 1322 Mar 17 22:31 ca.crt
-rw-r--r-- 1 app app 10 Mar 17 22:31 ca.pass
-rw-r--r-- 1 app app 41 Mar 17 22:31 ca.srl
When checking the logs, I do notice that the certsmonitor service is disabled.
[supervisor ] loading service 'certsmonitor'...
[supervisor ] service 'certsmonitor' is disabled.
Ah yes, that's clearly going in the right direction! The system detected the certificates, but now permission errors are popping up, like
85-take-config-ownership.sh: chown: /config/certs/vnc-privkey.pem: Permission denied
Can you share how you created the container (your docker run command, compose file, etc)?
@jlesage , sure!
This is the Docker Compose file.
You can reproduce the problem as follows
git clone -b bug/firefox [email protected]:KNowledgeOnWebScale/open-circularity-platform.git
cd open-circularity-platform/scripts/cert
./main.sh # generate certificates
cd ../../
docker compose --profile frontend up
During the startup, the container takes ownership of /config. This fails because the volume you mounted is read-only:
- ./scripts/cert/outputs/certificate-authority:/config/certs:ro
Changing to :rw results in permission denied errors:
architecture-browser-1 | [cont-init ] 85-take-config-ownership.sh: executing...
architecture-browser-1 | [cont-init ] 85-take-config-ownership.sh: chown: /config/certs/vnc-privkey.pem: Permission denied
architecture-browser-1 | [cont-init ] 85-take-config-ownership.sh: chown: /config/certs/web-privkey.pem: Permission denied
architecture-browser-1 | [cont-init ] 85-take-config-ownership.sh: terminated with error 123.
Details: https://github.com/KNowledgeOnWebScale/open-circularity-platform/commit/47d3cbaaca7bd940fefe78ee510018ca50a03b7c
On what file system ./scripts/cert/outputs/certificate-authority resides on the host ? Is it a network share ?
On what file system
./scripts/cert/outputs/certificate-authorityresides on the host ? Is it a network share ?
I'm running it locally (Macbook Pro (M1, Silicon; macOS-13.2.1-arm64-arm-64bit)), and the filesystem is APFS.
For some reason your system doesn't allow the container to execute chown to set the ownership of the file. This is done under the root user.