rootlesskit icon indicating copy to clipboard operation
rootlesskit copied to clipboard
verified publisher icon rootless-containers

Debian based docker:dind-rootless fails to start with error

Open dg424 opened this issue 4 years ago • 4 comments

Hi,

Please see the discussion here - https://github.com/moby/moby/issues/42910#issue-1016724099. With the help of one of the contributors, I was able to create a debian based rootless image. Everything seems ok, except that the following error pops up on startup:

[rootlesskit:parent] error: failed to setup UID/GID map: newuidmap 42 [0 1000 1 1 100000 65536 65537 100000 65536] failed: newuidmap: write to uid_map failed: Invalid argument

@AkihiroSuda Thought I'd post this here since it no longer seems relevant to moby and they might not take any further action on the issue.

dg424 avatar Oct 08 '21 13:10 dg424

Please make sure to run the image with --privileged

AkihiroSuda avatar Oct 08 '21 13:10 AkihiroSuda

Hi Akihiro, Yes, here is the run:

$ docker run --rm -it --privileged --name dind-rootless -e DOCKER_TLS_CERTDIR="" -p 2375:2375 dind-rootless-debian
[rootlesskit:parent] error: failed to setup UID/GID map: newuidmap 32 [0 1000 1 1 100000 65536 65537 100000 65536] failed: newuidmap: write to uid_map failed: Invalid argument
: exit status 1

dg424 avatar Oct 08 '21 13:10 dg424

I posted in Debian's shadow project and this is their response - https://github.com/shadow-maint/shadow/issues/424#issuecomment-939528091

dg424 avatar Oct 10 '21 22:10 dg424

See here - https://github.com/shadow-maint/shadow/issues/424#issuecomment-945881764. Had to comment out the following lines from this part of the rootless Dockerfile - https://github.com/docker-library/docker/blob/master/20.10/dind-rootless/Dockerfile#L19 and line 20. Debian Bullseye rootless boots up now.

dg424 avatar Oct 18 '21 15:10 dg424