slim icon indicating copy to clipboard operation
slim copied to clipboard

Published 20 hours ago verified publisher icon slimtoolkit

SensorError Fanotify function not implemented

Open aymond opened this issue 4 years ago • 29 comments

Expected Behavior

Call docker-slim and receive a slimified image on Windows docker-desktop similar to linux based docker.

Actual Behavior

docker-slim[build]: info=http.probe message='using default probe'
cmd=build state=started
cmd=build info=params target=discordbot continue.mode=probe rt.as.user=true keep.perms=true
cmd=build state=image.inspection.start
cmd=build info=image id=sha256:d9ba3a051c03fb116888b6cf2838c7a56baaea954708e49311ff79286ea0c099 size.bytes=857306452 size.human=857 MB
cmd=build info=image.stack index=0 name='discordbot:latest' id='sha256:d9ba3a051c03fb116888b6cf2838c7a56baaea954708e49311ff79286ea0c099'
cmd=build state=image.inspection.done
cmd=build state=container.inspection.start
cmd=build info=container status=created name=dockerslimk_9304_20210207113908 id=c958ce4f41bf12268c2b48e1be2353a1238ce985bc63213aa9734f874a9d57e3
cmd=build info=cmd.startmonitor status=sent
cmd=build info=event.error status=received data=SensorError{Op:sensor.fanotify.Run/fanapi.Initialize,Kind:call.error,Wrapped:{Type=syscall.Errno,Info=function not implemented,Line:43,File:github.com/docker-slim/docker-slim/internal/app/sensor/monitors/fanotify/monitor.go}}
cmd=build state=exited version=linux|Transformer|1.34.0|a5cb54043b3ab3cf747165aad745f19db680434e|2021-01-29_10:00:49PM

Steps to Reproduce the Problem

  1. Have image locally
docker image ls discordbot
REPOSITORY   TAG       IMAGE ID       CREATED      SIZE
discordbot   latest    d9ba3a051c03   7 days ago   857MB
  1. Execute docker-slim --log-level debug --log-format json --log slim.log build discordbot 
$ docker-slim --log-level debug --log-format json --log slim.log build discordbot
docker-slim: message='join the Gitter channel to ask questions or to share your feedback' info='https://gitter.im/docker-slim/community'
docker-slim: message='join the Discord server to ask questions or to share your feedback' info='https://discord.gg/9tDyxYS'
docker-slim: message='Github discussions' info='https://github.com/docker-slim/docker-slim/discussions'
docker-slim[build]: info=http.probe message='using default probe'
cmd=build state=started
cmd=build info=params target=discordbot continue.mode=probe rt.as.user=true keep.perms=true
cmd=build state=image.inspection.start
cmd=build info=image id=sha256:d9ba3a051c03fb116888b6cf2838c7a56baaea954708e49311ff79286ea0c099 size.bytes=857306452 size.human=857 MB
cmd=build info=image.stack index=0 name='discordbot:latest' id='sha256:d9ba3a051c03fb116888b6cf2838c7a56baaea954708e49311ff79286ea0c099'
cmd=build state=image.inspection.done
cmd=build state=container.inspection.start
cmd=build info=container status=created name=dockerslimk_9326_20210207113938 id=3b0ffde05cdd4d480c16b9e94091e0c48d38eeb65bf637f8a6da837b4dbb792e
cmd=build info=cmd.startmonitor status=sent
cmd=build info=event.error status=received data=SensorError{Op:sensor.fanotify.Run/fanapi.Initialize,Kind:call.error,Wrapped:{Type=syscall.Errno,Info=function not implemented,Line:43,File:github.com/docker-slim/docker-slim/internal/app/sensor/monitors/fanotify/monitor.go}}
cmd=build state=exited version=linux|Transformer|1.34.0|a5cb54043b3ab3cf747165aad745f19db680434e|2021-01-29_10:00:49PM

Specifications

$ docker-slim version
cmd=version info=app version='linux|Transformer|1.34.0|a5cb54043b3ab3cf747165aad745f19db680434e|2021-01-29_10:00:49PM' container=false dsimage=false
cmd=version info=app outdated=false current=1.34.0 verdict='your have the latest version'
cmd=version info=app location='/home/aymon/.local/bin'
cmd=version info=host osname='Ubuntu 20.04.2 LTS (Focal Fossa)'
cmd=version info=host osbuild=
cmd=version info=host version='#1 SMP Tue Jun 23 12:58:10 UTC 2020'
cmd=version info=host release=4.19.128-microsoft-standard
cmd=version info=host sysname=Linux
cmd=version info=docker name=docker-desktop
cmd=version info=docker kernel_version=4.19.128-microsoft-standard
cmd=version info=docker operating_system=Docker Desktop
cmd=version info=docker ostype=linux
cmd=version info=docker server_version=20.10.2
cmd=version info=docker architecture=x86_64
cmd=version info=dclient api_version=1.41
cmd=version info=dclient min_api_version=1.12
cmd=version info=dclient build_time=2020-12-28T16:15:28.000000000+00:00
cmd=version info=dclient git_commit=8891c58

Server: Docker Engine - Community
 Engine:
  Version:          20.10.2
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.13.15
  Git commit:       8891c58
  Built:            Mon Dec 28 16:15:28 2020
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.4.3
  GitCommit:        269548fa27e0089a8b8278fc4fc781d7f65a939b
 runc:
  Version:          1.0.0-rc92
  GitCommit:        ff819c7e9184c13b7c2607fe6c30ae19403a7aff
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

aymond avatar Feb 07 '21 11:02 aymond

Looks like FANOTIFY isn't (fully) implemented in the linux version you have running on Windows. Supporting WSL on Windows is on the todo list though I'm still exploring demand for it. Not having a Windows machine to test it doesn't help either :-) Are you running WSL2? Do you have the latest possible version of the linux kernel installed?

kcq avatar Feb 08 '21 09:02 kcq

Thanks. I also have an Ubuntu workstation, and there everything is working fine.

I installed the latest Microsoft standard kernel for WSL2, and still receive the same error. I will continue using native Ubuntu and wait for WSL2 to support fanotify

uname -r
5.4.91-microsoft-standard-WSL2

docker-slim build ...
cmd=build info=event.error status=received data=SensorError{Op:sensor.fanotify.Run/fanapi.Initialize,Kind:call.error,Wrapped:{Type=syscall.Errno,Info=function not implemented,Line:43,File:github.com/docker-slim/docker-slim/internal/app/sensor/monitors/fanotify/monitor.go}}

aymond avatar Feb 09 '21 07:02 aymond

Just to double check... what do you see when you run wsl -l -v

kcq avatar Feb 10 '21 09:02 kcq 

> wsl -l -v
  NAME                   STATE           VERSION
* Ubuntu-20.04           Running         2
  docker-desktop-data    Running         2
  docker-desktop         Running         2
  Ubuntu-18.04           Stopped         1

aymond avatar Feb 14 '21 12:02 aymond

Hello, I seem to have the same error running docker-slim on mac os 12.1

docker-slim build sev2                                                                                                                                                      I 
docker-slim: message='join the Gitter channel to ask questions or to share your feedback' info='https://gitter.im/docker-slim/community'
docker-slim: message='join the Discord server to ask questions or to share your feedback' info='https://discord.gg/9tDyxYS'
docker-slim: message='Github discussions' info='https://github.com/docker-slim/docker-slim/discussions'
cmd=build info=param.http.probe message='using default probe' 
cmd=build state=started
cmd=build info=params target.type='image' target='sev2' continue.mode='probe' rt.as.user='true' keep.perms='true' tags='' 
cmd=build state=image.inspection.start
cmd=build info=image id='sha256:43caf14b3756d0e9a4b987a86785ca1dedd40e6cb7809966e765d36521c1069d' size.bytes='2114762232' size.human='2.1 GB' 
cmd=build info=image.stack id='sha256:28a4c88cdbbf27e06dc5dc6784504d6536e8678284d84dd7f88f95b2145d27b0' index='0' name='python:3.8.5' 
cmd=build info=image.stack index='1' name='sev2:latest' id='sha256:43caf14b3756d0e9a4b987a86785ca1dedd40e6cb7809966e765d36521c1069d' 
cmd=build state=image.inspection.done
cmd=build state=container.inspection.start
cmd=build info=container status='created' name='dockerslimk_3603_20220214080729' id='a1410867ed44b7ccbdd45a24d914059d0f3bd963ed0ece56b0cdb810f7bd82b5' 
cmd=build info=cmd.startmonitor status='sent' 
cmd=build info=event.error status='received' data='SensorError{Op:sensor.fanotify.Run/fanapi.Initialize,Kind:call.error,Wrapped:{Type=syscall.Errno,Info=function not implemented,Line:43,File:github.com/docker-slim/docker-slim/pkg/app/sensor/monitors/fanotify/monitor.go}}' 
cmd=build state=exited code=-124 component=container.inspector version=darwin|Transformer|1.37.3|latest|latest

Version

cmd=version info=app version='darwin|Transformer|1.37.3|latest|latest' container=false dsimage=false
cmd=version info=app outdated=false current=1.37.3 verdict='you have the latest version'
cmd=version info=app location='/usr/local/bin'
cmd=version info=host osname='other'
cmd=version info=host osbuild=21C52
cmd=version info=host version=' Sun Nov 28 20:28:54 PST 2021; root:xnu-8019.61.5~1/RELEASE_X86_64'
cmd=version info=host release=21.2.0
cmd=version info=host sysname=darwin
cmd=version info=docker name=minikube
cmd=version info=docker kernel_version=4.19.202
cmd=version info=docker operating_system=Buildroot 2021.02.4
cmd=version info=docker ostype=linux
cmd=version info=docker server_version=20.10.8
cmd=version info=docker architecture=x86_64
cmd=version info=dclient api_version=1.41
cmd=version info=dclient min_api_version=1.12
cmd=version info=dclient build_time=2021-07-30T19:55:09.000000000+00:00
cmd=version info=dclient git_commit=75249d8
``

al1p-R avatar Feb 14 '22 08:02 al1p-R

Same for me on MacOS 11.6.

matthewfischer avatar Feb 16 '22 22:02 matthewfischer

Same here on MacOS 12.2.1

rafaribe avatar Feb 24 '22 11:02 rafaribe

@al1p-R / @rafaribe / @matthewfischer are you guys using M1 by any chance?

kcq avatar Feb 24 '22 21:02 kcq

I am not. I'm on a 2020 MBP core i5

matthewfischer avatar Feb 24 '22 21:02 matthewfischer

Same problem on: MacBook Pro (16-inch, 2019) MacOS 12.3

bedzinsk avatar Mar 23 '22 12:03 bedzinsk

thank your for sharing your env setup @bedzinsk ! will test with 12.3

kcq avatar Mar 26 '22 23:03 kcq

+1 on Linux embedded arm device (imx7ulp) (on Linux computer works well)

~$ sudo docker-slim build 8d6193013d37
docker-slim: message='join the Gitter channel to ask questions or to share your feedback' info='https://gitter.im/docker-slim/community'
docker-slim: message='join the Discord server to ask questions or to share your feedback' info='https://discord.gg/9tDyxYS'
docker-slim: message='Github discussions' info='https://github.com/docker-slim/docker-slim/discussions'
cmd=build info=param.http.probe message='using default probe'
cmd=build state=started
cmd=build info=params rt.as.user='true' keep.perms='true' tags='' target.type='image' target='8d6193013d37' continue.mode='probe'
cmd=build state=image.inspection.start
cmd=build info=image id='sha256:8d6193013d372ccc796596c38f8e684aacb1d652b40b110490c8ae4ec734a67e' size.bytes='53152705' size.human='53 MB'
cmd=build info=image.stack id='sha256:8d6193013d372ccc796596c38f8e684aacb1d652b40b110490c8ae4ec734a67e' index='0' name='erpc:76251b2'
cmd=build info=image.exposed_ports list='1883,8000'
cmd=build state=image.inspection.done
cmd=build state=container.inspection.start
cmd=build info=container id='3c1e06525c9529061e868942deba71e27808274573df1e8e7eb3a59f7a9c9466' status='created' name='dockerslimk_1893_20220804130130'
[ 2544.876151] docker0: port 4(veth71b6634) entered blocking state
[ 2544.882650] docker0: port 4(veth71b6634) entered disabled state
[ 2544.957603] device veth71b6634 entered promiscuous mode
[ 2553.163537] eth0: renamed from vethe02606c
[ 2553.245260] IPv6: ADDRCONF(NETDEV_CHANGE): veth71b6634: link becomes ready
[ 2553.257890] docker0: port 4(veth71b6634) entered blocking state
[ 2553.263906] docker0: port 4(veth71b6634) entered forwarding state
cmd=build info=container status='running' name='dockerslimk_1893_20220804130130' id='3c1e06525c9529061e868942deba71e27808274573df1e8e7eb3a59f7a9c9466'
cmd=build info=container message='obtained IP address' ip='172.17.0.5'
cmd=build info=cmd.startmonitor status='sent'
cmd=build info=event.error status='received' data='SensorError{Op:sensor.fanotify.Run/fanapi.Initialize,Kind:call.error,Wrapped:{Type=syscall.Errno,Info=function not implemented,Line:47,File:github.com/docker-slim/docker-slim/pkg/app/sensor/monitors/fanotify/monitor.go}}'
cmd=build state=exited code=-124 version=linux|Transformer|1.37.6|26a36c88a94c677efd734e874ba081dabb84a224|2022-04-23_06:03:56AM component=container.inspector
cmd=build info=report file='slim.report.json'
docker-slim: message='join the Gitter channel to ask questions or to share your feedback' info='https://gitter.im/docker-slim/community'
docker-slim: message='join the Discord server to ask questions or to share your feedback' info='https://discord.gg/9tDyxYS'
docker-slim: message='Github discussions' info='https://github.com/docker-slim/docker-slim/discussions'

Hadatko avatar Aug 04 '22 13:08 Hadatko

same on M1 12.4

cmd=build info=cmd.startmonitor status='sent'
cmd=build info=event.error status='received' data='SensorError{Op:sensor.fanotify.Run/fanapi.Initialize,Kind:call.error,Wrapped:{Type=syscall.Errno,Info=function not implemented,Line:47,File:github.com/docker-slim/docker-slim/pkg/app/sensor/monitors/fanotify/monitor.go}}'
cmd=build state=exited code=-124 version=darwin|Transformer|1.37.6-16-gb0122cd|b0122cdb56c4abe2384026a5ee92425ea93e38fd|2022-08-08_03:29:30PM component=container.inspector
cmd=build info=report file='slim.report.json'
docker-slim: message='join the Gitter channel to ask questions or to share your feedback' info='https://gitter.im/docker-slim/community'
docker-slim: message='join the Discord server to ask questions or to share your feedback' info='https://discord.gg/9tDyxYS'
docker-slim: message='Github discussions' info='https://github.com/docker-slim/docker-slim/discussions'

pavankumar-go avatar Aug 08 '22 15:08 pavankumar-go

@pavankumar-go What is the image you are trying to minify? Is this an arm64 container image? Usually you get this when there's no arm64 version and you end up with the amd64 version and the way those images are executed on M1 has limitiations in terms of what system/kernel capabilities are available in the emulation mode they use.

kcq avatar Aug 08 '22 19:08 kcq

@kcq the image has an arm64 build

docker run -it --entrypoint sh docker.io/REDACTED/test-ds:v2 -c "uname -m"
aarch64

10288 ◯  docker-slim build --target docker.io/REDACTED/test-ds:v2 --tag docker.io/REDACTED/test-ds:v3 --http-probe=false
docker-slim: message='join the Gitter channel to ask questions or to share your feedback' info='https://gitter.im/docker-slim/community'
docker-slim: message='join the Discord server to ask questions or to share your feedback' info='https://discord.gg/9tDyxYS'
docker-slim: message='Github discussions' info='https://github.com/docker-slim/docker-slim/discussions'
cmd=build info=exec message='changing continue-after from probe to nothing because http-probe is disabled'
cmd=build info=exec message='changing continue-after to enter'
cmd=build state=started
cmd=build info=params keep.perms='true' tags='docker.io/REDACTED/test-ds:v3' target.type='image' target='docker.io/REDACTED/test-ds:v2' continue.mode='enter' rt.as.user='true'
cmd=build state=image.inspection.start
cmd=build info=image id='sha256:5bd92fcf394f83b573ee15abfd2facbba183dbcab426b9a39e9e0a8e932ad8bc' size.bytes='8926111' size.human='8.9 MB' architecture='arm64'
cmd=build info=image.stack index='0' name='REDACTED/test-ds:v2' id='sha256:5bd92fcf394f83b573ee15abfd2facbba183dbcab426b9a39e9e0a8e932ad8bc'
cmd=build state=image.inspection.done
cmd=build state=container.inspection.start
cmd=build info=container status='created' name='dockerslimk_78842_20220809053058' id='d6422fb7d17d1a4934efe4d673a94e89e7e7ea602b63c2eb5260d766a12db92d'
cmd=build info=container status='running' name='dockerslimk_78842_20220809053058' id='d6422fb7d17d1a4934efe4d673a94e89e7e7ea602b63c2eb5260d766a12db92d'
cmd=build info=container message='obtained IP address' ip='172.17.0.12'
cmd=build info=cmd.startmonitor status='sent'
cmd=build info=event.error status='received' data='SensorError{Op:sensor.fanotify.Run/fanapi.Initialize,Kind:call.error,Wrapped:{Type=syscall.Errno,Info=function not implemented,Line:47,File:github.com/docker-slim/docker-slim/pkg/app/sensor/monitors/fanotify/monitor.go}}'
cmd=build state=exited code=-124 component=container.inspector version=darwin|Transformer|1.37.6-16-gb0122cd|b0122cdb56c4abe2384026a5ee92425ea93e38fd|2022-08-08_03:28:24PM
cmd=build info=report file='slim.report.json'
docker-slim: message='join the Gitter channel to ask questions or to share your feedback' info='https://gitter.im/docker-slim/community'
docker-slim: message='join the Discord server to ask questions or to share your feedback' info='https://discord.gg/9tDyxYS'
docker-slim: message='Github discussions' info='https://github.com/docker-slim/docker-slim/discussions'

pavankumar-go avatar Aug 09 '22 05:08 pavankumar-go

Facing same problem, by checking the host device system, it seem that some distros like alpine do not have fanotify support in kernel by default (as you can check by cat /boot/config-<kernel_version> | grep FANOTIFY) and leading to this error. Currently my solution is to use a VM of unbuntu (or any other distro with fanotify) to run docker-slim.

Since docker-slim use fanotify only trace the file accessed, it might be possible to use inotify as an fallback replacement, which is more widely supported.

ultranity avatar Aug 21 '22 06:08 ultranity

Happens eg. when using Rancher Desktop (and I assume others too) on MacOS.

elsbrock avatar Aug 26 '22 11:08 elsbrock

Facing same problem, by checking the host device system, it seem that some distros like alpine do not have fanotify support in kernel by default (as you can check by cat /boot/config-<kernel_version> | grep FANOTIFY) and leading to this error. Currently my solution is to use a VM of unbuntu (or any other distro with fanotify) to run docker-slim.

Since docker-slim use fanotify only trace the file accessed, it might be possible to use inotify as an fallback replacement, which is more widely supported.

Disabling the fanotify data source is going to be the easiest route (inotify isn't quite the same). It's not exposed with a flag yet, but it should be possible.

kcq avatar Aug 27 '22 09:08 kcq

Happens eg. when using Rancher Desktop (and I assume others too) on MacOS.

Are you using M1? What's the architecture for the container?

kcq avatar Aug 27 '22 09:08 kcq

No, on X86_64 with an X86 container.

elsbrock avatar Sep 28 '22 15:09 elsbrock

Is there a resolution or mitigation for this issue? I am seeing this on my mac with intel chip. Docker service provider is provided by colima.

gregorybosch avatar Nov 10 '22 14:11 gregorybosch

Facing same problem, by checking the host device system, it seem that some distros like alpine do not have fanotify support in kernel by default (as you can check by cat /boot/config-<kernel_version> | grep FANOTIFY) and leading to this error. Currently my solution is to use a VM of unbuntu (or any other distro with fanotify) to run docker-slim. Since docker-slim use fanotify only trace the file accessed, it might be possible to use inotify as an fallback replacement, which is more widely supported.

Disabling the fanotify data source is going to be the easiest route (inotify isn't quite the same). It's not exposed with a flag yet, but it should be possible.

@kcq How to disable the fanotify data source and what's the implication or potential impact on the build? or this is just used for internal notification?

btorsaldivar avatar Feb 27 '23 02:02 btorsaldivar

Facing same problem, by checking the host device system, it seem that some distros like alpine do not have fanotify support in kernel by default (as you can check by cat /boot/config-<kernel_version> | grep FANOTIFY) and leading to this error. Currently my solution is to use a VM of unbuntu (or any other distro with fanotify) to run docker-slim. Since docker-slim use fanotify only trace the file accessed, it might be possible to use inotify as an fallback replacement, which is more widely supported.

Disabling the fanotify data source is going to be the easiest route (inotify isn't quite the same). It's not exposed with a flag yet, but it should be possible.

@kcq How to disable the fanotify data source and what's the implication or potential impact on the build? or this is just used for internal notification?

It will be possible to disable the fanotify source soon (WIP)

kcq avatar Feb 27 '23 03:02 kcq

It will be possible to disable the fanotify source soon (WIP)

Hey @kcq, just wanted to check in on this as I'm hitting the same issue.

eLobeto avatar May 12 '23 20:05 eLobeto

As a note, I was getting this same error, but it started working after I removed the existing sensor volume. I'm not sure why that made a difference, because there was only the one volume for the current Slim version.

This is with an M1 on MacOS 13.6.

jimcottrell avatar Oct 16 '23 22:10 jimcottrell