Can't get any dockers to run without privileged mode on ProxMox kernel, please help

  • Hi, all. I'm a new OMV user running OMV4 which I installed using the official instructions on top of a clean Debian 9 netinstall. OMV appears to be working fine but I'm having issues getting any dockers to run.


    I've installed the OMV-Extras repository and from there installed and enabled the Docker plugin. Just to test I installed the linuxserver/nzbget docker but when I try to run it with default container settings (and host networking) I see the following output in the logs:
    [ERROR] Binding socket failed for 0.0.0.0: ErrNo 13, Permission denied
    Note: when I run this docker plugin in a standard OMV4 I've setup in a VM it works fine with the default settings.


    On my server, if I change the docker to "run in privileged mode" the error message goes away and I can connect to nzbget. I'd rather not have to run every docker in privileged mode, so I'd like to know what settings I need to change to be able to run the dockers normally.


    Thank you for your help!

  • Did a little troubleshooting and I found that the behavior is different between kernels:

    • Proxmox kernel (4.16) requires docker images to be run in privileged mode to get networking working
    • Standard 4.19 kernel does not require docker images to be run in privileged mode to get networking working

    Does anyone have any idea what's going on here?

    • Offizieller Beitrag

    apparmor is causing this. Here is an entry in syslog:


    Jul 21 11:30:22 omv4dev kernel: [ 4957.051815] audit: type=1400 audit(1563726622.133:3119): apparmor="DENIED" operation="create" profile="docker-default" pid=13567 comm="gitea" family="inet6" sock_type="stream" protocol=6 requested_mask="create" denied_mask="create"


    Uninstalling the apparmor package fixes this. apt-get purge apparmor Not sure what installed it but omv doesn't install it by default.

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

    Einmal editiert, zuletzt von ryecoaaron ()

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!