At the weekend i've decided to upgrade my NAS to OMV v5 with a clean install and run into exactly the same problem and error message.
Portainer won't start with Proxmox kernel only with Debian's one. After 3 days of tinkering finally i have figured out what the heck is going on:
If you use Debian Netinst ISO, it will automatically install AppArmor by default, instead OMV does not.
And the reason of this error message is, that AppArmor finds Portainer as a security threat and blocks it. Check dmesg and you will see it.
So you have 3 options to solve it:
- Add --security-opt apparmor:unconfined option to the docker run command
- Create new/modify the docker-default security profile in /etc/apparmor.d as described in Docker Doc: https://docs.docker.com/engine/security/apparmor/
- Remove AppArmor completely from the system: apt-get --yes purge --autoremove apparmor
I choosed the third one, for now
But the big question still remains. Why behaves AppArmor with these kernels differently, even if docker-default profile remains still the same.