search

Jamesits / docker-ripe-atlas

This is the RIPE Atlas software probe packaged as a Docker image.
https://hub.docker.com/r/jamesits/ripe-atlas
GNU General Public License v3.0
155 stars 22 forks source link

Docker run error "Unknown capability: CAP_CAP_NET_RAW" following README.md instructions #5

Closed jef-hu closed 4 years ago

jef-hu commented 4 years ago

Specifically: docker: Error response from daemon: linux spec capabilities: Unknown capability to add: "CAP_CAP_NET_RAW".

Command: sudo docker run --detach --restart=always --log-opt max-size=10m --cpus=1 --memory=64m --memory-reservation=64m --cap-add=SYS_ADMIN --cap-add=CAP_NET_RAW --cap-add=CAP_CHOWN --mount type=tmpfs,destination=/var/atlasdata,tmpfs-size=64M -v /var/atlas-probe/etc:/var/atlas-probe/etc -v /var/atlas-probe/status:/var/atlas-probe/status -e RXTXRPT=yes --name ripe-atlas --hostname "$(hostname --fqdn)" jamesits/ripe-atlas:latest-armv7l

Fix: corrected syntax of capabilities, ie: --cap-add=NET_RAW --cap-add=CHOWN

Sysinfo:

$ uname -a
Linux kecchi 5.4.45-sunxi #20.05.3 SMP Wed Jun 10 12:09:20 CEST 2020 armv7l GNU/Linux
$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux 10 (buster)
Release:    10
Codename:   buster
Jamesits commented 4 years ago

Nice catch, thanks!

DMaxwell02 commented 1 year ago

Yes. Thank you. Documentation is sparse in this area. It is a good thing I found this issue. Putting this line in the .csproj file under the <PropertyGroup> corrected the issue for me: <DockerfileRunArguments>--cap-add=NET_ADMIN --privileged</DockerfileRunArguments>