Closed vinaysharma14 closed 2 years ago
same issue
Same issues. After reinstalling from scratch, got a docker is damaged and can't be opened...
Got exactly the same issue.
Same issue for me, including the docker is damaged and can't be opened
@jeromelefeuvre mentioned above after deleting and reinstalling.
Running on Mac OS Monterey 12.5.1, with an Intel chip and Docker desktop 4.11.1
Attempted fixes (which did not work):
com.docker.backend cannot start, exit code 9
check
. Running gather -upload
results in the Docker is damaged
error message.The same goes here, I couldn't open my docker desktop today. A screenshot of the error:
macOS 12.3.1 (21E258) Intel core
One more here, same symptoms after a reboot of Docker.
Diagnostics ID: 387E0361-02C8-4893-8120-B2A1139ABFCC/20220822211113
macOS 12.5.1 Mac M1 (And Intel, another user of mine) Docker 4.11.1
Diagnostics:
Diagnostics ID: F0FEC049-E630-44F3-B562-3348D4E35218/20220823013631 (uploaded)
I was able to get around the "docker is damaged" error with:
xattr -d -r -s com.apple.quarantine /Applications/Docker.app
Docker is still very busted and I still have not managed to get it to start, but it does a little bit more and will run the diagnostics without killing the process at that point.
launchd logs after xattr removing the quarantine:
2022-08-22 19:13:11.815989 (gui/502/application.com.docker.docker.411236162.411236880 [1613]) <Notice>: job state = running
2022-08-22 19:13:11.816015 (gui/502/application.com.docker.docker.411236162.411236880 [1613]) <Notice>: Successfully spawned Docker[1613] because non-ipc demand
2022-08-22 19:13:12.058696 (gui/502/application.com.docker.docker.411236162.411236880 [1613]) <Notice>: exited due to exit(10)
2022-08-22 19:13:12.058705 (gui/502/application.com.docker.docker.411236162.411236880 [1613]) <Notice>: service state: exited
2022-08-22 19:13:12.058707 (gui/502/application.com.docker.docker.411236162.411236880 [1613]) <Notice>: internal event: EXITED, code = 0
Before xattr removing quarantine, Gatekeeper is blocking it (the damaged errors), I presume because of prior errors starting the first time:
<Warning>: removing service since it exited with consistent failure - OS_REASON_EXEC | Gatekeeper policy blocked execution
Other mildly interesting errors
2022-08-22 17:16:39.818497 (gui/502/com.docker.helper [4791]) <Warning>: Could not find and/or execute program specified by service: 155: Refusing to execute/trust quarantined program/file: com.docker.helper
2022-08-22 17:16:39.818512 (gui/502/com.docker.helper [4791]) <Error>: Service could not initialize: copy_bundle4id(com.docker.docker, 70708, com.docker.helper) error: 0x6f: Invalid or missing Program/ProgramArguments
2022-08-22 17:16:39.818517 (gui/502/com.docker.helper [4791]) <Error>: initialization failure: 21G83: xpcproxy + 23500 [419][FEBED092-1BE5-352B-869A-F7ECD3B22FC5]: 0x6f
Same issue here. Our entire development team is impacted. For all of us Docker Desktop was working fine and broke after upgrading to macOS 12.5.1.
We have tried installing from the Docker install dmg downloaded directly from Docker Hub. We have also tried installing using HomeBrew with the following command:
brew reinstall --zap --cask docker
==> Downloading https://desktop.docker.com/mac/main/amd64/84025/Docker.dmg
Already downloaded: /Users/dmclau/Library/Caches/Homebrew/downloads/91296e5ed194d4c057fe9f1e4e11fa2c1c06c845edc83b272cd375791a3d1ce8--Docker.dmg
==> Implied brew uninstall --cask docker
==> Removing launchctl service com.docker.helper
Password:
Sorry, try again.
Password:
Sorry, try again.
Password:
==> Removing launchctl service com.docker.vmnetd
==> Removing files:
/Library/PrivilegedHelperTools/com.docker.vmnetd
/usr/local/bin/com.docker.cli
/usr/local/bin/docker-compose-v1
/usr/local/bin/docker-compose
/usr/local/bin/docker-credential-desktop
/usr/local/bin/docker-credential-ecr-login
/usr/local/bin/docker-credential-osxkeychain
/usr/local/bin/docker
/usr/local/bin/hub-tool
/usr/local/bin/hyperkit
/usr/local/bin/kubectl.docker
/usr/local/bin/kubectl
/usr/local/bin/notary
/usr/local/bin/vpnkit
/usr/local/share/zsh/site-functions/_docker
/usr/local/share/zsh/site-functions/_docker_compose
/usr/local/share/fish/vendor_completions.d/docker.fish
/usr/local/share/fish/vendor_completions.d/docker-compose.fish
/usr/local/etc/bash_completion.d/docker
/usr/local/etc/bash_completion.d/docker-compose
==> Backing App 'Docker.app' up to '/usr/local/Caskroom/docker/4.11.1,84025/Docker.app'
==> Removing App '/Applications/Docker.app'
==> Dispatching zap stanza
==> Trashing files:
/usr/local/bin/docker-compose.backup
/usr/local/bin/docker.backup
~/.docker
~/Library/Application Scripts/com.docker.helper
~/Library/Application Support/com.bugsnag.Bugsnag/com.docker.docker
~/Library/Application Support/Docker Desktop
~/Library/Caches/com.docker.docker
~/Library/Caches/com.plausiblelabs.crashreporter.data/com.docker.docker
~/Library/Caches/KSCrashReports/Docker
~/Library/Containers/com.docker.docker
~/Library/Containers/com.docker.helper
~/Library/Group Containers/group.com.docker
~/Library/HTTPStorages/com.docker.docker.binarycookies
~/Library/Logs/Docker Desktop
~/Library/Preferences/com.docker.docker.plist
~/Library/Preferences/com.electron.docker-frontend.plist
~/Library/Preferences/com.electron.dockerdesktop.plist
~/Library/Saved Application State/com.electron.docker-frontend.savedState
~/Library/Saved Application State/com.electron.dockerdesktop.savedState
==> Removing all staged versions of Cask 'docker'
==> Installing Cask docker
==> Moving App 'Docker.app' to '/Applications/Docker.app'
==> Linking Binary 'docker-compose.bash-completion' to '/usr/local/etc/bash_completion.d/docker-compose'
==> Linking Binary 'docker.zsh-completion' to '/usr/local/share/zsh/site-functions/_docker'
==> Linking Binary 'docker.fish-completion' to '/usr/local/share/fish/vendor_completions.d/docker.fish'
==> Linking Binary 'docker-compose.fish-completion' to '/usr/local/share/fish/vendor_completions.d/docker-compose.fish'
==> Linking Binary 'docker-compose.zsh-completion' to '/usr/local/share/zsh/site-functions/_docker_compose'
==> Linking Binary 'docker.bash-completion' to '/usr/local/etc/bash_completion.d/docker'
🍺 docker was successfully installed!
Same problem occurs...
“Docker.app” is damaged and can’t be opened. You should move it to the Trash.
Further debugging seems to point to Apple Security Policy blocking Docker Desktop from starting.
Yesterday I upgraded to macOS 12.5.1 and docker desktop doesn't start up. Always end with error message “Docker.app” is damaged and can’t be opened. You should move it to the Trash.
Info
MacOS Version: MacOS Monterey 12.5.1 Chip: Apple M1 Pro Docker Desktop Version: 4.11
Attempts
Nothing works
Could it be because Docker Desktop is no longer free for larger organizations
No, Even with a valid license Docker Desktop doesn't work after upgrade to MacOS Monterey 12.5.1
Same issue with same config Mac M1 and Monterey 12.5.1. I tried with RD and it is also affected (multiple issues are reported in the GitHub repo)... the problem might be linked to the latest Montery update.
I have the same issue with the same configurations. My current workaround is running docker from the attached drive after double clicking the Docker.dmg
file. Hope there's a fix soon
Same issue, Hoping there is a fix soon...
Same issues,
MacOS 12.5.1 Intel Mac Docker-desktop 4.11.1
😢
This is the biggest on god no cap moment in history
Same here!!!
Same here!
MacOS 12.4 Intel Mac Docker-desktop 4.11.1
Please check your antiviruses.
For example AMP Antivirus (based on clamav) is silently moving com.docker.backend and com.docker.driver.amd64-linux to quarantine and it is impossible to install/reinstall/open Docker.
Threat detected: Osx.Exploit.CVE_2021_4034-9951522-2 Affected versions: all above 4.5.0.
Workaround: make exceptions in antivirus policy or use version 4.4.2 (the highest version for M1 chipset that is not detected as threat)
Please check your Antiviruses.
For example AMP Antivirus (based on clamav) is silently moving com.docker.backend and com.docker.driver.amd64-linux to quarantine and it is impossible to install/reinstall/open Docker.
Good point. We are Using AMP as well and i will check if another rule can help to mitigate this issue. Thanks for pointing there. Will provide a Update ASAP.
Please check your Antiviruses.
For example AMP Antivirus (based on clamav) is silently moving com.docker.backend and com.docker.driver.amd64-linux to quarantine and it is impossible to install/reinstall/open Docker.
We are also using AMP, adding a policy for /Applications/Docker.app has fixed this. (Update policy, delete Docker.app, re-install). Thanks!
It looks like as it is this checksum that causes the problems.
https://www.virustotal.com/gui/file/e70344c588419ce54e9c695e502255466432ce0f5599ce8f2302d6d308c51593
Looks like ClamAV may have fixed the problem, just saw it flip from "Detected" to "Undetected" on @AndreHelwig 's link.
Looks like ClamAV may have fixed the problem, just saw it flip from "Detected" to "Undetected" on @AndreHelwig 's link.
You are right. Also reported the Problem to Docker directly. Seems to be a ClamAV problem. And should be fixed soon with signature updates. Thanks a lot for all your input regarding this issue.
as soon as @vinaysharma14 also confirm that it was a clamAV Signature problem for him i think we can Close the issue.
I can relay a confirmation that the ClamAV signatures are updated as we discuss the issue here.
We can also confirm that we are seeing Cisco AMP quarantine the following docker files:
================================================================================= | 2022-08-23 11:47 AM | Detect | id: '13935716891713407' | | | threat: 'Osx.Exploit.CVE_2021_4034-9951522-2' | | | /private/tmp/d20220823-57132-1enfov8/Docker.app/Contents/MacOS/com.docker.driver.amd64-linux | 2022-08-23 11:47 AM | Quarantine | id: '13935716891713407' | | | threat: 'Osx.Exploit.CVE_2021_4034-9951522-2' | | | /private/tmp/d20220823-57132-1enfov8/Docker.app/Contents/MacOS/com.docker.driver.amd64-linux | 2022-08-23 11:47 AM | Detect | id: '13935716891713371' | | | threat: 'Osx.Exploit.CVE_2021_4034-9951522-2' | | | /private/tmp/d20220823-57132-1enfov8/Docker.app/Contents/MacOS/com.docker.backend | 2022-08-23 11:47 AM | Quarantine | id: '13935716891713371'
The Cisco AMP CLI reports the following ClamAV virus definitions are being used...
Definition Version: ClamAV(osx.cvd: 1261) Definitions Published: osx.cvd: 22 Aug 2022 13-00 -0400 Definitions Last Updated: 2022-08-22 05:34 PM
Here are the SHA256 hashes of files it has detected...
|13935716891713407 | /private/tmp/d20220823-57132-1enfov8/Docker.app/Contents/MacOS/com.docker.driver.amd64-linux | E70344C588419CE54E9C695E502255466432CE0F5599CE8F2302D6D308C51593 |13935716891713371 | /private/tmp/d20220823-57132-1enfov8/Docker.app/Contents/MacOS/com.docker.backend | 68C4ADF03FCB0C223D606665818A679DBC3B8C07D53F9CFE269F292052465205 |13928055828022355 | /Applications/Docker.app/Contents/MacOS/com.docker.backend | 03B6DF174C8E602254C2D67D3B5FA772E7C7E06EF12D5332824C82BAC00F94A1 |13928055828022348 | /Applications/Docker.app/Contents/MacOS/com.docker.driver.amd64-linux | A9CAD32254819E757002CDBDB8E238DB26619C48989E7411BE1F5B96AA7A1211
Docker is back in action. @AndreHelwig thanks a ton.
Back for me too after upgrade of signatures and reinstall of docker! Thanks!!!!
Looks like ClamAV may have fixed the problem, just saw it flip from "Detected" to "Undetected" on @AndreHelwig 's link.
You are right. Also reported the Problem to Docker directly. Seems to be a ClamAV problem. And should be fixed soon with signature updates. Thanks a lot for all your input regarding this issue.
as soon as @vinaysharma14 also confirm that it was a clamAV Signature problem for him i think we can Close the issue.
@AndreHelwig I do not use ClamAV.
@airforceguy @jeromelefeuvre how did you fix it guys? what did you do to uninstall and download the fixed version?
@airforceguy @jeromelefeuvre how did you fix it guys? what did you do to uninstall and download the fixed version?
Reinstall worked.
The same thing happened to me. I have tried reinstalling, from the official downloads, from Homebrew, clearing the cache, rebooting the OS, etc., but every time I open the application I got the same error "Exit code 9".
But it launched after adding the Docker Desktop app to "Full Disk Access" under "System Preferences" --> "Privacy" --> "Full Disk Access".
Note: Before giving the "Full Disk Access" privileges, I did reset to "Factory defaults".
Have you read the comments above? This issue was connected to ClamAv virus definitions (used by AMP antivirus).
To resolve this problem try to update your antivirus definitions manually and reinstall Docker (delete app and copy it again from package).
If this does not help it is new issue.
Hi all! Thanks for all the reports.
I'm going to close this issue. As noted above, most of the comments here are about the AMP/clamav issue, which is now resolved.
As an aside for folks on this thread still having problems: we usually don't provide support for Docker Desktop install / fail-to-start issues without either (1) clear repro steps or diagnostics, or (2) some reason to believe that there's a single widespread problem. The clamav issue is a good example of case (2).
Because Docker Desktop has such a wide install base, we've found that many install issues tend to be finicky affects-only-one-machine problems that we can't realistically debug case by case.
@kcem-flyr
If this does not help it is new issue.
Indeed. I have no ClamAV installed but got the same log as the op and landed up via google.
I should have saved the diagnostics before fixing my issue for reference. My bad.
Closed issues are locked after 30 days of inactivity. This helps our team focus on active issues.
If you have found a problem that seems similar to this, please open a new issue.
Send feedback to Docker Community Slack channels #docker-for-mac or #docker-for-windows. /lifecycle locked
Expected behavior
Docker Desktop should launch on Mac.
Actual behavior
The Docker Desktop icon flashes on the dock briefly and it doesn’t launch. It crashes silently without any error messages on the screen. The
com.docker.diagnose
tool is unable to diagnose from the terminal, the output of which has been attached below.Information
Output of
/Applications/Docker.app/Contents/MacOS/com.docker.diagnose check
Output of
/Applications/Docker.app/Contents/MacOS/com.docker.diagnose gather --upload