Operation not permitted

[Toasterme]

Host operating system

Synology v6 + new user and group named unifi

What tag are you using

stable

What complete docker command or docker-compose.yml do you use to launch the container (omitting sensitive values)?

docker run --rm --cap-drop ALL -e TZ='America/Montreal' -p 8085:8085 -p 8445:8445 -p 8845:8845 -v /volume1/docker/unifi/data:/var/lib/unifi -v /volume1/docker/unifi/logs:/var/log/unifi -v /volume1/docker/unifi:/var/run/unifi --name unifi jcberthon/unifi

or plain docker run --rm --cap-drop ALL -e TZ='America/Montreal' -p 8085:8085 -p 8445:8445 -p 8845:8845 -v /volume1/docker/unifi/data:/var/lib/unifi -v /volume1/docker/unifi/logs:/var/log/unifi --name unifi jcberthon/unifi

What do you expect to happen?

docker to be created

What actually happens?

not created and ending with : chown: changing ownership of '/usr/lib/unifi/data': Operation not permitted chown: changing ownership of '/usr/lib/unifi/logs': Operation not permitted chown: changing ownership of '/usr/lib/unifi/run': Operation not permitted logger: invalid option -- 'R'

Usage: logger [options] []

Enter messages into the system log.

Options: -i log the logger command's PID --id[=] log the given , or otherwise the PID -f, --file log the contents of this file -e, --skip-empty do not log empty lines when processing files --no-act do everything except the write the log -p, --priority mark given message with this priority --octet-count use rfc6587 octet counting --prio-prefix look for a prefix on every line read from stdin -s, --stderr output message to standard error as well -S, --size maximum size for a single message -t, --tag mark every line with this tag -n, --server write to this remote syslog server -P, --port use this port for UDP or TCP connection -T, --tcp use TCP only -d, --udp use UDP only --rfc3164 use the obsolete BSD syslog protocol --rfc5424[=] use the syslog protocol (the default for remote);

can be notime, or notq, and/or nohost --sd-id rfc5424 structured data ID --sd-param rfc5424 structured data name=value --msgid set rfc5424 message id field -u, --socket write to this Unix socket --socket-errors[=] print connection errors when using Unix sockets --journald[=] write journald entry -h, --help display this help and exit -V, --version output version information and exit For more details see logger(1). unifi cannot start. Please create unifi user, and chown -R unifi /var/lib/unifi /var/log/unifi /var/run/unifi

[jacobalberty]

I believe you are using the image from https://github.com/jcberthon/unifi-docker . Which while on the surface looks similar, underneath has substantial changes to the initialization scripts.

[Toasterme]

Yes you are right! i tried yours and it is working well thank you! The only things i want to change is the 8443 port because i have mineos running too, using the same port and i have to switch docker manually since i am using the host (not bridge) with Synology.

[jcberthon]

I don't know why but I did not experience the problem until 5.7 was stable and 5.6.36 was out.

I've now fixed it. Somehow the capabilities that I usually recommend to drop (--cap-drop ALL) was conflicting with jsvc option -user unifi in the start-up script. So I abandoned the idea of continuing using the start up script from Ubiquiti and use now my own. Much like Jacob has long been doing I think :+1:

[github-actions[bot]]

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

[github-actions[bot]]

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.