jlesage
commented
4 years ago Can you try to add --privileged when creating the container ?
Which docker version are you using ?
Open cd-zbfs opened 4 years ago
jlesage
commented
4 years ago Can you try to add --privileged when creating the container ?
Which docker version are you using ?
cd-zbfs
commented
4 years ago I recreated the container with
docker run -d --name=firefox -p 5800:5800 -p 5900:5900 -e KEEP_APP_RUNNING=1 -v /home/docker/firefox:/config --shm-size 3g --security-opt seccomp=unconfined --network="guacamole-network" --privileged jlesage/firefox
but still the the tab crashes on start. /config was cleaned before recreating the container.
# docker --version
Docker version 19.03.12, build 48a66213feRunning on
# lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:Debian GNU/Linux 9.13 (stretch)
Release:9.13
Codename:stretchregards cd
chrobiche
commented
4 years ago Same issue with docker compose: firefox: image: jlesage/firefox:latest container_name: firefox restart: unless-stopped networks:
jlesage
commented
4 years ago @cd-zbfs, not sure why the container is crashing on your setup. I guess the next step would be to strace Firefox to see if we can get some clues about the crash... Let me know if this is something you are interesting to do.
jlesage
commented
4 years ago @chrobiche, are you getting any warning messages? Not sure how this is expressed in docker compose, but it seems that you are missing the --security-opt seccomp=unconfined option ?
cd-zbfs
commented
4 years ago @cd-zbfs, not sure why the container is crashing on your setup. I guess the next step would be to strace Firefox to see if we can get some clues about the crash... Let me know if this is something you are interesting to do.
Sure, let me know what I have to do for the firefox strace.
jlesage
commented
4 years ago Can you verify if you still have the crash with the latest update?
cd-zbfs
commented
4 years ago Hi,
same crash on start of the tab.
# docker pull jlesage/firefox:latest
latest: Pulling from jlesage/firefox
Digest: sha256:fd7c9fea0dbff48de8a27b0d1d569907efb98e29ea7778befa83c0a793e8e259
Status: Image is up to date for jlesage/firefox:latest
docker.io/jlesage/firefox:latest
# docker stop firefox
# docker rm firefox
# docker run -d --name=firefox -p 5800:5800 -p 5900:5900 -e KEEP_APP_RUNNING=1 -v /home/docker/firefox:/config --shm-size 3g --security-opt seccomp=unconfined --network="guacamole-
network" --privileged jlesage/firefox
# docker logs firefox
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-app-niceness.sh: executing...
[cont-init.d] 00-app-niceness.sh: exited 0.
[cont-init.d] 00-app-script.sh: executing...
[cont-init.d] 00-app-script.sh: exited 0.
[cont-init.d] 00-app-user-map.sh: executing...
[cont-init.d] 00-app-user-map.sh: exited 0.
[cont-init.d] 00-clean-logmonitor-states.sh: executing...
[cont-init.d] 00-clean-logmonitor-states.sh: exited 0.
[cont-init.d] 00-clean-tmp-dir.sh: executing...
[cont-init.d] 00-clean-tmp-dir.sh: exited 0.
[cont-init.d] 00-set-app-deps.sh: executing...
[cont-init.d] 00-set-app-deps.sh: exited 0.
[cont-init.d] 00-set-home.sh: executing...
[cont-init.d] 00-set-home.sh: exited 0.
[cont-init.d] 00-take-config-ownership.sh: executing...
[cont-init.d] 00-take-config-ownership.sh: exited 0.
[cont-init.d] 00-xdg-runtime-dir.sh: executing...
[cont-init.d] 00-xdg-runtime-dir.sh: exited 0.
[cont-init.d] 10-certs.sh: executing...
[cont-init.d] 10-certs.sh: exited 0.
[cont-init.d] 10-cjk-font.sh: executing...
[cont-init.d] 10-cjk-font.sh: exited 0.
[cont-init.d] 10-nginx.sh: executing...
[cont-init.d] 10-nginx.sh: exited 0.
[cont-init.d] 10-vnc-password.sh: executing...
[cont-init.d] 10-vnc-password.sh: exited 0.
[cont-init.d] 10-web-index.sh: executing...
[cont-init.d] 10-web-index.sh: exited 0.
[cont-init.d] check-snd.sh: executing...
[cont-init.d] check-snd.sh: sound device group 29.
[cont-init.d] check-snd.sh: exited 0.
[cont-init.d] firefox-set-prefs-from-env.sh: executing...
[cont-init.d] firefox-set-prefs-from-env.sh: exited 0.
[cont-init.d] firefox.sh: executing...
[cont-init.d] firefox.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] starting s6-fdholderd...
[services.d] starting nginx...
[services.d] starting xvfb...
[nginx] starting...
[xvfb] starting...
The XKEYBOARD keymap compiler (xkbcomp) reports:
> Internal error: Could not resolve keysym XF86FullScreen
Errors from xkbcomp are not fatal to the X server
The XKEYBOARD keymap compiler (xkbcomp) reports:
> Internal error: Could not resolve keysym XF86FullScreen
Errors from xkbcomp are not fatal to the X server
[services.d] starting certsmonitor...
[services.d] starting x11vnc...
[services.d] starting statusmonitor...
[services.d] starting openbox...
[certsmonitor] disabling service: secure connection not enabled.
[x11vnc] starting...
[statusmonitor] starting...
[openbox] starting...
06/08/2020 05:48:58 passing arg to libvncserver: -rfbport
06/08/2020 05:48:58 passing arg to libvncserver: 5900
06/08/2020 05:48:58 passing arg to libvncserver: -rfbportv6
06/08/2020 05:48:58 passing arg to libvncserver: -1
06/08/2020 05:48:58 passing arg to libvncserver: -httpportv6
06/08/2020 05:48:58 passing arg to libvncserver: -1
06/08/2020 05:48:58 passing arg to libvncserver: -desktop
06/08/2020 05:48:58 passing arg to libvncserver: Firefox
06/08/2020 05:48:58 x11vnc version: 0.9.14 lastmod: 2015-11-14 pid: 802
06/08/2020 05:48:58 Using X display :0
06/08/2020 05:48:58 rootwin: 0x43 reswin: 0x200001 dpy: 0x494e6b00
06/08/2020 05:48:58
06/08/2020 05:48:58 ------------------ USEFUL INFORMATION ------------------
06/08/2020 05:48:58 X DAMAGE available on display, using it for polling hints.
06/08/2020 05:48:58 To disable this behavior use: '-noxdamage'
06/08/2020 05:48:58
06/08/2020 05:48:58 Most compositing window managers like 'compiz' or 'beryl'
06/08/2020 05:48:58 cause X DAMAGE to fail, and so you may not see any screen
06/08/2020 05:48:58 updates via VNC. Either disable 'compiz' (recommended) or
06/08/2020 05:48:58 supply the x11vnc '-noxdamage' command line option.
06/08/2020 05:48:58 X COMPOSITE available on display, using it for window polling.
06/08/2020 05:48:58 To disable this behavior use: '-noxcomposite'
06/08/2020 05:48:58
06/08/2020 05:48:58 Wireframing: -wireframe mode is in effect for window moves.
06/08/2020 05:48:58 If this yields undesired behavior (poor response, painting
06/08/2020 05:48:58 errors, etc) it may be disabled:
06/08/2020 05:48:58 - use '-nowf' to disable wireframing completely.
06/08/2020 05:48:58 - use '-nowcr' to disable the Copy Rectangle after the
06/08/2020 05:48:58 moved window is released in the new position.
06/08/2020 05:48:58 Also see the -help entry for tuning parameters.
06/08/2020 05:48:58 You can press 3 Alt_L's (Left "Alt" key) in a row to
06/08/2020 05:48:58 repaint the screen, also see the -fixscreen option for
06/08/2020 05:48:58 periodic repaints.
06/08/2020 05:48:58 GrabServer control via XTEST.
06/08/2020 05:48:58
06/08/2020 05:48:58 Scroll Detection: -scrollcopyrect mode is in effect to
06/08/2020 05:48:58 use RECORD extension to try to detect scrolling windows
06/08/2020 05:48:58 (induced by either user keystroke or mouse input).
06/08/2020 05:48:58 If this yields undesired behavior (poor response, painting
06/08/2020 05:48:58 errors, etc) it may be disabled via: '-noscr'
06/08/2020 05:48:58 Also see the -help entry for tuning parameters.
06/08/2020 05:48:58 You can press 3 Alt_L's (Left "Alt" key) in a row to
06/08/2020 05:48:58 repaint the screen, also see the -fixscreen option for
06/08/2020 05:48:58 periodic repaints.
06/08/2020 05:48:58
06/08/2020 05:48:58 XKEYBOARD: number of keysyms per keycode 7 is greater
06/08/2020 05:48:58 than 4 and 51 keysyms are mapped above 4.
06/08/2020 05:48:58 Automatically switching to -xkb mode.
06/08/2020 05:48:58 If this makes the key mapping worse you can
06/08/2020 05:48:58 disable it with the "-noxkb" option.
06/08/2020 05:48:58 Also, remember "-remap DEAD" for accenting characters.
06/08/2020 05:48:58
06/08/2020 05:48:58 X FBPM extension not supported.
Xlib: extension "DPMS" missing on display ":0".
06/08/2020 05:48:58 X display is not capable of DPMS.
06/08/2020 05:48:58 --------------------------------------------------------
06/08/2020 05:48:58
06/08/2020 05:48:58 Default visual ID: 0x21
06/08/2020 05:48:58 Read initial data from X display into framebuffer.
06/08/2020 05:48:58 initialize_screen: fb_depth/fb_bpp/fb_Bpl 24/32/5120
06/08/2020 05:48:58
06/08/2020 05:48:58 X display :0 is 32bpp depth=24 true color
06/08/2020 05:48:58
06/08/2020 05:48:58 Listening for VNC connections on TCP port 5900
06/08/2020 05:48:58
06/08/2020 05:48:58 Xinerama is present and active (e.g. multi-head).
06/08/2020 05:48:58 Xinerama: number of sub-screens: 1
06/08/2020 05:48:58 Xinerama: no blackouts needed (only one sub-screen)
06/08/2020 05:48:58
06/08/2020 05:48:58 fb read rate: 2160 MB/sec
06/08/2020 05:48:58 fast read: reset -wait ms to: 10
06/08/2020 05:48:58 fast read: reset -defer ms to: 10
06/08/2020 05:48:58 The X server says there are 10 mouse buttons.
06/08/2020 05:48:58 screen setup finished.
06/08/2020 05:48:58
The VNC desktop is: 60c148e3abbf:0
PORT=5900
******************************************************************************
Have you tried the x11vnc '-ncache' VNC client-side pixel caching feature yet?
The scheme stores pixel data offscreen on the VNC viewer side for faster
retrieval. It should work with any VNC viewer. Try it by running:
x11vnc -ncache 10 ...
One can also add -ncache_cr for smooth 'copyrect' window motion.
More info: http://www.karlrunge.com/x11vnc/faq.html#faq-client-caching
[services.d] starting logmonitor...
[services.d] starting app...
[logmonitor] starting...
[app] starting Firefox...
[services.d] done.
Mozilla Firefox 79.0
06/08/2020 05:49:19 Got connection from client 172.19.0.2
06/08/2020 05:49:19 other clients:
06/08/2020 05:49:20 Normal socket connection
06/08/2020 05:49:20 Disabled X server key autorepeat.
06/08/2020 05:49:20 to force back on run: 'xset r on' (3 times)
06/08/2020 05:49:20 incr accepted_client=1 for 172.19.0.2:54516 sock=10
06/08/2020 05:49:20 Client Protocol Version 3.8
06/08/2020 05:49:20 Protocol version sent 3.8, using 3.8
06/08/2020 05:49:20 rfbProcessClientSecurityType: executing handler for type 1
06/08/2020 05:49:20 rfbProcessClientSecurityType: returning securityResult for client rfb version >= 3.8
06/08/2020 05:49:20 Pixel format for client 172.19.0.2:
06/08/2020 05:49:20 32 bpp, depth 24, little endian
06/08/2020 05:49:20 true colour: max r 255 g 255 b 255, shift r 16 g 8 b 0
06/08/2020 05:49:20 no translation needed
06/08/2020 05:49:20 rfbProcessClientNormalMessage: ignoring unsupported encoding type ultraZip
06/08/2020 05:49:20 Using compression level 3 for client 172.19.0.2
06/08/2020 05:49:20 Enabling X-style cursor updates for client 172.19.0.2
06/08/2020 05:49:20 Enabling full-color cursor updates for client 172.19.0.2
06/08/2020 05:49:20 Enabling cursor position updates for client 172.19.0.2
06/08/2020 05:49:20 Enabling KeyboardLedState protocol extension for client 172.19.0.2
06/08/2020 05:49:20 Enabling NewFBSize protocol extension for client 172.19.0.2
06/08/2020 05:49:20 Enabling SupportedMessages protocol extension for client 172.19.0.2
06/08/2020 05:49:20 Enabling SupportedEncodings protocol extension for client 172.19.0.2
06/08/2020 05:49:20 Enabling ServerIdentity protocol extension for client 172.19.0.2
06/08/2020 05:49:20 Using ZRLE encoding for client 172.19.0.2
06/08/2020 05:49:20 client_set_net: 172.19.0.2 0.0002
06/08/2020 05:49:20 created xdamage object: 0x20002c
06/08/2020 05:49:20 copy_tiles: allocating first_line at size 41
[app] starting Firefox...
Mozilla Firefox 79.0
06/08/2020 05:49:30 created selwin: 0x20002d
06/08/2020 05:49:30 called initialize_xfixes()
06/08/2020 05:49:30 client 1 network rate 2220.8 KB/sec (27322.0 eff KB/sec)
06/08/2020 05:49:30 client 1 latency: 0.5 ms
06/08/2020 05:49:30 dt1: 0.0019, dt2: 0.0058 dt3: 0.0005 bytes: 16969
06/08/2020 05:49:30 link_rate: LR_LAN - 1 ms, 2220 KB/s
[app] starting Firefox...
Mozilla Firefox 79.0Between the docker run and the docker inspect I connected to the firefox container via guacamole and restarted firefox in the container by closing all tabs.
cd-zbfs
commented
4 years ago Hi,
small update from my side.
I updated the server recently to a Debian Buster (was planed for some time). Since then the Firefox in the container does not crash on startup. New tabs open without any problems. Strangely the only change was the Debian upgrade and a reboot of the system. Maybe the new kernel or the reboot did the trick. Docker version and Firefox container hash is the same as before.
Let me know if I should test anything else. As far as I'm concerned the issue can be closed.
# lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:Debian GNU/Linux 10 (buster)
Release:10
Codename:buster# docker --version
Docker version 19.03.12, build 48a66213fe# docker pull jlesage/firefox
Using default tag: latest
latest: Pulling from jlesage/firefox
Digest: sha256:fd7c9fea0dbff48de8a27b0d1d569907efb98e29ea7778befa83c0a793e8e259
Status: Image is up to date for jlesage/firefox:latest
docker.io/jlesage/firefox:latestThanks for the update. The kernel upgrade probably did the trick. Do you know what was the kernel version before and after the upgrade ?
cd-zbfs
commented
4 years ago Before the upgrade the standard Debian Stretch based 4.9 kernel (see https://packages.debian.org/stretch/linux-image-amd64 )
After the upgrade the standard Debian Buster based 4.19 kernel (see https://packages.debian.org/buster/linux-image-amd64 )
# uname -a
Linux rho 4.19.0-10-amd64 #1 SMP Debian 4.19.132-1 (2020-07-24) x86_64 GNU/Linux
Hi,
after an upgrade to the latest docker image version firefox kept crashing with the membarrier warning. I recreated the container with
docker run -d --name=firefox -p 5800:5800 -p 5900:5900 -e KEEP_APP_RUNNING=1 -v /home/docker/firefox:/config --shm-size 3g --security-opt seccomp=unconfined --network="guacamole-network" jlesage/firefoxbut the crashes still happens. This time without the membarrier warning.
I can connect via guacamole VNC but see a crashed tab
Closing the tab restarts the container an the tab crashes again. Cleaning /config was already tested.
End of the log is
--shm-size and --security-opt seccomp=unconfined is set. Did I miss something?
regards cd