search

linuxserver / docker-kasm

Kasm Workspaces platform provides enterprise-class orchestration, data loss prevention, and web streaming technology to enable the delivery of containerized workloads to your browser.
GNU General Public License v3.0
299 stars 28 forks source link

[BUG] Could not mount /sys/kernel/security #40

Closed TheZoker closed 8 months ago

TheZoker commented 11 months ago

Is there an existing issue for this?

Current Behavior

When I try to install the latest version of kasm, I get the following error:

mount: /sys/kernel/security: permission denied.
Could not mount /sys/kernel/security.
AppArmor detection and --privileged mode might break.
time="2023-10-12T01:29:49.749588880+02:00" level=error msg="failed to initialize a tracing processor \"otlp\"" error="no OpenTelemetry endpoint: skip plugin"

Expected Behavior

No response

Steps To Reproduce

  1. Create docker-compose file: 
    version: '3.8'
services:
kasm:
image: lscr.io/linuxserver/kasm
container_name: Kasm
restart: always
privileged: true
ports:
  - 443:443
  - 3000:3000
volumes:
  - ~/files/kasm/data:/opt
  - ~/files/kasm/profiles:/profiles
environment:
  - TZ=Europe/Berlin
  - KASM_PORT=443
  - PUID=1000
  - PGID=1000

Environment

- OS: alpine OS as LXC
- How docker service was installed: `apk install docker docker-compose`

CPU architecture

x86-64

Docker creation

docker-compose up

Container logs

[migrations] started
[migrations] no migrations found
───────────────────────────────────────

      ██╗     ███████╗██╗ ██████╗ 
      ██║     ██╔════╝██║██╔═══██╗
      ██║     ███████╗██║██║   ██║
      ██║     ╚════██║██║██║   ██║
      ███████╗███████║██║╚██████╔╝
      ╚══════╝╚══════╝╚═╝ ╚═════╝ 

   Brought to you by linuxserver.io
───────────────────────────────────────

To support LSIO projects visit:
https://www.linuxserver.io/donate/

───────────────────────────────────────
GID/UID
───────────────────────────────────────

User UID:    1000
User GID:    1000
───────────────────────────────────────

[custom-init] No custom files found, skipping...
[ls.io-init] done.
mount: /sys/kernel/security: permission denied.
Could not mount /sys/kernel/security.
AppArmor detection and --privileged mode might break.
time="2023-10-12T01:29:49.749588880+02:00" level=error msg="failed to initialize a tracing processor \"otlp\"" error="no OpenTelemetry endpoint: skip plugin"
github-actions[bot] commented 11 months ago

Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.

aptalca commented 11 months ago

Lxc is most likely the issue here. We don't recommend or support docker in lxc

TheZoker commented 11 months ago

Hmm weird, because with 1.13 it worked for a good amount of time.

thelamer commented 11 months ago

Does it work with --security-opt apparmor=unconfined ?

LinuxServer-CI commented 10 months ago

This issue has been automatically marked as stale because it has not had recent activity. This might be due to missing feedback from OP. It will be closed if no further activity occurs. Thank you for your contributions.

github-actions[bot] commented 7 months ago

This issue is locked due to inactivity