"Access to the path 'c:\driversetc\hosts' is denied."

[ChristianFeitl]

Describe the issue When trying to create a new container with artifacts an exception occurs and the command stops running.

Scripts used to create container and cause the issue $auth = "NavUserPassword" $credential = New-Object pscredential 'admin', (ConvertTo-SecureString -String 'P@ssword1' -AsPlainText -Force)

$artifactUrl = Get-BCArtifactUrl -type onprem -version 16.2 -country at -select Latest

New-BCContainer -containerName BC16CU02WA -artifactUrl $artifactUrl -accept_eula -auth $auth -Credential $credential -includeAL -includeTestToolkit -doNotExportObjectsToText -accept_outdated -updateHosts

Full output of scripts NavContainerHelper is version 0.7.0.23 NavContainerHelper is running as administrator Host is Microsoft - 1909 Docker Client Version is 19.03.12 Docker Server Version is 19.03.12 Removing container BC16CU02WA Removing BC16CU02WA from host hosts file Removing C:\ProgramData\NavContainerHelper\Extensions\BC16CU02WA Fetching all docker images Using image mcr.microsoft.com/dynamicsnav:10.0.18363.959-generic Creating Container BC16CU02WA Version: 16.2.13509.13779-at Style: onprem Platform: 16.0.13440.13772 Generic Tag: 0.1.0.13 Container OS Version: 10.0.18363.959 (1909) Host OS Version: 10.0.18363.959 (1909) Using locale de-AT Using process isolation Disabling the standard eventlog dump to container log every 2 seconds (use -dumpEventLog to enable) Files in C:\ProgramData\NavContainerHelper\Extensions\BC16CU02WA\my:

• AdditionalOutput.ps1
• license.flf
• MainLoop.ps1
• SetupVariables.ps1
• updatehosts.ps1 Creating container BC16CU02WA from image mcr.microsoft.com/dynamicsnav:10.0.18363.959-generic 339bcec71e84a8486dc231dbc04dbaded641069205584dc38794db78e4494724 Waiting for container BC16CU02WA to be ready Using artifactUrl https://bcartifacts.azureedge.net/onprem/16.2.13509.13779/at Using installer from C:\Run\150-new Installing Business Central Installing from artifacts Starting Local SQL Server Starting Internet Information Server Copying Service Tier Files Copying PowerShell Scripts Copying dependencies Copying ReportBuilder Importing PowerShell Modules Determining Database Collation from c:\dl\onprem\16.2.13509.13779\at\database\Demo Database NAV (16-0).bak Changing Database Server Collation to Latin1_General_100_CI_AS Restoring CRONUS Demo Database Modifying Business Central Service Tier Config File for Docker Creating Business Central Service Tier Installing SIP crypto provider: 'C:\Windows\System32\NavSip.dll' Starting Business Central Service Tier Importing CRONUS license file Stopping Business Central Service Tier Copying Web Client Files Copying Client Files Copying ModernDev Files Copying additional files Copying ConfigurationPackages Copying Test Assemblies Copying Applications Installation took 210 seconds Installation complete Initializing... Exception calling "Open" with "4" argument(s): "Access to the path 'c:\driversetc\hosts' is denied." at UpdateHostsFile, C:\Run\my\updatehosts.ps1: line 20 at , C:\Run\my\updatehosts.ps1: line 111 at , C:\Run\my\SetupVariables.ps1: line 5 at , C:\Run\navstart.ps1: line 24 at , C:\Run\start.ps1: line 327 at , : line 1Error Using artifactUrl https://bcartifacts.azureedge.net/onprem/16.2.13509.13779/at Using installer from C:\Run\150-new Installing Business Central Installing from artifacts Starting Local SQL Server Starting Internet Information Server Copying Service Tier Files Copying PowerShell Scripts Copying dependencies Copying ReportBuilder Importing PowerShell Modules Determining Database Collation from c:\dl\onprem\16.2.13509.13779\at\database\Demo Database NAV (16-0).bak Changing Database Server Collation to Latin1_General_100_CI_AS Restoring CRONUS Demo Database Modifying Business Central Service Tier Config File for Docker Creating Business Central Service Tier Installing SIP crypto provider: 'C:\Windows\System32\NavSip.dll' Starting Business Central Service Tier Importing CRONUS license file Stopping Business Central Service Tier Copying Web Client Files Copying Client Files Copying ModernDev Files Copying additional files Copying ConfigurationPackages Copying Test Assemblies Copying Applications Installation took 210 seconds Installation complete Initializing... Exception calling "Open" with "4" argument(s): "Access to the path 'c:\driversetc\hosts' is denied." at UpdateHostsFile, C:\Run\my\updatehosts.ps1: line 20 at , C:\Run\my\updatehosts.ps1: line 111 at , C:\Run\my\SetupVariables.ps1: line 5 at , C:\Run\navstart.ps1: line 24 at , C:\Run\start.ps1: line 327 at , : line 1 Initialization of container BC16CU02WA failed In C:\Program Files\WindowsPowerShell\Modules\navcontainerhelper\0.7.0.23\ContainerHandling\Wait-NavContainerReady.ps1:44 Zeichen:17
• ... throw "Initialization of container $containerName failed" ...

• 
  + CategoryInfo          : OperationStopped: (Initialization ...16CU02WA failed:String) [], RuntimeException
  + FullyQualifiedErrorId : Initialization of container BC16CU02WA failed

Screenshots None

Additional context First try to use artifacts Tried three times, but never worked.

[freddydk]

If you run

Check-NavContainerHelperPermissions

It should check if you don't have permissions to something. You can add -fix for the helper to fix permissions.

Let me know if this works for you.

[ChristianFeitl]

Thank you for your quick response, but it did not help. The output of the command was empty, I suppose that means that everything is fine. I ran "-fix" anyway, here's the result:

PS C:\Windows\system32> Check-NavContainerHelperPermissions

PS C:\Windows\system32> Check-NavContainerHelperPermissions -fix Running as administrator Checking permissions to C:\ProgramData\NavContainerHelper „User“ does NOT have Full Control to C:\ProgramData\NavContainerHelper and all subfolders Trying to add permissions Permissions successfully added Checking permissions to C:\Windows\System32\drivers\etc\hosts „User“ does NOT have modify permissions to C:\Windows\System32\drivers\etc\hosts Trying to add permissions Permissions successfully added Checking permissions to docker commands „User“ has the right permissions to run docker commands

[ChristianFeitl]

Just for the records: I tried to create an old style container with "-imageName", which worked.

(First, I got a message "docker : At least 3Gb memory needs to be available to the Container." which I solved by adding the parameter "-memoryLimit 4G". I cannot fully understand the reason for that error, because my PC has sufficient memory.)

[freddydk]

It looks like the check-permission fixed the hosts folder - did you try with artifacts after that? If that doesn't work, you can try to add -isolation hyperv to the new-bccontainer with artifacts?

[ChristianFeitl]

Yes I tried after fixing the permissions, same error occurred. But "-isolation hyperv" helped, the container could then be created and started successfully. Thank you!

Just being curious: How did you come up with the -isolation parameter? Educated guess because of https://freddysblog.com/2020/02/14/hyperv-isolation-to-the-rescue/? And why do I need to add the -memoryLimit parameter? I used navcontainerhelper on another PC before but that was never necessary. Thanks again!

[freddydk]

Well - you said that running an "old" image worked - I assumed that that would be running hyperv isolation, which in this area would be pretty much the only difference. So apparently a container with process isolation on your machine cannot modify hosts - that might be due to anti-virus or like.

On the memoryLimit - you should be able to remove that - it should be defaulted. If not - please show me the exact PS command, which leads to the memory error here.

[ChristianFeitl]

My PC has 16GB RAM, 9,5GB of which is used.

I execute $auth = "NavUserPassword" $credential = New-Object pscredential 'admin', (ConvertTo-SecureString -String 'P@ssword1' -AsPlainText -Force) New-BCContainer -containerName BC16CU02 -accept_eula -auth $auth -Credential $credential -imageName mcr.microsoft.com/businesscentral/onprem:2004-cu2-at-ltsc2019 -includeAL -doNotExportObjectsToText -accept_outdated ` -updateHosts

that leads to NavContainerHelper is version 0.7.0.23 NavContainerHelper is running as administrator Host is Microsoft - 1909 Docker Client Version is 19.03.12 Docker Server Version is 19.03.12 Fetching all docker images WARNING: You are running specific Docker images from mcr.microsoft.com. These images will no longer be updated, you should switch to user Docker artifacts. See https://freddysblog.com/2020/07 /05/july-updates-are-out-they-are-the-last-on-premises-docker-images/ Using image mcr.microsoft.com/businesscentral/onprem:2004-cu2-at-ltsc2019 Creating Container BC16CU02 Version: 16.2.13509.13779-at Style: onprem Platform: 16.0.13440.13772 Generic Tag: 0.0.9.99 Container OS Version: 10.0.17763.973 (ltsc2019) Host OS Version: 10.0.18363.959 (1909) The container operating system does not match the host operating system, forcing hyperv isolation. Using locale de-AT Using hyperv isolation Disabling the standard eventlog dump to container log every 2 seconds (use -dumpEventLog to enable) Files in C:\ProgramData\NavContainerHelper\Extensions\BC16CU02\my:

• AdditionalOutput.ps1
• license.flf
• MainLoop.ps1
• SetupVariables.ps1
• updatehosts.ps1 Creating container BC16CU02 from image mcr.microsoft.com/businesscentral/onprem:2004-cu2-at-ltsc2019 5b524e339049a74a68a8126ac5bbd00ddf54f5eea3da80f08d09b82c1067d4bf Waiting for container BC16CU02 to be ready docker : At least 3Gb memory needs to be available to the Container. In C:\Program Files\WindowsPowerShell\Modules\navcontainerhelper\0.7.0.23\ContainerHandling\Wait-NavContainerReady.ps1:32 Zeichen:21
• $logs = docker logs $containerName

• 
  + CategoryInfo          : NotSpecified: (At least 3Gb me... the Container.:String) [], RemoteException
  + FullyQualifiedErrorId : NativeCommandError

[freddydk]

Looks like there is a bug when using specific images and hyperv - will investigate (although you aren't blocked by that anymore, it still should be fixed)

[ChristianFeitl]

Since my original question was solved, I created a new issue for the memoryLimit thing and close this one.