search

selkies-project / docker-nvidia-glx-desktop

KDE Plasma Desktop container designed for Kubernetes, supporting OpenGL EGL and GLX, Vulkan, and Wine/Proton for NVIDIA GPUs through WebRTC and HTML5, providing an open-source remote cloud/HPC graphics or game streaming platform.
https://github.com/selkies-project/docker-nvidia-glx-desktop/pkgs/container/nvidia-glx-desktop
Mozilla Public License 2.0
293 stars 63 forks source link

invalid substitution in dockerfile #53

Closed alexeadem closed 1 month ago

alexeadem commented 1 month ago

https://github.com/selkies-project/docker-nvidia-glx-desktop/blob/b506c323db4360998584b618921ef81307224f22/Dockerfile#L611

is giving trouble when building the image

error: failed to solve: rpc error: code = Unknown desc = failed to process "\"unix:path=${XDG_RUNTIME_DIR:-/tmp}/dbus-session-${DISPLAY#*:}\"": missing ':' in substitution

docker version Client: Version: 24.0.5

Maybe it can be replaced by:

ENV DBUS_SESSION_BUS_ADDRESS="unix:path=${XDG_RUNTIME_DIR:-/tmp}/dbus-session-$(echo $DISPLAY | cut -d ":" -f2)"

ehfd commented 1 month ago

ENV DBUS_SESSION_BUS_ADDRESS="unix:path=${XDG_RUNTIME_DIR:-/tmp}/dbus-session-$(echo $DISPLAY | cut -d ":" -f2)"

But does this work? I'm careful because I'm not sure if you can run commands under ENV.

ehfd commented 1 month ago

Also, try upgrading to Docker 26 or higher. The GitHub runner is on Docker 26.

ehfd commented 1 month ago

It seems that something in the container makes the build succeed with GitHub Actions, but not when built locally. And it fails in unexpected places.

PMohanJ commented 1 month ago

For me it fails with permission error at ./bin for ubuntu 24.04:

221.5 Errors were encountered while processing:
221.5  /tmp/apt-dpkg-install-fMxqQQ/072-iproute2_6.1.0-1ubuntu6_amd64.deb
221.5  /tmp/apt-dpkg-install-fMxqQQ/083-netcat-openbsd_1.226-1ubuntu2_amd64.deb
221.5  /tmp/apt-dpkg-install-fMxqQQ/133-alsa-base_1.0.25+dfsg-0ubuntu7_all.deb
221.5  /tmp/apt-dpkg-install-fMxqQQ/462-net-tools_2.10-0.1ubuntu4_amd64.deb
221.8 E: Sub-process /usr/bin/dpkg returned an error code (1)

Changing to 22.04, now fails with curl: (23) Failure writing output to destination at https://github.com/selkies-project/docker-nvidia-glx-desktop/blob/main/Dockerfile#L477

Something has to do with 'fakeroot'?

My Docker version: 27.0.3

ehfd commented 1 month ago

I will take a look...

ehfd commented 1 month ago

Now, the CI starts failing.

ehfd commented 1 month ago

chown -R -f --no-dereference --no-preserve-root (adding -h/--no-dereference) might be the solution.

alexeadem commented 1 month ago

ENV DBUS_SESSION_BUS_ADDRESS="unix:path=${XDG_RUNTIME_DIR:-/tmp}/dbus-session-$(echo $DISPLAY | cut -d ":" -f2)"

But does this work? I'm careful because I'm not sure if you can run commands under ENV.

I doesn't. The best way to do this is passing the display as and ENV like this:

ARG XDG_DISPLAY ENV XDG_DISPLAY=${XDG_DISPLAY}

.... ENV DBUS_SESSION_BUS_ADDRESS="unix:path=${XDG_RUNTIME_DIR:-/tmp}/dbus-session-${XDG_DISPLAY}"

alexeadem commented 1 month ago

For me it fails with permission error at ./bin for ubuntu 24.04:

221.5 Errors were encountered while processing:
221.5  /tmp/apt-dpkg-install-fMxqQQ/072-iproute2_6.1.0-1ubuntu6_amd64.deb
221.5  /tmp/apt-dpkg-install-fMxqQQ/083-netcat-openbsd_1.226-1ubuntu2_amd64.deb
221.5  /tmp/apt-dpkg-install-fMxqQQ/133-alsa-base_1.0.25+dfsg-0ubuntu7_all.deb
221.5  /tmp/apt-dpkg-install-fMxqQQ/462-net-tools_2.10-0.1ubuntu4_amd64.deb
221.8 E: Sub-process /usr/bin/dpkg returned an error code (1)

Changing to 22.04, now fails with curl: (23) Failure writing output to destination at https://github.com/selkies-project/docker-nvidia-glx-desktop/blob/main/Dockerfile#L477

Something has to do with 'fakeroot'?

My Docker version: 27.0.3

I got it working by using USER root

They are other issues that need to be worked out. nginx.conf has by default www-data and needs to be replaced by the user in question. If root is used it should be replaced by -e 's/www-data/root/g'

Otherwise Nginx won't be able to get passed the 700 permissions

See the sed I added in the Dockerfile

 # Sanitize NGINX path
    sed -i -e 's/\/var\/log\/nginx\/access\.log/\/dev\/stdout/g' -e 's/www-data/root/g' -e 's/\/var\/log\/nginx\/error\.log/\/dev\/stderr/g' -e 's/\/run\/nginx\.pid/\/tmp\/nginx\.pid/g' /etc/nginx/nginx.conf && \
    echo "error_log /dev/stderr;" >> /etc/nginx/nginx.conf && \
ehfd commented 1 month ago

For future reference, in order to chown -R recursively in a directory containing symbolic links, make sure to add -h as well, as omitting this will break symbolic links.

Usage: chown [OPTION]... [OWNER][:[GROUP]] FILE...
  or:  chown [OPTION]... --reference=RFILE FILE...
Change the owner and/or group of each FILE to OWNER and/or GROUP.
With --reference, change the owner and group of each FILE to those of RFILE.

  -c, --changes          like verbose but report only when a change is made
  -f, --silent, --quiet  suppress most error messages
  -v, --verbose          output a diagnostic for every file processed
      --dereference      affect the referent of each symbolic link (this is
                         the default), rather than the symbolic link itself
  -h, --no-dereference   affect symbolic links instead of any referenced file
                         (useful only on systems that can change the
                         ownership of a symlink)
      --from=CURRENT_OWNER:CURRENT_GROUP
                         change the owner and/or group of each file only if
                         its current owner and/or group match those specified
                         here.  Either may be omitted, in which case a match
                         is not required for the omitted attribute
      --no-preserve-root  do not treat '/' specially (the default)
      --preserve-root    fail to operate recursively on '/'
      --reference=RFILE  use RFILE's owner and group rather than specifying
                         OWNER:GROUP values.  RFILE is always dereferenced.
  -R, --recursive        operate on files and directories recursively

The following options modify how a hierarchy is traversed when the -R
option is also specified.  If more than one is specified, only the final
one takes effect.

  -H                     if a command line argument is a symbolic link
                         to a directory, traverse it
  -L                     traverse every symbolic link to a directory
                         encountered
  -P                     do not traverse any symbolic links (default)

      --help        display this help and exit
      --version     output version information and exit

Owner is unchanged if missing.  Group is unchanged if missing, but changed
to login group if implied by a ':' following a symbolic OWNER.
OWNER and GROUP may be numeric as well as symbolic.

Examples:
  chown root /u        Change the owner of /u to "root".
  chown root:staff /u  Likewise, but also change its group to "staff".
  chown -hR root /u    Change the owner of /u and subfiles to "root".

GNU coreutils online help: <https://www.gnu.org/software/coreutils/>
Full documentation <https://www.gnu.org/software/coreutils/chown>
or available locally via: info '(coreutils) chown invocation'
ehfd commented 1 month ago

Fixed the issue with ENV DBUS_SESSION_BUS_ADDRESS="unix:path=${XDG_RUNTIME_DIR:-/tmp}/dbus-session-${DISPLAY#*:}". Made changes to the fakeroot installation logic as well.

ehfd commented 1 month ago

The apt error may have also been fixed. Please test on all Ubuntu versions.

ehfd commented 1 month ago

I checked all Ubuntu versions on Docker 27.1.0. Please reopen if there are problems.

ehfd commented 1 month ago

Also tested on Kaniko, which works on much restrictive conditions compared to docker build.