[Bug]: root-repo docker run failed

chairwa commented 1 year ago

Problem description

docker run hello-world Unable to find image 'hello-world:latest' locally latest: Pulling from library/hello-world 04341b189be6: Pull complete Digest: sha256:ffb13da98453e0f04d33a6eee5bb8e46ee50d08ebe17735fc0779d0349e889e9 Status: Downloaded newer image for hello-world:latest docker: Error response from daemon: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: unable to apply cgroup configuration: mkdir /cpuset/docker: no such file or directory: unknown. ERRO[0007] error waiting for container: context canceled

What steps will reproduce the bug?

pkg install root-repo pkg install docker tsu dockerd & docker run hello-world

What is the expected behavior?

docker run succeeded

System information

termux-info:

Termux Variables:
unsupported
Packages CPU architecture:
arm
Subscribed repositories:
# sources.list
deb https://linux.domainesia.com/applications/termux/termux-main stable main
# root-repo (sources.list.d/root.list)
deb https://packages-cf.termux.dev/apt/termux-root/ root stable
Updatable packages:
Running as root. Cannot check package updates.
termux-tools version:
1.37.0
Android version:
9
Kernel build information:
Linux localhost 4.9.113 #7 SMP PREEMPT Mon Feb 27 17:20:09 CST 2023 armv7l Android
Device manufacturer:
Droidlogic
Device model:
u202
LD Variables:
LD_LIBRARY_PATH=
LD_PRELOAD=/data/data/com.termux/files/usr/lib/libtermux-exec.so

Grimler91 commented 1 year ago

Do you have a custom kernel with cpuset enabled, i.e. CONFIG_CGROUPS and CONFIG_CPUSETS?

Download and run the check-config.sh script to check your config

chairwa commented 1 year ago

./check-config.sh config.gz info: reading kernel config from config.gz ...

Generally Necessary:

cgroup hierarchy: properly mounted [/sys/fs/cgroup]
CONFIG_NAMESPACES: enabled
CONFIG_NET_NS: enabled
CONFIG_PID_NS: enabled
CONFIG_IPC_NS: enabled
CONFIG_UTS_NS: enabled
CONFIG_CGROUPS: enabled
CONFIG_CGROUP_CPUACCT: enabled
CONFIG_CGROUP_DEVICE: enabled
CONFIG_CGROUP_FREEZER: enabled
CONFIG_CGROUP_SCHED: enabled
CONFIG_CPUSETS: enabled
CONFIG_MEMCG: enabled
CONFIG_KEYS: enabled
CONFIG_VETH: enabled
CONFIG_BRIDGE: enabled
CONFIG_BRIDGE_NETFILTER: enabled (as module)
CONFIG_IP_NF_FILTER: enabled
CONFIG_IP_NF_TARGET_MASQUERADE: enabled
CONFIG_NETFILTER_XT_MATCH_ADDRTYPE: enabled
CONFIG_NETFILTER_XT_MATCH_CONNTRACK: enabled
CONFIG_NETFILTER_XT_MATCH_IPVS: missing
CONFIG_NETFILTER_XT_MARK: enabled
CONFIG_IP_NF_NAT: enabled
CONFIG_NF_NAT: enabled
CONFIG_POSIX_MQUEUE: enabled
CONFIG_NF_NAT_IPV4: enabled
CONFIG_NF_NAT_NEEDED: enabled
CONFIG_CGROUP_BPF: enabled

Optional Features:

CONFIG_USER_NS: enabled
CONFIG_SECCOMP: enabled
CONFIG_SECCOMP_FILTER: enabled
CONFIG_CGROUP_PIDS: enabled
CONFIG_MEMCG_SWAP: enabled
CONFIG_MEMCG_SWAP_ENABLED: enabled
CONFIG_IOSCHED_CFQ: enabled
CONFIG_CFQ_GROUP_IOSCHED: enabled
CONFIG_BLK_CGROUP: enabled
CONFIG_BLK_DEV_THROTTLING: enabled
CONFIG_CGROUP_PERF: enabled
CONFIG_CGROUP_HUGETLB: missing
CONFIG_NET_CLS_CGROUP: enabled
CONFIG_CGROUP_NET_PRIO: enabled
CONFIG_CFS_BANDWIDTH: enabled
CONFIG_FAIR_GROUP_SCHED: enabled
CONFIG_RT_GROUP_SCHED: enabled
CONFIG_IP_NF_TARGET_REDIRECT: enabled
CONFIG_IP_VS: missing
CONFIG_IP_VS_NFCT: missing
CONFIG_IP_VS_PROTO_TCP: missing
CONFIG_IP_VS_PROTO_UDP: missing
CONFIG_IP_VS_RR: missing
CONFIG_SECURITY_SELINUX: enabled
CONFIG_SECURITY_APPARMOR: missing
CONFIG_EXT4_FS: enabled
CONFIG_EXT4_FS_POSIX_ACL: enabled
CONFIG_EXT4_FS_SECURITY: enabled
Network Drivers:
- "overlay":
- CONFIG_VXLAN: enabled
- CONFIG_BRIDGE_VLAN_FILTERING: missing Optional (for encrypted networks):
  - CONFIG_CRYPTO: enabled
  - CONFIG_CRYPTO_AEAD: enabled
  - CONFIG_CRYPTO_GCM: enabled
  - CONFIG_CRYPTO_SEQIV: enabled
  - CONFIG_CRYPTO_GHASH: enabled
  - CONFIG_XFRM: enabled
  - CONFIG_XFRM_USER: enabled
  - CONFIG_XFRM_ALGO: enabled
  - CONFIG_INET_ESP: enabled
  - CONFIG_INET_XFRM_MODE_TRANSPORT: enabled
- "ipvlan":
- CONFIG_IPVLAN: missing
- "macvlan":
- CONFIG_MACVLAN: enabled
- CONFIG_DUMMY: enabled
- "ftp,tftp client in container":
- CONFIG_NF_NAT_FTP: enabled
- CONFIG_NF_CONNTRACK_FTP: enabled
- CONFIG_NF_NAT_TFTP: enabled
- CONFIG_NF_CONNTRACK_TFTP: enabled
Storage Drivers:
- "aufs":
- CONFIG_AUFS_FS: missing (note that some kernels include AUFS patches but not the AUFS_FS flag)
- "btrfs":
- CONFIG_BTRFS_FS: missing
- CONFIG_BTRFS_FS_POSIX_ACL: missing
- "devicemapper":
- CONFIG_BLK_DEV_DM: enabled
- CONFIG_DM_THIN_PROVISIONING: missing
- "overlay":
- CONFIG_OVERLAY_FS: enabled
- "zfs":
- /dev/zfs: missing
- zfs command: missing
- zpool command: missing

Limits:

/proc/sys/kernel/keys/root_maxkeys: 1000000

RuofengX commented 1 month ago

Same issue as chariwa.

Device is Nothing CMF Phone 1, with latest system version(2.6)

./check-config.sh output:

~ $ sudo sh ./check-config.sh
info: reading kernel config from /proc/config.gz ...

Generally Necessary:
- cgroup hierarchy: cgroupv2
  Controllers:
  - cpu: missing
  - cpuset: missing
  - io: missing
  - memory: missing
  - pids: missing
- CONFIG_NAMESPACES: enabled
- CONFIG_NET_NS: enabled
- CONFIG_PID_NS: missing
- CONFIG_IPC_NS: missing
- CONFIG_UTS_NS: enabled
- CONFIG_CGROUPS: enabled
- CONFIG_CGROUP_CPUACCT: enabled
- CONFIG_CGROUP_DEVICE: missing
- CONFIG_CGROUP_FREEZER: enabled
- CONFIG_CGROUP_SCHED: enabled
- CONFIG_CPUSETS: enabled
- CONFIG_MEMCG: enabled
- CONFIG_KEYS: enabled
- CONFIG_VETH: enabled
- CONFIG_BRIDGE: enabled
- CONFIG_BRIDGE_NETFILTER: missing
- CONFIG_IP_NF_FILTER: enabled
- CONFIG_IP_NF_MANGLE: enabled
- CONFIG_IP_NF_TARGET_MASQUERADE: enabled
- CONFIG_NETFILTER_XT_MATCH_ADDRTYPE: missing
- CONFIG_NETFILTER_XT_MATCH_CONNTRACK: enabled
- CONFIG_NETFILTER_XT_MATCH_IPVS: missing
- CONFIG_NETFILTER_XT_MARK: enabled
- CONFIG_IP_NF_NAT: enabled
- CONFIG_NF_NAT: enabled
- CONFIG_POSIX_MQUEUE: missing
- CONFIG_CGROUP_BPF: enabled

Optional Features:
- CONFIG_USER_NS: missing
- CONFIG_SECCOMP: enabled
- CONFIG_SECCOMP_FILTER: enabled
- CONFIG_CGROUP_PIDS: missing
- CONFIG_MEMCG_SWAP: missing
    (cgroup swap accounting is currently enabled)
- CONFIG_BLK_CGROUP: enabled
- CONFIG_BLK_DEV_THROTTLING: enabled
- CONFIG_CGROUP_PERF: missing
- CONFIG_CGROUP_HUGETLB: missing
- CONFIG_NET_CLS_CGROUP: missing
- CONFIG_CGROUP_NET_PRIO: enabled
- CONFIG_CFS_BANDWIDTH: missing
- CONFIG_FAIR_GROUP_SCHED: enabled
- CONFIG_IP_NF_TARGET_REDIRECT: enabled
- CONFIG_IP_VS: missing
- CONFIG_IP_VS_NFCT: missing
- CONFIG_IP_VS_PROTO_TCP: missing
- CONFIG_IP_VS_PROTO_UDP: missing
- CONFIG_IP_VS_RR: missing
- CONFIG_SECURITY_SELINUX: enabled
- CONFIG_SECURITY_APPARMOR: missing
- CONFIG_EXT4_FS: enabled
- CONFIG_EXT4_FS_POSIX_ACL: enabled
- CONFIG_EXT4_FS_SECURITY: enabled
- Network Drivers:
  - "overlay":
    - CONFIG_VXLAN: missing
    - CONFIG_BRIDGE_VLAN_FILTERING: missing
      Optional (for encrypted networks):
      - CONFIG_CRYPTO: enabled
      - CONFIG_CRYPTO_AEAD: enabled
      - CONFIG_CRYPTO_GCM: enabled
      - CONFIG_CRYPTO_SEQIV: enabled
      - CONFIG_CRYPTO_GHASH: enabled
      - CONFIG_XFRM: enabled
      - CONFIG_XFRM_USER: enabled
      - CONFIG_XFRM_ALGO: enabled
      - CONFIG_INET_ESP: enabled
      - CONFIG_NETFILTER_XT_MATCH_BPF: enabled
  - "ipvlan":
    - CONFIG_IPVLAN: missing
  - "macvlan":
    - CONFIG_MACVLAN: missing
    - CONFIG_DUMMY: enabled
  - "ftp,tftp client in container":
    - CONFIG_NF_NAT_FTP: enabled
    - CONFIG_NF_CONNTRACK_FTP: enabled
    - CONFIG_NF_NAT_TFTP: enabled
    - CONFIG_NF_CONNTRACK_TFTP: enabled
- Storage Drivers:
  - "btrfs":
    - CONFIG_BTRFS_FS: missing
    - CONFIG_BTRFS_FS_POSIX_ACL: missing
  - "overlay":
    - CONFIG_OVERLAY_FS: enabled
  - "zfs":
    - /dev/zfs: missing
    - zfs command: missing
    - zpool command: missing

Limits:
- /proc/sys/kernel/keys/root_maxkeys: 1000000

termux / termux-packages