entrypoint.sh uses sudo

[sja]

The entrypoint.sh uses sudo to copy default configs if they not exist. Why?

My problem is, that this breaks the container start with the following logs:

++ ls -A /openhab/userdata
+ '[' -z '' ']'
+ echo 'No userdata found... initializing.'
No userdata found... initializing.
+ sudo cp -av /openhab/userdata.dist/. /openhab/userdata/
sudo: unable to send audit message: Operation not permitted
+ set -euo pipefail
+ IFS='

After googling, it may be a problem with AppArmor. I added capability audit_write to the /etc/apparmor.d/docker file and rebooted, but nothing changed. (See here)

If i remove the sudos before copy, everything works fine there.

Environment: Pine64 board (arm64 arch) with Ubuntu Xenial (16.04), kernel 3.10.101-0-pine64-longsleep and docker 1.10.3 + docker-compose 1.5.2.

[ShaunCurrier]

I'm experiencing this error as well on a Pine64, aarch64, Ubuntu, 3.10.65-7-pine64-longsleep, Docker 1.12.1 with the latest docker image from docker hub.

[ShaunCurrier]

Here's my particular error output, looks similar to what sja has.

root@localhost:/opt# docker run    -it     --name openhab         --net=host         -v /etc/localtime:/etc/localtime:ro         -v /etc/timezone:/etc/timezone:ro         -v /opt/openhab/conf:/openhab/conf         -v /opt/openhab/userdata:/openhab/userdata         -v /tmp:/tmp:rw    --restart=always   --env EXTRA_JAVA_OPTS="-Dgnu.io.rxtx.SerialPorts=/dev/ttyACM0"   --device=/dev/ttyACM0:/dev/ttyACM0:rw openhab/openhab:arm64-online  --privileged
+ set -euo pipefail
+ IFS='
        '
++ ls -A /openhab/userdata
+ '[' -z '' ']'
+ echo 'No userdata found... initializing.'
No userdata found... initializing.
+ sudo cp -av /openhab/userdata.dist/. /openhab/userdata/
sudo: unable to send audit message: Operation not permitted

[GreenTeaBalls]

Also fails on docker on a Synology DiskStation.
Version information:
Client:
Version: 1.11.2
API version: 1.23
Go version: go1.4.2
Git commit: eabacaa-synology
Built: Sat Jun 18 19:01:00 2016
OS/Arch: linux/amd64

Server:
Version: 1.11.2
API version: 1.23
Go version: go1.4.2
Git commit: eabacaa-synology
Built: Sat Jun 18 19:01:00 2016
OS/Arch: linux/amd64

Here's the error log:

+ set -euo pipefail
+ IFS='
    '
++ ls -A /openhab/userdata
+ '[' -z '' ']'
+ echo 'No userdata found... initializing.'
No userdata found... initializing.
+ sudo cp -av /openhab/userdata.dist/. /openhab/userdata/
sudo: unable to send audit message: Operation not permitted

A fix would be much appreciated as I'm currently stuck and can't get the container to run on my Synology. Thanks!

@sja - would you be so kind to explain how you removed the sudo before the calls to cp?

[letitbe1]

Build #589 working on Synology 415+ running DSM 6 & using ui and ssh, when:

• using ui: first create a container with bridge (not host) as network, leaving all other stuff as default
• start & stop it after first start
• ssh your syno.
• sudo su
• edit your docker openhab.config (located in /var/packages/Docker/etc)
• find "network":[{"driver":"","name": change it to "network":[{"driver":"","name":"host"}]
• find "use_host_network":false change it to "use_host_network":true
• save config
• start the container using ui again

[GreenTeaBalls]

@letitbe1 -- wow! Thanks ever so much, that actually worked! I managed to get the container up and running due to your help.

[legacycode]

I had exactly the same problem as sja. On my system i fixed it after a lot of trial and error. The problem seems to be in the readme.md file. I needed to add "pid: host" to the docker run command, if using "net:host". I created this docker-compose.yml. In my gist i also set the environment variables for different ports, because on my system the default ports are already in use.

Exposing ports seems not to work in host mode and i removed them from my compose file. Everything works as expected now.

Distributor ID: Ubuntu
Description:    Ubuntu 14.04.5 LTS
Release:        14.04
Codename:       trusty
Docker version 1.12.3, build 6b644ec

Could you please verify?

[legacycode]

Pull request #43 will solve this issue.