Docker change data-root as loop device,fail to run container

heretac · September 14, 2024, 9:36am

Here is my case.

[root@dc-rclone-55 ~]# grep data /etc/docker/daemon.json 
    "data-root": "/data1/docker"
[root@dc-rclone-55 ~]# lsblk 
NAME            MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
fd0               2:0    1    4K  0 disk 
sda               8:0    0   50G  0 disk 
├─sda1            8:1    0  500M  0 part /boot
└─sda2            8:2    0 49.5G  0 part 
  ├─centos-root 253:0    0 45.6G  0 lvm  /
  └─centos-swap 253:1    0  3.9G  0 lvm  [SWAP]
sr0              11:0    1 1024M  0 rom  
loop0             7:0    0    5G  0 loop /data1
[root@dc-rclone-55 ~]# ll /data/disk.raw 
-rw-r--r-- 1 root root 5368709120 Sep 13 09:42 /data/disk.raw
[root@dc-rclone-55 ~]# docker images
REPOSITORY   TAG       IMAGE ID       CREATED       SIZE
ubuntu       22.04     53a843653cbc   4 weeks ago   77.9MB
[root@dc-rclone-55 ~]# docker run -it  --rm ubuntu:22.04 bash
docker: Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting "/data1/docker/containers/accd8f9eb3e6f4ca3f5070c554fdd29e102ab8925f669a896542d998889bfbe7/resolv.conf" to rootfs at "/etc/resolv.conf": possibly malicious path detected -- refusing to operate on /etc/resolv.conf: unknown.

It’s good to change the docker’s root data as mount point loop device.
The loop device create from

1. fallocate -l 1G disk.raw
2. mkfs.ext4 disk.raw
3. losetup -f --show disk.raw
4. mkdir /data1 
5. mount /dev/loop0 /data1/

meyay · September 14, 2024, 10:06am

Please share the output of docker info. I am curious which Storage Driver was used.

heretac · September 15, 2024, 7:24am

Of course, here is the command output.

[root@dc-rclone-55 ~]# docker info
Client: Docker Engine - Community
 Version:    26.1.4
 Context:    default
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.14.1
    Path:     /usr/libexec/docker/cli-plugins/docker-buildx
  compose: Docker Compose (Docker Inc.)
    Version:  v2.27.1
    Path:     /usr/libexec/docker/cli-plugins/docker-compose

Server:
 Containers: 1
  Running: 0
  Paused: 0
  Stopped: 1
 Images: 1
 Server Version: 26.1.4
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Using metacopy: false
  Native Overlay Diff: false
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 1
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: d2d58213f83a351ca8f528a95fbd145f5654e957
 runc version: v1.1.12-0-g51d5e94
 init version: de40ad0
 Security Options:
  seccomp
   Profile: builtin
 Kernel Version: 3.10.0-327.el7.x86_64
 Operating System: CentOS Linux 7 (Core)
 OSType: linux
 Architecture: x86_64
 CPUs: 2
 Total Memory: 3.703GiB
 Name: dc-rclone-55
 ID: 808a6888-a8e4-4003-aff3-82667ab31c43
 Docker Root Dir: /data1/docker
 Debug Mode: false
 Experimental: false
 Insecure Registries:
  10.110.3.78:7860
  115.236.100.11:27860
  121.199.53.95:30002
  192.168.182.10:7000
  mirrorhub.swdcmg.com
  127.0.0.0/8
 Registry Mirrors:
  https://hub.rat.dev/
 Live Restore Enabled: true

WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled

meyay · September 15, 2024, 9:54am

I was wondering if the engine actually detects that the backing filesystem of the data-root is ext4. It does and it even uses the overlay2 storage driver.

It looks like it refuses to mount the container filesystem (or at least a single file from it).
Though, I have no idea what causes this behavior. You could try if it makes a difference if selinux is disabled for testing.

Just to be sure: you are not running your docker engine in an lxc container, right?

violet289 · April 14, 2025, 3:05am

I have the same problem.
The backing filesystem is ext4, it uses overlay2 storage driver.
The filesystem

The error log

runc create failed: unable to start container process: error during container init: error mounting \"/bms2091/ultrasafe_1013/data/containers/dd429f1110553b93ce52e4066ccfaa99767b1439da6db3ce0dba873935bc9b19/resolv.conf\" to rootfs at \"/etc/resolv.conf\": possibly malicious path detected -- refusing to operate on /etc/resolv.conf: unknown" spanID=97f891682b39d8bd traceID=8060daa19cebb32f3693054d54aee9e1

rimelek · April 14, 2025, 6:35pm

It seems this message is shown when the file path is not the same as the real path

github.com/opencontainers/runc

libcontainer/utils/utils_unix.go

021973353


      
          	fh, err := os.OpenFile(path, unix.O_PATH|unix.O_CLOEXEC, 0)
          	if err != nil {
          		return fmt.Errorf("open o_path procfd: %w", err)
          	}
          	defer fh.Close()
          
          	procfd := filepath.Join(procSelfFd, strconv.Itoa(int(fh.Fd())))
          	// Double-check the path is the one we expected.
          	if realpath, err := os.Readlink(procfd); err != nil {
          		return fmt.Errorf("procfd verification failed: %w", err)
          	} else if realpath != path {
          		return fmt.Errorf("possibly malicious path detected -- refusing to operate on %s", realpath)
          	}
          
          	return fn(procfd)
          }
          
          type ProcThreadSelfCloser func()
          
          var (
          	haveProcThreadSelf     bool

Is there a symbolic link somewhere in the path of the Docker data root?

violet289 · April 15, 2025, 1:08am

The path of Docker data root is completely created by Docker, Before this, it’s empty.
I try to use the default data root, The problem still occurs.

I can’t seem to upload my docker log in here，Because I’m a new user.

The part of Docker log

r 14 09:42:25 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:25.644844083+08:00" level=debug msg="container mounted via layerStore: /bms2091/ultrasafe_1013/data/overlay2/4480f90b7b0ac33cf318935fc95aa6f9ecd9ea547f7c365d5f55c619189e8482/merged" container=5a3039b383218142b5a4de3fcdbc6e778084991d103f51c8449a8b8fd6e73690
Apr 14 09:42:25 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:25.645191655+08:00" level=debug msg="Probing all drivers for volume with name: d19bcafbc151cb62c0beb459558fe444b72d8b5f638163875f724f55d26ed13a"
Apr 14 09:42:25 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:25.645362982+08:00" level=debug msg="Registering new volume reference: driver \"local\", name \"d19bcafbc151cb62c0beb459558fe444b72d8b5f638163875f724f55d26ed13a\""
Apr 14 09:42:25 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:25.806605998+08:00" level=debug msg="Calling POST /v1.45/containers/5a3039b383218142b5a4de3fcdbc6e778084991d103f51c8449a8b8fd6e73690/wait?condition=removed" spanID=ef151e514a96785f traceID=3b66489a4003d3d297eb5aaf7821de04
Apr 14 09:42:25 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:25.807935484+08:00" level=debug msg="Calling POST /v1.45/containers/5a3039b383218142b5a4de3fcdbc6e778084991d103f51c8449a8b8fd6e73690/start" spanID=a1ec52b519adf094 traceID=0472a659c452f375662fa5607c0fb1e9
Apr 14 09:42:25 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:25.808802624+08:00" level=debug msg="container mounted via layerStore: /bms2091/ultrasafe_1013/data/overlay2/4480f90b7b0ac33cf318935fc95aa6f9ecd9ea547f7c365d5f55c619189e8482/merged" container=5a3039b383218142b5a4de3fcdbc6e778084991d103f51c8449a8b8fd6e73690
Apr 14 09:42:25 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:25.808966089+08:00" level=debug msg="Assigning addresses for endpoint blissful_austin's interface on network bridge"
Apr 14 09:42:25 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:25.808994572+08:00" level=debug msg="RequestAddress(LocalDefault/172.17.0.0/16, <nil>, map[])"
Apr 14 09:42:25 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:25.809056141+08:00" level=debug msg="Request address PoolID:172.17.0.0/16 Bits: 65536, Unselected: 65533, Sequence: (0xc0000000, 1)->(0x0, 2046)->(0x1, 1)->end Curr:3 Serial:false PrefAddress:invalid IP "
Apr 14 09:42:25 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:25.889321777+08:00" level=debug msg="Assigning addresses for endpoint blissful_austin's interface on network bridge"
Apr 14 09:42:26 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:26.411861776+08:00" level=debug msg="Programming external connectivity on endpoint blissful_austin (6cf940012c5108f8649995a8502ddd21c2fe661d321f77fa1afdfa1afaefb6c2)"
Apr 14 09:42:26 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:26.532395467+08:00" level=debug msg="EnableService 5a3039b383218142b5a4de3fcdbc6e778084991d103f51c8449a8b8fd6e73690 START"
Apr 14 09:42:26 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:26.532441393+08:00" level=debug msg="EnableService 5a3039b383218142b5a4de3fcdbc6e778084991d103f51c8449a8b8fd6e73690 DONE"
Apr 14 09:42:26 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:26.594160719+08:00" level=debug msg="bundle dir created" bundle=/var/run/docker/containerd/5a3039b383218142b5a4de3fcdbc6e778084991d103f51c8449a8b8fd6e73690 module=libcontainerd namespace=moby root=/bms2091/ultrasafe_1013/data/overlay2/4480f90b7b0ac33cf318935fc95aa6f9ecd9ea547f7c365d5f55c619189e8482/merged
Apr 14 09:42:26 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:26.855256720+08:00" level=debug msg="shim bootstrap parameters" address="unix:///run/containerd/s/65904f9a267ae6122cb6c4741b3309f1aa76ae34a64201f17ca4aa5f9fc25359" namespace=moby protocol=ttrpc
Apr 14 09:42:26 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:26.864697952+08:00" level=info msg="loading plugin \"io.containerd.event.v1.publisher\"..." runtime=io.containerd.runc.v2 type=io.containerd.event.v1
Apr 14 09:42:26 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:26.864927904+08:00" level=info msg="loading plugin \"io.containerd.internal.v1.shutdown\"..." runtime=io.containerd.runc.v2 type=io.containerd.internal.v1
Apr 14 09:42:26 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:26.864977942+08:00" level=info msg="loading plugin \"io.containerd.ttrpc.v1.task\"..." runtime=io.containerd.runc.v2 type=io.containerd.ttrpc.v1
Apr 14 09:42:26 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:26.865213347+08:00" level=debug msg="registering ttrpc service" id=io.containerd.ttrpc.v1.task
Apr 14 09:42:26 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:26.865255365+08:00" level=info msg="loading plugin \"io.containerd.ttrpc.v1.pause\"..." runtime=io.containerd.runc.v2 type=io.containerd.ttrpc.v1
Apr 14 09:42:26 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:26.865277583+08:00" level=debug msg="registering ttrpc service" id=io.containerd.ttrpc.v1.pause
Apr 14 09:42:26 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:26.865497932+08:00" level=debug msg="serving api on socket" socket="[inherited from parent]"
Apr 14 09:42:26 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:26.865598214+08:00" level=debug msg="starting signal loop" namespace=moby path=/run/docker/containerd/daemon/io.containerd.runtime.v2.task/moby/5a3039b383218142b5a4de3fcdbc6e778084991d103f51c8449a8b8fd6e73690 pid=13812 runtime=io.containerd.runc.v2
Apr 14 09:42:26 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:26.921126339+08:00" level=debug msg="failed to delete task" error="rpc error: code = NotFound desc = container not created: not found" id=5a3039b383218142b5a4de3fcdbc6e778084991d103f51c8449a8b8fd6e73690
Apr 14 09:42:26 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:26.922584597+08:00" level=info msg="shim disconnected" id=5a3039b383218142b5a4de3fcdbc6e778084991d103f51c8449a8b8fd6e73690 namespace=moby
Apr 14 09:42:26 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:26.922743522+08:00" level=warning msg="cleaning up after shim disconnected" id=5a3039b383218142b5a4de3fcdbc6e778084991d103f51c8449a8b8fd6e73690 namespace=moby
Apr 14 09:42:26 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:26.922766575+08:00" level=info msg="cleaning up dead shim" namespace=moby
Apr 14 09:42:26 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:26.945685984+08:00" level=warning msg="cleanup warnings time=\"2025-04-14T09:42:26+08:00\" level=debug msg=\"starting signal loop\" namespace=moby pid=13843 runtime=io.containerd.runc.v2\ntime=\"2025-04-14T09:42:26+08:00\" level=warning msg=\"failed to read init pid file\" error=\"open /run/docker/containerd/daemon/io.containerd.runtime.v2.task/moby/5a3039b383218142b5a4de3fcdbc6e778084991d103f51c8449a8b8fd6e73690/init.pid: no such file or directory\" runtime=io.containerd.runc.v2\n" namespace=moby
Apr 14 09:42:26 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:26.946565916+08:00" level=error msg="copy shim log" error="read /proc/self/fd/15: file already closed" namespace=moby
Apr 14 09:42:26 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:26.947704967+08:00" level=error msg="stream copy error: reading from a closed fifo"
Apr 14 09:42:26 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:26.947791133+08:00" level=error msg="stream copy error: reading from a closed fifo"
Apr 14 09:42:27 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:27.260375464+08:00" level=debug msg="Revoking external connectivity on endpoint blissful_austin (6cf940012c5108f8649995a8502ddd21c2fe661d321f77fa1afdfa1afaefb6c2)"
Apr 14 09:42:27 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:27.416560836+08:00" level=debug msg="Releasing addresses for endpoint blissful_austin's interface on network bridge"
Apr 14 09:42:27 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:27.416629156+08:00" level=debug msg="ReleaseAddress(LocalDefault/172.17.0.0/16, 172.17.0.2)"
Apr 14 09:42:27 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:27.416684679+08:00" level=debug msg="Released address Address:172.17.0.2 Sequence:Bits: 65536, Unselected: 65533, Sequence: (0xc0000000, 1)->(0x0, 2046)->(0x1, 1)->end Curr:3"
Apr 14 09:42:27 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:27.485829328+08:00" level=debug msg="MountPoint.Cleanup Decrement active count" active=1 id=707be1a569023e9147d8484449127a8faa24a0f2d5138eb762b5170de0cb83d9 spanID=a1ec52b519adf094 traceID=0472a659c452f375662fa5607c0fb1e9
Apr 14 09:42:27 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:27.580560246+08:00" level=debug msg="Removing volume reference: driver local, name d19bcafbc151cb62c0beb459558fe444b72d8b5f638163875f724f55d26ed13a"
Apr 14 09:42:27 4ABMS208 dockerd[9748]: time="2025-04-14T09:42:27.617169512+08:00" level=error msg="Handler for POST /v1.45/containers/5a3039b383218142b5a4de3fcdbc6e778084991d103f51c8449a8b8fd6e73690/start returned error: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting \"/bms2091/ultrasafe_1013/data/containers/5a3039b383218142b5a4de3fcdbc6e778084991d103f51c8449a8b8fd6e73690/resolv.conf\" to rootfs at \"/etc/resolv.conf\": possibly malicious path detected -- refusing to operate on /etc/resolv.conf: unknown" spanID=a1ec52b519adf094 traceID=0472a659c452f375662fa5607c0fb1e9
Apr 14 09:44:17 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:17.371919978+08:00" level=debug msg="Calling HEAD /_ping" spanID=1a0cca5a49eef12f traceID=7fbd8551611e584f7757388570a02066
Apr 14 09:44:38 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:38.262858885+08:00" level=debug msg="Calling HEAD /_ping" spanID=6726dcc25c187faa traceID=1e6577dd5410d99524cf52fdb1ea3931
Apr 14 09:44:57 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:57.517394233+08:00" level=debug msg="Calling HEAD /_ping" spanID=dc1e849ebd011aa2 traceID=39b9c9eccaf4210472fccd91d0ed64b3
Apr 14 09:44:57 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:57.522671295+08:00" level=debug msg="Calling POST /v1.45/containers/create" spanID=e284fea378bbd546 traceID=21dfdca00556b36fc6db99930884f010
Apr 14 09:44:57 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:57.523265071+08:00" level=debug msg="form data: {\"AttachStderr\":false,\"AttachStdin\":false,\"AttachStdout\":false,\"Cmd\":null,\"Domainname\":\"\",\"Entrypoint\":null,\"Env\":[\"TZ=Asia/Shanghai\"],\"HostConfig\":{\"AutoRemove\":true,\"Binds\":[\"/bms2091/ultrasafe_1013/bms_analyse/data:/opt/ultrasafe/data\",\"/bms2091/ultrasafe_1013/bms_analyse/conf:/opt/ultrasafe/conf\"],\"BlkioDeviceReadBps\":[],\"BlkioDeviceReadIOps\":[],\"BlkioDeviceWriteBps\":[],\"BlkioDeviceWriteIOps\":[],\"BlkioWeight\":0,\"BlkioWeightDevice\":[],\"CapAdd\":null,\"CapDrop\":null,\"Cgroup\":\"\",\"CgroupParent\":\"\",\"CgroupnsMode\":\"\",\"ConsoleSize\":[37,186],\"ContainerIDFile\":\"\",\"CpuCount\":0,\"CpuPercent\":0,\"CpuPeriod\":0,\"CpuQuota\":0,\"CpuRealtimePeriod\":0,\"CpuRealtimeRuntime\":0,\"CpuShares\":0,\"CpusetCpus\":\"\",\"CpusetMems\":\"\",\"DeviceCgroupRules\":null,\"DeviceRequests\":null,\"Devices\":[],\"Dns\":[],\"DnsOptions\":[],\"DnsSearch\":[],\"ExtraHosts\":null,\"GroupAdd\":null,\"IOMaximumBandwidth\":0,\"IOMaximumIOps\":0,\"IpcMode\":\"\",\"Isolation\":\"\",\"Links\":null,\"LogConfig\":{\"Config\":{},\"Type\":\"\"},\"MaskedPaths\":null,\"Memory\":0,\"MemoryReservation\":0,\"MemorySwap\":0,\"MemorySwappiness\":-1,\"NanoCpus\":0,\"NetworkMode\":\"default\",\"OomKillDisable\":false,\"OomScoreAdj\":0,\"PidMode\":\"\",\"PidsLimit\":0,\"PortBindings\":{},\"Privileged\":true,\"PublishAllPorts\":false,\"ReadonlyPaths\":null,\"ReadonlyRootfs\":false,\"RestartPolicy\":{\"MaximumRetryCount\":0,\"Name\":\"no\"},\"SecurityOpt\":null,\"ShmSize\":0,\"UTSMode\":\"\",\"Ulimits\":[{\"Hard\":65535,\"Name\":\"nofile\",\"Soft\":65535}],\"UsernsMode\":\"\",\"VolumeDriver\":\"\",\"VolumesFrom\":null},\"Hostname\":\"\",\"Image\":\"bms-collect-analyse:1.0.13.2.RELEASE\",\"Labels\":{},\"NetworkingConfig\":{\"EndpointsConfig\":{\"default\":{\"Aliases\":null,\"DNSNames\":null,\"DriverOpts\":null,\"EndpointID\":\"\",\"Gateway\":\"\",\"GlobalIPv6Address\":\"\",\"GlobalIPv6PrefixLen\":0,\"IPAMConfig\":null,\"IPAddress\":\"\",\"IPPrefixLen\":0,\"IPv6Gateway\":\"\",\"Links\":null,\"MacAddress\":\"\",\"NetworkID\":\"\"}}},\"OnBuild\":null,\"OpenStdin\":false,\"StdinOnce\":false,\"Tty\":false,\"User\":\"\",\"Volumes\":{},\"WorkingDir\":\"\"}" spanID=e284fea378bbd546 traceID=21dfdca00556b36fc6db99930884f010
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.041236186+08:00" level=debug msg="container mounted via layerStore: /bms2091/ultrasafe_1013/data/overlay2/2e24e7a2842074aea07d8f8a69c05ca0074dff9acafff73ecd02b7950c37f53b/merged" container=dd429f1110553b93ce52e4066ccfaa99767b1439da6db3ce0dba873935bc9b19
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.041426260+08:00" level=debug msg="Probing all drivers for volume with name: a15fa82cf992175790bc36f6b81049fb313524a6be83b00173d641fb0a824a87"
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.042761560+08:00" level=debug msg="Registering new volume reference: driver \"local\", name \"a15fa82cf992175790bc36f6b81049fb313524a6be83b00173d641fb0a824a87\""
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.229073407+08:00" level=debug msg="Calling POST /v1.45/containers/dd429f1110553b93ce52e4066ccfaa99767b1439da6db3ce0dba873935bc9b19/wait?condition=removed" spanID=d5262c99e51e4f15 traceID=958a8df29827377a0b63ad9480e9305c
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.230451681+08:00" level=debug msg="Calling POST /v1.45/containers/dd429f1110553b93ce52e4066ccfaa99767b1439da6db3ce0dba873935bc9b19/start" spanID=97f891682b39d8bd traceID=8060daa19cebb32f3693054d54aee9e1
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.231250788+08:00" level=debug msg="container mounted via layerStore: /bms2091/ultrasafe_1013/data/overlay2/2e24e7a2842074aea07d8f8a69c05ca0074dff9acafff73ecd02b7950c37f53b/merged" container=dd429f1110553b93ce52e4066ccfaa99767b1439da6db3ce0dba873935bc9b19
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.231398923+08:00" level=debug msg="Assigning addresses for endpoint clever_mestorf's interface on network bridge"
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.231425197+08:00" level=debug msg="RequestAddress(LocalDefault/172.17.0.0/16, <nil>, map[])"
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.231466257+08:00" level=debug msg="Request address PoolID:172.17.0.0/16 Bits: 65536, Unselected: 65533, Sequence: (0xc0000000, 1)->(0x0, 2046)->(0x1, 1)->end Curr:3 Serial:false PrefAddress:invalid IP "
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.467409219+08:00" level=debug msg="Assigning addresses for endpoint clever_mestorf's interface on network bridge"
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.734173631+08:00" level=debug msg="Programming external connectivity on endpoint clever_mestorf (0c6e9ecd693d639f901a97b5e0d103717a1ac76dc99fc0c9103cdf7eb7491a2d)"
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.767753096+08:00" level=debug msg="EnableService dd429f1110553b93ce52e4066ccfaa99767b1439da6db3ce0dba873935bc9b19 START"
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.767797166+08:00" level=debug msg="EnableService dd429f1110553b93ce52e4066ccfaa99767b1439da6db3ce0dba873935bc9b19 DONE"
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.809801479+08:00" level=debug msg="bundle dir created" bundle=/var/run/docker/containerd/dd429f1110553b93ce52e4066ccfaa99767b1439da6db3ce0dba873935bc9b19 module=libcontainerd namespace=moby root=/bms2091/ultrasafe_1013/data/overlay2/2e24e7a2842074aea07d8f8a69c05ca0074dff9acafff73ecd02b7950c37f53b/merged
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.917963078+08:00" level=debug msg="shim bootstrap parameters" address="unix:///run/containerd/s/5df368bfcc3ecf586948c2d6cb1e014315749d4fc2806212f5dfb78927e6fb4d" namespace=moby protocol=ttrpc
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.925224434+08:00" level=info msg="loading plugin \"io.containerd.event.v1.publisher\"..." runtime=io.containerd.runc.v2 type=io.containerd.event.v1
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.925501679+08:00" level=info msg="loading plugin \"io.containerd.internal.v1.shutdown\"..." runtime=io.containerd.runc.v2 type=io.containerd.internal.v1
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.925548283+08:00" level=info msg="loading plugin \"io.containerd.ttrpc.v1.task\"..." runtime=io.containerd.runc.v2 type=io.containerd.ttrpc.v1
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.925722904+08:00" level=debug msg="registering ttrpc service" id=io.containerd.ttrpc.v1.task
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.925772180+08:00" level=info msg="loading plugin \"io.containerd.ttrpc.v1.pause\"..." runtime=io.containerd.runc.v2 type=io.containerd.ttrpc.v1
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.925797656+08:00" level=debug msg="registering ttrpc service" id=io.containerd.ttrpc.v1.pause
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.926907757+08:00" level=debug msg="serving api on socket" socket="[inherited from parent]"
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.926974900+08:00" level=debug msg="starting signal loop" namespace=moby path=/run/docker/containerd/daemon/io.containerd.runtime.v2.task/moby/dd429f1110553b93ce52e4066ccfaa99767b1439da6db3ce0dba873935bc9b19 pid=14207 runtime=io.containerd.runc.v2
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.984334462+08:00" level=debug msg="failed to delete task" error="rpc error: code = NotFound desc = container not created: not found" id=dd429f1110553b93ce52e4066ccfaa99767b1439da6db3ce0dba873935bc9b19
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.984878438+08:00" level=info msg="shim disconnected" id=dd429f1110553b93ce52e4066ccfaa99767b1439da6db3ce0dba873935bc9b19 namespace=moby
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.984990962+08:00" level=warning msg="cleaning up after shim disconnected" id=dd429f1110553b93ce52e4066ccfaa99767b1439da6db3ce0dba873935bc9b19 namespace=moby
Apr 14 09:44:58 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:58.985028181+08:00" level=info msg="cleaning up dead shim" namespace=moby
Apr 14 09:44:59 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:59.005791158+08:00" level=warning msg="cleanup warnings time=\"2025-04-14T09:44:58+08:00\" level=debug msg=\"starting signal loop\" namespace=moby pid=14237 runtime=io.containerd.runc.v2\ntime=\"2025-04-14T09:44:59+08:00\" level=warning msg=\"failed to read init pid file\" error=\"open /run/docker/containerd/daemon/io.containerd.runtime.v2.task/moby/dd429f1110553b93ce52e4066ccfaa99767b1439da6db3ce0dba873935bc9b19/init.pid: no such file or directory\" runtime=io.containerd.runc.v2\n" namespace=moby
Apr 14 09:44:59 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:59.006716327+08:00" level=error msg="copy shim log" error="read /proc/self/fd/15: file already closed" namespace=moby
Apr 14 09:44:59 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:59.007754683+08:00" level=error msg="stream copy error: reading from a closed fifo"
Apr 14 09:44:59 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:59.007857001+08:00" level=error msg="stream copy error: reading from a closed fifo"
Apr 14 09:44:59 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:59.248359830+08:00" level=debug msg="Revoking external connectivity on endpoint clever_mestorf (0c6e9ecd693d639f901a97b5e0d103717a1ac76dc99fc0c9103cdf7eb7491a2d)"
Apr 14 09:44:59 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:59.376587498+08:00" level=debug msg="Releasing addresses for endpoint clever_mestorf's interface on network bridge"
Apr 14 09:44:59 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:59.376659667+08:00" level=debug msg="ReleaseAddress(LocalDefault/172.17.0.0/16, 172.17.0.2)"
Apr 14 09:44:59 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:59.376707400+08:00" level=debug msg="Released address Address:172.17.0.2 Sequence:Bits: 65536, Unselected: 65533, Sequence: (0xc0000000, 1)->(0x0, 2046)->(0x1, 1)->end Curr:3"
Apr 14 09:44:59 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:59.427568453+08:00" level=debug msg="MountPoint.Cleanup Decrement active count" active=1 id=a45e10dc251d170febd18c6bc050e6ddf9789b3467ddb75766aaebed79dbffb5 spanID=97f891682b39d8bd traceID=8060daa19cebb32f3693054d54aee9e1
Apr 14 09:44:59 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:59.533908281+08:00" level=debug msg="Removing volume reference: driver local, name a15fa82cf992175790bc36f6b81049fb313524a6be83b00173d641fb0a824a87"
Apr 14 09:44:59 4ABMS208 dockerd[9748]: time="2025-04-14T09:44:59.568325134+08:00" level=error msg="Handler for POST /v1.45/containers/dd429f1110553b93ce52e4066ccfaa99767b1439da6db3ce0dba873935bc9b19/start returned error: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting \"/bms2091/ultrasafe_1013/data/containers/dd429f1110553b93ce52e4066ccfaa99767b1439da6db3ce0dba873935bc9b19/resolv.conf\" to rootfs at \"/etc/resolv.conf\": possibly malicious path detected -- refusing to operate on /etc/resolv.conf: unknown" spanID=97f891682b39d8bd traceID=8060daa19cebb32f3693054d54aee9e1

Topic		Replies	Views
Changing runtime directory in daemon.json causes docker.service to fail General docker	7	2253	July 13, 2020
Docker fails to start after creating daemon.json with using the data-root configuration option General docker	6	19514	October 2, 2019
Docker service won’t start after changing data-root to clustered shared volume Docker Desktop windows	1	6756	August 27, 2018
Unable to restart the container when the data of data-root is lost General docker	1	1045	March 7, 2019
Unable to Change Docker Default Root Data Directory General	2	998	August 10, 2024

Docker change data-root as loop device,fail to run container

Related topics