Docker Community Forums

Share and learn in the Docker community.

Lsmod and modprobe not found


(Davenso) #1

How can I get lsmod and modprobe installed in an image from Ubuntu 14? The docker image is originally from docker hub, from a tomcat:7 image

More specifically, what “apt-get install” or “update” command should I run?

I need these commands because I want to install device drivers for my newly formed image.


(David Maze) #2

That question doesn’t really make sense. Since Docker containers share the host kernel, and Linux kernel modules have to match the running kernel exactly, there’s almost no way you could have a valid set of modules you could dynamically load, even if you were allowed to load modules, which by default you aren’t.

(If you ran a privileged container that happened to embed modules for, say, kernel 4.4.0-22-generic, the container would only run on Ubuntu 16.04, and wouldn’t run if there was a kernel update or I changed the stock kernel or my host was Ubuntu 14.04 or my host was CentOS 7.)

You’ve looked at “apt-cache search” and packages.ubuntu.com already?


(Davenso) #3

I got the packages installed with apt-get install kmod. lsmod and lsprobe are now available.

Regarding the first part of your question, I think I got a hint of what you mean. I think I would re-frame and re-ask my question in a separate thread. Essentially what I am trying to do is this: -
The host machine has a PCI device driver installed. I want to be able to access this same device from my container.


(Nathan Le Claire) #4

If module is loaded into the kernel from the host already it will be available inside the container. Containers use the exact same kernel from the host and are just userspace processes with special properties. You may have to grant the container access to the device using flag such as --device to docker run.


(Davenso) #5

This is great. So, the driver module is installed and loaded in host. I can see the PCI device as

$ lspci | grep some-code
    10:11.2 device type: vendor-name identifier

How then should I use the --device flag in docker run command? Should it be --device "10:11.2" or --device "identifier" or something of that sort to make this device available to the container?


(Nathan Le Claire) #6

@davenso I think you want to use the actual path on the filesystem, e.g. --device /dev/snd:/dev/snd. See https://docs.docker.com/engine/reference/run/#/runtime-privilege-and-linux-capabilities for reference.


(Davenso) #7

docker run --privileged

works! :slight_smile:


(Nathan Le Claire) #8

It’s also highly insecure. I really suggest you avoid --privileged if possible and specify more granular permissions.


(Davenso) #9

Yeah, I wanted to do something like --device /dev/mypci_device:/dev/mypci_device, but I can’t find what directory my pci device is mapped to.

I did lspci as described above, but not sure where device is still.