我做了一个基于Ubuntu的发包app镜像,并安装了tcpdump
。当我用--privileged
启动容器并尝试tcpdump -i eth0
时,报错:
root@test:/home/test# docker run --rm -ti --privileged mytliulei/xfdsend /bin/bash
root@6199493fb2b9:/# tcpdump -i eth0
tcpdump: error while loading shared libraries: libcrypto.so.1.0.0: cannot open shared object file: Permission denied
但是当我在没有--privileged
的情况下启动Docker容器,就可以了。为什么?
root@test:/home/test# docker run --rm -ti mytliulei/xfdsend /bin/bash
root@c7b7e2a9ec99:/# tcpdump -i eth0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
Docker 版本:
docker version
Client version: 1.6.0
Client API version: 1.18
Go version (client): go1.4.2
Git commit (client): 4749651
OS/Arch (client): linux/amd64
Server version: 1.6.0
Server API version: 1.18
Go version (server): go1.4.2
Git commit (server): 4749651
OS/Arch (server): linux/amd64
Dockerfile:
FROM ubuntu:14.04
MAINTAINER Liu Lei <xxx@gmail.com>
RUN apt-get update \
&& apt-get install -y python \
python-dev \
tcpdump
RUN pip2 install scapy \
&& pip2 install rpyc \
&& pip2 install robotremoteserver \
&& pip2 install daemonocle
最佳答案
我前几天碰到这个错误,错误似乎与:
https://github.com/dotcloud/docker/issues/5490
对我有用的解决方法是移动 tcpdump:
(例如 tcpdump 中的 mv 与 dockerfile)
RUN apt-get -y install tcpdump
RUN mv /usr/sbin/tcpdump /usr/bin/tcpdump
关于docker - tcpdump 在以 --privileged 开头的 Docker 容器中报告错误,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/30663245/