devcontainers in vscode 1.86 no longer start when using an unprivileged remoteUser #204152

scalpel4k · 2024-02-02T15:17:57Z

With the vscode 1.86 update devcontainers that are started with a non-root remoteUser do not start.

During container start some script tries to run sbin/ldconfig which of course says Permission denied.

Installing older devcontainer extensions doesn't solve the problem.

Although I haven't tested yet, this should also be problematic with Alpine based containers since there ldconfig doesn't even exist.

We had to revert to vscode 1.85.2 which fixed the problem for us, for now.

The text was updated successfully, but these errors were encountered:

chrmarti · 2024-02-02T18:14:57Z

Please append the Dev Containers log from when this happens. (F1 > Dev Containers: Show Container Log)

starball5 · 2024-02-02T18:31:24Z

Any relation to #203964?

scalpel4k · 2024-02-03T07:14:30Z

I've used vscode insiders for getting the log output, but it's the same for the actual release!

As mentioned, we use an unprivileged remoteUser inside the container. Doing the same without setting remoteUser the container is starting as intended.

[68 ms] Dev Containers 0.339.0 in VS Code 1.87.0-insider (2af613979f646fc4dcebfeaedc7d14f138c7b072).
[68 ms] Start: Resolving Remote
[74 ms] Setting up container for folder or workspace: /home/devel/git/libraries/libthreading
[76 ms] Start: Check Docker is running
[77 ms] Start: Run: docker version
[105 ms] Client:
 Version:           24.0.7-ce
 API version:       1.43
 Go version:        go1.20.11
 Git commit:        311b9ff0aa93
 Built:             Fri Oct 27 00:00:00 2023
 OS/Arch:           linux/amd64
 Context:           default

Server:
 Engine:
  Version:          24.0.7-ce
  API version:      1.43 (minimum version 1.12)
  Go version:       go1.20.11
  Git commit:       311b9ff0aa93
  Built:            Fri Oct 27 00:00:00 2023
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          v1.7.10
  GitCommit:        4e1fe7492b9df85914c389d1f15a3ceedbb280ac
 crun:
  Version:          1.14
  GitCommit:        667e6ebd4e2442d39512e63215e79d693d0780aa
 docker-init:
  Version:          0.2.0_catatonit
  GitCommit:        
[107 ms] Start: Run: docker volume ls -q
[125 ms] Start: Run: docker ps -q -a --filter label=vsch.local.folder=/home/devel/git/libraries/libthreading --filter label=vsch.quality=insider
[143 ms] Start: Run: docker ps -q -a --filter label=devcontainer.local_folder=/home/devel/git/libraries/libthreading --filter label=devcontainer.config_file=/home/devel/git/libraries/libthreading/.devcontainer/devcontainer.json
[161 ms] Start: Run: docker inspect --type container 8a22e4617c5c
[178 ms] Start: Run: docker ps -q -a --filter label=devcontainer.local_folder=/home/devel/git/libraries/libthreading
[195 ms] Start: Run: docker inspect --type container 8a22e4617c5c
[212 ms] Start: Run: docker exec -i -u root 8a22e4617c5cda0d73faf24b14571930dd5d077315dd9e921fced8daefbf2c6f /bin/sh -c echo "Container already running. Keep-alive process started." ; export VSCODE_REMOTE_CONTAINERS_SESSION=d8769fc4-ebc2-4e54-8dc9-98aa2e8674471706944051207 ; /bin/sh
[218 ms] Start: Run: /usr/share/code-insiders/code-insiders /home/devel/.vscode-insiders/extensions/ms-vscode-remote.remote-containers-0.339.0/dist/spec-node/devContainersSpecCLI.js read-configuration --workspace-folder /home/devel/git/libraries/libthreading --id-label devcontainer.local_folder=/home/devel/git/libraries/libthreading --id-label devcontainer.config_file=/home/devel/git/libraries/libthreading/.devcontainer/devcontainer.json --log-level debug --log-format json --config /home/devel/git/libraries/libthreading/.devcontainer/devcontainer.json --mount-workspace-git-root
[241 ms] Container already running. Keep-alive process started.
[516 ms] @devcontainers/cli 0.56.0. Node.js v18.17.1. linux 6.7.2-1-default x64.
[516 ms] Start: Run: docker ps -q -a --filter label=devcontainer.local_folder=/home/devel/git/libraries/libthreading --filter label=devcontainer.config_file=/home/devel/git/libraries/libthreading/.devcontainer/devcontainer.json
[535 ms] Start: Run: docker inspect --type container 8a22e4617c5c
[559 ms] Start: Run: /usr/share/code-insiders/code-insiders /home/devel/.vscode-insiders/extensions/ms-vscode-remote.remote-containers-0.339.0/dist/spec-node/devContainersSpecCLI.js up --user-data-folder /home/devel/.config/Code - Insiders/User/globalStorage/ms-vscode-remote.remote-containers/data --container-session-data-folder /tmp/devcontainers-d8769fc4-ebc2-4e54-8dc9-98aa2e8674471706944051207 --workspace-folder /home/devel/git/libraries/libthreading --workspace-mount-consistency cached --id-label devcontainer.local_folder=/home/devel/git/libraries/libthreading --id-label devcontainer.config_file=/home/devel/git/libraries/libthreading/.devcontainer/devcontainer.json --log-level debug --log-format json --config /home/devel/git/libraries/libthreading/.devcontainer/devcontainer.json --default-user-env-probe loginInteractiveShell --mount type=volume,source=vscode,target=/vscode,external=true --skip-post-create --update-remote-user-uid-default on --mount-workspace-git-root
[858 ms] @devcontainers/cli 0.56.0. Node.js v18.17.1. linux 6.7.2-1-default x64.
[858 ms] Start: Run: docker buildx version
[925 ms] github.com/docker/buildx 0.12.1 v0.12.1
[925 ms] 
[925 ms] Start: Resolving Remote
[931 ms] Error loading extra certificates from /var/lib/ca-certificates/pem: EISDIR: illegal operation on a directory, read
[1069 ms] Start: Run: docker ps -q -a --filter label=devcontainer.local_folder=/home/devel/git/libraries/libthreading --filter label=devcontainer.config_file=/home/devel/git/libraries/libthreading/.devcontainer/devcontainer.json
[1087 ms] Start: Run: docker inspect --type container 8a22e4617c5c
[1105 ms] Start: Inspecting container
[1105 ms] Start: Run: docker inspect --type container 8a22e4617c5cda0d73faf24b14571930dd5d077315dd9e921fced8daefbf2c6f
[1123 ms] Start: Run in container: /bin/sh
[1128 ms] Start: Run in container: uname -m
[1151 ms] x86_64
[1151 ms] 
[1151 ms] Start: Run in container: (cat /etc/os-release || cat /usr/lib/os-release) 2>/dev/null
[1153 ms] PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
[1153 ms] 
[1153 ms] Start: Run in container:  (command -v getent >/dev/null 2>&1 && getent passwd 'devel' || grep -E '^devel|^[^:]*:[^:]*:devel:' /etc/passwd || true)
[1156 ms] Start: Run in container: test -f '/var/devcontainer/.patchEtcEnvironmentMarker'
[1157 ms] 
[1157 ms] 
[1157 ms] Exit code 1
[1157 ms] Start: Run in container: /bin/sh
[1162 ms] Start: Run in container: test ! -f '/var/devcontainer/.patchEtcEnvironmentMarker' && set -o noclobber && mkdir -p '/var/devcontainer' && { > '/var/devcontainer/.patchEtcEnvironmentMarker' ; } 2> /dev/null
[1204 ms] 
[1204 ms] 
[1204 ms] Start: Run in container: cat >> /etc/environment <<'etcEnvrionmentEOF'
[1206 ms] 
[1206 ms] 
[1206 ms] Start: Run in container: test -f '/var/devcontainer/.patchEtcProfileMarker'
[1207 ms] 
[1207 ms] 
[1207 ms] Exit code 1
[1207 ms] Start: Run in container: test ! -f '/var/devcontainer/.patchEtcProfileMarker' && set -o noclobber && mkdir -p '/var/devcontainer' && { > '/var/devcontainer/.patchEtcProfileMarker' ; } 2> /dev/null
[1209 ms] 
[1209 ms] 
[1209 ms] Start: Run in container: sed -i -E 's/((^|\s)PATH=)([^\$]*)$/\1${PATH:-\3}/g' /etc/profile || true
[1217 ms] 
[1217 ms] 
[1224 ms] Start: Run: docker inspect --type container 8a22e4617c5cda0d73faf24b14571930dd5d077315dd9e921fced8daefbf2c6f
[1244 ms] Start: Run: /usr/share/code-insiders/code-insiders /home/devel/.vscode-insiders/extensions/ms-vscode-remote.remote-containers-0.339.0/dist/spec-node/devContainersSpecCLI.js read-configuration --workspace-folder /home/devel/git/libraries/libthreading --id-label devcontainer.local_folder=/home/devel/git/libraries/libthreading --id-label devcontainer.config_file=/home/devel/git/libraries/libthreading/.devcontainer/devcontainer.json --container-id 8a22e4617c5cda0d73faf24b14571930dd5d077315dd9e921fced8daefbf2c6f --log-level debug --log-format json --config /home/devel/git/libraries/libthreading/.devcontainer/devcontainer.json --include-merged-configuration --mount-workspace-git-root
[1537 ms] @devcontainers/cli 0.56.0. Node.js v18.17.1. linux 6.7.2-1-default x64.
[1537 ms] Start: Run: docker inspect --type container 8a22e4617c5cda0d73faf24b14571930dd5d077315dd9e921fced8daefbf2c6f
[1564 ms] Start: Inspecting container
[1564 ms] Start: Run: docker inspect --type container 8a22e4617c5cda0d73faf24b14571930dd5d077315dd9e921fced8daefbf2c6f
[1583 ms] Start: Run in container: /bin/sh
[1588 ms] Start: Run in container: uname -m
[1611 ms] x86_64
[1611 ms] 
[1611 ms] Start: Run in container: (cat /etc/os-release || cat /usr/lib/os-release) 2>/dev/null
[1613 ms] PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
[1616 ms] 
[1616 ms] Start: Run in container:  (command -v getent >/dev/null 2>&1 && getent passwd 'devel' || grep -E '^devel|^[^:]*:[^:]*:devel:' /etc/passwd || true)
[1620 ms] Start: Setup shutdown monitor
[1620 ms] Forking shutdown monitor: /home/devel/.vscode-insiders/extensions/ms-vscode-remote.remote-containers-0.339.0/dist/shutdown/shutdownMonitorProcess /run/user/1001/vscode-remote-containers-9e602c03-0b60-4b07-ae2a-a235c65a2ce1.sock singleContainer Debug /home/devel/.config/Code - Insiders/logs/20240203T080504/window1/exthost/ms-vscode-remote.remote-containers 1706944051868
[1627 ms] Start: Run in container: test -d '/home/devel/.vscode-server-insiders'
[1628 ms] 
[1629 ms] 
[1629 ms] Exit code 1
[1629 ms] Start: Run in container: test -d '/home/devel/.vscode-remote'
[1630 ms] 
[1630 ms] 
[1630 ms] Exit code 1
[1631 ms] Start: Run in container: test ! -f '/home/devel/.vscode-server-insiders/data/Machine/.writeMachineSettingsMarker' && set -o noclobber && mkdir -p '/home/devel/.vscode-server-insiders/data/Machine' && { > '/home/devel/.vscode-server-insiders/data/Machine/.writeMachineSettingsMarker' ; } 2> /dev/null
[1634 ms] 
[1634 ms] 
[1634 ms] Start: Run in container: mkdir -p '/home/devel/.vscode-server-insiders/data/Machine' && cat >'/home/devel/.vscode-server-insiders/data/Machine/settings.json' <<'settingsJSON'
[1638 ms] 
[1639 ms] 
[1639 ms] Start: Run in container: test -d '/home/devel/.vscode-server-insiders/bin/2af613979f646fc4dcebfeaedc7d14f138c7b072-insider'
[1640 ms] 
[1640 ms] 
[1641 ms] Exit code 1
[1641 ms] Start: Run in container: test -d '/vscode/vscode-server-insiders/bin/linux-x64/2af613979f646fc4dcebfeaedc7d14f138c7b072-insider'
[1642 ms] 
[1642 ms] 
[1642 ms] Exit code 1
[1643 ms] Installing VS Code Server for commit 2af613979f646fc4dcebfeaedc7d14f138c7b072
[1644 ms] Start: Run in container: /bin/sh
[1651 ms] Start: Downloading VS Code Server
[1651 ms] 2af613979f646fc4dcebfeaedc7d14f138c7b072 linux-x64 insider 
[22316 ms] Start: Installing VS Code Server
[22317 ms] Start: Run in container: mkdir -p /vscode/vscode-server-insiders/bin/linux-x64/2af613979f646fc4dcebfeaedc7d14f138c7b072-insider_1706944074185
[22319 ms] 
[22319 ms] 
[22347 ms] Start: Run in container: (dd iflag=fullblock bs=8192 count=6985 2>/dev/null; dd iflag=fullblock bs=6036 count=1 2>/dev/null) | tar --no-same-owner -xz -C /vscode/vscode-server-insiders/bin/linux-x64/2af613979f646fc4dcebfeaedc7d14f138c7b072-insider_1706944074185
[23667 ms] 
[23667 ms] 
[23667 ms] Start: Run in container: mv -n /vscode/vscode-server-insiders/bin/linux-x64/2af613979f646fc4dcebfeaedc7d14f138c7b072-insider_1706944074185/* /vscode/vscode-server-insiders/bin/linux-x64/2af613979f646fc4dcebfeaedc7d14f138c7b072-insider && rmdir /vscode/vscode-server-insiders/bin/linux-x64/2af613979f646fc4dcebfeaedc7d14f138c7b072-insider_1706944074185
[23677 ms] 
[23677 ms] 
[23677 ms] Start: Run in container: mkdir -p '/home/devel/.vscode-server-insiders/bin' && ln -snf '/vscode/vscode-server-insiders/bin/linux-x64/2af613979f646fc4dcebfeaedc7d14f138c7b072-insider' '/home/devel/.vscode-server-insiders/bin/2af613979f646fc4dcebfeaedc7d14f138c7b072-insider'
[23682 ms] 
[23682 ms] 
[23682 ms] Start: Run in container: touch '/vscode/vscode-server-insiders/bin/linux-x64/2af613979f646fc4dcebfeaedc7d14f138c7b072-insider' && cd '/vscode/vscode-server-insiders/bin/linux-x64' && ls -td *[^_]????????????? | tail -n +10 | xargs rm -rf
[23683 ms] Start: Run in container: test -x '/home/devel/.vscode-server-insiders/bin/2af613979f646fc4dcebfeaedc7d14f138c7b072-insider/bin/helpers/check-requirements.sh'
[23684 ms] 
[23684 ms] 
[23684 ms] Start: Run in container: '/home/devel/.vscode-server-insiders/bin/2af613979f646fc4dcebfeaedc7d14f138c7b072-insider/bin/helpers/check-requirements.sh'
[23687 ms] 
[23687 ms] 
[23694 ms] 
[23694 ms] /home/devel/.vscode-server-insiders/bin/2af613979f646fc4dcebfeaedc7d14f138c7b072-insider/bin/helpers/check-requirements.sh: line 56: /sbin/ldconfig: Permission denied
[23694 ms] Exit code 1
[23700 ms] Command in container failed: '/home/devel/.vscode-server-insiders/bin/2af613979f646fc4dcebfeaedc7d14f138c7b072-insider/bin/helpers/check-requirements.sh'
[23700 ms] /home/devel/.vscode-server-insiders/bin/2af613979f646fc4dcebfeaedc7d14f138c7b072-insider/bin/helpers/check-requirements.sh: line 56: /sbin/ldconfig: Permission denied
[23701 ms] Exit code 1

chrmarti · 2024-02-05T16:40:38Z

@deepak1556 This looks like another case to handle in the requirements script: check-requirements.sh: line 56: /sbin/ldconfig: Permission denied

VinceVega7 · 2024-03-07T19:36:40Z

Still failing

deepak1556 · 2024-03-22T04:57:05Z

Please check if the issue is present with latest insiders and pre-release version of the devcontainers extension. We have made some changes to install stage as part of #206790 which might address the issue here.

scalpel4k · 2024-03-28T11:29:39Z

Version: 1.88.0-insider
Commit: 9e0b3f3
Date: 2024-03-27T21:46:06.351Z
Electron: 28.2.8
ElectronBuildId: 27744544
Chromium: 120.0.6099.291
Node.js: 18.18.2
V8: 12.0.267.19-electron.0
OS: Linux x64 6.8.1-1-default

With this version it's still failing

vscodenpa · 2024-06-17T11:25:01Z

Hey @deepak1556, this issue might need further attention.

@scalpel4k, you can help us out by closing this issue if the problem no longer exists, or adding more information.

vscodenpa assigned chrmarti Feb 2, 2024

chrmarti added the info-needed Issue requires more information from poster label Feb 2, 2024

chrmarti assigned deepak1556 and unassigned chrmarti Feb 5, 2024

chrmarti removed the info-needed Issue requires more information from poster label Feb 5, 2024

deepak1556 added bug Issue identified by VS Code Team member as probable bug remote Remote system operations issues labels Feb 5, 2024

deepak1556 added this to the February 2024 milestone Feb 5, 2024

deepak1556 modified the milestones: February 2024, March 2024 Feb 22, 2024

falloutkid mentioned this issue Feb 23, 2024

check-requirements.sh fails microsoft/vscode-remote-release#9584

Closed

deepak1556 added the info-needed Issue requires more information from poster label Mar 22, 2024

deepak1556 removed this from the March 2024 milestone Mar 22, 2024

scalpel4k closed this as completed Jun 22, 2024

vs-code-engineering bot locked and limited conversation to collaborators Aug 6, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

devcontainers in vscode 1.86 no longer start when using an unprivileged remoteUser #204152

devcontainers in vscode 1.86 no longer start when using an unprivileged remoteUser #204152

scalpel4k commented Feb 2, 2024

chrmarti commented Feb 2, 2024

starball5 commented Feb 2, 2024

scalpel4k commented Feb 3, 2024

chrmarti commented Feb 5, 2024

VinceVega7 commented Mar 7, 2024

deepak1556 commented Mar 22, 2024

scalpel4k commented Mar 28, 2024

vscodenpa commented Jun 17, 2024

devcontainers in vscode 1.86 no longer start when using an unprivileged remoteUser #204152

devcontainers in vscode 1.86 no longer start when using an unprivileged remoteUser #204152

Comments

scalpel4k commented Feb 2, 2024

chrmarti commented Feb 2, 2024

starball5 commented Feb 2, 2024

scalpel4k commented Feb 3, 2024

chrmarti commented Feb 5, 2024

VinceVega7 commented Mar 7, 2024

deepak1556 commented Mar 22, 2024

scalpel4k commented Mar 28, 2024

vscodenpa commented Jun 17, 2024