All builds fail with "runc run failed: unable to start container process" #792
Description
Description
Since a new version of the docker.io/moby/buildkit image got pulled, I can no longer build any images.
I am always getting errors like:
=> ERROR [2/7] RUN set -ex && apk --no-cache add sudo openssh-client && echo "node-red ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoe 0.5s
------
> [2/7] RUN set -ex && apk --no-cache add sudo openssh-client && echo "node-red ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers:
#0 0.185 runc run failed: unable to start container process: error during container init: error mounting "cgroup" to rootfs at "/sys/fs/cgroup": mount cgroup:/sys/fs/cgroup/openrc (via /proc/self/fd/6), flags: 0xf, data: openrc: invalid argument
------
failed to solve: process "/bin/sh -c set -ex && apk --no-cache add sudo openssh-client && echo \"node-red ALL=(ALL) NOPASSWD: ALL\" >> /etc/sudoers" did not complete successfully: exit code: 1
Note that I have
- upgraded colima
- rebooted machine
- removed buildkit image
- upgraded macos
but I am still facing the same problem.
Maybe it is related to the fact that my qemu-system-x86_64 is not signed.
mac-jan:my-question-generator jan$ codesign --verify /Users/jan/.colima/_wrapper/4e1b408f843d1c63afbbdcf80c40e4c88d33509f/bin/qemu-system-x86_64
/Users/jan/.colima/_wrapper/4e1b408f843d1c63afbbdcf80c40e4c88d33509f/bin/qemu-system-x86_64: code object is not signed at all
In architecture: x86_64
mac-jan:my-question-generator jan$
Version
Colima Version: HEAD-afe81c4 git commit: afe81c4
Lima Version: 0.17.2
Qemu Version: 8.1.0
Operating System
- macOS Intel <= 12 (Monterrey)
- macOS Intel >= 13 (Ventura)
- macOS M1 <= 12 (Monterrey)
- macOS M1 >= 13 (Ventura)
- Linux
Output of colima status
INFO[0000] colima is running using QEMU
INFO[0000] arch: x86_64
INFO[0000] runtime: docker
INFO[0000] mountType: sshfs
INFO[0000] socket: unix:///Users/jan/.colima/default/docker.sock
Reproduction Steps
- start colima (
colima start) - assuring that my docker context is pointing to colima (
unix:///Users/jan/.colima/default/docker.soc) - try to build the container using docker-compose (e.g.
docker-compose -f docker-compose.yml up -d --build)
Expected behaviour
The container should be build without errors.
Additional context
When starting colima it is reporting also an error about qemu-system-x86_64 is not properly signed
mac-jan:my-question-generator jan$ colima start
INFO[0000] starting colima
INFO[0000] runtime: docker
INFO[0000] preparing network ... context=vm
INFO[0000] starting ... context=vm
> Using the existing instance "colima"
> "QEMU binary \"/Users/jan/.colima/_wrapper/4e1b408f843d1c63afbbdcf80c40e4c88d33509f/bin/qemu-system-x86_64\" is not properly signed with the \"com.apple.security.hypervisor\" entitlement" error="failed to run [codesign --verify /Users/jan/.colima/_wrapper/4e1b408f843d1c63afbbdcf80c40e4c88d33509f/bin/qemu-system-x86_64]: exit status 1 (out=\"/Users/jan/.colima/_wrapper/4e1b408f843d1c63afbbdcf80c40e4c88d33509f/bin/qemu-system-x86_64: code object is not signed at all\\nIn architecture: x86_64\\n\")"
> You have to sign the QEMU binary with the "com.apple.security.hypervisor" entitlement manually. See https://github.com/lima-vm/lima/issues/1742 .
> [hostagent] Starting QEMU (hint: to watch the boot progress, see "/Users/jan/.lima/colima/serial*.log")
> SSH Local Port: 50980
> [hostagent] Waiting for the essential requirement 1 of 5: "ssh"
No response