Up until recently, I had no issues with my using Remote Containers with an Ubuntu image (via a Dockerfile and docker-compose since I also need to run a mongodb container). Admittedly, I have not ran my remote container for over a month. I attempted to run my remote container on the latest version of VS Code on my Apple Silicone M1 MacBook Pro and get the below output with basically /dev/null: Permission denied
killing the VS Code Server install. (Though the containers are actually running) I thought this was going to be isolated to running on the M1, however it occurs on my Intel MacBook Pro as well now.
Here is the output from remoteContainers.log
:
[2021-04-15T00:12:46.190Z] [PID 19883] [2 ms] Remote-Containers 0.166.1 in VS Code 1.55.2 (3c4e3df9e89829dce27b7b5c24508306b151f30d).
[2021-04-15T00:12:46.317Z] [PID 19883] [129 ms] Start: Resolving Remote
[2021-04-15T00:12:46.317Z] [PID 19883] [129 ms] Setting up container for folder or workspace: /Users/<redacted>/Projects/<redacted>
[2021-04-15T00:12:46.318Z] [PID 19883] [130 ms] Start: Check Docker is running
[2021-04-15T00:12:46.318Z] [PID 19883] [130 ms] Start: Run: docker version --format {{.Server.APIVersion}}
[2021-04-15T00:12:46.492Z] [PID 19883] [303 ms] Server API version: 1.41
[2021-04-15T00:12:46.500Z] [PID 19883] [312 ms] Start: Run: docker-compose version --short
[2021-04-15T00:12:46.779Z] [PID 19883] [591 ms] Start: Run: docker ps -q -a --filter label=com.docker.compose.project=<redacted>_devcontainer --filter label=com.docker.compose.service=app
[2021-04-15T00:12:46.952Z] [PID 19883] [764 ms] Start: Run: docker-compose -f /Users/<redacted>/Projects/<redacted>/.devcontainer/docker-compose.yml config --services
[2021-04-15T00:12:47.256Z] [PID 19883] [1068 ms] db
app
[2021-04-15T00:12:47.256Z] [PID 19883] [1068 ms]
[2021-04-15T00:12:47.256Z] [PID 19883] [1068 ms] Start: Run: docker events --format {{json .}} --filter event=start
[2021-04-15T00:12:47.257Z] [PID 19883] [1069 ms] Start: Run: docker-compose --project-name <redacted>_devcontainer -f /Users/<redacted>/Projects/<redacted>/.devcontainer/docker-compose.yml up -d --build
[2021-04-15T00:12:47.598Z] [PID 19883] Docker Compose is now in the Docker CLI, try `docker compose up`
[2021-04-15T00:12:47.660Z] [PID 19883] Building app
[2021-04-15T00:12:48.162Z] [PID 19883]
[2021-04-15T00:12:48.162Z] [PID 19883]
[2021-04-15T00:12:48.163Z] [PID 19883] [+] Building 0.0s (0/1)
[2021-04-15T00:12:48.278Z] [PID 19883] [+] Building 0.1s (2/3)
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 3.92kB 0.0s
=> [internal] load .dockerignore 0.0s
[2021-04-15T00:12:48.279Z] [PID 19883] => => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/ubuntu:20.04 0.0s
[2021-04-15T00:12:48.427Z] [PID 19883] [+] Building 0.3s (2/3)
[2021-04-15T00:12:48.428Z] [PID 19883] => [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 3.92kB 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/ubuntu:20.04 0.1s
[2021-04-15T00:12:48.582Z] [PID 19883]
[2021-04-15T00:12:48.582Z] [PID 19883] [+] Building 0.4s (2/3)
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 3.92kB 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/ubuntu:20.04 0.3s
[2021-04-15T00:12:48.684Z] [PID 19883]
[2021-04-15T00:12:48.684Z] [PID 19883] [+] Building 0.5s (2/4)
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 3.92kB 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/ubuntu:20.04 0.4s
=> [auth] library/ubuntu:pull token for registry-1.docker.io 0.0s
[2021-04-15T00:12:48.835Z] [PID 19883]
[2021-04-15T00:12:48.835Z] [PID 19883] [+] Building 0.7s (3/4)
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 3.92kB 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/ubuntu:20.04 0.6s
=> [auth] library/ubuntu:pull token for registry-1.docker.io 0.0s
[2021-04-15T00:12:48.990Z] [PID 19883] [+] Building 0.8s (3/4)
=> [internal] load build definition from Dockerfile 0.0s
[2021-04-15T00:12:48.990Z] [PID 19883] => => transferring dockerfile: 3.92kB 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/ubuntu:20.04 0.7s
=> [auth] library/ubuntu:pull token for registry-1.docker.io 0.0s
[2021-04-15T00:12:49.141Z] [PID 19883]
[2021-04-15T00:12:49.141Z] [PID 19883] [+] Building 1.0s (3/4)
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 3.92kB 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/ubuntu:20.04 0.9s
=> [auth] library/ubuntu:pull token for registry-1.docker.io 0.0s
[2021-04-15T00:12:49.293Z] [PID 19883]
[2021-04-15T00:12:49.294Z] [PID 19883] [+] Building 1.1s (3/4)
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 3.92kB 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/ubuntu:20.04 1.0s
=> [auth] library/ubuntu:pull token for registry-1.docker.io 0.0s
[2021-04-15T00:12:49.365Z] [PID 19883]
[2021-04-15T00:12:49.365Z] [PID 19883] [+] Building 1.2s (17/17) FINISHED
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 3.92kB 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/ubuntu:20.04 1.1s
=> [auth] library/ubuntu:pull token for registry-1.docker.io 0.0s
=> [ 1/12] FROM docker.io/library/ubuntu:20.04@sha256:3c9c713e0979e9bd6061ed52ac1e9 0.0s
=> CACHED [ 2/12] RUN apt-get update && apt-get -y install --no-install-recomme 0.0s
=> CACHED [ 3/12] RUN localedef -c -i en_US -f UTF-8 en_US.UTF-8 && locale-gen 0.0s
=> CACHED
[2021-04-15T00:12:49.365Z] [PID 19883] [ 4/12] RUN groupadd --gid 1000 coder && useradd --uid 1000 --gid 100 0.0s
=> CACHED [ 5/12] WORKDIR /home/coder 0.0s
=> CACHED [ 6/12] RUN wget https://github.com/ohmyzsh/ohmyzsh/raw/master/tools/inst 0.0s
=> CACHED [ 7/12] RUN wget https://deb.nodesource.com/setup_12.x -O - | sudo -E bas 0.0s
=> CACHED [ 8/12] RUN npm -g update 0.0s
=> CACHED [ 9/12] RUN npm install -g eslint 0.0s
=> CACHED [10/12] RUN wget https://bin.equinox.io/c/4VmDzA7iaHb/ngrok-stable-linux- 0.0s
=> CACHED [11/12] RUN echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] ht 0.0s
=> CACHED [12/12] RUN apt-get autoremove -y && apt-get clean -y && rm -rf / 0.0s
=> exporting to image 0.0s
=> => exporting layers
[2021-04-15T00:12:49.366Z] [PID 19883] 0.0s
=> => writing image sha256:98ed4f19cd7ec4ff88e27b697c3a7bf9154cdd06436955c28ccf190f 0.0s
=> => naming to docker.io/library/<redacted>_devcontainer_app 0.0s
[2021-04-15T00:12:49.376Z] [PID 19883] Successfully built 98ed4f19cd7ec4ff88e27b697c3a7bf9154cdd06436955c28ccf190f1376a252
[2021-04-15T00:12:49.399Z] [PID 19883] db is up-to-date
[2021-04-15T00:12:49.406Z] [PID 19883] Creating app ...
[2021-04-15T00:12:49.792Z] [PID 19883]
Creating app ... done
[2021-04-15T00:12:49.836Z] [PID 19883] [3648 ms] Start: Run: docker ps -q -a --filter label=com.docker.compose.project=<redacted>_devcontainer --filter label=com.docker.compose.service=app
[2021-04-15T00:12:50.008Z] [PID 19883] [3820 ms] Start: Run: docker inspect --type container f745c3fa01a1
[2021-04-15T00:12:50.168Z] [PID 19883] [3980 ms] Start: Inspecting container
[2021-04-15T00:12:50.168Z] [PID 19883] [3980 ms] Start: Run: docker inspect --type container f745c3fa01a153c03fb114148d2b2a29ff560f8e92ae5b4c4dc952cf1e6512f2
[2021-04-15T00:12:50.333Z] [PID 19883] [4145 ms] Start: Run in container: /bin/sh
[2021-04-15T00:12:50.334Z] [PID 19883] [4146 ms] Start: Run in container: uname -m
[2021-04-15T00:12:50.565Z] [PID 19883] [4376 ms] aarch64
[2021-04-15T00:12:50.565Z] [PID 19883] [4377 ms]
[2021-04-15T00:12:50.565Z] [PID 19883] [4377 ms] Start: Run in container: (cat /etc/os-release || cat /usr/lib/os-release) 2>/dev/null
[2021-04-15T00:12:50.566Z] [PID 19883] [4378 ms]
[2021-04-15T00:12:50.566Z] [PID 19883] [4378 ms] /bin/sh: 2: cannot create /dev/null: Permission denied
[2021-04-15T00:12:50.566Z] [PID 19883] [4378 ms] Exit code 2
[2021-04-15T00:12:50.566Z] [PID 19883] [4378 ms] Start: Run in container: cat /etc/passwd
[2021-04-15T00:12:50.570Z] [PID 19883] [4382 ms] Start: Updating configuration state
[2021-04-15T00:12:50.574Z] [PID 19883] [4386 ms] Start: Setup shutdown monitor
[2021-04-15T00:12:50.575Z] [PID 19883] [4387 ms] Forking shutdown monitor: /Users/<redacted>/.vscode/extensions/ms-vscode-remote.remote-containers-0.166.1/dist/shutdown/shutdownMonitorProcess /var/folders/3w/b44z5p2j5t3glm0jtv89j8fm0000gn/T/vscode-remote-containers-57a7544ee35d334a24c2adfa9898ab4c339e8081.sock dockerCompose Info /Users/<redacted>/Library/Application Support/Code/logs/20210414T192126/exthost1/ms-vscode-remote.remote-containers 1618445566188
[2021-04-15T00:12:50.576Z] [PID 19883] [4388 ms] Start: Run in container: test -d /home/coder/.vscode-server
[2021-04-15T00:12:50.577Z] [PID 19883] [4389 ms]
[2021-04-15T00:12:50.577Z] [PID 19883] [4389 ms]
[2021-04-15T00:12:50.577Z] [PID 19883] [4389 ms] Exit code 1
[2021-04-15T00:12:50.577Z] [PID 19883] [4389 ms] Start: Run in container: test -d /home/coder/.vscode-remote
[2021-04-15T00:12:50.579Z] [PID 19883] [4391 ms]
[2021-04-15T00:12:50.579Z] [PID 19883] [4391 ms]
[2021-04-15T00:12:50.579Z] [PID 19883] [4391 ms] Exit code 1
[2021-04-15T00:12:50.580Z] [PID 19883] [4392 ms] Start: Run in container: set -o noclobber ; mkdir -p '/home/coder/.vscode-server/data/Machine' && { > '/home/coder/.vscode-server/data/Machine/.writeMachineSettingsMarker' ; } 2> /dev/null
[2021-04-15T00:12:50.587Z] [PID 19883] [4399 ms]
[2021-04-15T00:12:50.587Z] [PID 19883] [4399 ms] /bin/sh: 6: cannot create /dev/null: Permission denied
[2021-04-15T00:12:50.587Z] [PID 19883] [4399 ms] Exit code 2
[2021-04-15T00:12:50.587Z] [PID 19883] [4399 ms] Start: Run in container: cat /home/coder/.vscode-server/data/Machine/settings.json
[2021-04-15T00:12:50.592Z] [PID 19883] [4404 ms]
[2021-04-15T00:12:50.592Z] [PID 19883] [4404 ms] cat: /home/coder/.vscode-server/data/Machine/settings.json: No such file or directory
[2021-04-15T00:12:50.592Z] [PID 19883] [4404 ms] Exit code 1
[2021-04-15T00:12:50.592Z] [PID 19883] [4404 ms]
Support for ARM64 is in preview.
[2021-04-15T00:12:50.592Z] [PID 19883] [4404 ms] Start: Run in container: test -d /home/coder/.vscode-server/bin/3c4e3df9e89829dce27b7b5c24508306b151f30d
[2021-04-15T00:12:50.594Z] [PID 19883] [4406 ms]
[2021-04-15T00:12:50.594Z] [PID 19883] [4406 ms]
[2021-04-15T00:12:50.594Z] [PID 19883] [4406 ms] Exit code 1
[2021-04-15T00:12:50.594Z] [PID 19883] [4406 ms] Installing VS Code Server for commit 3c4e3df9e89829dce27b7b5c24508306b151f30d
[2021-04-15T00:12:50.594Z] [PID 19883] [4406 ms] Start: Installing VS Code Server
[2021-04-15T00:12:50.594Z] [PID 19883] [4406 ms] Start: Run in container: mkdir -p /home/coder/.vscode-server/bin/3c4e3df9e89829dce27b7b5c24508306b151f30d_1618445570594
[2021-04-15T00:12:50.596Z] [PID 19883] [4408 ms]
[2021-04-15T00:12:50.596Z] [PID 19883] [4408 ms]
[2021-04-15T00:12:50.605Z] [PID 19883] [4417 ms] Start: Run in container: (dd iflag=fullblock bs=8192 count=3764 2>/dev/null; dd iflag=fullblock bs=15 count=1 2>/dev/null) | tar --no-same-owner -xz --strip-components 1 -C /home/coder/.vscode-server/bin/3c4e3df9e89829dce27b7b5c24508306b151f30d_1618445570594
[2021-04-15T00:12:50.620Z] [PID 19883] [4432 ms]
[2021-04-15T00:12:50.620Z] [PID 19883] [4432 ms] /bin/sh: 10: cannot create /dev/null: Permission denied
/bin/sh: 10: cannot create /dev/null: Permission denied
gzip: stdin: unexpected end of file
tar: Child returned status 1
tar: Error is not recoverable: exiting now
[2021-04-15T00:12:50.620Z] [PID 19883] [4432 ms] Exit code 2
[2021-04-15T00:12:50.620Z] [PID 19883] [4432 ms] Start: Downloading VS Code Server
[2021-04-15T00:12:53.003Z] [PID 19883] [6815 ms] Start: Installing VS Code Server
[2021-04-15T00:12:53.003Z] [PID 19883] [6815 ms] Start: Run in container: mkdir -p /home/coder/.vscode-server/bin/3c4e3df9e89829dce27b7b5c24508306b151f30d_1618445573003
[2021-04-15T00:12:53.003Z] [PID 19883] [6815 ms] Stdin closed!
[2021-04-15T00:12:53.006Z] [PID 19883] [6818 ms] Shell server terminated (code: 2, signal: null)
Here is my devcontainer.json
{
"name": "<redacted>",
"dockerComposeFile": "docker-compose.yml",
"service": "app",
"workspaceFolder": "/workspace",
// Settings speicifc to vscode instance inside of DevContainer
"settings": {
"terminal.integrated.shell.linux": "/bin/zsh" // Specifying ZSH as shell
},
// Extension IDs of VS Code Extensions to install
"extensions": [
"editorconfig.editorconfig",
"dbaeumer.vscode-eslint",
"esbenp.prettier-vscode",
"mechatroner.rainbow-csv",
"ms-azuretools.vscode-docker",
"eamodio.gitlens"
],
// Ports to forward to Host machine from Container network. Specifically opening:
// a. MongoDB Admin - 27017
// b. ngrok - 4040
"forwardPorts": [27017, 4040],
// Exiting DevContainer runs docker-compose down to properly shutdown containers. Default action.
"shutdownAction": "stopCompose",
// Specifies a command that should be run after the container has been created.
"postCreateCommand": "npm install",
// Non-root user for Dev Container
"remoteUser": "coder"
}
Here is my docker-compose.yml
:
services:
app:
container_name: app
build:
context: .
dockerfile: Dockerfile
tty: true
privileged: true
restart: always
volumes:
- ..:/workspace:cached
network_mode: service:db
db:
container_name: db
image: mongo:latest
tty: true
restart: always
volumes:
- /Users/<redacted>/Projects/Docker/mongoData:/data/db
And, finally, here Dockerfile
:
FROM ubuntu:latest
LABEL Maintainer = "<redacted>"
# Switching to non-interactive for cotainer build
ENV DEBIAN_FRONTEND=noninteractive
# Specify arguments for creation of non-root user in container (created after apt installs)
# Microsoft Article on non-root users in containers:
# https://aka.ms/vscode-remote/containers/non-root-user
# For VS Code Remote Cotaniners use the "remoteUser" property in devcontainer.json
# to use non-root user
ARG USERNAME=coder
ARG USER_UID=1000
ARG USER_GID=$USER_UID
# Configure apt and install packages
RUN apt-get update \
&& apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \
#
# Verify git and needed tools are installed
&& apt-get -y install \
apt-transport-https \
ca-certificates \
git \
gnupg \
iproute2 \
iputils-ping \
locales \
procps \
software-properties-common \
sudo \
unzip \
wget \
zsh
# Configure en_US.UTF-8 Locale
## apt-get package: locales
ENV LANGUAGE=en_US.UTF-8 \
LANG=en_US.UTF-8 \
LC_ALL=en_US.UTF-8
RUN localedef -c -i en_US -f UTF-8 en_US.UTF-8 \
&& locale-gen en_US.UTF-8 \
&& dpkg-reconfigure locales
# Set up User and grant sudo privileges
# apt-get package: sudo
RUN groupadd --gid $USER_GID $USERNAME \
&& useradd --uid $USER_UID --gid $USER_GID --shell /bin/zsh --create-home $USERNAME \
&& echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \
&& chmod 0440 /etc/sudoers.d/$USERNAME
WORKDIR /home/$USERNAME
# Install & Configure OhMyZSH
# apt-get package: zsh
RUN wget https://github.com/ohmyzsh/ohmyzsh/raw/master/tools/install.sh -O - | zsh || true \
&& cp -R /root/.oh-my-zsh /home/$USERNAME \
&& cp /root/.zsh* /home/$USERNAME \
&& sed -i "s/\/root/\/home\/${USERNAME}/g" /home/"${USERNAME}"/.zshrc \
&& sed -i "s/ZSH_THEME=\"robbyrussell\"/ZSH_THEME=\"maran\"/g" /home/"${USERNAME}"/.zshrc
# Install NodeJS 12 LTS via nodesource
# https://github.com/nodesource/distributions/blob/master/README.md
# apt-get package: wget
RUN wget https://deb.nodesource.com/setup_12.x -O - | sudo -E bash - \
&& sudo apt-get install -y nodejs
# Update NPM
RUN npm -g update
# Install eslint globally
RUN npm install -g eslint
# Install ngrok
# apt-get package: wget, unzip
RUN wget https://bin.equinox.io/c/4VmDzA7iaHb/ngrok-stable-linux-arm64.tgz --progress=bar \
&& tar -xvf ngrok-stable-linux-arm64.tgz \
&& mv ngrok /usr/local/bin/ \
&& rm -f ngrok-stable-linux-amd64.zip
# Install Google Cloud SDK
# apt-get package: apt-transport-https, ca-certificates, python, gnupg & wget
# Add the Cloud SDK distribution URI as a package source:
RUN echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main" | sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list \
#
# Import the Google Cloud public key
&& wget https://packages.cloud.google.com/apt/doc/apt-key.gpg -O - | sudo apt-key --keyring /usr/share/keyrings/cloud.google.gpg add - \
#
# Update the list of products
&& apt-get update \
# Install PowerShell, .NET and ASP.NET Core
&& apt-get install -y \
google-cloud-sdk
# Clean up
RUN apt-get autoremove -y \
&& apt-get clean -y \
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
# Use non-root user as default account when launching container
USER $USERNAME
# Switching back to interactive after container build
ENV DEBIAN_FRONTEND=dialog
If I console into the container I get the following errors in my console:
$ docker exec -it f745c3fa01a153c03fb114148d2b2a29ff560f8e92ae5b4c4dc952cf1e6512f2 /bin/zsh
compaudit:103: permission denied: /dev/null
/home/coder/.oh-my-zsh/oh-my-zsh.sh:63: permission denied: /dev/null
/home/coder/.oh-my-zsh/oh-my-zsh.sh:67: permission denied: /dev/null
handle_completion_insecurities:13: permission denied: /dev/null
/home/coder/.oh-my-zsh/oh-my-zsh.sh:88: permission denied: /dev/null
grep-flags-available:1: permission denied: /dev/null
grep-flags-available:1: permission denied: /dev/null
/home/coder/.oh-my-zsh/lib/theme-and-appearance.zsh:35: permission denied: /dev/null
/home/coder/.oh-my-zsh/lib/theme-and-appearance.zsh:35: permission denied: /dev/null
/home/coder/.oh-my-zsh/lib/theme-and-appearance.zsh:43: permission denied: /dev/null
/home/coder/.oh-my-zsh/plugins/git/git.plugin.zsh:3: permission denied: /dev/null
git_prompt_info:3: permission denied: /dev/null
coder@8c9354fbe7f3:/home/coder $
I am doing something wrong, I must be. I've failed at Googling this for the last 4 days and hoping someone can help me.
Ugh. As soon as I submitted this, I noticed an update to Docker. I check out the release notes for Docker for Mac Release Notes - Docker Desktop 3.3.1:
Bug fixes and minor changes Docker Desktop now ensures the permissions of /dev/null and other devices are correctly set to 0666 (rw-rw-rw-) inside --privileged containers. Fixes docker/for-mac#5527
As soon as I upgraded, container builds.