What installation are you running?
Production (netalertx) 📦
Is there an existing issue for this?
The issue occurs in the following browsers. Select at least 2.
Current Behavior
Hi,
the docker run command from https://docs.netalertx.com/DOCKER_INSTALLATION/#docker-guide-releases-docs-plugins-website does not start a docker container.
The docker run command from https://github.com/netalertx/NetAlertX ("Quick Start") does create a container that is constantly restarting.
If I run docker run --rm -it ghcr.io/netalertx/netalertx:latest the first few lines in the resulting output are:
Startup pre-checks
--> data migration.sh
--> capabilities audit.sh
--> mounts.py
env: can't execute 'python3': Operation not permitted
mounts.py: FAILED with 126
Failure detected in: /entrypoint.d/15-mounts.py
Further errors may be possible.
I found the issue #1545 with a similar error message but that was closed already.
I am willing to provide further information or logs (if I know where to find them). Right now I don't have a docker-compose.yml or can set the highest log level in Settings -> Core.
Thanks in advance
MojoMC
Expected Behavior
I expected the docker container to start and not restart constantly.
Steps To Reproduce
I prepared my fresh basic DietPi Installation for NetAlertX by installing Docker, Docker-Compose and Python 3 via dietpi-software.
Otherwise I just used the docker run command from https://docs.netalertx.com/DOCKER_INSTALLATION/#docker-guide-releases-docs-plugins-website and from https://github.com/netalertx/NetAlertX ("Quick Start").
Relevant app.conf settings
docker-compose.yml
Debug or Trace enabled
Relevant app.log section
PASTE LOG HERE. Using the triple backticks preserves format.
Docker Logs
_ _ _ ___ _ _ __ __
| \ | | | | / _ \| | | | \ \ / /
| \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
| . |/ _ \ __| _ | |/ _ \ __| __|/ \
| |\ | __/ |_| | | | | __/ | | |_/ /^\ \
\_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
Network intruder and presence detector.
https://netalertx.com
Startup pre-checks
--> data migration.sh
--> capabilities audit.sh
--> mounts.py
env: can't execute 'python3': Operation not permitted
mounts.py: FAILED with 126
Failure detected in: /entrypoint.d/15-mounts.py
--> first run config.sh
══════════════════════════════════════════════════════════════════════════════
🆕 First run detected. Default configuration written to /data/config/app.conf.
Review your settings in the UI or edit the file directly before trusting
this instance in production.
══════════════════════════════════════════════════════════════════════════════
--> first run db.sh
══════════════════════════════════════════════════════════════════════════════
🆕 First run detected — building initial database at: /data/db/app.db
Do not interrupt this step. When complete, consider backing up the fresh
DB before onboarding sensitive or critical networks.
══════════════════════════════════════════════════════════════════════════════
--> mandatory folders.sh
--> apply conf override.sh
--> override individual settings.sh
--> host optimization.sh
══════════════════════════════════════════════════════════════════════════════
⚠️ WARNING: ARP flux sysctls are not set.
Expected values:
net.ipv4.conf.all.arp_ignore=1
net.ipv4.conf.all.arp_announce=2
Note: If using 'network_mode: host', setting these via docker-compose sysctls
requires the NET_ADMIN capability. When granted, these sysctls will
modify the host namespace. Otherwise, you must configure them directly
on your host operating system instead.
Detection accuracy may be reduced until configured.
See: https://docs.netalertx.com/docker-troubleshooting/arp-flux-sysctls/
══════════════════════════════════════════════════════════════════════════════
--> writable config.sh
--> nginx config.sh
--> expected user id match.sh
--> host mode network.sh
══════════════════════════════════════════════════════════════════════════════
⚠️ ATTENTION: NetAlertX is not running with --network=host.
Bridge networking blocks passive discovery (ARP, NBNS, mDNS) and active
scanning accuracy. Most plugins expect raw access to the LAN through host
networking and CAP_NET_RAW capabilities.
Restart the container with:
docker run --network=host --cap-add=NET_RAW --cap-add=NET_ADMIN --cap-add=NET_BIND_SERVICE
or set "network_mode: host" in docker-compose.yml.
https://docs.netalertx.com/docker-troubleshooting/network-mode
══════════════════════════════════════════════════════════════════════════════
--> excessive capabilities.sh
══════════════════════════════════════════════════════════════════════════════
⚠️ Warning: Excessive capabilities detected (bounding caps: 0x00000000a80425fb).
Only CHOWN, SETGID, SETUID, NET_ADMIN, NET_BIND_SERVICE, and NET_RAW are
required in this container. Please remove unnecessary capabilities.
https://docs.netalertx.com/docker-troubleshooting/excessive-capabilities
══════════════════════════════════════════════════════════════════════════════
--> appliance integrity.sh
══════════════════════════════════════════════════════════════════════════════
⚠️ Warning: Container is running as read-write, not in read-only mode.
Please mount the root filesystem as --read-only or use read_only: true
https://docs.netalertx.com/docker-troubleshooting/read-only-filesystem
══════════════════════════════════════════════════════════════════════════════
--> ports available.sh
Container startup checks failed with exit code 126.
Note: su-exec failed (exit 0); continuing as current user without privilege drop.
ℹ️ NetAlertX startup: Running privilege check and path priming as ROOT.
(On modern systems, privileges will be dropped to PUID after setup)
_ _ _ ___ _ _ __ __
| \ | | | | / _ \| | | | \ \ / /
| \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
| . |/ _ \ __| _ | |/ _ \ __| __|/ \
| |\ | __/ |_| | | | | __/ | | |_/ /^\ \
\_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
Network intruder and presence detector.
https://netalertx.com
Startup pre-checks
--> data migration.sh
--> capabilities audit.sh
--> mounts.py
env: can't execute 'python3': Operation not permitted
mounts.py: FAILED with 126
Failure detected in: /entrypoint.d/15-mounts.py
--> first run config.sh
--> first run db.sh
--> mandatory folders.sh
--> apply conf override.sh
--> override individual settings.sh
--> host optimization.sh
══════════════════════════════════════════════════════════════════════════════
⚠️ WARNING: ARP flux sysctls are not set.
Expected values:
net.ipv4.conf.all.arp_ignore=1
net.ipv4.conf.all.arp_announce=2
Note: If using 'network_mode: host', setting these via docker-compose sysctls
requires the NET_ADMIN capability. When granted, these sysctls will
modify the host namespace. Otherwise, you must configure them directly
on your host operating system instead.
Detection accuracy may be reduced until configured.
See: https://docs.netalertx.com/docker-troubleshooting/arp-flux-sysctls/
══════════════════════════════════════════════════════════════════════════════
--> writable config.sh
--> nginx config.sh
--> expected user id match.sh
--> host mode network.sh
══════════════════════════════════════════════════════════════════════════════
⚠️ ATTENTION: NetAlertX is not running with --network=host.
Bridge networking blocks passive discovery (ARP, NBNS, mDNS) and active
scanning accuracy. Most plugins expect raw access to the LAN through host
networking and CAP_NET_RAW capabilities.
Restart the container with:
docker run --network=host --cap-add=NET_RAW --cap-add=NET_ADMIN --cap-add=NET_BIND_SERVICE
or set "network_mode: host" in docker-compose.yml.
https://docs.netalertx.com/docker-troubleshooting/network-mode
══════════════════════════════════════════════════════════════════════════════
--> excessive capabilities.sh
══════════════════════════════════════════════════════════════════════════════
⚠️ Warning: Excessive capabilities detected (bounding caps: 0x00000000a80425fb).
Only CHOWN, SETGID, SETUID, NET_ADMIN, NET_BIND_SERVICE, and NET_RAW are
required in this container. Please remove unnecessary capabilities.
https://docs.netalertx.com/docker-troubleshooting/excessive-capabilities
══════════════════════════════════════════════════════════════════════════════
--> appliance integrity.sh
══════════════════════════════════════════════════════════════════════════════
⚠️ Warning: Container is running as read-write, not in read-only mode.
Please mount the root filesystem as --read-only or use read_only: true
https://docs.netalertx.com/docker-troubleshooting/read-only-filesystem
══════════════════════════════════════════════════════════════════════════════
--> ports available.sh
Container startup checks failed with exit code 126.
Note: su-exec failed (exit 0); continuing as current user without privilege drop.
_ _ _ ___ _ _ __ __
| \ | | | | / _ \| | | | \ \ / /
| \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
| . |/ _ \ __| _ | |/ _ \ __| __|/ \
| |\ | __/ |_| | | | | __/ | | |_/ /^\ \
\_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
Network intruder and presence detector.
https://netalertx.com
Startup pre-checks
--> data migration.sh
--> capabilities audit.sh
--> mounts.py
env: can't execute 'python3': Operation not permitted
mounts.py: FAILED with 126
Failure detected in: /entrypoint.d/15-mounts.py
--> first run config.sh
--> first run db.sh
--> mandatory folders.sh
--> apply conf override.sh
--> override individual settings.sh
--> host optimization.sh
══════════════════════════════════════════════════════════════════════════════
⚠️ WARNING: ARP flux sysctls are not set.
Expected values:
net.ipv4.conf.all.arp_ignore=1
net.ipv4.conf.all.arp_announce=2
Note: If using 'network_mode: host', setting these via docker-compose sysctls
requires the NET_ADMIN capability. When granted, these sysctls will
modify the host namespace. Otherwise, you must configure them directly
on your host operating system instead.
Detection accuracy may be reduced until configured.
See: https://docs.netalertx.com/docker-troubleshooting/arp-flux-sysctls/
══════════════════════════════════════════════════════════════════════════════
--> writable config.sh
--> nginx config.sh
--> expected user id match.sh
NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
--> host mode network.sh
══════════════════════════════════════════════════════════════════════════════
⚠️ ATTENTION: NetAlertX is not running with --network=host.
Bridge networking blocks passive discovery (ARP, NBNS, mDNS) and active
scanning accuracy. Most plugins expect raw access to the LAN through host
networking and CAP_NET_RAW capabilities.
Restart the container with:
docker run --network=host --cap-add=NET_RAW --cap-add=NET_ADMIN --cap-add=NET_BIND_SERVICE
or set "network_mode: host" in docker-compose.yml.
https://docs.netalertx.com/docker-troubleshooting/network-mode
══════════════════════════════════════════════════════════════════════════════
--> excessive capabilities.sh
══════════════════════════════════════════════════════════════════════════════
⚠️ Warning: Excessive capabilities detected (bounding caps: 0x00000000a80425fb).
Only CHOWN, SETGID, SETUID, NET_ADMIN, NET_BIND_SERVICE, and NET_RAW are
required in this container. Please remove unnecessary capabilities.
https://docs.netalertx.com/docker-troubleshooting/excessive-capabilities
══════════════════════════════════════════════════════════════════════════════
--> appliance integrity.sh
══════════════════════════════════════════════════════════════════════════════
⚠️ Warning: Container is running as read-write, not in read-only mode.
Please mount the root filesystem as --read-only or use read_only: true
https://docs.netalertx.com/docker-troubleshooting/read-only-filesystem
══════════════════════════════════════════════════════════════════════════════
--> ports available.sh
Container startup checks failed with exit code 126.
What installation are you running?
Production (netalertx) 📦
Is there an existing issue for this?
The issue occurs in the following browsers. Select at least 2.
Current Behavior
Hi,
the docker run command from https://docs.netalertx.com/DOCKER_INSTALLATION/#docker-guide-releases-docs-plugins-website does not start a docker container.
The docker run command from https://github.com/netalertx/NetAlertX ("Quick Start") does create a container that is constantly restarting.
If I run
docker run --rm -it ghcr.io/netalertx/netalertx:latestthe first few lines in the resulting output are:Startup pre-checks
--> data migration.sh
--> capabilities audit.sh
--> mounts.py
env: can't execute 'python3': Operation not permitted
mounts.py: FAILED with 126
Failure detected in: /entrypoint.d/15-mounts.py
Further errors may be possible.
I found the issue #1545 with a similar error message but that was closed already.
I am willing to provide further information or logs (if I know where to find them). Right now I don't have a
docker-compose.ymlor can set the highest log level in Settings -> Core.Thanks in advance
MojoMC
Expected Behavior
I expected the docker container to start and not restart constantly.
Steps To Reproduce
I prepared my fresh basic DietPi Installation for NetAlertX by installing Docker, Docker-Compose and Python 3 via
dietpi-software.Otherwise I just used the docker run command from https://docs.netalertx.com/DOCKER_INSTALLATION/#docker-guide-releases-docs-plugins-website and from https://github.com/netalertx/NetAlertX ("Quick Start").
Relevant
app.confsettingsdocker-compose.yml
Debug or Trace enabled
Relevant
app.logsectionDocker Logs