我制作了一个基于Ubuntu的数据包发送应用程序镜像,并安装了tcpdump。当我使用--privileged启动容器并尝试tcpdump -i eth0时,它报告一个错误:

root@test:/home/test# docker run --rm -ti --privileged mytliulei/xfdsend /bin/bash
root@6199493fb2b9:/# tcpdump -i eth0
tcpdump: error while loading shared libraries: libcrypto.so.1.0.0: cannot open shared object file: Permission denied

但是当我启动没有--privileged的Docker容器时,没问题。为什么?
root@test:/home/test# docker run --rm -ti  mytliulei/xfdsend /bin/bash
root@c7b7e2a9ec99:/# tcpdump -i eth0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes

Docker版本:
docker version
Client version: 1.6.0
Client API version: 1.18
Go version (client): go1.4.2
Git commit (client): 4749651
OS/Arch (client): linux/amd64
Server version: 1.6.0
Server API version: 1.18
Go version (server): go1.4.2
Git commit (server): 4749651
OS/Arch (server): linux/amd64

Dockerfile:
FROM ubuntu:14.04
MAINTAINER Liu Lei <[email protected]>

RUN apt-get update \
    && apt-get install -y python \
    python-dev \
    tcpdump

RUN pip2 install scapy \
    && pip2 install rpyc \
    && pip2 install robotremoteserver \
    && pip2 install daemonocle

最佳答案

几天前我遇到了这个错误,该错误似乎与以下内容有关:

https://github.com/dotcloud/docker/issues/5490

一个对我有用的解决方法是移动tcpdump:

(例如tcpdump中的MV和dockerfile)

RUN apt-get -y install tcpdump
RUN mv /usr/sbin/tcpdump /usr/bin/tcpdump

关于docker - tcpdump报告以--privileged开头的Docker容器中的错误,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/30663245/

10-16 06:13