Container crashing with no clear error

[robcalcroft]

When I run in TrueNAS with an external IP assigned and connected to my bridge network on the NAS, it just crashes on boot with no error message. Any ideas what could cause this?

[aimzieslol]

Seeing this problem as well.

[dvcrn]

You need to NET_ADMIN and NET_RAW to the container

docker run --name wyl \
	-e "IFACES=$YOURIFACE" \
	-e "TZ=$YOURTIMEZONE" \
	--network="host" \
	--cap-add=NET_ADMIN --cap-add=NET_RAW \
	-v $DOCKERDATAPATH/wyl:/data/WatchYourLAN \
    aceberg/watchyourlan:v2

[fREAST]

Have this issue as well.

2024/09/01 11:19:52 INFO Log level=DEBUG
2024/09/01 11:19:52 INFO Using DB type=sqlite
2024/09/01 11:19:52 INFO Config dir path=/data/WatchYourLAN
2024/09/01 11:19:52 INFO ===================================
2024/09/01 11:19:52 INFO Web GUI at http://0.0.0.0:8840
2024/09/01 11:19:52 INFO ===================================
2024/09/01 11:19:52 INFO Removing all History before date="2024-08-30 11:19:52"
2024/09/01 11:19:52 INFO Removed records from History n=0
2024/09/01 11:19:52 DEBUG Scanning interface "eth0"
2024/09/01 11:19:52 DEBUG /usr/bin/arp-scan -glNx -I "eth0"
2024/09/01 11:19:52 ERROR exit status 1
2024/09/01 11:19:52 DEBUG Found IPs:

Running the arp-scan from inside the container seems to work.

/app # /usr/bin/arp-scan -glNx -I "eth0"
192.168.1.4   12:13:xx:xx:xx:xx       (Unknown: locally administered)
192.168.1.5   b4:45:xx:xx:xx:xx       Dell Inc.
192.168.1.1     10:13:xx:xx:xx:xx       Technicolor Delivery Technologies Belgium NV
192.168.1.2     c4:ea:xx:xx:xx:xx       Technicolor Delivery Technologies Belgium NV

Tried running with the NET_ADMIN and NET_RAW capabilities, but still get the same error.

Edit: Solved it, the issue was in my docker compose file, I had specified the interface like this:
- IFACES="eth0" so it was trying to run the arp-scan on the interface "eth0" which does not exist, its only eth0.

[MrSpock]

Adding cap-add=* doesn't help on MacOS:

+ docker run --rm --name wyl -e IFACES=en8 -e TZ=UTC --network=host --cap-add=NET_ADMIN --cap-add=NET_RAW -v /tmp/.wyl:/data/WatchYourLAN aceberg/watchyourlan:v2
2024/09/01 10:03:33 INFO Log level=INFO
2024/09/01 10:03:33 INFO Using DB type=sqlite
2024/09/01 10:03:33 INFO Config dir path=/data/WatchYourLAN
2024/09/01 10:03:33 INFO ===================================
2024/09/01 10:03:33 INFO Web GUI at http://0.0.0.0:8840
2024/09/01 10:03:33 INFO ===================================
2024/09/01 10:03:33 INFO Removing all History before date="2024-08-30 10:03:33"
2024/09/01 10:03:33 INFO Removed records from History n=0
2024/09/01 10:03:33 ERROR exit status 1

[replete]

Same problem on MacOS 14:

$ docker run --name wyl \
        -e "IFACES=en0" \
        -e "TZ=Europe" \
        --network="host" \
        -v wyl:/data/WatchYourLAN \
    aceberg/watchyourlan:v2
Unable to find image 'aceberg/watchyourlan:v2' locally
v2: Pulling from aceberg/watchyourlan
c6a83fedfae6: Pull complete
20a7ffdd62ec: Pull complete
0e1328a53f86: Pull complete
c50d63a95b7a: Pull complete
Digest: sha256:c1bc72021443ddbea860b78ffeb871ab9a3edec1b15e35413c84470eee5456f3
Status: Downloaded newer image for aceberg/watchyourlan:v2
2024/09/01 10:38:46 INFO Log level=INFO
2024/09/01 10:38:46 INFO Using DB type=sqlite
2024/09/01 10:38:46 INFO Config dir path=/data/WatchYourLAN
2024/09/01 10:38:46 INFO ===================================
2024/09/01 10:38:46 INFO Web GUI at http://0.0.0.0:8840
2024/09/01 10:38:46 INFO ===================================
2024/09/01 10:38:46 INFO Removing all History before date="2024-08-30 10:38:46"
2024/09/01 10:38:46 INFO Removed records from History n=0
2024/09/01 10:38:46 ERROR exit status 1

Container stalls here, and no web interface is accessible.

Tried with UTC also for timezone. Acceptable value type in README would be good, there are so many different formats for timezone.

[cmcconomy]

Seeing the same here.

[replete]

FYI --cap-add is for linux hosts, so mentioned PR won't resolve it on MacOS:
https://docs.docker.com/engine/containers/run/#runtime-privilege-and-linux-capabilities

[dvcrn]

ah sorry - I was running this on my homeserver which, yeah, is linux. But it was still needed to get it working

if you haven't yet, set log level to DEBUG and see if you get any other insights.

Also on macOS, host network has only been supported since Docker desktop 4.34 (https://docs.docker.com/engine/network/drivers/host/) which got released like... 2 days ago? If you haven't yet, update to 4.34, then enable "host" network in settings -> resources -> network. Haven't really tried using host mode on macos before so I'm not sure how well it works

I'd also sh into the container and check what interfaces are available with ifconfig, then run the arp command manually

[fREAST]

ah sorry - I was running this on my homeserver which, yeah, is linux. But it was still needed to get it working

if you haven't yet, set log level to DEBUG and see if you get any other insights.

Also on macOS, host network has only been supported since Docker desktop 4.34 (https://docs.docker.com/engine/network/drivers/host/) which got released like... 2 days ago? If you haven't yet, update to 4.34, then enable "host" network in settings -> resources -> network. Haven't really tried using host mode on macos before so I'm not sure how well it works

I'd also sh into the container and check what interfaces are available with ifconfig, then run the arp command manually

I'm running on linux, the extra capabilities made no difference.
See my previous comment: #106 (comment)
With DEBUG log level, there's not much more info, and running the arp-scan insinde the container works fine.

[aimzieslol]

You need to NET_ADMIN and NET_RAW to the container

docker run --name wyl \
	-e "IFACES=$YOURIFACE" \
	-e "TZ=$YOURTIMEZONE" \
	--network="host" \
	--cap-add=NET_ADMIN --cap-add=NET_RAW \
	-v $DOCKERDATAPATH/wyl:/data/WatchYourLAN \
    aceberg/watchyourlan:v2

This worked for me, thanks!

• Linux <hostname> 6.10.4-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.10.4-1 (2024-08-12) x86_64 GNU/Linux
• Using podman instead of Docker
• Running it as root user
• Passing the network bridge (br0) to the container

[robcalcroft]

@dvcrn your NET_CAP additions solved it for me thanks!

[SteveClement]

For MacOS users, --priveleged some times fixes certain things. In this case, not.

Another thing I tried is to map bpf0: --device /dev/bpf0:/dev/bpf0
This did not work either.

[replete]

@dvcrn Thanks for the info.

FYI for MacOS users: I tried the following which did not help:

• update to Docker v4.34.0 and enable host network in settings > resources > network
• run command with sudo
• run with -privileged | --privileged
• run with --network=bridge

Works on my linux server, so not a biggie

[alduraibi]

So I have tried doing this fix on my system, using Docker on a Debian host, but unfortunately I still get the ERROR exit status 1 which repeats every 120 seconds. I attempted both the docker run command listed above and the below docker compose file to start WatchYourLan and got the same results. I made sure to use the correct IFACES value (ethernet port).

services:
  watchyourlan:
    image: aceberg/watchyourlan
    container_name: watchyourlan
    network_mode: "host"
    cap_add:
      - NET_ADMIN
      - NET_RAW
    restart: unless-stopped
    volumes:
    - watchyourlan-data:/data/WatchYourLAN
    environment:
      TZ: "Asia/Riyadh"
      IFACES: "enp3s0"
 
volumes:
  watchyourlan-data:

Result of ip a

...
2: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master vmbr0 state UP group default qlen 1000
    link/ether 00:aa:11:bb:22:cc brd ff:ff:ff:ff:ff:ff
...

But when I try it on my laptop, using Docker on Arch and its wireless interface, it seems to work normally. So I don't think it's a problem with my network.