Exec /entrypoint.sh: operation not permitted

Traefik Traefik v2
1

Hello,
I was running a docker server installed through the "help script" for Proxmox.
I have learned few days ago that it was not a good idea, because not officialy supported ...
So I have decided to buid a new Ubuntu server 24.04 LTS and install docker on it.
In the same time, I have copy from the old server to the new one, all dockers 's folders (autehntik, traefic etc.)
I have also installed "portainer" who is working has it should be.
The following dockers are now working on this new server:

  • authentik, crowdsec, diun, geoipupdate and rustdesk-server for the main ones.
    But I do have a pb of permission with Traefik and Kuma.

I am running the docker with the root user (will be changed later) ...

On traefik

exec /entrypoint.sh: operation not permitted
exec /entrypoint.sh: operation not permitted
exec /entrypoint.sh: operation not permitted

Thx for your support

2

How do you run it? Show your docker-compose.yml or docker CLI arguments.

3 
services:
  traefik:
    image: traefik:v2.11.2
    container_name: traefik
    restart: unless-stopped
    security_opt:
      - no-new-privileges:true
    read_only: true
    mem_limit: 2G
    cpus: 0.75
    #depends_on:
      #- dockerproxy
    networks:
      - mynet
      #- socket-t
    #command:
     # - '--host=tcp://t-docker-socket-proxy:2375'
    ports:
      - 1180:80
      - 11443:443
      - 8087:8080
      - 1181:1181
      - 11444:11444
    environment:
      - CF_API_EMAIL=myemail
      - CF_DNS_API_TOKEN=nejxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxB-
      - TZ=Europe/Helsinki
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /mnt/user/appdata/docker/traefik/data/traefik.yml:/traefik.yml:ro
      - /mnt/user/appdata/docker/letsencrypt:/letsencrypt
      - /mnt/user/appdata/docker/traefik/data/dynamic_conf.yml:/dynamic_conf.yml:ro
      - /var/log/crowdsec/:/var/log/crowdsec

    
    labels:
      #- "com.centurylinklabs.watchtower.enable=false" # if watchtower would try to update the proxy, it would just stop
      - "traefik.enable=true"
      - "traefik.http.routers.traefik.entrypoints=http"
      - "traefik.http.routers.traefik.rule=Host(`traefik.domain.org`)"
      - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
      - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https"
      - "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
      - "traefik.http.routers.traefik-secure.entrypoints=https"
      - "traefik.http.routers.traefik-secure.rule=Host(`traefik.domain.org`)"
      - "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
      - "traefik.http.routers.traefik-secure.tls=true"
      - "traefik.http.routers.traefik-secure.tls.certresolver=dns-cloudflare"
      - "traefik.http.routers.traefik-secure.tls.domains[0].main=domain.org"
      - "traefik.http.routers.traefik-secure.tls.domains[0].sans=*.domain.org"
      - "traefik.http.routers.traefik-secure.service=api@internal"
      # middlewares
      - "traefik.http.middlewares.traefik-auth.basicauth.removeheader=true"
      - "traefik.http.middlewares.traefik-auth.basicauth.users=theboss:xxxxxxx" 
      # middlewares security headers
      - "traefik.http.middlewares.security-headers.headers.accesscontrolallowmethods=GET, OPTIONS, PUT"
      - "traefik.http.middlewares.security-headers.headers.accesscontrolmaxage=100"
      - "traefik.http.middlewares.security-headers.headers.addvaryheader=true"
      - "traefik.http.middlewares.security-headers.headers.hostsproxyheaders=X-Forwarded-Host"
      - "traefik.http.middlewares.security-headers.headers.sslredirect=true"
      - "traefik.http.middlewares.security-headers.headers.sslproxyheaders.X-Forwarded-Proto=https"
      - "traefik.http.middlewares.security-headers.headers.stsseconds=63072000"
      - "traefik.http.middlewares.security-headers.headers.stsincludesubdomains=true"
      - "traefik.http.middlewares.security-headers.headers.stspreload=true"
      - "traefik.http.middlewares.security-headers.headers.forcestsheader=true"
      - "traefik.http.middlewares.security-headers.headers.framedeny=true"
      - "traefik.http.middlewares.security-headers.headers.contenttypenosniff=true"
      - "traefik.http.middlewares.security-headers.headers.browserxssfilter=true"
      - "traefik.http.middlewares.security-headers.headers.referrerpolicy=same-origin"
      - "traefik.http.middlewares.security-headers.headers.featurepolicy=camera 'none'; geolocation 'none'; microphone 'none'; payment 'none'; usb 'none'; vr 'none';"
      - "traefik.http.middlewares.security-headers.headers.customresponseheaders.X-Robots-Tag=none,noarchive,nosnippet,notranslate,noimageindex"
  
networks:
  mynet:
    name: mynet
    external: true
  #socket-t:
    #driver: bridge
    #internal: true
    #attachable: false
4

Works for me on regular Docker. Are you using Docker rootless?

5

no ...
I am going to reinstall Docker, I think that the problem is coming from this package.
I let you know, thx again for your support

6

ok this is all working.
I have had to reinstall a new server and install properly my docker.
Thx

7

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.