ubuntu_24.04 Noble LTS安装docker desktop启动无窗口及引擎启动失败的解决

烟迷了眼

ubuntu_24.04 LTS安装docker desktop启动无窗口及引擎启动失败的解决方法

1. 安装docker desktop后启动无窗口

现象： 执行sudo apt install ./docker-desktop-4.29.0-amd64.deb成功安装docker desktop后，无论是在菜单里点击Docker Desktop图标还是执行systemctl --user start docker-desktop均没有窗口出现。
查看日志：在~/.docker/desktop/log/host/Docker Desktop.stderr.log 中有以下内容：

1. [2024-04-27T06:39:49.728616797Z] [22344:0427/143949.728566:FATAL:setuid_sandbox_host.cc(157)] The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /opt/docker-desktop/chrome-sandbox is owned by root and has mode 4755.

复制代码

解决方法：执行

1. sudo chown root:root /opt/docker-desktop/chrome-sandbox
2. sudo chmod 4755 /opt/docker-desktop/chrome-sandbox

复制代码

然后执行 systemctl --user restart docker-desktop，窗口出现，问题解决。
2. 启动出现 "An unexpected error occurred"或一直显示"Starting the Docker Engine..."

报错内容：

1. running engine: waiting for the VM setup to be ready: running filesharing: running virtiofsd for /home:  Error entering sandbox:
2. DropSupplementalGroups(Os { code: 1, kind: PermissionDenied, message: "Operation not permitted" })

复制代码

执行sudo dmesg出现以下等内容

1. [ 2329.792894] audit: type=1400 audit(1714467432.031:190): apparmor="DENIED" operation="capable"  profile="unprivileged_userns" pid=10057 comm="virtiofsd" capability=6  capname="setgid"

复制代码

解决方法：

1. echo "==> Disabling Apparmor unprivileged userns mediation"
2. echo 0 > /proc/sys/kernel/apparmor_restrict_unprivileged_userns
4. echo "==> Disabling Apparmor unprivileged unconfined mediation"
5. echo 0 > /proc/sys/kernel/apparmor_restrict_unprivileged_unconfined

复制代码

以root权限执行以上内容（方法来源： https://github.com/canonical/lxd/issues/12882#issuecomment-1941766215 ）
该方法会带来一定的安全风险
这个问题应该与ubuntu 24.04 的 Unprivileged user namespace restrictions 有关，应该会修复

来源:https://www.cnblogs.com/happy68/p/18168484
免责声明：由于采集信息均来自互联网，如果侵犯了您的权益，请联系我们【E-Mail:cb@itdo.tech】 我们会及时删除侵权内容，谢谢合作！