-
-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ERROR: Cannot open TUN/TAP dev /dev/net/tun: Operation not permitted (errno=1) #2900
Comments
Potential duplicates:
|
Add this to your compose file
And it indeed solves the issue. The main issue is probably related to an update of container.io qdm12/gluetun#2606 |
@BarrRedKola Thanks, worked for me. If you use a systemctl service to start the container you need to add this line: |
This is only a fix for compose users. In docker swarm this won't work. I locked the containerd version for as long as I have no real fix for this. |
Thanks to the clues above, here's a workaround for a Kubernetes environment. Modify the Deployment object to add:
Here's a full example since indention gets out of hand with these: ---
apiVersion: apps/v1
kind: Deployment
metadata:
name: transmission-openvpn
spec:
strategy:
type: Recreate
replicas: 1
template:
spec:
hostNetwork: false
containers:
- name: transmission-openvpn
securityContext:
privileged: true
image: "haugene/transmission-openvpn:5.3.1"
volumeMounts:
- mountPath: /dev/net/tun
name: dev-net-tun
readOnly: true
volumes:
- name: dev-net-tun
hostPath:
path: /dev/net/tun
type: CharDevice |
Dumb question maybe, how do I factor this in to a docker run command? tried:
|
https://docs.docker.com/reference/cli/docker/container/run/#device |
Thank you, much appreciated. Weirdly, it didn't help straight away. I had appended it to the end of my run command, but it failed with the same error:
On a whim I added it immediately after cap-add and now it's working:
thanks again |
I've added this but I continue to get:
Does the |
Same problem as everyone else.. still no solution |
|
I have been trying to fix this for the last few weeks and tried different things, but still get the TUN Error I have it working on another machine that I set up ages ago, but I can't get it working on a new machine Mapping the Fix that works for me :-)Docker must have changed how you access certain things, so you now have to make the Container privileged in order to create a VPN Tunnel So pop ...
privileged: true
ports:
- '9091:9091'
- '8118:8118'
image: haugene/transmission-openvpn
... Just tried the above adding the Devices (as above) without Privileged and this also works and is probably safer devices:
- /dev/net/tun |
For my
fyi: k3s 1.31.x (working with 1.30), running in |
Is there a pinned issue for this?
Is there an existing or similar issue/discussion for this?
Is there any comment in the documentation for this?
Is this related to a provider?
Are you using the latest release?
Have you tried using the dev branch latest?
Docker run config used
transmission:
container_name: transmission
cap_add:
- NET_ADMIN
volumes:
- ${DOCKERDIR}/appdata/transmission:/config
- ${DATADIR}/Downloads/completed:/data/
environment:
- PUID=${PUID}
- PGID=${PGID}
- OPENVPN_PROVIDER=NORDVPN
- OPENVPN_CONFIG=default
- NORDVPN_COUNTRY=GB
- NORDVPN_CATEGORY=P2P
- NORDVPN_PROTOCOL=tcp
- OPENVPN_USERNAME=${VPNUSER}
- OPENVPN_PASSWORD=${VPNPASS}
# - NORDVPN_SERVER=uk2313.nordvpn.com
- LOCAL_NETWORK=192.168.1.0/24
- WEBPROXY_ENABLED=true
- WEBPROXY_PORT=9999
# - TRANSMISSION_WEB_UI=combustion
# - TRANSMISSION_WEB_UI=kettu
# - TRANSMISSION_WEB_UI=transmission-web-control
# - TRANSMISSION_WEB_UI=flood-for-transmission
# - TRANSMISSION_WEB_UI=shift
- HEALTH_CHECK_HOST=github.com
logging:
driver: json-file
options:
max-size: 10m
ports:
- 9091:9091
image: haugene/transmission-openvpn:latest
restart: unless-stopped
networks:
- network1
Current Behavior
Container up but VPN failing and so cannot even connect to container on the web interface
Expected Behavior
Web interface works as VPN connects
How have you tried to solve the problem?
rebooted server, portainer stack and removed and re-pulled container
Log output
_transmission_logs.txt
HW/SW Environment
Anything else?
nothing to add
The text was updated successfully, but these errors were encountered: