Hard to understand error message during exec
pixxon opened this issue · 3 comments
Describe the bug
Fatal error running backup: withLabeledCommands: archive: error running pre commands: runLabeledCommands: error from errgroup: runLabeledCommands: error executing command: exec: error demultiplexing output: Unrecognized input header: 60
To Reproduce
Steps to reproduce the behavior:
volumes:
postgresql_db:
services:
postgres:
image: postgres:12.16-alpine3.18
volumes:
- type: volume
source: postgresql_db
target: /var/lib/postgresql/data
environment:
POSTGRES_PASSWORD: something
POSTGRES_USER: postgres
POSTGRES_DB: postgres
labels:
docker-volume-backup.exec-label: database
docker-volume-backup.archive-pre: /bin/sh -c 'pg_dumpall -U postgres > /var/lib/postgresql/data/backup.sql'
docker-volume-backup.archive-post: /bin/sh -c 'rm /var/lib/postgresql/data/backup.sql'
minio_backup:
image: offen/docker-volume-backup:v2.36.1
environment:
EXEC_LABEL: database
DOCKER_HOST: tcp://docker_socket_proxy:2375
volumes:
- type: volume
source: postgresql_db
target: /backup
read_only: true
docker_socket_proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- type: bind
source: /var/run/docker.sock
target: /var/run/docker.sock
read_only: true
environment:
CONTAINERS: 1
SERVICES: 1
INFO: 1
POST: 1
TASKS: 1
NODES: 1
# EXEC: 1
Expected behavior
Clear error message that EXEC permission is missing.
Version (please complete the following information):
- Image Version: v2.36.1
- Docker Version: 25.0.1
Additional context
This is mostly just to help out other people if they run into the given error above. With the missing EXEC permission, the socket proxy returns <html><body><h1>403 Forbidden</h1>\nRequest forbidden by administrative rules.\n</body></html>
and to no surprise <
has the ASCII value of 60, see in the error above.
@m90 I think you can just close this issue as "Works by Design". The documentation clearly states to add EXEC
permissions. I just opened it so there are at least some hits regarding the Unrecognized input header: 60
, as it was quite hard to diagnose the issue once I made the copy paste mistake of not adding EXEC
.
Alternativaly it could be possible to read the entire stream and only demux it later. And if the demux fails, print the content of the stream, so the error message would clearly show the forbidden request.
I've also had similar problems with the exec output before, so maybe looking into if this can be improved is worth it. The current code that does it is mostly just copied over from the Moby test suite without thinking about it too much.
I'll leave the issue open and see if I can go on a spelunking excursion in the relevant parts soon.