HEX
Server: nginx/1.18.0
System: Linux test-ipsremont 5.4.0-214-generic #234-Ubuntu SMP Fri Mar 14 23:50:27 UTC 2025 x86_64
User: ips (1000)
PHP: 8.0.30
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
$ pwd: /snap/docker/3377/bin/
Upload Files
File: //snap/docker/3377/bin/dockerd-wrapper
#!/usr/bin/env bash
set -Eeuo pipefail

workaround_apparmor_profile_reload() {
	local aa_profile_reloaded="$SNAP_COMMON/profile_reloaded"
	# https://github.com/docker/docker-snap/issues/4
	if [ ! -f "$aa_profile_reloaded" ]; then
		local aa_count
		if aa_count="$(grep -c 'docker-default (enforce)' /sys/kernel/security/apparmor/profiles)" && [ -n "$aa_count" ] && [ "$aa_count" -ge 1 ]; then
			export DOCKER_AA_RELOAD=1
			touch "$aa_profile_reloaded"
		fi
	fi
}

default_socket_group='docker'
workaround_lp1606510() {
	# ensure there's at least one member in the group.
	local getent_group_docker_snap
	if getent_group_docker_snap="$(getent group docker-snap | awk -F':' '{print $NF}')" && [ -n "$getent_group_docker_snap" ]; then
		default_socket_group='docker-snap'
	fi
}

yolo() {
	"$@" > /dev/null 2>&1 || :
}

force_umount() {
	yolo umount    "$@"
	yolo umount -f "$@"
	yolo umount -l "$@"
}

dir="$(mktemp -d)"
# overlayfs: https://docs.kernel.org/filesystems/overlayfs.html#directories
upper="$(mktemp -d)"
lower="$(mktemp -d)"
work="$(mktemp -d)"

# inside our snap, we can't "modprobe" for whatever reason (probably no access to the .ko files)
# so this forces the kernel itself to "modprobe" for these filesystems so that the modules we need are available to Docker
trap "force_umount --no-mtab '$dir'; rm -rf '$dir'" EXIT
# try mounting a few FS types to force the kernel to try loading modules
yolo mount --no-mtab -t overlay /dev/null -olowerdir="$lower",upperdir="$upper",workdir="$work" "$dir" 
force_umount --no-mtab "$dir"
yolo mount --no-mtab -t aufs /dev/null "$dir" 
force_umount --no-mtab "$dir"
yolo mount --no-mtab -t zfs /dev/null "$dir" 
force_umount --no-mtab "$dir"

rm -rf "$dir" "$upper" "$lower" "$work"
trap - EXIT

# modify XDG_RUNTIME_DIR to be a snap writable dir underneath $SNAP_COMMON 
# (until https://bugs.launchpad.net/snappy/+bug/1656340 is fixed)
export XDG_RUNTIME_DIR=$SNAP_COMMON/run
mkdir -p "$XDG_RUNTIME_DIR"

# use SNAP_COMMON for "/var/lib/docker" since it's common across snap revisions
# (and typically gets large, so we don't want it backed up and restored like SNAP_DATA)
mkdir -p "$SNAP_COMMON/var-lib-docker"

# use "/run/snap.$SNAP_INSTANCE_NAME" for ephemeral storage
# - https://github.com/snapcore/snapd/pull/6109
# - https://github.com/docker-snap/docker-snap/pull/9
run_dir="/run/snap.$SNAP_INSTANCE_NAME"
mkdir -p "$run_dir"

workaround_lp1606510

workaround_apparmor_profile_reload

data_root="$(snapctl get data-root)"

exec dockerd \
	--group "$default_socket_group" \
	--exec-root="$run_dir" \
  	--data-root="$data_root" \
	--pidfile="$run_dir/docker.pid" \
	--config-file="$SNAP_DATA/config/daemon.json" \
	"$@"
@ Telegram