mirror/NetAlertX
1
0
Fork 0
mirror of https://github.com/jokob-sk/NetAlertX.git synced 2026-02-27 20:56:06 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
fe226597944b1db1320ede039b94de835a22eb51
NetAlertX/test/docker_tests/configurations/test_results.log
Adam Outler c86d0c8772 Handle more edge cases; more clear warnings
2026-01-06 00:43:48 +00:00

4515 lines
442 KiB
Plaintext
Raw Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
Starting Docker Compose Tests - Mon Jan 5 02:20:29 UTC 2026
==========================================
File: docker-compose.missing-caps.yml
----------------------------------------
Testing: docker-compose.missing-caps.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations
Running docker compose up...
Volume "configurations_netalertx_data" Creating
Volume "configurations_netalertx_data" Created
Container netalertx-test-missing-caps Creating
Container netalertx-test-missing-caps Created
Attaching to netalertx-test-missing-caps
netalertx-test-missing-caps | Ownership prepared for PUID=20211.
netalertx-test-missing-caps | su-exec: setgroups(20211): Operation not permitted
netalertx-test-missing-caps | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-missing-caps | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-missing-caps | Ownership prepared for PUID=20211.
netalertx-test-missing-caps | su-exec: setgroups(20211): Operation not permitted
netalertx-test-missing-caps | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-missing-caps | 
netalertx-test-missing-caps | _ _ _ ___ _ _ __ __
netalertx-test-missing-caps | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-missing-caps | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-missing-caps | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-missing-caps | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-missing-caps | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-missing-caps |  Network intruder and presence detector.
netalertx-test-missing-caps | https://netalertx.com
netalertx-test-missing-caps |
netalertx-test-missing-caps |
netalertx-test-missing-caps | Startup pre-checks
netalertx-test-missing-caps | --> data migration.sh
netalertx-test-missing-caps | --> capabilities audit.sh
netalertx-test-missing-caps | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-missing-caps | 🚨 ALERT: Python execution capabilities (NET_RAW/NET_ADMIN) are missing.
netalertx-test-missing-caps |
netalertx-test-missing-caps | The Python binary in this image has file capabilities (+eip) that
netalertx-test-missing-caps | require these bits in the container's bounding set. Without them,
netalertx-test-missing-caps | the binary will fail to execute (Operation not permitted).
netalertx-test-missing-caps |
netalertx-test-missing-caps | Restart with: --cap-add=NET_RAW --cap-add=NET_ADMIN
netalertx-test-missing-caps | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-missing-caps | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-missing-caps | ⚠️ WARNING: Reduced functionality (NET_BIND_SERVICE missing).
netalertx-test-missing-caps |
netalertx-test-missing-caps | Tools like nbtscan cannot bind to privileged ports (UDP 137).
netalertx-test-missing-caps | This will reduce discovery accuracy for legacy devices.
netalertx-test-missing-caps |
netalertx-test-missing-caps | Consider adding: --cap-add=NET_BIND_SERVICE
netalertx-test-missing-caps | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-missing-caps | Security context: Operational capabilities (CHOWN SETGID SETUID) not granted.
netalertx-test-missing-caps | See https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/missing-capabilities.md
netalertx-test-missing-caps | --> mounts.py
netalertx-test-missing-caps | env: can't execute 'python3': Operation not permitted
netalertx-test-missing-caps | mounts.py: FAILED with 126
netalertx-test-missing-caps | Failure detected in: /entrypoint.d/15-mounts.py
netalertx-test-missing-caps | --> first run config.sh
netalertx-test-missing-caps | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-missing-caps | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-missing-caps |
netalertx-test-missing-caps | Review your settings in the UI or edit the file directly before trusting
netalertx-test-missing-caps | this instance in production.
netalertx-test-missing-caps | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-missing-caps | --> first run db.sh
netalertx-test-missing-caps | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-missing-caps | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-missing-caps |
netalertx-test-missing-caps | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-missing-caps | DB before onboarding sensitive or critical networks.
netalertx-test-missing-caps | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-missing-caps | --> mandatory folders.sh
netalertx-test-missing-caps | --> apply conf override.sh
netalertx-test-missing-caps | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-missing-caps | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-missing-caps |
netalertx-test-missing-caps | Make sure the JSON content is correct before starting the application.
netalertx-test-missing-caps | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-missing-caps | --> writable config.sh
netalertx-test-missing-caps | --> nginx config.sh
netalertx-test-missing-caps | --> expected user id match.sh
netalertx-test-missing-caps | 
netalertx-test-missing-caps | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-missing-caps | --> host mode network.sh
netalertx-test-missing-caps | --> excessive capabilities.sh
netalertx-test-missing-caps | --> appliance integrity.sh
netalertx-test-missing-caps | --> ports available.sh
netalertx-test-missing-caps | Container startup checks failed with exit code 126.
netalertx-test-missing-caps | NETALERTX_DEBUG=1, continuing despite failed pre-checks.
netalertx-test-missing-caps exited with code 0
File: docker-compose.missing-net-admin.yml
----------------------------------------
Testing: docker-compose.missing-net-admin.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations
Running docker compose up...
Volume "configurations_netalertx_data" Creating
Volume "configurations_netalertx_data" Created
Container netalertx-test-missing-net-admin Creating
Container netalertx-test-missing-net-admin Created
Attaching to netalertx-test-missing-net-admin
netalertx-test-missing-net-admin | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-missing-net-admin | Ownership prepared for PUID=20211.
netalertx-test-missing-net-admin | su-exec: setgroups(20211): Operation not permitted
netalertx-test-missing-net-admin | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-missing-net-admin | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-missing-net-admin | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-missing-net-admin | Ownership prepared for PUID=20211.
netalertx-test-missing-net-admin | su-exec: setgroups(20211): Operation not permitted
netalertx-test-missing-net-admin | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-missing-net-admin | 
netalertx-test-missing-net-admin | _ _ _ ___ _ _ __ __
netalertx-test-missing-net-admin | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-missing-net-admin | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-missing-net-admin | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-missing-net-admin | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-missing-net-admin | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-missing-net-admin |  Network intruder and presence detector.
netalertx-test-missing-net-admin | https://netalertx.com
netalertx-test-missing-net-admin |
netalertx-test-missing-net-admin |
netalertx-test-missing-net-admin | Startup pre-checks
netalertx-test-missing-net-admin | --> data migration.sh
netalertx-test-missing-net-admin | --> capabilities audit.sh
netalertx-test-missing-net-admin | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-missing-net-admin | 🚨 ALERT: Python execution capabilities (NET_RAW/NET_ADMIN) are missing.
netalertx-test-missing-net-admin |
netalertx-test-missing-net-admin | The Python binary in this image has file capabilities (+eip) that
netalertx-test-missing-net-admin | require these bits in the container's bounding set. Without them,
netalertx-test-missing-net-admin | the binary will fail to execute (Operation not permitted).
netalertx-test-missing-net-admin |
netalertx-test-missing-net-admin | Restart with: --cap-add=NET_RAW --cap-add=NET_ADMIN
netalertx-test-missing-net-admin | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-missing-net-admin | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-missing-net-admin | --> mounts.py
netalertx-test-missing-net-admin | env: can't execute 'python3': Operation not permitted
netalertx-test-missing-net-admin | mounts.py: FAILED with 126
netalertx-test-missing-net-admin | Failure detected in: /entrypoint.d/15-mounts.py
netalertx-test-missing-net-admin | --> first run config.sh
netalertx-test-missing-net-admin | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-missing-net-admin | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-missing-net-admin |
netalertx-test-missing-net-admin | Review your settings in the UI or edit the file directly before trusting
netalertx-test-missing-net-admin | this instance in production.
netalertx-test-missing-net-admin | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-missing-net-admin | --> first run db.sh
netalertx-test-missing-net-admin | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-missing-net-admin | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-missing-net-admin |
netalertx-test-missing-net-admin | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-missing-net-admin | DB before onboarding sensitive or critical networks.
netalertx-test-missing-net-admin | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-missing-net-admin | --> mandatory folders.sh
netalertx-test-missing-net-admin | --> apply conf override.sh
netalertx-test-missing-net-admin | --> writable config.sh
netalertx-test-missing-net-admin | --> nginx config.sh
netalertx-test-missing-net-admin | --> expected user id match.sh
netalertx-test-missing-net-admin | 
netalertx-test-missing-net-admin | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-missing-net-admin | --> host mode network.sh
netalertx-test-missing-net-admin | --> excessive capabilities.sh
netalertx-test-missing-net-admin | --> appliance integrity.sh
netalertx-test-missing-net-admin | --> ports available.sh
netalertx-test-missing-net-admin | Container startup checks failed with exit code 126.
netalertx-test-missing-net-admin | NETALERTX_DEBUG=1, continuing despite failed pre-checks.
netalertx-test-missing-net-admin | APP_CONF_OVERRIDE detected (set from GRAPHQL_PORT)
netalertx-test-missing-net-admin exited with code 0
File: docker-compose.missing-net-raw.yml
----------------------------------------
Testing: docker-compose.missing-net-raw.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations
Running docker compose up...
Volume "configurations_netalertx_data" Creating
Volume "configurations_netalertx_data" Created
Container netalertx-test-missing-net-raw Creating
Container netalertx-test-missing-net-raw Created
Attaching to netalertx-test-missing-net-raw
netalertx-test-missing-net-raw | Ownership prepared for PUID=20211.
netalertx-test-missing-net-raw | 
netalertx-test-missing-net-raw | _ _ _ ___ _ _ __ __
netalertx-test-missing-net-raw | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-missing-net-raw | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-missing-net-raw | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-missing-net-raw | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-missing-net-raw | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-missing-net-raw |  Network intruder and presence detector.
netalertx-test-missing-net-raw | https://netalertx.com
netalertx-test-missing-net-raw |
netalertx-test-missing-net-raw |
netalertx-test-missing-net-raw | Startup pre-checks
netalertx-test-missing-net-raw | --> data migration.sh
netalertx-test-missing-net-raw | --> capabilities audit.sh
netalertx-test-missing-net-raw | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-missing-net-raw | 🚨 ALERT: Python execution capabilities (NET_RAW/NET_ADMIN) are missing.
netalertx-test-missing-net-raw |
netalertx-test-missing-net-raw | The Python binary in this image has file capabilities (+eip) that
netalertx-test-missing-net-raw | require these bits in the container's bounding set. Without them,
netalertx-test-missing-net-raw | the binary will fail to execute (Operation not permitted).
netalertx-test-missing-net-raw |
netalertx-test-missing-net-raw | Restart with: --cap-add=NET_RAW --cap-add=NET_ADMIN
netalertx-test-missing-net-raw | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-missing-net-raw | --> mounts.py
netalertx-test-missing-net-raw | env: can't execute 'python3': Operation not permitted
netalertx-test-missing-net-raw | mounts.py: FAILED with 126
netalertx-test-missing-net-raw | Failure detected in: /entrypoint.d/15-mounts.py
netalertx-test-missing-net-raw | --> first run config.sh
netalertx-test-missing-net-raw | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-missing-net-raw | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-missing-net-raw |
netalertx-test-missing-net-raw | Review your settings in the UI or edit the file directly before trusting
netalertx-test-missing-net-raw | this instance in production.
netalertx-test-missing-net-raw | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-missing-net-raw | --> first run db.sh
netalertx-test-missing-net-raw | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-missing-net-raw | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-missing-net-raw |
netalertx-test-missing-net-raw | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-missing-net-raw | DB before onboarding sensitive or critical networks.
netalertx-test-missing-net-raw | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-missing-net-raw | --> mandatory folders.sh
netalertx-test-missing-net-raw | --> apply conf override.sh
netalertx-test-missing-net-raw | --> writable config.sh
netalertx-test-missing-net-raw | --> nginx config.sh
netalertx-test-missing-net-raw | --> expected user id match.sh
netalertx-test-missing-net-raw | --> host mode network.sh
netalertx-test-missing-net-raw | --> excessive capabilities.sh
netalertx-test-missing-net-raw | --> appliance integrity.sh
netalertx-test-missing-net-raw | --> ports available.sh
netalertx-test-missing-net-raw | Container startup checks failed with exit code 126.
netalertx-test-missing-net-raw | NETALERTX_DEBUG=1, continuing despite failed pre-checks.
netalertx-test-missing-net-raw | APP_CONF_OVERRIDE detected (set from GRAPHQL_PORT)
netalertx-test-missing-net-raw | /services/scripts/update_vendors.sh: line 28: /tmp/run/tmp/ieee-oui.txt.tmp: Read-only file system
netalertx-test-missing-net-raw | Starting /usr/sbin/php-fpm83 -y "/services/config/php/php-fpm.conf" -F (tee stderr to app.php_errors.log)
netalertx-test-missing-net-raw | Starting supercronic --debug "/services/config/cron/crontab" >>"/tmp/log/cron.log" 2>&1 &
netalertx-test-missing-net-raw | /services/start-cron.sh: line 37: /tmp/log/cron.log: Read-only file system
netalertx-test-missing-net-raw | Supercronic stopped! (exit 1)
netalertx-test-missing-net-raw | tee: /tmp/log/app.php_errors.log: Read-only file system
netalertx-test-missing-net-raw | mktemp: : Read-only file system
netalertx-test-missing-net-raw | Starting python3 -m server > /tmp/log/stdout.log 2> >(tee /tmp/log/stderr.log >&2)
netalertx-test-missing-net-raw | /services/start-backend.sh: line 16: /tmp/log/stdout.log: Read-only file system
netalertx-test-missing-net-raw | [04-Jan-2026 21:20:39] ERROR: failed to open error_log (/tmp/log/app.php_errors.log): Read-only file system (30)
netalertx-test-missing-net-raw | [04-Jan-2026 21:20:39] ERROR: failed to post process the configuration
netalertx-test-missing-net-raw | [04-Jan-2026 21:20:39] ERROR: FPM initialization failed
netalertx-test-missing-net-raw | php-fpm stopped! (exit 78)
netalertx-test-missing-net-raw | ERROR: Failed to download or process OUI data
Gracefully stopping... (press Ctrl+C again to force)
Container netalertx-test-missing-net-raw Stopping
Container netalertx-test-missing-net-raw Stopped
File: docker-compose.readonly.yml
----------------------------------------
Testing: docker-compose.readonly.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations
Running docker compose up...
Volume "configurations_netalertx_data" Creating
Volume "configurations_netalertx_data" Created
Container netalertx-test-readonly Creating
Container netalertx-test-readonly Created
Attaching to netalertx-test-readonly
netalertx-test-readonly | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-readonly | Ownership prepared for PUID=20211.
netalertx-test-readonly | su-exec: setgroups(20211): Operation not permitted
netalertx-test-readonly | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-readonly | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-readonly | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-readonly | Ownership prepared for PUID=20211.
netalertx-test-readonly | su-exec: setgroups(20211): Operation not permitted
netalertx-test-readonly | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-readonly | 
netalertx-test-readonly | _ _ _ ___ _ _ __ __
netalertx-test-readonly | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-readonly | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-readonly | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-readonly | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-readonly | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-readonly |  Network intruder and presence detector.
netalertx-test-readonly | https://netalertx.com
netalertx-test-readonly |
netalertx-test-readonly |
netalertx-test-readonly | Startup pre-checks
netalertx-test-readonly | --> data migration.sh
netalertx-test-readonly | --> capabilities audit.sh
netalertx-test-readonly | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-readonly | --> mounts.py
netalertx-test-readonly | --> first run config.sh
netalertx-test-readonly | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-readonly | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-readonly |
netalertx-test-readonly | Review your settings in the UI or edit the file directly before trusting
netalertx-test-readonly | this instance in production.
netalertx-test-readonly | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-readonly | --> first run db.sh
netalertx-test-readonly | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-readonly | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-readonly |
netalertx-test-readonly | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-readonly | DB before onboarding sensitive or critical networks.
netalertx-test-readonly | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-readonly | --> mandatory folders.sh
netalertx-test-readonly | --> apply conf override.sh
netalertx-test-readonly | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-readonly | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-readonly |
netalertx-test-readonly | Make sure the JSON content is correct before starting the application.
netalertx-test-readonly | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-readonly | --> writable config.sh
netalertx-test-readonly | --> nginx config.sh
netalertx-test-readonly | --> expected user id match.sh
netalertx-test-readonly | 
netalertx-test-readonly | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-readonly | --> host mode network.sh
netalertx-test-readonly | --> excessive capabilities.sh
netalertx-test-readonly | --> appliance integrity.sh
netalertx-test-readonly | --> ports available.sh
netalertx-test-readonly exited with code 0
netalertx-test-readonly | --> capabilities audit.sh
netalertx-test-readonly | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-readonly | --> mounts.py
netalertx-test-readonly | --> first run config.sh
netalertx-test-readonly | --> first run db.sh
netalertx-test-readonly | --> mandatory folders.sh
netalertx-test-readonly | --> apply conf override.sh
netalertx-test-readonly | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-readonly | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-readonly |
netalertx-test-readonly | Make sure the JSON content is correct before starting the application.
netalertx-test-readonly | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-readonly | --> writable config.sh
netalertx-test-readonly | --> nginx config.sh
netalertx-test-readonly | --> expected user id match.sh
netalertx-test-readonly | 
netalertx-test-readonly | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-readonly | --> host mode network.sh
netalertx-test-readonly | --> excessive capabilities.sh
netalertx-test-readonly | --> appliance integrity.sh
netalertx-test-readonly | --> ports available.sh
netalertx-test-readonly exited with code 0
netalertx-test-readonly | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-readonly | --> mounts.py
netalertx-test-readonly | --> first run config.sh
netalertx-test-readonly | --> first run db.sh
netalertx-test-readonly | --> mandatory folders.sh
netalertx-test-readonly | --> apply conf override.sh
netalertx-test-readonly | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-readonly | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-readonly |
netalertx-test-readonly | Make sure the JSON content is correct before starting the application.
netalertx-test-readonly | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-readonly | --> writable config.sh
netalertx-test-readonly | --> nginx config.sh
netalertx-test-readonly | --> expected user id match.sh
netalertx-test-readonly | 
netalertx-test-readonly | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-readonly | --> host mode network.sh
netalertx-test-readonly | --> excessive capabilities.sh
netalertx-test-readonly | --> appliance integrity.sh
netalertx-test-readonly | --> ports available.sh
netalertx-test-readonly exited with code 0
netalertx-test-readonly | 
netalertx-test-readonly | _ _ _ ___ _ _ __ __
netalertx-test-readonly | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-readonly | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-readonly | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-readonly | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-readonly | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-readonly |  Network intruder and presence detector.
netalertx-test-readonly | https://netalertx.com
netalertx-test-readonly |
netalertx-test-readonly |
netalertx-test-readonly | Startup pre-checks
netalertx-test-readonly | --> data migration.sh
netalertx-test-readonly | --> capabilities audit.sh
netalertx-test-readonly | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-readonly | --> mounts.py
netalertx-test-readonly | --> first run config.sh
netalertx-test-readonly | --> first run db.sh
netalertx-test-readonly | --> mandatory folders.sh
netalertx-test-readonly | --> apply conf override.sh
netalertx-test-readonly | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-readonly | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-readonly |
netalertx-test-readonly | Make sure the JSON content is correct before starting the application.
netalertx-test-readonly | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-readonly | --> writable config.sh
netalertx-test-readonly | --> nginx config.sh
netalertx-test-readonly | --> expected user id match.sh
netalertx-test-readonly | 
netalertx-test-readonly | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-readonly | --> host mode network.sh
netalertx-test-readonly | --> excessive capabilities.sh
netalertx-test-readonly | --> appliance integrity.sh
netalertx-test-readonly | --> ports available.sh
netalertx-test-readonly exited with code 0
netalertx-test-readonly | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-readonly | --> mounts.py
netalertx-test-readonly | --> first run config.sh
netalertx-test-readonly | --> first run db.sh
netalertx-test-readonly | --> mandatory folders.sh
netalertx-test-readonly | --> apply conf override.sh
netalertx-test-readonly | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-readonly | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-readonly |
netalertx-test-readonly | Make sure the JSON content is correct before starting the application.
netalertx-test-readonly | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-readonly | --> writable config.sh
netalertx-test-readonly | --> nginx config.sh
netalertx-test-readonly | --> expected user id match.sh
netalertx-test-readonly | 
netalertx-test-readonly | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-readonly | --> host mode network.sh
netalertx-test-readonly | --> excessive capabilities.sh
netalertx-test-readonly | --> appliance integrity.sh
netalertx-test-readonly | --> ports available.sh
netalertx-test-readonly exited with code 0
netalertx-test-readonly | --> first run config.sh
netalertx-test-readonly | --> first run db.sh
netalertx-test-readonly | --> mandatory folders.sh
netalertx-test-readonly | --> apply conf override.sh
netalertx-test-readonly | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-readonly | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-readonly |
netalertx-test-readonly | Make sure the JSON content is correct before starting the application.
netalertx-test-readonly | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-readonly | --> writable config.sh
netalertx-test-readonly | --> nginx config.sh
netalertx-test-readonly | --> expected user id match.sh
netalertx-test-readonly | 
netalertx-test-readonly | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-readonly | --> host mode network.sh
netalertx-test-readonly | --> excessive capabilities.sh
netalertx-test-readonly | --> appliance integrity.sh
netalertx-test-readonly | --> ports available.sh
netalertx-test-readonly exited with code 0
Gracefully stopping... (press Ctrl+C again to force)
Container netalertx-test-readonly Stopping
Container netalertx-test-readonly Stopped
File: docker-compose.writable.yml
----------------------------------------
Testing: docker-compose.writable.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations
Running docker compose up...
Volume "configurations_netalertx_data" Creating
Volume "configurations_netalertx_data" Created
Container netalertx-test-writable Creating
Container netalertx-test-writable Created
Attaching to netalertx-test-writable
netalertx-test-writable | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-writable | Ownership prepared for PUID=20211.
netalertx-test-writable | su-exec: setgroups(20211): Operation not permitted
netalertx-test-writable | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-writable | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-writable | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-writable | Ownership prepared for PUID=20211.
netalertx-test-writable | su-exec: setgroups(20211): Operation not permitted
netalertx-test-writable | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-writable | 
netalertx-test-writable | _ _ _ ___ _ _ __ __
netalertx-test-writable | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-writable | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-writable | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-writable | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-writable | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-writable |  Network intruder and presence detector.
netalertx-test-writable | https://netalertx.com
netalertx-test-writable |
netalertx-test-writable |
netalertx-test-writable | Startup pre-checks
netalertx-test-writable | --> data migration.sh
netalertx-test-writable | --> capabilities audit.sh
netalertx-test-writable | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-writable | --> mounts.py
netalertx-test-writable | --> first run config.sh
netalertx-test-writable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-writable | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-writable |
netalertx-test-writable | Review your settings in the UI or edit the file directly before trusting
netalertx-test-writable | this instance in production.
netalertx-test-writable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-writable | --> first run db.sh
netalertx-test-writable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-writable | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-writable |
netalertx-test-writable | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-writable | DB before onboarding sensitive or critical networks.
netalertx-test-writable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-writable | --> mandatory folders.sh
netalertx-test-writable | * Creating Plugins log.
netalertx-test-writable | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-writable | * Creating System services run log.
netalertx-test-writable | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-writable | * Creating System services run tmp.
netalertx-test-writable | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-writable | * Creating DB locked log.
netalertx-test-writable | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-writable | * Creating Execution queue log.
netalertx-test-writable | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-writable | --> apply conf override.sh
netalertx-test-writable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-writable | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-writable |
netalertx-test-writable | Make sure the JSON content is correct before starting the application.
netalertx-test-writable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-writable | --> writable config.sh
netalertx-test-writable | --> nginx config.sh
netalertx-test-writable | --> expected user id match.sh
netalertx-test-writable | 
netalertx-test-writable | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-writable | --> host mode network.sh
netalertx-test-writable | --> excessive capabilities.sh
netalertx-test-writable | --> appliance integrity.sh
netalertx-test-writable | --> ports available.sh
netalertx-test-writable exited with code 0
netalertx-test-writable | --> first run config.sh
netalertx-test-writable | --> first run db.sh
netalertx-test-writable | --> mandatory folders.sh
netalertx-test-writable | * Creating Plugins log.
netalertx-test-writable | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-writable | * Creating System services run log.
netalertx-test-writable | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-writable | * Creating System services run tmp.
netalertx-test-writable | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-writable | * Creating DB locked log.
netalertx-test-writable | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-writable | * Creating Execution queue log.
netalertx-test-writable | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-writable | --> apply conf override.sh
netalertx-test-writable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-writable | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-writable |
netalertx-test-writable | Make sure the JSON content is correct before starting the application.
netalertx-test-writable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-writable | --> writable config.sh
netalertx-test-writable | --> nginx config.sh
netalertx-test-writable | --> expected user id match.sh
netalertx-test-writable | 
netalertx-test-writable | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-writable | --> host mode network.sh
netalertx-test-writable | --> excessive capabilities.sh
netalertx-test-writable | --> appliance integrity.sh
netalertx-test-writable | --> ports available.sh
netalertx-test-writable exited with code 0
netalertx-test-writable | --> first run config.sh
netalertx-test-writable | --> first run db.sh
netalertx-test-writable | --> mandatory folders.sh
netalertx-test-writable | * Creating Plugins log.
netalertx-test-writable | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-writable | * Creating System services run log.
netalertx-test-writable | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-writable | * Creating System services run tmp.
netalertx-test-writable | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-writable | * Creating DB locked log.
netalertx-test-writable | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-writable | * Creating Execution queue log.
netalertx-test-writable | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-writable | --> apply conf override.sh
netalertx-test-writable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-writable | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-writable |
netalertx-test-writable | Make sure the JSON content is correct before starting the application.
netalertx-test-writable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-writable | --> writable config.sh
netalertx-test-writable | --> nginx config.sh
netalertx-test-writable | --> expected user id match.sh
netalertx-test-writable | 
netalertx-test-writable | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-writable | --> host mode network.sh
netalertx-test-writable | --> excessive capabilities.sh
netalertx-test-writable | --> appliance integrity.sh
netalertx-test-writable | --> ports available.sh
netalertx-test-writable exited with code 0
netalertx-test-writable | --> first run config.sh
netalertx-test-writable | --> first run db.sh
netalertx-test-writable | --> mandatory folders.sh
netalertx-test-writable | * Creating Plugins log.
netalertx-test-writable | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-writable | * Creating System services run log.
netalertx-test-writable | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-writable | * Creating System services run tmp.
netalertx-test-writable | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-writable | * Creating DB locked log.
netalertx-test-writable | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-writable | * Creating Execution queue log.
netalertx-test-writable | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-writable | --> apply conf override.sh
netalertx-test-writable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-writable | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-writable |
netalertx-test-writable | Make sure the JSON content is correct before starting the application.
netalertx-test-writable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-writable | --> writable config.sh
netalertx-test-writable | --> nginx config.sh
netalertx-test-writable | --> expected user id match.sh
netalertx-test-writable | 
netalertx-test-writable | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-writable | --> host mode network.sh
netalertx-test-writable | --> excessive capabilities.sh
netalertx-test-writable | --> appliance integrity.sh
netalertx-test-writable | --> ports available.sh
netalertx-test-writable exited with code 0
netalertx-test-writable | --> first run config.sh
netalertx-test-writable | --> first run db.sh
netalertx-test-writable | --> mandatory folders.sh
netalertx-test-writable | * Creating Plugins log.
netalertx-test-writable | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-writable | * Creating System services run log.
netalertx-test-writable | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-writable | * Creating System services run tmp.
netalertx-test-writable | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-writable | * Creating DB locked log.
netalertx-test-writable | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-writable | * Creating Execution queue log.
netalertx-test-writable | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-writable | --> apply conf override.sh
netalertx-test-writable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-writable | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-writable |
netalertx-test-writable | Make sure the JSON content is correct before starting the application.
netalertx-test-writable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-writable | --> writable config.sh
netalertx-test-writable | --> nginx config.sh
netalertx-test-writable | --> expected user id match.sh
netalertx-test-writable | 
netalertx-test-writable | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-writable | --> host mode network.sh
netalertx-test-writable | --> excessive capabilities.sh
netalertx-test-writable | --> appliance integrity.sh
netalertx-test-writable | --> ports available.sh
netalertx-test-writable exited with code 0
netalertx-test-writable | --> first run config.sh
netalertx-test-writable | --> first run db.sh
netalertx-test-writable | --> mandatory folders.sh
netalertx-test-writable | * Creating Plugins log.
netalertx-test-writable | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-writable | * Creating System services run log.
netalertx-test-writable | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-writable | * Creating System services run tmp.
netalertx-test-writable | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-writable | * Creating DB locked log.
netalertx-test-writable | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-writable | * Creating Execution queue log.
netalertx-test-writable | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-writable | --> apply conf override.sh
netalertx-test-writable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-writable | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-writable |
netalertx-test-writable | Make sure the JSON content is correct before starting the application.
netalertx-test-writable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-writable | --> writable config.sh
netalertx-test-writable | --> nginx config.sh
netalertx-test-writable | --> expected user id match.sh
netalertx-test-writable | 
netalertx-test-writable | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-writable | --> host mode network.sh
netalertx-test-writable | --> excessive capabilities.sh
netalertx-test-writable | --> appliance integrity.sh
netalertx-test-writable | --> ports available.sh
netalertx-test-writable exited with code 0
Gracefully stopping... (press Ctrl+C again to force)
Container netalertx-test-writable Stopping
Container netalertx-test-writable Stopped
File: docker-compose.mount-test.active_config_mounted.yml
----------------------------------------
Expected outcome: Container starts successfully with proper nginx config mount
- SYSTEM_SERVICES_ACTIVE_CONFIG shows as writable and mounted
- No configuration warnings for nginx config path
- Custom PORT configuration should work when nginx config is writable
Testing: docker-compose.mount-test.active_config_mounted.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_test_system_services_active_config" Creating
Volume "mount-tests_test_system_services_active_config" Created
Volume "mount-tests_test_netalertx_data" Creating
Volume "mount-tests_test_netalertx_data" Created
Container netalertx-test-mount-active_config_mounted Creating
Container netalertx-test-mount-active_config_mounted Created
Attaching to netalertx-test-mount-active_config_mounted
netalertx-test-mount-active_config_mounted | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-active_config_mounted | Ownership prepared for PUID=20211.
netalertx-test-mount-active_config_mounted | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-active_config_mounted | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-active_config_mounted | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-active_config_mounted | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-active_config_mounted | Ownership prepared for PUID=20211.
netalertx-test-mount-active_config_mounted | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-active_config_mounted | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-active_config_mounted | 
netalertx-test-mount-active_config_mounted | _ _ _ ___ _ _ __ __
netalertx-test-mount-active_config_mounted | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-active_config_mounted | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-active_config_mounted | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-active_config_mounted | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-active_config_mounted | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-active_config_mounted |  Network intruder and presence detector.
netalertx-test-mount-active_config_mounted | https://netalertx.com
netalertx-test-mount-active_config_mounted |
netalertx-test-mount-active_config_mounted |
netalertx-test-mount-active_config_mounted | Startup pre-checks
netalertx-test-mount-active_config_mounted | --> data migration.sh
netalertx-test-mount-active_config_mounted | --> capabilities audit.sh
netalertx-test-mount-active_config_mounted | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-mount-active_config_mounted | --> mounts.py
netalertx-test-mount-active_config_mounted | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-active_config_mounted | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-active_config_mounted | /data | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-active_config_mounted | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-active_config_mounted | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-active_config_mounted | /tmp/run/tmp | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-active_config_mounted | /tmp/api | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-active_config_mounted | /tmp/log | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-active_config_mounted | /tmp/run | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-active_config_mounted | /tmp/nginx/active-config | ✅| ✅| ✅ | ❌ | ❌ | ✅
netalertx-test-mount-active_config_mounted |
netalertx-test-mount-active_config_mounted |
netalertx-test-mount-active_config_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_mounted | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-active_config_mounted |
netalertx-test-mount-active_config_mounted | * /tmp/run/tmp error writing
netalertx-test-mount-active_config_mounted | * /tmp/api error writing
netalertx-test-mount-active_config_mounted | * /tmp/log error writing
netalertx-test-mount-active_config_mounted | * /tmp/run error writing
netalertx-test-mount-active_config_mounted | * /tmp/nginx/active-config performance issue
netalertx-test-mount-active_config_mounted |
netalertx-test-mount-active_config_mounted | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-active_config_mounted | configuration can be quite complex.
netalertx-test-mount-active_config_mounted |
netalertx-test-mount-active_config_mounted | Review the documentation for a correct setup:
netalertx-test-mount-active_config_mounted | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-active_config_mounted | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-active_config_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_mounted | 
netalertx-test-mount-active_config_mounted | --> first run config.sh
netalertx-test-mount-active_config_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_mounted | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-active_config_mounted |
netalertx-test-mount-active_config_mounted | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-active_config_mounted | this instance in production.
netalertx-test-mount-active_config_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_mounted | --> first run db.sh
netalertx-test-mount-active_config_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_mounted | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-active_config_mounted |
netalertx-test-mount-active_config_mounted | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-active_config_mounted | DB before onboarding sensitive or critical networks.
netalertx-test-mount-active_config_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_mounted | --> mandatory folders.sh
netalertx-test-mount-active_config_mounted | * Creating Plugins log.
netalertx-test-mount-active_config_mounted | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-mount-active_config_mounted | * Creating System services run log.
netalertx-test-mount-active_config_mounted | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-mount-active_config_mounted | * Creating System services run tmp.
netalertx-test-mount-active_config_mounted | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-mount-active_config_mounted | * Creating DB locked log.
netalertx-test-mount-active_config_mounted | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-mount-active_config_mounted | * Creating Execution queue log.
netalertx-test-mount-active_config_mounted | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-mount-active_config_mounted | --> apply conf override.sh
netalertx-test-mount-active_config_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_mounted | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-mount-active_config_mounted |
netalertx-test-mount-active_config_mounted | Make sure the JSON content is correct before starting the application.
netalertx-test-mount-active_config_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_mounted | --> writable config.sh
netalertx-test-mount-active_config_mounted | --> nginx config.sh
netalertx-test-mount-active_config_mounted | --> expected user id match.sh
netalertx-test-mount-active_config_mounted | 
netalertx-test-mount-active_config_mounted | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-mount-active_config_mounted | --> host mode network.sh
netalertx-test-mount-active_config_mounted | --> excessive capabilities.sh
netalertx-test-mount-active_config_mounted | --> appliance integrity.sh
netalertx-test-mount-active_config_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_mounted | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-active_config_mounted |
netalertx-test-mount-active_config_mounted | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-active_config_mounted | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-active_config_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_mounted | --> ports available.sh
netalertx-test-mount-active_config_mounted exited with code 0
File: docker-compose.mount-test.active_config_no-mount.yml
----------------------------------------
Expected outcome: Container shows warning about missing nginx config mount
- SYSTEM_SERVICES_ACTIVE_CONFIG shows as not mounted
- Warning message about nginx configuration mount being missing
- Custom PORT configuration may not work properly
Testing: docker-compose.mount-test.active_config_no-mount.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_test_netalertx_data" Creating
Volume "mount-tests_test_netalertx_data" Created
Container netalertx-test-mount-active_config_no-mount Creating
Container netalertx-test-mount-active_config_no-mount Created
Attaching to netalertx-test-mount-active_config_no-mount
netalertx-test-mount-active_config_no-mount | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-active_config_no-mount | Ownership prepared for PUID=20211.
netalertx-test-mount-active_config_no-mount | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-active_config_no-mount | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-active_config_no-mount | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-active_config_no-mount | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-active_config_no-mount | Ownership prepared for PUID=20211.
netalertx-test-mount-active_config_no-mount | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-active_config_no-mount | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-active_config_no-mount | 
netalertx-test-mount-active_config_no-mount | _ _ _ ___ _ _ __ __
netalertx-test-mount-active_config_no-mount | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-active_config_no-mount | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-active_config_no-mount | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-active_config_no-mount | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-active_config_no-mount | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-active_config_no-mount |  Network intruder and presence detector.
netalertx-test-mount-active_config_no-mount | https://netalertx.com
netalertx-test-mount-active_config_no-mount |
netalertx-test-mount-active_config_no-mount |
netalertx-test-mount-active_config_no-mount | Startup pre-checks
netalertx-test-mount-active_config_no-mount | --> data migration.sh
netalertx-test-mount-active_config_no-mount | --> capabilities audit.sh
netalertx-test-mount-active_config_no-mount | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-mount-active_config_no-mount | --> mounts.py
netalertx-test-mount-active_config_no-mount | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-active_config_no-mount | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-active_config_no-mount | /data | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-active_config_no-mount | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-active_config_no-mount | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-active_config_no-mount | /tmp/run/tmp | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-active_config_no-mount | /tmp/api | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-active_config_no-mount | /tmp/log | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-active_config_no-mount | /tmp/run | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-active_config_no-mount | /tmp/nginx/active-config | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-active_config_no-mount |
netalertx-test-mount-active_config_no-mount |
netalertx-test-mount-active_config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_no-mount | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-active_config_no-mount |
netalertx-test-mount-active_config_no-mount | * /tmp/run/tmp error writing
netalertx-test-mount-active_config_no-mount | * /tmp/api error writing
netalertx-test-mount-active_config_no-mount | * /tmp/log error writing
netalertx-test-mount-active_config_no-mount | * /tmp/run error writing
netalertx-test-mount-active_config_no-mount | * /tmp/nginx/active-config error writing
netalertx-test-mount-active_config_no-mount |
netalertx-test-mount-active_config_no-mount | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-active_config_no-mount | configuration can be quite complex.
netalertx-test-mount-active_config_no-mount |
netalertx-test-mount-active_config_no-mount | Review the documentation for a correct setup:
netalertx-test-mount-active_config_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-active_config_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-active_config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_no-mount | 
netalertx-test-mount-active_config_no-mount | --> first run config.sh
netalertx-test-mount-active_config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_no-mount | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-active_config_no-mount |
netalertx-test-mount-active_config_no-mount | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-active_config_no-mount | this instance in production.
netalertx-test-mount-active_config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_no-mount | --> first run db.sh
netalertx-test-mount-active_config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_no-mount | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-active_config_no-mount |
netalertx-test-mount-active_config_no-mount | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-active_config_no-mount | DB before onboarding sensitive or critical networks.
netalertx-test-mount-active_config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_no-mount | --> mandatory folders.sh
netalertx-test-mount-active_config_no-mount | * Creating Plugins log.
netalertx-test-mount-active_config_no-mount | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-mount-active_config_no-mount | * Creating System services run log.
netalertx-test-mount-active_config_no-mount | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-mount-active_config_no-mount | * Creating System services run tmp.
netalertx-test-mount-active_config_no-mount | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-mount-active_config_no-mount | * Creating DB locked log.
netalertx-test-mount-active_config_no-mount | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-mount-active_config_no-mount | * Creating Execution queue log.
netalertx-test-mount-active_config_no-mount | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-mount-active_config_no-mount | --> apply conf override.sh
netalertx-test-mount-active_config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_no-mount | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-mount-active_config_no-mount |
netalertx-test-mount-active_config_no-mount | Make sure the JSON content is correct before starting the application.
netalertx-test-mount-active_config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_no-mount | --> writable config.sh
netalertx-test-mount-active_config_no-mount | --> nginx config.sh
netalertx-test-mount-active_config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_no-mount | ⚠️ ATTENTION: Unable to write to /tmp/nginx/active-config/netalertx.conf.
netalertx-test-mount-active_config_no-mount |
netalertx-test-mount-active_config_no-mount | Ensure the conf.active mount is writable by the netalertx user before
netalertx-test-mount-active_config_no-mount | changing LISTEN_ADDR or PORT. Fix permissions:
netalertx-test-mount-active_config_no-mount | chown -R 20211:20211 /tmp/nginx/active-config
netalertx-test-mount-active_config_no-mount | find /tmp/nginx/active-config -type d -exec chmod 700 {} +
netalertx-test-mount-active_config_no-mount | find /tmp/nginx/active-config -type f -exec chmod 600 {} +
netalertx-test-mount-active_config_no-mount |
netalertx-test-mount-active_config_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/nginx-configuration-mount.md
netalertx-test-mount-active_config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_no-mount | --> expected user id match.sh
netalertx-test-mount-active_config_no-mount | 
netalertx-test-mount-active_config_no-mount | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-mount-active_config_no-mount | --> host mode network.sh
netalertx-test-mount-active_config_no-mount | --> excessive capabilities.sh
netalertx-test-mount-active_config_no-mount | --> appliance integrity.sh
netalertx-test-mount-active_config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_no-mount | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-active_config_no-mount |
netalertx-test-mount-active_config_no-mount | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-active_config_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-active_config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_no-mount | --> ports available.sh
netalertx-test-mount-active_config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_no-mount | ⚠️ Port Warning: GraphQL API port 20212 is already in use.
netalertx-test-mount-active_config_no-mount |
netalertx-test-mount-active_config_no-mount | The GraphQL API (defined by $APP_CONF_OVERRIDE or $GRAPHQL_PORT)
netalertx-test-mount-active_config_no-mount | may fail to start.
netalertx-test-mount-active_config_no-mount |
netalertx-test-mount-active_config_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/port-conflicts.md
netalertx-test-mount-active_config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_no-mount exited with code 0
File: docker-compose.mount-test.active_config_ramdisk.yml
----------------------------------------
Expected outcome: Container shows performance warning for nginx config on RAM disk
- SYSTEM_SERVICES_ACTIVE_CONFIG shows as mounted on tmpfs (RAM disk)
- Performance issue warning since nginx config should be persistent
- Custom PORT configuration may have performance implications
Testing: docker-compose.mount-test.active_config_ramdisk.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_test_netalertx_data" Creating
Volume "mount-tests_test_netalertx_data" Created
Container netalertx-test-mount-active_config_ramdisk Creating
Container netalertx-test-mount-active_config_ramdisk Created
Attaching to netalertx-test-mount-active_config_ramdisk
netalertx-test-mount-active_config_ramdisk | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-active_config_ramdisk | Ownership prepared for PUID=20211.
netalertx-test-mount-active_config_ramdisk | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-active_config_ramdisk | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-active_config_ramdisk | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-active_config_ramdisk | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-active_config_ramdisk | Ownership prepared for PUID=20211.
netalertx-test-mount-active_config_ramdisk | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-active_config_ramdisk | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-active_config_ramdisk | 
netalertx-test-mount-active_config_ramdisk | _ _ _ ___ _ _ __ __
netalertx-test-mount-active_config_ramdisk | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-active_config_ramdisk | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-active_config_ramdisk | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-active_config_ramdisk | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-active_config_ramdisk | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-active_config_ramdisk |  Network intruder and presence detector.
netalertx-test-mount-active_config_ramdisk | https://netalertx.com
netalertx-test-mount-active_config_ramdisk |
netalertx-test-mount-active_config_ramdisk |
netalertx-test-mount-active_config_ramdisk | Startup pre-checks
netalertx-test-mount-active_config_ramdisk | --> data migration.sh
netalertx-test-mount-active_config_ramdisk | --> capabilities audit.sh
netalertx-test-mount-active_config_ramdisk | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-mount-active_config_ramdisk | --> mounts.py
netalertx-test-mount-active_config_ramdisk | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-active_config_ramdisk | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-active_config_ramdisk | /data | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-active_config_ramdisk | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-active_config_ramdisk | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-active_config_ramdisk | /tmp/run/tmp | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-active_config_ramdisk | /tmp/api | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-active_config_ramdisk | /tmp/log | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-active_config_ramdisk | /tmp/run | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-active_config_ramdisk | /tmp/nginx/active-config | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-active_config_ramdisk |
netalertx-test-mount-active_config_ramdisk |
netalertx-test-mount-active_config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_ramdisk | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-active_config_ramdisk |
netalertx-test-mount-active_config_ramdisk | * /tmp/run/tmp error writing
netalertx-test-mount-active_config_ramdisk | * /tmp/api error writing
netalertx-test-mount-active_config_ramdisk | * /tmp/log error writing
netalertx-test-mount-active_config_ramdisk | * /tmp/run error writing
netalertx-test-mount-active_config_ramdisk | * /tmp/nginx/active-config error writing
netalertx-test-mount-active_config_ramdisk |
netalertx-test-mount-active_config_ramdisk | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-active_config_ramdisk | configuration can be quite complex.
netalertx-test-mount-active_config_ramdisk |
netalertx-test-mount-active_config_ramdisk | Review the documentation for a correct setup:
netalertx-test-mount-active_config_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-active_config_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-active_config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_ramdisk | 
netalertx-test-mount-active_config_ramdisk | --> first run config.sh
netalertx-test-mount-active_config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_ramdisk | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-active_config_ramdisk |
netalertx-test-mount-active_config_ramdisk | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-active_config_ramdisk | this instance in production.
netalertx-test-mount-active_config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_ramdisk | --> first run db.sh
netalertx-test-mount-active_config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_ramdisk | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-active_config_ramdisk |
netalertx-test-mount-active_config_ramdisk | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-active_config_ramdisk | DB before onboarding sensitive or critical networks.
netalertx-test-mount-active_config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_ramdisk | --> mandatory folders.sh
netalertx-test-mount-active_config_ramdisk | * Creating Plugins log.
netalertx-test-mount-active_config_ramdisk | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-mount-active_config_ramdisk | * Creating System services run log.
netalertx-test-mount-active_config_ramdisk | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-mount-active_config_ramdisk | * Creating System services run tmp.
netalertx-test-mount-active_config_ramdisk | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-mount-active_config_ramdisk | * Creating DB locked log.
netalertx-test-mount-active_config_ramdisk | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-mount-active_config_ramdisk | * Creating Execution queue log.
netalertx-test-mount-active_config_ramdisk | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-mount-active_config_ramdisk | --> apply conf override.sh
netalertx-test-mount-active_config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_ramdisk | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-mount-active_config_ramdisk |
netalertx-test-mount-active_config_ramdisk | Make sure the JSON content is correct before starting the application.
netalertx-test-mount-active_config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_ramdisk | --> writable config.sh
netalertx-test-mount-active_config_ramdisk | --> nginx config.sh
netalertx-test-mount-active_config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_ramdisk | ⚠️ ATTENTION: Unable to write to /tmp/nginx/active-config/netalertx.conf.
netalertx-test-mount-active_config_ramdisk |
netalertx-test-mount-active_config_ramdisk | Ensure the conf.active mount is writable by the netalertx user before
netalertx-test-mount-active_config_ramdisk | changing LISTEN_ADDR or PORT. Fix permissions:
netalertx-test-mount-active_config_ramdisk | chown -R 20211:20211 /tmp/nginx/active-config
netalertx-test-mount-active_config_ramdisk | find /tmp/nginx/active-config -type d -exec chmod 700 {} +
netalertx-test-mount-active_config_ramdisk | find /tmp/nginx/active-config -type f -exec chmod 600 {} +
netalertx-test-mount-active_config_ramdisk |
netalertx-test-mount-active_config_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/nginx-configuration-mount.md
netalertx-test-mount-active_config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_ramdisk | --> expected user id match.sh
netalertx-test-mount-active_config_ramdisk | 
netalertx-test-mount-active_config_ramdisk | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-mount-active_config_ramdisk | --> host mode network.sh
netalertx-test-mount-active_config_ramdisk | --> excessive capabilities.sh
netalertx-test-mount-active_config_ramdisk | --> appliance integrity.sh
netalertx-test-mount-active_config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_ramdisk | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-active_config_ramdisk |
netalertx-test-mount-active_config_ramdisk | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-active_config_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-active_config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_ramdisk | --> ports available.sh
netalertx-test-mount-active_config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_ramdisk | ⚠️ Port Warning: GraphQL API port 20212 is already in use.
netalertx-test-mount-active_config_ramdisk |
netalertx-test-mount-active_config_ramdisk | The GraphQL API (defined by $APP_CONF_OVERRIDE or $GRAPHQL_PORT)
netalertx-test-mount-active_config_ramdisk | may fail to start.
netalertx-test-mount-active_config_ramdisk |
netalertx-test-mount-active_config_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/port-conflicts.md
netalertx-test-mount-active_config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_ramdisk exited with code 0
File: docker-compose.mount-test.active_config_unwritable.yml
----------------------------------------
Expected outcome: Container fails to start due to unwritable nginx config partition
- SYSTEM_SERVICES_ACTIVE_CONFIG shows as mounted but unwritable (❌ in Writeable column)
- 35-nginx-config.sh detects permission error and exits with code 1
- Container startup fails because nginx configuration cannot be written for custom ports
Testing: docker-compose.mount-test.active_config_unwritable.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_test_system_services_active_config" Creating
Volume "mount-tests_test_system_services_active_config" Created
Volume "mount-tests_test_netalertx_data" Creating
Volume "mount-tests_test_netalertx_data" Created
Container netalertx-test-mount-active_config_unwritable Creating
Container netalertx-test-mount-active_config_unwritable Created
Attaching to netalertx-test-mount-active_config_unwritable
netalertx-test-mount-active_config_unwritable | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-active_config_unwritable | Ownership prepared for PUID=20211.
netalertx-test-mount-active_config_unwritable | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-active_config_unwritable | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-active_config_unwritable | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-active_config_unwritable | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-active_config_unwritable | Ownership prepared for PUID=20211.
netalertx-test-mount-active_config_unwritable | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-active_config_unwritable | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-active_config_unwritable | 
netalertx-test-mount-active_config_unwritable | _ _ _ ___ _ _ __ __
netalertx-test-mount-active_config_unwritable | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-active_config_unwritable | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-active_config_unwritable | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-active_config_unwritable | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-active_config_unwritable | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-active_config_unwritable |  Network intruder and presence detector.
netalertx-test-mount-active_config_unwritable | https://netalertx.com
netalertx-test-mount-active_config_unwritable |
netalertx-test-mount-active_config_unwritable |
netalertx-test-mount-active_config_unwritable | Startup pre-checks
netalertx-test-mount-active_config_unwritable | --> data migration.sh
netalertx-test-mount-active_config_unwritable | --> capabilities audit.sh
netalertx-test-mount-active_config_unwritable | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-mount-active_config_unwritable | --> mounts.py
netalertx-test-mount-active_config_unwritable | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-active_config_unwritable | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-active_config_unwritable | /data | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-active_config_unwritable | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-active_config_unwritable | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-active_config_unwritable | /tmp/run/tmp | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-active_config_unwritable | /tmp/api | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-active_config_unwritable | /tmp/log | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-active_config_unwritable | /tmp/run | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-active_config_unwritable | /tmp/nginx/active-config | ✅| ❌| ✅ | ❌ | ❌ | ✅
netalertx-test-mount-active_config_unwritable |
netalertx-test-mount-active_config_unwritable |
netalertx-test-mount-active_config_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_unwritable | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-active_config_unwritable |
netalertx-test-mount-active_config_unwritable | * /tmp/run/tmp error writing
netalertx-test-mount-active_config_unwritable | * /tmp/api error writing
netalertx-test-mount-active_config_unwritable | * /tmp/log error writing
netalertx-test-mount-active_config_unwritable | * /tmp/run error writing
netalertx-test-mount-active_config_unwritable | * /tmp/nginx/active-config error writing, performance issue
netalertx-test-mount-active_config_unwritable |
netalertx-test-mount-active_config_unwritable | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-active_config_unwritable | configuration can be quite complex.
netalertx-test-mount-active_config_unwritable |
netalertx-test-mount-active_config_unwritable | Review the documentation for a correct setup:
netalertx-test-mount-active_config_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-active_config_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-active_config_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_unwritable | 
netalertx-test-mount-active_config_unwritable | --> first run config.sh
netalertx-test-mount-active_config_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_unwritable | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-active_config_unwritable |
netalertx-test-mount-active_config_unwritable | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-active_config_unwritable | this instance in production.
netalertx-test-mount-active_config_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_unwritable | --> first run db.sh
netalertx-test-mount-active_config_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_unwritable | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-active_config_unwritable |
netalertx-test-mount-active_config_unwritable | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-active_config_unwritable | DB before onboarding sensitive or critical networks.
netalertx-test-mount-active_config_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_unwritable | --> mandatory folders.sh
netalertx-test-mount-active_config_unwritable | * Creating Plugins log.
netalertx-test-mount-active_config_unwritable | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-mount-active_config_unwritable | * Creating System services run log.
netalertx-test-mount-active_config_unwritable | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-mount-active_config_unwritable | * Creating System services run tmp.
netalertx-test-mount-active_config_unwritable | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-mount-active_config_unwritable | * Creating DB locked log.
netalertx-test-mount-active_config_unwritable | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-mount-active_config_unwritable | * Creating Execution queue log.
netalertx-test-mount-active_config_unwritable | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-mount-active_config_unwritable | --> apply conf override.sh
netalertx-test-mount-active_config_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_unwritable | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-mount-active_config_unwritable |
netalertx-test-mount-active_config_unwritable | Make sure the JSON content is correct before starting the application.
netalertx-test-mount-active_config_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_unwritable | --> writable config.sh
netalertx-test-mount-active_config_unwritable | --> nginx config.sh
netalertx-test-mount-active_config_unwritable | --> expected user id match.sh
netalertx-test-mount-active_config_unwritable | 
netalertx-test-mount-active_config_unwritable | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-mount-active_config_unwritable | --> host mode network.sh
netalertx-test-mount-active_config_unwritable | --> excessive capabilities.sh
netalertx-test-mount-active_config_unwritable | --> appliance integrity.sh
netalertx-test-mount-active_config_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_unwritable | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-active_config_unwritable |
netalertx-test-mount-active_config_unwritable | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-active_config_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-active_config_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_unwritable | --> ports available.sh
netalertx-test-mount-active_config_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_unwritable | ⚠️ Port Warning: GraphQL API port 20212 is already in use.
netalertx-test-mount-active_config_unwritable |
netalertx-test-mount-active_config_unwritable | The GraphQL API (defined by $APP_CONF_OVERRIDE or $GRAPHQL_PORT)
netalertx-test-mount-active_config_unwritable | may fail to start.
netalertx-test-mount-active_config_unwritable |
netalertx-test-mount-active_config_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/port-conflicts.md
netalertx-test-mount-active_config_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-active_config_unwritable exited with code 0
File: docker-compose.mount-test.api_mounted.yml
----------------------------------------
Expected outcome: Container starts successfully with proper API mount
- NETALERTX_API shows as writable and mounted
- No configuration warnings for API path
- API data persistence works correctly
Testing: docker-compose.mount-test.api_mounted.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_test_netalertx_api" Creating
Volume "mount-tests_test_netalertx_api" Created
Volume "mount-tests_netalertx_db" Creating
Volume "mount-tests_netalertx_db" Created
Volume "mount-tests_netalertx_config" Creating
Volume "mount-tests_netalertx_config" Created
Container netalertx-test-mount-api_mounted Creating
Container netalertx-test-mount-api_mounted Created
Attaching to netalertx-test-mount-api_mounted
netalertx-test-mount-api_mounted | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-api_mounted | Ownership prepared for PUID=20211.
netalertx-test-mount-api_mounted | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-api_mounted | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-api_mounted | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-api_mounted | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-api_mounted | Ownership prepared for PUID=20211.
netalertx-test-mount-api_mounted | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-api_mounted | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-api_mounted | 
netalertx-test-mount-api_mounted | _ _ _ ___ _ _ __ __
netalertx-test-mount-api_mounted | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-api_mounted | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-api_mounted | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-api_mounted | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-api_mounted | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-api_mounted |  Network intruder and presence detector.
netalertx-test-mount-api_mounted | https://netalertx.com
netalertx-test-mount-api_mounted |
netalertx-test-mount-api_mounted |
netalertx-test-mount-api_mounted | Startup pre-checks
netalertx-test-mount-api_mounted | --> data migration.sh
netalertx-test-mount-api_mounted | --> capabilities audit.sh
netalertx-test-mount-api_mounted | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-mount-api_mounted | --> mounts.py
netalertx-test-mount-api_mounted | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-api_mounted | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-api_mounted | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-api_mounted | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-api_mounted | /tmp/run/tmp | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-api_mounted | /tmp/api | ✅| ✅| ✅ | ❌ | ❌ | ✅
netalertx-test-mount-api_mounted | /tmp/log | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-api_mounted | /tmp/run | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-api_mounted | /tmp/nginx/active-config | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-api_mounted |
netalertx-test-mount-api_mounted |
netalertx-test-mount-api_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_mounted | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-api_mounted |
netalertx-test-mount-api_mounted | * /tmp/run/tmp error writing, error reading
netalertx-test-mount-api_mounted | * /tmp/api performance issue
netalertx-test-mount-api_mounted | * /tmp/log error writing, error reading
netalertx-test-mount-api_mounted | * /tmp/run error writing, error reading
netalertx-test-mount-api_mounted | * /tmp/nginx/active-config error writing, error reading
netalertx-test-mount-api_mounted |
netalertx-test-mount-api_mounted | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-api_mounted | configuration can be quite complex.
netalertx-test-mount-api_mounted |
netalertx-test-mount-api_mounted | Review the documentation for a correct setup:
netalertx-test-mount-api_mounted | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-api_mounted | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-api_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_mounted | 
netalertx-test-mount-api_mounted | --> first run config.sh
netalertx-test-mount-api_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_mounted | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-api_mounted |
netalertx-test-mount-api_mounted | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-api_mounted | this instance in production.
netalertx-test-mount-api_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_mounted | --> first run db.sh
netalertx-test-mount-api_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_mounted | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-api_mounted |
netalertx-test-mount-api_mounted | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-api_mounted | DB before onboarding sensitive or critical networks.
netalertx-test-mount-api_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_mounted | --> mandatory folders.sh
netalertx-test-mount-api_mounted | * Creating Plugins log.
netalertx-test-mount-api_mounted | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-mount-api_mounted | * Creating System services run log.
netalertx-test-mount-api_mounted | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-mount-api_mounted | * Creating System services run tmp.
netalertx-test-mount-api_mounted | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-mount-api_mounted | * Creating DB locked log.
netalertx-test-mount-api_mounted | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-mount-api_mounted | * Creating Execution queue log.
netalertx-test-mount-api_mounted | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-mount-api_mounted | --> apply conf override.sh
netalertx-test-mount-api_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_mounted | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-mount-api_mounted |
netalertx-test-mount-api_mounted | Make sure the JSON content is correct before starting the application.
netalertx-test-mount-api_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_mounted | --> writable config.sh
netalertx-test-mount-api_mounted | --> nginx config.sh
netalertx-test-mount-api_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_mounted | ⚠️ ATTENTION: Unable to write to /tmp/nginx/active-config/netalertx.conf.
netalertx-test-mount-api_mounted |
netalertx-test-mount-api_mounted | Ensure the conf.active mount is writable by the netalertx user before
netalertx-test-mount-api_mounted | changing LISTEN_ADDR or PORT. Fix permissions:
netalertx-test-mount-api_mounted | chown -R 20211:20211 /tmp/nginx/active-config
netalertx-test-mount-api_mounted | find /tmp/nginx/active-config -type d -exec chmod 700 {} +
netalertx-test-mount-api_mounted | find /tmp/nginx/active-config -type f -exec chmod 600 {} +
netalertx-test-mount-api_mounted |
netalertx-test-mount-api_mounted | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/nginx-configuration-mount.md
netalertx-test-mount-api_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_mounted | --> expected user id match.sh
netalertx-test-mount-api_mounted | 
netalertx-test-mount-api_mounted | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-mount-api_mounted | --> host mode network.sh
netalertx-test-mount-api_mounted | --> excessive capabilities.sh
netalertx-test-mount-api_mounted | --> appliance integrity.sh
netalertx-test-mount-api_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_mounted | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-api_mounted |
netalertx-test-mount-api_mounted | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-api_mounted | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-api_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_mounted | --> ports available.sh
netalertx-test-mount-api_mounted exited with code 0
File: docker-compose.mount-test.api_no-mount.yml
----------------------------------------
Expected outcome: Container shows mount error for API directory
- NETALERTX_API shows as not mounted
- Mount error since API directory should be mounted for proper operation
- API functionality may be limited
Testing: docker-compose.mount-test.api_no-mount.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_netalertx_db" Creating
Volume "mount-tests_netalertx_db" Created
Volume "mount-tests_netalertx_config" Creating
Volume "mount-tests_netalertx_config" Created
Container netalertx-test-mount-api_no-mount Creating
Container netalertx-test-mount-api_no-mount Created
Attaching to netalertx-test-mount-api_no-mount
netalertx-test-mount-api_no-mount | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-api_no-mount | Ownership prepared for PUID=20211.
netalertx-test-mount-api_no-mount | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-api_no-mount | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-api_no-mount | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-api_no-mount | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-api_no-mount | Ownership prepared for PUID=20211.
netalertx-test-mount-api_no-mount | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-api_no-mount | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-api_no-mount | 
netalertx-test-mount-api_no-mount | _ _ _ ___ _ _ __ __
netalertx-test-mount-api_no-mount | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-api_no-mount | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-api_no-mount | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-api_no-mount | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-api_no-mount | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-api_no-mount |  Network intruder and presence detector.
netalertx-test-mount-api_no-mount | https://netalertx.com
netalertx-test-mount-api_no-mount |
netalertx-test-mount-api_no-mount |
netalertx-test-mount-api_no-mount | Startup pre-checks
netalertx-test-mount-api_no-mount | --> data migration.sh
netalertx-test-mount-api_no-mount | --> capabilities audit.sh
netalertx-test-mount-api_no-mount | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-mount-api_no-mount | --> mounts.py
netalertx-test-mount-api_no-mount | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-api_no-mount | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-api_no-mount | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-api_no-mount | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-api_no-mount | /tmp/run/tmp | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-api_no-mount | /tmp/api | ✅| ✅| ❌ | ❌ | ❌ | ✅
netalertx-test-mount-api_no-mount | /tmp/log | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-api_no-mount | /tmp/run | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-api_no-mount | /tmp/nginx/active-config | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-api_no-mount |
netalertx-test-mount-api_no-mount |
netalertx-test-mount-api_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_no-mount | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-api_no-mount |
netalertx-test-mount-api_no-mount | * /tmp/run/tmp error writing, error reading
netalertx-test-mount-api_no-mount | * /tmp/api not mounted, performance issue
netalertx-test-mount-api_no-mount | * /tmp/log error writing, error reading
netalertx-test-mount-api_no-mount | * /tmp/run error writing, error reading
netalertx-test-mount-api_no-mount | * /tmp/nginx/active-config error writing, error reading
netalertx-test-mount-api_no-mount |
netalertx-test-mount-api_no-mount | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-api_no-mount | configuration can be quite complex.
netalertx-test-mount-api_no-mount |
netalertx-test-mount-api_no-mount | Review the documentation for a correct setup:
netalertx-test-mount-api_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-api_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-api_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_no-mount | 
netalertx-test-mount-api_no-mount | --> first run config.sh
netalertx-test-mount-api_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_no-mount | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-api_no-mount |
netalertx-test-mount-api_no-mount | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-api_no-mount | this instance in production.
netalertx-test-mount-api_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_no-mount | --> first run db.sh
netalertx-test-mount-api_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_no-mount | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-api_no-mount |
netalertx-test-mount-api_no-mount | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-api_no-mount | DB before onboarding sensitive or critical networks.
netalertx-test-mount-api_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_no-mount | --> mandatory folders.sh
netalertx-test-mount-api_no-mount | * Creating Plugins log.
netalertx-test-mount-api_no-mount | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-mount-api_no-mount | * Creating System services run log.
netalertx-test-mount-api_no-mount | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-mount-api_no-mount | * Creating System services run tmp.
netalertx-test-mount-api_no-mount | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-mount-api_no-mount | * Creating DB locked log.
netalertx-test-mount-api_no-mount | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-mount-api_no-mount | * Creating Execution queue log.
netalertx-test-mount-api_no-mount | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-mount-api_no-mount | --> apply conf override.sh
netalertx-test-mount-api_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_no-mount | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-mount-api_no-mount |
netalertx-test-mount-api_no-mount | Make sure the JSON content is correct before starting the application.
netalertx-test-mount-api_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_no-mount | --> writable config.sh
netalertx-test-mount-api_no-mount | --> nginx config.sh
netalertx-test-mount-api_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_no-mount | ⚠️ ATTENTION: Unable to write to /tmp/nginx/active-config/netalertx.conf.
netalertx-test-mount-api_no-mount |
netalertx-test-mount-api_no-mount | Ensure the conf.active mount is writable by the netalertx user before
netalertx-test-mount-api_no-mount | changing LISTEN_ADDR or PORT. Fix permissions:
netalertx-test-mount-api_no-mount | chown -R 20211:20211 /tmp/nginx/active-config
netalertx-test-mount-api_no-mount | find /tmp/nginx/active-config -type d -exec chmod 700 {} +
netalertx-test-mount-api_no-mount | find /tmp/nginx/active-config -type f -exec chmod 600 {} +
netalertx-test-mount-api_no-mount |
netalertx-test-mount-api_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/nginx-configuration-mount.md
netalertx-test-mount-api_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_no-mount | --> expected user id match.sh
netalertx-test-mount-api_no-mount | 
netalertx-test-mount-api_no-mount | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-mount-api_no-mount | --> host mode network.sh
netalertx-test-mount-api_no-mount | --> excessive capabilities.sh
netalertx-test-mount-api_no-mount | --> appliance integrity.sh
netalertx-test-mount-api_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_no-mount | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-api_no-mount |
netalertx-test-mount-api_no-mount | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-api_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-api_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_no-mount | --> ports available.sh
netalertx-test-mount-api_no-mount exited with code 0
File: docker-compose.mount-test.api_noread.yml
----------------------------------------
Expected outcome: Mounts table shows /tmp/api is mounted and writable but NOT readable (R=❌, W=✅)
Note: This is a diagnostic-only container (entrypoint sleeps); the test chmods /tmp/api to mode 0300.
Testing: docker-compose.mount-test.api_noread.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_test_netalertx_data" Creating
Volume "mount-tests_test_netalertx_data" Created
Container netalertx-test-mount-api_noread Creating
Container netalertx-test-mount-api_noread Created
Attaching to netalertx-test-mount-api_noread
netalertx-test-mount-api_noread | 
netalertx-test-mount-api_noread | _ _ _ ___ _ _ __ __
netalertx-test-mount-api_noread | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-api_noread | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-api_noread | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-api_noread | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-api_noread | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-api_noread |  Network intruder and presence detector.
netalertx-test-mount-api_noread | https://netalertx.com
netalertx-test-mount-api_noread |
netalertx-test-mount-api_noread |
netalertx-test-mount-api_noread | Startup pre-checks
netalertx-test-mount-api_noread | --> data migration.sh
netalertx-test-mount-api_noread | --> capabilities audit.sh
netalertx-test-mount-api_noread | --> mounts.py
netalertx-test-mount-api_noread | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-api_noread | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-api_noread | /data | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-api_noread | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-api_noread | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-api_noread | /tmp | ✅| ✅| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-api_noread | /tmp/api | ❌| ✅| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-api_noread | /tmp/log | ✅| ✅| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-api_noread | /tmp/run | ✅| ✅| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-api_noread | /tmp/nginx/active-config | ✅| ✅| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-api_noread |
netalertx-test-mount-api_noread |
netalertx-test-mount-api_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_noread | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-api_noread |
netalertx-test-mount-api_noread | * /tmp/api error reading
netalertx-test-mount-api_noread |
netalertx-test-mount-api_noread | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-api_noread | configuration can be quite complex.
netalertx-test-mount-api_noread |
netalertx-test-mount-api_noread | Review the documentation for a correct setup:
netalertx-test-mount-api_noread | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-api_noread | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-api_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_noread | 
netalertx-test-mount-api_noread | --> first run config.sh
netalertx-test-mount-api_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_noread | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-api_noread |
netalertx-test-mount-api_noread | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-api_noread | this instance in production.
netalertx-test-mount-api_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_noread | --> first run db.sh
netalertx-test-mount-api_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_noread | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-api_noread |
netalertx-test-mount-api_noread | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-api_noread | DB before onboarding sensitive or critical networks.
netalertx-test-mount-api_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_noread | --> mandatory folders.sh
netalertx-test-mount-api_noread | * Creating NetAlertX log directory.
netalertx-test-mount-api_noread | * Creating System services runtime directory.
netalertx-test-mount-api_noread | * Creating nginx active configuration directory.
netalertx-test-mount-api_noread | * Creating Plugins log.
netalertx-test-mount-api_noread | * Creating System services run log.
netalertx-test-mount-api_noread | * Creating DB locked log.
netalertx-test-mount-api_noread | * Creating Execution queue log.
netalertx-test-mount-api_noread | --> apply conf override.sh
netalertx-test-mount-api_noread | --> writable config.sh
netalertx-test-mount-api_noread | --> nginx config.sh
netalertx-test-mount-api_noread | --> expected user id match.sh
netalertx-test-mount-api_noread | --> host mode network.sh
netalertx-test-mount-api_noread | --> excessive capabilities.sh
netalertx-test-mount-api_noread | --> appliance integrity.sh
netalertx-test-mount-api_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_noread | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-api_noread |
netalertx-test-mount-api_noread | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-api_noread | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-api_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_noread | --> ports available.sh
netalertx-test-mount-api_noread | Starting supercronic --quiet "/services/config/cron/crontab" >>"/tmp/log/cron.log" 2>&1 &
netalertx-test-mount-api_noread | Starting /usr/sbin/php-fpm83 -y "/services/config/php/php-fpm.conf" -F (tee stderr to app.php_errors.log)
netalertx-test-mount-api_noread | Starting python3 -m server > /tmp/log/stdout.log 2> >(tee /tmp/log/stderr.log >&2)
netalertx-test-mount-api_noread | Starting /usr/sbin/nginx -p "/tmp/run/" -c "/tmp/nginx/active-config/nginx.conf" -g "error_log stderr; error_log /tmp/log/nginx-error.log; daemon off;" &
netalertx-test-mount-api_noread | 2026/01/05 02:21:45 [error] 180#180: *1 FastCGI sent in stderr: "PHP message: PHP Warning: session_start(): open(/tmp/run/tmp/sess_udr0olecett7cp59ckgddqsndb, O_RDWR) failed: No such file or directory (2) in /app/front/php/templates/security.php on line 50; PHP message: PHP Warning: session_start(): Failed to read session data: files (path: /tmp/run/tmp) in /app/front/php/templates/security.php on line 50" while reading response header from upstream, client: 127.0.0.1, server: , request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/tmp/run/php.sock:", host: "localhost:20211"
netalertx-test-mount-api_noread | Successfully updated IEEE OUI database (112503 entries)
Gracefully stopping... (press Ctrl+C again to force)
Container netalertx-test-mount-api_noread Stopping
Container netalertx-test-mount-api_noread Stopped
File: docker-compose.mount-test.api_ramdisk.yml
----------------------------------------
Expected outcome: Container shows performance warning for API on RAM disk
- NETALERTX_API shows as mounted on tmpfs (RAM disk)
- Performance issue warning since API data should be on persistent storage
- API data will be lost on container restart
Testing: docker-compose.mount-test.api_ramdisk.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_test_netalertx_data" Creating
Volume "mount-tests_test_netalertx_data" Created
Container netalertx-test-mount-api_ramdisk Creating
Container netalertx-test-mount-api_ramdisk Created
Attaching to netalertx-test-mount-api_ramdisk
netalertx-test-mount-api_ramdisk | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-api_ramdisk | Ownership prepared for PUID=20211.
netalertx-test-mount-api_ramdisk | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-api_ramdisk | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-api_ramdisk | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-api_ramdisk | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-api_ramdisk | Ownership prepared for PUID=20211.
netalertx-test-mount-api_ramdisk | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-api_ramdisk | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-api_ramdisk | 
netalertx-test-mount-api_ramdisk | _ _ _ ___ _ _ __ __
netalertx-test-mount-api_ramdisk | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-api_ramdisk | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-api_ramdisk | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-api_ramdisk | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-api_ramdisk | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-api_ramdisk |  Network intruder and presence detector.
netalertx-test-mount-api_ramdisk | https://netalertx.com
netalertx-test-mount-api_ramdisk |
netalertx-test-mount-api_ramdisk |
netalertx-test-mount-api_ramdisk | Startup pre-checks
netalertx-test-mount-api_ramdisk | --> data migration.sh
netalertx-test-mount-api_ramdisk | --> capabilities audit.sh
netalertx-test-mount-api_ramdisk | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-mount-api_ramdisk | --> mounts.py
netalertx-test-mount-api_ramdisk | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-api_ramdisk | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-api_ramdisk | /data | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-api_ramdisk | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-api_ramdisk | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-api_ramdisk | /tmp/run/tmp | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-api_ramdisk | /tmp/api | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-api_ramdisk | /tmp/log | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-api_ramdisk | /tmp/run | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-api_ramdisk | /tmp/nginx/active-config | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-api_ramdisk |
netalertx-test-mount-api_ramdisk |
netalertx-test-mount-api_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_ramdisk | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-api_ramdisk |
netalertx-test-mount-api_ramdisk | * /tmp/run/tmp error writing
netalertx-test-mount-api_ramdisk | * /tmp/api error writing
netalertx-test-mount-api_ramdisk | * /tmp/log error writing
netalertx-test-mount-api_ramdisk | * /tmp/run error writing
netalertx-test-mount-api_ramdisk | * /tmp/nginx/active-config error writing
netalertx-test-mount-api_ramdisk |
netalertx-test-mount-api_ramdisk | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-api_ramdisk | configuration can be quite complex.
netalertx-test-mount-api_ramdisk |
netalertx-test-mount-api_ramdisk | Review the documentation for a correct setup:
netalertx-test-mount-api_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-api_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-api_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_ramdisk | 
netalertx-test-mount-api_ramdisk | --> first run config.sh
netalertx-test-mount-api_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_ramdisk | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-api_ramdisk |
netalertx-test-mount-api_ramdisk | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-api_ramdisk | this instance in production.
netalertx-test-mount-api_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_ramdisk | --> first run db.sh
netalertx-test-mount-api_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_ramdisk | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-api_ramdisk |
netalertx-test-mount-api_ramdisk | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-api_ramdisk | DB before onboarding sensitive or critical networks.
netalertx-test-mount-api_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_ramdisk | --> mandatory folders.sh
netalertx-test-mount-api_ramdisk | * Creating Plugins log.
netalertx-test-mount-api_ramdisk | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-mount-api_ramdisk | * Creating System services run log.
netalertx-test-mount-api_ramdisk | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-mount-api_ramdisk | * Creating System services run tmp.
netalertx-test-mount-api_ramdisk | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-mount-api_ramdisk | * Creating DB locked log.
netalertx-test-mount-api_ramdisk | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-mount-api_ramdisk | * Creating Execution queue log.
netalertx-test-mount-api_ramdisk | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-mount-api_ramdisk | --> apply conf override.sh
netalertx-test-mount-api_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_ramdisk | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-mount-api_ramdisk |
netalertx-test-mount-api_ramdisk | Make sure the JSON content is correct before starting the application.
netalertx-test-mount-api_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_ramdisk | --> writable config.sh
netalertx-test-mount-api_ramdisk | --> nginx config.sh
netalertx-test-mount-api_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_ramdisk | ⚠️ ATTENTION: Unable to write to /tmp/nginx/active-config/netalertx.conf.
netalertx-test-mount-api_ramdisk |
netalertx-test-mount-api_ramdisk | Ensure the conf.active mount is writable by the netalertx user before
netalertx-test-mount-api_ramdisk | changing LISTEN_ADDR or PORT. Fix permissions:
netalertx-test-mount-api_ramdisk | chown -R 20211:20211 /tmp/nginx/active-config
netalertx-test-mount-api_ramdisk | find /tmp/nginx/active-config -type d -exec chmod 700 {} +
netalertx-test-mount-api_ramdisk | find /tmp/nginx/active-config -type f -exec chmod 600 {} +
netalertx-test-mount-api_ramdisk |
netalertx-test-mount-api_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/nginx-configuration-mount.md
netalertx-test-mount-api_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_ramdisk | --> expected user id match.sh
netalertx-test-mount-api_ramdisk | 
netalertx-test-mount-api_ramdisk | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-mount-api_ramdisk | --> host mode network.sh
netalertx-test-mount-api_ramdisk | --> excessive capabilities.sh
netalertx-test-mount-api_ramdisk | --> appliance integrity.sh
netalertx-test-mount-api_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_ramdisk | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-api_ramdisk |
netalertx-test-mount-api_ramdisk | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-api_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-api_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_ramdisk | --> ports available.sh
netalertx-test-mount-api_ramdisk exited with code 0
File: docker-compose.mount-test.api_unwritable.yml
----------------------------------------
Expected outcome: Container fails to start due to unwritable API partition
- NETALERTX_API shows as mounted but unwritable (❌ in Writeable column)
- API directory must be writable for proper operation
- Container startup fails because API functionality cannot work without write access
Testing: docker-compose.mount-test.api_unwritable.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_test_netalertx_api" Creating
Volume "mount-tests_test_netalertx_api" Created
Volume "mount-tests_netalertx_db" Creating
Volume "mount-tests_netalertx_db" Created
Volume "mount-tests_netalertx_config" Creating
Volume "mount-tests_netalertx_config" Created
Container netalertx-test-mount-api_unwritable Creating
Container netalertx-test-mount-api_unwritable Created
Attaching to netalertx-test-mount-api_unwritable
netalertx-test-mount-api_unwritable | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-api_unwritable | Ownership prepared for PUID=20211.
netalertx-test-mount-api_unwritable | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-api_unwritable | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-api_unwritable | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-api_unwritable | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-api_unwritable | Ownership prepared for PUID=20211.
netalertx-test-mount-api_unwritable | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-api_unwritable | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-api_unwritable | 
netalertx-test-mount-api_unwritable | _ _ _ ___ _ _ __ __
netalertx-test-mount-api_unwritable | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-api_unwritable | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-api_unwritable | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-api_unwritable | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-api_unwritable | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-api_unwritable |  Network intruder and presence detector.
netalertx-test-mount-api_unwritable | https://netalertx.com
netalertx-test-mount-api_unwritable |
netalertx-test-mount-api_unwritable |
netalertx-test-mount-api_unwritable | Startup pre-checks
netalertx-test-mount-api_unwritable | --> data migration.sh
netalertx-test-mount-api_unwritable | --> capabilities audit.sh
netalertx-test-mount-api_unwritable | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-mount-api_unwritable | --> mounts.py
netalertx-test-mount-api_unwritable | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-api_unwritable | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-api_unwritable | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-api_unwritable | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-api_unwritable | /tmp/run/tmp | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-api_unwritable | /tmp/api | ✅| ❌| ✅ | ❌ | ❌ | ✅
netalertx-test-mount-api_unwritable | /tmp/log | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-api_unwritable | /tmp/run | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-api_unwritable | /tmp/nginx/active-config | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-api_unwritable |
netalertx-test-mount-api_unwritable |
netalertx-test-mount-api_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_unwritable | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-api_unwritable |
netalertx-test-mount-api_unwritable | * /tmp/run/tmp error writing, error reading
netalertx-test-mount-api_unwritable | * /tmp/api error writing, performance issue
netalertx-test-mount-api_unwritable | * /tmp/log error writing, error reading
netalertx-test-mount-api_unwritable | * /tmp/run error writing, error reading
netalertx-test-mount-api_unwritable | * /tmp/nginx/active-config error writing, error reading
netalertx-test-mount-api_unwritable |
netalertx-test-mount-api_unwritable | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-api_unwritable | configuration can be quite complex.
netalertx-test-mount-api_unwritable |
netalertx-test-mount-api_unwritable | Review the documentation for a correct setup:
netalertx-test-mount-api_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-api_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-api_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_unwritable | 
netalertx-test-mount-api_unwritable | --> first run config.sh
netalertx-test-mount-api_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_unwritable | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-api_unwritable |
netalertx-test-mount-api_unwritable | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-api_unwritable | this instance in production.
netalertx-test-mount-api_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_unwritable | --> first run db.sh
netalertx-test-mount-api_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_unwritable | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-api_unwritable |
netalertx-test-mount-api_unwritable | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-api_unwritable | DB before onboarding sensitive or critical networks.
netalertx-test-mount-api_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_unwritable | --> mandatory folders.sh
netalertx-test-mount-api_unwritable | * Creating Plugins log.
netalertx-test-mount-api_unwritable | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-mount-api_unwritable | * Creating System services run log.
netalertx-test-mount-api_unwritable | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-mount-api_unwritable | * Creating System services run tmp.
netalertx-test-mount-api_unwritable | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-mount-api_unwritable | * Creating DB locked log.
netalertx-test-mount-api_unwritable | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-mount-api_unwritable | * Creating Execution queue log.
netalertx-test-mount-api_unwritable | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-mount-api_unwritable | --> apply conf override.sh
netalertx-test-mount-api_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_unwritable | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-mount-api_unwritable |
netalertx-test-mount-api_unwritable | Make sure the JSON content is correct before starting the application.
netalertx-test-mount-api_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_unwritable | --> writable config.sh
netalertx-test-mount-api_unwritable | --> nginx config.sh
netalertx-test-mount-api_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_unwritable | ⚠️ ATTENTION: Unable to write to /tmp/nginx/active-config/netalertx.conf.
netalertx-test-mount-api_unwritable |
netalertx-test-mount-api_unwritable | Ensure the conf.active mount is writable by the netalertx user before
netalertx-test-mount-api_unwritable | changing LISTEN_ADDR or PORT. Fix permissions:
netalertx-test-mount-api_unwritable | chown -R 20211:20211 /tmp/nginx/active-config
netalertx-test-mount-api_unwritable | find /tmp/nginx/active-config -type d -exec chmod 700 {} +
netalertx-test-mount-api_unwritable | find /tmp/nginx/active-config -type f -exec chmod 600 {} +
netalertx-test-mount-api_unwritable |
netalertx-test-mount-api_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/nginx-configuration-mount.md
netalertx-test-mount-api_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_unwritable | --> expected user id match.sh
netalertx-test-mount-api_unwritable | 
netalertx-test-mount-api_unwritable | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-mount-api_unwritable | --> host mode network.sh
netalertx-test-mount-api_unwritable | --> excessive capabilities.sh
netalertx-test-mount-api_unwritable | --> appliance integrity.sh
netalertx-test-mount-api_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_unwritable | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-api_unwritable |
netalertx-test-mount-api_unwritable | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-api_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-api_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-api_unwritable | --> ports available.sh
netalertx-test-mount-api_unwritable exited with code 0
File: docker-compose.mount-test.cap_chown_missing.yml
----------------------------------------
Expected outcome: Priming fails without CAP_CHOWN when caps are fully dropped
- Container should exit fatally during priming
- Logs must explain CAP_CHOWN requirement and link to troubleshooting docs
Testing: docker-compose.mount-test.cap_chown_missing.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_test_netalertx_data" Creating
Volume "mount-tests_test_netalertx_data" Created
Container netalertx-test-mount-cap_chown_missing Creating
Container netalertx-test-mount-cap_chown_missing Created
Attaching to netalertx-test-mount-cap_chown_missing
netalertx-test-mount-cap_chown_missing | Ownership prepared for PUID=20211.
netalertx-test-mount-cap_chown_missing | 
netalertx-test-mount-cap_chown_missing | _ _ _ ___ _ _ __ __
netalertx-test-mount-cap_chown_missing | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-cap_chown_missing | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-cap_chown_missing | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-cap_chown_missing | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-cap_chown_missing | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-cap_chown_missing |  Network intruder and presence detector.
netalertx-test-mount-cap_chown_missing | https://netalertx.com
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | Startup pre-checks
netalertx-test-mount-cap_chown_missing | --> data migration.sh
netalertx-test-mount-cap_chown_missing | --> capabilities audit.sh
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | 🚨 ALERT: Python execution capabilities (NET_RAW/NET_ADMIN) are missing.
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | The Python binary in this image has file capabilities (+eip) that
netalertx-test-mount-cap_chown_missing | require these bits in the container's bounding set. Without them,
netalertx-test-mount-cap_chown_missing | the binary will fail to execute (Operation not permitted).
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | Restart with: --cap-add=NET_RAW --cap-add=NET_ADMIN
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | ⚠️ WARNING: Reduced functionality (NET_BIND_SERVICE missing).
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | Tools like nbtscan cannot bind to privileged ports (UDP 137).
netalertx-test-mount-cap_chown_missing | This will reduce discovery accuracy for legacy devices.
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | Consider adding: --cap-add=NET_BIND_SERVICE
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | Security context: Operational capabilities (CHOWN SETGID SETUID) not granted.
netalertx-test-mount-cap_chown_missing | See https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/missing-capabilities.md
netalertx-test-mount-cap_chown_missing | --> mounts.py
netalertx-test-mount-cap_chown_missing | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-cap_chown_missing | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-cap_chown_missing | /data | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-cap_chown_missing | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-cap_chown_missing | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-cap_chown_missing | /tmp/run/tmp | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-cap_chown_missing | /tmp/api | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-cap_chown_missing | /tmp/log | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-cap_chown_missing | /tmp/run | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-cap_chown_missing | /tmp/nginx/active-config | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | * /tmp/run/tmp error writing, error reading
netalertx-test-mount-cap_chown_missing | * /tmp/api error writing, error reading
netalertx-test-mount-cap_chown_missing | * /tmp/log error writing, error reading
netalertx-test-mount-cap_chown_missing | * /tmp/run error writing, error reading
netalertx-test-mount-cap_chown_missing | * /tmp/nginx/active-config error writing, error reading
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-cap_chown_missing | configuration can be quite complex.
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | Review the documentation for a correct setup:
netalertx-test-mount-cap_chown_missing | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-cap_chown_missing | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | 
netalertx-test-mount-cap_chown_missing | --> first run config.sh
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-cap_chown_missing | this instance in production.
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | --> first run db.sh
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-cap_chown_missing | DB before onboarding sensitive or critical networks.
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | --> mandatory folders.sh
netalertx-test-mount-cap_chown_missing | * Creating NetAlertX log directory.
netalertx-test-mount-cap_chown_missing | Warning: Unable to create log directory at /tmp/log (tmpfs not writable with current capabilities).
netalertx-test-mount-cap_chown_missing | * Creating NetAlertX API cache.
netalertx-test-mount-cap_chown_missing | Warning: Unable to create API cache directory at /tmp/api (tmpfs not writable with current capabilities).
netalertx-test-mount-cap_chown_missing | * Creating System services runtime directory.
netalertx-test-mount-cap_chown_missing | Warning: Unable to create System services runtime directory at /tmp/run (tmpfs not writable with current capabilities).
netalertx-test-mount-cap_chown_missing | * Creating nginx active configuration directory.
netalertx-test-mount-cap_chown_missing | Warning: Unable to create nginx active configuration directory at /tmp/nginx/active-config (tmpfs not writable with current capabilities).
netalertx-test-mount-cap_chown_missing | * Creating Plugins log.
netalertx-test-mount-cap_chown_missing | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-mount-cap_chown_missing | * Creating System services run log.
netalertx-test-mount-cap_chown_missing | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-mount-cap_chown_missing | * Creating System services run tmp.
netalertx-test-mount-cap_chown_missing | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-mount-cap_chown_missing | * Creating DB locked log.
netalertx-test-mount-cap_chown_missing | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-mount-cap_chown_missing | * Creating Execution queue log.
netalertx-test-mount-cap_chown_missing | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-mount-cap_chown_missing | --> apply conf override.sh
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | Make sure the JSON content is correct before starting the application.
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | --> writable config.sh
netalertx-test-mount-cap_chown_missing | --> nginx config.sh
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | ⚠️ ATTENTION: Nginx configuration mount /tmp/nginx/active-config is missing.
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | Custom listen address or port changes require a writable nginx conf.active
netalertx-test-mount-cap_chown_missing | directory. Without it, the container falls back to defaults and ignores
netalertx-test-mount-cap_chown_missing | your overrides.
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | Create a bind mount:
netalertx-test-mount-cap_chown_missing | --mount type=bind,src=/path/on/host,dst=/tmp/nginx/active-config
netalertx-test-mount-cap_chown_missing | and ensure it is owned by the netalertx user (20211:20211) with 700 perms.
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/nginx-configuration-mount.md
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | --> expected user id match.sh
netalertx-test-mount-cap_chown_missing | --> host mode network.sh
netalertx-test-mount-cap_chown_missing | --> excessive capabilities.sh
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | ⚠️ Warning: Excessive capabilities detected (bounding caps: 0x00000000a80435fa).
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | Only CHOWN, SETGID, SETUID, NET_ADMIN, NET_BIND_SERVICE, and NET_RAW are
netalertx-test-mount-cap_chown_missing | required in this container. Please remove unnecessary capabilities.
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/excessive-capabilities.md
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | --> appliance integrity.sh
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-cap_chown_missing | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | --> ports available.sh
netalertx-test-mount-cap_chown_missing | /services/scripts/update_vendors.sh: line 28: /tmp/run/tmp/ieee-oui.txt.tmp: Permission denied
netalertx-test-mount-cap_chown_missing | mkdir: can't create directory '/tmp/log': Permission denied
netalertx-test-mount-cap_chown_missing | mkdir: can't create directory '/tmp/run': Permission denied
netalertx-test-mount-cap_chown_missing | mkdir: can't create directory '/tmp/nginx': Permission denied
netalertx-test-mount-cap_chown_missing | Starting supercronic --quiet "/services/config/cron/crontab" >>"/tmp/log/cron.log" 2>&1 &
netalertx-test-mount-cap_chown_missing | Starting /usr/sbin/php-fpm83 -y "/services/config/php/php-fpm.conf" -F (tee stderr to app.php_errors.log)
netalertx-test-mount-cap_chown_missing | /services/start-cron.sh: line 37: /tmp/log/cron.log: Permission denied
netalertx-test-mount-cap_chown_missing | Supercronic stopped! (exit 1)
netalertx-test-mount-cap_chown_missing | tee: /tmp/log/app.php_errors.log: Permission denied
netalertx-test-mount-cap_chown_missing | Service nginx exited with status 1.
netalertx-test-mount-cap_chown_missing | Starting python3 -m server > /tmp/log/stdout.log 2> >(tee /tmp/log/stderr.log >&2)
netalertx-test-mount-cap_chown_missing | /services/start-backend.sh: line 16: /tmp/log/stdout.log: Permission denied
netalertx-test-mount-cap_chown_missing | php-fpm stopped! (exit 143)
netalertx-test-mount-cap_chown_missing | All services stopped.
netalertx-test-mount-cap_chown_missing | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-cap_chown_missing | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-cap_chown_missing | Ownership prepared for PUID=20211.
netalertx-test-mount-cap_chown_missing | 
netalertx-test-mount-cap_chown_missing | _ _ _ ___ _ _ __ __
netalertx-test-mount-cap_chown_missing | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-cap_chown_missing | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-cap_chown_missing | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-cap_chown_missing | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-cap_chown_missing | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-cap_chown_missing |  Network intruder and presence detector.
netalertx-test-mount-cap_chown_missing | https://netalertx.com
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | Startup pre-checks
netalertx-test-mount-cap_chown_missing | --> data migration.sh
netalertx-test-mount-cap_chown_missing | --> capabilities audit.sh
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | 🚨 ALERT: Python execution capabilities (NET_RAW/NET_ADMIN) are missing.
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | The Python binary in this image has file capabilities (+eip) that
netalertx-test-mount-cap_chown_missing | require these bits in the container's bounding set. Without them,
netalertx-test-mount-cap_chown_missing | the binary will fail to execute (Operation not permitted).
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | Restart with: --cap-add=NET_RAW --cap-add=NET_ADMIN
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | ⚠️ WARNING: Reduced functionality (NET_BIND_SERVICE missing).
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | Tools like nbtscan cannot bind to privileged ports (UDP 137).
netalertx-test-mount-cap_chown_missing | This will reduce discovery accuracy for legacy devices.
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | Consider adding: --cap-add=NET_BIND_SERVICE
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | Security context: Operational capabilities (CHOWN SETGID SETUID) not granted.
netalertx-test-mount-cap_chown_missing | See https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/missing-capabilities.md
netalertx-test-mount-cap_chown_missing | --> mounts.py
netalertx-test-mount-cap_chown_missing | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-cap_chown_missing | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-cap_chown_missing | /data | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-cap_chown_missing | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-cap_chown_missing | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-cap_chown_missing | /tmp/run/tmp | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-cap_chown_missing | /tmp/api | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-cap_chown_missing | /tmp/log | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-cap_chown_missing | /tmp/run | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-cap_chown_missing | /tmp/nginx/active-config | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | * /tmp/run/tmp error writing, error reading
netalertx-test-mount-cap_chown_missing | * /tmp/api error writing, error reading
netalertx-test-mount-cap_chown_missing | * /tmp/log error writing, error reading
netalertx-test-mount-cap_chown_missing | * /tmp/run error writing, error reading
netalertx-test-mount-cap_chown_missing | * /tmp/nginx/active-config error writing, error reading
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-cap_chown_missing | configuration can be quite complex.
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | Review the documentation for a correct setup:
netalertx-test-mount-cap_chown_missing | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-cap_chown_missing | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | 
netalertx-test-mount-cap_chown_missing | --> first run config.sh
netalertx-test-mount-cap_chown_missing | --> first run db.sh
netalertx-test-mount-cap_chown_missing | INFO: ALWAYS_FRESH_INSTALL enabled — removing existing database.
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-cap_chown_missing | DB before onboarding sensitive or critical networks.
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | --> mandatory folders.sh
netalertx-test-mount-cap_chown_missing | * Creating NetAlertX log directory.
netalertx-test-mount-cap_chown_missing | Warning: Unable to create log directory at /tmp/log (tmpfs not writable with current capabilities).
netalertx-test-mount-cap_chown_missing | * Creating NetAlertX API cache.
netalertx-test-mount-cap_chown_missing | Warning: Unable to create API cache directory at /tmp/api (tmpfs not writable with current capabilities).
netalertx-test-mount-cap_chown_missing | * Creating System services runtime directory.
netalertx-test-mount-cap_chown_missing | Warning: Unable to create System services runtime directory at /tmp/run (tmpfs not writable with current capabilities).
netalertx-test-mount-cap_chown_missing | * Creating nginx active configuration directory.
netalertx-test-mount-cap_chown_missing | Warning: Unable to create nginx active configuration directory at /tmp/nginx/active-config (tmpfs not writable with current capabilities).
netalertx-test-mount-cap_chown_missing | * Creating Plugins log.
netalertx-test-mount-cap_chown_missing | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-mount-cap_chown_missing | * Creating System services run log.
netalertx-test-mount-cap_chown_missing | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-mount-cap_chown_missing | * Creating System services run tmp.
netalertx-test-mount-cap_chown_missing | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-mount-cap_chown_missing | * Creating DB locked log.
netalertx-test-mount-cap_chown_missing | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-mount-cap_chown_missing | * Creating Execution queue log.
netalertx-test-mount-cap_chown_missing | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-mount-cap_chown_missing | --> apply conf override.sh
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | Make sure the JSON content is correct before starting the application.
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | --> writable config.sh
netalertx-test-mount-cap_chown_missing | --> nginx config.sh
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | ⚠️ ATTENTION: Nginx configuration mount /tmp/nginx/active-config is missing.
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | Custom listen address or port changes require a writable nginx conf.active
netalertx-test-mount-cap_chown_missing | directory. Without it, the container falls back to defaults and ignores
netalertx-test-mount-cap_chown_missing | your overrides.
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | Create a bind mount:
netalertx-test-mount-cap_chown_missing | --mount type=bind,src=/path/on/host,dst=/tmp/nginx/active-config
netalertx-test-mount-cap_chown_missing | and ensure it is owned by the netalertx user (20211:20211) with 700 perms.
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/nginx-configuration-mount.md
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | --> expected user id match.sh
netalertx-test-mount-cap_chown_missing | --> host mode network.sh
netalertx-test-mount-cap_chown_missing | --> excessive capabilities.sh
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | ⚠️ Warning: Excessive capabilities detected (bounding caps: 0x00000000a80435fa).
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | Only CHOWN, SETGID, SETUID, NET_ADMIN, NET_BIND_SERVICE, and NET_RAW are
netalertx-test-mount-cap_chown_missing | required in this container. Please remove unnecessary capabilities.
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/excessive-capabilities.md
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | --> appliance integrity.sh
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-cap_chown_missing |
netalertx-test-mount-cap_chown_missing | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-cap_chown_missing | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-cap_chown_missing | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-cap_chown_missing | --> ports available.sh
netalertx-test-mount-cap_chown_missing | 
netalertx-test-mount-cap_chown_missing exited with code 0
File: docker-compose.mount-test.config_mounted.yml
----------------------------------------
Expected outcome: Container starts successfully with proper config mount
- NETALERTX_CONFIG shows as writable and mounted
- No configuration warnings for config path
- Configuration persistence works correctly
Testing: docker-compose.mount-test.config_mounted.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_test_netalertx_data" Creating
Volume "mount-tests_test_netalertx_data" Created
Container netalertx-test-mount-config_mounted Creating
Container netalertx-test-mount-config_mounted Created
Attaching to netalertx-test-mount-config_mounted
netalertx-test-mount-config_mounted | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-config_mounted | Ownership prepared for PUID=20211.
netalertx-test-mount-config_mounted | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-config_mounted | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-config_mounted | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-config_mounted | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-config_mounted | Ownership prepared for PUID=20211.
netalertx-test-mount-config_mounted | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-config_mounted | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-config_mounted | 
netalertx-test-mount-config_mounted | _ _ _ ___ _ _ __ __
netalertx-test-mount-config_mounted | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-config_mounted | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-config_mounted | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-config_mounted | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-config_mounted | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-config_mounted |  Network intruder and presence detector.
netalertx-test-mount-config_mounted | https://netalertx.com
netalertx-test-mount-config_mounted |
netalertx-test-mount-config_mounted |
netalertx-test-mount-config_mounted | Startup pre-checks
netalertx-test-mount-config_mounted | --> data migration.sh
netalertx-test-mount-config_mounted | --> capabilities audit.sh
netalertx-test-mount-config_mounted | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-mount-config_mounted | --> mounts.py
netalertx-test-mount-config_mounted | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-config_mounted | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-config_mounted | /data | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-config_mounted | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-config_mounted | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-config_mounted | /tmp/run/tmp | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-config_mounted | /tmp/api | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-config_mounted | /tmp/log | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-config_mounted | /tmp/run | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-config_mounted | /tmp/nginx/active-config | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-config_mounted |
netalertx-test-mount-config_mounted |
netalertx-test-mount-config_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_mounted | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-config_mounted |
netalertx-test-mount-config_mounted | * /tmp/run/tmp error writing, error reading
netalertx-test-mount-config_mounted | * /tmp/api error writing, error reading
netalertx-test-mount-config_mounted | * /tmp/log error writing, error reading
netalertx-test-mount-config_mounted | * /tmp/run error writing, error reading
netalertx-test-mount-config_mounted | * /tmp/nginx/active-config error writing, error reading
netalertx-test-mount-config_mounted |
netalertx-test-mount-config_mounted | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-config_mounted | configuration can be quite complex.
netalertx-test-mount-config_mounted |
netalertx-test-mount-config_mounted | Review the documentation for a correct setup:
netalertx-test-mount-config_mounted | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-config_mounted | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-config_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_mounted | 
netalertx-test-mount-config_mounted | --> first run config.sh
netalertx-test-mount-config_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_mounted | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-config_mounted |
netalertx-test-mount-config_mounted | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-config_mounted | this instance in production.
netalertx-test-mount-config_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_mounted | --> first run db.sh
netalertx-test-mount-config_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_mounted | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-config_mounted |
netalertx-test-mount-config_mounted | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-config_mounted | DB before onboarding sensitive or critical networks.
netalertx-test-mount-config_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_mounted | --> mandatory folders.sh
netalertx-test-mount-config_mounted | * Creating NetAlertX log directory.
netalertx-test-mount-config_mounted | Warning: Unable to create log directory at /tmp/log (tmpfs not writable with current capabilities).
netalertx-test-mount-config_mounted | * Creating NetAlertX API cache.
netalertx-test-mount-config_mounted | Warning: Unable to create API cache directory at /tmp/api (tmpfs not writable with current capabilities).
netalertx-test-mount-config_mounted | * Creating System services runtime directory.
netalertx-test-mount-config_mounted | Warning: Unable to create System services runtime directory at /tmp/run (tmpfs not writable with current capabilities).
netalertx-test-mount-config_mounted | * Creating nginx active configuration directory.
netalertx-test-mount-config_mounted | Warning: Unable to create nginx active configuration directory at /tmp/nginx/active-config (tmpfs not writable with current capabilities).
netalertx-test-mount-config_mounted | * Creating Plugins log.
netalertx-test-mount-config_mounted | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-mount-config_mounted | * Creating System services run log.
netalertx-test-mount-config_mounted | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-mount-config_mounted | * Creating System services run tmp.
netalertx-test-mount-config_mounted | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-mount-config_mounted | * Creating DB locked log.
netalertx-test-mount-config_mounted | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-mount-config_mounted | * Creating Execution queue log.
netalertx-test-mount-config_mounted | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-mount-config_mounted | --> apply conf override.sh
netalertx-test-mount-config_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_mounted | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-mount-config_mounted |
netalertx-test-mount-config_mounted | Make sure the JSON content is correct before starting the application.
netalertx-test-mount-config_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_mounted | --> writable config.sh
netalertx-test-mount-config_mounted | --> nginx config.sh
netalertx-test-mount-config_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_mounted | ⚠️ ATTENTION: Nginx configuration mount /tmp/nginx/active-config is missing.
netalertx-test-mount-config_mounted |
netalertx-test-mount-config_mounted | Custom listen address or port changes require a writable nginx conf.active
netalertx-test-mount-config_mounted | directory. Without it, the container falls back to defaults and ignores
netalertx-test-mount-config_mounted | your overrides.
netalertx-test-mount-config_mounted |
netalertx-test-mount-config_mounted | Create a bind mount:
netalertx-test-mount-config_mounted | --mount type=bind,src=/path/on/host,dst=/tmp/nginx/active-config
netalertx-test-mount-config_mounted | and ensure it is owned by the netalertx user (20211:20211) with 700 perms.
netalertx-test-mount-config_mounted |
netalertx-test-mount-config_mounted | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/nginx-configuration-mount.md
netalertx-test-mount-config_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_mounted | --> expected user id match.sh
netalertx-test-mount-config_mounted | 
netalertx-test-mount-config_mounted | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-mount-config_mounted | --> host mode network.sh
netalertx-test-mount-config_mounted | --> excessive capabilities.sh
netalertx-test-mount-config_mounted | --> appliance integrity.sh
netalertx-test-mount-config_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_mounted | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-config_mounted |
netalertx-test-mount-config_mounted | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-config_mounted | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-config_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_mounted | --> ports available.sh
netalertx-test-mount-config_mounted exited with code 0
File: docker-compose.mount-test.config_no-mount.yml
----------------------------------------
Expected outcome: Container shows mount error for config directory
- NETALERTX_CONFIG shows as not mounted
- Mount error since config directory should be mounted for proper operation
- Configuration may not persist across restarts
Testing: docker-compose.mount-test.config_no-mount.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_netalertx_db" Creating
Volume "mount-tests_netalertx_db" Created
Container netalertx-test-mount-config_no-mount Creating
Container netalertx-test-mount-config_no-mount Created
Attaching to netalertx-test-mount-config_no-mount
netalertx-test-mount-config_no-mount | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-config_no-mount | Ownership prepared for PUID=20211.
netalertx-test-mount-config_no-mount | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-config_no-mount | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-config_no-mount | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-config_no-mount | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-config_no-mount | Ownership prepared for PUID=20211.
netalertx-test-mount-config_no-mount | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-config_no-mount | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-config_no-mount | 
netalertx-test-mount-config_no-mount | _ _ _ ___ _ _ __ __
netalertx-test-mount-config_no-mount | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-config_no-mount | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-config_no-mount | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-config_no-mount | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-config_no-mount | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-config_no-mount |  Network intruder and presence detector.
netalertx-test-mount-config_no-mount | https://netalertx.com
netalertx-test-mount-config_no-mount |
netalertx-test-mount-config_no-mount |
netalertx-test-mount-config_no-mount | Startup pre-checks
netalertx-test-mount-config_no-mount | --> data migration.sh
netalertx-test-mount-config_no-mount | --> capabilities audit.sh
netalertx-test-mount-config_no-mount | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-mount-config_no-mount | --> mounts.py
netalertx-test-mount-config_no-mount | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-config_no-mount | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-config_no-mount | /data | ✅| ✅| ❌ | | | ❌
netalertx-test-mount-config_no-mount | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-config_no-mount | /data/config | ✅| ✅| ❌ | | | ❌
netalertx-test-mount-config_no-mount | /tmp/run/tmp | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-config_no-mount | /tmp/api | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-config_no-mount | /tmp/log | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-config_no-mount | /tmp/run | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-config_no-mount | /tmp/nginx/active-config | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-config_no-mount |
netalertx-test-mount-config_no-mount |
netalertx-test-mount-config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_no-mount | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-config_no-mount |
netalertx-test-mount-config_no-mount | * /data not mounted, risk of dataloss
netalertx-test-mount-config_no-mount | * /data/config not mounted, risk of dataloss
netalertx-test-mount-config_no-mount | * /tmp/run/tmp error writing, error reading
netalertx-test-mount-config_no-mount | * /tmp/api error writing, error reading
netalertx-test-mount-config_no-mount | * /tmp/log error writing, error reading
netalertx-test-mount-config_no-mount | * /tmp/run error writing, error reading
netalertx-test-mount-config_no-mount | * /tmp/nginx/active-config error writing, error reading
netalertx-test-mount-config_no-mount |
netalertx-test-mount-config_no-mount | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-config_no-mount | configuration can be quite complex.
netalertx-test-mount-config_no-mount |
netalertx-test-mount-config_no-mount | Review the documentation for a correct setup:
netalertx-test-mount-config_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-config_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_no-mount | 
netalertx-test-mount-config_no-mount | --> first run config.sh
netalertx-test-mount-config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_no-mount | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-config_no-mount |
netalertx-test-mount-config_no-mount | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-config_no-mount | this instance in production.
netalertx-test-mount-config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_no-mount | --> first run db.sh
netalertx-test-mount-config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_no-mount | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-config_no-mount |
netalertx-test-mount-config_no-mount | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-config_no-mount | DB before onboarding sensitive or critical networks.
netalertx-test-mount-config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_no-mount | --> mandatory folders.sh
netalertx-test-mount-config_no-mount | * Creating Plugins log.
netalertx-test-mount-config_no-mount | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-mount-config_no-mount | * Creating System services run log.
netalertx-test-mount-config_no-mount | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-mount-config_no-mount | * Creating System services run tmp.
netalertx-test-mount-config_no-mount | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-mount-config_no-mount | * Creating DB locked log.
netalertx-test-mount-config_no-mount | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-mount-config_no-mount | * Creating Execution queue log.
netalertx-test-mount-config_no-mount | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-mount-config_no-mount | --> apply conf override.sh
netalertx-test-mount-config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_no-mount | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-mount-config_no-mount |
netalertx-test-mount-config_no-mount | Make sure the JSON content is correct before starting the application.
netalertx-test-mount-config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_no-mount | --> writable config.sh
netalertx-test-mount-config_no-mount | --> nginx config.sh
netalertx-test-mount-config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_no-mount | ⚠️ ATTENTION: Unable to write to /tmp/nginx/active-config/netalertx.conf.
netalertx-test-mount-config_no-mount |
netalertx-test-mount-config_no-mount | Ensure the conf.active mount is writable by the netalertx user before
netalertx-test-mount-config_no-mount | changing LISTEN_ADDR or PORT. Fix permissions:
netalertx-test-mount-config_no-mount | chown -R 20211:20211 /tmp/nginx/active-config
netalertx-test-mount-config_no-mount | find /tmp/nginx/active-config -type d -exec chmod 700 {} +
netalertx-test-mount-config_no-mount | find /tmp/nginx/active-config -type f -exec chmod 600 {} +
netalertx-test-mount-config_no-mount |
netalertx-test-mount-config_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/nginx-configuration-mount.md
netalertx-test-mount-config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_no-mount | --> expected user id match.sh
netalertx-test-mount-config_no-mount | 
netalertx-test-mount-config_no-mount | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-mount-config_no-mount | --> host mode network.sh
netalertx-test-mount-config_no-mount | --> excessive capabilities.sh
netalertx-test-mount-config_no-mount | --> appliance integrity.sh
netalertx-test-mount-config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_no-mount | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-config_no-mount |
netalertx-test-mount-config_no-mount | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-config_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-config_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_no-mount | --> ports available.sh
netalertx-test-mount-config_no-mount exited with code 0
File: docker-compose.mount-test.config_ramdisk.yml
----------------------------------------
Expected outcome: Container shows dataloss risk warning for config on RAM disk
- NETALERTX_CONFIG shows as mounted on tmpfs (RAM disk)
- Dataloss risk warning since config data should be persistent
- Configuration will be lost on container restart
Testing: docker-compose.mount-test.config_ramdisk.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_netalertx_db" Creating
Volume "mount-tests_netalertx_db" Created
Container netalertx-test-mount-config_ramdisk Creating
Container netalertx-test-mount-config_ramdisk Created
Attaching to netalertx-test-mount-config_ramdisk
netalertx-test-mount-config_ramdisk | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-config_ramdisk | Ownership prepared for PUID=20211.
netalertx-test-mount-config_ramdisk | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-config_ramdisk | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-config_ramdisk | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-config_ramdisk | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-config_ramdisk | Ownership prepared for PUID=20211.
netalertx-test-mount-config_ramdisk | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-config_ramdisk | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-config_ramdisk | 
netalertx-test-mount-config_ramdisk | _ _ _ ___ _ _ __ __
netalertx-test-mount-config_ramdisk | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-config_ramdisk | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-config_ramdisk | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-config_ramdisk | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-config_ramdisk | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-config_ramdisk |  Network intruder and presence detector.
netalertx-test-mount-config_ramdisk | https://netalertx.com
netalertx-test-mount-config_ramdisk |
netalertx-test-mount-config_ramdisk |
netalertx-test-mount-config_ramdisk | Startup pre-checks
netalertx-test-mount-config_ramdisk | --> data migration.sh
netalertx-test-mount-config_ramdisk | --> capabilities audit.sh
netalertx-test-mount-config_ramdisk | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-mount-config_ramdisk | --> mounts.py
netalertx-test-mount-config_ramdisk | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-config_ramdisk | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-config_ramdisk | /data | ✅| ✅| ❌ | | | ❌
netalertx-test-mount-config_ramdisk | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-config_ramdisk | /data/config | ❌| ❌| ✅ | ❌ | | ❌
netalertx-test-mount-config_ramdisk | /tmp/run/tmp | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-config_ramdisk | /tmp/api | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-config_ramdisk | /tmp/log | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-config_ramdisk | /tmp/run | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-config_ramdisk | /tmp/nginx/active-config | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-config_ramdisk |
netalertx-test-mount-config_ramdisk |
netalertx-test-mount-config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_ramdisk | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-config_ramdisk |
netalertx-test-mount-config_ramdisk | * /data not mounted, risk of dataloss
netalertx-test-mount-config_ramdisk | * /data/config error writing, error reading, risk of dataloss
netalertx-test-mount-config_ramdisk | * /tmp/run/tmp error writing, error reading
netalertx-test-mount-config_ramdisk | * /tmp/api error writing, error reading
netalertx-test-mount-config_ramdisk | * /tmp/log error writing, error reading
netalertx-test-mount-config_ramdisk | * /tmp/run error writing, error reading
netalertx-test-mount-config_ramdisk | * /tmp/nginx/active-config error writing, error reading
netalertx-test-mount-config_ramdisk |
netalertx-test-mount-config_ramdisk | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-config_ramdisk | configuration can be quite complex.
netalertx-test-mount-config_ramdisk |
netalertx-test-mount-config_ramdisk | Review the documentation for a correct setup:
netalertx-test-mount-config_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-config_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_ramdisk | 
netalertx-test-mount-config_ramdisk | \033[1;31m══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_ramdisk | ❌ NetAlertX startup aborted: critical failure in mounts.py.
netalertx-test-mount-config_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/troubleshooting.md
netalertx-test-mount-config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_ramdisk | --> first run config.sh
netalertx-test-mount-config_ramdisk | \033[0minstall: can't stat '/data/config/app.conf': Permission denied
netalertx-test-mount-config_ramdisk | ERROR: Failed to deploy default config to /data/config/app.conf
netalertx-test-mount-config_ramdisk | first run config.sh: FAILED with 2
netalertx-test-mount-config_ramdisk | Failure detected in: /entrypoint.d/20-first-run-config.sh
netalertx-test-mount-config_ramdisk | --> first run db.sh
netalertx-test-mount-config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_ramdisk | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-config_ramdisk |
netalertx-test-mount-config_ramdisk | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-config_ramdisk | DB before onboarding sensitive or critical networks.
netalertx-test-mount-config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_ramdisk | --> mandatory folders.sh
netalertx-test-mount-config_ramdisk | * Creating Plugins log.
netalertx-test-mount-config_ramdisk | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-mount-config_ramdisk | * Creating System services run log.
netalertx-test-mount-config_ramdisk | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-mount-config_ramdisk | * Creating System services run tmp.
netalertx-test-mount-config_ramdisk | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-mount-config_ramdisk | * Creating DB locked log.
netalertx-test-mount-config_ramdisk | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-mount-config_ramdisk | * Creating Execution queue log.
netalertx-test-mount-config_ramdisk | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-mount-config_ramdisk | --> apply conf override.sh
netalertx-test-mount-config_ramdisk | rm: can't stat '/data/config/app_conf_override.json': Permission denied
netalertx-test-mount-config_ramdisk | /entrypoint.d/35-apply-conf-override.sh: line 18: can't create /data/config/app_conf_override.json: Permission denied
netalertx-test-mount-config_ramdisk | ERROR: Failed to write override config to /data/config/app_conf_override.json
netalertx-test-mount-config_ramdisk | apply conf override.sh: FAILED with 2
netalertx-test-mount-config_ramdisk | Failure detected in: /entrypoint.d/35-apply-conf-override.sh
netalertx-test-mount-config_ramdisk | --> writable config.sh
netalertx-test-mount-config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_ramdisk | ❌ CRITICAL: Path does not exist.
netalertx-test-mount-config_ramdisk |
netalertx-test-mount-config_ramdisk | The required path "/data/config/app.conf" could not be found. The application
netalertx-test-mount-config_ramdisk | cannot start without its complete directory structure.
netalertx-test-mount-config_ramdisk |
netalertx-test-mount-config_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/file-permissions.md
netalertx-test-mount-config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_ramdisk | \033[1;31m══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_ramdisk | ❌ NetAlertX startup aborted: critical failure in writable config.sh.
netalertx-test-mount-config_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/troubleshooting.md
netalertx-test-mount-config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_ramdisk | --> nginx config.sh
netalertx-test-mount-config_ramdisk | \033[0m══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_ramdisk | ⚠️ ATTENTION: Unable to write to /tmp/nginx/active-config/netalertx.conf.
netalertx-test-mount-config_ramdisk |
netalertx-test-mount-config_ramdisk | Ensure the conf.active mount is writable by the netalertx user before
netalertx-test-mount-config_ramdisk | changing LISTEN_ADDR or PORT. Fix permissions:
netalertx-test-mount-config_ramdisk | chown -R 20211:20211 /tmp/nginx/active-config
netalertx-test-mount-config_ramdisk | find /tmp/nginx/active-config -type d -exec chmod 700 {} +
netalertx-test-mount-config_ramdisk | find /tmp/nginx/active-config -type f -exec chmod 600 {} +
netalertx-test-mount-config_ramdisk |
netalertx-test-mount-config_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/nginx-configuration-mount.md
netalertx-test-mount-config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_ramdisk | --> expected user id match.sh
netalertx-test-mount-config_ramdisk | 
netalertx-test-mount-config_ramdisk | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-mount-config_ramdisk | --> host mode network.sh
netalertx-test-mount-config_ramdisk | --> excessive capabilities.sh
netalertx-test-mount-config_ramdisk | --> appliance integrity.sh
netalertx-test-mount-config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_ramdisk | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-config_ramdisk |
netalertx-test-mount-config_ramdisk | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-config_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-config_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_ramdisk | --> ports available.sh
netalertx-test-mount-config_ramdisk | Container startup checks failed with exit code 1.
netalertx-test-mount-config_ramdisk exited with code 1
File: docker-compose.mount-test.config_unwritable.yml
----------------------------------------
Expected outcome: Container fails to start due to unwritable config partition
- NETALERTX_CONFIG shows as mounted but unwritable (❌ in Writeable column)
- 30-writable-config.sh detects permission error and exits with code 1
- Container startup fails because config files cannot be written to
Testing: docker-compose.mount-test.config_unwritable.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_netalertx_db" Creating
Volume "mount-tests_netalertx_db" Created
Volume "mount-tests_test_netalertx_config" Creating
Volume "mount-tests_test_netalertx_config" Created
Container netalertx-test-mount-config_unwritable Creating
Container netalertx-test-mount-config_unwritable Created
Attaching to netalertx-test-mount-config_unwritable
netalertx-test-mount-config_unwritable | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-config_unwritable | Ownership prepared for PUID=20211.
netalertx-test-mount-config_unwritable | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-config_unwritable | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-config_unwritable | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-config_unwritable | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-config_unwritable | Ownership prepared for PUID=20211.
netalertx-test-mount-config_unwritable | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-config_unwritable | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-config_unwritable | 
netalertx-test-mount-config_unwritable | _ _ _ ___ _ _ __ __
netalertx-test-mount-config_unwritable | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-config_unwritable | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-config_unwritable | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-config_unwritable | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-config_unwritable | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-config_unwritable |  Network intruder and presence detector.
netalertx-test-mount-config_unwritable | https://netalertx.com
netalertx-test-mount-config_unwritable |
netalertx-test-mount-config_unwritable |
netalertx-test-mount-config_unwritable | Startup pre-checks
netalertx-test-mount-config_unwritable | --> data migration.sh
netalertx-test-mount-config_unwritable | --> capabilities audit.sh
netalertx-test-mount-config_unwritable | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-mount-config_unwritable | --> mounts.py
netalertx-test-mount-config_unwritable | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-config_unwritable | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-config_unwritable | /data | ✅| ✅| ❌ | | | ❌
netalertx-test-mount-config_unwritable | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-config_unwritable | /data/config | ✅| ❌| ✅ | | | ✅
netalertx-test-mount-config_unwritable | /tmp/run/tmp | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-config_unwritable | /tmp/api | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-config_unwritable | /tmp/log | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-config_unwritable | /tmp/run | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-config_unwritable | /tmp/nginx/active-config | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-config_unwritable |
netalertx-test-mount-config_unwritable |
netalertx-test-mount-config_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_unwritable | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-config_unwritable |
netalertx-test-mount-config_unwritable | * /data not mounted, risk of dataloss
netalertx-test-mount-config_unwritable | * /data/config error writing
netalertx-test-mount-config_unwritable | * /tmp/run/tmp error writing, error reading
netalertx-test-mount-config_unwritable | * /tmp/api error writing, error reading
netalertx-test-mount-config_unwritable | * /tmp/log error writing, error reading
netalertx-test-mount-config_unwritable | * /tmp/run error writing, error reading
netalertx-test-mount-config_unwritable | * /tmp/nginx/active-config error writing, error reading
netalertx-test-mount-config_unwritable |
netalertx-test-mount-config_unwritable | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-config_unwritable | configuration can be quite complex.
netalertx-test-mount-config_unwritable |
netalertx-test-mount-config_unwritable | Review the documentation for a correct setup:
netalertx-test-mount-config_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-config_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-config_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_unwritable | 
netalertx-test-mount-config_unwritable | \033[1;31m══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_unwritable | ❌ NetAlertX startup aborted: critical failure in mounts.py.
netalertx-test-mount-config_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/troubleshooting.md
netalertx-test-mount-config_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_unwritable | --> first run config.sh
netalertx-test-mount-config_unwritable | \033[0minstall: can't create '/data/config/app.conf': Read-only file system
netalertx-test-mount-config_unwritable | ERROR: Failed to deploy default config to /data/config/app.conf
netalertx-test-mount-config_unwritable | first run config.sh: FAILED with 2
netalertx-test-mount-config_unwritable | Failure detected in: /entrypoint.d/20-first-run-config.sh
netalertx-test-mount-config_unwritable | --> first run db.sh
netalertx-test-mount-config_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_unwritable | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-config_unwritable |
netalertx-test-mount-config_unwritable | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-config_unwritable | DB before onboarding sensitive or critical networks.
netalertx-test-mount-config_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_unwritable | --> mandatory folders.sh
netalertx-test-mount-config_unwritable | * Creating Plugins log.
netalertx-test-mount-config_unwritable | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-mount-config_unwritable | * Creating System services run log.
netalertx-test-mount-config_unwritable | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-mount-config_unwritable | * Creating System services run tmp.
netalertx-test-mount-config_unwritable | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-mount-config_unwritable | * Creating DB locked log.
netalertx-test-mount-config_unwritable | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-mount-config_unwritable | * Creating Execution queue log.
netalertx-test-mount-config_unwritable | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-mount-config_unwritable | --> apply conf override.sh
netalertx-test-mount-config_unwritable | /entrypoint.d/35-apply-conf-override.sh: line 18: can't create /data/config/app_conf_override.json: Read-only file system
netalertx-test-mount-config_unwritable | ERROR: Failed to write override config to /data/config/app_conf_override.json
netalertx-test-mount-config_unwritable | apply conf override.sh: FAILED with 2
netalertx-test-mount-config_unwritable | Failure detected in: /entrypoint.d/35-apply-conf-override.sh
netalertx-test-mount-config_unwritable | --> writable config.sh
netalertx-test-mount-config_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_unwritable | ❌ CRITICAL: Path does not exist.
netalertx-test-mount-config_unwritable |
netalertx-test-mount-config_unwritable | The required path "/data/config/app.conf" could not be found. The application
netalertx-test-mount-config_unwritable | cannot start without its complete directory structure.
netalertx-test-mount-config_unwritable |
netalertx-test-mount-config_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/file-permissions.md
netalertx-test-mount-config_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_unwritable | \033[1;31m══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_unwritable | ❌ NetAlertX startup aborted: critical failure in writable config.sh.
netalertx-test-mount-config_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/troubleshooting.md
netalertx-test-mount-config_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_unwritable | --> nginx config.sh
netalertx-test-mount-config_unwritable | \033[0m══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_unwritable | ⚠️ ATTENTION: Unable to write to /tmp/nginx/active-config/netalertx.conf.
netalertx-test-mount-config_unwritable |
netalertx-test-mount-config_unwritable | Ensure the conf.active mount is writable by the netalertx user before
netalertx-test-mount-config_unwritable | changing LISTEN_ADDR or PORT. Fix permissions:
netalertx-test-mount-config_unwritable | chown -R 20211:20211 /tmp/nginx/active-config
netalertx-test-mount-config_unwritable | find /tmp/nginx/active-config -type d -exec chmod 700 {} +
netalertx-test-mount-config_unwritable | find /tmp/nginx/active-config -type f -exec chmod 600 {} +
netalertx-test-mount-config_unwritable |
netalertx-test-mount-config_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/nginx-configuration-mount.md
netalertx-test-mount-config_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_unwritable | --> expected user id match.sh
netalertx-test-mount-config_unwritable | 
netalertx-test-mount-config_unwritable | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-mount-config_unwritable | --> host mode network.sh
netalertx-test-mount-config_unwritable | --> excessive capabilities.sh
netalertx-test-mount-config_unwritable | --> appliance integrity.sh
netalertx-test-mount-config_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_unwritable | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-config_unwritable |
netalertx-test-mount-config_unwritable | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-config_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-config_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-config_unwritable | --> ports available.sh
netalertx-test-mount-config_unwritable | Container startup checks failed with exit code 1.
netalertx-test-mount-config_unwritable exited with code 1
File: docker-compose.mount-test.data_noread.yml
----------------------------------------
Expected outcome: Mounts table shows /data is mounted and writable but NOT readable (R=❌, W=✅)
Note: This is a diagnostic-only container (entrypoint sleeps); the test chmods/chowns /data to mode 0300.
Testing: docker-compose.mount-test.data_noread.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_test_netalertx_data" Creating
Volume "mount-tests_test_netalertx_data" Created
Container netalertx-test-mount-data_noread Creating
Container netalertx-test-mount-data_noread Created
Attaching to netalertx-test-mount-data_noread
netalertx-test-mount-data_noread | 
netalertx-test-mount-data_noread | _ _ _ ___ _ _ __ __
netalertx-test-mount-data_noread | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-data_noread | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-data_noread | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-data_noread | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-data_noread | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-data_noread |  Network intruder and presence detector.
netalertx-test-mount-data_noread | https://netalertx.com
netalertx-test-mount-data_noread |
netalertx-test-mount-data_noread |
netalertx-test-mount-data_noread | Startup pre-checks
netalertx-test-mount-data_noread | --> data migration.sh
netalertx-test-mount-data_noread | --> capabilities audit.sh
netalertx-test-mount-data_noread | --> mounts.py
netalertx-test-mount-data_noread | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-data_noread | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-data_noread | /data | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-data_noread | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-data_noread | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-data_noread | /tmp | ✅| ✅| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-data_noread | /tmp/api | ✅| ✅| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-data_noread | /tmp/log | ✅| ✅| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-data_noread | /tmp/run | ✅| ✅| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-data_noread | /tmp/nginx/active-config | ✅| ✅| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-data_noread | --> first run config.sh
netalertx-test-mount-data_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-data_noread | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-data_noread |
netalertx-test-mount-data_noread | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-data_noread | this instance in production.
netalertx-test-mount-data_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-data_noread | --> first run db.sh
netalertx-test-mount-data_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-data_noread | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-data_noread |
netalertx-test-mount-data_noread | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-data_noread | DB before onboarding sensitive or critical networks.
netalertx-test-mount-data_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-data_noread | --> mandatory folders.sh
netalertx-test-mount-data_noread | * Creating NetAlertX log directory.
netalertx-test-mount-data_noread | * Creating NetAlertX API cache.
netalertx-test-mount-data_noread | * Creating System services runtime directory.
netalertx-test-mount-data_noread | * Creating nginx active configuration directory.
netalertx-test-mount-data_noread | * Creating Plugins log.
netalertx-test-mount-data_noread | * Creating System services run log.
netalertx-test-mount-data_noread | * Creating DB locked log.
netalertx-test-mount-data_noread | * Creating Execution queue log.
netalertx-test-mount-data_noread | --> apply conf override.sh
netalertx-test-mount-data_noread | --> writable config.sh
netalertx-test-mount-data_noread | --> nginx config.sh
netalertx-test-mount-data_noread | --> expected user id match.sh
netalertx-test-mount-data_noread | --> host mode network.sh
netalertx-test-mount-data_noread | --> excessive capabilities.sh
netalertx-test-mount-data_noread | --> appliance integrity.sh
netalertx-test-mount-data_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-data_noread | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-data_noread |
netalertx-test-mount-data_noread | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-data_noread | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-data_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-data_noread | --> ports available.sh
netalertx-test-mount-data_noread | Starting /usr/sbin/php-fpm83 -y "/services/config/php/php-fpm.conf" -F (tee stderr to app.php_errors.log)
netalertx-test-mount-data_noread | Starting supercronic --quiet "/services/config/cron/crontab" >>"/tmp/log/cron.log" 2>&1 &
netalertx-test-mount-data_noread | Starting python3 -m server > /tmp/log/stdout.log 2> >(tee /tmp/log/stderr.log >&2)
netalertx-test-mount-data_noread | Starting /usr/sbin/nginx -p "/tmp/run/" -c "/tmp/nginx/active-config/nginx.conf" -g "error_log stderr; error_log /tmp/log/nginx-error.log; daemon off;" &
netalertx-test-mount-data_noread | 2026/01/05 02:22:26 [error] 190#190: *1 FastCGI sent in stderr: "PHP message: PHP Warning: session_start(): open(/tmp/run/tmp/sess_ufehnqbor2g6aevc5kn0eb9f2k, O_RDWR) failed: No such file or directory (2) in /app/front/php/templates/security.php on line 50; PHP message: PHP Warning: session_start(): Failed to read session data: files (path: /tmp/run/tmp) in /app/front/php/templates/security.php on line 50" while reading response header from upstream, client: 127.0.0.1, server: , request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/tmp/run/php.sock:", host: "localhost:20211"
netalertx-test-mount-data_noread | Successfully updated IEEE OUI database (112503 entries)
Gracefully stopping... (press Ctrl+C again to force)
Container netalertx-test-mount-data_noread Stopping
Container netalertx-test-mount-data_noread Stopped
File: docker-compose.mount-test.db_mounted.yml
----------------------------------------
Expected outcome: Container starts successfully with proper database mount
- NETALERTX_DB shows as writable and mounted
- No configuration warnings for database path
- Database persistence works correctly
Testing: docker-compose.mount-test.db_mounted.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_test_netalertx_data" Creating
Volume "mount-tests_test_netalertx_data" Created
Container netalertx-test-mount-db_mounted Creating
Container netalertx-test-mount-db_mounted Created
Attaching to netalertx-test-mount-db_mounted
netalertx-test-mount-db_mounted | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-db_mounted | Ownership prepared for PUID=20211.
netalertx-test-mount-db_mounted | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-db_mounted | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-db_mounted | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-db_mounted | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-db_mounted | Ownership prepared for PUID=20211.
netalertx-test-mount-db_mounted | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-db_mounted | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-db_mounted | 
netalertx-test-mount-db_mounted | _ _ _ ___ _ _ __ __
netalertx-test-mount-db_mounted | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-db_mounted | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-db_mounted | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-db_mounted | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-db_mounted | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-db_mounted |  Network intruder and presence detector.
netalertx-test-mount-db_mounted | https://netalertx.com
netalertx-test-mount-db_mounted |
netalertx-test-mount-db_mounted |
netalertx-test-mount-db_mounted | Startup pre-checks
netalertx-test-mount-db_mounted | --> data migration.sh
netalertx-test-mount-db_mounted | --> capabilities audit.sh
netalertx-test-mount-db_mounted | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-mount-db_mounted | --> mounts.py
netalertx-test-mount-db_mounted | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-db_mounted | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-db_mounted | /data | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-db_mounted | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-db_mounted | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-db_mounted | /tmp/run/tmp | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_mounted | /tmp/api | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_mounted | /tmp/log | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_mounted | /tmp/run | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_mounted | /tmp/nginx/active-config | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_mounted |
netalertx-test-mount-db_mounted |
netalertx-test-mount-db_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_mounted | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-db_mounted |
netalertx-test-mount-db_mounted | * /tmp/run/tmp error writing
netalertx-test-mount-db_mounted | * /tmp/api error writing
netalertx-test-mount-db_mounted | * /tmp/log error writing
netalertx-test-mount-db_mounted | * /tmp/run error writing
netalertx-test-mount-db_mounted | * /tmp/nginx/active-config error writing
netalertx-test-mount-db_mounted |
netalertx-test-mount-db_mounted | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-db_mounted | configuration can be quite complex.
netalertx-test-mount-db_mounted |
netalertx-test-mount-db_mounted | Review the documentation for a correct setup:
netalertx-test-mount-db_mounted | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-db_mounted | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-db_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_mounted | 
netalertx-test-mount-db_mounted | --> first run config.sh
netalertx-test-mount-db_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_mounted | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-db_mounted |
netalertx-test-mount-db_mounted | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-db_mounted | this instance in production.
netalertx-test-mount-db_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_mounted | --> first run db.sh
netalertx-test-mount-db_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_mounted | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-db_mounted |
netalertx-test-mount-db_mounted | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-db_mounted | DB before onboarding sensitive or critical networks.
netalertx-test-mount-db_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_mounted | --> mandatory folders.sh
netalertx-test-mount-db_mounted | * Creating Plugins log.
netalertx-test-mount-db_mounted | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-mount-db_mounted | * Creating System services run log.
netalertx-test-mount-db_mounted | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-mount-db_mounted | * Creating System services run tmp.
netalertx-test-mount-db_mounted | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-mount-db_mounted | * Creating DB locked log.
netalertx-test-mount-db_mounted | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-mount-db_mounted | * Creating Execution queue log.
netalertx-test-mount-db_mounted | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-mount-db_mounted | --> apply conf override.sh
netalertx-test-mount-db_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_mounted | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-mount-db_mounted |
netalertx-test-mount-db_mounted | Make sure the JSON content is correct before starting the application.
netalertx-test-mount-db_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_mounted | --> writable config.sh
netalertx-test-mount-db_mounted | --> nginx config.sh
netalertx-test-mount-db_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_mounted | ⚠️ ATTENTION: Unable to write to /tmp/nginx/active-config/netalertx.conf.
netalertx-test-mount-db_mounted |
netalertx-test-mount-db_mounted | Ensure the conf.active mount is writable by the netalertx user before
netalertx-test-mount-db_mounted | changing LISTEN_ADDR or PORT. Fix permissions:
netalertx-test-mount-db_mounted | chown -R 20211:20211 /tmp/nginx/active-config
netalertx-test-mount-db_mounted | find /tmp/nginx/active-config -type d -exec chmod 700 {} +
netalertx-test-mount-db_mounted | find /tmp/nginx/active-config -type f -exec chmod 600 {} +
netalertx-test-mount-db_mounted |
netalertx-test-mount-db_mounted | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/nginx-configuration-mount.md
netalertx-test-mount-db_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_mounted | --> expected user id match.sh
netalertx-test-mount-db_mounted | 
netalertx-test-mount-db_mounted | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-mount-db_mounted | --> host mode network.sh
netalertx-test-mount-db_mounted | --> excessive capabilities.sh
netalertx-test-mount-db_mounted | --> appliance integrity.sh
netalertx-test-mount-db_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_mounted | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-db_mounted |
netalertx-test-mount-db_mounted | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-db_mounted | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-db_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_mounted | --> ports available.sh
netalertx-test-mount-db_mounted exited with code 0
File: docker-compose.mount-test.db_no-mount.yml
----------------------------------------
Expected outcome: Container shows mount error warning but continues running
- NETALERTX_DB shows as not mounted (❌ in Mount column) but path gets created
- Warning message displayed about configuration issues
- Container continues because database directory can be created in writable filesystem
Testing: docker-compose.mount-test.db_no-mount.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_netalertx_config" Creating
Volume "mount-tests_netalertx_config" Created
Container netalertx-test-mount-db_no-mount Creating
Container netalertx-test-mount-db_no-mount Created
Attaching to netalertx-test-mount-db_no-mount
netalertx-test-mount-db_no-mount | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-db_no-mount | Ownership prepared for PUID=20211.
netalertx-test-mount-db_no-mount | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-db_no-mount | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-db_no-mount | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-db_no-mount | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-db_no-mount | Ownership prepared for PUID=20211.
netalertx-test-mount-db_no-mount | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-db_no-mount | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-db_no-mount | 
netalertx-test-mount-db_no-mount | _ _ _ ___ _ _ __ __
netalertx-test-mount-db_no-mount | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-db_no-mount | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-db_no-mount | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-db_no-mount | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-db_no-mount | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-db_no-mount |  Network intruder and presence detector.
netalertx-test-mount-db_no-mount | https://netalertx.com
netalertx-test-mount-db_no-mount |
netalertx-test-mount-db_no-mount |
netalertx-test-mount-db_no-mount | Startup pre-checks
netalertx-test-mount-db_no-mount | --> data migration.sh
netalertx-test-mount-db_no-mount | --> capabilities audit.sh
netalertx-test-mount-db_no-mount | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-mount-db_no-mount | --> mounts.py
netalertx-test-mount-db_no-mount | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-db_no-mount | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-db_no-mount | /data | ✅| ✅| ❌ | | | ❌
netalertx-test-mount-db_no-mount | /data/db | ✅| ✅| ❌ | | | ❌
netalertx-test-mount-db_no-mount | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-db_no-mount | /tmp/run/tmp | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_no-mount | /tmp/api | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_no-mount | /tmp/log | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_no-mount | /tmp/run | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_no-mount | /tmp/nginx/active-config | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_no-mount |
netalertx-test-mount-db_no-mount |
netalertx-test-mount-db_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_no-mount | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-db_no-mount |
netalertx-test-mount-db_no-mount | * /data not mounted, risk of dataloss
netalertx-test-mount-db_no-mount | * /data/db not mounted, risk of dataloss
netalertx-test-mount-db_no-mount | * /tmp/run/tmp error writing, error reading
netalertx-test-mount-db_no-mount | * /tmp/api error writing, error reading
netalertx-test-mount-db_no-mount | * /tmp/log error writing, error reading
netalertx-test-mount-db_no-mount | * /tmp/run error writing, error reading
netalertx-test-mount-db_no-mount | * /tmp/nginx/active-config error writing, error reading
netalertx-test-mount-db_no-mount |
netalertx-test-mount-db_no-mount | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-db_no-mount | configuration can be quite complex.
netalertx-test-mount-db_no-mount |
netalertx-test-mount-db_no-mount | Review the documentation for a correct setup:
netalertx-test-mount-db_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-db_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-db_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_no-mount | 
netalertx-test-mount-db_no-mount | --> first run config.sh
netalertx-test-mount-db_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_no-mount | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-db_no-mount |
netalertx-test-mount-db_no-mount | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-db_no-mount | this instance in production.
netalertx-test-mount-db_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_no-mount | --> first run db.sh
netalertx-test-mount-db_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_no-mount | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-db_no-mount |
netalertx-test-mount-db_no-mount | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-db_no-mount | DB before onboarding sensitive or critical networks.
netalertx-test-mount-db_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_no-mount | --> mandatory folders.sh
netalertx-test-mount-db_no-mount | * Creating Plugins log.
netalertx-test-mount-db_no-mount | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-mount-db_no-mount | * Creating System services run log.
netalertx-test-mount-db_no-mount | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-mount-db_no-mount | * Creating System services run tmp.
netalertx-test-mount-db_no-mount | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-mount-db_no-mount | * Creating DB locked log.
netalertx-test-mount-db_no-mount | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-mount-db_no-mount | * Creating Execution queue log.
netalertx-test-mount-db_no-mount | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-mount-db_no-mount | --> apply conf override.sh
netalertx-test-mount-db_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_no-mount | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-mount-db_no-mount |
netalertx-test-mount-db_no-mount | Make sure the JSON content is correct before starting the application.
netalertx-test-mount-db_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_no-mount | --> writable config.sh
netalertx-test-mount-db_no-mount | --> nginx config.sh
netalertx-test-mount-db_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_no-mount | ⚠️ ATTENTION: Unable to write to /tmp/nginx/active-config/netalertx.conf.
netalertx-test-mount-db_no-mount |
netalertx-test-mount-db_no-mount | Ensure the conf.active mount is writable by the netalertx user before
netalertx-test-mount-db_no-mount | changing LISTEN_ADDR or PORT. Fix permissions:
netalertx-test-mount-db_no-mount | chown -R 20211:20211 /tmp/nginx/active-config
netalertx-test-mount-db_no-mount | find /tmp/nginx/active-config -type d -exec chmod 700 {} +
netalertx-test-mount-db_no-mount | find /tmp/nginx/active-config -type f -exec chmod 600 {} +
netalertx-test-mount-db_no-mount |
netalertx-test-mount-db_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/nginx-configuration-mount.md
netalertx-test-mount-db_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_no-mount | --> expected user id match.sh
netalertx-test-mount-db_no-mount | 
netalertx-test-mount-db_no-mount | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-mount-db_no-mount | --> host mode network.sh
netalertx-test-mount-db_no-mount | --> excessive capabilities.sh
netalertx-test-mount-db_no-mount | --> appliance integrity.sh
netalertx-test-mount-db_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_no-mount | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-db_no-mount |
netalertx-test-mount-db_no-mount | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-db_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-db_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_no-mount | --> ports available.sh
netalertx-test-mount-db_no-mount exited with code 0
File: docker-compose.mount-test.db_noread.yml
----------------------------------------
Expected outcome: Mounts table shows /data/db is mounted and writable but NOT readable (R=❌, W=✅)
Note: This is a diagnostic-only container (entrypoint sleeps); the test chmods/chowns /data/db to mode 0300.
Testing: docker-compose.mount-test.db_noread.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_test_netalertx_data" Creating
Volume "mount-tests_test_netalertx_data" Created
Container netalertx-test-mount-db_noread Creating
Container netalertx-test-mount-db_noread Created
Attaching to netalertx-test-mount-db_noread
netalertx-test-mount-db_noread | 
netalertx-test-mount-db_noread | _ _ _ ___ _ _ __ __
netalertx-test-mount-db_noread | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-db_noread | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-db_noread | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-db_noread | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-db_noread | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-db_noread |  Network intruder and presence detector.
netalertx-test-mount-db_noread | https://netalertx.com
netalertx-test-mount-db_noread |
netalertx-test-mount-db_noread |
netalertx-test-mount-db_noread | Startup pre-checks
netalertx-test-mount-db_noread | --> data migration.sh
netalertx-test-mount-db_noread | --> capabilities audit.sh
netalertx-test-mount-db_noread | --> mounts.py
netalertx-test-mount-db_noread | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-db_noread | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-db_noread | /data | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-db_noread | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-db_noread | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-db_noread | /tmp | ✅| ✅| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_noread | /tmp/api | ✅| ✅| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_noread | /tmp/log | ✅| ✅| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_noread | /tmp/run | ✅| ✅| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_noread | /tmp/nginx/active-config | ✅| ✅| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_noread | --> first run config.sh
netalertx-test-mount-db_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_noread | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-db_noread |
netalertx-test-mount-db_noread | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-db_noread | this instance in production.
netalertx-test-mount-db_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_noread | --> first run db.sh
netalertx-test-mount-db_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_noread | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-db_noread |
netalertx-test-mount-db_noread | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-db_noread | DB before onboarding sensitive or critical networks.
netalertx-test-mount-db_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_noread | --> mandatory folders.sh
netalertx-test-mount-db_noread | * Creating NetAlertX log directory.
netalertx-test-mount-db_noread | * Creating NetAlertX API cache.
netalertx-test-mount-db_noread | * Creating System services runtime directory.
netalertx-test-mount-db_noread | * Creating nginx active configuration directory.
netalertx-test-mount-db_noread | * Creating Plugins log.
netalertx-test-mount-db_noread | * Creating System services run log.
netalertx-test-mount-db_noread | * Creating DB locked log.
netalertx-test-mount-db_noread | * Creating Execution queue log.
netalertx-test-mount-db_noread | --> apply conf override.sh
netalertx-test-mount-db_noread | --> writable config.sh
netalertx-test-mount-db_noread | --> nginx config.sh
netalertx-test-mount-db_noread | --> expected user id match.sh
netalertx-test-mount-db_noread | --> host mode network.sh
netalertx-test-mount-db_noread | --> excessive capabilities.sh
netalertx-test-mount-db_noread | --> appliance integrity.sh
netalertx-test-mount-db_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_noread | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-db_noread |
netalertx-test-mount-db_noread | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-db_noread | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-db_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_noread | --> ports available.sh
netalertx-test-mount-db_noread | Starting supercronic --quiet "/services/config/cron/crontab" >>"/tmp/log/cron.log" 2>&1 &
netalertx-test-mount-db_noread | Starting /usr/sbin/php-fpm83 -y "/services/config/php/php-fpm.conf" -F (tee stderr to app.php_errors.log)
netalertx-test-mount-db_noread | Starting python3 -m server > /tmp/log/stdout.log 2> >(tee /tmp/log/stderr.log >&2)
netalertx-test-mount-db_noread | Starting /usr/sbin/nginx -p "/tmp/run/" -c "/tmp/nginx/active-config/nginx.conf" -g "error_log stderr; error_log /tmp/log/nginx-error.log; daemon off;" &
netalertx-test-mount-db_noread | 2026/01/05 02:22:43 [error] 190#190: *1 FastCGI sent in stderr: "PHP message: PHP Warning: session_start(): open(/tmp/run/tmp/sess_4c8q75r1vlsf59n7bmcfsuo41q, O_RDWR) failed: No such file or directory (2) in /app/front/php/templates/security.php on line 50; PHP message: PHP Warning: session_start(): Failed to read session data: files (path: /tmp/run/tmp) in /app/front/php/templates/security.php on line 50" while reading response header from upstream, client: 127.0.0.1, server: , request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/tmp/run/php.sock:", host: "localhost:20211"
netalertx-test-mount-db_noread | Successfully updated IEEE OUI database (112503 entries)
netalertx-test-mount-db_noread | 2026/01/05 02:22:45 [error] 191#191: *3 FastCGI sent in stderr: "PHP message: PHP Warning: session_start(): open(/tmp/run/tmp/sess_vnqqcr4d26f61l8o1hmtmomn08, O_RDWR) failed: No such file or directory (2) in /app/front/php/templates/security.php on line 50; PHP message: PHP Warning: session_start(): Failed to read session data: files (path: /tmp/run/tmp) in /app/front/php/templates/security.php on line 50" while reading response header from upstream, client: 127.0.0.1, server: , request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/tmp/run/php.sock:", host: "localhost:20211"
Gracefully stopping... (press Ctrl+C again to force)
Container netalertx-test-mount-db_noread Stopping
Container netalertx-test-mount-db_noread Stopped
File: docker-compose.mount-test.db_ramdisk.yml
----------------------------------------
Expected outcome: Container shows dataloss risk warning for database on RAM disk
- NETALERTX_DB shows as mounted on tmpfs (RAM disk)
- Dataloss risk warning since database should be persistent
- Database will be lost on container restart
Testing: docker-compose.mount-test.db_ramdisk.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_netalertx_config" Creating
Volume "mount-tests_netalertx_config" Created
Container netalertx-test-mount-db_ramdisk Creating
Container netalertx-test-mount-db_ramdisk Created
Attaching to netalertx-test-mount-db_ramdisk
netalertx-test-mount-db_ramdisk | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-db_ramdisk | Ownership prepared for PUID=20211.
netalertx-test-mount-db_ramdisk | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-db_ramdisk | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-db_ramdisk | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-db_ramdisk | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-db_ramdisk | Ownership prepared for PUID=20211.
netalertx-test-mount-db_ramdisk | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-db_ramdisk | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-db_ramdisk | 
netalertx-test-mount-db_ramdisk | _ _ _ ___ _ _ __ __
netalertx-test-mount-db_ramdisk | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-db_ramdisk | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-db_ramdisk | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-db_ramdisk | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-db_ramdisk | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-db_ramdisk |  Network intruder and presence detector.
netalertx-test-mount-db_ramdisk | https://netalertx.com
netalertx-test-mount-db_ramdisk |
netalertx-test-mount-db_ramdisk |
netalertx-test-mount-db_ramdisk | Startup pre-checks
netalertx-test-mount-db_ramdisk | --> data migration.sh
netalertx-test-mount-db_ramdisk | --> capabilities audit.sh
netalertx-test-mount-db_ramdisk | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-mount-db_ramdisk | --> mounts.py
netalertx-test-mount-db_ramdisk | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-db_ramdisk | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-db_ramdisk | /data | ✅| ✅| ❌ | | | ❌
netalertx-test-mount-db_ramdisk | /data/db | ❌| ❌| ✅ | ❌ | | ❌
netalertx-test-mount-db_ramdisk | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-db_ramdisk | /tmp/run/tmp | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_ramdisk | /tmp/api | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_ramdisk | /tmp/log | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_ramdisk | /tmp/run | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_ramdisk | /tmp/nginx/active-config | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_ramdisk |
netalertx-test-mount-db_ramdisk |
netalertx-test-mount-db_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_ramdisk | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-db_ramdisk |
netalertx-test-mount-db_ramdisk | * /data not mounted, risk of dataloss
netalertx-test-mount-db_ramdisk | * /data/db error writing, error reading, risk of dataloss
netalertx-test-mount-db_ramdisk | * /tmp/run/tmp error writing, error reading
netalertx-test-mount-db_ramdisk | * /tmp/api error writing, error reading
netalertx-test-mount-db_ramdisk | * /tmp/log error writing, error reading
netalertx-test-mount-db_ramdisk | * /tmp/run error writing, error reading
netalertx-test-mount-db_ramdisk | * /tmp/nginx/active-config error writing, error reading
netalertx-test-mount-db_ramdisk |
netalertx-test-mount-db_ramdisk | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-db_ramdisk | configuration can be quite complex.
netalertx-test-mount-db_ramdisk |
netalertx-test-mount-db_ramdisk | Review the documentation for a correct setup:
netalertx-test-mount-db_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-db_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-db_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_ramdisk | 
netalertx-test-mount-db_ramdisk | \033[1;31m══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_ramdisk | ❌ NetAlertX startup aborted: critical failure in mounts.py.
netalertx-test-mount-db_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/troubleshooting.md
netalertx-test-mount-db_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_ramdisk | --> first run config.sh
netalertx-test-mount-db_ramdisk | \033[0m══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_ramdisk | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-db_ramdisk |
netalertx-test-mount-db_ramdisk | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-db_ramdisk | this instance in production.
netalertx-test-mount-db_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_ramdisk | --> first run db.sh
netalertx-test-mount-db_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_ramdisk | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-db_ramdisk |
netalertx-test-mount-db_ramdisk | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-db_ramdisk | DB before onboarding sensitive or critical networks.
netalertx-test-mount-db_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_ramdisk | Error: unable to open database "/data/db/app.db": unable to open database file
netalertx-test-mount-db_ramdisk | \033[1;31m══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_ramdisk | ❌ NetAlertX startup aborted: critical failure in first run db.sh.
netalertx-test-mount-db_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/troubleshooting.md
netalertx-test-mount-db_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_ramdisk | --> mandatory folders.sh
netalertx-test-mount-db_ramdisk | * Creating Plugins log.
netalertx-test-mount-db_ramdisk | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-mount-db_ramdisk | * Creating System services run log.
netalertx-test-mount-db_ramdisk | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-mount-db_ramdisk | * Creating System services run tmp.
netalertx-test-mount-db_ramdisk | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-mount-db_ramdisk | * Creating DB locked log.
netalertx-test-mount-db_ramdisk | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-mount-db_ramdisk | * Creating Execution queue log.
netalertx-test-mount-db_ramdisk | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-mount-db_ramdisk | --> apply conf override.sh
netalertx-test-mount-db_ramdisk | \033[0m══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_ramdisk | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-mount-db_ramdisk |
netalertx-test-mount-db_ramdisk | Make sure the JSON content is correct before starting the application.
netalertx-test-mount-db_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_ramdisk | --> writable config.sh
netalertx-test-mount-db_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_ramdisk | ❌ CRITICAL: Path does not exist.
netalertx-test-mount-db_ramdisk |
netalertx-test-mount-db_ramdisk | The required path "/data/db/app.db" could not be found. The application
netalertx-test-mount-db_ramdisk | cannot start without its complete directory structure.
netalertx-test-mount-db_ramdisk |
netalertx-test-mount-db_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/file-permissions.md
netalertx-test-mount-db_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_ramdisk | \033[1;31m══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_ramdisk | ❌ NetAlertX startup aborted: critical failure in writable config.sh.
netalertx-test-mount-db_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/troubleshooting.md
netalertx-test-mount-db_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_ramdisk | --> nginx config.sh
netalertx-test-mount-db_ramdisk | \033[0m══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_ramdisk | ⚠️ ATTENTION: Unable to write to /tmp/nginx/active-config/netalertx.conf.
netalertx-test-mount-db_ramdisk |
netalertx-test-mount-db_ramdisk | Ensure the conf.active mount is writable by the netalertx user before
netalertx-test-mount-db_ramdisk | changing LISTEN_ADDR or PORT. Fix permissions:
netalertx-test-mount-db_ramdisk | chown -R 20211:20211 /tmp/nginx/active-config
netalertx-test-mount-db_ramdisk | find /tmp/nginx/active-config -type d -exec chmod 700 {} +
netalertx-test-mount-db_ramdisk | find /tmp/nginx/active-config -type f -exec chmod 600 {} +
netalertx-test-mount-db_ramdisk |
netalertx-test-mount-db_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/nginx-configuration-mount.md
netalertx-test-mount-db_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_ramdisk | --> expected user id match.sh
netalertx-test-mount-db_ramdisk | 
netalertx-test-mount-db_ramdisk | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-mount-db_ramdisk | --> host mode network.sh
netalertx-test-mount-db_ramdisk | --> excessive capabilities.sh
netalertx-test-mount-db_ramdisk | --> appliance integrity.sh
netalertx-test-mount-db_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_ramdisk | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-db_ramdisk |
netalertx-test-mount-db_ramdisk | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-db_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-db_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_ramdisk | --> ports available.sh
netalertx-test-mount-db_ramdisk | Container startup checks failed with exit code 1.
netalertx-test-mount-db_ramdisk exited with code 1
File: docker-compose.mount-test.db_unwritable.yml
----------------------------------------
Expected outcome: Container fails to start due to unwritable database partition
- NETALERTX_DB shows as mounted but unwritable (❌ in Writeable column)
- 30-writable-config.sh detects permission error and exits with code 1
- Container startup fails because database files cannot be written to
Testing: docker-compose.mount-test.db_unwritable.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_test_netalertx_db" Creating
Volume "mount-tests_test_netalertx_db" Created
Volume "mount-tests_netalertx_config" Creating
Volume "mount-tests_netalertx_config" Created
Container netalertx-test-mount-db_unwritable Creating
Container netalertx-test-mount-db_unwritable Created
Attaching to netalertx-test-mount-db_unwritable
netalertx-test-mount-db_unwritable | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-db_unwritable | Ownership prepared for PUID=20211.
netalertx-test-mount-db_unwritable | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-db_unwritable | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-db_unwritable | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-db_unwritable | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-db_unwritable | Ownership prepared for PUID=20211.
netalertx-test-mount-db_unwritable | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-db_unwritable | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-db_unwritable | 
netalertx-test-mount-db_unwritable | _ _ _ ___ _ _ __ __
netalertx-test-mount-db_unwritable | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-db_unwritable | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-db_unwritable | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-db_unwritable | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-db_unwritable | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-db_unwritable |  Network intruder and presence detector.
netalertx-test-mount-db_unwritable | https://netalertx.com
netalertx-test-mount-db_unwritable |
netalertx-test-mount-db_unwritable |
netalertx-test-mount-db_unwritable | Startup pre-checks
netalertx-test-mount-db_unwritable | --> data migration.sh
netalertx-test-mount-db_unwritable | --> capabilities audit.sh
netalertx-test-mount-db_unwritable | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-mount-db_unwritable | --> mounts.py
netalertx-test-mount-db_unwritable | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-db_unwritable | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-db_unwritable | /data | ✅| ✅| ❌ | | | ❌
netalertx-test-mount-db_unwritable | /data/db | ✅| ❌| ✅ | | | ✅
netalertx-test-mount-db_unwritable | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-db_unwritable | /tmp/run/tmp | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_unwritable | /tmp/api | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_unwritable | /tmp/log | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_unwritable | /tmp/run | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_unwritable | /tmp/nginx/active-config | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-db_unwritable |
netalertx-test-mount-db_unwritable |
netalertx-test-mount-db_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_unwritable | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-db_unwritable |
netalertx-test-mount-db_unwritable | * /data not mounted, risk of dataloss
netalertx-test-mount-db_unwritable | * /data/db error writing
netalertx-test-mount-db_unwritable | * /tmp/run/tmp error writing, error reading
netalertx-test-mount-db_unwritable | * /tmp/api error writing, error reading
netalertx-test-mount-db_unwritable | * /tmp/log error writing, error reading
netalertx-test-mount-db_unwritable | * /tmp/run error writing, error reading
netalertx-test-mount-db_unwritable | * /tmp/nginx/active-config error writing, error reading
netalertx-test-mount-db_unwritable |
netalertx-test-mount-db_unwritable | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-db_unwritable | configuration can be quite complex.
netalertx-test-mount-db_unwritable |
netalertx-test-mount-db_unwritable | Review the documentation for a correct setup:
netalertx-test-mount-db_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-db_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-db_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_unwritable | 
netalertx-test-mount-db_unwritable | \033[1;31m══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_unwritable | ❌ NetAlertX startup aborted: critical failure in mounts.py.
netalertx-test-mount-db_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/troubleshooting.md
netalertx-test-mount-db_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_unwritable | --> first run config.sh
netalertx-test-mount-db_unwritable | \033[0m══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_unwritable | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-db_unwritable |
netalertx-test-mount-db_unwritable | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-db_unwritable | this instance in production.
netalertx-test-mount-db_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_unwritable | --> first run db.sh
netalertx-test-mount-db_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_unwritable | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-db_unwritable |
netalertx-test-mount-db_unwritable | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-db_unwritable | DB before onboarding sensitive or critical networks.
netalertx-test-mount-db_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_unwritable | Error: unable to open database "/data/db/app.db": unable to open database file
netalertx-test-mount-db_unwritable | \033[1;31m══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_unwritable | ❌ NetAlertX startup aborted: critical failure in first run db.sh.
netalertx-test-mount-db_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/troubleshooting.md
netalertx-test-mount-db_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_unwritable | --> mandatory folders.sh
netalertx-test-mount-db_unwritable | * Creating Plugins log.
netalertx-test-mount-db_unwritable | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-mount-db_unwritable | * Creating System services run log.
netalertx-test-mount-db_unwritable | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-mount-db_unwritable | * Creating System services run tmp.
netalertx-test-mount-db_unwritable | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-mount-db_unwritable | * Creating DB locked log.
netalertx-test-mount-db_unwritable | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-mount-db_unwritable | * Creating Execution queue log.
netalertx-test-mount-db_unwritable | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-mount-db_unwritable | --> apply conf override.sh
netalertx-test-mount-db_unwritable | \033[0m══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_unwritable | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-mount-db_unwritable |
netalertx-test-mount-db_unwritable | Make sure the JSON content is correct before starting the application.
netalertx-test-mount-db_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_unwritable | --> writable config.sh
netalertx-test-mount-db_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_unwritable | ❌ CRITICAL: Path does not exist.
netalertx-test-mount-db_unwritable |
netalertx-test-mount-db_unwritable | The required path "/data/db/app.db" could not be found. The application
netalertx-test-mount-db_unwritable | cannot start without its complete directory structure.
netalertx-test-mount-db_unwritable |
netalertx-test-mount-db_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/file-permissions.md
netalertx-test-mount-db_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_unwritable | \033[1;31m══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_unwritable | ❌ NetAlertX startup aborted: critical failure in writable config.sh.
netalertx-test-mount-db_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/troubleshooting.md
netalertx-test-mount-db_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_unwritable | --> nginx config.sh
netalertx-test-mount-db_unwritable | \033[0m══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_unwritable | ⚠️ ATTENTION: Unable to write to /tmp/nginx/active-config/netalertx.conf.
netalertx-test-mount-db_unwritable |
netalertx-test-mount-db_unwritable | Ensure the conf.active mount is writable by the netalertx user before
netalertx-test-mount-db_unwritable | changing LISTEN_ADDR or PORT. Fix permissions:
netalertx-test-mount-db_unwritable | chown -R 20211:20211 /tmp/nginx/active-config
netalertx-test-mount-db_unwritable | find /tmp/nginx/active-config -type d -exec chmod 700 {} +
netalertx-test-mount-db_unwritable | find /tmp/nginx/active-config -type f -exec chmod 600 {} +
netalertx-test-mount-db_unwritable |
netalertx-test-mount-db_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/nginx-configuration-mount.md
netalertx-test-mount-db_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_unwritable | --> expected user id match.sh
netalertx-test-mount-db_unwritable | 
netalertx-test-mount-db_unwritable | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-mount-db_unwritable | --> host mode network.sh
netalertx-test-mount-db_unwritable | --> excessive capabilities.sh
netalertx-test-mount-db_unwritable | --> appliance integrity.sh
netalertx-test-mount-db_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_unwritable | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-db_unwritable |
netalertx-test-mount-db_unwritable | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-db_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-db_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-db_unwritable | --> ports available.sh
netalertx-test-mount-db_unwritable | Container startup checks failed with exit code 1.
netalertx-test-mount-db_unwritable exited with code 1
File: docker-compose.mount-test.log_mounted.yml
----------------------------------------
Expected outcome: Container starts successfully with proper log mount
- NETALERTX_LOG shows as mounted and writable
- No mount warnings since logs can be non-persistent
- Container starts normally with logging enabled
Testing: docker-compose.mount-test.log_mounted.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_netalertx_config" Creating
Volume "mount-tests_netalertx_config" Created
Volume "mount-tests_test_netalertx_log" Creating
Volume "mount-tests_test_netalertx_log" Created
Volume "mount-tests_netalertx_db" Creating
Volume "mount-tests_netalertx_db" Created
Container netalertx-test-mount-log_mounted Creating
Container netalertx-test-mount-log_mounted Created
Attaching to netalertx-test-mount-log_mounted
netalertx-test-mount-log_mounted | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-log_mounted | Ownership prepared for PUID=20211.
netalertx-test-mount-log_mounted | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-log_mounted | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-log_mounted | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-log_mounted | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-log_mounted | Ownership prepared for PUID=20211.
netalertx-test-mount-log_mounted | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-log_mounted | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-log_mounted | 
netalertx-test-mount-log_mounted | _ _ _ ___ _ _ __ __
netalertx-test-mount-log_mounted | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-log_mounted | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-log_mounted | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-log_mounted | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-log_mounted | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-log_mounted |  Network intruder and presence detector.
netalertx-test-mount-log_mounted | https://netalertx.com
netalertx-test-mount-log_mounted |
netalertx-test-mount-log_mounted |
netalertx-test-mount-log_mounted | Startup pre-checks
netalertx-test-mount-log_mounted | --> data migration.sh
netalertx-test-mount-log_mounted | --> capabilities audit.sh
netalertx-test-mount-log_mounted | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-mount-log_mounted | --> mounts.py
netalertx-test-mount-log_mounted | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-log_mounted | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-log_mounted | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-log_mounted | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-log_mounted | /tmp/run/tmp | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-log_mounted | /tmp/api | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-log_mounted | /tmp/log | ✅| ✅| ✅ | ❌ | ❌ | ✅
netalertx-test-mount-log_mounted | /tmp/run | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-log_mounted | /tmp/nginx/active-config | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-log_mounted |
netalertx-test-mount-log_mounted |
netalertx-test-mount-log_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_mounted | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-log_mounted |
netalertx-test-mount-log_mounted | * /tmp/run/tmp error writing, error reading
netalertx-test-mount-log_mounted | * /tmp/api error writing, error reading
netalertx-test-mount-log_mounted | * /tmp/log performance issue
netalertx-test-mount-log_mounted | * /tmp/run error writing, error reading
netalertx-test-mount-log_mounted | * /tmp/nginx/active-config error writing, error reading
netalertx-test-mount-log_mounted |
netalertx-test-mount-log_mounted | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-log_mounted | configuration can be quite complex.
netalertx-test-mount-log_mounted |
netalertx-test-mount-log_mounted | Review the documentation for a correct setup:
netalertx-test-mount-log_mounted | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-log_mounted | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-log_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_mounted | 
netalertx-test-mount-log_mounted | --> first run config.sh
netalertx-test-mount-log_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_mounted | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-log_mounted |
netalertx-test-mount-log_mounted | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-log_mounted | this instance in production.
netalertx-test-mount-log_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_mounted | --> first run db.sh
netalertx-test-mount-log_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_mounted | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-log_mounted |
netalertx-test-mount-log_mounted | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-log_mounted | DB before onboarding sensitive or critical networks.
netalertx-test-mount-log_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_mounted | --> mandatory folders.sh
netalertx-test-mount-log_mounted | * Creating System services run log.
netalertx-test-mount-log_mounted | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-mount-log_mounted | * Creating System services run tmp.
netalertx-test-mount-log_mounted | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-mount-log_mounted | --> apply conf override.sh
netalertx-test-mount-log_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_mounted | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-mount-log_mounted |
netalertx-test-mount-log_mounted | Make sure the JSON content is correct before starting the application.
netalertx-test-mount-log_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_mounted | --> writable config.sh
netalertx-test-mount-log_mounted | --> nginx config.sh
netalertx-test-mount-log_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_mounted | ⚠️ ATTENTION: Unable to write to /tmp/nginx/active-config/netalertx.conf.
netalertx-test-mount-log_mounted |
netalertx-test-mount-log_mounted | Ensure the conf.active mount is writable by the netalertx user before
netalertx-test-mount-log_mounted | changing LISTEN_ADDR or PORT. Fix permissions:
netalertx-test-mount-log_mounted | chown -R 20211:20211 /tmp/nginx/active-config
netalertx-test-mount-log_mounted | find /tmp/nginx/active-config -type d -exec chmod 700 {} +
netalertx-test-mount-log_mounted | find /tmp/nginx/active-config -type f -exec chmod 600 {} +
netalertx-test-mount-log_mounted |
netalertx-test-mount-log_mounted | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/nginx-configuration-mount.md
netalertx-test-mount-log_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_mounted | --> expected user id match.sh
netalertx-test-mount-log_mounted | 
netalertx-test-mount-log_mounted | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-mount-log_mounted | --> host mode network.sh
netalertx-test-mount-log_mounted | --> excessive capabilities.sh
netalertx-test-mount-log_mounted | --> appliance integrity.sh
netalertx-test-mount-log_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_mounted | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-log_mounted |
netalertx-test-mount-log_mounted | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-log_mounted | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-log_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_mounted | --> ports available.sh
netalertx-test-mount-log_mounted exited with code 0
File: docker-compose.mount-test.log_no-mount.yml
----------------------------------------
Expected outcome: Container shows mount error warning but continues running
- NETALERTX_LOG shows as not mounted (❌ in Mount column)
- Warning message displayed about configuration issues
- Container continues to run despite the mount error
Testing: docker-compose.mount-test.log_no-mount.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_netalertx_db" Creating
Volume "mount-tests_netalertx_db" Created
Volume "mount-tests_netalertx_config" Creating
Volume "mount-tests_netalertx_config" Created
Container netalertx-test-mount-log_no-mount Creating
Container netalertx-test-mount-log_no-mount Created
Attaching to netalertx-test-mount-log_no-mount
netalertx-test-mount-log_no-mount | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-log_no-mount | Ownership prepared for PUID=20211.
netalertx-test-mount-log_no-mount | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-log_no-mount | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-log_no-mount | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-log_no-mount | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-log_no-mount | Ownership prepared for PUID=20211.
netalertx-test-mount-log_no-mount | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-log_no-mount | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-log_no-mount | 
netalertx-test-mount-log_no-mount | _ _ _ ___ _ _ __ __
netalertx-test-mount-log_no-mount | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-log_no-mount | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-log_no-mount | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-log_no-mount | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-log_no-mount | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-log_no-mount |  Network intruder and presence detector.
netalertx-test-mount-log_no-mount | https://netalertx.com
netalertx-test-mount-log_no-mount |
netalertx-test-mount-log_no-mount |
netalertx-test-mount-log_no-mount | Startup pre-checks
netalertx-test-mount-log_no-mount | --> data migration.sh
netalertx-test-mount-log_no-mount | --> capabilities audit.sh
netalertx-test-mount-log_no-mount | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-mount-log_no-mount | --> mounts.py
netalertx-test-mount-log_no-mount | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-log_no-mount | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-log_no-mount | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-log_no-mount | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-log_no-mount | /tmp/run/tmp | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-log_no-mount | /tmp/api | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-log_no-mount | /tmp/log | ✅| ✅| ❌ | ❌ | ❌ | ✅
netalertx-test-mount-log_no-mount | /tmp/run | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-log_no-mount | /tmp/nginx/active-config | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-log_no-mount |
netalertx-test-mount-log_no-mount |
netalertx-test-mount-log_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_no-mount | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-log_no-mount |
netalertx-test-mount-log_no-mount | * /tmp/run/tmp error writing, error reading
netalertx-test-mount-log_no-mount | * /tmp/api error writing, error reading
netalertx-test-mount-log_no-mount | * /tmp/log not mounted, performance issue
netalertx-test-mount-log_no-mount | * /tmp/run error writing, error reading
netalertx-test-mount-log_no-mount | * /tmp/nginx/active-config error writing, error reading
netalertx-test-mount-log_no-mount |
netalertx-test-mount-log_no-mount | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-log_no-mount | configuration can be quite complex.
netalertx-test-mount-log_no-mount |
netalertx-test-mount-log_no-mount | Review the documentation for a correct setup:
netalertx-test-mount-log_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-log_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-log_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_no-mount | 
netalertx-test-mount-log_no-mount | --> first run config.sh
netalertx-test-mount-log_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_no-mount | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-log_no-mount |
netalertx-test-mount-log_no-mount | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-log_no-mount | this instance in production.
netalertx-test-mount-log_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_no-mount | --> first run db.sh
netalertx-test-mount-log_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_no-mount | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-log_no-mount |
netalertx-test-mount-log_no-mount | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-log_no-mount | DB before onboarding sensitive or critical networks.
netalertx-test-mount-log_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_no-mount | --> mandatory folders.sh
netalertx-test-mount-log_no-mount | * Creating System services run log.
netalertx-test-mount-log_no-mount | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-mount-log_no-mount | * Creating System services run tmp.
netalertx-test-mount-log_no-mount | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-mount-log_no-mount | --> apply conf override.sh
netalertx-test-mount-log_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_no-mount | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-mount-log_no-mount |
netalertx-test-mount-log_no-mount | Make sure the JSON content is correct before starting the application.
netalertx-test-mount-log_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_no-mount | --> writable config.sh
netalertx-test-mount-log_no-mount | --> nginx config.sh
netalertx-test-mount-log_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_no-mount | ⚠️ ATTENTION: Unable to write to /tmp/nginx/active-config/netalertx.conf.
netalertx-test-mount-log_no-mount |
netalertx-test-mount-log_no-mount | Ensure the conf.active mount is writable by the netalertx user before
netalertx-test-mount-log_no-mount | changing LISTEN_ADDR or PORT. Fix permissions:
netalertx-test-mount-log_no-mount | chown -R 20211:20211 /tmp/nginx/active-config
netalertx-test-mount-log_no-mount | find /tmp/nginx/active-config -type d -exec chmod 700 {} +
netalertx-test-mount-log_no-mount | find /tmp/nginx/active-config -type f -exec chmod 600 {} +
netalertx-test-mount-log_no-mount |
netalertx-test-mount-log_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/nginx-configuration-mount.md
netalertx-test-mount-log_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_no-mount | --> expected user id match.sh
netalertx-test-mount-log_no-mount | 
netalertx-test-mount-log_no-mount | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-mount-log_no-mount | --> host mode network.sh
netalertx-test-mount-log_no-mount | --> excessive capabilities.sh
netalertx-test-mount-log_no-mount | --> appliance integrity.sh
netalertx-test-mount-log_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_no-mount | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-log_no-mount |
netalertx-test-mount-log_no-mount | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-log_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-log_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_no-mount | --> ports available.sh
netalertx-test-mount-log_no-mount exited with code 0
File: docker-compose.mount-test.log_ramdisk.yml
----------------------------------------
Expected outcome: Container shows dataloss risk warning for logs on RAM disk
- NETALERTX_LOG shows as mounted on tmpfs (RAM disk)
- Dataloss risk warning since logs may be lost on restart
- Container starts but logs may not persist
Testing: docker-compose.mount-test.log_ramdisk.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_test_netalertx_data" Creating
Volume "mount-tests_test_netalertx_data" Created
Container netalertx-test-mount-log_ramdisk Creating
Container netalertx-test-mount-log_ramdisk Created
Attaching to netalertx-test-mount-log_ramdisk
netalertx-test-mount-log_ramdisk | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-log_ramdisk | Ownership prepared for PUID=20211.
netalertx-test-mount-log_ramdisk | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-log_ramdisk | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-log_ramdisk | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-log_ramdisk | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-log_ramdisk | Ownership prepared for PUID=20211.
netalertx-test-mount-log_ramdisk | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-log_ramdisk | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-log_ramdisk | 
netalertx-test-mount-log_ramdisk | _ _ _ ___ _ _ __ __
netalertx-test-mount-log_ramdisk | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-log_ramdisk | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-log_ramdisk | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-log_ramdisk | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-log_ramdisk | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-log_ramdisk |  Network intruder and presence detector.
netalertx-test-mount-log_ramdisk | https://netalertx.com
netalertx-test-mount-log_ramdisk |
netalertx-test-mount-log_ramdisk |
netalertx-test-mount-log_ramdisk | Startup pre-checks
netalertx-test-mount-log_ramdisk | --> data migration.sh
netalertx-test-mount-log_ramdisk | --> capabilities audit.sh
netalertx-test-mount-log_ramdisk | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-mount-log_ramdisk | --> mounts.py
netalertx-test-mount-log_ramdisk | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-log_ramdisk | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-log_ramdisk | /data | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-log_ramdisk | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-log_ramdisk | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-log_ramdisk | /tmp/run/tmp | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-log_ramdisk | /tmp/api | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-log_ramdisk | /tmp/log | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-log_ramdisk | /tmp/run | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-log_ramdisk | /tmp/nginx/active-config | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-log_ramdisk |
netalertx-test-mount-log_ramdisk |
netalertx-test-mount-log_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_ramdisk | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-log_ramdisk |
netalertx-test-mount-log_ramdisk | * /tmp/run/tmp error writing
netalertx-test-mount-log_ramdisk | * /tmp/api error writing
netalertx-test-mount-log_ramdisk | * /tmp/log error writing
netalertx-test-mount-log_ramdisk | * /tmp/run error writing
netalertx-test-mount-log_ramdisk | * /tmp/nginx/active-config error writing
netalertx-test-mount-log_ramdisk |
netalertx-test-mount-log_ramdisk | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-log_ramdisk | configuration can be quite complex.
netalertx-test-mount-log_ramdisk |
netalertx-test-mount-log_ramdisk | Review the documentation for a correct setup:
netalertx-test-mount-log_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-log_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-log_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_ramdisk | 
netalertx-test-mount-log_ramdisk | --> first run config.sh
netalertx-test-mount-log_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_ramdisk | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-log_ramdisk |
netalertx-test-mount-log_ramdisk | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-log_ramdisk | this instance in production.
netalertx-test-mount-log_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_ramdisk | --> first run db.sh
netalertx-test-mount-log_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_ramdisk | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-log_ramdisk |
netalertx-test-mount-log_ramdisk | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-log_ramdisk | DB before onboarding sensitive or critical networks.
netalertx-test-mount-log_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_ramdisk | --> mandatory folders.sh
netalertx-test-mount-log_ramdisk | * Creating Plugins log.
netalertx-test-mount-log_ramdisk | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-mount-log_ramdisk | * Creating System services run log.
netalertx-test-mount-log_ramdisk | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-mount-log_ramdisk | * Creating System services run tmp.
netalertx-test-mount-log_ramdisk | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-mount-log_ramdisk | * Creating DB locked log.
netalertx-test-mount-log_ramdisk | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-mount-log_ramdisk | * Creating Execution queue log.
netalertx-test-mount-log_ramdisk | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-mount-log_ramdisk | --> apply conf override.sh
netalertx-test-mount-log_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_ramdisk | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-mount-log_ramdisk |
netalertx-test-mount-log_ramdisk | Make sure the JSON content is correct before starting the application.
netalertx-test-mount-log_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_ramdisk | --> writable config.sh
netalertx-test-mount-log_ramdisk | --> nginx config.sh
netalertx-test-mount-log_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_ramdisk | ⚠️ ATTENTION: Unable to write to /tmp/nginx/active-config/netalertx.conf.
netalertx-test-mount-log_ramdisk |
netalertx-test-mount-log_ramdisk | Ensure the conf.active mount is writable by the netalertx user before
netalertx-test-mount-log_ramdisk | changing LISTEN_ADDR or PORT. Fix permissions:
netalertx-test-mount-log_ramdisk | chown -R 20211:20211 /tmp/nginx/active-config
netalertx-test-mount-log_ramdisk | find /tmp/nginx/active-config -type d -exec chmod 700 {} +
netalertx-test-mount-log_ramdisk | find /tmp/nginx/active-config -type f -exec chmod 600 {} +
netalertx-test-mount-log_ramdisk |
netalertx-test-mount-log_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/nginx-configuration-mount.md
netalertx-test-mount-log_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_ramdisk | --> expected user id match.sh
netalertx-test-mount-log_ramdisk | 
netalertx-test-mount-log_ramdisk | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-mount-log_ramdisk | --> host mode network.sh
netalertx-test-mount-log_ramdisk | --> excessive capabilities.sh
netalertx-test-mount-log_ramdisk | --> appliance integrity.sh
netalertx-test-mount-log_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_ramdisk | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-log_ramdisk |
netalertx-test-mount-log_ramdisk | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-log_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-log_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_ramdisk | --> ports available.sh
netalertx-test-mount-log_ramdisk exited with code 0
File: docker-compose.mount-test.log_unwritable.yml
----------------------------------------
Expected outcome: Container fails to start due to unwritable log partition
- NETALERTX_LOG shows as mounted but unwritable (❌ in Writeable column)
- 25-mandatory-folders.sh cannot create required log files and fails
- Container startup fails because logging infrastructure cannot be initialized
Testing: docker-compose.mount-test.log_unwritable.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_netalertx_config" Creating
Volume "mount-tests_netalertx_config" Created
Volume "mount-tests_test_netalertx_log" Creating
Volume "mount-tests_test_netalertx_log" Created
Volume "mount-tests_netalertx_db" Creating
Volume "mount-tests_netalertx_db" Created
Container netalertx-test-mount-log_unwritable Creating
Container netalertx-test-mount-log_unwritable Created
Attaching to netalertx-test-mount-log_unwritable
netalertx-test-mount-log_unwritable | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-log_unwritable | Ownership prepared for PUID=20211.
netalertx-test-mount-log_unwritable | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-log_unwritable | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-log_unwritable | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-log_unwritable | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-log_unwritable | Ownership prepared for PUID=20211.
netalertx-test-mount-log_unwritable | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-log_unwritable | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-log_unwritable | 
netalertx-test-mount-log_unwritable | _ _ _ ___ _ _ __ __
netalertx-test-mount-log_unwritable | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-log_unwritable | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-log_unwritable | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-log_unwritable | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-log_unwritable | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-log_unwritable |  Network intruder and presence detector.
netalertx-test-mount-log_unwritable | https://netalertx.com
netalertx-test-mount-log_unwritable |
netalertx-test-mount-log_unwritable |
netalertx-test-mount-log_unwritable | Startup pre-checks
netalertx-test-mount-log_unwritable | --> data migration.sh
netalertx-test-mount-log_unwritable | --> capabilities audit.sh
netalertx-test-mount-log_unwritable | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-mount-log_unwritable | --> mounts.py
netalertx-test-mount-log_unwritable | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-log_unwritable | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-log_unwritable | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-log_unwritable | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-log_unwritable | /tmp/run/tmp | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-log_unwritable | /tmp/api | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-log_unwritable | /tmp/log | ✅| ❌| ✅ | ❌ | ❌ | ✅
netalertx-test-mount-log_unwritable | /tmp/run | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-log_unwritable | /tmp/nginx/active-config | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-log_unwritable |
netalertx-test-mount-log_unwritable |
netalertx-test-mount-log_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_unwritable | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-log_unwritable |
netalertx-test-mount-log_unwritable | * /tmp/run/tmp error writing, error reading
netalertx-test-mount-log_unwritable | * /tmp/api error writing, error reading
netalertx-test-mount-log_unwritable | * /tmp/log error writing, performance issue
netalertx-test-mount-log_unwritable | * /tmp/run error writing, error reading
netalertx-test-mount-log_unwritable | * /tmp/nginx/active-config error writing, error reading
netalertx-test-mount-log_unwritable |
netalertx-test-mount-log_unwritable | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-log_unwritable | configuration can be quite complex.
netalertx-test-mount-log_unwritable |
netalertx-test-mount-log_unwritable | Review the documentation for a correct setup:
netalertx-test-mount-log_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-log_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-log_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_unwritable | 
netalertx-test-mount-log_unwritable | --> first run config.sh
netalertx-test-mount-log_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_unwritable | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-log_unwritable |
netalertx-test-mount-log_unwritable | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-log_unwritable | this instance in production.
netalertx-test-mount-log_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_unwritable | --> first run db.sh
netalertx-test-mount-log_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_unwritable | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-log_unwritable |
netalertx-test-mount-log_unwritable | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-log_unwritable | DB before onboarding sensitive or critical networks.
netalertx-test-mount-log_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_unwritable | --> mandatory folders.sh
netalertx-test-mount-log_unwritable | * Creating System services run log.
netalertx-test-mount-log_unwritable | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-mount-log_unwritable | * Creating System services run tmp.
netalertx-test-mount-log_unwritable | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-mount-log_unwritable | --> apply conf override.sh
netalertx-test-mount-log_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_unwritable | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-mount-log_unwritable |
netalertx-test-mount-log_unwritable | Make sure the JSON content is correct before starting the application.
netalertx-test-mount-log_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_unwritable | --> writable config.sh
netalertx-test-mount-log_unwritable | --> nginx config.sh
netalertx-test-mount-log_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_unwritable | ⚠️ ATTENTION: Unable to write to /tmp/nginx/active-config/netalertx.conf.
netalertx-test-mount-log_unwritable |
netalertx-test-mount-log_unwritable | Ensure the conf.active mount is writable by the netalertx user before
netalertx-test-mount-log_unwritable | changing LISTEN_ADDR or PORT. Fix permissions:
netalertx-test-mount-log_unwritable | chown -R 20211:20211 /tmp/nginx/active-config
netalertx-test-mount-log_unwritable | find /tmp/nginx/active-config -type d -exec chmod 700 {} +
netalertx-test-mount-log_unwritable | find /tmp/nginx/active-config -type f -exec chmod 600 {} +
netalertx-test-mount-log_unwritable |
netalertx-test-mount-log_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/nginx-configuration-mount.md
netalertx-test-mount-log_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_unwritable | --> expected user id match.sh
netalertx-test-mount-log_unwritable | 
netalertx-test-mount-log_unwritable | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-mount-log_unwritable | --> host mode network.sh
netalertx-test-mount-log_unwritable | --> excessive capabilities.sh
netalertx-test-mount-log_unwritable | --> appliance integrity.sh
netalertx-test-mount-log_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_unwritable | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-log_unwritable |
netalertx-test-mount-log_unwritable | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-log_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-log_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-log_unwritable | --> ports available.sh
netalertx-test-mount-log_unwritable exited with code 0
File: docker-compose.mount-test.run_mounted.yml
----------------------------------------
Expected outcome: Container starts successfully with proper run mount
- NETALERTX_RUN shows as mounted and writable
- No mount warnings since run directory can be non-persistent
- Container starts normally with runtime files enabled
Testing: docker-compose.mount-test.run_mounted.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_netalertx_db" Creating
Volume "mount-tests_netalertx_db" Created
Volume "mount-tests_netalertx_config" Creating
Volume "mount-tests_netalertx_config" Created
Volume "mount-tests_test_system_services_run" Creating
Volume "mount-tests_test_system_services_run" Created
Container netalertx-test-mount-run_mounted Creating
Container netalertx-test-mount-run_mounted Created
Attaching to netalertx-test-mount-run_mounted
netalertx-test-mount-run_mounted | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-run_mounted | Ownership prepared for PUID=20211.
netalertx-test-mount-run_mounted | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-run_mounted | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-run_mounted | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-run_mounted | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-run_mounted | Ownership prepared for PUID=20211.
netalertx-test-mount-run_mounted | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-run_mounted | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-run_mounted | 
netalertx-test-mount-run_mounted | _ _ _ ___ _ _ __ __
netalertx-test-mount-run_mounted | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-run_mounted | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-run_mounted | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-run_mounted | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-run_mounted | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-run_mounted |  Network intruder and presence detector.
netalertx-test-mount-run_mounted | https://netalertx.com
netalertx-test-mount-run_mounted |
netalertx-test-mount-run_mounted |
netalertx-test-mount-run_mounted | Startup pre-checks
netalertx-test-mount-run_mounted | --> data migration.sh
netalertx-test-mount-run_mounted | --> capabilities audit.sh
netalertx-test-mount-run_mounted | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-mount-run_mounted | --> mounts.py
netalertx-test-mount-run_mounted | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-run_mounted | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-run_mounted | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-run_mounted | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-run_mounted | /tmp/run/tmp | ✅| ✅| ✅ | ❌ | ❌ | ✅
netalertx-test-mount-run_mounted | /tmp/api | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-run_mounted | /tmp/log | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-run_mounted | /tmp/run | ✅| ✅| ✅ | ❌ | ❌ | ✅
netalertx-test-mount-run_mounted | /tmp/nginx/active-config | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-run_mounted |
netalertx-test-mount-run_mounted |
netalertx-test-mount-run_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_mounted | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-run_mounted |
netalertx-test-mount-run_mounted | * /tmp/run/tmp performance issue
netalertx-test-mount-run_mounted | * /tmp/api error writing, error reading
netalertx-test-mount-run_mounted | * /tmp/log error writing, error reading
netalertx-test-mount-run_mounted | * /tmp/run performance issue
netalertx-test-mount-run_mounted | * /tmp/nginx/active-config error writing, error reading
netalertx-test-mount-run_mounted |
netalertx-test-mount-run_mounted | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-run_mounted | configuration can be quite complex.
netalertx-test-mount-run_mounted |
netalertx-test-mount-run_mounted | Review the documentation for a correct setup:
netalertx-test-mount-run_mounted | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-run_mounted | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-run_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_mounted | 
netalertx-test-mount-run_mounted | --> first run config.sh
netalertx-test-mount-run_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_mounted | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-run_mounted |
netalertx-test-mount-run_mounted | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-run_mounted | this instance in production.
netalertx-test-mount-run_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_mounted | --> first run db.sh
netalertx-test-mount-run_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_mounted | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-run_mounted |
netalertx-test-mount-run_mounted | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-run_mounted | DB before onboarding sensitive or critical networks.
netalertx-test-mount-run_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_mounted | --> mandatory folders.sh
netalertx-test-mount-run_mounted | * Creating Plugins log.
netalertx-test-mount-run_mounted | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-mount-run_mounted | * Creating DB locked log.
netalertx-test-mount-run_mounted | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-mount-run_mounted | * Creating Execution queue log.
netalertx-test-mount-run_mounted | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-mount-run_mounted | --> apply conf override.sh
netalertx-test-mount-run_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_mounted | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-mount-run_mounted |
netalertx-test-mount-run_mounted | Make sure the JSON content is correct before starting the application.
netalertx-test-mount-run_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_mounted | --> writable config.sh
netalertx-test-mount-run_mounted | --> nginx config.sh
netalertx-test-mount-run_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_mounted | ⚠️ ATTENTION: Unable to write to /tmp/nginx/active-config/netalertx.conf.
netalertx-test-mount-run_mounted |
netalertx-test-mount-run_mounted | Ensure the conf.active mount is writable by the netalertx user before
netalertx-test-mount-run_mounted | changing LISTEN_ADDR or PORT. Fix permissions:
netalertx-test-mount-run_mounted | chown -R 20211:20211 /tmp/nginx/active-config
netalertx-test-mount-run_mounted | find /tmp/nginx/active-config -type d -exec chmod 700 {} +
netalertx-test-mount-run_mounted | find /tmp/nginx/active-config -type f -exec chmod 600 {} +
netalertx-test-mount-run_mounted |
netalertx-test-mount-run_mounted | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/nginx-configuration-mount.md
netalertx-test-mount-run_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_mounted | --> expected user id match.sh
netalertx-test-mount-run_mounted | 
netalertx-test-mount-run_mounted | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-mount-run_mounted | --> host mode network.sh
netalertx-test-mount-run_mounted | --> excessive capabilities.sh
netalertx-test-mount-run_mounted | --> appliance integrity.sh
netalertx-test-mount-run_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_mounted | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-run_mounted |
netalertx-test-mount-run_mounted | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-run_mounted | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-run_mounted | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_mounted | --> ports available.sh
netalertx-test-mount-run_mounted exited with code 0
File: docker-compose.mount-test.run_no-mount.yml
----------------------------------------
Expected outcome: Container shows mount error warning but continues running
- NETALERTX_RUN shows as not mounted (❌ in Mount column)
- Warning message displayed about configuration issues
- Container continues to run despite the mount error
Testing: docker-compose.mount-test.run_no-mount.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_netalertx_db" Creating
Volume "mount-tests_netalertx_db" Created
Volume "mount-tests_netalertx_config" Creating
Volume "mount-tests_netalertx_config" Created
Container netalertx-test-mount-run_no-mount Creating
Container netalertx-test-mount-run_no-mount Created
Attaching to netalertx-test-mount-run_no-mount
netalertx-test-mount-run_no-mount | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-run_no-mount | Ownership prepared for PUID=20211.
netalertx-test-mount-run_no-mount | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-run_no-mount | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-run_no-mount | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-run_no-mount | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-run_no-mount | Ownership prepared for PUID=20211.
netalertx-test-mount-run_no-mount | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-run_no-mount | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-run_no-mount | 
netalertx-test-mount-run_no-mount | _ _ _ ___ _ _ __ __
netalertx-test-mount-run_no-mount | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-run_no-mount | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-run_no-mount | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-run_no-mount | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-run_no-mount | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-run_no-mount |  Network intruder and presence detector.
netalertx-test-mount-run_no-mount | https://netalertx.com
netalertx-test-mount-run_no-mount |
netalertx-test-mount-run_no-mount |
netalertx-test-mount-run_no-mount | Startup pre-checks
netalertx-test-mount-run_no-mount | --> data migration.sh
netalertx-test-mount-run_no-mount | --> capabilities audit.sh
netalertx-test-mount-run_no-mount | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-mount-run_no-mount | --> mounts.py
netalertx-test-mount-run_no-mount | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-run_no-mount | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-run_no-mount | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-run_no-mount | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-run_no-mount | /tmp/run/tmp | ✅| ✅| ❌ | ❌ | ❌ | ✅
netalertx-test-mount-run_no-mount | /tmp/api | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-run_no-mount | /tmp/log | ✅| ✅| ❌ | ❌ | ❌ | ✅
netalertx-test-mount-run_no-mount | /tmp/run | ✅| ✅| ❌ | ❌ | ❌ | ✅
netalertx-test-mount-run_no-mount | /tmp/nginx/active-config | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-run_no-mount |
netalertx-test-mount-run_no-mount |
netalertx-test-mount-run_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_no-mount | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-run_no-mount |
netalertx-test-mount-run_no-mount | * /tmp/run/tmp not mounted, performance issue
netalertx-test-mount-run_no-mount | * /tmp/api error writing, error reading
netalertx-test-mount-run_no-mount | * /tmp/log not mounted, performance issue
netalertx-test-mount-run_no-mount | * /tmp/run not mounted, performance issue
netalertx-test-mount-run_no-mount | * /tmp/nginx/active-config error writing, error reading
netalertx-test-mount-run_no-mount |
netalertx-test-mount-run_no-mount | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-run_no-mount | configuration can be quite complex.
netalertx-test-mount-run_no-mount |
netalertx-test-mount-run_no-mount | Review the documentation for a correct setup:
netalertx-test-mount-run_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-run_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-run_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_no-mount | 
netalertx-test-mount-run_no-mount | --> first run config.sh
netalertx-test-mount-run_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_no-mount | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-run_no-mount |
netalertx-test-mount-run_no-mount | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-run_no-mount | this instance in production.
netalertx-test-mount-run_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_no-mount | --> first run db.sh
netalertx-test-mount-run_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_no-mount | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-run_no-mount |
netalertx-test-mount-run_no-mount | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-run_no-mount | DB before onboarding sensitive or critical networks.
netalertx-test-mount-run_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_no-mount | --> mandatory folders.sh
netalertx-test-mount-run_no-mount | --> apply conf override.sh
netalertx-test-mount-run_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_no-mount | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-mount-run_no-mount |
netalertx-test-mount-run_no-mount | Make sure the JSON content is correct before starting the application.
netalertx-test-mount-run_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_no-mount | --> writable config.sh
netalertx-test-mount-run_no-mount | --> nginx config.sh
netalertx-test-mount-run_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_no-mount | ⚠️ ATTENTION: Unable to write to /tmp/nginx/active-config/netalertx.conf.
netalertx-test-mount-run_no-mount |
netalertx-test-mount-run_no-mount | Ensure the conf.active mount is writable by the netalertx user before
netalertx-test-mount-run_no-mount | changing LISTEN_ADDR or PORT. Fix permissions:
netalertx-test-mount-run_no-mount | chown -R 20211:20211 /tmp/nginx/active-config
netalertx-test-mount-run_no-mount | find /tmp/nginx/active-config -type d -exec chmod 700 {} +
netalertx-test-mount-run_no-mount | find /tmp/nginx/active-config -type f -exec chmod 600 {} +
netalertx-test-mount-run_no-mount |
netalertx-test-mount-run_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/nginx-configuration-mount.md
netalertx-test-mount-run_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_no-mount | --> expected user id match.sh
netalertx-test-mount-run_no-mount | 
netalertx-test-mount-run_no-mount | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-mount-run_no-mount | --> host mode network.sh
netalertx-test-mount-run_no-mount | --> excessive capabilities.sh
netalertx-test-mount-run_no-mount | --> appliance integrity.sh
netalertx-test-mount-run_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_no-mount | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-run_no-mount |
netalertx-test-mount-run_no-mount | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-run_no-mount | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-run_no-mount | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_no-mount | --> ports available.sh
netalertx-test-mount-run_no-mount exited with code 0
File: docker-compose.mount-test.run_ramdisk.yml
----------------------------------------
Expected outcome: Container shows dataloss risk warning for run on RAM disk
- NETALERTX_RUN shows as mounted on tmpfs (RAM disk)
- Dataloss risk warning since runtime files may be lost on restart
- Container starts but runtime state may not persist
Testing: docker-compose.mount-test.run_ramdisk.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_test_netalertx_data" Creating
Volume "mount-tests_test_netalertx_data" Created
Container netalertx-test-mount-run_ramdisk Creating
Container netalertx-test-mount-run_ramdisk Created
Attaching to netalertx-test-mount-run_ramdisk
netalertx-test-mount-run_ramdisk | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-run_ramdisk | Ownership prepared for PUID=20211.
netalertx-test-mount-run_ramdisk | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-run_ramdisk | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-run_ramdisk | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-run_ramdisk | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-run_ramdisk | Ownership prepared for PUID=20211.
netalertx-test-mount-run_ramdisk | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-run_ramdisk | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-run_ramdisk | 
netalertx-test-mount-run_ramdisk | _ _ _ ___ _ _ __ __
netalertx-test-mount-run_ramdisk | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-run_ramdisk | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-run_ramdisk | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-run_ramdisk | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-run_ramdisk | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-run_ramdisk |  Network intruder and presence detector.
netalertx-test-mount-run_ramdisk | https://netalertx.com
netalertx-test-mount-run_ramdisk |
netalertx-test-mount-run_ramdisk |
netalertx-test-mount-run_ramdisk | Startup pre-checks
netalertx-test-mount-run_ramdisk | --> data migration.sh
netalertx-test-mount-run_ramdisk | --> capabilities audit.sh
netalertx-test-mount-run_ramdisk | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-mount-run_ramdisk | --> mounts.py
netalertx-test-mount-run_ramdisk | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-run_ramdisk | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-run_ramdisk | /data | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-run_ramdisk | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-run_ramdisk | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-run_ramdisk | /tmp/run/tmp | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-run_ramdisk | /tmp/api | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-run_ramdisk | /tmp/log | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-run_ramdisk | /tmp/run | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-run_ramdisk | /tmp/nginx/active-config | ✅| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-run_ramdisk |
netalertx-test-mount-run_ramdisk |
netalertx-test-mount-run_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_ramdisk | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-run_ramdisk |
netalertx-test-mount-run_ramdisk | * /tmp/run/tmp error writing
netalertx-test-mount-run_ramdisk | * /tmp/api error writing
netalertx-test-mount-run_ramdisk | * /tmp/log error writing
netalertx-test-mount-run_ramdisk | * /tmp/run error writing
netalertx-test-mount-run_ramdisk | * /tmp/nginx/active-config error writing
netalertx-test-mount-run_ramdisk |
netalertx-test-mount-run_ramdisk | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-run_ramdisk | configuration can be quite complex.
netalertx-test-mount-run_ramdisk |
netalertx-test-mount-run_ramdisk | Review the documentation for a correct setup:
netalertx-test-mount-run_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-run_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-run_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_ramdisk | 
netalertx-test-mount-run_ramdisk | --> first run config.sh
netalertx-test-mount-run_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_ramdisk | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-run_ramdisk |
netalertx-test-mount-run_ramdisk | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-run_ramdisk | this instance in production.
netalertx-test-mount-run_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_ramdisk | --> first run db.sh
netalertx-test-mount-run_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_ramdisk | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-run_ramdisk |
netalertx-test-mount-run_ramdisk | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-run_ramdisk | DB before onboarding sensitive or critical networks.
netalertx-test-mount-run_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_ramdisk | --> mandatory folders.sh
netalertx-test-mount-run_ramdisk | * Creating Plugins log.
netalertx-test-mount-run_ramdisk | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-mount-run_ramdisk | * Creating System services run log.
netalertx-test-mount-run_ramdisk | Warning: Unable to create system services run log directory at /tmp/run/logs (tmpfs not writable with current capabilities).
netalertx-test-mount-run_ramdisk | * Creating System services run tmp.
netalertx-test-mount-run_ramdisk | Warning: Unable to create system services run tmp directory at /tmp/run/tmp (tmpfs not writable with current capabilities).
netalertx-test-mount-run_ramdisk | * Creating DB locked log.
netalertx-test-mount-run_ramdisk | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-mount-run_ramdisk | * Creating Execution queue log.
netalertx-test-mount-run_ramdisk | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-mount-run_ramdisk | --> apply conf override.sh
netalertx-test-mount-run_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_ramdisk | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-mount-run_ramdisk |
netalertx-test-mount-run_ramdisk | Make sure the JSON content is correct before starting the application.
netalertx-test-mount-run_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_ramdisk | --> writable config.sh
netalertx-test-mount-run_ramdisk | --> nginx config.sh
netalertx-test-mount-run_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_ramdisk | ⚠️ ATTENTION: Unable to write to /tmp/nginx/active-config/netalertx.conf.
netalertx-test-mount-run_ramdisk |
netalertx-test-mount-run_ramdisk | Ensure the conf.active mount is writable by the netalertx user before
netalertx-test-mount-run_ramdisk | changing LISTEN_ADDR or PORT. Fix permissions:
netalertx-test-mount-run_ramdisk | chown -R 20211:20211 /tmp/nginx/active-config
netalertx-test-mount-run_ramdisk | find /tmp/nginx/active-config -type d -exec chmod 700 {} +
netalertx-test-mount-run_ramdisk | find /tmp/nginx/active-config -type f -exec chmod 600 {} +
netalertx-test-mount-run_ramdisk |
netalertx-test-mount-run_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/nginx-configuration-mount.md
netalertx-test-mount-run_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_ramdisk | --> expected user id match.sh
netalertx-test-mount-run_ramdisk | 
netalertx-test-mount-run_ramdisk | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-mount-run_ramdisk | --> host mode network.sh
netalertx-test-mount-run_ramdisk | --> excessive capabilities.sh
netalertx-test-mount-run_ramdisk | --> appliance integrity.sh
netalertx-test-mount-run_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_ramdisk | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-run_ramdisk |
netalertx-test-mount-run_ramdisk | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-run_ramdisk | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-run_ramdisk | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_ramdisk | --> ports available.sh
netalertx-test-mount-run_ramdisk exited with code 0
File: docker-compose.mount-test.run_unwritable.yml
----------------------------------------
Expected outcome: Container fails to start due to unwritable run partition
- NETALERTX_RUN shows as mounted but unwritable (❌ in Writeable column)
- 25-mandatory-folders.sh cannot create required runtime files and fails
- Container startup fails because runtime infrastructure cannot be initialized
Testing: docker-compose.mount-test.run_unwritable.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_netalertx_db" Creating
Volume "mount-tests_netalertx_db" Created
Volume "mount-tests_netalertx_config" Creating
Volume "mount-tests_netalertx_config" Created
Volume "mount-tests_test_system_services_run" Creating
Volume "mount-tests_test_system_services_run" Created
Container netalertx-test-mount-run_unwritable Creating
Container netalertx-test-mount-run_unwritable Created
Attaching to netalertx-test-mount-run_unwritable
netalertx-test-mount-run_unwritable | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-run_unwritable | Ownership prepared for PUID=20211.
netalertx-test-mount-run_unwritable | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-run_unwritable | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-run_unwritable | NetAlertX is running as ROOT (UID 0). Prefer setting PUID/PGID to 20211 for better isolation.
netalertx-test-mount-run_unwritable | Note: CAP_SETUID/CAP_SETGID unavailable alongside NET_* caps; continuing as current user.
netalertx-test-mount-run_unwritable | Ownership prepared for PUID=20211.
netalertx-test-mount-run_unwritable | su-exec: setgroups(20211): Operation not permitted
netalertx-test-mount-run_unwritable | Note: su-exec failed (exit 0); continuing as current user without privilege drop.
netalertx-test-mount-run_unwritable | 
netalertx-test-mount-run_unwritable | _ _ _ ___ _ _ __ __
netalertx-test-mount-run_unwritable | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-run_unwritable | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-run_unwritable | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-run_unwritable | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-run_unwritable | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-run_unwritable |  Network intruder and presence detector.
netalertx-test-mount-run_unwritable | https://netalertx.com
netalertx-test-mount-run_unwritable |
netalertx-test-mount-run_unwritable |
netalertx-test-mount-run_unwritable | Startup pre-checks
netalertx-test-mount-run_unwritable | --> data migration.sh
netalertx-test-mount-run_unwritable | --> capabilities audit.sh
netalertx-test-mount-run_unwritable | Security context: Operational capabilities (SETGID SETUID) not granted.
netalertx-test-mount-run_unwritable | --> mounts.py
netalertx-test-mount-run_unwritable | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-run_unwritable | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-run_unwritable | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-run_unwritable | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-run_unwritable | /tmp/run/tmp | ✅| ❌| ✅ | ❌ | ❌ | ✅
netalertx-test-mount-run_unwritable | /tmp/api | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-run_unwritable | /tmp/log | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-run_unwritable | /tmp/run | ✅| ❌| ✅ | ❌ | ❌ | ✅
netalertx-test-mount-run_unwritable | /tmp/nginx/active-config | ❌| ❌| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-run_unwritable |
netalertx-test-mount-run_unwritable |
netalertx-test-mount-run_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_unwritable | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-run_unwritable |
netalertx-test-mount-run_unwritable | * /tmp/run/tmp error writing, performance issue
netalertx-test-mount-run_unwritable | * /tmp/api error writing, error reading
netalertx-test-mount-run_unwritable | * /tmp/log error writing, error reading
netalertx-test-mount-run_unwritable | * /tmp/run error writing, performance issue
netalertx-test-mount-run_unwritable | * /tmp/nginx/active-config error writing, error reading
netalertx-test-mount-run_unwritable |
netalertx-test-mount-run_unwritable | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-run_unwritable | configuration can be quite complex.
netalertx-test-mount-run_unwritable |
netalertx-test-mount-run_unwritable | Review the documentation for a correct setup:
netalertx-test-mount-run_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-run_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-run_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_unwritable | 
netalertx-test-mount-run_unwritable | --> first run config.sh
netalertx-test-mount-run_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_unwritable | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-run_unwritable |
netalertx-test-mount-run_unwritable | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-run_unwritable | this instance in production.
netalertx-test-mount-run_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_unwritable | --> first run db.sh
netalertx-test-mount-run_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_unwritable | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-run_unwritable |
netalertx-test-mount-run_unwritable | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-run_unwritable | DB before onboarding sensitive or critical networks.
netalertx-test-mount-run_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_unwritable | --> mandatory folders.sh
netalertx-test-mount-run_unwritable | * Creating Plugins log.
netalertx-test-mount-run_unwritable | Warning: Unable to create plugins log directory at /tmp/log/plugins (tmpfs not writable with current capabilities).
netalertx-test-mount-run_unwritable | * Creating DB locked log.
netalertx-test-mount-run_unwritable | Warning: Unable to create DB locked log file at /tmp/log/db_is_locked.log (tmpfs not writable with current capabilities).
netalertx-test-mount-run_unwritable | * Creating Execution queue log.
netalertx-test-mount-run_unwritable | Warning: Unable to create execution queue log file at /tmp/log/execution_queue.log (tmpfs not writable with current capabilities).
netalertx-test-mount-run_unwritable | --> apply conf override.sh
netalertx-test-mount-run_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_unwritable | 📝 APP_CONF_OVERRIDE detected. Configuration written to /data/config/app_conf_override.json.
netalertx-test-mount-run_unwritable |
netalertx-test-mount-run_unwritable | Make sure the JSON content is correct before starting the application.
netalertx-test-mount-run_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_unwritable | --> writable config.sh
netalertx-test-mount-run_unwritable | --> nginx config.sh
netalertx-test-mount-run_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_unwritable | ⚠️ ATTENTION: Unable to write to /tmp/nginx/active-config/netalertx.conf.
netalertx-test-mount-run_unwritable |
netalertx-test-mount-run_unwritable | Ensure the conf.active mount is writable by the netalertx user before
netalertx-test-mount-run_unwritable | changing LISTEN_ADDR or PORT. Fix permissions:
netalertx-test-mount-run_unwritable | chown -R 20211:20211 /tmp/nginx/active-config
netalertx-test-mount-run_unwritable | find /tmp/nginx/active-config -type d -exec chmod 700 {} +
netalertx-test-mount-run_unwritable | find /tmp/nginx/active-config -type f -exec chmod 600 {} +
netalertx-test-mount-run_unwritable |
netalertx-test-mount-run_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/nginx-configuration-mount.md
netalertx-test-mount-run_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_unwritable | --> expected user id match.sh
netalertx-test-mount-run_unwritable | 
netalertx-test-mount-run_unwritable | NetAlertX note: current UID 0 GID 0, expected UID 20211 GID 20211
netalertx-test-mount-run_unwritable | --> host mode network.sh
netalertx-test-mount-run_unwritable | --> excessive capabilities.sh
netalertx-test-mount-run_unwritable | --> appliance integrity.sh
netalertx-test-mount-run_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_unwritable | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-run_unwritable |
netalertx-test-mount-run_unwritable | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-run_unwritable | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-run_unwritable | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-run_unwritable | --> ports available.sh
netalertx-test-mount-run_unwritable exited with code 0
File: docker-compose.mount-test.tmp_noread.yml
----------------------------------------
Expected outcome: Mounts table shows /tmp is mounted and writable but NOT readable (R=❌, W=✅)
Note: This is a diagnostic-only container (entrypoint sleeps); the test chmods/chowns /tmp to mode 0300.
Testing: docker-compose.mount-test.tmp_noread.yml
Directory: /workspaces/NetAlertX/test/docker_tests/configurations/mount-tests
Running docker compose up...
Volume "mount-tests_test_netalertx_data" Creating
Volume "mount-tests_test_netalertx_data" Created
Container netalertx-test-mount-tmp_noread Creating
Container netalertx-test-mount-tmp_noread Created
Attaching to netalertx-test-mount-tmp_noread
netalertx-test-mount-tmp_noread | 
netalertx-test-mount-tmp_noread | _ _ _ ___ _ _ __ __
netalertx-test-mount-tmp_noread | | \ | | | | / _ \| | | | \ \ / /
netalertx-test-mount-tmp_noread | | \| | ___| |_/ /_\ \ | ___ _ __| |_ \ V /
netalertx-test-mount-tmp_noread | | . |/ _ \ __| _ | |/ _ \ __| __|/ \
netalertx-test-mount-tmp_noread | | |\ | __/ |_| | | | | __/ | | |_/ /^\ \
netalertx-test-mount-tmp_noread | \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
netalertx-test-mount-tmp_noread |  Network intruder and presence detector.
netalertx-test-mount-tmp_noread | https://netalertx.com
netalertx-test-mount-tmp_noread |
netalertx-test-mount-tmp_noread |
netalertx-test-mount-tmp_noread | Startup pre-checks
netalertx-test-mount-tmp_noread | --> data migration.sh
netalertx-test-mount-tmp_noread | --> capabilities audit.sh
netalertx-test-mount-tmp_noread | --> mounts.py
netalertx-test-mount-tmp_noread | Path | R | W | Mount | RAMDisk | Performance | DataLoss
netalertx-test-mount-tmp_noread | --------------------------+---+---+-------+---------+-------------+----------
netalertx-test-mount-tmp_noread | /data | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-tmp_noread | /data/db | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-tmp_noread | /data/config | ✅| ✅| ✅ | | | ✅
netalertx-test-mount-tmp_noread | /tmp | ❌| ✅| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-tmp_noread | /tmp/api | ❌| ✅| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-tmp_noread | /tmp/log | ❌| ✅| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-tmp_noread | /tmp/run | ❌| ✅| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-tmp_noread | /tmp/nginx/active-config | ❌| ✅| ✅ | ✅ | ✅ | ✅
netalertx-test-mount-tmp_noread |
netalertx-test-mount-tmp_noread |
netalertx-test-mount-tmp_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-tmp_noread | ⚠️ ATTENTION: Configuration issues detected (marked with ❌).
netalertx-test-mount-tmp_noread |
netalertx-test-mount-tmp_noread | * /tmp error reading
netalertx-test-mount-tmp_noread | * /tmp/api error reading
netalertx-test-mount-tmp_noread | * /tmp/log error reading
netalertx-test-mount-tmp_noread | * /tmp/run error reading
netalertx-test-mount-tmp_noread | * /tmp/nginx/active-config error reading
netalertx-test-mount-tmp_noread |
netalertx-test-mount-tmp_noread | We recommend starting with the default docker-compose.yml as the
netalertx-test-mount-tmp_noread | configuration can be quite complex.
netalertx-test-mount-tmp_noread |
netalertx-test-mount-tmp_noread | Review the documentation for a correct setup:
netalertx-test-mount-tmp_noread | https://github.com/jokob-sk/NetAlertX/blob/main/docs/DOCKER_COMPOSE.md
netalertx-test-mount-tmp_noread | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/mount-configuration-issues.md
netalertx-test-mount-tmp_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-tmp_noread | 
netalertx-test-mount-tmp_noread | --> first run config.sh
netalertx-test-mount-tmp_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-tmp_noread | 🆕 First run detected. Default configuration written to /data/config/app.conf.
netalertx-test-mount-tmp_noread |
netalertx-test-mount-tmp_noread | Review your settings in the UI or edit the file directly before trusting
netalertx-test-mount-tmp_noread | this instance in production.
netalertx-test-mount-tmp_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-tmp_noread | --> first run db.sh
netalertx-test-mount-tmp_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-tmp_noread | 🆕 First run detected — building initial database at: /data/db/app.db
netalertx-test-mount-tmp_noread |
netalertx-test-mount-tmp_noread | Do not interrupt this step. When complete, consider backing up the fresh
netalertx-test-mount-tmp_noread | DB before onboarding sensitive or critical networks.
netalertx-test-mount-tmp_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-tmp_noread | --> mandatory folders.sh
netalertx-test-mount-tmp_noread | * Creating NetAlertX log directory.
netalertx-test-mount-tmp_noread | * Creating NetAlertX API cache.
netalertx-test-mount-tmp_noread | * Creating System services runtime directory.
netalertx-test-mount-tmp_noread | * Creating nginx active configuration directory.
netalertx-test-mount-tmp_noread | * Creating Plugins log.
netalertx-test-mount-tmp_noread | * Creating System services run log.
netalertx-test-mount-tmp_noread | * Creating DB locked log.
netalertx-test-mount-tmp_noread | * Creating Execution queue log.
netalertx-test-mount-tmp_noread | --> apply conf override.sh
netalertx-test-mount-tmp_noread | --> writable config.sh
netalertx-test-mount-tmp_noread | --> nginx config.sh
netalertx-test-mount-tmp_noread | --> expected user id match.sh
netalertx-test-mount-tmp_noread | --> host mode network.sh
netalertx-test-mount-tmp_noread | --> excessive capabilities.sh
netalertx-test-mount-tmp_noread | --> appliance integrity.sh
netalertx-test-mount-tmp_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-tmp_noread | ⚠️ Warning: Container is running as read-write, not in read-only mode.
netalertx-test-mount-tmp_noread |
netalertx-test-mount-tmp_noread | Please mount the root filesystem as --read-only or use read_only: true
netalertx-test-mount-tmp_noread | https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/read-only-filesystem.md
netalertx-test-mount-tmp_noread | ══════════════════════════════════════════════════════════════════════════════
netalertx-test-mount-tmp_noread | --> ports available.sh
netalertx-test-mount-tmp_noread | Starting supercronic --quiet "/services/config/cron/crontab" >>"/tmp/log/cron.log" 2>&1 &
netalertx-test-mount-tmp_noread | Starting /usr/sbin/php-fpm83 -y "/services/config/php/php-fpm.conf" -F (tee stderr to app.php_errors.log)
netalertx-test-mount-tmp_noread | Starting python3 -m server > /tmp/log/stdout.log 2> >(tee /tmp/log/stderr.log >&2)
netalertx-test-mount-tmp_noread | Starting /usr/sbin/nginx -p "/tmp/run/" -c "/tmp/nginx/active-config/nginx.conf" -g "error_log stderr; error_log /tmp/log/nginx-error.log; daemon off;" &
netalertx-test-mount-tmp_noread | 2026/01/05 02:23:24 [error] 190#190: *1 FastCGI sent in stderr: "PHP message: PHP Warning: session_start(): open(/tmp/run/tmp/sess_kitrk7dgsf2rgt911ren35b9sj, O_RDWR) failed: No such file or directory (2) in /app/front/php/templates/security.php on line 50; PHP message: PHP Warning: session_start(): Failed to read session data: files (path: /tmp/run/tmp) in /app/front/php/templates/security.php on line 50" while reading response header from upstream, client: 127.0.0.1, server: , request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/tmp/run/php.sock:", host: "localhost:20211"
netalertx-test-mount-tmp_noread | Successfully updated IEEE OUI database (112503 entries)
netalertx-test-mount-tmp_noread | 2026/01/05 02:23:25 [error] 191#191: *3 FastCGI sent in stderr: "PHP message: PHP Warning: session_start(): open(/tmp/run/tmp/sess_e6st6pce0a0ksi5rr46o4ri3bu, O_RDWR) failed: No such file or directory (2) in /app/front/php/templates/security.php on line 50; PHP message: PHP Warning: session_start(): Failed to read session data: files (path: /tmp/run/tmp) in /app/front/php/templates/security.php on line 50" while reading response header from upstream, client: 127.0.0.1, server: , request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/tmp/run/php.sock:", host: "localhost:20211"
Gracefully stopping... (press Ctrl+C again to force)
Container netalertx-test-mount-tmp_noread Stopping
Container netalertx-test-mount-tmp_noread Stopped
All tests completed - Mon Jan 5 02:23:32 UTC 2026
Reference in New Issue View Git Blame Copy Permalink