[docker] The current port availability check does not work in Docker. #694
Description
The current port availability check does not work in Docker.
The problem is that Docker does not display processes that occupy ports, which causes the check to fail with an error.
In the original version, this check was only for unbound, to which an additional check was applied, but now all ports are checked and an additional check for “working in Docker” must be performed.
This is the check we are talking about:
What is happening:
- The container does not display which process is occupying the port.
- When checking port availability, it shows that the port is occupied, but occupied by nothing.
- The check fails.
Container outputs
Container outputs
Container logs:
chatmail | [497761.710838] bash[404]: [WARNING] Path exists, not modifying: chatmail.ini
chatmail | [497763.158409] bash[489]: .............[$ pyinfra @local /opt/chatmail/cmdeploy/src/cmdeploy/deploy.py -y]
chatmail | [497763.743842] bash[539]: --> Loading config...
chatmail | [497763.745156] bash[539]: --> Loading inventory...
chatmail | [497763.782101] bash[539]: --> Connecting to hosts...
chatmail | [497763.784093] bash[539]: [@local] Connected
chatmail | [497763.785652] bash[539]: --> Preparing operation files...
chatmail | [497763.787004] bash[539]: Loading: /opt/chatmail/cmdeploy/src/cmdeploy/deploy.py
chatmail | [497764.181075] bash[539]: Checking if port 25 is available for ['master', 'smtpd']...
chatmail | [497764.207979] bash[539]: Deploy failed: port 25 is occupied by:
chatmail | [497764.210280] bash[539]: --> Disconnecting from hosts...
chatmail | [497764.336554] bash[489]: Deploy failed
chatmail | [497764.337825] bash[489]: Running in docker: perform_initial_checks(**{'mail_domain': 'chat.abobafarm.org', 'pre_command': 'docker exec chatmail '})
chatmail | [FAILED] Failed to start setup_cha...m - Run container setup commands.
chatmail | See 'systemctl status setup_chatmail.service' for details.# docker exec -it chatmail bash
# root@b6e3343b8025:/opt/chatmail# ss -tunlp
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
udp UNCONN 0 0 127.0.0.11:54051 0.0.0.0:*
udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:*
udp UNCONN 0 0 [::1]:53 [::]:*
tcp LISTEN 0 100 0.0.0.0:993 0.0.0.0:* users:(("dovecot",pid=37,fd=37))
tcp LISTEN 0 256 127.0.0.1:53 0.0.0.0:*
tcp LISTEN 0 100 0.0.0.0:25 0.0.0.0:*
tcp LISTEN 0 100 0.0.0.0:143 0.0.0.0:* users:(("dovecot",pid=37,fd=35))
tcp LISTEN 0 4096 127.0.0.11:35249 0.0.0.0:*
tcp LISTEN 0 256 [::1]:53 [::]:*
tcp LISTEN 0 100 [::]:993 [::]:* users:(("dovecot",pid=37,fd=38))
tcp LISTEN 0 100 [::]:25 [::]:*
tcp LISTEN 0 100 [::]:143 [::]:* users:(("dovecot",pid=37,fd=36))
# root@b6e3343b8025:/opt/chatmail# systemctl status
* b6e3343b8025
State: degraded
Units: 117 loaded (incl. loaded aliases)
Jobs: 0 queued
Failed: 1 units
Since: Sun 2025-10-26 13:20:37 UTC; 8min ago
systemd: 252.38-1~deb12u1
CGroup: /system.slice/docker-b6e3343b8025edc95dfc1d07c5346b1c183d4ec0daa32bb10729673fb47efc07.scope
|-init.scope
| |- 1 /lib/systemd/systemd --default-standard-output=journal+console --default-standard-error=journal+console
| |-568 bash
| |-583 systemctl status
| `-584 "(pager)"
`-system.slice
|-cron.service
| `-36 /usr/sbin/cron -f
|-dovecot.service
| |-37 /usr/sbin/dovecot -F
| |-42 dovecot/anvil
| |-43 dovecot/log
| `-44 dovecot/config
|-nginx.service
| |-57 "nginx: master process /usr/sbin/nginx -g daemon on; master_process on;"
| `-58 "nginx: worker process"
|-opendkim.service
| `-59 /usr/sbin/opendkim
|-system-postfix.slice
| `[email protected]
| |-360 /usr/lib/postfix/sbin/master -w
| |-362 pickup -l -t unix -u -c
| `-363 qmgr -l -t unix -u
|-systemd-journald.service
| `-33 /lib/systemd/systemd-journald
`-unbound.service
`-48 /usr/sbin/unbound -d -pPossible solution
Since there will be no extra ports in the Docker container, I suggest disabling port availability checks in Docker, at least for the time being.