unifi-docker: When creating image based on "latest" the container won't start due to "Missing an included hotfix" error

Operating system

QNAP QTS 4.4.3.1.1381 (2020/07/29)

UniFi Tag

latest

Docker run

docker run --name UnifiControl --user=unifi --init --restart=unless-stopped --memory=512m --cpu-quota 50000 --publish 8480:8080 --publish 8443:8443 --publish 3478:3478/udp --env TZ=Europe/Copenhagen --env RUNAS_UID0=false --env UNIFI_UID=999 --env UNIFI_GID=999 --volume=/share/CACHEDEV1_DATA/Virtualize/Containers/appdata/unifi:/usr/lib/unifi:rw jacobalberty/unifi

Bug description

After executing the docker run command the prompt output “Missing an included hotfix”:

docker run --name UnifiControl --user=unifi --init --restart=unless-stopped --memory=512m --cpu-quota 50000 --publish 8480:8080 --publish 8443:8443 --publish 3478:3478/udp --env TZ=Europe/Copenhagen --env RUNAS_UID0=false --env UNIFI_UID=999 --env UNIFI_GID=999 --volume=/share/CACHEDEV1_DATA/Virtualize/Containers/appdata/unifi:/usr/lib/unifi:rw jacobalberty/unifi Missing an included hotfix

In the QNAP “Container Station” app, the UniFi container is “Stopped”, and the Console view shows repeated “Missing an included hotfix” outputs.

Any idea what can be wrong ?

Steps to reproduce

Preparation of the QNAP filesystem (only required once): mkdir -p /share/CACHEDEV1_DATA/Virtualize/Containers/appdata/unifi mkdir -p /share/CACHEDEV1_DATA/Virtualize/Containers/appdata/unifi/config mkdir -p /share/CACHEDEV1_DATA/Virtualize/Containers/appdata/unifi/log mkdir -p /share/CACHEDEV1_DATA/Virtualize/Containers/appdata/unifi/data mkdir -p /share/CACHEDEV1_DATA/Virtualize/Containers/appdata/unifi/lib mkdir -p /share/CACHEDEV1_DATA/Virtualize/Containers/appdata/unifi/run

Get latest docker image: docker pull jacobalberty/unifi:latest

Create container: docker run --name UnifiControl --user=unifi --init --restart=unless-stopped --memory=512m --cpu-quota 50000 --publish 8480:8080 --publish 8443:8443 --publish 3478:3478/udp --env TZ=Europe/Copenhagen --env RUNAS_UID0=false --env UNIFI_UID=999 --env UNIFI_GID=999 --volume=/share/CACHEDEV1_DATA/Virtualize/Containers/appdata/unifi:/usr/lib/unifi:rw jacobalberty/unifi

Output: Missing an included hotfix

Relevant log output

The pulled image appear to be consistent:

> docker pull jacobalberty/unifi:latest
latest: Pulling from jacobalberty/unifi
Digest: sha256:462148d15adafe8ad1bbf8572d829700ad871f275e18d1e0a2b5d4e0a87e2d96
Status: Image is up to date for jacobalberty/unifi:latest
docker.io/jacobalberty/unifi:latest

About this issue

  • Original URL
  • State: closed
  • Created 3 years ago
  • Comments: 15 (8 by maintainers)

Most upvoted comments

Ok patch is applied to eolstable, stable-5 and master. I did not push to the individual version tags because this is a building fix more so than a security fix since it would require an attacker to already have write access to a root controlled folder to exploit.

+2
jacobalberty on Dec 30, 2021

The md5sums are wrong. They’re hard coded into hotfixes/cve-whateverhere-validate.md5sum you’ll need to add the 2.17.1 ones into it. Are you using the 6.0.x or 5.x version? I’ll push the fix to whichever now

+1
jacobalberty on Dec 30, 2021
Read more comments on GitHub
← unifi-docker: Status unhealthy "ace.jar start: no such file or directory"
pytorch-grad-cam: AxisError: axis 2 is out of bounds for array of dimension 2 →