From 370f05921a1337321e64f4a6ae5b09d20abb5540 Mon Sep 17 00:00:00 2001 From: librelad Date: Mon, 22 Jun 2026 14:30:28 +0100 Subject: [PATCH] fix(rootless): don't start docker before its network override is written MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Initial rootless setup ran 'systemctl --user start docker' immediately after install, but the rootless net/port-driver override.conf (and the daemon-reload that loads it) aren't written until further down. So the first start always failed — 'Job for docker.service failed' plus a spurious '✗ Error Setting up Rootless' in the error report — even though the later 'systemctl --user restart docker' brought the daemon up fine once the override was in place. Drop the premature start from the install step (keep install + enable); the restart after the override is written is now the first real start. Co-Authored-By: Claude Opus 4.8 Signed-off-by: librelad --- scripts/docker/install/rootless/rootless_docker.sh | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/scripts/docker/install/rootless/rootless_docker.sh b/scripts/docker/install/rootless/rootless_docker.sh index 3c2932d..96416d8 100755 --- a/scripts/docker/install/rootless/rootless_docker.sh +++ b/scripts/docker/install/rootless/rootless_docker.sh @@ -101,10 +101,17 @@ installDockerRootless() local result; result=$(runSystem loginctl enable-linger $CFG_DOCKER_INSTALL_USER) checkSuccess "Adding automatic start (linger)" - # Rootless Install + # Install rootless Docker and enable the user service, but do NOT + # start it here. The rootless network override (override.conf, + # written further down) and the daemon-reload that picks it up + # haven't happened yet, so a start at this point comes up with no + # valid net/port-driver config and fails ("Job for docker.service + # failed") — a guaranteed, harmless first-start error that only + # noises the error report. The first real start is the + # `systemctl --user restart docker` below, once the override is in + # place. rootless_install=$(cat <