rm: can't remove '/tmp/balena': Resource busy

I have a rather generic container I want to run on Balena (jlesage/firefox), but whenever I start it, it exits with following errors:

[Logs]    [8/5/2023 16:36:51] [firefox] [cont-init   ] 10-clean-tmp-dir.sh: executing...
[Logs]    [8/5/2023 16:36:51] [firefox] [cont-init   ] 10-clean-tmp-dir.sh: rm: can't remove '/tmp/balena': Resource busy
[Logs]    [8/5/2023 16:36:51] [firefox] [cont-init   ] 10-clean-tmp-dir.sh: rm: can't remove '/tmp/resin': Resource busy
[Logs]    [8/5/2023 16:36:51] [firefox] [cont-init   ] 10-clean-tmp-dir.sh: terminated with error 1.

I can’t find any information on what could be causing this. My docker-compose.yaml looks as follows:

version: '2'
volumes:
  guacamole-config:
  firefox-config:
services:
  guacamole:
    image: unsafetypin/guacamole:latest
    restart: always
    ports:
      - 80:8080
    volumes:
      - guacamole-config:/config
  firefox:
    image: jlesage/firefox:latest
    restart: never
    volumes:
      - firefox-config:/config
    ports:
      - 5800:5800
      - 5900:5900
    environment:
      - KEEP_APP_RUNNING=1
      - FF_OPEN_URL=https://www.google.com
      - SECURE_CONNECTION=0
      - VNC_PASSWORD=totallysafepassword

Hi,

It looks like there is a script in your firefox container that tries to remove the entirety of the /tmp directory. This does not work for balena, as the Supervisor bind mounts a subdirectory under /tmp on host into /tmp/balena in container for the purpose of inter-container communication via update locks, see Update locks - Balena Documentation . As I’m not sure what the need for clearing the /tmp directory in container is, I’d recommend trying to get the contents of 10-clean-tmp-dir.sh as well as its surrounding script context to see what it’s needed for and whether you can remove the dependency yourself. Since the container you’re trying to run exits soon after each start, you may take a snapshot of the container with balena commit (which functions the same as docker commit) in order to get a snapshot image. You can then explore the snapshot with balena run --rm -it SNAPSHOT_IMAGE in order to see the startup order of scripts. Alternatively, if you do not wish to try to remove the dependency on the tmp script yourself, you can open an issue on the jlesage/firefox GitHub repo to ask the maintainers directly what the purpose of the /tmp directory is and whether it’s possible to not purge it on startup.

Let us know how that goes!

Thanks,
Christina

Hi, following up on my colleague’s previous message. Have you seen the pointers she provided on how to proceed? Reiterating the points below:

  • Try to get the contents of 10-clean-tmp-dir.sh as well as its surrounding script context to see what it’s needed for and whether you can remove the dependency yourself. Since the container you’re trying to run exits soon after each start, you may take a snapshot of the container with balena commit (which functions the same as docker commit) in order to get a snapshot image. You can then explore the snapshot with balena run --rm -it SNAPSHOT_IMAGE in order to see the startup order of scripts.
  • Alternatively, if you do not wish to try to remove the dependency on the tmp script yourself, you can open an issue on the jlesage/firefox GitHub repo to ask the maintainers directly what the purpose of the /tmp directory is and whether it’s possible to not purge it on startup.

Please let us know whether you’ve tried them (please do try them if you have not) and let us know how they went for you

Yes, thank you both for the info. This does seem to be the cause and the resolution is clear. In this case it is quite a bit of work as the script is in the base image and not the container image itself.

Just a thought: it would be helpful if this was documented anywhere or at least more clearly as a restriction/requirement of containers.

Kind regards,

Thomas

Glad to hear the cause has been successfully identified and the resolution is clear.

Thank you for the feedback, I’ll bring it up for internal discussion. If there is an ideal/fitting place for such information, it would indeed be beneficial to have it documented.

Just a quick update from my part. I ended up making a new Dockerfile in which I replace the offending script 10-clean-tmp-dir.sh with a modified version.

The new Dockerfile:

FROM jlesage/firefox

COPY 10-clean-tmp-dir.sh /etc/cont-init.d/10-clean-tmp-dir.sh

The new 10-clean-tmp-dir.sh, saved in the same directory as the Dockerfile:

#!/bin/sh
#
# Clean the /tmp directory.
#

set -e # Exit immediately if a command exits with a non-zero status.
set -u # Treat unset variables as an error.

# rm -rf /tmp/* /tmp/.[!.]* <- this was the original command

# Delete everything except for the `balena` and `resin` directories and their contents.
find /tmp -mindepth 1 ! \( -path "/tmp/balena/*" -o -path "/tmp/resin/*" \) -delete

# vim:ft=sh:ts=4:sw=4:et:sts=4

I’m not 100% sure of the solution as this is not really my area of expertise, but so far it seems to work without any warnings or adverse effects.

Hey @thomas_n ,

The new clean-tmp-dir script looks good to me. Great work on finding a solution!

I’ve clarified the necessity of the /tmp/balena or legacy /tmp/resin directories in our docs. Thanks for pointing this out!

Regards,
Christina