[gdal-dev] /vsimem/ Driver CPLCreateUserFaultMapping Error in Docker

Even Rouault even.rouault at spatialys.com
Sun Jan 10 08:34:31 PST 2021


Alex,

> I am using the /vsimem/ driver to create a virtual netCDF from a bytes
> string in Python3. The process works fine when run from my host system but
> when I package it up in a Docker container  I'm getting errors when trying
> to open the in memory file. The error stems from a call to
> `gdal.Open('/vsimem/name_of_file.nc')`, and the error text is:
> "CPLCreateUserFaultMapping(): syscall(__NR_userfaultfd) failed".
> 
> I'm aware a simple work around would be to write the file to an on-disk
> file and just delete it when I don't need it anymore but am curious as to
> why the /vsimem/ driver is failing in a Docker container.

Docker runs with restricted permissions by default, and disables the 
userfaultfd Linux system call that is currently needed to open virtual files.

You can run your Docker container with  --security-opt seccomp=unconfined  to 
remove those restrictions (there are more advanced ways to enable a more fine 
grained control on which syscalls you enable/disable)

That said, for /vsimem/ using Linux userfaultfd is a bit overkill. I've queued
https://github.com/OSGeo/gdal/pull/3363 which removes that restriction.

Even

-- 
Spatialys - Geospatial professional services
http://www.spatialys.com


More information about the gdal-dev mailing list