Docker Alloy generates apparmor ptrace denied messages

crazyelectronio · March 5, 2025, 5:35pm

I run Alloy in a Docker container with the following compose file:

services:
  alloy:
    image: grafana/alloy:latest
    container_name: alloy
    volumes:
      - ./config/config.alloy:/etc/alloy/config.alloy
      - /var/log/journal:/var/log/journal:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
    ports:
      - 12345:12345
    command: [
      "run",
      "--server.http.listen-addr=0.0.0.0:12345",
      "--stability.level=public-preview",
      "--storage.path=/var/lib/alloy/data",
      "/etc/alloy/config.alloy",
    ]
    restart: unless-stopped
    privileged: true

It generates lots of the following messages:

AVC apparmor="DENIED" operation="ptrace" profile="docker-default" pid=1854 comm="tokio-runtime-w" requested_mask="read" denied_mask="read" peer="unconfined"

I was expecting that privileged: true would allow ptrace…

Topic		Replies	Views
How to prevent alloy of complaining about docker containers whithout logging driver configured? Configuration loki , alloy	2	390	June 30, 2024
Scrape journald log with Alloy docker container Configuration loki	1	1501	May 24, 2024
What is wrong with docker metrics and alloy? Grafana Alloy docker	0	42	March 5, 2025
Grafana Alloy - Remote Config Server Grafana Alloy	1	61	January 9, 2025
Syslog source failed to start with alloy Grafana Alloy	2	259	August 19, 2024

Docker Alloy generates apparmor ptrace denied messages

Related topics