SonarQube is not starting on SynologyNAS due to CONFIG_SECCOMP

Question

SonarQube is unable to start on Synology NAS Docker due to the CONFIG_SECCOMP not being present on Synology NAS. Is there an option to ignore SECCOMP for SonarQube while it's starting ElasticSearch?

2022-11-26T11:00:50.430590094Z  stdout  java.lang.UnsupportedOperationException: seccomp unavailable: CONFIG_SECCOMP not compiled into kernel, CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER are needed
2022-11-26T11:00:50.429641210Z  stdout  2022.11.26 11:00:50 WARN  es[][o.e.b.JNANatives] unable to install syscall filter: 
2022-11-26T11:00:47.894977919Z  stdout  2022.11.26 11:00:47 INFO  app[][o.s.a.SchedulerImpl] Waiting for Elasticsearch to be up and running

score 0 · Answer 1 · answered Nov 26 '22 at 11:22

In order to start ElasticSearch additional configuration file must be also mounted: sonar.properties this file is located in /opt/sonarqube/conf/sonar.properties and contains option sonar.search.javaAdditionalOpts=.

sonar.search.javaAdditionalOpts=-Dbootstrap.system_call_filter=false

ElasticSearch allows to disable SECCOMP check, but it's unsafe. By default this configuration can be amended in /etc/elasticsearch/elasticsearch.yaml according to this answer

SonarQube is not starting on SynologyNAS due to CONFIG_SECCOMP

1 Answers1