New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
cannot mount /dev read-only, operation not permitted #35134
Comments
Is it possible that |
ping @estesp is this a known limitation? |
It could be quite dependent on distro kernel version/patches. On my Ubuntu 16.04.3 LTS system I can run I wonder if in the debian VPS instance there is some other mount options/protections on |
@estesp any idea how I might debug this further? I can't just |
@hazcod not easily.. but I did create this a few years ago: https://github.com/estesp/utils/tree/master/strace-runc I'm assuming it should still work properly with current versions of the engine, you can follow those instructions. Note that this script messes horribly with containers working properly in general, but great for capturing strace on start. :) Once you have an strace of the failure, you will want to reset your installation otherwise you will have all kinds of weird behavior :) |
For some reason this is sometimes failing when restarting the container. moby/moby#35134
I am able to reproduce this issue in a Debian 8 VM. Here is an attached strace using strace-runc. I had to change the strace-runc slightly since the failure occurs on a "create" command, not a "start" command. strace-af0728429b3768607cb4846303a7ca5305e5ac66d7e64ec5b7b4cfcd27859f2e.log |
Probably try "--tmpfs /dev" within the docker run command |
Description
docker-compose up with user namespace remapping results in the error: ERROR: for db Cannot start service db: oci runtime error: container_linux.go:265: starting container process caused "process_linux.go:368: container init caused "rootfs_linux.go:125: remounting \"/dev\" as readonly caused \"operation not permitted\"".
Steps to reproduce the issue:
Describe the results you received:
The error.
Describe the results you expected:
Successfull container start.
Additional information you deem important (e.g. issue happens only occasionally):
sudo docker run -ti --rm --read-only=true db:xxx
docker: Error response from daemon: oci runtime error: container_linux.go:265: starting container process caused "process_linux.go:368: container init caused "rootfs_linux.go:125: remounting \"/dev\" as readonly caused \"operation not permitted\""".
Output of
docker version
:Output of
docker info
:Additional environment details (AWS, VirtualBox, physical, etc.):
Running on debian VPS.
The text was updated successfully, but these errors were encountered: