Always mount a /run tmpfs in the container
All modern distros set up /run to be a tmpfs, see for instance: https://wiki.debian.org/ReleaseGoals/RunDirectory Its a very useful place to store pid-files, sockets and other things that only live at runtime and that should not be stored in the image. This is also useful when running systemd inside a container, as it will try to mount /run if not already mounted, which will fail for non-privileged container. Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
This commit is contained in:
		
							parent
							
								
									fa0e7c2ec2
								
							
						
					
					
						commit
						2d9fd36002
					
				
					 1 changed files with 1 additions and 0 deletions
				
			
		|  | @ -156,6 +156,7 @@ func newSystemMounts(rootfs, mountLabel string, mounts libcontainer.Mounts) []mo | |||
| 		{source: "sysfs", path: filepath.Join(rootfs, "sys"), device: "sysfs", flags: defaultMountFlags}, | ||||
| 		{source: "shm", path: filepath.Join(rootfs, "dev", "shm"), device: "tmpfs", flags: defaultMountFlags, data: label.FormatMountLabel("mode=1777,size=65536k", mountLabel)}, | ||||
| 		{source: "devpts", path: filepath.Join(rootfs, "dev", "pts"), device: "devpts", flags: syscall.MS_NOSUID | syscall.MS_NOEXEC, data: label.FormatMountLabel("newinstance,ptmxmode=0666,mode=620,gid=5", mountLabel)}, | ||||
| 		{source: "tmpfs", path: filepath.Join(rootfs, "run"), device: "tmpfs", flags: defaultMountFlags}, | ||||
| 	} | ||||
| 
 | ||||
| 	if len(mounts.OfType("devtmpfs")) == 1 { | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue