This repository was archived by the owner on Feb 24, 2020. It is now read-only.
--insecure-options=all-run should mount /proc/sys read-write #3245
Description
Environment
Replace this with the output of:
rkt Version: 1.15.0
appc Version: 0.8.7
Go Version: go1.7.1
Go OS/Arch: linux/amd64
Features: -TPM +SDJOURNAL
--
Linux 4.7.4-1-ARCH x86_64
--
NAME="Arch Linux"
ID=arch
PRETTY_NAME="Arch Linux"
ANSI_COLOR="0;36"
HOME_URL="https://www.archlinux.org/"
SUPPORT_URL="https://bbs.archlinux.org/"
BUG_REPORT_URL="https://bugs.archlinux.org/"
--
systemd 231
+PAM -AUDIT -SELINUX -IMA -APPARMOR +SMACK -SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN
What did you do?
$ sudo rkt run --no-overlay --insecure-options=image,all-run docker://ubuntu --interactive --exec=/bin/bash
What did you expect to see?
/proc/sys is mounted read-write.
What did you see instead?
root@rkt-3d5f1978-35bf-4857-9cef-49855110e34a:/# mount | grep proc
proc on /proc/sys type proc (ro,nosuid,nodev,noexec,relatime)
Despite specifying --insecure-options=all-run /proc/sys is mounted read-only.