haschibaschi
Reputation: 2792
mount root FS read only with docker-compose
I try to apply the docker CIS (https://github.com/docker/docker-bench-security)
The test 5.13 is: Mount container's root filesystem as read only
There is an option for docker run to mount the root FS read only: --read-only=true
But I can't find the possibility to achieve the same with docker-compose.
Is there a possibility to mount the root FS read only with docker-compose?
Upvotes: 5
Views: 6720
Answers (1)
dnephin
Reputation: 28050
Yes, you can use read_only: in the compose file https://docs.docker.com/compose/compose-file/#read_only
Upvotes: 2
Related Questions
- Docker Compose - How to execute multiple commands?
- Docker Compose wait for container X before starting Y
- Communication between multiple docker-compose projects
- Difference between "docker compose" and "docker-compose"
- What is the difference between ports and expose in docker-compose?
- Interactive shell using Docker Compose
- How to mount a host directory in a Docker container
- How to restart a single container with docker-compose
- How to get docker-compose to always re-create containers from fresh images?
- docker-compose up for only certain containers