Docker Centos7: Failed to mount tmpfs as /run: Operation not permitted

Question

So I wanted to get systemctl working on the docker container for an assignment so I used the command:

docker run --privileged -ti  -e container=docker -v /sys/fs/cgroup:/sys/fs/cgroup s3696653/usap-a1 usr/sbin/init

Everything worked well, but I haven't fully read the spec and we are not supposed to use systemctl. So I stopped the container and tried to run the container like normal using:

docker run -i -t s3696653/usap-a1

But it no longer works. I get the error:

Failed to mount tmpfs as /run: Operation not permitted

[!!!!!!] Failed to mount API filesystems, freezing.

What can I do to get it running with the normal run command? Thanks in advance.

Answer 1

While it is recommended not using systemd inside a container or using priviledged mode, recommendations are not edicts that if not followed to the letter will cause the New Jersey State Police to drag you at night and take you away. If you got it running using --priviledged, next try to see what it takes to run it without it as avoiding it makes your setup more secure.

Using the -v (called a bind mount by the docker official documentation) should help you pass the volumes you need without requiring the --privileged option. In fact, here is systemd-in-docker example from an old stackoverflow thread asking a similar question:

docker run -ti --tmpfs /tmp --tmpfs /run -v /sys/fs/cgroup:/sys/fs/cgroup:ro -p 80:80 local/centos7-systemd