Open danryu opened 2 years ago
Another attempt:
$ docker build -t akirodeb10 -f Dockerfile.debian-10 .
Sending build context to Docker daemon 109.1kB
Step 1/4 : FROM debian:10
---> 2b6f409b1d24
Step 2/4 : RUN apt-get update && apt-get install -y --no-install-recommends systemd systemd-sysv dbus dbus-user-session
---> Using cache
---> aeedf31b9ad7
Step 3/4 : COPY docker-entrypoint.sh /
---> Using cache
---> 1112f4ef88fb
Step 4/4 : ENTRYPOINT ["/docker-entrypoint.sh"]
---> Using cache
---> f409b08a1374
Successfully built f409b08a1374
Successfully tagged akirodeb10:latest
$ docker run -it --rm --privileged --workdir /usr -e FOO=hello akirodeb10 bash
Created symlink /etc/systemd/system/systemd-firstboot.service → /dev/null.
Created symlink /etc/systemd/system/systemd-udevd.service → /dev/null.
Created symlink /etc/systemd/system/systemd-modules-load.service → /dev/null.
Created symlink /etc/systemd/system/multi-user.target.wants/docker-entrypoint.service → /etc/systemd/system/docker-entrypoint.service.
/docker-entrypoint.sh: starting /lib/systemd/systemd --show-status=false --unit=docker-entrypoint.target
systemd 241 running in system mode. (+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN -PCRE2 default-hierarchy=hybrid)
Detected virtualization docker.
Detected architecture x86-64.
Set hostname to <7d40577cb3b7>.
File /lib/systemd/system/systemd-journald.service:12 configures an IP firewall (IPAddressDeny=any), but the local system does not support BPF/cgroup based firewalling.
Proceeding WITHOUT firewalling in effect! (This warning is only shown for the first loaded unit using IP firewalling.)
systemd-journald-audit.socket: Failed to create listening socket (audit 1): Operation not permitted
systemd-journald-audit.socket: Failed to listen on sockets: Operation not permitted
systemd-journald-audit.socket: Failed with result 'resources'.
sys-kernel-config.mount: Mount process exited, code=exited, status=32/n/a
sys-kernel-config.mount: Failed with result 'exit-code'.
sys-kernel-config.mount: Consumed 2ms CPU time.
sys-kernel-debug.mount: Mount process exited, code=exited, status=32/n/a
sys-kernel-debug.mount: Failed with result 'exit-code'.
sys-kernel-debug.mount: Consumed 2ms CPU time.
+ source /etc/docker-entrypoint-cmd
++ bash
I have latest Docker on Ubuntu 21.10, with cgroups v2 enabled and host OS configured as per instructions at https://rootlesscontaine.rs/getting-started/common/cgroup2/.
However this doesn't work with the default build (also tried Ubuntu image). Do you know why there are these permission problems?