search

docker / docker-bench-security

The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
Apache License 2.0
9.17k stars 1.02k forks source link

Run failed on MacOS(Big Sur 11.4) with /etc/hostname: operation not permitted: unknown #472

Closed oslook closed 3 years ago

oslook commented 3 years ago

used the command below from readme.

docker run --rm --net host --pid host --userns host --cap-add audit_control \
    -e DOCKER_CONTENT_TRUST=$DOCKER_CONTENT_TRUST \
    -v /etc:/etc \
    -v /var/lib:/var/lib \
    -v /var/run/docker.sock:/var/run/docker.sock \
    --label docker_bench_security \
    docker/docker-bench-security

leave the messge:

docker: Error response from daemon: OCI runtime create failed: container_linux.go:380: starting container process caused: > process_linux.go:545: container init caused: rootfs_linux.go:76: mounting "/var/lib/docker/containers/xxx/hostname" to > rootfs at "/etc/hostname" caused: open /var/lib/docker/overlay2/xxx/merged/etc/hostname: operation not permitted: unknown.

oslook commented 3 years ago

I found the solution. 👍🏻

before run the command, you MUST create the /etc/hostname file in the MacBook.

like this

sudo vi /etc/hostname
--
localhost
--

then execute docker run will success.