It appears that Docker rootless needs to see other processes in order to function properly. I encountered this problem while hardening a Linux machine. setting hidepid=2 will stop container to run. What is a workaround that still maintains the hidepid=2 option?
already solved by someone: create docker.json file and add
{"exec-opts": ["native.cgroupdriver=cgroupfs"]}
use XDG_CONFIG_HOME env variable to point to that file if not present.
It appears that Docker rootless needs to see other processes in order to function properly. I encountered this problem while hardening a Linux machine. setting hidepid=2 will stop container to run. What is a workaround that still maintains the hidepid=2 option?