Login issue with keyring

[hsyyid]

Failed to perform login command:
failed to get keyring during saving token, operation not permitted

I tried running azcopy from within the container, and the only way I got this to work was running Docker in privileged mode. Any ideas?

[juchom]

This has not been tested, but the issue seems to be that the default Docker CRI configuration doesn't allow some needed syscalls.

You can try this, download the default file from docker repo here : https://raw.githubusercontent.com/moby/moby/master/profiles/seccomp/default.json

Add these two syscalls at the end :

{
    "name": "add_key",
    "action": "SCMP_ACT_ALLOW",
    "args": []
},
{
    "name": "keyctl",
    "action": "SCMP_ACT_ALLOW",
    "args": []
}

Save this file to seccomp.json

And run the image with this flag --security-opt seccomp=seccomp.json :

docker run --rm -it -v ${PWD}/blobs:/blobs --security-opt seccomp=seccomp.json linoa/azcopy copy $srcUrl "/blobs" --recursive