0

Starting with the Docker tutorial, I modify the Dockerfile to contain just

FROM mcr.microsoft.com/vscode/devcontainers/base:0-jammy
RUN mkdir proc && mount --bind /proc ./foo

From the directory hosting the Dockerfile I issue command

docker build -t getting-started .

I expect this docker image to mount /proc at ./foo during the build, but I actually get:

 > [2/2] RUN mkdir foo && mount --bind /proc ./foo:
#5 0.399 mount: /foo: permission denied.

Is there a way to grant permissions to the build process so it can mount proc inside the Docker image?

Christopher King
  • 1,034
  • 1
  • 8
  • 21
  • Possibly this https://stackoverflow.com/a/72342814/2303356 – Christopher King Jul 22 '22 at 08:55
  • Could use `RUN --mount`, but make sure docker version is above 18.09 - https://stackoverflow.com/questions/26050899/how-to-mount-host-volumes-into-docker-containers-in-dockerfile-during-build – viggnah Jul 22 '22 at 09:04
  • you cannot do `&& mount --bind` – The Fool Jul 22 '22 at 09:07
  • Why do you want to? You can `COPY` files from the host (technically the build context) into the image, but an image build never creates anything besides its immediate image inside Docker space. – David Maze Jul 22 '22 at 09:57
  • My question is better posed as trying to mount `/proc`. That brings up https://kinvolk.io/blog/2018/04/towards-unprivileged-container-builds/. I'm trying to run a chroot inside the docker container and to do that I need to mount proc inside the chroot. – Christopher King Jul 23 '22 at 04:49

1 Answers1

0

On windows:

docker buildx create --driver-opt image=moby/buildkit:master ^
    --use --name insecure-builder ^
    --buildkitd-flags "--allow-insecure-entitlement security.insecure"
docker buildx use insecure-builder
docker buildx build --allow security.insecure .
docker buildx rm insecure-builder
Christopher King
  • 1,034
  • 1
  • 8
  • 21