I'm trying to bind mount /proc or /dev from host to linux container on ubuntu 16.04, but got operation not permitted error.
I am using runc as my container runtime, and here is the mount section in runc config.json.
{
"destination": "/test-proc",
"options": [
"rbind",
"ro"
],
"source": "/proc",
"type": "bind"
},
And I have both pid namespace, user namespace and mount namespace turned on.
Here is the strace output:
22435 mount("/proc", "/sompath/test-proc", 0xc42001be56, MS_RDONLY|MS_BIND|MS_REC, NULL) = 0
22435 mount("/proc", "/somepath/test-proc", 0xc42001be66, MS_RDONLY|MS_REMOUNT|MS_BIND|MS_REC, NULL) = -1 EPERM (Operation not permitted)
This issue only happens on Ubuntu but not other linux distribution such as Alinux or Raspbian.
Does anyone know what is the reason could cause this?