0

A process from a host joined a container's namepsace and is trying to write ns_last_pid file present in /proc/sys/kernel/ns_last_pid. but it is giving an error of Read only file system.

whereas i'm able to do this on the host's ns_last_pid file via this solution unable to write /proc/sys/kernel/ns_last_pid file

How to solve this issue?

user13145713
  • 109
  • 8
  • What kind of container are you using ? If it is LXC, the configuration file of the container specifies the access rights on /sys. For example, if you have "lxc.mount.auto = proc:mixed", this means "mount /proc as read-write, but remount /proc/sys and /proc/sysrq-trigger read-only for security / container isolation purposes." – Rachid K. Oct 20 '20 at 21:14
  • @RachidK. I'm using a `runc` container https://github.com/opencontainers/runc – user13145713 Oct 22 '20 at 10:46

1 Answers1

0

You have to run your container in --privileged mode to be able to write to /proc/sys/kernel/ns_last_pid.

Muzammil
  • 417
  • 1
  • 4
  • 20