Red Hat Bugzilla – Bug 1282945
/run should not be a volume
Last modified: 2015-12-08 09:04:05 EST
After much investigation we arrived at the fact that the rhel7.2 base image has added a volume for /run/ this breaks building images that depend on persisting anything in /run/ if you're not a root user lacking permissions to create data in /run/ during startup.
We can come up with no solution to this problem.
Yes we should not have /run as a volume in the base image. We are working on other solutions for handling systemd in the container. --tmpfs patch is moving along and dockerhooks are both better solutions.
(In reply to Daniel Walsh from comment #4)
> Yes we should not have /run as a volume in the base image.
Trouble is, *not* having it breaks things. As one specific example, on rhel7/rhel-7.1-24, we don't have /run and so we get a broken fs symlink for an important sub-directory:
# docker run --rm -ti rhel7/rhel:7.1-24 ls -l /var/lock
lrwxrwxrwx. 1 root root 11 Oct 30 07:05 /var/lock -> ../run/lock
"Base image is missing several files from /run/*"
> We are working
> on other solutions for handling systemd in the container. --tmpfs patch is
> moving along and dockerhooks are both better solutions.
In that case the image should just create /run/lock. Not use volume mounts.
Docker has specified that /run on the image should be populated by the tools installed, for example "yum install httpd" will create /run/httpd on the image.
The secrets patch should not create a volume, but will create a mount point /run/secrets I believe. But docker build will not save the content in this directory to an image.
OK -- then yes, this definitely shouldn't be a volume in the base image.
Do we know why the /run volume was added? Any expected consequences of reverting that change?
Primary expected consequence would be systemd not running.
(Of course the user can fix it easily when running the container. I meant, systemd not running out of box.)
OK; for now I think it's far preferable to require the user does a manual
for the special case of running systemd, than to be unable to persist anything in /run.
It would be nice if we could handle this automatically in the future, but for now should we not just revert the VOLUME in the base image?
# docker inspect registry.access.stage.redhat.com/rhel7.2:7.2-38
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.