'How to mount docker tmpfs with exec,rw flags?
What command line options can be used for enabling a tmpfs (temporary file system) inside a Docker container, that is rw (read/write) accessible and files on this fs (file system) are executable?
Example would be a shared memory tmpfs with 1GByte size, but standard flag is noexec
( shm on /dev/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,size=1048576k) )
with:
docker -it --shm-size=1G alpine /bin/sh
Solution 1:[1]
You can pass mount parameters to the --tmpfs parameter, e.g. --tmpfs /mytmp:exec would allow execution of files.
$ docker run --rm -it --tmpfs /mytmp:exec ubuntu bash -c "mount | grep mytmp"
tmpfs on /mytmp type tmpfs (rw,nosuid,nodev,relatime)
Solution 2:[2]
If you don't need namespace isolation, then you can use host IPC namespace (--ipc=host):
$ docker run --rm -it --ipc=host alpine sh -c 'mount | grep shm'
tmpfs on /dev/shm type tmpfs (rw,seclabel,nosuid,nodev)
vs
$ docker run --rm -it --shm-size=1G alpine sh -c 'mount | grep shm'
shm on /dev/shm type tmpfs (rw,seclabel,nosuid,nodev,noexec,relatime,size=1048576k)`
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Yuri |
| Solution 2 | Jan Garaj |