Is write access to directories such as /tmp, /var/log, or /run required when using the Red Hat OpenJDK 1.8 container image with "readOnlyRootFilesystem: true"?

Solution Unverified - Updated -

Issue

Currently operating containers based on the Red Hat-provided OpenJDK 1.8 container image.

When applying the "readOnlyRootFilesystem: true" security context setting to these containers,

there is a need to confirm whether write access to any root filesystem paths such as /tmp, /var/log, or /run is required by the image itself or by the OpenJDK runtime.

Are these write permissions required for base image or OpenJDK operations? (excluding application-level write behavior)

Does this setting result in any unsupported behavior or known issues according to Red Hat documentation or support policy?

Environment

  • Red Hat OpenJDK 1.8 Container Image
  • Red Hat OpenShift Container Platform 4.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content