Why docker daemon fails to start the container when --security-opt=no-new-privileges is passed ?
Issue
- Why docker daemon fails to start the container when --security-opt=no-new-privileges is passed ?
- When no-new-privileges option is used, docker fails to start the container and results in a panic
docker run -it --security-opt=no-new-privileges rhel7 bash
panic: standard_init_linux.go:178: exec user process caused "operation not permitted" [recovered]
panic: standard_init_linux.go:178: exec user process caused "operation not permitted"
Environment
- Red Hat Enterprise Linux 7
- Red Hat Enterprise Linux Atomic Host
- docker-1.12.5-14.el7.x86_64 and later
- container-selinux-1.12.5-14.el7.x86_64 and later
- Option
--security-opt=no-new-privileges
passed with docker run
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.