Docker Community Forums

Share and learn in the Docker community.

Unable to mount /sys inside the container with rw access in unprivileged mode

I would need to mount /sys inside the container with rw access, in the privileged mode it is by default mounting with rw access but with unprivileged mode it is mounting with ro access.

any idea how to get /sys mounted with rw access on the unprivileged mode?

Belated answer but hope it helps.

For unprivileged containers (i.e., those without the --privileged flag), Docker mounts /sys in the container as read-only. I don’t believe there is a way to change this behavior.

Having said this, take a look at Sysbox. It’s a new type of runc that integrates with Docker and creates “VM-like” containers. It mount /sys as read-write because the containers are rootless and is capable of emulating portions of /sys (as well as /proc).

For example:

$ docker run --runtime=sysbox-runc -it ubuntu

root@0553826001e3:/# mount | grep sysfs
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)

root@0553826001e3:/# cat /proc/self/uid_map 
         0     165536      65536

The first instruction shows sysfs is mounted as read-write, and the second shows the container is in rootless mode.

Hope that helps!