Running privileged container (Rancher) - OCI runtime create failed: container_linux.go:349: starting container process caused "apply caps: operation not permitted": unknown. #21
Description
Hi @sakaki- it's me again.
Thanks for your time in advance.
TL;DR; I'm having the following error OCI runtime create failed: container_linux.go:349: starting container process caused "apply caps: operation not permitted": unknown. when I try to execute a privileged container.
A bit of context I'm suspecting there's some permission I need to tweak in order to achieve what I'm trying to do.
Basically, I installed docker following your tutorial, then ran a docker container rancherpi/rancher:v2.0.8-arm64.
When I try to execute the command to create a cluster, it gives me some code to run the container using a --privileged flag, and there's where I got the error.
So I tried to isolate the issue and fortunately, it's easy to reproduce, just running the hello world using the flag gives the same error! 👍
pi@debian-buster-64:~ $ sudo docker run --privileged hello-world
docker: Error response from daemon: OCI runtime create failed: container_linux.go:349: starting container process caused "apply caps: operation not permitted": unknown.
ERRO[0001] error waiting for container: context canceled
pi@debian-buster-64:~ $
Would you have any suggestions on how to fix it?
Cheers!