Unable to run without error "failed to unshare namespaces"

[MikeKroell]

I'm a brand new to img, and am trying to set up a platform that will build docker containers on AWS Fargate, as a Jenkins agent that build docker containers, runs AWS CLI, and Serverless.

When trying to use the prebuilt image, I get:

docker run -it r.j3ss.co/img pull ubuntu
nsenter: failed to unshare namespaces: Operation not permitted

When trying to use a vanilla ubuntu container and install img, I get:

root@841299bafb81:/# img pull ubuntu
Pulling ubuntu...
Error: failed to unmount /tmp/containerd-mount305145024: operation not permitted: failed to mount /tmp/containerd-mount305145024: operation not permitted

I have installed the tools required in the readme, but I must be missing something.

[issue-label-bot[bot]]

Issue-Label Bot is automatically applying the label question to this issue, with a confidence of 0.64. Please mark this comment with :thumbsup: or :thumbsdown: to give our bot feedback!

Links: app homepage, dashboard and code for this bot.

[alefray]

Hi @MikeKroell,

I think you missed the following docker run options :

docker run -it \
--security-opt seccomp=unconfined \
--security-opt apparmor=unconfined \
r.j3ss.co/img pull ubuntu

See: https://github.com/genuinetools/img#running-with-docker

[MikeKroell]

Thanks for the response. I was looking to run on fargate, but with the additional commands, I won't be able to as far as I know.

[d40sithui]

@MikeKroell I'm running into this issue in 2022! Do you have a workaround for building docker images on Jenkins Fargate agent?

[cristian98149]

I have also the same problem but during build.

I've opened the issue https://github.com/genuinetools/img/issues/364

[ganeshgk]

@cristian98149 @MikeKroell Were you able to get this working with img on aws fargate? i think, it fails due to the reason that fargate doesn't allow to run privileged containers. https://aws.amazon.com/blogs/containers/building-container-images-on-amazon-ecs-on-aws-fargate/