Simplify/improve running with read-only rootfs

[david0]

We have a company-wide sec. requirement to run containers in k8s with a read only fs (We run it there for dev purposes only).

We have been able to implement that by building an own image that moves /etc/mqm/ to /config/mqm and then mounts a tmpdir to /etc/mqm at runtime and copying back from `/config.

Also a lot of mounts have been found out by trail&error:

docker run --user 1001:0 --read-only --tmpfs /etc/mqm/ --tmpfs /run/runmqserver --tmpfs /run/runmqserver/tls/ --tmpfs /tmp \
-vdata:/mnt/ -e LICENSE=accept 
ibmmq/mq

I would suggest to make running with r/o rootfs simpler. For example it would be easier if input files (.tpl) would be stored in /usr/share, so that runmqdevserver would start with an empty /etc/mqm.

Also maybe the documentation should be improved by specifying which folders have to be read-only and/or improving the error messages by showing which file is problematic.