[docker] user-namespaced Docker exec doesn't work

[csweichel]

Describe the bug

Docker exec does not work

Errors with

gitpod /workspace/Microservice-Thing $ sudo docker exec optimistic_herschel ls
sudo: setrlimit(RLIMIT_CORE): Operation not permitted
OCI runtime exec failed: exec failed: container_linux.go:349: starting container process caused "process_linux.go:101: executing setns process caused \"exit status 1\"": unknown

Steps to reproduce

start a docker container e.g. docker run -it alpine
open new terminal
Get the name of the created container via docker container ls
try docker exec <container name> ls

[csweichel]

This is due to the proc bind mount. Instead we should mount a proper proc for each container.

[csweichel]

PR is ready at #3019

[mojowill]

Sorry to raise this but I'm facing the same issue today after your PR has been merged

docker run -it --rm debian:buster-slim sh works fine and gets me on to the expected CLI.

If I get the container name via docker container ls and then run docker exec -it $CONTAINER_NAME sh I still get the OCI error:

OCI runtime exec failed: exec failed: container_linux.go:349: starting container process caused "process_linux.go:101: executing setns process caused \"exit status 1\"": unknown

This is running on your gitpod.io and not self-hosted.

[shaal]

@csweichel I thought we should wait for a new release, for this update to take effect in gitpod.io?
Is that how it works? and if so, is there an estimation when would that fix be applied?

[shaal]

I just tested it again, and now it seems to work!
I have a specific branch that before used to generate errors, and now it doesn't :)

You can test it here -
(there are 2 terminal windows, the errors appeared in the terminal that's running sudo docker-up)
https://gitpod.io/#https://github.com/shaal/ddevenv/tree/docker-error