<div dir="ltr"><div><div><div>Hello<br><br>I find that I can't do a read-write bind mount within a container (that is to say, the source and target for the mount are both within the container's own filesystem). I believe that it is being restricted to read-only by Apparmour.<br>
<br></div>I understand that there are security reasons for denying bind mounts of the host filesystem into a container. Are there similar concerns for mounts within the container?<br><br></div>Is there a way of expressing this (allow read-write bind mounts only within a container) in the Apparmour configuration?<br>
<br>Thanks for your help.<br></div>-Ben<br><br></div>