bwrap: Failed to make / slave: Permission denied #20093
Description
Having trouble setting up opam inside an LXC container. I suspect this is related to issue #12050 but maybe not?
First attempt:
opam init --comp=4.09.0
...
∗ installed base-bigarray.base
∗ installed base-threads.base
∗ installed base-unix.base
[ERROR] The compilation of ocaml-base-compiler failed at
"/home/ubuntu/.opam/opam-init/hooks/sandbox.sh build ./configure
--prefix=/home/ubuntu/.opam/4.09.0 -C".
#=== ERROR while compiling ocaml-base-compiler.4.09.0 =========================#
# context 2.0.5 | linux/x86_64 | | https://opam.ocaml.org#78177fc5
# path ~/.opam/4.09.0/.opam-switch/build/ocaml-base-compiler.4.09.0
# command ~/.opam/opam-init/hooks/sandbox.sh build ./configure --prefix=/home/ubuntu/.opam/4.09.0 -C
# exit-code 1
# env-file /tmp/opam-xxx-3094/ocaml-base-compiler-3094-e0ba4f.env
# output-file /tmp/opam-xxx-3094/ocaml-base-compiler-3094-e0ba4f.out
### output ###
# bwrap: Failed to make / slave: Permission denied
...
Running init a second time finishes cleanlly, but there are no switches listed by opam swtich. So I try this:
opam switch create 4.09.0 --jobs=1
Get the same error message:
bwrap: Failed to make / slave: Permission denied
The container is running today's version of ubuntu focal.
Reading through #12050 carefully, it suggests that the root issue has something to do with creating mountpoints, which (wildly guessing here) might be something that is blocked by systemd in the container host.
Will post more as I figure out more.