Docker sandboxing, error unable to mount



I’m tying to run bazel build inside of a docker container and bazel’s sandboxing is failing with the following error:

ERROR: /root/.cache/bazel/_bazel_root/cf3077b83e930e0c42e53cc2f9959c4d/external/com_github_facebookgo_clock/BUILD:5:1: error executing shell command: ‘bazel-out/local-fastbuild/bin/external/com_github_facebookgo_clock/bazel-out/local-fastbuild/bin/external/com_github_facebookgo_clock/go_default_library.a.GoCompileFile.params’ failed: linux-sandbox failed: error executing command
(exec env -
/root/.cache/bazel/_bazel_root/cf3077b83e930e0c42e53cc2f9959c4d/execroot/Gyroscope/_bin/linux-sandbox @/root/.cache/bazel/_bazel_root/cf3077b83e930e0c42e53cc2f9959c4d/bazel-sandbox/b26b07cb-2f3a-4f22-b46f-dc0f397bc17e-3/linux-sandbox.params – /bin/bash -c bazel-out/local-fastbuild/bin/external/com_github_facebookgo_clock/bazel-out/local-fastbuild/bin/external/com_github_facebookgo_clock/go_default_library.a.GoCompileFile.params).
src/main/tools/ linux-sandbox-pid1 has PID 2900
src/main/tools/ “mount”: Permission denied
src/main/tools/ child exited normally with exitcode 1
Use --strategy=GoCompile=standalone to disable sandboxing for the failing actions.

Looking around, it sounds like running docker with the --privileged flag might be a fix, is that possible on circle? For now i’m going to disable all sandboxing but obviously that is less than ideal.


That should be achievable on the machine executor


Does the machine executor already have docker installed on it?


Yes, it has Docker preinstalled.


This topic was automatically closed 41 days after the last reply. New replies are no longer allowed.