m

    Maggie Walker

    1 week ago
    Hey! I'm trying to exec into our cerbos docker container to poke around, and I'm getting
    OCI runtime exec failed: exec failed: unable to start container process: exec: "/bin/sh": stat /bin/sh: no such file or directory: unknown
    How do you all exec in?
    Andrew Haines (Cerbos)

    Andrew Haines (Cerbos)

    1 week ago
    Hi Maggie, we ship a minimal Docker container (which doesn't even include a shell) to keep the security surface as small as possible. Are you trying to debug anything in particular?
    m

    Maggie Walker

    1 week ago
    Not really, just trying to poke. Another question while I'm docker inspecting, can you speak to the use of bind mounts and/or volumes in the Docker image? I'm seeing a bind mount when I inspect my container, but do you use volumes ever?
    Andrew Haines (Cerbos)

    Andrew Haines (Cerbos)

    1 week ago
    /policies
    is specified as a volume in the Dockerfile. It's common to bind-mount that directory when using the disk storage driver, but it's not necessary to do so for other storage backends.
    m

    Maggie Walker

    1 week ago
    ah cool cool, thanks!