Using ecryptfs inside Docker without --privileged. Appropriate value for --device?
问题 I'm required to set up a Docker container inside which part of the filesystem is encrypted. Please let's not dwell on the why, the answer is ugly and more political than technical. In case it matters, the particular part to be encrypted will be a volume mount from the host, although I'm initially trying this out just in the container's /tmp . Because of the way our deployment works it would be inconvenient to do the ecryptfs stuff directly on the volume, outside the container; I want to do