From 591478d2143df12c39247af1df9d12230f9ea27a Mon Sep 17 00:00:00 2001
From: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Date: Sat, 29 Jul 2023 00:01:41 +0900
Subject: [PATCH] docs: troubleshoot for `mount proc:/proc (via
 /proc/self/fd/6), flags: 0xe: operation not permitted`

The error is known to happen when buildkitd is executed inside a
container without `--oci-worker-no-process-sandbox`.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
---
 docs/rootless.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/docs/rootless.md b/docs/rootless.md
index 2dabfbdee806..14a827fb1e24 100644
--- a/docs/rootless.md
+++ b/docs/rootless.md
@@ -115,6 +115,10 @@ Run `sysctl -w user.max_user_namespaces=N` (N=positive integer, like 63359) on t
 
 See [`../examples/kubernetes/sysctl-userns.privileged.yaml`](../examples/kubernetes/sysctl-userns.privileged.yaml).
 
+### Error `mount proc:/proc (via /proc/self/fd/6), flags: 0xe: operation not permitted`
+This error is known to happen when BuildKit is executed in a container without the `--oci-worker-no-sandbox` flag.
+Make sure that `--oci-worker-no-process-sandbox` is specified (See [below](#docker)).
+
 ## Containerized deployment
 
 ### Kubernetes