Mounting /etc/localtime read-only breaks configuration of tzdata package

[marcoesposito1988]

Hello everyone,

I encountered a problem with rocker 0.2.18 from the ubuntu 24.04 repos (but looking at the code in the main branch the problem should persist also with the current version).

The problem is that /etc/localtime is mounted as a read-only volume. When a package is installed which triggers the upgrade/reconfiguration of tzdata, its install script tries to overwrite that file and fails with the message device or resource busy.

This brings APT in an unrecoverable loop.

I got unstuck by removing the volume from the command in the python code:
https://github.com/osrf/rocker/blob/main/src/rocker/nvidia_extension.py#L77

I changed that to:

        return "  -e DISPLAY -e TERM \
  -e QT_X11_NO_MITSHM=1 \
  -e XAUTHORITY=%(xauth)s -v %(xauth)s:%(xauth)s \
  -v /tmp/.X11-unix:/tmp/.X11-unix" % locals()

For the APT package, that file is located at /usr/lib/python3/dist-packages/rocker/nvidia_extension.py

I think that copying that file into the container instead of mounting it read-only would solve the problem.

Am I missing anything, or do you see a better solution?

[tfoote]

That's an interesting corner case. Copying it in instead of mounting read only does seem to be a reasonable work around. We'll need to verify that if the localtime is different (after an internal reconfiguration) between the host and the container if there's issues with rendering. However I suspect that it's more that the localtime must be set which may not be true by default in the container.

It's also possible that this is no longer needed as well with the improvements in tools around the container too.