问题：

# docker run --rm -ti busybox /bin/sh
docker: Error response from daemon: failed to create shim: OCI runtime create failed: container_linux.go:380: starting container process caused: process_linux.go:545: container init caused: process_linux.go:508: setting cgroup config for procHooks process caused: bpf_prog_query(BPF_CGROUP_DEVICE) failed: operation not permitted: unknown.

系统版本：

Raspberry Pi OS with desktop and recommended software
Release date: May 3rd 2023
System: 32-bit
Kernel version: 6.1
Debian version: 11 (bullseye)

docker 版本

pi@raspberrypi:~ $ docker version
Client:
 Version:           20.10.5+dfsg1
 API version:       1.41
 Go version:        go1.15.15
 Git commit:        55c4c88
 Built:             Mon May 30 18:34:49 2022
 OS/Arch:           linux/arm
 Context:           default
 Experimental:      true

原因

貌似是我使用的BerryBoot引导的系统，内核版本（4.19.49v6v7-aufs）太低，不支持cgroup v2，使用v1版本即可

解决方法

检查

root@raspberrypi:~# docker info |grep -i "cgroup version"
 Cgroup Version: 1

如果是2，则需要在cmdline加入 systemd.unified_cgroup_hierarchy=0

root@raspberrypi:~# cat /media/pi/boot/cmdline.txt
elevator=deadline quiet bootmenutimeout=10 datadev=mmcblk0p2 systemd.unified_cgroup_hierarchy=0

[图片上传失败...(image-92cc29-1693842648151)]

参考

https://github.com/opencontainers/runc/issues/2959
https://github.com/docker/cli/issues/3481