The first field is the container path to mount into a tmpfs. The second field
is optional and lets you set mount options. Valid mount options for `--tmpfs`
include:
| Option | Description |
| ------------ | ------------------------------------------------------------------------------------------- |
| `ro` | Creates a read-only tmpfs mount. |
| `rw` | Creates a read-write tmpfs mount (default behavior). |
| `nosuid` | Prevents `setuid` and `setgid` bits from being honored during execution. |
| `suid` | Allows `setuid` and `setgid` bits to be honored during execution (default behavior). |
| `nodev` | Device files can be created but are not functional (access results in an error). |
| `dev` | Device files can be created and are fully functional. |
| `exec` | Allows the execution of executable binaries in the mounted file system. |
| `noexec` | Does not allow the execution of executable binaries in the mounted file system. |
| `sync` | All I/O to the file system is done synchronously. |
| `async` | All I/O to the file system is done asynchronously (default behavior). |
| `dirsync` | Directory updates within the file system are done synchronously. |
| `atime` | Updates file access time each time the file is accessed. |
| `noatime` | Does not update file access times when the file is accessed. |
| `diratime` | Updates directory access times each time the directory is accessed. |
| `nodiratime` | Does not update directory access times when the directory is accessed. |
| `size` | Specifies the size of the tmpfs mount, for example, `size=64m`. |
| `mode` | Specifies the file mode (permissions) for the tmpfs mount (for example, `mode=1777`). |
| `uid` | Specifies the user ID for the owner of the tmpfs mount (for example, `uid=1000`). |
| `gid` | Specifies the group ID for the owner of the tmpfs mount (for example, `gid=1000`). |
| `nr_inodes` | Specifies the maximum number of inodes for the tmpfs mount (for example, `nr_inodes=400k`). |
| `nr_blocks` | Specifies the maximum number of blocks for the tmpfs mount (for example, `nr_blocks=1024`). |
```console {title="Example"}
$ docker run --tmpfs /data:noexec,size=1024,mode=1777
```
Not all tmpfs mount features available in the Linux mount command are supported
with the `--tmpfs` flag. If you require advanced tmpfs options or features, you
may need to use a privileged container or configure the mount outside of