tried that as well already, but without any luck.
however, after reading this comment, I found the culprit:
- instead of using
connect="unix:/var/run/aesmd/aesm.socket"I had to use justconnect="unix:/run/aesmd/aesm.socket"(no/var). - inside container, I needed to create a symlink with
mkdir /run/aesmd && ln -s /mnt/aesm.socket /run/aesmd/aesm.socket
and it finally works as expected (in privileged container; now I will try to make it work for unprivileged one)
thanks a lot @qkiel for looking into this together with me and for giving me some inspiration!