Improve support for debugging container problems
Two small improvements that make debugging a container easier:
- Always mount /gck for easier file exchange with the host. We already did this for
spring, but I often find that I want to run a script or move files between a staging area in GCK and the container, so it would be nice to always have this mounted. - Add ptrace cap to support debuggers. Tools like GDB need the
ptracesyscall to function.