❯ docker run -d -it --name debian --mount type=tmpfs,destination=/run,tmpfs-mode=1777 --mount type=tmpfs,destination=/tmp,tmpfs-mode=1777 debian bash
❯ docker exec -it debian ls -lrtd /run /tmp
drwxrwxrwt 2 root root 40 Jul 27 14:06 /tmp
drwxr-xr-x 2 root root 40 Jul 27 14:06 /run
Here, why is tmpfs-mode=1777 is not getting applied to the /run alone?
It works perfectly fine for other directories.
Any specific reason here?
I believe that since /run already exists, the permissions of that directory are being applied to the tmpfs mount. The same thing is happening with /tmp, but since the permissions on the underlying /tmp directory already match what you want you don't notice it.
You can verify this by creating tmpfs mounts on other directories (e.g., /root). You'll see that they adopt the permissions of the mountpoint.
If you really need the permissions on /run to be different, you could build a new image with your desired permissions on /run (or just run chmod once the container is running).