Hi Paul,
I went through your previous discussion, so I understand this is a continuation of your work to run Wazuh with a hardened container configuration. https://groups.google.com/g/wazuh/c/aWp3Ti25jcA
The current issue is different from the previous one. The error indicates that Wazuh Manager cannot perform the chroot operation during startup:
Wazuh does not provide a configuration option to grant additional privileges only to analysisd. It uses the permissions available to the process when it starts. If the deployment restricts an operation that Wazuh requires, Wazuh Manager may fail to start with this error.
Since this is a continuation of your previous hardening work, could you share what changed after you got read_only_root_filesystem: true working? In particular, did this issue start immediately after setting privileged: false, or were there any other changes made to the container security configuration?