Mount equivalent for `--volume /var` succeeds on Docker-CE/Linux, but fails on Docker Desktop for WSL2

[thediveo]

Preflight checklist

• I could not find a solution in the existing issues, docs, nor discussions.
• I agree to follow this project's Code of Conduct.
• I have read and am following this repository's Contribution Guidelines.
• I have joined the Ory Community Slack.
• I am signed up to the Ory Security Patch Newsletter.

Ory Network Project

No response

Describe the bug

Note, I've seen and read issue #274.

A Docker-related unit test using a /var (sic!) mount succeeds correctly on Docker CE 24.0.5 on Linux/Ubuntu, but fails with Docker Desktop 24.0.2 on WSL2/Ubuntu. While I don't have hard proof I suspect an issue with the MountParser.

In the unit test https://github.com/thediveo/whalewatcher/blob/d4f3b7b22eb1d0b7a4e9d8a1474991b871444e83/engineclient/containerd/containerd_test.go#L139 I'm doing the equivalent of the following CLI command:

docker run -it --rm --name kindisch-xx --privileged --cgroupns=private --init=false --device /dev/fuse --tmpfs /tmp --tmpfs /run --volume /var --volume /lib/modules:/lib/modules:ro kindisch-ww-containerd

When running this CLI command on WSL2 with Docker Desktop, it succeeds. In contrast, the corresponding dockertest RunWithOptions fails on WSL2, whereas it succeeds on Docker CE:

[FAILED] Unexpected error:
      <*docker.Error | 0xc000012438>: 
      API error (500): mount denied:
      the source path "/var"
      doesn't contains colon
      
      {
          Status: 500,
          Message: "mount denied:\nthe source path \"/var\"\ndoesn't contains colon\n",
      }

Reproducing the bug

https://github.com/thediveo/whalewatcher/blob/d4f3b7b22eb1d0b7a4e9d8a1474991b871444e83/engineclient/containerd/containerd_test.go#L139:

providerCntr = Successful(pool.RunWithOptions(
				&dockertest.RunOptions{
					Name:       kindischName,
					Repository: img.Name,
					Privileged: true,
					Mounts: []string{
						"/var", // well, this actually is an unnamed volume
						"/dev/mapper:/dev/mapper",
						"/lib/modules:/lib/modules:ro",
					},
					Tty: true,
				}, func(hc *docker.HostConfig) {
					hc.Init = false
					hc.Tmpfs = map[string]string{
						"/tmp": "",
						"/run": "",
					}
					hc.Devices = []docker.Device{
						{PathOnHost: "/dev/fuse"},
					}
				}))

Relevant log output

No response

Relevant configuration

$ docker version
Client: Docker Engine - Community
 Cloud integration: v1.0.35
 Version:           24.0.2
 API version:       1.43
 Go version:        go1.20.4
 Git commit:        cb74dfc
 Built:             Thu May 25 21:52:17 2023
 OS/Arch:           linux/amd64
 Context:           default

Server: Docker Desktop
 Engine:
  Version:          24.0.2
  API version:      1.43 (minimum version 1.12)
  Go version:       go1.20.4
  Git commit:       659604f
  Built:            Thu May 25 21:52:17 2023
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.21
  GitCommit:        3dce8eb055cbb6872793272b4f20ed16117344f8
 runc:
  Version:          1.1.7
  GitCommit:        v1.1.7-0-g860f061
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

Version

github.com/ory/dockertest/v3 v3.10.0

On which operating system are you observing this issue?

Windows

In which environment are you deploying?

Other

Additional Context

No response