I seem to have some directories within containers within pods with /etc/pki (and subdirectories) as read-only, so much so that when I try:

root# touch /etc/pki/file
touch: cannot touch '/etc/pki/file': No such file or directory

Which is odd as I'm logged into root, do not have any special mounts on this directory, or any pv/pvc claiming this. Any ideas on where to look? I have considered doing something along the lines of:

$ kubectl -n <namespace> get <pod> -o yaml > config.yml
# <create a new kustomization.yml which patches the current pod with (emptDir: {} and securityContext)
$ kustomize build . | kubectl -n <namespace> apply -f -

But that seems egregious and unnecessary.