[dock] Add minimal rw tmpfs for /tmp and /run

At least in production, some issues happened that required
to have /tmp writable. To preserve the read-only state
of the container, use a small tmpfs that is enough for
the container to run. /run is another that might be needed
so make it part of the defaults used.
4 jobs for 101_add_tmpfs_when_running_a_container in 25 minutes and 33 seconds (queued for 6 seconds)