COPY command ignores USER, sets file ownership to root #13020
Comments
|
Hi! We would like to take this time to remind you of the information we need to debug the problem you are seeing. This is an automated response so if this ticket is not about a bug, do not fret. If you fail to provide this information within 7 days, we will close this because we cannot debug your issue. We can reopen whenever the information is provided. Thank you. Please see: Description of problem:
`docker version`:
`docker info`:
`uname -a`:
Environment details (AWS, VirtualBox, physical, etc.):
How reproducible:
Steps to Reproduce:
1.
2.
3.
Actual Results:
Expected Results:
Additional info:
#ENEEDMOREINFO |
rpatrick00
changed the title
|
I believe this is a dup of #6119 since ADD and COPY are pretty much the same code base |
jhrozek
added a commit
to jhrozek/compliance-operator-1
that referenced
this issue
Aug 17, 2020
Turns out that podman is not 1:1 compatible with docker, but in this
case it's a good thing, because docker's behaviour is just plain
dangerous - even if a container is running as a non-privileged user by
default (like, the UBI image runs as the user "default"), they'd still
make the files copied with the COPY directive owned by root. Because
honoring the permissions would be a breaking change, docker instead
introduced a --chown parameter to COPY:
moby/moby#13020
https://stackoverflow.com/questions/44766665/how-do-i-docker-copy-as-non-root
which podman luckily supports as well.
Without this patch, creating the "_output" directory during the build
would have failed with a Permission denied.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When building an image from a docker file where you have a sequence like so:
USER jim
COPY app/* /u01/app
The copied files will be owned by root rather than by jim.
The text was updated successfully, but these errors were encountered: