Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix file permission issue for container builds on remote daemons #15420

Merged
merged 1 commit into from
Mar 3, 2021
Merged

Fix file permission issue for container builds on remote daemons #15420

merged 1 commit into from
Mar 3, 2021

Conversation

jonathan-meier
Copy link
Contributor

Don't use --user and --userns in remote containers

Using them results in files being copied back to host to be owned by the
guest user instead of the host user.

e.g.
$ podman create --name temp --user 1000:1000 --userns=keep-id -it
quay.io/quarkus/ubi-quarkus-native-image:21.0.0-java11
$ podman cp temp:/opt/graalvm/bin/native-image remote-native-image
$ ls -la remote-native-image
-rwxr-xr-x. 1 100000 100000 14641161 Feb 14 03:28 remote-native-image*
$ id -u
1000

(cherry picked from commit 5d4f39d, PR #15288)

@zakkak @jonathan-meier
Don't use --user and --userns in remote containers
9951683 
Using them results in files being copied back to host to be owned by the
guest user instead of the host user.

e.g.
$ podman create --name temp --user 1000:1000 --userns=keep-id -it \
    quay.io/quarkus/ubi-quarkus-native-image:21.0.0-java11
$ podman cp temp:/opt/graalvm/bin/native-image remote-native-image
$ ls -la remote-native-image
-rwxr-xr-x. 1 100000 100000 14641161 Feb 14 03:28 remote-native-image*
$ id -u
1000

(cherry picked from commit 5d4f39d)
@quarkus-bot quarkus-bot bot added the area/core label Mar 2, 2021
@jonathan-meier jonathan-meier mentioned this pull request Mar 2, 2021
Merged
@gsmet gsmet added this to the 1.12.1.Final milestone Mar 2, 2021
@gastaldi
Copy link
Contributor

gastaldi commented Mar 3, 2021
edited
Loading

Shouldn't this change be in master too?

Edit: nevermind, just saw that it was cherry picked from another PR that was already merged in masyer

@gsmet gsmet merged commit c33c2b9 into quarkusio:1.12 Mar 3, 2021
@jonathan-meier jonathan-meier deleted the fix_permissions_remote_container_build branch March 3, 2021 09:03
@jonathan-meier jonathan-meier restored the fix_permissions_remote_container_build branch March 9, 2021 22:25
@jonathan-meier jonathan-meier deleted the fix_permissions_remote_container_build branch March 9, 2021 22:26
This was referenced Mar 11, 2021
Closed
Closed
Closed
Merged
Closed
Closed
Merged
Merged
Merged
Closed
Closed
Closed
Closed
Merged
Closed
Closed
Closed
Closed
Closed
@dependabot dependabot bot mentioned this pull request Mar 18, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gsmet gsmet gsmet approved these changes

Assignees
No one assigned
Labels
area/core
Projects
None yet
Milestone
1.12.1.Final
Development

Successfully merging this pull request may close these issues.
4 participants
@jonathan-meier @gastaldi @gsmet @zakkak