Make files copied from host to user home fully accessible to user#2
Open
brainchild0 wants to merge 1 commit intopacstall:masterfrom
Open
Make files copied from host to user home fully accessible to user#2brainchild0 wants to merge 1 commit intopacstall:masterfrom
brainchild0 wants to merge 1 commit intopacstall:masterfrom
Conversation
Due to a combination of factors, files copied from the host system are not writable by the default user, and neither are directories navigable. Notably, the owner of such files is set to the user of the base image, not the user declared, as an override, by the derived image. This commit utilizes ACLs to correct harmlessly a disruption of usability presently emerging in particular cases.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The general use case is to start a container from the generated image, to copy a script ready to be tested from the host to the container, and then to invoke the script in the container.
In some cases, it is required to copy additional files to the container. For example, to avoid repeated downloading of the same sources for successive tests, some sources may be maintained as local copies within the test environment. In such cases, it may be a directory, not a single file, copied from the host to the container after being created.
Due to a combination of factors, files copied from the host system are not writable to the default user, and neither are directories navigable. Notably, the owner of such files is set to the user of the base image, not the user declared, as an override, by the derived image. The reason is likely deliberately chosen by the container system to preserve compatibility among images sharing a common base.
Regardless, the proposed modification, utilizing ACLs, harmlessly corrects a disruption of usability presently emerging in particular cases.
As a further note, it may be worth considering whether it is necessary for the derived image to provision an additional user, rather than simply relying on the user provided by the base image.