Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Master app fails to create a new docker image due to restricted file permissions on the image files (workaround exists) #73

Open
kcq opened this issue Mar 23, 2019 · 4 comments
Open

Master app fails to create a new docker image due to restricted file permissions on the image files (workaround exists) #73

kcq opened this issue Mar 23, 2019 · 4 comments
Labels
enhancement validating fix

Comments

@kcq
Copy link
Member

kcq commented Mar 23, 2019

Reported by Danesh ( @dforouhari ):

  1. I am logged with my uid (dforouhari)
  2. docker-slim failed with/at

docker-slim[build]: state=building message='building minified image' time="2019-03-19T16:45:56-07:00" level=fatal msg="docker-slim: failure" error="no permission to read from '/home/dforouhari/3rd _party_src/dist_linux/.images/752f8eea14330275ff2c3e1611f7db98cc13cfa9c9cc635b6970a7afb0f113e3/artifacts/files/root/.ssh/id_rsa '" stack="goroutine 1 [running]:

[dforouhari@artifacts]$ pwd
/home/dforouhari/3rd_party_src/dist_linux/.images/752f8eea14330275ff2c3e1611f7db98cc13cfa9c9cc635b6970a7afb0f113e3/artifacts [dforouhari@artifacts]$ ls -lt
total 96
-rw-r--r-- 1 dforouhari dforouhari 176 Mar 19 16:45 Dockerfile
-rw-r--r-- 1 dforouhari dforouhari 3700 Mar 19 16:45 img_demo-seccomp.json
-rw-r--r-- 1 dforouhari dforouhari 3089 Mar 19 16:45 img_demo-apparmor-profile
-rw-r--r-- 1 root root 81795 Mar 19 16:45 creport.json
#Question is the uid/gid root what u expect?
drwxr-xr-x 10 root root 101 Mar 19 16:45 files
#Question is the uid/gid root what u expect?
-rw-r--r-- 1 dforouhari dforouhari 2691 Mar 19 16:44 Dockerfile.fat

Here is the perm on the specific file that docker-slim complained about
[dforouhari@artifacts]$ ls -l
/home/dforouhari/3rd_party_src/dist_linux/.images/752f8eea14330275ff2c3e1611f7db98cc13cfa9c9cc635b6970a7afb0f113e3/artifacts/files/root/.ssh/id_rsa
-rw------- 1 root root 1675 Mar 19 16:44
@kcq kcq mentioned this issue Mar 23, 2019
Closed
@kcq kcq changed the title Master app fails to create a new docker image due to restricted file permissions on the image files Master app fails to create a new docker image due to restricted file permissions on the image files (workaround exists) Mar 23, 2019
@kcq
Copy link
Member Author

kcq commented Mar 23, 2019

A temporary workaround is to run docker-slim from a root shell.

@dforouhari
Copy link

dforouhari commented Mar 23, 2019 via email

@kcq
Copy link
Member Author

kcq commented Mar 23, 2019

Hopefully a more permanent solution will be available soon :-)

@kcq kcq mentioned this issue Apr 26, 2019
Open
@kcq
Copy link
Member Author

kcq commented Nov 23, 2019

The 1.26.0 release introduces a new way to collect the container artifacts that should avoid the file permission problem:
Linux: https://downloads.dockerslim.com/releases/1.26.0/dist_linux.tar.gz
Mac: https://downloads.dockerslim.com/releases/1.26.0/dist_mac.zip

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement validating fix
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kcq @dforouhari