Description
openedon Jun 5, 2024
Contributing guidelines
- I've read the contributing guidelines and wholeheartedly agree
I've found a bug, and:
- The documentation does not mention anything about my problem
- There are no open or closed issues that are related to my problem
Description
I have a docker container as an Arch-based Linux distro. Usually I create the container and I push it by the build-push-action but when I create and push the container by this action, when I pull the image and run the container, the filesystem root has the following permissions:
drwxr-xr-x root root 26 B Wed Jun 5 10:27:55 2024 .
drwxr-xr-x root root 26 B Wed Jun 5 10:27:55 2024 ..
.rwxr-xr-x root root 0 B Wed Jun 5 10:27:55 2024 .dockerenv
lrwxrwxrwx root root 7 B Sun Apr 7 18:02:30 2024 bin ⇒ usr/bin
drwxr-xr-x root root 0 B Sun Apr 7 18:02:30 2024 boot
drwxr-xr-x root root 420 B Wed Jun 5 10:27:55 2024 dev
drwxrwxrwx root root 140 B Wed Jun 5 10:27:58 2024 etc
drwxr-xr-x root root 12 B Wed Jun 5 10:09:04 2024 home
lrwxrwxrwx root root 7 B Sun Apr 7 18:02:30 2024 lib ⇒ usr/lib
lrwxrwxrwx root root 7 B Sun Apr 7 18:02:30 2024 lib64 ⇒ usr/lib
drwxr-xr-x root root 0 B Sun Apr 7 18:02:30 2024 mnt
drwxr-xr-x root root 30 B Wed Jun 5 10:07:57 2024 opt
dr-xr-xr-x root root 0 B Wed Jun 5 10:27:55 2024 proc
drwxr-x--- root root 20 B Wed Jun 5 10:09:03 2024 root
drwxr-xr-x root root 460 B Wed Jun 5 10:28:00 2024 run
lrwxrwxrwx root root 7 B Sun Apr 7 18:02:30 2024 sbin ⇒ usr/bin
drwxr-xr-x root root 14 B Sun Jun 2 03:31:09 2024 srv
dr-xr-xr-x root root 0 B Wed Jun 5 10:27:55 2024 sys
drwxrwxrwt root root 200 B Wed Jun 5 11:17:53 2024 tmp
drwxrwxrwx root root 10 B Wed Jun 5 10:05:00 2024 usr
drwxr-xr-x root root 44 B Wed Jun 5 10:27:58 2024 var
Look at etc
and usr
permissions. It creates several issues (like the /etc/sudoers.d
being not working if it is world writable`).
When I build the same container locally and I push it by:
git clone https://github.com/Athena-OS/athena-rdp-docker.git
cd athena-rdp-docker
docker buildx build --tag 'athena-rdp:latest' .
docker login
docker push athenaos/rdp:latest
and then I run it by docker run
, the permissions are set correctly.
So I have the described issue only when I use docker action. The GitHub workflow I use for it is:
name: Scheduled Publish
on:
schedule:
- cron: '22 4 * * 0'
workflow_dispatch:
jobs:
docker-publish:
runs-on: ubuntu-latest
steps:
-
name: Set up QEMU
uses: docker/setup-qemu-action@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
-
name: Log to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_USER }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
-
name: Build and push
uses: docker/build-push-action@v5
with:
push: true
tags: athenaos/rdp:latest
Instructions to run the container are on README of the https://github.com/Athena-OS/athena-rdp-docker repository.
Expected behaviour
/etc
and /usr
directories and some their subdir should have the right permissions, for example:
drwxr-xr-x root root 3.4 KB Wed Jun 5 10:33:25 2024 etc
drwxr-xr-x root root 162 B Wed Jun 5 10:33:25 2024 usr
Actual behaviour
The filesystem root has the following permissions:
drwxrwxrwx root root 140 B Wed Jun 5 10:27:58 2024 etc
drwxrwxrwx root root 10 B Wed Jun 5 10:05:00 2024 usr
Repository URL
https://github.com/Athena-OS/athena-rdp-docker
Workflow run URL
https://github.com/Athena-OS/athena-rdp-docker/blob/main/.github/workflows/docker-publish.yml
YAML workflow
name: Scheduled Publish
on:
schedule:
- cron: '22 4 * * 0'
workflow_dispatch:
jobs:
docker-publish:
runs-on: ubuntu-latest
steps:
-
name: Set up QEMU
uses: docker/setup-qemu-action@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
-
name: Log to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_USER }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
-
name: Build and push
uses: docker/build-push-action@v5
with:
push: true
tags: athenaos/rdp:latest
Workflow logs
No response
BuildKit logs
No response
Additional info
No response