Skip to content

builder: dockerfile COPY --from specify dir will change uid/gid #46529

New issue
New issue
Open
Open
builder: dockerfile COPY --from specify dir will change uid/gid#46529
Labels
area/builderBuildkind/bugBugs are bugs. The cause may or may not be known at triage time so debugging may be needed.status/0-triagestatus/more-info-neededversion/18.09version/unsupported
@kamizjw

Description

@kamizjw
kamizjw
opened on Sep 21, 2023

Description

I wrote two dockerfiles,
dockerfile1 like this:

From rnd-dockerhub.huawei.com/official/ubuntu-arm64
RUN useradd hjf
RUN cd /home/ && mkdir test && chown hjf: test

run docker build -t test1 -f Dockerfile1 cmd,will construct image test1
dockerfile2 like this:

FROM test1 as build
FROM rnd-dockerhub.huawei.com/official/nginx-aarch64
RUN useradd hjf
COPY --from=build /home/test /home/test

run docker build -t test2 -f Dockerfile2 cmd,will construct image test2

finnally docker run test2,the /home/test dir permissions are as follows:

root@f36df3977fb2:/home# ls -al
total 16
drwxr-xr-x. 1 root root 4096 Sep 21 12:30 .
drwxr-xr-x. 1 root root 4096 Sep 21 12:30 ..
drw-------. 2 root root 4096 Sep 21 12:30 test

test dir permissions changed from hjf to root

Reproduce

1.docker build -t test1 -f Dockerfile1 .
2.docker build -t test2 -f Dockerfile2 .
3.docker run -it test1:latest bash
4.docker run -it test2:latest bash

Expected behavior

No response

docker version

[root@localhost ~]# docker version
Client:
 Version:           18.09.0
 EulerVersion:      18.09.0.400
 API version:       1.39
 Go version:        go1.17.3
 Git commit:        e812b33
 Built:             Sun Sep 17 11:16:53 2023
 OS/Arch:           linux/arm64
 Experimental:      false

Server:
 Engine:
  Version:          18.09.0
  EulerVersion:     18.09.0.400
  API version:      1.39 (minimum version 1.12)
  Go version:       go1.17.3
  Git commit:       e812b33
  Built:            Thu Sep 21 11:57:01 2023
  OS/Arch:          linux/arm64
  Experimental:     false

docker info

[root@localhost ~]# docker info
Containers: 49
 Running: 0
 Paused: 0
 Stopped: 49
Images: 97
Server Version: 18.09.0
Storage Driver: overlay2
 Backing Filesystem: extfs
 Supports d_type: true
 Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Hugetlb Pagesize: 2MB, 64KB, 32MB, 1GB, 64KB, 32MB, 2MB, 1GB (default is 2MB)
Plugins:
 Volume: local
 Network: bridge host macvlan null overlay
 Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: ce022dde7c93458c304b4cdcf9a9b6fc7dff6778
runc version: N/A
init version: N/A (expected: )
Security Options:
 seccomp
  Profile: default
Kernel Version: 5.10.0
Operating System: EulerOS 2.0 (SP12)
OSType: linux
Architecture: aarch64
CPUs: 4
Total Memory: 7.235GiB
Name: localhost.localdomain
ID: DNLX:6QK7:35N2:RAYM:I6G7:WEMI:G424:LI3W:IHEX:KZKO:CJGV:C37U
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
 10.175.125.206:80
 127.0.0.0/8
Live Restore Enabled: true

Additional Info

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/builderBuildkind/bugBugs are bugs. The cause may or may not be known at triage time so debugging may be needed.status/0-triagestatus/more-info-neededversion/18.09version/unsupported

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions