container-common-scripts icon indicating copy to clipboard operation
container-common-scripts copied to clipboard

Published 20 hours ago verified publisher icon sclorg

reproducible_builds: ensure that `umask` doesn't affect the container build

Open praiskup opened this issue 8 years ago • 1 comments

  • git doesn't track file permissions, thus
  • git clone initiates the permissions according the user's umask value
  • docker build just copies the files as-is into container
  • especial problems are with root/usr directory created by ADD root / command, this affects the whole image (/usr directory might be unreadable)

In RPMs' specfiles, we explicitly set the permissions in %install phase (or by %attr in %files), though there's no such way in Dockerfile.

praiskup avatar Apr 06 '17 08:04 praiskup

Related to https://github.com/sclorg/mariadb-container/issues/29

omron93 avatar Apr 06 '17 08:04 omron93