buildah permissions issue
Summary
(Summarize the bug encountered concisely)
When running buildah container, buildah
commands result in error permission denied
Steps to reproduce
(How one can reproduce the issue - this is very important)
docker run --security-opt seccomp=unconfined --rm --name buildah-323 --entrypoint=/bin/bash -it registry1.dso.mil/ironbank/opensource/containers/buildah@sha256:2098b9ade1e5ca904fbbd60f9aa12e023013acb699d6b3eb8c5eef03c8171551
What is the current bug behavior?
unable to run any buildah
commands
(What actually happens)
bash-4.4$ buildah info
WARN[0000] Error loading container config when searching for local runtime: stat /home/build/.config/containers/storage.conf: permission denied
ERRO[0000] failed to setup From and Build flags: failed to get container config: stat /home/build/.config/containers/storage.conf: permission denied
What is the expected correct behavior?
(What you should see instead)
[build@buildah /]$ buildah info
{
"host": {
"CgroupVersion": "v1",
"Distribution": {
"distribution": "\"rhel\"",
"version": "8.7"
},
"MemFree": 13451055104,
"MemTotal": 33177460736,
"OCIRuntime": "runc",
"SwapFree": 0,
"SwapTotal": 0,
"arch": "amd64",
"cpus": 4,
"hostname": "buildah",
"kernel": "5.10.167-147.601.amzn2.x86_64",
"os": "linux",
"rootless": true,
"uptime": "70h 47m 35.45s (Approximately 2.92 days)",
"variant": ""
},
"store": {
"ContainerStore": {
"number": 0
},
"GraphDriverName": "vfs",
"GraphOptions": null,
"GraphRoot": "/home/build/.local/share/containers/storage",
"GraphStatus": {},
"ImageStore": {
"number": 5
},
"RunRoot": "/var/tmp/containers-user-1000/containers/containers"
}
}
Relevant logs and/or screenshots
(Paste any relevant logs - please use code blocks (```) to format console output, logs, and code as it's very hard to read otherwise.)
See current bug behavior above
Possible fixes
(If you can, link to the line of code that might be responsible for the problem)
When this is removed, container works as expected.
Also should add:
WORKDIR /home/build
at the end of the file
Tasks
-
Bug has been identified and corrected within the container
Please read the Iron Bank Documentation for more info
Edited by Abdullah Alsindy