Ubuntu
docker.io package

failure to chown since 20.10.25-0ubuntu1~22.04.1

Bug #2029564 reported by Christian
78
This bug affects 14 people
Affects Status Importance Assigned to Milestone
docker.io (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

Following upgrade to docker.io:20.10.25-0ubuntu1~22.04.1, chown operations at build time no longer work. Reverting to previous package version (sudo apt install docker.io=20.10.21-0ubuntu1~22.04.3) allows to make things right again.

```
$ lsb_release -rd
Description: Ubuntu 22.04.2 LTS
Release: 22.04
```

Steps to reproduce:
1. untar attached test.tar
2. cd to test directory
3. build image using docker build

Resulting output:
```
$ docker build -t test .
Sending build context to Docker daemon 3.584kB
Step 1/7 : FROM ubuntu:jammy
 ---> 5a81c4b8502e
Step 2/7 : COPY --chown=root:daemon data/ /data/
 ---> 91e4ce9a74e5
Step 3/7 : COPY --chown=nobody:nogroup nobody/ /nobody/
 ---> 97ca4411fdd2
Step 4/7 : RUN find /data /nobody -ls
 ---> Running in 89c47bbf2b24
  8411780 0 drwxr-xr-x 2 root root 6 Aug 3 18:59 /data
  4697159 0 drwxr-xr-x 2 root root 6 Aug 3 18:59 /nobody
Removing intermediate container 89c47bbf2b24
 ---> 57a41db94084
Step 5/7 : FROM ubuntu:jammy
 ---> 5a81c4b8502e
Step 6/7 : RUN mkdir -p /data /nobody && chown -Rhv root:daemon /data && chown -Rhv nobody:nogroup /nobody && find /data /nobody -ls
 ---> Running in a7f6f98c8d41
changed ownership of '/data' from root:root to root:daemon
changed ownership of '/nobody' from root:root to nobody:nogroup
  4697176 0 drwxr-xr-x 2 root daemon 6 Aug 3 18:59 /data
 10023534 0 drwxr-xr-x 2 nobody nogroup 6 Aug 3 18:59 /nobody
Removing intermediate container a7f6f98c8d41
 ---> 70ba6970623d
Step 7/7 : RUN find /data /nobody -ls
 ---> Running in d448c00f1d76
 10023535 0 drwxr-xr-x 2 root root 6 Aug 3 18:59 /data
 13574093 0 drwxr-xr-x 2 root root 6 Aug 3 18:59 /nobody
Removing intermediate container d448c00f1d76
 ---> 293d216379d3
Successfully built 293d216379d3
Successfully tagged test:latest
```

As it is shown in docker build output:
1. although we asked to COPY and chown source files, next RUN command shows files haven't been chowned for they still belong to root:root
2. if we RUN chown commands, find command in the same layer show files have been chowned. Next RUN layer show the change hasn't persisted.

We marked hol docker.io package so it doesn't get updated until a fix is provided.

Revision history for this message
Christian (cboitel) wrote :
Revision history for this message
snordhausen (snordhausen) wrote :

I ran into the same issue, but it does not just affect "COPY --chown...". This Dockerfile also reproduces the issue:

FROM ubuntu:22.04

USER nobody
RUN touch /tmp/foobar
RUN stat /tmp/foobar

The last command should show that /tmp/foobar is owned by "nobody", but it is actually owned by "root".

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in docker.io (Ubuntu):
status: New → Confirmed
Revision history for this message
Yurko (yurko-fedoriv) wrote :

downgrade helps.
I also had to prune docker cache to get rid of layers with incorrect permissions.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.