failure to chown since 20.10.25-0ubuntu1~22.04.1
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
docker.io (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
Following upgrade to docker.
```
$ lsb_release -rd
Description: Ubuntu 22.04.2 LTS
Release: 22.04
```
Steps to reproduce:
1. untar attached test.tar
2. cd to test directory
3. build image using docker build
Resulting output:
```
$ docker build -t test .
Sending build context to Docker daemon 3.584kB
Step 1/7 : FROM ubuntu:jammy
---> 5a81c4b8502e
Step 2/7 : COPY --chown=root:daemon data/ /data/
---> 91e4ce9a74e5
Step 3/7 : COPY --chown=
---> 97ca4411fdd2
Step 4/7 : RUN find /data /nobody -ls
---> Running in 89c47bbf2b24
8411780 0 drwxr-xr-x 2 root root 6 Aug 3 18:59 /data
4697159 0 drwxr-xr-x 2 root root 6 Aug 3 18:59 /nobody
Removing intermediate container 89c47bbf2b24
---> 57a41db94084
Step 5/7 : FROM ubuntu:jammy
---> 5a81c4b8502e
Step 6/7 : RUN mkdir -p /data /nobody && chown -Rhv root:daemon /data && chown -Rhv nobody:nogroup /nobody && find /data /nobody -ls
---> Running in a7f6f98c8d41
changed ownership of '/data' from root:root to root:daemon
changed ownership of '/nobody' from root:root to nobody:nogroup
4697176 0 drwxr-xr-x 2 root daemon 6 Aug 3 18:59 /data
10023534 0 drwxr-xr-x 2 nobody nogroup 6 Aug 3 18:59 /nobody
Removing intermediate container a7f6f98c8d41
---> 70ba6970623d
Step 7/7 : RUN find /data /nobody -ls
---> Running in d448c00f1d76
10023535 0 drwxr-xr-x 2 root root 6 Aug 3 18:59 /data
13574093 0 drwxr-xr-x 2 root root 6 Aug 3 18:59 /nobody
Removing intermediate container d448c00f1d76
---> 293d216379d3
Successfully built 293d216379d3
Successfully tagged test:latest
```
As it is shown in docker build output:
1. although we asked to COPY and chown source files, next RUN command shows files haven't been chowned for they still belong to root:root
2. if we RUN chown commands, find command in the same layer show files have been chowned. Next RUN layer show the change hasn't persisted.
We marked hol docker.io package so it doesn't get updated until a fix is provided.
I ran into the same issue, but it does not just affect "COPY --chown...". This Dockerfile also reproduces the issue:
FROM ubuntu:22.04
USER nobody
RUN touch /tmp/foobar
RUN stat /tmp/foobar
The last command should show that /tmp/foobar is owned by "nobody", but it is actually owned by "root".