Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

/home incorrectly has ownership changed to nonroot:nonroot (65532:65532) #1661

Open
polarathene opened this issue Sep 5, 2024 · 2 comments
Open

/home incorrectly has ownership changed to nonroot:nonroot (65532:65532) #1661

polarathene opened this issue Sep 5, 2024 · 2 comments
Assignees
@thesayyn

Comments

@polarathene
Copy link

Describe the bug

Images (at least Debian 12 variants) seem to add /home/nonroot layer that modifies the ownership of /home:

image

Presumably that was unintentional and only meant to be applied to /home/nonroot?

To Reproduce

You can inspect the responsible layer where this change has been highlighted above via the dive tool:

docker run --rm -it \
  -v /var/run/docker.sock:/var/run/docker.sock \
  wagoodman/dive:latest \
  gcr.io/distroless/static-debian12:latest

While I've not done a diff of the file content, it does look rather similar to gcr.io/distroless/static-debian12:nonroot. That might explain why the /home/nonroot user is created?

docker inspect gcr.io/distroless/static-debian12:nonroot does show metadata differs, such as the default working directory and user to run as.

Expected behavior

/home should keep it's 0:0 ownership?
@loosebazooka
Copy link
Member

interesting, lemme go see

@loosebazooka
Copy link
Member

@thesayyn could this be happening in rules_distroless?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@thesayyn thesayyn

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@loosebazooka @polarathene @thesayyn