Docker-DCO-1.1-Signed-off-by: Tibor Vass <teabee89@gmail.com> (github: tiborvass)
Tibor Vass authored on 2014/05/21 05:39:46... | ... |
@@ -235,7 +235,9 @@ being built (also called the *context* of the build) or a remote file URL. |
235 | 235 |
`<dest>` is the absolute path to which the source will be copied inside the |
236 | 236 |
destination container. |
237 | 237 |
|
238 |
-All new files and directories are created with mode 0755, uid and gid 0. |
|
238 |
+All new files and directories are created with a uid and gid of 0. |
|
239 |
+ |
|
240 |
+In the case where `<src>` is a remote file URL, the destination will have permissions 600. |
|
239 | 241 |
|
240 | 242 |
> **Note**: |
241 | 243 |
> If you build using STDIN (`docker build - < somefile`), there is no |
... | ... |
@@ -5,5 +5,5 @@ RUN touch /exists |
5 | 5 |
RUN chown dockerio.dockerio /exists |
6 | 6 |
ADD test_file / |
7 | 7 |
RUN [ $(ls -l /test_file | awk '{print $3":"$4}') = 'root:root' ] |
8 |
-RUN [ $(ls -l /test_file | awk '{print $1}') = '-rwxr-xr-x' ] |
|
8 |
+RUN [ $(ls -l /test_file | awk '{print $1}') = '-rw-r--r--' ] |
|
9 | 9 |
RUN [ $(ls -l /exists | awk '{print $3":"$4}') = 'dockerio:dockerio' ] |
... | ... |
@@ -7,5 +7,5 @@ ADD test_dir /test_dir |
7 | 7 |
RUN [ $(ls -l / | grep test_dir | awk '{print $3":"$4}') = 'root:root' ] |
8 | 8 |
RUN [ $(ls -l / | grep test_dir | awk '{print $1}') = 'drwxr-xr-x' ] |
9 | 9 |
RUN [ $(ls -l /test_dir/test_file | awk '{print $3":"$4}') = 'root:root' ] |
10 |
-RUN [ $(ls -l /test_dir/test_file | awk '{print $1}') = '-rwxr-xr-x' ] |
|
10 |
+RUN [ $(ls -l /test_dir/test_file | awk '{print $1}') = '-rw-r--r--' ] |
|
11 | 11 |
RUN [ $(ls -l /exists | awk '{print $3":"$4}') = 'dockerio:dockerio' ] |
... | ... |
@@ -152,6 +152,21 @@ func TestAddWholeDirToRoot(t *testing.T) { |
152 | 152 |
logDone("build - add whole directory to root") |
153 | 153 |
} |
154 | 154 |
|
155 |
+func TestAddEtcToRoot(t *testing.T) { |
|
156 |
+ buildDirectory := filepath.Join(workingDirectory, "build_tests", "TestAdd") |
|
157 |
+ buildCmd := exec.Command(dockerBinary, "build", "-t", "testaddimg", "EtcToRoot") |
|
158 |
+ buildCmd.Dir = buildDirectory |
|
159 |
+ out, exitCode, err := runCommandWithOutput(buildCmd) |
|
160 |
+ errorOut(err, t, fmt.Sprintf("build failed to complete: %v %v", out, err)) |
|
161 |
+ |
|
162 |
+ if err != nil || exitCode != 0 { |
|
163 |
+ t.Fatal("failed to build the image") |
|
164 |
+ } |
|
165 |
+ |
|
166 |
+ deleteImages("testaddimg") |
|
167 |
+ logDone("build - add etc directory to root") |
|
168 |
+} |
|
169 |
+ |
|
155 | 170 |
// Issue #5270 - ensure we throw a better error than "unexpected EOF" |
156 | 171 |
// when we can't access files in the context. |
157 | 172 |
func TestBuildWithInaccessibleFilesInContext(t *testing.T) { |
... | ... |
@@ -438,9 +438,6 @@ func (b *buildFile) addContext(container *daemon.Container, orig, dest string, r |
438 | 438 |
if err := os.Lchown(path, uid, gid); err != nil && !os.IsNotExist(err) { |
439 | 439 |
return err |
440 | 440 |
} |
441 |
- if err := os.Chmod(path, 0755); err != nil && !os.IsNotExist(err) { |
|
442 |
- return err |
|
443 |
- } |
|
444 | 441 |
return nil |
445 | 442 |
}) |
446 | 443 |
} |