AccessDenied when trying another user that is not sudoer

[MathieuB1]

Hi everyone,

When launching the binary from another user that is not sudoer I have this issue:

...
munmap(0x7f611a670000, 4096)            = 0
wait4(249670, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0, NULL) = 249670
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=249670, si_uid=1001, si_status=0, si_utime=0, si_stime=0} ---
poll([{fd=5, events=POLLIN}], 1, 0)     = 0 (Timeout)
close(5)                                = 0
openat(4, "mount/config.json", O_RDWR|O_NOCTTY|O_LARGEFILE|O_CLOEXEC) = -1 EACCES (Permission denied)
close(4)                                = 0
...
write(2, "error: AccessDenied\n", 20error: AccessDenied <<<<<
...

main.zig

        const file = try tmpDir.openFile("mount/config.json", .{ .mode = .read_only });
        defer file.close();

Can we force the permission on this file? It comes from umoci and will help to launch the binary as a non sudoer

[NilsIrl]

This should be fixed in the latest version of dockerc (thanks to https://github.com/NilsIrl/dockerc/commit/a3d33b2ab210063620c05fd400d14c8e6d87e0c1).