Open nitzmahone opened 1 year ago
Hello @nitzmahone , I found a glitch I'm not sure if it's related to umask but in V3.0.0 the script "entrypoint" is rwx--x--x
When I run a custom EE built with entrypoint and dumb-init (the default options) I get a permission denied error.
As a workaround I found this solution: in execution-environment.yml
as last thing of the section "append_final:
" put a line like " - RUN chmod g+rx /opt/builder/bin/entrypoint
"
Default umask doesn't allow
root
group write permissions- to be most friendly with ephemeral use cases, it probably should...There's no built-in way I'm aware of to have a
umask
setting persist through a build in Containerfile-style builds (it can be done inbuildah
imperative builds, but that's a much larger conversation), and rewriting all the tasks to inject aumask
into the process chain for every build step that might need it is ... prohibitve. It could be done in the default builderentrypoint
script for runtime needs, which may solve a small class of problems, but ensuring that default file-permissions are set properly during build-time (+rw
on files and+rwx
on dirs for both owner and group) is the much more important need to solve.