build: enforce `sudo` mode in order to prevent `Operation not permitted` spams

[Dentrax]

To increase the overall UX, maybe enforcing and checking sudo mode in the first phase would better. Otherwise we ended up something like the following:

Nov 21 11:14:09.404 [INFO] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] running: /sbin/apk fix --root /tmp/apko-2078361064 --no-scripts --no-cache --update-cache --arch x86_64
Nov 21 11:14:09.410 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] fetch https://packages.wolfi.dev/os/x86_64/APKINDEX.tar.gz
Nov 21 11:14:09.953 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] (1/28) Installing glibc-locale-posix (2.36-r3)
Nov 21 11:14:10.834 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on usr/lib/locale/C.utf8/.apk.49891d2f0983cb7df73dbc8f0f0db66204db0940ce003247: Operation not permitted
Nov 21 11:14:10.834 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on usr/lib/locale/C.utf8/.apk.d07454acb13bebc6b8cea5cc205646a896e646f727295067: Operation not permitted
Nov 21 11:14:10.835 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on usr/lib/locale/C.utf8/.apk.f7b8d3872190d1f89bf8d1872ccb8c7c448b1aba71c171d9: Operation not permitted
Nov 21 11:14:10.836 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on usr/lib/locale/C.utf8/.apk.f1fd10d7f95d01661d11fdcccca4c470f94d4e1a3314577e: Operation not permitted
Nov 21 11:14:10.836 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on usr/lib/locale/C.utf8/.apk.5f57c16f47a7ecb58ea0762dccc0c849a8f2fb80c787d195: Operation not permitted
Nov 21 11:14:10.837 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on usr/lib/locale/C.utf8/LC_MESSAGES/.apk.c19ad216c563b1653020076ef6b3694f100652dac783a4ad: Operation not permitted
Nov 21 11:14:10.837 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on usr/lib/locale/C.utf8/.apk.b5c0e8e6a911c41703bc3161b848ec32a2a87f414882d099: Operation not permitted
Nov 21 11:14:10.837 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on usr/lib/locale/C.utf8/.apk.94813668423964e4d5b457d12bd064f9b0bc00bfa32f37df: Operation not permitted
Nov 21 11:14:10.837 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on usr/lib/locale/C.utf8/.apk.9a18e6489d845f3e73dc659f6188a3978c263c926bd802be: Operation not permitted
Nov 21 11:14:10.837 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on usr/lib/locale/C.utf8/.apk.024cb2d30ee7e8935bce0c4dc9e23d9a7a33f05abea5c5d8: Operation not permitted
Nov 21 11:14:10.837 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on usr/lib/locale/C.utf8/.apk.cc753dc5baddc3d33fec3872781043dce8482f10ad57df56: Operation not permitted
Nov 21 11:14:10.837 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on usr/lib/locale/C.utf8/.apk.a63602a47a328489271ea9c52e42c018dd207ebfc4fa1f7e: Operation not permitted
Nov 21 11:14:10.839 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] (2/28) Installing wolfi-baselayout (20221104-r0)
Nov 21 11:14:11.616 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on etc/.apk.8a2baa2e28396c9087c2b3ee6a1d0778a0a4173cc5842992: Operation not permitted
Nov 21 11:14:11.616 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on etc/.apk.0959c3e0af2d1a502f64a6d55ed42b4adb17610db927b39e: Operation not permitted
Nov 21 11:14:11.616 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on etc/.apk.ec14d6d41cc8cc324e641927ce94e8d1d7d6551804868bd9: Operation not permitted
Nov 21 11:14:11.616 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on etc/.apk.31558c7218ceeee73f66d7835dd30ca9d27a1d2355f49b49: Operation not permitted
Nov 21 11:14:11.616 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on etc/.apk.04f961702857605827301f98034fd8c8067461867c263ea7: Operation not permitted
Nov 21 11:14:11.616 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on etc/.apk.689df64adcbf481096ee8eb0c9939506aa6116fc5dbff02d: Operation not permitted
Nov 21 11:14:11.616 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on etc/.apk.2d99ed5e72ea9348f4e1f7f36c8b93bc8faa63eb0868a291: Operation not permitted
Nov 21 11:14:11.616 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on etc/.apk.13549a865d426bbf83442ae8e20392f76847e69a1d073287: Operation not permitted
Nov 21 11:14:11.616 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on etc/profile.d/.apk.f8f73dcb21a074cc87d08407e40f4cdd1ccc85078a2e9980: Operation not permitted
Nov 21 11:14:11.616 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on etc/.apk.2f1d585fd01e79fbe5c2e6daae73d9ca386c3b573c1d1f47: Operation not permitted
Nov 21 11:14:11.616 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on etc/secfixes.d/.apk.f3e56394b6bd395f1541db48dc58d141a97f2f82e4d463b8: Operation not permitted
Nov 21 11:14:11.616 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on etc/.apk.59dc48c578fa5c56185d3e03f4dacbd8c20f4fbc263a95a0: Operation not permitted
Nov 21 11:14:11.616 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on etc/.apk.3625be60bca236d3e4835c19cd1e5a6e6942b15a0502cbb6: Operation not permitted
Nov 21 11:14:11.616 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on etc/.apk.5fb8ff9b2731ae1fc8e58480287da6bc9696b0390de208dd: Operation not permitted
Nov 21 11:14:11.616 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on .apk.8c5316ac82a84b939a2a3a8be5cdc401508899a847da55b2: Operation not permitted
Nov 21 11:14:11.616 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on usr/.apk.54291f3457b235ebd63ebdbc485ebfdab80768bb04c03d7a: Operation not permitted
Nov 21 11:14:11.616 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on usr/local/.apk.d9ef385ba3b4dd95a5a1d04342db1f7d38c0aeb69081fd02: Operation not permitted
Nov 21 11:14:11.618 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on var/spool/cron/.apk.d381425141bb1314a24fea0a48e44884283d5ecdb6c79248: Operation not permitted
Nov 21 11:14:11.618 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on var/spool/.apk.14733b10e279aff9b895d3700110628766ee9d80cb3ba788: Operation not permitted
Nov 21 11:14:11.619 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] (3/28) Installing glibc (2.36-r3)
Nov 21 11:14:12.592 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on etc/.apk.6f1fd5a76d7a81912d000f834ad70b2761e67de0327fc43e: Operation not permitted
Nov 21 11:14:12.593 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on etc/.apk.ca409f3ed95d0245d226f793046b0e8b9fb9e687a20f67ab: Operation not permitted
Nov 21 11:14:12.594 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on lib64/.apk.99a0ed552bf2dda933724ad748bf32766ab99f280f83461a: Operation not permitted
Nov 21 11:14:12.647 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on lib64/.apk.7011ca73627946d0bc5674788872e9e208bf56d810a41597: Operation not permitted
Nov 21 11:14:12.648 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on lib64/.apk.cff9356eb015197ed98072b1da56583d2526ae02313be804: Operation not permitted
Nov 21 11:14:12.785 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on lib64/.apk.83b895bfc094998119256d76ab1094c47aa97c05f2e99421: Operation not permitted
Nov 21 11:14:12.785 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on lib64/.apk.183d84932c8ca825d81e97c95b551151477ea75315fe515d: Operation not permitted
Nov 21 11:14:12.786 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on lib64/.apk.8c89845544ccc5f50d2cacf472b1bacc20260e8bbb62b519: Operation not permitted
Nov 21 11:14:12.786 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on lib64/.apk.902eb80d48c925c836ee8ab455412a7badd7378a532fe68e: Operation not permitted
Nov 21 11:14:12.982 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on lib64/.apk.6de101e8ae34602656432b7668a1a5089e5495c9f77bb1c1: Operation not permitted
Nov 21 11:14:12.982 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on lib64/.apk.d07c26613e3be0432e6e6bf30801942e4183eda834582825: Operation not permitted
Nov 21 11:14:12.991 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on lib64/.apk.fef9f9afb360e34b405d34fdfe8da249ca1ba72a4ea51b01: Operation not permitted
Nov 21 11:14:12.992 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on lib64/.apk.001d2a733de3cb4e22f692213c10b30f8ea0833361d5fa99: Operation not permitted
Nov 21 11:14:13.066 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on lib64/.apk.9c6ce75cb4e406754396892eeed8429f651d1c12a6cf1176: Operation not permitted
Nov 21 11:14:13.066 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on lib64/.apk.f873037417407e8016ab4498835679490ce049a50357dea3: Operation not permitted
Nov 21 11:14:13.066 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on lib64/.apk.fd867656f95c2370f9105a83a94fd15ea0742587eb48ab38: Operation not permitted
Nov 21 11:14:13.066 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on lib64/.apk.8e096d1943e86a038ec560a9935840ff3d8cc65157d7da86: Operation not permitted
Nov 21 11:14:13.067 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on lib64/.apk.b11cecb53d64a8943d67a8700d4824bc78e34f5d338dbcb0: Operation not permitted
Nov 21 11:14:13.068 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on lib64/.apk.e80d380aee20021561226670142658932542e66e83330f4f: Operation not permitted
Nov 21 11:14:13.069 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on lib64/.apk.35acfcbecf57b94b3add30ab1ee37e558af21e798b8c3725: Operation not permitted
Nov 21 11:14:13.069 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on lib64/.apk.a76e4a22890991a6429f5150f4de461d9317e2974838350d: Operation not permitted
Nov 21 11:14:13.250 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on sbin/.apk.0fb617949268a3cd97e912320cdfaaa36e305651e4b07c52: Operation not permitted
Nov 21 11:14:13.250 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on usr/bin/.apk.03b7730999fba73ce71323d1cb7b7a24395d5e97daec0d58: Operation not permitted
Nov 21 11:14:13.253 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] (4/28) Installing binutils (2.39-r3)
Nov 21 11:14:14.413 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on usr/bin/.apk.a285a4de33ad7fe5ccfc0ed9c3bf7e4e872dcfa2d08df170: Operation not permitted
Nov 21 11:14:14.623 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on usr/bin/.apk.da08b2e558f46a503114bd1dd80920e2b4d29cf437493fad: Operation not permitted
Nov 21 11:14:14.683 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on usr/bin/.apk.09d09f063efae006b1b5cb569f8130cf7621ebb8e569b2ee: Operation not permitted
Nov 21 11:14:14.764 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on usr/bin/.apk.7db5fa91e9dbd189720acb7baae5385d6bf5770236bc9051: Operation not permitted
Nov 21 11:14:14.779 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on usr/bin/.apk.1e623a84198bda1c7473aa0d068089851b7fa060faa0fd08: Operation not permitted
Nov 21 11:14:14.923 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on usr/bin/.apk.97f06c55bdf7aa50476291aafc37a0fd650b3b209c0c62f3: Operation not permitted
Nov 21 11:14:14.952 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on usr/bin/.apk.c86adac419ecc7ac1bd13a960cb6329a1503e4c674f28fbc: Operation not permitted
Nov 21 11:14:14.958 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:false] [use-qemu:] ERROR: Failed to set ownership on usr/bin/.apk.616ee3c7854012d188f084692bdd18b515f4e81211438be6: Operation not permitted

cc @developer-guy

[06kellyjac]

use-proot can help with some of this but I still ran into this after:

Dec  2 10:24:36.846 [DEBUG] [arch:x86_64] [cmd:apk] [use-proot:true] [use-qemu:] OK: 10 MiB in 25 packages
Error: failed to build layer image: failed to mutate accounts: chown(3, 4) = chown /tmp/apko-411772834/var/adm: operation not permitted
2022/12/02 10:24:36 error during command execution: failed to build layer image: failed to mutate accounts: chown(3, 4) = chown /tmp/apko-411772834/var/adm: operation not permitted

[Dentrax]

@kaniini Do you have any thoughts on this? We can get to it if we find a better UX. What about the fail-fast if apko is not running in privileged mode?