Closed orlandohohmeier closed 3 years ago
@nalind @giuseppe I don't think this something we could do in Buildah? I would think this would have to be done with seccomp filtering or a flag to the fuse-filesystem to tell the kernel to return success when these xattrs are written.
The reason buildah can't do anything about this, is at the point that dnf or apt are writing the XATTRs, buildah is not involved. This is between the container process and the file system.
The reader for the updated ADD and COPY is in our copier package, so we can fix that.
Ok, but it would not fix it for RUN command.
@rhatdan true that but in the case I'm envisioning, that shouldn't be an issue.
Description
I'm running
buildah bud
in a docker container on macOS and the COPY command fails as the llistxattr operation isn't supported.Steps to reproduce the issue:
docker run -it --tty --rm --device /dev/fuse -v $(pwd):/workspace --security-opt seccomp=unconfined \ --security-opt apparmor=unconfined 5c55a682c0b4
buildah bud /workspace
Test Dockerfile in /workspace plus random files with and without extended attributes on the host system.
N.B. Commands such as
touch ./test; setfattr -n user.hello -v world ./test
fail as well as extended attributed are indeed not supported even when bind-mounting on macOS. Related: https://github.com/moby/moby/issues/1070Describe the results you received:
Buildah
Strace
... llistxattr resumed>0xc000482000, 65536) = -1 EOPNOTSUPP (Operation not supported)
Describe the results you expected:
I'd love for buildha to skip extened attributes (and just warn) if they're not supported by the underlying filesystem or the possibility to adjust the Copier GET
StripXattrs
option from the CLI.Output of
rpm -q buildah
orapt list buildah
:Output of
buildah version
:Output of
podman version
if reporting apodman build
issue:*Output of `cat /etc/release`:**
Output of
uname -a
:Output of
cat /etc/containers/storage.conf
: