search

docker-library / openjdk

Docker Official Image packaging for EA builds of OpenJDK from Oracle
http://openjdk.java.net
MIT License
1.14k stars 471 forks source link

Issue with openjdk/8u302-jdk bullseye image #469

Closed cyber-pleco closed 2 years ago

cyber-pleco commented 2 years ago 
I recently downloaded this image from dockerhub:  openjdk/8u302-jdk (bullseye)

https://hub.docker.com/layers/openjdk/library/openjdk/8u302-jdk/images/sha256-32e884a04cbfd8d6b9732d506c6625b057fffd7343591dcc6bcb4832c6025429?context=explore

Upon going into the container to look around, I see a lot strange file issues like this.

jenkins@499ee0918f6a:~$ ls
ls: cannot access 'agent': Operation not permitted
ls: cannot access 'caches': Operation not permitted
ls: cannot access 'workspace': Operation not permitted
agent  caches  workspace
jenkins@499ee0918f6a:~$ ls -al
ls: cannot access '.': Operation not permitted
ls: cannot access '..': Operation not permitted
ls: cannot access '.bash_logout': Operation not permitted
ls: cannot access '.bashrc': Operation not permitted
ls: cannot access '.profile': Operation not permitted
ls: cannot access '.jenkins': Operation not permitted
ls: cannot access 'agent': Operation not permitted
ls: cannot access '.ssh': Operation not permitted
ls: cannot access '.cache': Operation not permitted
ls: cannot access '.bash_history': Operation not permitted
ls: cannot access 'caches': Operation not permitted
ls: cannot access 'workspace': Operation not permitted
ls: cannot access '.config': Operation not permitted
total 0
?????????? ? ? ? ?            ? .
?????????? ? ? ? ?            ? ..
?????????? ? ? ? ?            ? .bash_history
?????????? ? ? ? ?            ? .bash_logout
?????????? ? ? ? ?            ? .bashrc
?????????? ? ? ? ?            ? .cache
?????????? ? ? ? ?            ? .config
?????????? ? ? ? ?            ? .jenkins
?????????? ? ? ? ?            ? .profile
?????????? ? ? ? ?            ? .ssh
?????????? ? ? ? ?            ? agent
?????????? ? ? ? ?            ? caches
?????????? ? ? ? ?            ? workspace

This seems like it could be related to this issue that other people have seen:
https://forums.docker.com/t/multiple-projects-stopped-building-on-docker-hub-operation-not-permitted/92570/3

I tried building from your github Dockerfile, but that's not working for me, either.  :(

Saving to: ‘openjdk.tgz.asc’

     0K                                    100% 58.8M=0s

2021-10-04 19:17:32 (58.8 MB/s) - ‘openjdk.tgz.asc’ saved [543/543]

+ mktemp -d
+ export GNUPGHOME=/tmp/tmp.TygS1tZRte
+ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys EAC843EBD3EFDB98CC772FADA5CD6035332FA671
gpg: keybox '/tmp/tmp.TygS1tZRte/pubring.kbx' created
gpg: keyserver receive failed: End of file
The command '/bin/sh -c set -eux;               arch="$(dpkg --print-architecture)";    case "$arch" in                 'amd64') downloadUrl='https://github.com/AdoptOpenJDK/openjdk8-upstream-binaries/releases/download/jdk8u302-b08/OpenJDK8U-jdk_x64_linux_8u302b08.tar.gz';                   ;;              'arm64')                        downloadUrl='https://github.com/AdoptOpenJDK/openjdk8-upstream-binaries/releases/download/jdk8u302-b08/OpenJDK8U-jdk_aarch64_linux_8u302b08.tar.gz';                      ;;       *) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;;        esac;           wget --progress=dot:giga -O openjdk.tgz "$downloadUrl";   wget --progress=dot:giga -O openjdk.tgz.asc "$downloadUrl.sign";                export GNUPGHOME="$(mktemp -d)"; gpg --batch --keyserver keyserver.ubuntu.com --recv-keys EAC843EBD3EFDB98CC772FADA5CD6035332FA671;       gpg --batch --keyserver keyserver.ubuntu.com --keyserver-options no-self-sigs-only --recv-keys CA5F11C6CE22644D42C6AC4492EF8D39DC13168F;  gpg --batch --list-sigs --keyid-format 0xLONG CA5F11C6CE22644D42C6AC4492EF8D39DC13168F            | tee /dev/stderr               | grep '0xA5CD6035332FA671'               | grep 'Andrew Haley';  gpg --batch --verify openjdk.tgz.asc openjdk.tgz;       gpgconf --kill all;     rm -rf "$GNUPGHOME";              mkdir -p "$JAVA_HOME";  tar --extract           --file openjdk.tgz              --directory "$JAVA_HOME"          --strip-components 1            --no-same-owner         ;       rm openjdk.tgz*;                {               echo '#!/usr/bin/env bash';               echo 'set -Eeuo pipefail';              echo 'trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$JAVA_HOME/jre/lib/security/cacerts"';   } > /etc/ca-certificates/update.d/docker-openjdk;         chmod +x /etc/ca-certificates/update.d/docker-openjdk;  /etc/ca-certificates/update.d/docker-openjdk;           find "$JAVA_HOME/lib" -name '*.so' -exec dirname '{}' ';' | sort -u > /etc/ld.so.conf.d/docker-openjdk.conf;      ldconfig;        javac -version;  java -version' returned a non-zero code: 2
wglambert commented 2 years ago

You'll need to update Docker, runc, and likely libseccomp on your host https://github.com/docker-library/postgres/issues/884