iximiuz
commented
1 year ago Merged! Sounds like a good improvement! Thanks for your contribution, Paul!
Closed pagousmile closed 1 year ago
iximiuz
commented
1 year ago Merged! Sounds like a good improvement! Thanks for your contribution, Paul!
Performed the extraction of the tarball from the original docker container in the build docker.
This allows calling tar as root and therefore uses the --preserve-permissions and --same-owner options by default. Using the --numeric-owner flag forces tar to use the archive's UID/GID numbers instead of names and maintains consistency with the UID/GID declared in the original docker (/etc/passwd, /etc/group).
In the previous case the archive was extracted in user mode and the property identifiers were lost. This ultimately amounted to having a VM with all the files owned by root:root. This could be a problem in the case of package installation that generates new users and deploys folders in the system with the new users as owner.