Build assumes umask is 0002

Decided not to PR this because the problem and the fix are trivial and I didn't want to kick off another CI build. Something like the following is required (for all archs)

--- ../docker-booksonic-air.sd/Dockerfile.armhf 2022-06-06 14:38:12.824342268 +0100
+++ Dockerfile.armhf    2022-06-06 14:33:45.435119031 +0100
@@ -45,6 +45,7 @@

 # add local files
 COPY root/ /
+RUN chmod a+rx /etc

 # ports and volumes
 EXPOSE 4040

Expected Behavior

Build should not depend on details of developer's environment, e.g. umask.

Current Behavior

docker/buildah copies the permissions of source files when using the COPY Dockerfile command; if developer's umask is 0007, this means read access is denied for non-root users to any files copied in and any parent directories touched in the process. In this project, files are copied into /etc, so /et ends up lacking world-read permissions. /etc/services.d/booksonic-air/run then uses s6-setuidgid to become user abc, and consequently fails to run the java command, as it is a symlink into /etc/alternatives.

Steps to Reproduce

Set umask to 0007, build the project, test.

Environment

OS:Ubuntu 22.04 (build); Raspbian 10 (target/test) CPU architecture: x86_64 (build); arm32 (target/test) How docker service was installed: podman and buildah installed from the 'kubic' repo linked from the official podman install instructions.

Command used to create docker container (run/create/compose/screenshot)

/usr/bin/podman run --conmon-pidfile %t/container-booksonic-air.pid --cidfile %t/container-booksonic-air.ctr-id --cgroups=no-conmon -d --name=booksonic-air -e JAVA_OPTS="-Xmx350m" -e PUID=1000 -e PGID=10000 -e TZ=Europe/London -e CONTEXT_PATH=booksonic -p 8080:4040 -v /config/booksonic-air:/config -v /vol/media:/vol/media -v /vol/media-audio:/vol/media-audio b88e3468e198

Docker logs

Jun 05 03:19:38 ocihost conmon[1896]: s6-applyuidgid: fatal: unable to exec java: Permission denied

linuxserver / docker-booksonic-air