-
-
Notifications
You must be signed in to change notification settings - Fork 40.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug] Container build script mismatching permissions? #18130
Comments
Can't reproduce it, I'm afraid:
|
Perhaps try: qmk cd
find . -uid 0 If you get any files listed, then they're owned by |
@tzarc seems the difference is I'm using the workstation edition instead of the server:
|
The PR (#18932) got closed, how can we move this issue forward? I'm not sure what's wrong with adding the privileged flag in this scenario. |
Can you show the output of: |
@tzarc yes, thanks for the quick response!
No idea what to make of this, but looks like root owns it? However
|
Intriguing, looks like it's a
|
That is odd indeed, thoughts on adding the privileged flag when podman is used? |
All build outputs would be owned by root, in that case. Not ideal once you're back outside the container. |
@tzarc would've expected that too, you are talking about the bin files right? On inspection the bin files build with the privileged flags are still owned by me:
So I guess adding the privileged with podman seems to be the way to go? |
I'm also on Fedora, this looks to be an SELinux context issue rather than the container lacking any privileges. Using the Edit: A better overall solution maybe to update the documentation with instructions for the user to copy across the udev rules and remove the need for the use of |
Lifesaver, thank you. I was having the same issue. For a more concrete version of the solution, I changed this line in docker_build.sh:
to
I wonder if this option can be safely added to the docker build scripts upstream? |
If we can work out a command to test whether or not SELinux is in play and dynamically add it, sure. |
I don't think that's needed. Both docker and podman just ignore the I just verified that the script still works with the flag on a clean Ubuntu 23.04 install in a VM (Ubuntu doesn't use SELinux), using both docker and podman from the ubuntu repos. |
I am running Fedora 40 and adding the :z flag to docker_build.sh is giving me no joy. Has there been any movement or adjustment to this issue in the last eight months? The error I recieve with or without the :z flag added is as follows:
The first time I ran it, it downloaded a bunch of blobs before throwing this error. Now it is just the error. The command I am running is |
You have a typo... |
I was told that on Reddit and thought it was because I had not used copy/paste when writing the Reddit post. Turns out, I had made the same type twice. Thank you so much! I removed the :z flag and it still compiled so I assume this was fixed somewhere and I am just an idiot. |
Following the getting started docker guide, running
util/docker_build.sh planck/rev6:default
with Podman on Fedora 36 results in the following error:The text was updated successfully, but these errors were encountered: