Default behavior of super-user mode tar is to keep uid/gid and permissions in extracting files/directories from archives. It conflicts with security settings of rootless mode podman while building container images from recent releases of ubuntu and fedora, resulting in errors as follows: tar: latexpand-v1.3/tests/df-conflict/b: Cannot change mode to rwxrwxr-x: Operation not permitted tar: latexpand-v1.3/tests/df-conflict: Cannot change mode to rwxrwxr-x: Operation not permitted tar: latexpand-v1.3/tests/expected/err: Cannot change mode to rwxrwxr-x: Operation not permitted tar: latexpand-v1.3/tests/expected: Cannot change mode to rwxrwxr-x: Operation not permitted tar: latexpand-v1.3/tests: Cannot change mode to rwxrwxr-x: Operation not permitted tar: latexpand-v1.3: Cannot change mode to rwxrwxr-x: Operation not permitted tar: Exiting with failure status due to previous errors Add --no-same-owner and --no-same-permission options to tar and make it behave the same way as in its normal-user mode. Signed-off-by: Akira Yokosawa <akiyks@xxxxxxxxx> --- docker/Dockerfile | 2 +- docker/Dockerfile.fedora | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index 66fd2b3f..c3e2a237 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -14,7 +14,7 @@ RUN apt-get update && apt-get install -y fig2ps inkscape xfig graphviz psutils \ COPY steel-city-comic.regular.ttf /usr/local/share/fonts/ RUN fc-cache /usr/local/share/fonts/ WORKDIR /opt -RUN curl https://gitlab.com/latexpand/latexpand/-/archive/v1.3/latexpand-v1.3.tar.gz -o - | tar xfz - && \ +RUN curl https://gitlab.com/latexpand/latexpand/-/archive/v1.3/latexpand-v1.3.tar.gz -o - | tar --no-same-owner --no-same-permissions -xzf - && \ sed -i -e 's/@LATEXPAND_VERSION@/v1.3/' latexpand-*/latexpand && \ cp latexpand-*/latexpand /usr/local/bin ARG uid=0 diff --git a/docker/Dockerfile.fedora b/docker/Dockerfile.fedora index 6812163a..cb652680 100644 --- a/docker/Dockerfile.fedora +++ b/docker/Dockerfile.fedora @@ -16,7 +16,7 @@ RUN dnf -y update && dnf install -y --setopt=tsflags=nodocs \ COPY steel-city-comic.regular.ttf /usr/local/share/fonts/ RUN fc-cache /usr/local/share/fonts/ WORKDIR /opt -RUN curl https://gitlab.com/latexpand/latexpand/-/archive/v1.3/latexpand-v1.3.tar.gz -o - | tar xfz - && \ +RUN curl https://gitlab.com/latexpand/latexpand/-/archive/v1.3/latexpand-v1.3.tar.gz -o - | tar --no-same-owner --no-same-permissions -xzf - && \ sed -i -e 's/@LATEXPAND_VERSION@/v1.3/' latexpand-*/latexpand && \ cp latexpand-*/latexpand /usr/local/bin ARG uid=0 base-commit: ac7686132a63f3d47fd18aa3f767610346ff484b -- 2.34.1
