moby: ADD and COPY does not work correctly with nested directory

ADD nested directory does not work well.

This is reproduce step:

Directory:

.
├── Dockerfile
├── parent-dir
│   ├── child-dir
│   │   └── child.txt
│   └── parent.txt
└── reproduce.txt

This is Dockerfile: https://github.com/sanemat/copy-example/blob/e4d6e6ea67ed9e9274830e0d23539ee6b3467f7d/Dockerfile

This is example repo https://github.com/sanemat/copy-example

How to reproduce: $ git clone https://github.com/sanemat/copy-example.git $ cd copy-example $ chmod -R go-rwx .

$ ls -alR

total 16
drwx------   7 sane  staff  238  8 10 21:27 .
drwxr-xr-x   5 sane  staff  170  8 10 21:16 ..
drwx------  12 sane  staff  408  8 10 21:27 .git
drwx------  10 sane  staff  340  8 10 21:27 .idea
-rw-------   1 sane  staff  265  8 10 21:24 Dockerfile
drwx------   4 sane  staff  136  8 10 21:17 parent-dir
-rw-------   1 sane  staff   29  8 10 21:27 reproduce.txt

(snip)

./parent-dir:
total 8
drwx------  4 sane  staff  136  8 10 21:17 .
drwx------  7 sane  staff  238  8 10 21:27 ..
drwx------  3 sane  staff  102  8 10 21:18 child-dir
-rw-------  1 sane  staff    7  8 10 21:17 parent.txt

./parent-dir/child-dir:
total 8
drwx------  3 sane  staff  102  8 10 21:18 .
drwx------  4 sane  staff  136  8 10 21:17 ..
-rw-------  1 sane  staff    6  8 10 21:18 child.txt

$ docker build -t sanemat/copy-example . $ docker run -t -i sanemat/copy-example:latest /bin/bash

% ls -alR /code/parent/

  /code/parent/:
  total 16
  drwxrwxrwx 4 root root 4096 Aug 10 12:49 .
  drwxrwxrwx 4 root root 4096 Aug 10 12:49 ..
  drwxrwxrwx 2 root root 4096 Aug 10 12:49 child-dir
  -rwxrwxrwx 1 root root    7 Aug 10 12:48 parent.txt
  ls: cannot open directory /code/parent/child-dir: Permission denied

% cd /code/parent/child-dir

bash: cd: /code/parent/child-dir: Permission denied

My env:

$ docker version
Client version: 1.1.2
Client API version: 1.13
Go version (client): go1.2.1
Git commit (client): d84a070
Server version: 1.1.2
Server API version: 1.13
Go version (server): go1.2.1
Git commit (server): d84a070

$ docker -D info
Containers: 44
Images: 157
Storage Driver: aufs
 Root Dir: /var/lib/docker/aufs
 Dirs: 247
Execution Driver: native-0.2
Kernel Version: 3.13.0-24-generic
Debug mode (server): false
Debug mode (client): true
Fds: 29
Goroutines: 67
EventsListeners: 2
Init Path: /usr/bin/docker
Sockets: [unix:///var/run/docker.sock]
WARNING: No swap limit support

$  uname -a
Linux mouse.tachikoma.io 3.13.0-24-generic #46-Ubuntu SMP Thu Apr 10 19:11:08 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

About this issue

  • Original URL
  • State: closed
  • Created 10 years ago
  • Comments: 17 (10 by maintainers)

Most upvoted comments

Maybe @thaJeztah… and if the culprit is the one in @jpetazzo https://github.com/docker/docker/issues/783#issuecomment-19237045 there is no hope that it will be fixed (at least in the near future); moreover I don’t want to play with other storage drivers (mostly because I use Docker in multiple setups/servers and I don’t want to mess with all of them, or to introduce risky dependencies on storage drivers in my Dockerfiles).

I worked out this “solution” (just a dirt workaround, I admit), that I report here in case someone is stuck in a situation like mine: just COPY the content under /tmp and then cp it where it belongs (and fix its permissions and ownership). In the above example, just replace the COPY line with:

COPY ./dir /tmp/dir
RUN cp -r /tmp/dir /dir && chown -R test:test -R /dir && rm -rf /tmp/dir

and everything will work as expected!

+2
mapio on Jan 8, 2015
Read more comments on GitHub
← moby: access private registry: x509: certificate signed by unknown authority
moby: add-apt-repository fails on Raspbian (Jessie) →