moby: Permission denied for directories created automatically by Dockerfile ADD command
As part of a Dockerfile I’m running:
ADD id_rsa.pub /home/ubuntu/.ssh/authorized_keys
RUN chown ubuntu:ubuntu -R /home/ubuntu/.ssh
The user account and home directory already exist, so the Docker build process is only creating the .ssh directory. When I log in as ubuntu to the container, no matter what I do I cannot cd to this directory. The permissions and ownership are correct:
$ ls -ld .ssh
drwx------ 2 ubuntu ubuntu 4096 Jul 25 19:26 .ssh
$ whoami
ubuntu
$ id
uid=1000(ubuntu) gid=1000(ubuntu) groups=1000(ubuntu)
$ ls -nd .ssh
drwx------ 2 1000 1000 4096 Jul 25 19:26 .ssh
$ cd .ssh
-su: cd: .ssh: Permission denied
When I create the directory explicitly before hand then it works as expected:
RUN mkdir /home/ubuntu/.ssh/
RUN chown ubuntu:ubuntu -R /home/ubuntu/.ssh
ADD id_rsa.pub /home/ubuntu/.ssh/authorized_keys
For the life of me I can’t figure out what the difference is. I checked the SELinux context (none) and the Posix ACL (no extended ACLs set).
About this issue
- Original URL
- State: closed
- Created 11 years ago
- Comments: 53 (11 by maintainers)
Commits related to this issue
- Workaround https://github.com/docker/docker/issues/1295 — committed to oondeo/docker-odoo by deleted user 10 years ago
- work around for https://github.com/docker/docker/issues/1295 — committed to y-asano/primecloud-controller-build by y-asano 8 years ago
- work around for https://github.com/docker/docker/issues/1295 — committed to y-asano/primecloud-controller-build by y-asano 8 years ago
- Merge pull request #7 from y-asano/handle_ovl work around for https://github.com/docker/docker/issues/1295 — committed to primecloud-controller-org/primecloud-controller-build by y-asano 8 years ago
We had this kind of issue with
docker import
. You can manually set 700 to ~/.ssh and it works. I tried with this Dockerfile: