Set explicit ACL on test files

It seems that the default ACLs inherited from the parent folder on Windows Server 2022, does not include "CREATOR OWNER" as it does on Windows Server 2019. This sets explicit ACLs on test files. Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
containerd · Dec 3, 2021 · 9cc0d1f · 9cc0d1f
1 parent 106086d
commit 9cc0d1f
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 4 deletions.
diff --git a/integration/images/volume-copy-up/Dockerfile_windows b/integration/images/volume-copy-up/Dockerfile_windows
@@ -26,8 +26,11 @@ RUN cmd.exe /c "@echo off && FOR %i in (%BUSYBOX_EXES%) do (mklink %i.exe busybo
 
 USER ContainerUser
 
-RUN cmd.exe /c mkdir C:\test_dir
-
+RUN mkdir C:\test_dir
+# Explicitly set full access rights for "CREATOR OWNER". While
+# this is set by default for Windows Server 2019, it seems that
+# on Windows Server 2022 it is not.
+RUN icacls C:\test_dir /grant "CREATOR OWNER":(OI)(CI)(IO)F /T
 RUN /bin/sh.exe -c "echo test_content > /test_dir/test_file"
 
 ENV PATH="C:\bin;C:\Windows\System32;C:\Windows;"

diff --git a/integration/images/volume-ownership/Dockerfile_windows b/integration/images/volume-ownership/Dockerfile_windows
@@ -25,10 +25,14 @@ WORKDIR C:/bin
 ADD tools/get_owner_windows.exe C:/bin/get_owner.exe
 RUN cmd.exe /c "@echo off && FOR %i in (%BUSYBOX_EXES%) do (mklink %i.exe busybox.exe)"
 
-RUN cmd.exe /c mkdir C:\volumes
-
 USER ContainerUser
 
+RUN mkdir C:\volumes
+# Explicitly set full access rights for "CREATOR OWNER". While
+# this is set by default for Windows Server 2019, it seems that
+# on Windows Server 2022 it is not.
+RUN icacls C:\volumes /grant "CREATOR OWNER":(OI)(CI)(IO)F /T
+
 RUN mkdir C:\volumes\test_dir
 RUN /bin/sh.exe -c "echo test_content > /volumes/test_dir/test_file"