New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
"docker exec -itu root <c> bash" and WORKDIR set to some user home directory results in permission error #37571
Comments
I tried this basing off Ubuntu instead of CentOS 7 and it worked fine. Looking at their official images their Dockerfile is pretty much copying over a |
Thank you for the suggestions! I will try to look into the SELinux issue. Due to business reasons changing the distro is out of the question, sadly. However, the behavior of docker has changed between versions 18.03.1-ce, build 9ee9f40, where this issue is not reproducible, and 18.06.0-ce, build 0ffa825 where this issue is present. Can you say which version behaves more correctly? (I tested the older version by first stopping everything incl. the dockerd, purging all images, installing Versions used:
|
Can you provide |
Here's the
And for 18.06.0-ce, build 0ffa825 where exec gives an error:
Additionally, I ran the dockerd with debug enabled. (Note that in this test I created |
Was there any update/workaround for this (aside from putting |
Description
With Docker version 18.06.0-ce, build 0ffa825, seems that
docker exec
with user set toroot
and working directory being inside a directory where only some other user than root has permissions (drwx------
) results in an error message about permissions.Steps to reproduce the issue:
docker build -t test-img .
docker run -dt --name test test-img
docker exec -itu root test bash
to get the error message.Describe the results you received:
OCI runtime exec failed: exec failed: container_linux.go:348: starting container process caused "chdir to cwd (\"/home/test\") set in config.json failed: permission denied": unknown
Describe the results you expected:
This behavior was not present in Docker version 17.12.0-ce, build c97c6d6;
docker exec -itu root test bash
worked fine.I would expect root to be able to chdir into any directory, regardless of the directory's permissions.
Additional information you deem important (e.g. issue happens only occasionally):
Commands
docker exec -itu root -w / test bash
anddocker exec -it test bash
work. Alsodocker exec -itu root -w / test bash -c "cd /home/test && pwd"
worksNote that running the docker with
docker run -itu root --name test test-img bash
does not produce the error.Output of
docker version
:Output of
docker info
:The text was updated successfully, but these errors were encountered: