Open
Description
Steps to reproduce the issue:
- Put a Dockerfile in
/tmp - Ensure there's some non-readable/non-accessible folder in
/tmptoo (e.g a systemd PrivateTmp folder) - From somewhere else (e.g.
~/) runDOCKER_BUILDKIT=1 docker build -f /tmp/Dockerfile .
Describe the results you received:
$ DOCKER_BUILDKIT=1 docker build -f /tmp/Dockerfile .
[+] Building 0.1s (2/2) FINISHED
=> [internal] load .dockerignore 0.0s
=> => transferring context: 55B 0.0s
=> ERROR [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 144B 0.0s
------
> [internal] load build definition from Dockerfile:
------
failed to solve with frontend dockerfile.v0: failed to resolve dockerfile: failed to build LLB: error from sender: open /tmp/systemd-private-59aef507f5954ec69c62db609c0164a3-ModemManager.service-4ohfhM: permission denied
Describe the results you expected:
The image is built successfully without trying to open other files/folders in /tmp.
Additional information you deem important (e.g. issue happens only occasionally):
Only happens with DOCKER_BUIILDKIT=1, if I'm not using buildkit, everything works fine.
Output of docker version:
$ docker version
Client: Docker Engine - Community
Version: 19.03.5
API version: 1.40
Go version: go1.12.12
Git commit: 633a0ea838
Built: Wed Nov 13 07:29:52 2019
OS/Arch: linux/amd64
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 19.03.5
API version: 1.40 (minimum version 1.12)
Go version: go1.12.12
Git commit: 633a0ea838
Built: Wed Nov 13 07:28:22 2019
OS/Arch: linux/amd64
Experimental: true
containerd:
Version: 1.2.10
GitCommit: b34a5c8af56e510852c35414db4c1f4fa6172339
runc:
Version: 1.0.0-rc8+dev
GitCommit: 3e425f80a8c931f88e6d94a8c831b9d5aa481657
docker-init:
Version: 0.18.0
GitCommit: fec3683
Output of docker info:
$ docker info
Client:
Debug Mode: false
Plugins:
app: Docker Application (Docker Inc., v0.8.0)
buildx: Build with BuildKit (Docker Inc., v0.3.1-tp-docker)
Server:
Containers: 11
Running: 0
Paused: 0
Stopped: 11
Images: 88
Server Version: 19.03.5
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: b34a5c8af56e510852c35414db4c1f4fa6172339
runc version: 3e425f80a8c931f88e6d94a8c831b9d5aa481657
init version: fec3683
Security Options:
apparmor
seccomp
Profile: default
Kernel Version: 5.4.7-050407-generic
Operating System: Linux Mint 19.2
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 7.773GiB
Name: antares
ID: GEU5:P3UF:ZNZ4:JAS3:667E:A5EN:L3FO:IMQ5:7JZB:2GL6:PHXX:TB32
Docker Root Dir: /var/lib/docker
Debug Mode: true
File Descriptors: 23
Goroutines: 36
System Time: 2020-01-10T18:02:30.961875272Z
EventsListeners: 0
Username: bossmc
Registry: https://index.docker.io/v1/
Labels:
Experimental: true
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
WARNING: No swap limit support
Additional environment details (AWS, VirtualBox, physical, etc.):
Running on a VirtualBox VM.