JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

dockerTools.buildImage: add /nix/store with correct permissions

Browse Source 
Fixes #38835.
This commit is contained in:
Jean-Philippe Braun 2018-04-12 13:03:56 +02:00
parent b70ad2ac31
commit 9751771c73
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
pkgs/build-support/docker/default.nix
View File

@ -497,6 +497,16 @@ rec {
# Record the contents of the tarball with ls_tar. # Record the contents of the tarball with ls_tar.
ls_tar temp/layer.tar >> baseFiles ls_tar temp/layer.tar >> baseFiles
# Append nix/store directory to the layer so that when the layer is loaded in the
# image /nix/store has read permissions for non-root users.
# nix/store is added only if the layer has /nix/store paths in it.
if [ $(wc -l < $layerClosure) -gt 1 ] && [ $(grep -c -e "^/nix/store$" baseFiles) -eq 0 ]; then
mkdir -p nix/store
chmod -R 555 nix
echo "./nix" >> layerFiles
echo "./nix/store" >> layerFiles
fi
# Get the files in the new layer which were *not* present in # Get the files in the new layer which were *not* present in
# the old layer, and record them as newFiles. # the old layer, and record them as newFiles.
comm <(sort -n baseFiles|uniq) \ comm <(sort -n baseFiles|uniq) \