Re: [Buildroot] [PATCH RFC 2/2] utils/docker-run: mount the download directory if specified

From: "Yann E. MORIN" <yann.morin.1998@free.fr>
To: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Christian Stewart <christian@paral.in>,
	Ricardo Martincoski <ricardo.martincoski@datacom.com.br>,
	Buildroot List <buildroot@buildroot.org>
Subject: Re: [Buildroot] [PATCH RFC 2/2] utils/docker-run: mount the download directory if specified
Date: Tue, 8 Aug 2023 22:50:47 +0200	[thread overview]
Message-ID: <20230808205047.GC421096@scaer> (raw)
In-Reply-To: <20230726212009.221147-2-thomas.petazzoni@bootlin.com>

Thomas, All,

On 2023-07-26 23:20 +0200, Thomas Petazzoni via buildroot spake thusly:
> If the user has defined $BR2_DL_DIR in the environment, it would be
> nice to have it accessible inside the Docker container, and the
> BR2_DL_DIR environment variable set to access it.
> 
> This commit does exactly this: it mounts the host $BR2_DL_DIR as /dl
> in the container, and sets BR2_DL_DIR=/dl in the container.
> 
> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
> ---
> Here as well, opinion from Docker expert would be useful. For example,
> with this change, the files added in the download directory are owned
> by $USER:docker and not $USER:$USER as would probably be expected.

Here, with --mount, they do belong to $USER:$USER...

So, I guess your issue is that /dl does not exist in the container, so
it is created by the docker runtime and thus group-belongs to docker,
and the SELinux labelling means that everything beneath it also belongs
to docker.

Also:

* what about files that already existed before: are the chgrp-ed to
  docker, or do they retain their group?

* and from within the container, whom do the files belong to?

Regards,
Yann E. MORIN.

> ---
>  utils/docker-run | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/utils/docker-run b/utils/docker-run
> index eee1aad7a4..6ea4311c68 100755
> --- a/utils/docker-run
> +++ b/utils/docker-run
> @@ -20,4 +20,8 @@ if tty -s; then
>      docker_opts+=( -t )
>  fi
>  
> +if test -n "${BR2_DL_DIR}"; then
> +    docker_opts+=( --volume "${BR2_DL_DIR}:/dl:Z" -e "BR2_DL_DIR=/dl" )
> +fi
> +
>  exec docker run "${docker_opts[@]}" "${IMAGE}" "${@}"
> -- 
> 2.41.0
> 
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 561 099 427 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot