12:54 p.m.
Hi Daniel,
Is there a solitiom to make it work for my case. Just to change the permissions manually
with commands on the source of the migration to make it mode compatible? What directory i
need to chmod?
Sent from my iPhone
> On Jun 18, 2021, at 10:58 AM, Nalin Dahyabhai <nalin(a)redhat.com> wrote:
>
> On Wed, Jun 16, 2021 at 08:40:39AM -0400, Daniel Walsh wrote:
>> The mode is based on the underlying storage merge directory. Which I believe
>> is based on the images top level directory.
>
> The permissions for a container's rootfs are inherited from the image
> that was used to create it, and in that image's layers, we've defaulted
> each one to inheriting the permissions of its parent layer.
>
> For images like ubi8, which include the root directory itself, this
> means we preserve what it intended. For images like fedora, which
> don't, they get the default.
>
> At least, that's how it's worked with overlay since storage v1.24.
>
> Before that, I think that every layer started with a root directory with
> 0755 permissions, and if a layer was populated with a root directory
> with some other permissions, layers based on that layer did not inherit
> those permissions.
>
> This applied to the read-write layers of containers as well, so you'd
> see 0755 even if, like in the ubi8 image, you were supposed to get 0555.
>
> Depending on which software was used to pulled the image, you might
> still see the effects of the old behavior.
>
> HTH,
>
> Nalin
> _______________________________________________
> Podman mailing list -- podman(a)lists.podman.io
> To unsubscribe send an email to podman-leave(a)lists.podman.io