Merge pull request #38837 from eonpatapon/fix-38835
dockerTools.buildImage: add /nix/store with correct permissions
This commit is contained in:
commit
c4dea092a3
1 changed files with 10 additions and 0 deletions
|
@ -497,6 +497,16 @@ rec {
|
|||
# Record the contents of the tarball with ls_tar.
|
||||
ls_tar temp/layer.tar >> baseFiles
|
||||
|
||||
# Append nix/store directory to the layer so that when the layer is loaded in the
|
||||
# image /nix/store has read permissions for non-root users.
|
||||
# nix/store is added only if the layer has /nix/store paths in it.
|
||||
if [ $(wc -l < $layerClosure) -gt 1 ] && [ $(grep -c -e "^/nix/store$" baseFiles) -eq 0 ]; then
|
||||
mkdir -p nix/store
|
||||
chmod -R 555 nix
|
||||
echo "./nix" >> layerFiles
|
||||
echo "./nix/store" >> layerFiles
|
||||
fi
|
||||
|
||||
# Get the files in the new layer which were *not* present in
|
||||
# the old layer, and record them as newFiles.
|
||||
comm <(sort -n baseFiles|uniq) \
|
||||
|
|
Loading…
Reference in a new issue