setting up img Dockerfile
paleozogt opened this issue · 2 comments
paleozogt commented
I'd like to run img
from Docker, but from a Debian-based image:
FROM debian:buster
RUN apt-get update && apt-get install -y \
curl \
git \
uidmap \
&& rm -rf /var/lib/apt/lists/*
RUN export IMG_SHA256="cc9bf08794353ef57b400d32cd1065765253166b0a09fba360d927cfbd158088" \
&& curl -fSL "https://github.com/genuinetools/img/releases/download/v0.5.11/img-linux-amd64" -o "/usr/bin/img" \
&& echo "${IMG_SHA256} /usr/bin/img" | sha256sum -c - \
&& chmod a+x "/usr/bin/img"
ARG USERNAME=user
RUN adduser --gecos "" --disabled-password --uid 1000 $USERNAME
ENTRYPOINT [ "/usr/bin/img" ]
But building and running it fails:
$ docker build -t myimg .
...
$ docker run --rm -it -v$PWD:$PWD -w$PWD \
--security-opt seccomp=unconfined \
--security-opt apparmor=unconfined \
myimg build -t myimg .
Building docker.io/library/myimg:latest
Setting up the rootfs... this may take a bit.
WARN[0000] Process sandbox is not available, consider unmasking procfs:
WARN[0000] using host network as the default
[+] Building 3.1s (2/2) FINISHED
=> [internal] load .dockerignore 3.1s
=> => transferring context: 2B 0.0s
=> [internal] load build definition from Dockerfile 3.1s
=> => transferring dockerfile: 596B 0.1s
Error: failed to solve: failed to solve with frontend dockerfile.v0: failed to read dockerfile: failed to mount /tmp/buildkit-mount483403341: [{Type:bind Source:/root/.local/share/img/runc/native/snapshots/snapshots/1 Options:[rbind ro]}]: operation not permitted
However, running with the standard r.j3ss.co/img
image works:
$ docker run --rm -it -v$PWD:$PWD -w$PWD \
--security-opt seccomp=unconfined \
--security-opt apparmor=unconfined \
r.j3ss.co/img build -t myimg .
Building docker.io/library/foo:latest
Setting up the rootfs... this may take a bit.
WARN[0000] Process sandbox is not available, consider unmasking procfs: mount: permission denied (are you root?)
WARN[0000] using host network as the default
[+] Building 24.9s (9/9) FINISHED
...
Successfully built docker.io/library/foo:latest
Clearly something is missing from my Dockerfile, but I'm not sure what.