Files appear to MOUNT as directories (possibly when docker user can't read them)

Question

Files appear to MOUNT as directories (possibly when docker user can't read them)

Closed this issue 7 years ago · 2 comments

Create a Rockerfile with the following entries:

MOUNT {{ .SSH_Key }} /root/.ssh/id_rsa
ATTACH ["/bin/sh"]

Then, build with an attach:

$ rocker build --attach -var SSH_Key=$HOME/.ssh/id_rsa

Then, in the interactive build shell:

$ ls -al /root/.ssh
/var/www/html # cd /root/.ssh
~/.ssh # ls -al
total 12
drwxr-xr-x    4 root     root          4096 Nov 13 20:38 .
drwx------    5 root     root          4096 Nov 13 20:38 ..
d-w-------    2 root     root          4096 Nov 13 19:17 id_rsa
~/.ssh #

⚠️ Note that the entry for id_rsa is understood to be a directory.

Answer 1 · 2017-11-13T21:00:20.000Z

This may actually be because the docker user hasn't got the permissions to read my private key file. Given that these restrictive permissions are enforced (and highly recommended) for security purposes, how do you guys deal with this issue? Are you simply setting your private keys to be readable by some specific group (or even all users)?

Answer 2 · 2017-11-21T11:43:36.000Z

On second thought, maybe it's better use to use docker-compose to achieve builds with ssh keys. Never mind.