Reputation: 2436
Docker COPY command give 777 access to the copied file
In my docker file I have below command:
USER gerrit
COPY gerrit-default-config /var/gerrit/etc/gerrit.config
Running the image I see that the file access number is 777. Is it default value? Is there a way to change the access other than running chmod after each COPY?
RUN chmod 600 /var/gerrit/etc/gerrit.config
Upvotes: 22
Views: 40167
Answers (2)
Reputation: 612
Update 2021: there's now a flag for ADD and COPY.
(Docker Engine >= 20.10, Docker BuildKit enabled, docker/dockerfile >= 1.3)
# syntax=docker/dockerfile:1
FROM debian:buster
COPY --chmod=0644 file /path
Because file usages are written in the Dockerfile (i.e. which serves as documentation), it makes sense to explicit the permissions in the Dockerfile too, rather than in another file hidden in the CICD process.
FTR Git does not store Unix permissions, only the executable flag.
Upvotes: 13
Reputation: 3683
The permissions are inherited from your host. If that file is on 777 on your host before copying then you get 777 in the container.
If you don't want 777 here ever, just chmod it to 600 in the host.
Source: https://github.com/docker/docker/issues/6333
Upvotes: 24
Related Questions
- Why does docker cp of directory hierarchy out of container fail with permission denied?
- Docker Copy and change owner
- Dockerfile: unable to copy file
- Why Docker COPY doesn't change file permissions? (--chmod)
- COPY in dockerfile changes from expected user to root user
- File ownership after docker cp
- Dockerfile: COPY does not work (even tho he can find the file)
- Docker `COPY` file not working
- Docker can't write to directory mounted using -v unless it has 777 permissions
- Docker, strange issue with permissions in copied resources