From 80dcddef36ba916d44ef759ef2eea0b6a368f13c Mon Sep 17 00:00:00 2001 From: Valentin Rothberg Date: Mon, 22 Mar 2021 11:28:11 +0100 Subject: [PATCH] skopeo images: set authfile to /tmp/auth.json The Skopeo images set `REGISTRY_AUTH_FILE=/auth.json` which is breaking non-root users inside the container from logging in (`/` is writable by root only). Setting it to `/tmp/auth.json` will support running non-root users inside the container. Fixes: #1233 Signed-off-by: Valentin Rothberg --- contrib/skopeoimage/stable/Dockerfile | 2 +- contrib/skopeoimage/testing/Dockerfile | 2 +- contrib/skopeoimage/upstream/Dockerfile | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/contrib/skopeoimage/stable/Dockerfile b/contrib/skopeoimage/stable/Dockerfile index 27b88a0c..ef2b1223 100644 --- a/contrib/skopeoimage/stable/Dockerfile +++ b/contrib/skopeoimage/stable/Dockerfile @@ -27,7 +27,7 @@ RUN echo skopeo:100000:65536 > /etc/subuid RUN echo skopeo:100000:65536 > /etc/subgid # Point to the Authorization file -ENV REGISTRY_AUTH_FILE=/auth.json +ENV REGISTRY_AUTH_FILE=/tmp/auth.json # Set the entrypoint ENTRYPOINT ["/usr/bin/skopeo"] diff --git a/contrib/skopeoimage/testing/Dockerfile b/contrib/skopeoimage/testing/Dockerfile index 7c4e22fc..71df2b7e 100644 --- a/contrib/skopeoimage/testing/Dockerfile +++ b/contrib/skopeoimage/testing/Dockerfile @@ -28,7 +28,7 @@ RUN echo skopeo:100000:65536 > /etc/subuid RUN echo skopeo:100000:65536 > /etc/subgid # Point to the Authorization file -ENV REGISTRY_AUTH_FILE=/auth.json +ENV REGISTRY_AUTH_FILE=/tmp/auth.json # Set the entrypoint ENTRYPOINT ["/usr/bin/skopeo"] diff --git a/contrib/skopeoimage/upstream/Dockerfile b/contrib/skopeoimage/upstream/Dockerfile index f8b58dd9..bf6df23f 100644 --- a/contrib/skopeoimage/upstream/Dockerfile +++ b/contrib/skopeoimage/upstream/Dockerfile @@ -48,7 +48,7 @@ RUN echo skopeo:100000:65536 > /etc/subuid RUN echo skopeo:100000:65536 > /etc/subgid # Point to the Authorization file -ENV REGISTRY_AUTH_FILE=/auth.json +ENV REGISTRY_AUTH_FILE=/tmp/auth.json # Set the entrypoint ENTRYPOINT ["/usr/bin/skopeo"]