Docker permission errors are not ok

Aug 12, 2023 | Updated on Aug 13, 2023: added second solution

Quick one for you today. And it's a mystery for you to solve. Kinda like Sherlock Holmes' The Final Problem but more Unix-y.

First clue: You have a simple Dockerfile.

Second clue: The Docker image has a simple script that does echo hello.

Third clue: You build and try to run the image; this is what you get:

$ docker build . -t florin-secret
$ docker run --user root -it florin-secret
/bin/bash docker: Error response from daemon: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "/tmp/hello.sh": permission denied: unknown. ERRO 0000 error waiting for container: context canceled

Why do you get this error?

...

.....

Figured it out?

Great, your brain contains yet another piece of trivia.

Answer: the script is not executable.

Yeah... if you do:

$ chmod +x hello.sh

Things work.

Even better, you can put this line:

RUN chmod +x hello.sh

In the Dockerfile to make the solution more permanent. Better to rely on the Docker build system than on Git or your filesystem.

How is this related to permissions, you ask? Well, in Unix-like operating systems the ability to execute a script is a permission just like read and write.

Would've loved a more explicit error than:

permission denied: unknown

But this is what I get for not contributing to OSS yet.

❦

Thank you Nico for having a 2AM epiphany that resulted in the second solution.