Given the minimal Dockerfile which builds successfully:
FROM fedora:36
RUN ls
I would like to build it using buildkit
, but when I run:
env DOCKER_BUILDKIT=1 docker build -t local/builkit-fail .
I get the following error:
[+] Building 0.4s (5/5) FINISHED
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 92B 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/fedora:36 0.1s
=> CACHED [1/2] FROM docker.io/library/fedora:36@sha256:cbf627299e327f564233aac6b97030f9023ca41d3453c497be 0.0s
=> ERROR [2/2] RUN ls 0.2s
------
> [2/2] RUN ls:
#4 0.206 exec /bin/sh: permission denied
------
executor failed running [/bin/sh -c ls]: exit code: 1
However, the build succeeds if I temporarily disable SELinux using sudo setenforce 0
Why does using buildkit
change the permissions of what the Docker process can run?