buildah build ignored mount permissions in RUN command

[isavl]

Description

buildah build ignored mount permissions in RUN command

Steps to reproduce the issue:

1. Create Dockerfile with RUN --mount="type=cache,mode=777,target=/build/cache,sharing=shared" ls -la /build (uid and gid options don't work too).
2. See in ls output wrong permissions.

Describe the results you received:

Permissions on directory in container 755 user root group root.

Describe the results you expected:

Premissions on directory changed by mount options mode, uid and gid (in this example must be 777 user root group root).

Output of rpm -q buildah or apt list buildah:

buildah/unstable,now 1.28.2+ds1-1 amd64 [installed]

Output of buildah version:

Version: 1.28.2
Go Version: go1.19.4
Image Spec: 1.0.2-dev
Runtime Spec: 1.0.2-dev
CNI Spec: 1.0.0
libcni Version:
image Version: 5.23.1
Git Commit:
Built: Thu Jan 1 03:00:00 1970
OS/Arch: linux/amd64
BuildPlatform: linux/amd64

Output of cat /etc/*release:

PRETTY_NAME="Debian GNU/Linux bookworm/sid"
NAME="Debian GNU/Linux"
VERSION_CODENAME=bookworm
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"

Output of uname -a:

Linux 6.0.9-1 #1 SMP PREEMPT_DYNAMIC 2022-11-21 x86_64 GNU/Linux

Output of cat /etc/containers/storage.conf:

Dos't have. Default?

[flouthoc]

Hi @isavl , Have you verified with docker/buildkit for mount type cache it also does not allows changing onces it created

[fl@fedora test]$ sudo docker buildx build --no-cache --progress=plain -t test .
#1 [internal] load build definition from Dockerfile
#1 transferring dockerfile: 133B done
#1 DONE 0.1s

#2 [internal] load .dockerignore
#2 transferring context: 2B done
#2 DONE 0.1s

#3 [internal] load metadata for docker.io/library/alpine:latest
#3 DONE 2.2s

#4 [stage-0 1/2] FROM docker.io/library/alpine@sha256:02bb6f428431fbc2809c5d1b41eab5a68350194fb508869a33cb1af4444c9b11
#4 CACHED

#5 [internal] settings cache mount permissions
#5 DONE 0.1s

#6 [stage-0 2/2] RUN --mount="type=cache,mode=777,target=/build/cache,sharing=shared" ls -la /build
#6 0.438 total 0
#6 0.438 drwxr-xr-x    1 root     root            10 May 31 12:29 .
#6 0.438 drwxr-xr-x    1 root     root           124 May 31 12:29 ..
#6 0.438 drwxr-xr-x    1 root     root             0 May 31 12:29 cache
#6 DONE 0.5s

#7 exporting to image
#7 exporting layers
#7 exporting layers 0.1s done
#7 writing image sha256:81c9f45f06497970b88e9de0fd5268b5d178cb4e51e9e041f86c5a819cfe1db3 done
#7 naming to docker.io/library/test done
#7 DONE 0.1s

[flouthoc]

Could you please check if you are able to get desired results with docker/buildkit ? If buildah behaves differently then buildkit/docker then this needs to be fixed otherwise for parity reasons behavior will be kept same.

[github-actions]

A friendly reminder that this issue had no activity for 30 days.

[rhatdan]

Since we never heard a response, closing.