Accessing files in a buildah mount using a Dockerfile with --mount=type=cache results in a permission denied

Solution Unverified - Updated 13 Jun 2024

Environment

Red Hat Enterprise Linux (RHEL) 8.6
Red Hat Openshift Container Platform (OCP) 4.10
buildah 1.24.2
Building with a docker file using cache mount type.

Issue

All file actions result in permission denied.
Examples that work with buildkit all fail

Resolution

This is still under investigation. See This content is not included.BZ 2111275

Diagnostic Steps

A simple Dockerfile
```
  FROM ubi8/ubi

  RUN --mount=type=cache,target=/mycache  touch /mycache/myfile.txt
```
fails with permission denied. Attempts to set user ids, change the permissions on the directory, etc, all fail with the same error.

Running an strace on the file touch withing the buildah container doesn't yield any useful results

  FROM ubi8/ubi
  RUN yum install -y strace
  RUN --mount=type=cache,target=/mycache  strace touch /mycache/myfile.txt

Output:

  ...
  write(2, "touch: ", 7touch: )                  = 7
  write(2, "cannot touch '/mycache/myfile.tx"..., 34cannot touch '/mycache/myfile.txt') = 34
  write(2, ": Permission denied", 19: Permission denied)     = 19
  write(2, "\n", 1
  ...

SBR

Shift

Product(s)

Components

buildah

Category

Troubleshoot

Tags

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.