我有一个小的Dockerfile示例:
FROM ubuntu:22.04
RUN groupadd -f -g 1000 docker && useradd -ms /bin/bash docker -u 1000 -g 1000 && ls -la /home
RUN chown docker:docker -R /home/docker && ls -la /home
RUN ls -la /home
它给出了输出:
$ docker build -t tmp .
Sending build context to Docker daemon 2.048kB
Step 1/4 : FROM ubuntu:22.04
---> 6b7dfa7e8fdb
Step 2/4 : RUN groupadd -f -g 1000 docker && useradd -ms /bin/bash docker -u 1000 -g 1000 && ls -la /home
---> Running in 58bee8aa4dfd
total 12
drwxr-xr-x 1 root root 4096 Aug 11 15:55 .
drwxr-xr-x 1 root root 4096 Aug 11 15:55 ..
drwxr-x--- 2 docker docker 4096 Aug 11 15:55 docker
Removing intermediate container 58bee8aa4dfd
---> dbd5d16e92d5
Step 3/4 : RUN chown docker:docker -R /home/docker && ls -la /home
---> Running in d76701c0765d
total 20
drwxr-xr-x 1 root root 4096 Aug 11 15:55 .
drwxr-xr-x 1 root root 4096 Aug 11 15:55 ..
drwxr-x--- 1 docker docker 4096 Aug 11 15:55 docker
Removing intermediate container d76701c0765d
---> 14ba02eee117
Step 4/4 : RUN ls -la /home
---> Running in c3373d418be8
total 12
drwxr-xr-x 1 root root 4096 Aug 11 15:55 .
drwxr-xr-x 1 root root 4096 Aug 11 15:55 ..
drwxr-x--- 1 root root 4096 Aug 11 15:55 docker
Removing intermediate container c3373d418be8
---> 0a6de3939320
Successfully built 0a6de3939320
Successfully tagged tmp:latest
请注意,构建容器后,/home/docker由根拥有.go 掉chown线没有任何影响.这就像是在层完成时不保留文件权限.
我正在使用:
$ docker --version
Docker version 20.10.25, build 20.10.25-0ubuntu1~22.04.1
我还能够使用相同版本的Docker在新的虚拟机映像上进行复制.