Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Files in .tgz changed owner from root/root to runner/docker #1053

Closed
olavst-spk opened this issue Jun 14, 2024 · 4 comments · Fixed by #1054 or #1058
Closed

Files in .tgz changed owner from root/root to runner/docker #1053

olavst-spk opened this issue Jun 14, 2024 · 4 comments · Fixed by #1054 or #1058
Assignees

Comments

@olavst-spk
Copy link

I am using the files from this repo in a Kubernetes setup and I ran into some permission issues after upgrading from 1.4.0 to 1.5.0. It looks like the owner/group of the released files have changed.

In version 1.4.0 (and previous versions) the files are owned by root/root:

$ tar -ztvf cni-plugins-linux-amd64-v1.4.0.tgz
drwxrwxr-x root/root         0 2023-12-04 17:39 ./
-rwxr-xr-x root/root   3636792 2023-12-04 17:39 ./loopback
-rwxr-xr-x root/root   4109351 2023-12-04 17:38 ./bandwidth
-rwxr-xr-x root/root   4470977 2023-12-04 17:39 ./ptp
-rwxr-xr-x root/root   4310173 2023-12-04 17:39 ./vlan
-rwxr-xr-x root/root   4191837 2023-12-04 17:39 ./host-device
-rwxr-xr-x root/root   3726382 2023-12-04 17:39 ./tuning
-rwxr-xr-x root/root   4001842 2023-12-04 17:39 ./vrf
-rwxr-xr-x root/root   3851218 2023-12-04 17:39 ./sbr
-rwxr-xr-x root/root   4371897 2023-12-04 17:39 ./tap
-rwxr-xr-x root/root  11050013 2023-12-04 17:39 ./dhcp
-rwxr-xr-x root/root   3110828 2023-12-04 17:39 ./static
-rwxr-xr-x root/root   4736299 2023-12-04 17:39 ./firewall
-rwxr-xr-x root/root   4349395 2023-12-04 17:39 ./macvlan
-rwxr-xr-x root/root   4297556 2023-12-04 17:39 ./dummy
-rwxr-xr-x root/root   4652757 2023-12-04 17:39 ./bridge
-rwxr-xr-x root/root   4315686 2023-12-04 17:39 ./ipvlan
-rwxr-xr-x root/root   4085020 2023-12-04 17:39 ./portmap
-rwxr-xr-x root/root   3549866 2023-12-04 17:39 ./host-local

But in version 1.5.0 they are owned by runner/docker:

$ tar -ztvf cni-plugins-linux-amd64-v1.5.0.tgz
drwxr-xr-x runner/docker     0 2024-05-20 09:23 ./
-rwxr-xr-x runner/docker 11430474 2024-05-20 09:23 ./dhcp
-rwxr-xr-x runner/docker  3750042 2024-05-20 09:23 ./loopback
-rw-r--r-- runner/docker     2343 2024-05-20 09:23 ./README.md
-rwxr-xr-x runner/docker  4272394 2024-05-20 09:23 ./bandwidth
-rwxr-xr-x runner/docker  4440601 2024-05-20 09:23 ./ipvlan
-rwxr-xr-x runner/docker  4439832 2024-05-20 09:23 ./vlan
-rwxr-xr-x runner/docker  3223795 2024-05-20 09:23 ./static
-rwxr-xr-x runner/docker  4344044 2024-05-20 09:23 ./host-device
-rw-r--r-- runner/docker    11357 2024-05-20 09:23 ./LICENSE
-rwxr-xr-x runner/docker  4787319 2024-05-20 09:23 ./bridge
-rwxr-xr-x runner/docker  4422354 2024-05-20 09:23 ./dummy
-rwxr-xr-x runner/docker  3837627 2024-05-20 09:23 ./tuning
-rwxr-xr-x runner/docker  4102988 2024-05-20 09:23 ./vrf
-rwxr-xr-x runner/docker  4503238 2024-05-20 09:23 ./tap
-rwxr-xr-x runner/docker  4228716 2024-05-20 09:23 ./portmap
-rwxr-xr-x runner/docker  4943785 2024-05-20 09:23 ./firewall
-rwxr-xr-x runner/docker  4600833 2024-05-20 09:23 ./ptp
-rwxr-xr-x runner/docker  3679567 2024-05-20 09:23 ./host-local
-rwxr-xr-x runner/docker  4478854 2024-05-20 09:23 ./macvlan
-rwxr-xr-x runner/docker  3956598 2024-05-20 09:23 ./sbr 

Is this intentional? I don't see any mention of it in the release notes.

Thanks!

@squeed
Copy link
Member

squeed commented Jun 14, 2024

This was an accidental side-effect of moving image builds to github. @s1061123, can you take a look?

s1061123 added a commit to s1061123/plugins that referenced this issue Jun 17, 2024
s1061123 added a commit to s1061123/plugins that referenced this issue Jun 17, 2024
Fix containernetworking#1053

Signed-off-by: Tomofumi Hayashi <tohayash@redhat.com>
@s1061123
Copy link
Contributor

@olavst-spk thank you for the issue. This is unexpected behavior, that is happen at the change release process to github action.
#1054 will fix the issue.

@olavst-spk
Copy link
Author

I have just tested the new version and I'm still getting some permission errors unfortunately.

Looks like the root folder is still owned by runner/docker:

$ tar -ztvf cni-plugins-linux-amd64-v1.5.1.tgz
drwxr-xr-x runner/docker     0 2024-06-17 17:51 ./
...

Compared to version 1.4.0 (and previous versions):

$ tar -ztvf cni-plugins-linux-amd64-v1.4.0.tgz
drwxrwxr-x root/root         0 2023-12-04 17:39 ./
...

In my case I run into issues with Cilium not being allowed to create /opt/cni/bin/cilium-cni because of the permissions on the root folder.

@s1061123 s1061123 reopened this Jun 18, 2024
@s1061123
Copy link
Contributor

Ok, let me file another PR for that.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
3 participants