-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WCOW: writing to a file in root directory fails with Access is denied
for ContainerUser
- except on Win11
#4731
Comments
This adds `ContainerAdministrator` as the default user to guarantee a uniform experience on all the platforms. The previous guide would fail on WS2022 but work on WS2019 and Windows 11. The issue is being investigated here moby#4731 Signed-off-by: Anthony Nandaa <[email protected]>
Also see discussion here - #4729 |
This adds `ContainerAdministrator` as the default user to guarantee a uniform experience on all the platforms. The previous guide would fail on WS2022 but work on WS2019 and Windows 11. The issue is being investigated here #4731 Signed-off-by: Anthony Nandaa <[email protected]> (cherry picked from commit 2aa80d7)
How does The fact that the |
This adds `ContainerAdministrator` as the default user to guarantee a uniform experience on all the platforms. The previous guide would fail on WS2022 but work on WS2019 and Windows 11. The issue is being investigated here moby#4731 Signed-off-by: Anthony Nandaa <[email protected]>
No, I meant that an equivalent dockerfile, i.e.
@TBBle -- sorry I missed your reply. I've notice that this fails when writing to FROM mcr.microsoft.com/windows/nanoserver:ltsc2022
RUN mkdir \test
RUN echo "Goodbye!" > \test\hello.txt |
Access is denied
for ContainerUser
Access is denied
for ContainerUser
Access is denied
for ContainerUser
- WS2022
Rereading this ticket, is it only failing at ’RUN’? If so, that just seems like the nanoserver image's root ACLs or default user have changed in the LTSC 2022 release... Except Windows 11 should share the same base so I expect it to work the same way. Anyway, if this is by-design, then yeah, a simple doc-update seems the way to go. I'd add a ’USER’ call, personally. I'm not clear why the base image defaults to A low-priv user, since I expect any real user of that image would start by installing stuff and doing other admIn things, and either way would need to switch bsck down afterwards. And for trivial image cases (package a single static binary) then sticking it in C:\ seems a mInimal-surprise option. |
Access is denied
for ContainerUser
- WS2022Access is denied
for ContainerUser
- except on Win11
UPDATE: I must have mistaken it, it also fails on WS2019. It only builds successfully on Win11. And same behavior with classic |
You are specifying process isolation, right? The immediate jump-out for client SKU-specific behaviour is the default being HyperV isolation in Docker, although on reflection I don't think BuildKit or containerd honour that distinction (which I just realised may have been overlooked in the Docker/containerd/Windows migration work). That said, I did all my testing on Windows 10 or Windows 11, and I'm sure I was using process isolation so there may indeed be something else going on, or I somehow never tested this trivial Dockerfile. |
That's true, buildkit/containerd runs process-isolated on both client and server SKUs. I also tried to have
Let me take this up with the platform team to get some explanation. For completeness, I've also update the description to include
|
Rounding up the discussion. This issue is due to the difference in ACLs for Here is the modifified dockerfile that gives a better picture. Using FROM mcr.microsoft.com/windows/servercore:ltsc2022
USER ContainerUser
RUN icacls C:\\
RUN whoami /groups
RUN echo "hello and goodbye!" > hello.txt Results on WS2022
Results on Win11
Analysis and ConclusionWorth noting:
|
Will therefore close this issue as by-design after updating the documentation. |
If I'm reading the output correctly, in both cases ContainerUser belongs to the same groups (both show Anyway, I guess for me the surprising thing is why does the host OS affect the CACLs list of the root of the image? Presumably this is being inherited from outside the container (i.e. I imagine the differing CACLs match host behaviour), but I don't actually understand how that would happen: we're not actually mounting the container image in the host anymore, right? Or this is some underlying behaviour of Windows that adds certain CACLs to any drive root on top of whatever's in the data, and it's different in Client and Server SKUs? |
`ContainerUser` is not permitted to write to `C:\` because of their limited permissions, `(WD)` at best. Add a note explaining why we are using `USER ContainerAdministrator` in our dockerfile for us to be able to run: ``` RUN echo "Goodbye!" >> hello.txt ``` On client SKUs like Win11, there will be no issues since `ContainerUser` has `(M)` permissions on `C:\` Fixes moby#4731 as by-design. Signed-off-by: Anthony Nandaa <[email protected]>
You are right, the permissions are being inherited. Will notice the permissions with
|
This seems like an unexpected gap in the isolation model, it suggests that even though we're mounting our filesystem over in another silo (if I remember correctly) it's still inheriting permissions from somewhere on the host. There's a few other differences that don't seem to be related to the C:\ differences, e.g., the Win11 So is it inheriting permissions from somewhere else? Like Also, it seems like the non-inherited permissions are different too. Looking at WS2022, So I'm guessing that there's platform-specific behaviour inserting default DACLs into a drive root; it'd be interesting to check what actual DACLs are encoded in the image data. Anyway, although this strikes me as unexpected, if I'm an outlier here, that's fine. Otherwise it might be better to track this as a platform issue over in https://github.com/microsoft/Windows-Containers/ since it is presumably the same under Docker etc. I also don't currently see any practical problem here except that Win11 hosts give container users weaker restrictions here, as a known caveat in the "Client SKU containers are a nice-to-have but YMMV" approach. (If I could think of a security exploit or container escape opportunity here, I'd be more worried, but since I expect this doesn't affect Hyper-V isolation, even that is a watered-down possibility) |
Looks like it's inheritance plus something else. You raise valid points here. Let me take this up with the platform team, and also see if we can actively track this under the Microsoft WC repo. |
opened the tracking issue here - microsoft/Windows-Containers#539 |
First, this is not strictly a buildkit regression but something that I suspect is a coming from the platform side, it's by design.
When you follow the guide at
b7d04a
docs/windows.md, you get "access denied" error on onlyWS2022
but the build is successful both on. It's the same case too with the classicWindows 11
andWS2019
docker build
.UPDATE: I must have mistaken it, it also fails on WS2019. It only builds successfully on Win11, which could be treated as an exception...
Minimal dockerfile:
Results:
Similar failure with
docker build
on server SKUs:Workarounds:
Option 1: Write to a file in the inner directories, e.g.
Option 2: Use a privileged user, since the default user in nanoserver is
ContainerUser
.The text was updated successfully, but these errors were encountered: