Set permissions on the internals of all container volumes

2023-03-23 19:18:14 +00:00 · 2023-03-23 19:18:14 +00:00 · 292e3dc211
commit 292e3dc211
parent ec1732c8ec
1 changed files with 12 additions and 4 deletions
--- a/kernel.go
+++ b/kernel.go
@ -621,10 +621,18 @@ func genDockerKernels(dii dockerImageInfo, newkcfg *config.KernelConfig,
 		}
 		newkcfg.Kernels = append(newkcfg.Kernels, ki)

-		cmd := "find /boot -type f -exec chmod 0644 {} \\;"
-		_, err = c.Run("/tmp", cmd)
-		if err != nil {
-			return
+		for _, cmd := range []string{
+			"find /boot -type f -exec chmod 0644 {} \\;",
+			"find /boot -type d -exec chmod 0755 {} \\;",
+			"find /usr/src -type f -exec chmod 0644 {} \\;",
+			"find /usr/src -type d -exec chmod 0755 {} \\;",
+			"find /lib/modules -type f -exec chmod 0644 {} \\;",
+			"find /lib/modules -type d -exec chmod 0755 {} \\;",
+		} {
+			_, err = c.Run("/tmp", cmd)
+			if err != nil {
+				return
+			}
 		}
 	}