setgroups broken



```
$ cat /tmp/apt/Dockerfile 
FROM debian
RUN for f in uid_map gid_map setgroups;do echo "#$f"; cat /proc/self/$f; done
RUN apt update

$ docker run -it --rm -v /tmp/apt:/foo -w /foo -v /tmp --privileged img build -t foo .
Building docker.io/library/foo:latest
Setting up the rootfs... this may take a bit.
RUN [/bin/sh -c for f in uid_map gid_map setgroups;do echo "#$f"; cat /proc/self/$f; done]
--->
#uid_map
         0          0          1
         1          1      65536
#gid_map
         0          0          1
         1          1      65536
#setgroups
deny
<--- r3942e87odgx0tu831zsxrxlv 0 <nil>
RUN [/bin/sh -c apt update]
--->

WARNING: apt does not have a stable CLI interface. Use with caution in scripts.

E: setgroups 65534 failed - setgroups (1: Operation not permitted)
E: setgroups 0 failed - setgroups (1: Operation not permitted)
Reading package lists...
E: setgroups 65534 failed - setgroups (1: Operation not permitted)
E: setgroups 0 failed - setgroups (1: Operation not permitted)
E: Method gave invalid 400 URI Failure message: Failed to setgroups - setgroups (1: Operation not permitted)
E: Method gave invalid 400 URI Failure message: Failed to setgroups - setgroups (1: Operation not permitted)
E: Method http has died unexpectedly!
E: Sub-process http returned an error code (112)
<--- quk7snb2cmsx3llpmpeeogix2 100 <nil>
solving failed: executor failed running [/bin/sh -c apt update]: exit code 100
```


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

setgroups broken #96

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

setgroups broken #96

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions