On Thu, 18 Jun 2026 21:31:59 -0700 Brian Cain <[email protected]> wrote: > ... > > Download the tarball to a file and ignore tar errors during extraction > with --no-same-owner and --no-same-permissions.
tar's man page says --no-same-owner and --no-same-permissions are "default for ordinary users". Isn't that the case for rootless podman? > Signed-off-by: Brian Cain <[email protected]> > --- > tests/docker/dockerfiles/debian-hexagon-cross.docker | 7 ++++++- > 1 file changed, 6 insertions(+), 1 deletion(-) > > diff --git a/tests/docker/dockerfiles/debian-hexagon-cross.docker > b/tests/docker/dockerfiles/debian-hexagon-cross.docker > index 23e8bb2fb26..817c903246a 100644 > --- a/tests/docker/dockerfiles/debian-hexagon-cross.docker > +++ b/tests/docker/dockerfiles/debian-hexagon-cross.docker > @@ -49,7 +49,12 @@ ENV > TOOLCHAIN_BASENAME=clang+llvm-${TOOLCHAIN_RELEASE}-cross-hexagon-unknown-lin > ENV > TOOLCHAIN_URL=https://artifacts.codelinaro.org/artifactory/codelinaro-toolchain-for-hexagon/${TOOLCHAIN_RELEASE}_/${TOOLCHAIN_BASENAME}.tar.zst > ENV CCACHE_WRAPPERSDIR=/usr/libexec/ccache-wrappers > > -RUN curl -#SL "$TOOLCHAIN_URL" | tar --zstd -xC "$TOOLCHAIN_INSTALL" > +# Ignore tar's chmod/lchmod EPERM on the toolchain symlinks and directories, > +# which rootless podman's overlay storage rejects (harmless mode metadata). > +RUN curl -#SLo /tmp/toolchain.tar.zst "$TOOLCHAIN_URL" && \ > + { tar --zstd --no-same-owner --no-same-permissions \ > + -xf /tmp/toolchain.tar.zst -C "$TOOLCHAIN_INSTALL" || true; } && \ > + rm -f /tmp/toolchain.tar.zst Hmm, I think the "|| true" may mask some real failures. For example, if the URL is invalid, curl would still exit with no error code, but the output file would contain something like "errors" : [ { "status" : 404 } ]. Then, tar would fail to unpack that but || true would mask it. > ENV > PATH=$PATH:${TOOLCHAIN_INSTALL}/${TOOLCHAIN_BASENAME}/x86_64-linux-gnu/bin > ENV MAKE=/usr/bin/make > # As a final step configure the user (if env is defined) > -- > 2.34.1 >
