[Bug 1863604] Re: Docker Snap: Cannot access docker-compose config in dot folder

Mon, 17 Feb 2020 04:06:08 -0800 

** Also affects: docker.io (Ubuntu)
   Importance: Undecided
       Status: New

** Description changed:

  I'm currently trying to use `docker-compose` (from the Docker snap;
  `whereis docker-compose` says `docker-compose: /snap/bin/docker-
  compose`; `snap info docker` says `installed: 18.09.9`) with a `docker-
  compose.yml` file that's in a subfolder of a hidden directory of my home
  folder (think `/home/me/.something/sha0123abc/docker-compose.yml`).
  
  That fails with
  
+ .IOError: [Errno 13] Permission denied: '/home/me/.something/sha0123abc
+ /docker-compose.yml'
  
- .IOError: [Errno 13] Permission denied: 
'/home/me/.something/sha0123abc/docker-compose.yml'
- 
- 
- Per 
https://stackoverflow.com/questions/53344380/errno-13-while-running-docker-compose-up,
 I ran
+ Per https://stackoverflow.com/questions/53344380/errno-13-while-running-
+ docker-compose-up, I ran
  
  cat /var/log/syslog | tail -n 400
  
  which gave
  
  Feb 17 17:33:16 mylaptop kernel: [22167.704290] audit: type=1400 
audit(1581939196.674:265): apparmor="DENIED" operation="open" 
profile="snap.docker.compose" 
name="/home/me/.something/sha0123abc/docker-compose.yml" pid=20209 
comm="python2" requested_mask="r" denied_mask="r" fsuid=1001 ouid=1001
  Feb 17 17:33:16 mylaptop kernel: [22167.704293] audit: type=1400 
audit(1581939196.674:266): apparmor="DENIED" operation="open" 
profile="snap.docker.compose" 
name="/home/me/.something/sha0123abc/docker-compose.yml" pid=20209 
comm="python2" requested_mask="r" denied_mask="r" fsuid=1001 ouid=1001
  
  Things seem to work if I choose a location in a non-hidden directory
  instead.
  
  However, this seems like a bug to me; I don't understand a lot about
  Snap's/AppArmor's privilege system, but shouldn't a Snap be able to
  access the contents of a hidden directory in my home folder?
  
  The context for this is a build system that wraps docker-compose in an
  additional tool, which places its config files in a `.something` hidden
  directory in a user's home folder. More discussion here:
  https://github.com/WordPress/gutenberg/issues/20180
+ 
+ Edit: I'm on Ubuntu 18.04.4 LTS

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1863604

Title:
  Docker Snap: Cannot access docker-compose config in dot folder

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1863604/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to