Laszlo Gaal created IMPALA-13937:
------------------------------------
Summary: Docker image build script fails to set the sticky bit for
/var/tmp when building on top of a Wolfi base image
Key: IMPALA-13937
URL: https://issues.apache.org/jira/browse/IMPALA-13937
Project: IMPALA
Issue Type: Bug
Affects Versions: Impala 5.0.0
Reporter: Laszlo Gaal
Assignee: Laszlo Gaal
The Docker base image build script {{docker/install_os_packages.sh}} attempts
to set the sticky bit (+t) on /tmp and on /var/tmp to support using Kerberos
with Impala.
Unfortunately the version of {{chmod}} that is bundled in the Wolfi base images
is based on {{busybox}}, and it seems to ignore the user-friendly syntax used
in the above shell script. This causes the {{chmod}} command to drop the sticky
bit silently, withouh even reporting an error; but the sticky bit is never
applied to these directories.
Later, when the images are activated in an environment using Kerberos, this
prevents Impala daemons from starting up, as the code contains an explicit
check requiring this permission.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
