fix(docker): make /tmp world-writable so exports work under any UID

The scratch image shipped /tmp owned by 1000:1000 and writable only by
UID 1000, so containers run under a different user (e.g. Unraid's
99:100, OpenShift random UIDs, or any `user:` override) could not create
the temp file used for data exports, failing with:

  error creating temp file: open /tmp/vikunja-export-*.zip: permission denied

The builder-stage `chmod 1777 /tmp` did not survive into the final image
(see #2316, which had to add --chown to make it writable for UID 1000),
so the world-writable intent was lost. Force the mode at copy time with
BuildKit's --chmod=1777, restoring a normal sticky, world-writable /tmp
that works for every UID.

Closes go-vikunja/vikunja#2755
This commit is contained in:
kolaente 2026-05-30 16:12:17 +02:00 committed by kolaente
parent e31d73b3df
commit 137f31bb20
1 changed files with 1 additions and 1 deletions

View File

@ -50,7 +50,7 @@ WORKDIR /app/vikunja
ENTRYPOINT [ "/app/vikunja/vikunja" ]
EXPOSE 3456
COPY --from=apibuilder --chown=1000:1000 /tmp /tmp
COPY --from=apibuilder --chown=1000:1000 --chmod=1777 /tmp /tmp
USER 1000