Trivial reproducer: FROM gentoo/stage3:ppc64le-openrc RUN wget http://gentoo.mirror.web4u.cz/distfiles/00/Pebble-5.0.7.tar.gz \ && tar -xf Pebble-5.0.7.tar.gz At least on bogsucker, it fails with: 1.463 tar: Pebble-5.0.7/Pebble.egg-info: Cannot change mode to rwxr-xr-x: Operation not permitted 1.465 tar: Pebble-5.0.7/pebble/asynchronous: Cannot change mode to rwxr-xr-x: Operation not permitted 1.466 tar: Pebble-5.0.7/pebble/concurrent: Cannot change mode to rwxr-xr-x: Operation not permitted 1.468 tar: Pebble-5.0.7/pebble/pool: Cannot change mode to rwxr-xr-x: Operation not permitted 1.468 tar: Pebble-5.0.7/pebble: Cannot change mode to rwxr-xr-x: Operation not permitted 1.476 tar: Pebble-5.0.7/test: Cannot change mode to rwxr-xr-x: Operation not permitted 1.476 tar: Pebble-5.0.7: Cannot change mode to rwxr-xr-x: Operation not permitted 1.476 tar: Exiting with failure status due to previous errors Apparently, it can't... chmod directories? But I can't reproduce with plain mkdir+chmod. FWICS tar uses mkdirat() instead. Will try to write a simpler reproducer later.
Managed to get strace in there, and the relevant bit seems to be: mkdirat(AT_FDCWD, "Pebble-5.0.7/Pebble.egg-info", 0700) = 0 […] utimensat(AT_FDCWD, "Pebble-5.0.7/Pebble.egg-info", [UTIME_OMIT, {tv_sec=1711060438, tv_nsec=754192400} /* 2024-03-21T22:33:58.754192400+0000 */], AT_SYMLINK_NOFOLLOW) = 0 fchownat(AT_FDCWD, "Pebble-5.0.7/Pebble.egg-info", 1000, 1000, AT_SYMLINK_NOFOLLOW) = 0 fchmodat2(AT_FDCWD, "Pebble-5.0.7/Pebble.egg-info", 0755, AT_SYMLINK_NOFOLLOW) = -1 EPERM (Operation not permitted)
Aaand, we have a winner: ``` #define _GNU_SOURCE 1 #include <fcntl.h> #include <sys/stat.h> int main() { fchmodat(AT_FDCWD, "foo", 0755, AT_SYMLINK_NOFOLLOW); return 0; } ``` On host: fchmodat2(AT_FDCWD, "foo", 0755, AT_SYMLINK_NOFOLLOW) = -1 ENOSYS (Function not implemented) Inside docker: fchmodat2(AT_FDCWD, "foo", 0755, AT_SYMLINK_NOFOLLOW) = -1 EPERM (Operation not permitted)
(and of course the problem is that GNU tar checks for ENOSYS there but treats EPERM as a real error)
Ok, so apparently this is fixed in -25. Time to stabilize a newer version?