RUN --mount=type=bind,rw mounts as blank file #6631
Description
Issue Description
When using a Containerfile and the --mount=type=bind,rw in a RUN instruction the file mounts empty. When using RO (no directive specified - ie the default) it mounts correctly on arch but not Fedora42.
This happens with podman and buildah on Arch and Fedora 42 (fedora has a permission error also).
I tried using rootless by default with a normal terminal on my desktop. I also tried running the provided script with sudo and by entering a root shell first.
Steps to reproduce the issue
Run this bash script (rootless or with root):
#!/bin/bash
echo blah > text.md.ro
echo blah > text.md.rw
cat > Containerfile <<'EOF'
FROM docker.io/library/alpine:latest
RUN \
--mount=type=bind,source=./text.md.rw,target=/text.md.rw,rw \
--mount=type=bind,source=./text.md.ro,target=/text.md.ro \
ls -lah text.md*
EOF
#podman build --no-cache -f Containerfile .
buildah build --no-cache -f Containerfile .
ls -la text.md*Describe the results you received
On Fedora42 with podman 5.7.1:
- the ro mounted file says permission denied and does not show up at all
- the rw file shows 0 bytes.
On archlinux with podman 5.7.0 or buildah version 1.42.1 (image-spec 1.1.1, runtime-spec 1.2.1): - the ro mounted file displays its size as 5 bytes
- the rw file shows 0 bytes.
Describe the results you expected
I expected both systems to show both files as 5 bytes long.
buildah version output
From the Arch box.
Version: 1.42.1
Go Version: go1.25.4 X:nodwarf5
Image Spec: 1.1.1
Runtime Spec: 1.2.1
CNI Spec: 1.1.0
libcni Version: v1.3.0
image Version: 5.38.0
Git Commit: de21106b6d4008b65862d420ffde6dba3f84ffe9
Built: Tue Nov 11 19:39:01 2025
OS/Arch: linux/amd64
BuildPlatform: linux/amd64buildah info output
{
"host": {
"CgroupVersion": "v2",
"Distribution": {
"distribution": "arch",
"version": "unknown"
},
"MemFree": 1638371328,
"MemTotal": 67283021824,
"OCIRuntime": "crun",
"SwapFree": 0,
"SwapTotal": 0,
"arch": "amd64",
"cpus": 12,
"hostname": "",
"kernel": "6.17.9-arch1-1",
"os": "linux",
"rootless": true,
"uptime": "822h 26m 46.46s (Approximately 34.25 days)",
"variant": ""
},
"store": {
"ContainerStore": {
"number": 857
},
"GraphDriverName": "overlay",
"GraphImageStore": "",
"GraphOptions": null,
"GraphRoot": "/home//.local/share/containers/storage",
"GraphStatus": {
"Backing Filesystem": "btrfs",
"Native Overlay Diff": "false",
"Supports d_type": "true",
"Supports shifting": "true",
"Supports volatile": "true",
"Using metacopy": "false"
},
"GraphTransientStore": false,
"ImageStore": {
"number": 2207
},
"RunRoot": "/run/user/1000/containers"
}
}Provide your storage.conf
[storage]
driver = "overlay"
runroot = "/run/containers/storage"
graphroot = "/var/lib/containers/storage"
[storage.options]
additionalimagestores = [
]
[storage.options.overlay]
mountopt = "nodev"
[storage.options.thinpool]Upstream Latest Release
Yes
Additional environment details
kernel arch: Linux 6.17.9-arch1-1 #1 SMP PREEMPT_DYNAMIC Mon, 24 Nov 2025 15:21:09 +0000 x86_64 GNU/Linux
kernel fedora: Linux 6.17.13-200.fc42.x86_64 #1 SMP PREEMPT_DYNAMIC ...
all on physical boxes one using fedora 42 and the other archlinux.
Additional information
- Applies to
podman buildandbuildah build. - Only tested
podman buildon Fedora 42.