Merge pull request containers#6378 from nalind/chroot-path

chroot: use $PATH when finding commands

Author: openshift-merge-bot[bot]

chroot/run_common.go

@@ -12,6 +12,7 @@ import (
 	"os/signal"
 	"path/filepath"
 	"runtime"
+	"slices"
 	"strconv"
 	"strings"
 	"sync"
@@ -743,6 +744,15 @@ func runUsingChrootExecMain() {
 		os.Exit(1)
 	}
 
+	// Set $PATH to the value for the container, so that when args[0] is not an absolute path,
+	// exec.Command() can find it using exec.LookPath().
+	for _, env := range slices.Backward(options.Spec.Process.Env) {
+		if val, ok := strings.CutPrefix(env, "PATH="); ok {
+			os.Setenv("PATH", val)
+			break
+		}
+	}
+
 	// Actually run the specified command.
 	cmd := exec.Command(args[0], args[1:]...)
 	setPdeathsig(cmd)

tests/bud.bats

@@ -8888,3 +8888,20 @@ _EOF
   run_buildah --root=${TEST_SCRATCH_DIR}/newroot --storage-opt=imagestore=${TEST_SCRATCH_DIR}/root build --pull=never ${contextdir}
   run_buildah --root=${TEST_SCRATCH_DIR}/newroot --storage-opt=imagestore=${TEST_SCRATCH_DIR}/root build --pull=never --squash ${contextdir}
 }
+
+@test "bud with exec-form RUN instruction" {
+  baseimage=busybox
+  _prefetch $baseimage
+  local contextdir=${TEST_SCRATCH_DIR}/context
+  mkdir -p "${contextdir}"
+  cat > "${contextdir}"/Dockerfile <<-EOF
+  FROM scratch AS mkdir
+  RUN --mount=type=bind,from="${baseimage}",destination=/usr ["busybox", "sh", "-x", "-c", "mkdir /brand-new-subdir"]
+  FROM "${baseimage}"
+  RUN --mount=type=bind,from=mkdir,destination=/mounted find /mounted -print
+EOF
+  run_buildah build --layers=true "${contextdir}"
+  expect_output --substring /mounted/brand-new-subdir
+  run_buildah build --layers=false "${contextdir}"
+  expect_output --substring /mounted/brand-new-subdir
+}