Fix umask for future RUN commands in dockerfile

Question

I would like to fix a certain umask for all my RUN commands in the remainder of a dockerfile. Instead of writing this

RUN umask 0002 && do_something

I would like to do something like this

RUN echo umask 0002 >> some_file
RUN do_something
...

I have tried setting the umask for root in various ways but none of them seem to take effect on the following RUN commands. Any ideas?

Answer 1

Docker creates a new, minimal sh environment for every RUN step.

The umask is set to 0022 in runc by default when a container is started. A umask configuration option has been exposed in runc but unfortunately that is not configurable from Docker yet.

For now, the umask command (or the process setting the umask) will need to be chained in each RUN step where it is needed, while the subsequent chained commands run under the same shell process.

RUN set -uex; \
    umask 0002; \
    do_something; \
    do_otherthing;
RUN set -uex; \
    umask 0002; \
    do_nextthing; \
    do_subsequentthing;