For some time, we have had issues on Ubuntu Noble when extracting tar files within Docker containers. See ocaml/infrastructure#121. This is only an issue on exotic architectures like RISCV and PPC64LE.
# docker run --rm -it ubuntu:noble
root@cf3491db4abd:/# cd
root@cf3491db4abd:~# mkdir foo
root@cf3491db4abd:~# tar -cf bar.tar foo
root@cf3491db4abd:~# rmdir foo
root@cf3491db4abd:~# tar -xf bar.tar
tar: foo: Cannot change mode to rwxr-xr-x: Operation not permitted
tar: Exiting with failure status due to previous errors
The combination of Docker version and libseccomp2 version prevents
the container from running the fchmodat2 system call. There is a
bug report on Ubuntu’s bug tracker for the issue.
I have been working around this by building Docker from scratch.
apt install golang
git clone https://github.com/moby/moby
cd moby
AUTO_GOPATH=1 ./hack/make.sh binary
mv bundles/binary-daemon/* /usr/bin/
service docker restart
When provisioning some new RISCV machines, I have once again hit this
issue, but now the version of Go installed by apt on Ubuntu Noble is
too old to build Docker!
go: vendor.mod requires go >= 1.23.0 (running go 1.22.2; GOTOOLCHAIN=local)
As this needs to be repeated multiple times, it makes sense to wrap the installation steps into an Ansible Playbook. golang+docker.yml