From 1d3d3b47b363c1bbbfc2697a86da91b5a995ea1d Mon Sep 17 00:00:00 2001
From: "Collin J. Doering" <collin@rekahsoft.ca>
Date: Mon, 1 Jan 2024 23:18:40 -0500
Subject: [PATCH] Dockerfile: Adjust file permissions; add comments; tidy
 formatting

---
 Dockerfile | 27 +++++++++++++++++++++------
 1 file changed, 21 insertions(+), 6 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 4a67e66..58a0e5a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,14 +1,29 @@
 FROM scratch
-ADD guix-tarball-pack.tar.gz /guix-builder
-ADD links.tar.gz /
-ADD passwd /etc/passwd
-ADD passwd /tmp/proot/delete-me
 
+# Extract guix produced relocatable
+ADD guix-tarball-pack.tar.gz /guix-builder
+
+# Extract variety of links to be setup in root, pointing into /guix-builder
+ADD links.tar.gz /
+
+ADD passwd /etc/passwd
+
+# Create an empty directory for use by proot
+#
+# Any following RUN command or command in the container will not run without the below PROOT
+# env var set, and the directory existing
+ADD passwd /tmp/proot/delete-me
+ENV PROOT_TMP_DIR=/tmp/proot
+
+# Setup ssl and glibc-locales environment variables
 ENV SSL_CERT_DIR=/etc/ssl/certs
 ENV SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt
 ENV GUIX_LOCPATH=/guix-builder/lib/locale
-ENV PROOT_TMP_DIR=/tmp/proot
-RUN rm /tmp/proot/delete-me
+
+# Remove the empty file that was used to create a temporary directory, and adjust file
+# permissions
+RUN rm /tmp/proot/delete-me \
+ && chown -PR 0:0 /etc /bin
 
 VOLUME /var/guix/daemon-socket/socket /gnu/store /etc/ssl
 CMD ["/guix-builder/bin/bash"]