How do I get docker run to actually update an image?

I’m new to Docker. I’m trying to build an image that I intend to maintain and use for testing new Gentoo ebuilds, based on gentoo/stage3-amd64. I used docker build to build a basic image that COPYs the custom /etc/portage/* files I need, but I have stopped short of running emerge -uDN world because I need --cap-add=SYS_PTRACE, which can only be passed (AFAIK) to docker run, not docker build. Without SYS_PTRACE, emerging anything more than very basic stuff fails - which is a known issue and hence SYS_PTRACE.

How do I make whatever I do with docker run stick? I can verify that it doesn’t because after running my update script via docker run, I “docker run -it myimage” and I see that even though my docker run command was successful, these changes do not stick.

1 Like

You should use docker commit after the docker run --cap-add SYS_PTRACE basicimage emerge -uDN to create your final image.

Thank you. Post must be at least 20 characters, this sentence is filler.