Note Module 16's bind-mount leaves root-owned cache files on native Linux #45
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Problem
The reproducibility command runs the container as default root and bind-mounts the repo over
/app. On native Linux, pytest/python write.pytest_cacheand__pycache__back into the learner's real project dir owned by uid 0, which they then can't delete without sudo. "Where it breaks" warns about bind-mount permission surprises off Linux but never about root-owned artifacts ON Linux, where it actually bites.Evidence
modules/16-containers-and-reproducible-environments/README.md(~line 228):docker run --rm -v "$PWD":/app -w /app python:3.12-slim sh -c "pip install pytest -q && pytest -q". The "Where it breaks" permission caveat is scoped to macOS/Windows. Confirmed:.pytest_cacheand__pycache__left as root:root.Why it matters
Real friction on the platform where Docker is native and most of this audience runs it; the module's own "Where it breaks" section was built to pre-empt exactly this.
Proposed change
Add a caveat after the Part C command, e.g.: "On native Linux this leaves root-owned
.pytest_cache/__pycache__(the bind mount runs as root); remove withsudo rm -rf …, or prevent it with-e PYTHONDONTWRITEBYTECODE=1andpytest -p no:cacheprovider." (Note:.gitignorealone does not solve the sudo-only deletion;--user $(id -u):$(id -g)would breakpip installinto the image's root-owned site-packages.)Acceptance criteria
Affected files
modules/16-containers-and-reproducible-environments/README.mdReferences
Source finding F56 (realVotes 3/3).
Filed from an adversarial multi-agent course review (217 raw findings → 54 adversarially-verified survivors). Scoped for manual review; intentionally not auto-assigned to an agent.