From 2ab81b26cd3f17ce1afad6d49c26bff6dde9e603 Mon Sep 17 00:00:00 2001
From: Younes Manton <ymanton@ca.ibm.com>
Date: Thu, 1 Oct 2020 18:15:07 -0400
Subject: [PATCH] Work around mysterious SCC file permissions bug

For some reason the SCC in the OpenJ9 image is not
accessible to users in the root group on some systems.

Signed-off-by: Younes Manton <ymanton@ca.ibm.com>
---
 releases/latest/kernel/helpers/build/populate_scc.sh | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/releases/latest/kernel/helpers/build/populate_scc.sh b/releases/latest/kernel/helpers/build/populate_scc.sh
index 640427ce..ece87279 100755
--- a/releases/latest/kernel/helpers/build/populate_scc.sh
+++ b/releases/latest/kernel/helpers/build/populate_scc.sh
@@ -76,6 +76,14 @@ done
 if [[ $EUID -eq 0 ]] && [[ -d /opt/java/.scc ]]
 then
   chmod g+rwx /opt/java/.scc
+  # Despite the OpenJ9 SCC being owned by root:root, on some systems the file is still
+  # not accessible to users in the root group for as-yet unknown reasons.
+  # The following workaround 'fixes' the problem, even though it appears to be a no-op.
+  # Note that modifying the file will cause it to be duplicated to this Docker layer,
+  # which prevents the SCC from being shared by processes running in other containers
+  # based on the same OpenJ9 image.
+  # This workaround should be removed if/when the root cause of the problem is found.
+  chown root:root /opt/java/.scc/*_openj9_system_scc_*
 fi
 
 OLD_UMASK=`umask`