Ensure sudo works in cross-arch Docker image builds

[axelfontaine]

Setup

Run a cross-arch Docker image build with a Dockerfile containing a USER directive and sudo:

FROM alpine:latest

RUN apk add --no-cache sudo && \
    adduser -D appuser && \
    echo "appuser ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers

USER appuser

CMD ["sudo", "whoami"]

using the following command:

docker build --platform linux/arm64 -t sudo-test . && docker run --platform linux/arm64 --rm sudo-test

Before

It fails with:

sudo: effective uid is not 0, is /usr/bin/sudo on a file system with the 'nosuid' option set or an NFS file system without root privileges?

After

It succeeds as expected and prints:

root

[Copilot]

Pull request overview

Note

Copilot was unable to run its full agentic suite in this review.

Adds a workaround so sudo works during cross-platform Docker image builds by adjusting the host’s binfmt/qemu configuration.

Changes:

• Introduces a migration script to patch qemu-*-static.conf and restart systemd-binfmt.
• Adds the same sed patch to the Docker install/config script.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 4 comments.

File	Description
migrations/1780929365.sh	New migration to update binfmt qemu config and restart systemd-binfmt.
install/config/docker.sh	Applies the same binfmt config edit during Docker configuration.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.