sed not working in dockerfile but in container bash it does
I suspect there is something you are not seeing or that you did not explain/describe in your question. As is, I cannot reproduce your problem.
My MCVE, inspired by your current question to test:
FROM python:slim-busterRUN cp /etc/ssl/openssl.cnf /etc/ssl/openssl.cnf.ORI && \ sed -i "s/\(MinProtocol *= *\).*/\1TLSv1.0 /" "/etc/ssl/openssl.cnf" && \ sed -i "s/\(CipherString *= *\).*/\1DEFAULT@SECLEVEL=1 /" "/etc/ssl/openssl.cnf" && \ (diff -u /etc/ssl/openssl.cnf.ORI /etc/ssl/openssl.cnf || exit 0)
Note: I ignored diff exit status and force it to 0, as it will exit with status 1 when there is a difference between the files which would fail the build.
And the result:
$ docker build --no-cache -t test:test .Sending build context to Docker daemon 4.096kBStep 1/2 : FROM python:slim-buster ---> 3d8f801fc3dbStep 2/2 : RUN cp /etc/ssl/openssl.cnf /etc/ssl/openssl.cnf.ORI && sed -i "s/\(MinProtocol *= *\).*/\1TLSv1.0 /" "/etc/ssl/openssl.cnf" && sed -i "s/\(CipherString *= *\).*/\1DEFAULT@SECLEVEL=1 /" "/etc/ssl/openssl.cnf" && (diff -u /etc/ssl/openssl.cnf.ORI /etc/ssl/openssl.cnf || exit 0) ---> Running in 523ddc0f4025--- /etc/ssl/openssl.cnf.ORI 2020-01-09 16:21:44.667348574 +0000+++ /etc/ssl/openssl.cnf 2020-01-09 16:21:44.675348574 +0000@@ -358,5 +358,5 @@ system_default = system_default_sect [system_default_sect]-MinProtocol = TLSv1.2-CipherString = DEFAULT@SECLEVEL=2+MinProtocol = TLSv1.0 +CipherString = DEFAULT@SECLEVEL=1 Removing intermediate container 523ddc0f4025 ---> 88c28529ceb5Successfully built 88c28529ceb5Successfully tagged test:test
As you can see, diff
is showing the differences before/after running sed and the modifications you are expecting are there.
We can also make sure those modifications persist when starting a container from this image:
$ docker run -it --rm --name testcmd test:test bash -c "grep -A 2 '\[system_default_sect\]' /etc/ssl/openssl.cnf"[system_default_sect]MinProtocol = TLSv1.0 CipherString = DEFAULT@SECLEVEL=1