Description
This spec contains an example on "Representing Changes" in an image layer (https://github.com/opencontainers/image-spec/blob/main/layer.md#representing-changes):
./etc/my-app.d/ ./etc/my-app.d/default.cfg ./bin/my-app-tools ./etc/.wh.my-app-config
which suggested to me that a changeset does not need to include parent directories (/etc/ in this example).
Furthermore, I assumed that the parent directories would then need to be present in parent layers under which the files would then be visible in the union filesystem.
I created a layer that omits parent directories and it turns out, that the result is not as expected (tested with Docker).
The missing parent directories are automatically created with default permissions. The directories in parent layers are shadowed which is problematic if they have different permissions.
I think my assumptions about omitting directories in a layer tar are incorrect. Can you confirm this?
Or should it be supported and there is an implementation bug in the container runtime?
Either way, imho the example should be adapted or the expected behavior should be documented.