mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
fix libseccomp where version < 2.2.1
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
This commit is contained in:
parent
78ce43bad8
commit
ae54e39c80
6 changed files with 15 additions and 136 deletions
|
@ -4,30 +4,7 @@
|
|||
|
||||
FROM debian:jessie
|
||||
|
||||
RUN apt-get update && apt-get install -y apparmor bash-completion btrfs-tools build-essential curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev libsqlite3-dev libseccomp-dev libsystemd-journal-dev --no-install-recommends && rm -rf /var/lib/apt/lists/*
|
||||
|
||||
ENV SECCOMP_VERSION v2.2.3
|
||||
RUN buildDeps=' \
|
||||
automake \
|
||||
libtool \
|
||||
' \
|
||||
&& set -x \
|
||||
&& apt-get update && apt-get install -y $buildDeps --no-install-recommends \
|
||||
&& rm -rf /var/lib/apt/lists/* \
|
||||
&& export SECCOMP_PATH=$(mktemp -d) \
|
||||
&& git clone -b "$SECCOMP_VERSION" --depth 1 https://github.com/seccomp/libseccomp.git "$SECCOMP_PATH" \
|
||||
&& ( \
|
||||
cd "$SECCOMP_PATH" \
|
||||
&& ./autogen.sh \
|
||||
&& ./configure --prefix=/usr \
|
||||
&& make \
|
||||
&& install -c src/.libs/libseccomp.a /usr/lib/libseccomp.a \
|
||||
&& chmod 644 /usr/lib/libseccomp.a \
|
||||
&& ranlib /usr/lib/libseccomp.a \
|
||||
&& ldconfig -n /usr/lib \
|
||||
) \
|
||||
&& rm -rf "$SECCOMP_PATH" \
|
||||
&& apt-get purge -y --auto-remove $buildDeps
|
||||
RUN apt-get update && apt-get install -y apparmor bash-completion btrfs-tools build-essential curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev libsqlite3-dev libsystemd-journal-dev --no-install-recommends && rm -rf /var/lib/apt/lists/*
|
||||
|
||||
ENV GO_VERSION 1.5.2
|
||||
RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
|
||||
|
@ -35,4 +12,4 @@ ENV PATH $PATH:/usr/local/go/bin
|
|||
|
||||
ENV AUTO_GOPATH 1
|
||||
|
||||
ENV DOCKER_BUILDTAGS apparmor seccomp selinux
|
||||
ENV DOCKER_BUILDTAGS apparmor selinux
|
||||
|
|
|
@ -68,8 +68,9 @@ for version in "${versions[@]}"; do
|
|||
esac
|
||||
|
||||
# debian wheezy & ubuntu precise do not have the right libseccomp libs
|
||||
# debian jessie & ubuntu trusty have a libseccomp < 2.2.1 :(
|
||||
case "$suite" in
|
||||
precise|wheezy)
|
||||
precise|wheezy|jessie|trusty)
|
||||
packages=( "${packages[@]/libseccomp-dev}" )
|
||||
;;
|
||||
*)
|
||||
|
@ -104,41 +105,6 @@ for version in "${versions[@]}"; do
|
|||
|
||||
echo >> "$version/Dockerfile"
|
||||
|
||||
# debian jessie & ubuntu trusty do not have a libseccomp.a for compiling static dockerinit
|
||||
# ONLY install libseccomp.a from source, this can be removed once dockerinit is removed
|
||||
# TODO remove this manual seccomp compilation once dockerinit is gone or no longer needs to be statically compiled
|
||||
case "$suite" in
|
||||
jessie|trusty)
|
||||
awk '$1 == "ENV" && $2 == "SECCOMP_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile"
|
||||
cat <<-'EOF' >> "$version/Dockerfile"
|
||||
RUN buildDeps=' \
|
||||
automake \
|
||||
libtool \
|
||||
' \
|
||||
&& set -x \
|
||||
&& apt-get update && apt-get install -y $buildDeps --no-install-recommends \
|
||||
&& rm -rf /var/lib/apt/lists/* \
|
||||
&& export SECCOMP_PATH=$(mktemp -d) \
|
||||
&& git clone -b "$SECCOMP_VERSION" --depth 1 https://github.com/seccomp/libseccomp.git "$SECCOMP_PATH" \
|
||||
&& ( \
|
||||
cd "$SECCOMP_PATH" \
|
||||
&& ./autogen.sh \
|
||||
&& ./configure --prefix=/usr \
|
||||
&& make \
|
||||
&& install -c src/.libs/libseccomp.a /usr/lib/libseccomp.a \
|
||||
&& chmod 644 /usr/lib/libseccomp.a \
|
||||
&& ranlib /usr/lib/libseccomp.a \
|
||||
&& ldconfig -n /usr/lib \
|
||||
) \
|
||||
&& rm -rf "$SECCOMP_PATH" \
|
||||
&& apt-get purge -y --auto-remove $buildDeps
|
||||
EOF
|
||||
|
||||
echo >> "$version/Dockerfile"
|
||||
;;
|
||||
*) ;;
|
||||
esac
|
||||
|
||||
awk '$1 == "ENV" && $2 == "GO_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile"
|
||||
echo 'RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local' >> "$version/Dockerfile"
|
||||
echo 'ENV PATH $PATH:/usr/local/go/bin' >> "$version/Dockerfile"
|
||||
|
|
|
@ -4,30 +4,7 @@
|
|||
|
||||
FROM ubuntu:trusty
|
||||
|
||||
RUN apt-get update && apt-get install -y apparmor bash-completion btrfs-tools build-essential curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev libsqlite3-dev libseccomp-dev libsystemd-journal-dev --no-install-recommends && rm -rf /var/lib/apt/lists/*
|
||||
|
||||
ENV SECCOMP_VERSION v2.2.3
|
||||
RUN buildDeps=' \
|
||||
automake \
|
||||
libtool \
|
||||
' \
|
||||
&& set -x \
|
||||
&& apt-get update && apt-get install -y $buildDeps --no-install-recommends \
|
||||
&& rm -rf /var/lib/apt/lists/* \
|
||||
&& export SECCOMP_PATH=$(mktemp -d) \
|
||||
&& git clone -b "$SECCOMP_VERSION" --depth 1 https://github.com/seccomp/libseccomp.git "$SECCOMP_PATH" \
|
||||
&& ( \
|
||||
cd "$SECCOMP_PATH" \
|
||||
&& ./autogen.sh \
|
||||
&& ./configure --prefix=/usr \
|
||||
&& make \
|
||||
&& install -c src/.libs/libseccomp.a /usr/lib/libseccomp.a \
|
||||
&& chmod 644 /usr/lib/libseccomp.a \
|
||||
&& ranlib /usr/lib/libseccomp.a \
|
||||
&& ldconfig -n /usr/lib \
|
||||
) \
|
||||
&& rm -rf "$SECCOMP_PATH" \
|
||||
&& apt-get purge -y --auto-remove $buildDeps
|
||||
RUN apt-get update && apt-get install -y apparmor bash-completion btrfs-tools build-essential curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev libsqlite3-dev libsystemd-journal-dev --no-install-recommends && rm -rf /var/lib/apt/lists/*
|
||||
|
||||
ENV GO_VERSION 1.5.2
|
||||
RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
|
||||
|
@ -35,4 +12,4 @@ ENV PATH $PATH:/usr/local/go/bin
|
|||
|
||||
ENV AUTO_GOPATH 1
|
||||
|
||||
ENV DOCKER_BUILDTAGS apparmor seccomp selinux
|
||||
ENV DOCKER_BUILDTAGS apparmor selinux
|
||||
|
|
|
@ -6,28 +6,7 @@ FROM centos:7
|
|||
|
||||
RUN yum groupinstall -y "Development Tools"
|
||||
RUN yum -y swap -- remove systemd-container systemd-container-libs -- install systemd systemd-libs
|
||||
RUN yum install -y btrfs-progs-devel device-mapper-devel glibc-static libseccomp-devel libselinux-devel libtool-ltdl-devel selinux-policy selinux-policy-devel sqlite-devel tar
|
||||
|
||||
ENV SECCOMP_VERSION v2.2.3
|
||||
RUN buildDeps=' \
|
||||
automake \
|
||||
libtool \
|
||||
' \
|
||||
&& set -x \
|
||||
&& yum install -y $buildDeps \
|
||||
&& export SECCOMP_PATH=$(mktemp -d) \
|
||||
&& git clone -b "$SECCOMP_VERSION" --depth 1 https://github.com/seccomp/libseccomp.git "$SECCOMP_PATH" \
|
||||
&& ( \
|
||||
cd "$SECCOMP_PATH" \
|
||||
&& ./autogen.sh \
|
||||
&& ./configure --prefix=/usr \
|
||||
&& make \
|
||||
&& install -c src/.libs/libseccomp.a /usr/lib/libseccomp.a \
|
||||
&& chmod 644 /usr/lib/libseccomp.a \
|
||||
&& ranlib /usr/lib/libseccomp.a \
|
||||
&& ldconfig -n /usr/lib \
|
||||
) \
|
||||
&& rm -rf "$SECCOMP_PATH"
|
||||
RUN yum install -y btrfs-progs-devel device-mapper-devel glibc-static libselinux-devel libtool-ltdl-devel selinux-policy selinux-policy-devel sqlite-devel tar
|
||||
|
||||
ENV GO_VERSION 1.5.2
|
||||
RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
|
||||
|
@ -35,4 +14,4 @@ ENV PATH $PATH:/usr/local/go/bin
|
|||
|
||||
ENV AUTO_GOPATH 1
|
||||
|
||||
ENV DOCKER_BUILDTAGS seccomp selinux
|
||||
ENV DOCKER_BUILDTAGS selinux
|
||||
|
|
|
@ -84,8 +84,9 @@ for version in "${versions[@]}"; do
|
|||
esac
|
||||
|
||||
# opensuse & oraclelinx:6 do not have the right libseccomp libs
|
||||
# centos:7 and oraclelinux:7 have a libseccomp < 2.2.1 :(
|
||||
case "$from" in
|
||||
opensuse:*|oraclelinux:6)
|
||||
opensuse:*|oraclelinux:*|centos:7)
|
||||
packages=( "${packages[@]/libseccomp-devel}" )
|
||||
;;
|
||||
*)
|
||||
|
@ -106,12 +107,11 @@ for version in "${versions[@]}"; do
|
|||
|
||||
echo >> "$version/Dockerfile"
|
||||
|
||||
# centos, fedora, & oraclelinux:7 do not have a libseccomp.a for compiling static dockerinit
|
||||
# fedora does not have a libseccomp.a for compiling static dockerinit
|
||||
# ONLY install libseccomp.a from source, this can be removed once dockerinit is removed
|
||||
# TODO remove this manual seccomp compilation once dockerinit is gone or no longer needs to be statically compiled
|
||||
case "$from" in
|
||||
opensuse:*|oraclelinux:6) ;;
|
||||
*)
|
||||
fedora:*)
|
||||
awk '$1 == "ENV" && $2 == "SECCOMP_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile"
|
||||
cat <<-'EOF' >> "$version/Dockerfile"
|
||||
RUN buildDeps=' \
|
||||
|
@ -137,6 +137,7 @@ for version in "${versions[@]}"; do
|
|||
|
||||
echo >> "$version/Dockerfile"
|
||||
;;
|
||||
*) ;;
|
||||
esac
|
||||
|
||||
awk '$1 == "ENV" && $2 == "GO_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile"
|
||||
|
|
|
@ -5,28 +5,7 @@
|
|||
FROM oraclelinux:7
|
||||
|
||||
RUN yum groupinstall -y "Development Tools"
|
||||
RUN yum install -y --enablerepo=ol7_optional_latest btrfs-progs-devel device-mapper-devel glibc-static libseccomp-devel libselinux-devel libtool-ltdl-devel selinux-policy selinux-policy-devel sqlite-devel tar
|
||||
|
||||
ENV SECCOMP_VERSION v2.2.3
|
||||
RUN buildDeps=' \
|
||||
automake \
|
||||
libtool \
|
||||
' \
|
||||
&& set -x \
|
||||
&& yum install -y $buildDeps \
|
||||
&& export SECCOMP_PATH=$(mktemp -d) \
|
||||
&& git clone -b "$SECCOMP_VERSION" --depth 1 https://github.com/seccomp/libseccomp.git "$SECCOMP_PATH" \
|
||||
&& ( \
|
||||
cd "$SECCOMP_PATH" \
|
||||
&& ./autogen.sh \
|
||||
&& ./configure --prefix=/usr \
|
||||
&& make \
|
||||
&& install -c src/.libs/libseccomp.a /usr/lib/libseccomp.a \
|
||||
&& chmod 644 /usr/lib/libseccomp.a \
|
||||
&& ranlib /usr/lib/libseccomp.a \
|
||||
&& ldconfig -n /usr/lib \
|
||||
) \
|
||||
&& rm -rf "$SECCOMP_PATH"
|
||||
RUN yum install -y --enablerepo=ol7_optional_latest btrfs-progs-devel device-mapper-devel glibc-static libselinux-devel libtool-ltdl-devel selinux-policy selinux-policy-devel sqlite-devel tar
|
||||
|
||||
ENV GO_VERSION 1.5.2
|
||||
RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
|
||||
|
@ -34,4 +13,4 @@ ENV PATH $PATH:/usr/local/go/bin
|
|||
|
||||
ENV AUTO_GOPATH 1
|
||||
|
||||
ENV DOCKER_BUILDTAGS seccomp selinux
|
||||
ENV DOCKER_BUILDTAGS selinux
|
||||
|
|
Loading…
Reference in a new issue