diff --git a/contrib/builder/deb/debian-jessie/Dockerfile b/contrib/builder/deb/debian-jessie/Dockerfile index 5ce398965a..e92b213ed8 100644 --- a/contrib/builder/deb/debian-jessie/Dockerfile +++ b/contrib/builder/deb/debian-jessie/Dockerfile @@ -4,30 +4,7 @@ FROM debian:jessie -RUN apt-get update && apt-get install -y apparmor bash-completion btrfs-tools build-essential curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev libsqlite3-dev libseccomp-dev libsystemd-journal-dev --no-install-recommends && rm -rf /var/lib/apt/lists/* - -ENV SECCOMP_VERSION v2.2.3 -RUN buildDeps=' \ -automake \ -libtool \ -' \ -&& set -x \ -&& apt-get update && apt-get install -y $buildDeps --no-install-recommends \ -&& rm -rf /var/lib/apt/lists/* \ -&& export SECCOMP_PATH=$(mktemp -d) \ -&& git clone -b "$SECCOMP_VERSION" --depth 1 https://github.com/seccomp/libseccomp.git "$SECCOMP_PATH" \ -&& ( \ -cd "$SECCOMP_PATH" \ -&& ./autogen.sh \ -&& ./configure --prefix=/usr \ -&& make \ -&& install -c src/.libs/libseccomp.a /usr/lib/libseccomp.a \ -&& chmod 644 /usr/lib/libseccomp.a \ -&& ranlib /usr/lib/libseccomp.a \ -&& ldconfig -n /usr/lib \ -) \ -&& rm -rf "$SECCOMP_PATH" \ -&& apt-get purge -y --auto-remove $buildDeps +RUN apt-get update && apt-get install -y apparmor bash-completion btrfs-tools build-essential curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev libsqlite3-dev libsystemd-journal-dev --no-install-recommends && rm -rf /var/lib/apt/lists/* ENV GO_VERSION 1.5.2 RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local @@ -35,4 +12,4 @@ ENV PATH $PATH:/usr/local/go/bin ENV AUTO_GOPATH 1 -ENV DOCKER_BUILDTAGS apparmor seccomp selinux +ENV DOCKER_BUILDTAGS apparmor selinux diff --git a/contrib/builder/deb/generate.sh b/contrib/builder/deb/generate.sh index f9c4f21950..2f18104771 100755 --- a/contrib/builder/deb/generate.sh +++ b/contrib/builder/deb/generate.sh @@ -68,8 +68,9 @@ for version in "${versions[@]}"; do esac # debian wheezy & ubuntu precise do not have the right libseccomp libs + # debian jessie & ubuntu trusty have a libseccomp < 2.2.1 :( case "$suite" in - precise|wheezy) + precise|wheezy|jessie|trusty) packages=( "${packages[@]/libseccomp-dev}" ) ;; *) @@ -104,41 +105,6 @@ for version in "${versions[@]}"; do echo >> "$version/Dockerfile" - # debian jessie & ubuntu trusty do not have a libseccomp.a for compiling static dockerinit - # ONLY install libseccomp.a from source, this can be removed once dockerinit is removed - # TODO remove this manual seccomp compilation once dockerinit is gone or no longer needs to be statically compiled - case "$suite" in - jessie|trusty) - awk '$1 == "ENV" && $2 == "SECCOMP_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile" - cat <<-'EOF' >> "$version/Dockerfile" - RUN buildDeps=' \ - automake \ - libtool \ - ' \ - && set -x \ - && apt-get update && apt-get install -y $buildDeps --no-install-recommends \ - && rm -rf /var/lib/apt/lists/* \ - && export SECCOMP_PATH=$(mktemp -d) \ - && git clone -b "$SECCOMP_VERSION" --depth 1 https://github.com/seccomp/libseccomp.git "$SECCOMP_PATH" \ - && ( \ - cd "$SECCOMP_PATH" \ - && ./autogen.sh \ - && ./configure --prefix=/usr \ - && make \ - && install -c src/.libs/libseccomp.a /usr/lib/libseccomp.a \ - && chmod 644 /usr/lib/libseccomp.a \ - && ranlib /usr/lib/libseccomp.a \ - && ldconfig -n /usr/lib \ - ) \ - && rm -rf "$SECCOMP_PATH" \ - && apt-get purge -y --auto-remove $buildDeps - EOF - - echo >> "$version/Dockerfile" - ;; - *) ;; - esac - awk '$1 == "ENV" && $2 == "GO_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile" echo 'RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local' >> "$version/Dockerfile" echo 'ENV PATH $PATH:/usr/local/go/bin' >> "$version/Dockerfile" diff --git a/contrib/builder/deb/ubuntu-trusty/Dockerfile b/contrib/builder/deb/ubuntu-trusty/Dockerfile index ae6ef44e96..61aaa2f69c 100644 --- a/contrib/builder/deb/ubuntu-trusty/Dockerfile +++ b/contrib/builder/deb/ubuntu-trusty/Dockerfile @@ -4,30 +4,7 @@ FROM ubuntu:trusty -RUN apt-get update && apt-get install -y apparmor bash-completion btrfs-tools build-essential curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev libsqlite3-dev libseccomp-dev libsystemd-journal-dev --no-install-recommends && rm -rf /var/lib/apt/lists/* - -ENV SECCOMP_VERSION v2.2.3 -RUN buildDeps=' \ -automake \ -libtool \ -' \ -&& set -x \ -&& apt-get update && apt-get install -y $buildDeps --no-install-recommends \ -&& rm -rf /var/lib/apt/lists/* \ -&& export SECCOMP_PATH=$(mktemp -d) \ -&& git clone -b "$SECCOMP_VERSION" --depth 1 https://github.com/seccomp/libseccomp.git "$SECCOMP_PATH" \ -&& ( \ -cd "$SECCOMP_PATH" \ -&& ./autogen.sh \ -&& ./configure --prefix=/usr \ -&& make \ -&& install -c src/.libs/libseccomp.a /usr/lib/libseccomp.a \ -&& chmod 644 /usr/lib/libseccomp.a \ -&& ranlib /usr/lib/libseccomp.a \ -&& ldconfig -n /usr/lib \ -) \ -&& rm -rf "$SECCOMP_PATH" \ -&& apt-get purge -y --auto-remove $buildDeps +RUN apt-get update && apt-get install -y apparmor bash-completion btrfs-tools build-essential curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev libsqlite3-dev libsystemd-journal-dev --no-install-recommends && rm -rf /var/lib/apt/lists/* ENV GO_VERSION 1.5.2 RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local @@ -35,4 +12,4 @@ ENV PATH $PATH:/usr/local/go/bin ENV AUTO_GOPATH 1 -ENV DOCKER_BUILDTAGS apparmor seccomp selinux +ENV DOCKER_BUILDTAGS apparmor selinux diff --git a/contrib/builder/rpm/centos-7/Dockerfile b/contrib/builder/rpm/centos-7/Dockerfile index 0a1fdde401..0679ea25c8 100644 --- a/contrib/builder/rpm/centos-7/Dockerfile +++ b/contrib/builder/rpm/centos-7/Dockerfile @@ -6,28 +6,7 @@ FROM centos:7 RUN yum groupinstall -y "Development Tools" RUN yum -y swap -- remove systemd-container systemd-container-libs -- install systemd systemd-libs -RUN yum install -y btrfs-progs-devel device-mapper-devel glibc-static libseccomp-devel libselinux-devel libtool-ltdl-devel selinux-policy selinux-policy-devel sqlite-devel tar - -ENV SECCOMP_VERSION v2.2.3 -RUN buildDeps=' \ -automake \ -libtool \ -' \ -&& set -x \ -&& yum install -y $buildDeps \ -&& export SECCOMP_PATH=$(mktemp -d) \ -&& git clone -b "$SECCOMP_VERSION" --depth 1 https://github.com/seccomp/libseccomp.git "$SECCOMP_PATH" \ -&& ( \ -cd "$SECCOMP_PATH" \ -&& ./autogen.sh \ -&& ./configure --prefix=/usr \ -&& make \ -&& install -c src/.libs/libseccomp.a /usr/lib/libseccomp.a \ -&& chmod 644 /usr/lib/libseccomp.a \ -&& ranlib /usr/lib/libseccomp.a \ -&& ldconfig -n /usr/lib \ -) \ -&& rm -rf "$SECCOMP_PATH" +RUN yum install -y btrfs-progs-devel device-mapper-devel glibc-static libselinux-devel libtool-ltdl-devel selinux-policy selinux-policy-devel sqlite-devel tar ENV GO_VERSION 1.5.2 RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local @@ -35,4 +14,4 @@ ENV PATH $PATH:/usr/local/go/bin ENV AUTO_GOPATH 1 -ENV DOCKER_BUILDTAGS seccomp selinux +ENV DOCKER_BUILDTAGS selinux diff --git a/contrib/builder/rpm/generate.sh b/contrib/builder/rpm/generate.sh index cd36b914a3..b6d7287cef 100755 --- a/contrib/builder/rpm/generate.sh +++ b/contrib/builder/rpm/generate.sh @@ -84,8 +84,9 @@ for version in "${versions[@]}"; do esac # opensuse & oraclelinx:6 do not have the right libseccomp libs + # centos:7 and oraclelinux:7 have a libseccomp < 2.2.1 :( case "$from" in - opensuse:*|oraclelinux:6) + opensuse:*|oraclelinux:*|centos:7) packages=( "${packages[@]/libseccomp-devel}" ) ;; *) @@ -106,12 +107,11 @@ for version in "${versions[@]}"; do echo >> "$version/Dockerfile" - # centos, fedora, & oraclelinux:7 do not have a libseccomp.a for compiling static dockerinit + # fedora does not have a libseccomp.a for compiling static dockerinit # ONLY install libseccomp.a from source, this can be removed once dockerinit is removed # TODO remove this manual seccomp compilation once dockerinit is gone or no longer needs to be statically compiled case "$from" in - opensuse:*|oraclelinux:6) ;; - *) + fedora:*) awk '$1 == "ENV" && $2 == "SECCOMP_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile" cat <<-'EOF' >> "$version/Dockerfile" RUN buildDeps=' \ @@ -137,6 +137,7 @@ for version in "${versions[@]}"; do echo >> "$version/Dockerfile" ;; + *) ;; esac awk '$1 == "ENV" && $2 == "GO_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile" diff --git a/contrib/builder/rpm/oraclelinux-7/Dockerfile b/contrib/builder/rpm/oraclelinux-7/Dockerfile index 3d6a6b3718..7a129a7f61 100644 --- a/contrib/builder/rpm/oraclelinux-7/Dockerfile +++ b/contrib/builder/rpm/oraclelinux-7/Dockerfile @@ -5,28 +5,7 @@ FROM oraclelinux:7 RUN yum groupinstall -y "Development Tools" -RUN yum install -y --enablerepo=ol7_optional_latest btrfs-progs-devel device-mapper-devel glibc-static libseccomp-devel libselinux-devel libtool-ltdl-devel selinux-policy selinux-policy-devel sqlite-devel tar - -ENV SECCOMP_VERSION v2.2.3 -RUN buildDeps=' \ -automake \ -libtool \ -' \ -&& set -x \ -&& yum install -y $buildDeps \ -&& export SECCOMP_PATH=$(mktemp -d) \ -&& git clone -b "$SECCOMP_VERSION" --depth 1 https://github.com/seccomp/libseccomp.git "$SECCOMP_PATH" \ -&& ( \ -cd "$SECCOMP_PATH" \ -&& ./autogen.sh \ -&& ./configure --prefix=/usr \ -&& make \ -&& install -c src/.libs/libseccomp.a /usr/lib/libseccomp.a \ -&& chmod 644 /usr/lib/libseccomp.a \ -&& ranlib /usr/lib/libseccomp.a \ -&& ldconfig -n /usr/lib \ -) \ -&& rm -rf "$SECCOMP_PATH" +RUN yum install -y --enablerepo=ol7_optional_latest btrfs-progs-devel device-mapper-devel glibc-static libselinux-devel libtool-ltdl-devel selinux-policy selinux-policy-devel sqlite-devel tar ENV GO_VERSION 1.5.2 RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local @@ -34,4 +13,4 @@ ENV PATH $PATH:/usr/local/go/bin ENV AUTO_GOPATH 1 -ENV DOCKER_BUILDTAGS seccomp selinux +ENV DOCKER_BUILDTAGS selinux