kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity
moby--moby/hack/dockerfile/install/rootlesskit.installer
Akihiro Suda e20b7323fb rootless: harden slirp4netns with mount namespace and seccomp 
When slirp4netns v0.4.0+ is used, now slirp4netns is hardened using
mount namespace ("sandbox") and seccomp to mitigate potential
vulnerabilities.

bump up rootlesskit: 2fcff6ceae...791ac8cb20

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2019-09-02 14:58:58 +09:00

36 lines
926 B
Bash
Executable file
Raw Blame History

#!/bin/sh
# v0.7.0
ROOTLESSKIT_COMMIT=791ac8cb209a107505cd1ca5ddf23a49913e176c
install_rootlesskit() {
case "$1" in
"dynamic")
install_rootlesskit_dynamic
return
;;
"")
export CGO_ENABLED=0
_install_rootlesskit
;;
*)
echo 'Usage: $0 [dynamic]'
;;
esac
}
install_rootlesskit_dynamic() {
export ROOTLESSKIT_LDFLAGS="-linkmode=external" install_rootlesskit
export BUILD_MODE="-buildmode=pie"
_install_rootlesskit
}
_install_rootlesskit() {
echo "Install rootlesskit version $ROOTLESSKIT_COMMIT"
git clone https://github.com/rootless-containers/rootlesskit.git "$GOPATH/src/github.com/rootless-containers/rootlesskit"
cd "$GOPATH/src/github.com/rootless-containers/rootlesskit"
git checkout -q "$ROOTLESSKIT_COMMIT"
for f in rootlesskit rootlesskit-docker-proxy; do
go build $BUILD_MODE -ldflags="$ROOTLESSKIT_LDFLAGS" -o "${PREFIX}/$f" github.com/rootless-containers/rootlesskit/cmd/$f
done
}
View git blame Copy permalink