diff --git a/Dockerfile b/Dockerfile index 41e9f865d626b72bc76b2a608b68f1655871dc45..e60450e615f3232ac0454c989d5da27a73cb92ea 100644 --- a/Dockerfile +++ b/Dockerfile @@ -202,7 +202,7 @@ RUN useradd --create-home --gid docker unprivilegeduser VOLUME /var/lib/docker WORKDIR /go/src/github.com/docker/docker -ENV DOCKER_BUILDTAGS apparmor pkcs11 seccomp selinux +ENV DOCKER_BUILDTAGS apparmor seccomp selinux # Let us use a .bashrc file RUN ln -sfv $PWD/.bashrc ~/.bashrc diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64 index 5f25b4155dbf39384687a268257a7faf38df1460..2ab6b10a9d8a0fe0cd568ae5b757797e8a7d30f9 100644 --- a/Dockerfile.aarch64 +++ b/Dockerfile.aarch64 @@ -151,7 +151,7 @@ RUN useradd --create-home --gid docker unprivilegeduser VOLUME /var/lib/docker WORKDIR /go/src/github.com/docker/docker -ENV DOCKER_BUILDTAGS apparmor pkcs11 seccomp selinux +ENV DOCKER_BUILDTAGS apparmor seccomp selinux # Let us use a .bashrc file RUN ln -sfv $PWD/.bashrc ~/.bashrc diff --git a/Dockerfile.armhf b/Dockerfile.armhf index 257edfa53fec7c508e3601f1c61891f8461dafcc..9fedf1ee9a3283c52e67ff80528d6e0c9c920ac1 100644 --- a/Dockerfile.armhf +++ b/Dockerfile.armhf @@ -153,7 +153,7 @@ RUN useradd --create-home --gid docker unprivilegeduser VOLUME /var/lib/docker WORKDIR /go/src/github.com/docker/docker -ENV DOCKER_BUILDTAGS apparmor pkcs11 seccomp selinux +ENV DOCKER_BUILDTAGS apparmor seccomp selinux # Let us use a .bashrc file RUN ln -sfv $PWD/.bashrc ~/.bashrc diff --git a/Dockerfile.ppc64le b/Dockerfile.ppc64le index defd48affcbc1db35427218e7c0bfd0acc967435..ee3eb2ed9325e678bf2a9ab143fd984ad797b4f9 100644 --- a/Dockerfile.ppc64le +++ b/Dockerfile.ppc64le @@ -154,7 +154,7 @@ RUN useradd --create-home --gid docker unprivilegeduser VOLUME /var/lib/docker WORKDIR /go/src/github.com/docker/docker -ENV DOCKER_BUILDTAGS apparmor pkcs11 selinux +ENV DOCKER_BUILDTAGS apparmor selinux # Let us use a .bashrc file RUN ln -sfv $PWD/.bashrc ~/.bashrc diff --git a/Dockerfile.s390x b/Dockerfile.s390x index 941ab2cdaee12de127ca43f141c6a2ef85985aa9..9f8f12c184ef88eb8ac018857168d7a2dbdafb40 100644 --- a/Dockerfile.s390x +++ b/Dockerfile.s390x @@ -133,7 +133,7 @@ RUN useradd --create-home --gid docker unprivilegeduser VOLUME /var/lib/docker WORKDIR /go/src/github.com/docker/docker -ENV DOCKER_BUILDTAGS apparmor pkcs11 selinux +ENV DOCKER_BUILDTAGS apparmor selinux # Let us use a .bashrc file RUN ln -sfv $PWD/.bashrc ~/.bashrc diff --git a/hack/make.sh b/hack/make.sh index 2a93c962d4491a021c91ae3f0c64d45b496e2f7f..2eeb0c84f5a1ee505a4b2ee3aa9553953d408efc 100755 --- a/hack/make.sh +++ b/hack/make.sh @@ -113,7 +113,7 @@ fi if [ "$DOCKER_EXPERIMENTAL" ]; then echo >&2 '# WARNING! DOCKER_EXPERIMENTAL is set: building experimental features' echo >&2 - DOCKER_BUILDTAGS+=" experimental" + DOCKER_BUILDTAGS+=" experimental pkcs11" fi if [ -z "$DOCKER_CLIENTONLY" ]; then diff --git a/hack/make/.build-deb/rules b/hack/make/.build-deb/rules index 4436330282784692678cd77916e38b5e5f8c7d31..9eca1b4c92e413e6fd1312823c2dd3ea1481bd38 100755 --- a/hack/make/.build-deb/rules +++ b/hack/make/.build-deb/rules @@ -5,8 +5,8 @@ VERSION = $(shell cat VERSION) override_dh_gencontrol: # if we're on Ubuntu, we need to Recommends: apparmor echo 'apparmor:Recommends=$(shell dpkg-vendor --is Ubuntu && echo apparmor)' >> debian/docker-engine.substvars - # recommend yubico-piv-tool since we include pkcs11 by default - echo 'yubico:Recommends=yubico-piv-tool (>= 1.1.0~)' >> debian/docker-engine.substvars + # if we are building experimental we recommend yubico-piv-tool + echo 'yubico:Recommends=$(shell [ "$DOCKER_EXPERIMENTAL" ] && echo "yubico-piv-tool (>= 1.1.0~)")' >> debian/docker-engine.substvars dh_gencontrol override_dh_auto_build: diff --git a/hack/make/.build-rpm/docker-engine.spec b/hack/make/.build-rpm/docker-engine.spec index d1fd934313104c64931991f9440d026b3f07e0d2..ac51af16e322bc66d72d8c0594ba60b9eaf0a047 100644 --- a/hack/make/.build-rpm/docker-engine.spec +++ b/hack/make/.build-rpm/docker-engine.spec @@ -60,10 +60,12 @@ Requires: device-mapper >= 1.02.90-2 %global with_selinux 1 %endif -# yubico-piv-tool recommends +%if 0%{?_experimental} +# yubico-piv-tool conditional %if 0%{?fedora} >= 20 || 0%{?centos} >= 7 || 0%{?rhel} >= 7 Requires: yubico-piv-tool >= 1.1.0 %endif +%endif # start if with_selinux %if 0%{?with_selinux} diff --git a/hack/make/binary b/hack/make/binary index 378af761bef6e1fda24d8a7d064d899ea31d1c1b..407947da59de1f3de7543be050fcebc9b9eb91de 100644 --- a/hack/make/binary +++ b/hack/make/binary @@ -36,7 +36,7 @@ if [ "$(go env GOOS)" == "linux" ] ; then esac fi -if [ "$IAMSTATIC" == "true" ] && [ "$(go env GOHOSTOS)" == "linux" ]; then +if [ "$IAMSTATIC" == "true" ] && [ "$(go env GOHOSTOS)" == "linux" ] && [ "$DOCKER_EXPERIMENTAL" ]; then if [ "${GOOS}/${GOARCH}" == "darwin/amd64" ]; then export CGO_ENABLED=1 export CC=o64-clang diff --git a/project/PACKAGERS.md b/project/PACKAGERS.md index 75b299cac85ec806d0d5dd81c9b1cd4cc276352a..b3f60472fd4998831debd456428db7d0c3715b2f 100644 --- a/project/PACKAGERS.md +++ b/project/PACKAGERS.md @@ -60,7 +60,7 @@ To build the Docker daemon, you will additionally need: * btrfs-progs version 3.16.1 or later (unless using an older version is absolutely necessary, in which case 3.8 is the minimum) * libseccomp version 2.2.1 or later (for build tag seccomp) -* yubico-piv-tool version 1.1.0 or later +* yubico-piv-tool version 1.1.0 or later (for experimental) Be sure to also check out Docker's Dockerfile for the most up-to-date list of these build-time dependencies.