fix libseccomp where version < 2.2.1

Signed-off-by: Jessica Frazelle <acidburn@docker.com>
This commit is contained in:
Jessica Frazelle 2015-12-28 21:25:11 -08:00
parent 78ce43bad8
commit ae54e39c80
No known key found for this signature in database
GPG key ID: 18F3685C0022BFF3
6 changed files with 15 additions and 136 deletions

View file

@ -4,30 +4,7 @@
FROM debian:jessie FROM debian:jessie
RUN apt-get update && apt-get install -y apparmor bash-completion btrfs-tools build-essential curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev libsqlite3-dev libseccomp-dev libsystemd-journal-dev --no-install-recommends && rm -rf /var/lib/apt/lists/* RUN apt-get update && apt-get install -y apparmor bash-completion btrfs-tools build-essential curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev libsqlite3-dev libsystemd-journal-dev --no-install-recommends && rm -rf /var/lib/apt/lists/*
ENV SECCOMP_VERSION v2.2.3
RUN buildDeps=' \
automake \
libtool \
' \
&& set -x \
&& apt-get update && apt-get install -y $buildDeps --no-install-recommends \
&& rm -rf /var/lib/apt/lists/* \
&& export SECCOMP_PATH=$(mktemp -d) \
&& git clone -b "$SECCOMP_VERSION" --depth 1 https://github.com/seccomp/libseccomp.git "$SECCOMP_PATH" \
&& ( \
cd "$SECCOMP_PATH" \
&& ./autogen.sh \
&& ./configure --prefix=/usr \
&& make \
&& install -c src/.libs/libseccomp.a /usr/lib/libseccomp.a \
&& chmod 644 /usr/lib/libseccomp.a \
&& ranlib /usr/lib/libseccomp.a \
&& ldconfig -n /usr/lib \
) \
&& rm -rf "$SECCOMP_PATH" \
&& apt-get purge -y --auto-remove $buildDeps
ENV GO_VERSION 1.5.2 ENV GO_VERSION 1.5.2
RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
@ -35,4 +12,4 @@ ENV PATH $PATH:/usr/local/go/bin
ENV AUTO_GOPATH 1 ENV AUTO_GOPATH 1
ENV DOCKER_BUILDTAGS apparmor seccomp selinux ENV DOCKER_BUILDTAGS apparmor selinux

View file

@ -68,8 +68,9 @@ for version in "${versions[@]}"; do
esac esac
# debian wheezy & ubuntu precise do not have the right libseccomp libs # debian wheezy & ubuntu precise do not have the right libseccomp libs
# debian jessie & ubuntu trusty have a libseccomp < 2.2.1 :(
case "$suite" in case "$suite" in
precise|wheezy) precise|wheezy|jessie|trusty)
packages=( "${packages[@]/libseccomp-dev}" ) packages=( "${packages[@]/libseccomp-dev}" )
;; ;;
*) *)
@ -104,41 +105,6 @@ for version in "${versions[@]}"; do
echo >> "$version/Dockerfile" echo >> "$version/Dockerfile"
# debian jessie & ubuntu trusty do not have a libseccomp.a for compiling static dockerinit
# ONLY install libseccomp.a from source, this can be removed once dockerinit is removed
# TODO remove this manual seccomp compilation once dockerinit is gone or no longer needs to be statically compiled
case "$suite" in
jessie|trusty)
awk '$1 == "ENV" && $2 == "SECCOMP_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile"
cat <<-'EOF' >> "$version/Dockerfile"
RUN buildDeps=' \
automake \
libtool \
' \
&& set -x \
&& apt-get update && apt-get install -y $buildDeps --no-install-recommends \
&& rm -rf /var/lib/apt/lists/* \
&& export SECCOMP_PATH=$(mktemp -d) \
&& git clone -b "$SECCOMP_VERSION" --depth 1 https://github.com/seccomp/libseccomp.git "$SECCOMP_PATH" \
&& ( \
cd "$SECCOMP_PATH" \
&& ./autogen.sh \
&& ./configure --prefix=/usr \
&& make \
&& install -c src/.libs/libseccomp.a /usr/lib/libseccomp.a \
&& chmod 644 /usr/lib/libseccomp.a \
&& ranlib /usr/lib/libseccomp.a \
&& ldconfig -n /usr/lib \
) \
&& rm -rf "$SECCOMP_PATH" \
&& apt-get purge -y --auto-remove $buildDeps
EOF
echo >> "$version/Dockerfile"
;;
*) ;;
esac
awk '$1 == "ENV" && $2 == "GO_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile" awk '$1 == "ENV" && $2 == "GO_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile"
echo 'RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local' >> "$version/Dockerfile" echo 'RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local' >> "$version/Dockerfile"
echo 'ENV PATH $PATH:/usr/local/go/bin' >> "$version/Dockerfile" echo 'ENV PATH $PATH:/usr/local/go/bin' >> "$version/Dockerfile"

View file

@ -4,30 +4,7 @@
FROM ubuntu:trusty FROM ubuntu:trusty
RUN apt-get update && apt-get install -y apparmor bash-completion btrfs-tools build-essential curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev libsqlite3-dev libseccomp-dev libsystemd-journal-dev --no-install-recommends && rm -rf /var/lib/apt/lists/* RUN apt-get update && apt-get install -y apparmor bash-completion btrfs-tools build-essential curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev libsqlite3-dev libsystemd-journal-dev --no-install-recommends && rm -rf /var/lib/apt/lists/*
ENV SECCOMP_VERSION v2.2.3
RUN buildDeps=' \
automake \
libtool \
' \
&& set -x \
&& apt-get update && apt-get install -y $buildDeps --no-install-recommends \
&& rm -rf /var/lib/apt/lists/* \
&& export SECCOMP_PATH=$(mktemp -d) \
&& git clone -b "$SECCOMP_VERSION" --depth 1 https://github.com/seccomp/libseccomp.git "$SECCOMP_PATH" \
&& ( \
cd "$SECCOMP_PATH" \
&& ./autogen.sh \
&& ./configure --prefix=/usr \
&& make \
&& install -c src/.libs/libseccomp.a /usr/lib/libseccomp.a \
&& chmod 644 /usr/lib/libseccomp.a \
&& ranlib /usr/lib/libseccomp.a \
&& ldconfig -n /usr/lib \
) \
&& rm -rf "$SECCOMP_PATH" \
&& apt-get purge -y --auto-remove $buildDeps
ENV GO_VERSION 1.5.2 ENV GO_VERSION 1.5.2
RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
@ -35,4 +12,4 @@ ENV PATH $PATH:/usr/local/go/bin
ENV AUTO_GOPATH 1 ENV AUTO_GOPATH 1
ENV DOCKER_BUILDTAGS apparmor seccomp selinux ENV DOCKER_BUILDTAGS apparmor selinux

View file

@ -6,28 +6,7 @@ FROM centos:7
RUN yum groupinstall -y "Development Tools" RUN yum groupinstall -y "Development Tools"
RUN yum -y swap -- remove systemd-container systemd-container-libs -- install systemd systemd-libs RUN yum -y swap -- remove systemd-container systemd-container-libs -- install systemd systemd-libs
RUN yum install -y btrfs-progs-devel device-mapper-devel glibc-static libseccomp-devel libselinux-devel libtool-ltdl-devel selinux-policy selinux-policy-devel sqlite-devel tar RUN yum install -y btrfs-progs-devel device-mapper-devel glibc-static libselinux-devel libtool-ltdl-devel selinux-policy selinux-policy-devel sqlite-devel tar
ENV SECCOMP_VERSION v2.2.3
RUN buildDeps=' \
automake \
libtool \
' \
&& set -x \
&& yum install -y $buildDeps \
&& export SECCOMP_PATH=$(mktemp -d) \
&& git clone -b "$SECCOMP_VERSION" --depth 1 https://github.com/seccomp/libseccomp.git "$SECCOMP_PATH" \
&& ( \
cd "$SECCOMP_PATH" \
&& ./autogen.sh \
&& ./configure --prefix=/usr \
&& make \
&& install -c src/.libs/libseccomp.a /usr/lib/libseccomp.a \
&& chmod 644 /usr/lib/libseccomp.a \
&& ranlib /usr/lib/libseccomp.a \
&& ldconfig -n /usr/lib \
) \
&& rm -rf "$SECCOMP_PATH"
ENV GO_VERSION 1.5.2 ENV GO_VERSION 1.5.2
RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
@ -35,4 +14,4 @@ ENV PATH $PATH:/usr/local/go/bin
ENV AUTO_GOPATH 1 ENV AUTO_GOPATH 1
ENV DOCKER_BUILDTAGS seccomp selinux ENV DOCKER_BUILDTAGS selinux

View file

@ -84,8 +84,9 @@ for version in "${versions[@]}"; do
esac esac
# opensuse & oraclelinx:6 do not have the right libseccomp libs # opensuse & oraclelinx:6 do not have the right libseccomp libs
# centos:7 and oraclelinux:7 have a libseccomp < 2.2.1 :(
case "$from" in case "$from" in
opensuse:*|oraclelinux:6) opensuse:*|oraclelinux:*|centos:7)
packages=( "${packages[@]/libseccomp-devel}" ) packages=( "${packages[@]/libseccomp-devel}" )
;; ;;
*) *)
@ -106,12 +107,11 @@ for version in "${versions[@]}"; do
echo >> "$version/Dockerfile" echo >> "$version/Dockerfile"
# centos, fedora, & oraclelinux:7 do not have a libseccomp.a for compiling static dockerinit # fedora does not have a libseccomp.a for compiling static dockerinit
# ONLY install libseccomp.a from source, this can be removed once dockerinit is removed # ONLY install libseccomp.a from source, this can be removed once dockerinit is removed
# TODO remove this manual seccomp compilation once dockerinit is gone or no longer needs to be statically compiled # TODO remove this manual seccomp compilation once dockerinit is gone or no longer needs to be statically compiled
case "$from" in case "$from" in
opensuse:*|oraclelinux:6) ;; fedora:*)
*)
awk '$1 == "ENV" && $2 == "SECCOMP_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile" awk '$1 == "ENV" && $2 == "SECCOMP_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile"
cat <<-'EOF' >> "$version/Dockerfile" cat <<-'EOF' >> "$version/Dockerfile"
RUN buildDeps=' \ RUN buildDeps=' \
@ -137,6 +137,7 @@ for version in "${versions[@]}"; do
echo >> "$version/Dockerfile" echo >> "$version/Dockerfile"
;; ;;
*) ;;
esac esac
awk '$1 == "ENV" && $2 == "GO_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile" awk '$1 == "ENV" && $2 == "GO_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile"

View file

@ -5,28 +5,7 @@
FROM oraclelinux:7 FROM oraclelinux:7
RUN yum groupinstall -y "Development Tools" RUN yum groupinstall -y "Development Tools"
RUN yum install -y --enablerepo=ol7_optional_latest btrfs-progs-devel device-mapper-devel glibc-static libseccomp-devel libselinux-devel libtool-ltdl-devel selinux-policy selinux-policy-devel sqlite-devel tar RUN yum install -y --enablerepo=ol7_optional_latest btrfs-progs-devel device-mapper-devel glibc-static libselinux-devel libtool-ltdl-devel selinux-policy selinux-policy-devel sqlite-devel tar
ENV SECCOMP_VERSION v2.2.3
RUN buildDeps=' \
automake \
libtool \
' \
&& set -x \
&& yum install -y $buildDeps \
&& export SECCOMP_PATH=$(mktemp -d) \
&& git clone -b "$SECCOMP_VERSION" --depth 1 https://github.com/seccomp/libseccomp.git "$SECCOMP_PATH" \
&& ( \
cd "$SECCOMP_PATH" \
&& ./autogen.sh \
&& ./configure --prefix=/usr \
&& make \
&& install -c src/.libs/libseccomp.a /usr/lib/libseccomp.a \
&& chmod 644 /usr/lib/libseccomp.a \
&& ranlib /usr/lib/libseccomp.a \
&& ldconfig -n /usr/lib \
) \
&& rm -rf "$SECCOMP_PATH"
ENV GO_VERSION 1.5.2 ENV GO_VERSION 1.5.2
RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
@ -34,4 +13,4 @@ ENV PATH $PATH:/usr/local/go/bin
ENV AUTO_GOPATH 1 ENV AUTO_GOPATH 1
ENV DOCKER_BUILDTAGS seccomp selinux ENV DOCKER_BUILDTAGS selinux