fix libseccomp where version < 2.2.1
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
This commit is contained in:
parent
78ce43bad8
commit
ae54e39c80
6 changed files with 15 additions and 136 deletions
|
@ -4,30 +4,7 @@
|
||||||
|
|
||||||
FROM debian:jessie
|
FROM debian:jessie
|
||||||
|
|
||||||
RUN apt-get update && apt-get install -y apparmor bash-completion btrfs-tools build-essential curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev libsqlite3-dev libseccomp-dev libsystemd-journal-dev --no-install-recommends && rm -rf /var/lib/apt/lists/*
|
RUN apt-get update && apt-get install -y apparmor bash-completion btrfs-tools build-essential curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev libsqlite3-dev libsystemd-journal-dev --no-install-recommends && rm -rf /var/lib/apt/lists/*
|
||||||
|
|
||||||
ENV SECCOMP_VERSION v2.2.3
|
|
||||||
RUN buildDeps=' \
|
|
||||||
automake \
|
|
||||||
libtool \
|
|
||||||
' \
|
|
||||||
&& set -x \
|
|
||||||
&& apt-get update && apt-get install -y $buildDeps --no-install-recommends \
|
|
||||||
&& rm -rf /var/lib/apt/lists/* \
|
|
||||||
&& export SECCOMP_PATH=$(mktemp -d) \
|
|
||||||
&& git clone -b "$SECCOMP_VERSION" --depth 1 https://github.com/seccomp/libseccomp.git "$SECCOMP_PATH" \
|
|
||||||
&& ( \
|
|
||||||
cd "$SECCOMP_PATH" \
|
|
||||||
&& ./autogen.sh \
|
|
||||||
&& ./configure --prefix=/usr \
|
|
||||||
&& make \
|
|
||||||
&& install -c src/.libs/libseccomp.a /usr/lib/libseccomp.a \
|
|
||||||
&& chmod 644 /usr/lib/libseccomp.a \
|
|
||||||
&& ranlib /usr/lib/libseccomp.a \
|
|
||||||
&& ldconfig -n /usr/lib \
|
|
||||||
) \
|
|
||||||
&& rm -rf "$SECCOMP_PATH" \
|
|
||||||
&& apt-get purge -y --auto-remove $buildDeps
|
|
||||||
|
|
||||||
ENV GO_VERSION 1.5.2
|
ENV GO_VERSION 1.5.2
|
||||||
RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
|
RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
|
||||||
|
@ -35,4 +12,4 @@ ENV PATH $PATH:/usr/local/go/bin
|
||||||
|
|
||||||
ENV AUTO_GOPATH 1
|
ENV AUTO_GOPATH 1
|
||||||
|
|
||||||
ENV DOCKER_BUILDTAGS apparmor seccomp selinux
|
ENV DOCKER_BUILDTAGS apparmor selinux
|
||||||
|
|
|
@ -68,8 +68,9 @@ for version in "${versions[@]}"; do
|
||||||
esac
|
esac
|
||||||
|
|
||||||
# debian wheezy & ubuntu precise do not have the right libseccomp libs
|
# debian wheezy & ubuntu precise do not have the right libseccomp libs
|
||||||
|
# debian jessie & ubuntu trusty have a libseccomp < 2.2.1 :(
|
||||||
case "$suite" in
|
case "$suite" in
|
||||||
precise|wheezy)
|
precise|wheezy|jessie|trusty)
|
||||||
packages=( "${packages[@]/libseccomp-dev}" )
|
packages=( "${packages[@]/libseccomp-dev}" )
|
||||||
;;
|
;;
|
||||||
*)
|
*)
|
||||||
|
@ -104,41 +105,6 @@ for version in "${versions[@]}"; do
|
||||||
|
|
||||||
echo >> "$version/Dockerfile"
|
echo >> "$version/Dockerfile"
|
||||||
|
|
||||||
# debian jessie & ubuntu trusty do not have a libseccomp.a for compiling static dockerinit
|
|
||||||
# ONLY install libseccomp.a from source, this can be removed once dockerinit is removed
|
|
||||||
# TODO remove this manual seccomp compilation once dockerinit is gone or no longer needs to be statically compiled
|
|
||||||
case "$suite" in
|
|
||||||
jessie|trusty)
|
|
||||||
awk '$1 == "ENV" && $2 == "SECCOMP_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile"
|
|
||||||
cat <<-'EOF' >> "$version/Dockerfile"
|
|
||||||
RUN buildDeps=' \
|
|
||||||
automake \
|
|
||||||
libtool \
|
|
||||||
' \
|
|
||||||
&& set -x \
|
|
||||||
&& apt-get update && apt-get install -y $buildDeps --no-install-recommends \
|
|
||||||
&& rm -rf /var/lib/apt/lists/* \
|
|
||||||
&& export SECCOMP_PATH=$(mktemp -d) \
|
|
||||||
&& git clone -b "$SECCOMP_VERSION" --depth 1 https://github.com/seccomp/libseccomp.git "$SECCOMP_PATH" \
|
|
||||||
&& ( \
|
|
||||||
cd "$SECCOMP_PATH" \
|
|
||||||
&& ./autogen.sh \
|
|
||||||
&& ./configure --prefix=/usr \
|
|
||||||
&& make \
|
|
||||||
&& install -c src/.libs/libseccomp.a /usr/lib/libseccomp.a \
|
|
||||||
&& chmod 644 /usr/lib/libseccomp.a \
|
|
||||||
&& ranlib /usr/lib/libseccomp.a \
|
|
||||||
&& ldconfig -n /usr/lib \
|
|
||||||
) \
|
|
||||||
&& rm -rf "$SECCOMP_PATH" \
|
|
||||||
&& apt-get purge -y --auto-remove $buildDeps
|
|
||||||
EOF
|
|
||||||
|
|
||||||
echo >> "$version/Dockerfile"
|
|
||||||
;;
|
|
||||||
*) ;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
awk '$1 == "ENV" && $2 == "GO_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile"
|
awk '$1 == "ENV" && $2 == "GO_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile"
|
||||||
echo 'RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local' >> "$version/Dockerfile"
|
echo 'RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local' >> "$version/Dockerfile"
|
||||||
echo 'ENV PATH $PATH:/usr/local/go/bin' >> "$version/Dockerfile"
|
echo 'ENV PATH $PATH:/usr/local/go/bin' >> "$version/Dockerfile"
|
||||||
|
|
|
@ -4,30 +4,7 @@
|
||||||
|
|
||||||
FROM ubuntu:trusty
|
FROM ubuntu:trusty
|
||||||
|
|
||||||
RUN apt-get update && apt-get install -y apparmor bash-completion btrfs-tools build-essential curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev libsqlite3-dev libseccomp-dev libsystemd-journal-dev --no-install-recommends && rm -rf /var/lib/apt/lists/*
|
RUN apt-get update && apt-get install -y apparmor bash-completion btrfs-tools build-essential curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev libsqlite3-dev libsystemd-journal-dev --no-install-recommends && rm -rf /var/lib/apt/lists/*
|
||||||
|
|
||||||
ENV SECCOMP_VERSION v2.2.3
|
|
||||||
RUN buildDeps=' \
|
|
||||||
automake \
|
|
||||||
libtool \
|
|
||||||
' \
|
|
||||||
&& set -x \
|
|
||||||
&& apt-get update && apt-get install -y $buildDeps --no-install-recommends \
|
|
||||||
&& rm -rf /var/lib/apt/lists/* \
|
|
||||||
&& export SECCOMP_PATH=$(mktemp -d) \
|
|
||||||
&& git clone -b "$SECCOMP_VERSION" --depth 1 https://github.com/seccomp/libseccomp.git "$SECCOMP_PATH" \
|
|
||||||
&& ( \
|
|
||||||
cd "$SECCOMP_PATH" \
|
|
||||||
&& ./autogen.sh \
|
|
||||||
&& ./configure --prefix=/usr \
|
|
||||||
&& make \
|
|
||||||
&& install -c src/.libs/libseccomp.a /usr/lib/libseccomp.a \
|
|
||||||
&& chmod 644 /usr/lib/libseccomp.a \
|
|
||||||
&& ranlib /usr/lib/libseccomp.a \
|
|
||||||
&& ldconfig -n /usr/lib \
|
|
||||||
) \
|
|
||||||
&& rm -rf "$SECCOMP_PATH" \
|
|
||||||
&& apt-get purge -y --auto-remove $buildDeps
|
|
||||||
|
|
||||||
ENV GO_VERSION 1.5.2
|
ENV GO_VERSION 1.5.2
|
||||||
RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
|
RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
|
||||||
|
@ -35,4 +12,4 @@ ENV PATH $PATH:/usr/local/go/bin
|
||||||
|
|
||||||
ENV AUTO_GOPATH 1
|
ENV AUTO_GOPATH 1
|
||||||
|
|
||||||
ENV DOCKER_BUILDTAGS apparmor seccomp selinux
|
ENV DOCKER_BUILDTAGS apparmor selinux
|
||||||
|
|
|
@ -6,28 +6,7 @@ FROM centos:7
|
||||||
|
|
||||||
RUN yum groupinstall -y "Development Tools"
|
RUN yum groupinstall -y "Development Tools"
|
||||||
RUN yum -y swap -- remove systemd-container systemd-container-libs -- install systemd systemd-libs
|
RUN yum -y swap -- remove systemd-container systemd-container-libs -- install systemd systemd-libs
|
||||||
RUN yum install -y btrfs-progs-devel device-mapper-devel glibc-static libseccomp-devel libselinux-devel libtool-ltdl-devel selinux-policy selinux-policy-devel sqlite-devel tar
|
RUN yum install -y btrfs-progs-devel device-mapper-devel glibc-static libselinux-devel libtool-ltdl-devel selinux-policy selinux-policy-devel sqlite-devel tar
|
||||||
|
|
||||||
ENV SECCOMP_VERSION v2.2.3
|
|
||||||
RUN buildDeps=' \
|
|
||||||
automake \
|
|
||||||
libtool \
|
|
||||||
' \
|
|
||||||
&& set -x \
|
|
||||||
&& yum install -y $buildDeps \
|
|
||||||
&& export SECCOMP_PATH=$(mktemp -d) \
|
|
||||||
&& git clone -b "$SECCOMP_VERSION" --depth 1 https://github.com/seccomp/libseccomp.git "$SECCOMP_PATH" \
|
|
||||||
&& ( \
|
|
||||||
cd "$SECCOMP_PATH" \
|
|
||||||
&& ./autogen.sh \
|
|
||||||
&& ./configure --prefix=/usr \
|
|
||||||
&& make \
|
|
||||||
&& install -c src/.libs/libseccomp.a /usr/lib/libseccomp.a \
|
|
||||||
&& chmod 644 /usr/lib/libseccomp.a \
|
|
||||||
&& ranlib /usr/lib/libseccomp.a \
|
|
||||||
&& ldconfig -n /usr/lib \
|
|
||||||
) \
|
|
||||||
&& rm -rf "$SECCOMP_PATH"
|
|
||||||
|
|
||||||
ENV GO_VERSION 1.5.2
|
ENV GO_VERSION 1.5.2
|
||||||
RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
|
RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
|
||||||
|
@ -35,4 +14,4 @@ ENV PATH $PATH:/usr/local/go/bin
|
||||||
|
|
||||||
ENV AUTO_GOPATH 1
|
ENV AUTO_GOPATH 1
|
||||||
|
|
||||||
ENV DOCKER_BUILDTAGS seccomp selinux
|
ENV DOCKER_BUILDTAGS selinux
|
||||||
|
|
|
@ -84,8 +84,9 @@ for version in "${versions[@]}"; do
|
||||||
esac
|
esac
|
||||||
|
|
||||||
# opensuse & oraclelinx:6 do not have the right libseccomp libs
|
# opensuse & oraclelinx:6 do not have the right libseccomp libs
|
||||||
|
# centos:7 and oraclelinux:7 have a libseccomp < 2.2.1 :(
|
||||||
case "$from" in
|
case "$from" in
|
||||||
opensuse:*|oraclelinux:6)
|
opensuse:*|oraclelinux:*|centos:7)
|
||||||
packages=( "${packages[@]/libseccomp-devel}" )
|
packages=( "${packages[@]/libseccomp-devel}" )
|
||||||
;;
|
;;
|
||||||
*)
|
*)
|
||||||
|
@ -106,12 +107,11 @@ for version in "${versions[@]}"; do
|
||||||
|
|
||||||
echo >> "$version/Dockerfile"
|
echo >> "$version/Dockerfile"
|
||||||
|
|
||||||
# centos, fedora, & oraclelinux:7 do not have a libseccomp.a for compiling static dockerinit
|
# fedora does not have a libseccomp.a for compiling static dockerinit
|
||||||
# ONLY install libseccomp.a from source, this can be removed once dockerinit is removed
|
# ONLY install libseccomp.a from source, this can be removed once dockerinit is removed
|
||||||
# TODO remove this manual seccomp compilation once dockerinit is gone or no longer needs to be statically compiled
|
# TODO remove this manual seccomp compilation once dockerinit is gone or no longer needs to be statically compiled
|
||||||
case "$from" in
|
case "$from" in
|
||||||
opensuse:*|oraclelinux:6) ;;
|
fedora:*)
|
||||||
*)
|
|
||||||
awk '$1 == "ENV" && $2 == "SECCOMP_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile"
|
awk '$1 == "ENV" && $2 == "SECCOMP_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile"
|
||||||
cat <<-'EOF' >> "$version/Dockerfile"
|
cat <<-'EOF' >> "$version/Dockerfile"
|
||||||
RUN buildDeps=' \
|
RUN buildDeps=' \
|
||||||
|
@ -137,6 +137,7 @@ for version in "${versions[@]}"; do
|
||||||
|
|
||||||
echo >> "$version/Dockerfile"
|
echo >> "$version/Dockerfile"
|
||||||
;;
|
;;
|
||||||
|
*) ;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
awk '$1 == "ENV" && $2 == "GO_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile"
|
awk '$1 == "ENV" && $2 == "GO_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile"
|
||||||
|
|
|
@ -5,28 +5,7 @@
|
||||||
FROM oraclelinux:7
|
FROM oraclelinux:7
|
||||||
|
|
||||||
RUN yum groupinstall -y "Development Tools"
|
RUN yum groupinstall -y "Development Tools"
|
||||||
RUN yum install -y --enablerepo=ol7_optional_latest btrfs-progs-devel device-mapper-devel glibc-static libseccomp-devel libselinux-devel libtool-ltdl-devel selinux-policy selinux-policy-devel sqlite-devel tar
|
RUN yum install -y --enablerepo=ol7_optional_latest btrfs-progs-devel device-mapper-devel glibc-static libselinux-devel libtool-ltdl-devel selinux-policy selinux-policy-devel sqlite-devel tar
|
||||||
|
|
||||||
ENV SECCOMP_VERSION v2.2.3
|
|
||||||
RUN buildDeps=' \
|
|
||||||
automake \
|
|
||||||
libtool \
|
|
||||||
' \
|
|
||||||
&& set -x \
|
|
||||||
&& yum install -y $buildDeps \
|
|
||||||
&& export SECCOMP_PATH=$(mktemp -d) \
|
|
||||||
&& git clone -b "$SECCOMP_VERSION" --depth 1 https://github.com/seccomp/libseccomp.git "$SECCOMP_PATH" \
|
|
||||||
&& ( \
|
|
||||||
cd "$SECCOMP_PATH" \
|
|
||||||
&& ./autogen.sh \
|
|
||||||
&& ./configure --prefix=/usr \
|
|
||||||
&& make \
|
|
||||||
&& install -c src/.libs/libseccomp.a /usr/lib/libseccomp.a \
|
|
||||||
&& chmod 644 /usr/lib/libseccomp.a \
|
|
||||||
&& ranlib /usr/lib/libseccomp.a \
|
|
||||||
&& ldconfig -n /usr/lib \
|
|
||||||
) \
|
|
||||||
&& rm -rf "$SECCOMP_PATH"
|
|
||||||
|
|
||||||
ENV GO_VERSION 1.5.2
|
ENV GO_VERSION 1.5.2
|
||||||
RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
|
RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local
|
||||||
|
@ -34,4 +13,4 @@ ENV PATH $PATH:/usr/local/go/bin
|
||||||
|
|
||||||
ENV AUTO_GOPATH 1
|
ENV AUTO_GOPATH 1
|
||||||
|
|
||||||
ENV DOCKER_BUILDTAGS seccomp selinux
|
ENV DOCKER_BUILDTAGS selinux
|
||||||
|
|
Loading…
Reference in a new issue