seccomp support for debian jessie
Based on jessie-backports. Signed-off-by: Boris Pruessmann <boris@pruessmann.org>
This commit is contained in:
Boris Pruessmann
parent
2ca57fe0b0
commit
fcadb77b97
2 changed files with 23 additions and 12 deletions
|
|
@ -5,7 +5,7 @@
|
|||
FROM aarch64/debian:jessie
|
||||
|
||||
RUN echo deb http://ftp.debian.org/debian jessie-backports main > /etc/apt/sources.list.d/backports.list
|
||||
RUN apt-get update && apt-get install -y apparmor bash-completion btrfs-tools build-essential cmake curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev pkg-config vim-common libsystemd-journal-dev golang-1.6-go --no-install-recommends && rm -rf /var/lib/apt/lists/*
|
||||
RUN apt-get update && apt-get install -y apparmor bash-completion btrfs-tools build-essential cmake curl ca-certificates debhelper dh-apparmor dh-systemd git libapparmor-dev libdevmapper-dev libltdl-dev pkg-config vim-common libsystemd-journal-dev golang-1.6-go libseccomp-dev --no-install-recommends && rm -rf /var/lib/apt/lists/*
|
||||
|
||||
RUN update-alternatives --install /usr/bin/go go /usr/lib/go-1.6/bin/go 100
|
||||
|
||||
|
|
@ -21,5 +21,5 @@ ENV PATH /usr/src/go/bin:$PATH
|
|||
|
||||
ENV AUTO_GOPATH 1
|
||||
|
||||
ENV DOCKER_BUILDTAGS apparmor pkcs11 selinux
|
||||
ENV RUNC_BUILDTAGS apparmor selinux
|
||||
ENV DOCKER_BUILDTAGS apparmor pkcs11 selinux seccomp
|
||||
ENV RUNC_BUILDTAGS apparmor selinux seccomp
|
||||
|
|
|
|||
|
|
@ -61,7 +61,7 @@ for version in "${versions[@]}"; do
|
|||
)
|
||||
|
||||
case "$suite" in
|
||||
jessie|trusty)
|
||||
trusty)
|
||||
packages+=( libsystemd-journal-dev )
|
||||
# aarch64 doesn't have an official downloadable binary for go.
|
||||
# And gccgo for trusty only includes Go 1.2 implementation which
|
||||
|
|
@ -69,9 +69,20 @@ for version in "${versions[@]}"; do
|
|||
# golang-1.6-go package can be used as bootstrap.
|
||||
packages+=( golang-1.6-go )
|
||||
;;
|
||||
jessie)
|
||||
packages+=( libsystemd-journal-dev )
|
||||
# aarch64 doesn't have an official downloadable binary for go.
|
||||
# And gccgo for jessie only includes Go 1.2 implementation which
|
||||
# is too old to build current go source, fortunately jessie backports
|
||||
# has golang-1.6-go package can be used as bootstrap.
|
||||
packages+=( golang-1.6-go libseccomp-dev )
|
||||
|
||||
dockerBuildTags="$dockerBuildTags seccomp"
|
||||
runcBuildTags="$runcBuildTags seccomp"
|
||||
;;
|
||||
stretch|xenial)
|
||||
packages+=( libsystemd-dev )
|
||||
packages+=( golang-go libseccomp-dev)
|
||||
packages+=( golang-go libseccomp-dev )
|
||||
|
||||
dockerBuildTags="$dockerBuildTags seccomp"
|
||||
runcBuildTags="$runcBuildTags seccomp"
|
||||
|
|
@ -83,13 +94,13 @@ for version in "${versions[@]}"; do
|
|||
;;
|
||||
esac
|
||||
|
||||
case "$suite" in
|
||||
jessie)
|
||||
echo 'RUN echo deb http://ftp.debian.org/debian jessie-backports main > /etc/apt/sources.list.d/backports.list' >> "$version/Dockerfile"
|
||||
;;
|
||||
*)
|
||||
;;
|
||||
esac
|
||||
case "$suite" in
|
||||
jessie)
|
||||
echo 'RUN echo deb http://ftp.debian.org/debian jessie-backports main > /etc/apt/sources.list.d/backports.list' >> "$version/Dockerfile"
|
||||
;;
|
||||
*)
|
||||
;;
|
||||
esac
|
||||
|
||||
# update and install packages
|
||||
echo "RUN apt-get update && apt-get install -y ${packages[*]} --no-install-recommends && rm -rf /var/lib/apt/lists/*" >> "$version/Dockerfile"
|
||||
|
|
|
|||
Loading…
Reference in a new issue