moby/hack/make/.ensure-nnp-test
Mrunal Patel 74bb1ce9e9 Add support for NoNewPrivileges in docker
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>

Add tests for no-new-privileges

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>

Update documentation for no-new-privileges

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-03-07 09:47:02 -08:00

22 lines
651 B
Bash

#!/bin/bash
set -e
# Build a C binary for testing no-new-privileges
# and compile it for target daemon
if [ "$DOCKER_ENGINE_GOOS" = "linux" ]; then
if [ "$DOCKER_ENGINE_OSARCH" = "$DOCKER_CLIENT_OSARCH" ]; then
tmpdir=$(mktemp -d)
gcc -g -Wall -static contrib/nnp-test/nnp-test.c -o "${tmpdir}/nnp-test"
dockerfile="${tmpdir}/Dockerfile"
cat <<-EOF > "$dockerfile"
FROM debian:jessie
COPY . /usr/bin/
RUN chmod +s /usr/bin/nnp-test
EOF
docker build --force-rm ${DOCKER_BUILD_ARGS} -qt nnp-test "${tmpdir}" > /dev/null
rm -rf "${tmpdir}"
else
docker build ${DOCKER_BUILD_ARGS} -qt nnp-test contrib/nnp-test > /dev/null
fi
fi