Merge branch 'master' of https://github.com/ChaosEngine/gentoo-docker-images into bbimages

13 files changed, 202 insertions, 75 deletions

diff --git a/.gitignore b/.gitignore
index ccac53e..942a04b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,3 +3,6 @@
 *.asc
 *.DIGESTS
 *.CONTENTS
+*.swp
+busybox-x86_64
+busybox
diff --git a/amd64-hardened/Dockerfile b/amd64-hardened/Dockerfile
index 2f7d17a..a2dfdc2 100644
--- a/amd64-hardened/Dockerfile
+++ b/amd64-hardened/Dockerfile
@@ -1,9 +1,11 @@
-FROM scratch
+FROM busybox
 
 MAINTAINER Gentoo Docker Team
 
 # This one should be present by running the build.sh script
-ADD stage3-amd64-hardened.tar.xz /
+ADD build.sh /
+
+RUN /build.sh amd64 x86_64 -hardened
 
 # Setup the (virtually) current runlevel
 RUN echo "default" > /run/openrc/softlevel
@@ -20,19 +22,3 @@ RUN ln -s /etc/init.d/net.eth0 /run/openrc/started/net.eth0
 
 # By default, UTC system
 RUN echo 'UTC' > /etc/timezone
-
-# Used when this image is the base of another
-#
-# Setup the portage directory and permissions
-ONBUILD RUN mkdir -p /usr/portage/{distfiles,metadata,packages}
-ONBUILD RUN chown -R portage:portage /usr/portage
-ONBUILD RUN echo "masters = gentoo" > /usr/portage/metadata/layout.conf
-
-# Sync portage
-ONBUILD RUN emerge-webrsync -q
-
-# Display some news items
-ONBUILD RUN eselect news read new
-
-# Finalization
-ONBUILD RUN env-update
diff --git a/amd64-hardened/build.sh b/amd64-hardened/build.sh
index 2fe9c68..5f7ef00 100755
--- a/amd64-hardened/build.sh
+++ b/amd64-hardened/build.sh
@@ -1,26 +1,29 @@
-#!/bin/bash
+suffix=$3 # e.g. -hardened
+arch=$1
+busybox_version=$2
+dist="http://distfiles.gentoo.org/releases/${arch}/autobuilds/"
+stage3="$(wget -q -O- ${dist}/latest-stage3-${arch}${suffix}.txt | tail -n 1 | cut -f 1 -d ' ')"
 
-die(){ echo "$@" 1>&2; exit 1; }
-
-base_url="http://distfiles.gentoo.org/releases/amd64/autobuilds"
+mkdir newWorldOrder; cd newWorldOrder
+echo "Downloading and extracting ${stage3}..."
+wget -q -c "${dist}/${stage3}"
+bunzip2 -c $(basename ${stage3}) | tar --exclude "./etc/hosts" --exclude "./sys/*" -xf -
+rm -f $(basename ${stage3})
+wget -q -O /busybox "http://www.busybox.net/downloads/binaries/latest/busybox-${busybox_version}"
+chmod +x /busybox
+/busybox rm -rf /lib* /usr /var /bin /sbin /opt /mnt /media /root /home /run /tmp
+/busybox cp -fRap lib* /
+/busybox cp -fRap bin boot home media mnt opt root run sbin tmp usr var /
+/busybox cp -fRap etc/* /etc/
+cd /
+#commit suicide
+/busybox rm -rf newWorldOrder /busybox /build.sh /linuxrc
 
 latest_stage3=$(curl "${base_url}/latest-stage3-amd64-hardened.txt" 2>/dev/null | grep -v '#' | awk '{print $1}')
 stage3=$(basename "${latest_stage3}")
 
-[ ! -f "${stage3}" ] && xz=true || xz=false
-
-wget -nc "${base_url}/${latest_stage3}" || die "Could not download stage3"
-wget -nc "${base_url}/${latest_stage3}.DIGESTS.asc" || die "Could not download digests"
-wget -nc "${base_url}/${latest_stage3}.CONTENTS" || die "Could not download contents"
-sha512_digests=$(grep -A1 SHA512 "${stage3}.DIGESTS.asc" | grep -v '^--')
-gpg --verify "${stage3}.DIGESTS.asc" || die "Insecure digests"
-echo "${sha512_digests}" | sha512sum -c || die "Checksum validation failed"
-
-if [ ${xz} == true ] || [ ! -f stage3-amd64.tar.xz ]; then
-	echo "Transforming bz2 tarball to xz (golang bug). This will take some time..."
-	bunzip2 -c "${stage3}" | xz -z > stage3-amd64-hardened.tar.xz || die "Failed to recompress to xz"
-fi
-echo "I'm done with the stage3."
+# Self destruct
+rm -f /Dockerfile /build.sh
 
-echo "Building docker Gentoo image now..."
-docker build -t gentoo:latest-hardened .
+echo "Bootstrapped ${stage3} into /:"
+ls --color -lah
diff --git a/amd64/.dockerignore b/amd64/.dockerignore
new file mode 100644
index 0000000..942a04b
--- /dev/null
+++ b/amd64/.dockerignore
@@ -0,0 +1,8 @@
+*.bz2
+*.xz
+*.asc
+*.DIGESTS
+*.CONTENTS
+*.swp
+busybox-x86_64
+busybox
diff --git a/amd64/Dockerfile b/amd64/Dockerfile
index d73045b..e18c5d3 100644
--- a/amd64/Dockerfile
+++ b/amd64/Dockerfile
@@ -1,9 +1,11 @@
-FROM scratch
+FROM busybox
 
 MAINTAINER Gentoo Docker Team
 
 # This one should be present by running the build.sh script
-ADD stage3-amd64.tar.xz /
+ADD build.sh /
+
+RUN /build.sh amd64 x86_64
 
 # Setup the (virtually) current runlevel
 RUN echo "default" > /run/openrc/softlevel
@@ -20,19 +22,3 @@ RUN ln -s /etc/init.d/net.eth0 /run/openrc/started/net.eth0
 
 # By default, UTC system
 RUN echo 'UTC' > /etc/timezone
-
-# Used when this image is the base of another
-#
-# Setup the portage directory and permissions
-ONBUILD RUN mkdir -p /usr/portage/{distfiles,metadata,packages}
-ONBUILD RUN chown -R portage:portage /usr/portage
-ONBUILD RUN echo "masters = gentoo" > /usr/portage/metadata/layout.conf
-
-# Sync portage
-ONBUILD RUN emerge-webrsync -q
-
-# Display some news items
-ONBUILD RUN eselect news read new
-
-# Finalization
-ONBUILD RUN env-update
diff --git a/amd64/build.sh b/amd64/build.sh
index d349467..5c80d28 100644..100755
--- a/amd64/build.sh
+++ b/amd64/build.sh
@@ -1,26 +1,31 @@
-#!/bin/bash
+suffix=$3 # e.g. -hardened
+arch=$1
+busybox_version=$2
+dist="http://distfiles.gentoo.org/releases/${arch}/autobuilds/"
+stage3="$(wget -q -O- ${dist}/latest-stage3-${arch}${suffix}.txt | tail -n 1 | cut -f 1 -d ' ')"
 
-die(){ echo "$@" 1>&2; exit 1; }
+mkdir newWorldOrder; cd newWorldOrder
+echo "Downloading and extracting ${stage3}..."
+wget -q -c "${dist}/${stage3}"
+bunzip2 -c $(basename ${stage3}) | tar --exclude "./etc/hosts" --exclude "./sys/*" -xf -
+rm -f $(basename ${stage3})
+wget -q -O /busybox "http://www.busybox.net/downloads/binaries/latest/busybox-${busybox_version}"
+chmod +x /busybox
+/busybox rm -rf /lib* /usr /var /bin /sbin /opt /mnt /media /root /home /run /tmp
+/busybox cp -fRap lib* /
+/busybox cp -fRap bin boot home media mnt opt root run sbin tmp usr var /
+/busybox cp -fRap etc/* /etc/
+cd /
+#commit suicide
+/busybox rm -rf newWorldOrder /busybox /build.sh /linuxrc
 
-base_url="http://distfiles.gentoo.org/releases/amd64/autobuilds"
 
 latest_stage3=$(curl "${base_url}/latest-stage3-amd64.txt" 2>/dev/null | grep -v '#' | awk '{print $1}')
 stage3=$(basename "${latest_stage3}")
 
-[ ! -f "${stage3}" ] && xz=true || xz=false
 
-wget -nc "${base_url}/${latest_stage3}" || die "Could not download stage3"
-wget -nc "${base_url}/${latest_stage3}.DIGESTS.asc" || die "Could not download digests"
-wget -nc "${base_url}/${latest_stage3}.CONTENTS" || die "Could not download contents"
-sha512_digests=$(grep -A1 SHA512 "${stage3}.DIGESTS.asc" | grep -v '^--')
-gpg --verify "${stage3}.DIGESTS.asc" || die "Insecure digests"
-echo "${sha512_digests}" | sha512sum -c || die "Checksum validation failed"
+# Self destruct
+rm -f /Dockerfile /build.sh
 
-if [ ${xz} == true ] || [ ! -f stage3-amd64.tar.xz ]; then
-	echo "Transforming bz2 tarball to xz (golang bug). This will take some time..."
-	bunzip2 -c "${stage3}" | xz -z > stage3-amd64.tar.xz || die "Failed to recompress to xz"
-fi
-echo "I'm done with the stage3."
-
-echo "Building docker Gentoo image now..."
-docker build -t gentoo .
+echo "Bootstrapped ${stage3} into /:"
+ls --color -lah
diff --git a/docs/README-short.txt b/docs/README-short.txt
new file mode 100644
index 0000000..ac4f72e
--- /dev/null
+++ b/docs/README-short.txt
@@ -0,0 +1 @@
+The official build of Gentoo
diff --git a/docs/README.md b/docs/README.md
new file mode 100644
index 0000000..cb55ae2
--- /dev/null
+++ b/docs/README.md
@@ -0,0 +1,67 @@
+# Supported tags and respective `Dockerfile` links
+
+-	[`amd64`, `latest`, `stage3` (*amd64/Dockerfile*)](https://raw.githubusercontent.com/ChaosEngine/gentoo-docker-images/master/amd64/Dockerfile)
+-	[`amd64`, `stable`, `stage3` (*amd64/Dockerfile*)](https://raw.githubusercontent.com/ChaosEngine/gentoo-docker-images/450207321dc96a90f23df5346ee5ff817e3bc6a1/amd64/Dockerfile)
+-	[`amd64-hardened`, `latest`, `stage3` (*amd64-hardened/Dockerfile*)](https://raw.githubusercontent.com/ChaosEngine/gentoo-docker-images/master/amd64-hardened/Dockerfile)
+-	[`amd64-hardened`, `stable`, `stage3` (*amd64-hardened/Dockerfile*)](https://raw.githubusercontent.com/ChaosEngine/gentoo-docker-images/450207321dc96a90f23df5346ee5ff817e3bc6a1/amd64-hardened/Dockerfile)
+
+
+
+For more information about this image and its history, please see the [relevant manifest file (`gentoo/gentoo-docker-images`)](https://github.com/ChaosEngine/gentoo-docker-images) or in official, the [`gentoo/gentoo-docker-images` GitHub repo](https://github.com/gentoo/gentoo-docker-images).
+
+![logo](https://raw.githubusercontent.com/ChaosEngine/gentoo-docker-images/master/docs/logo.png)
+
+# What is [Gentoo](http://www.gentoo.org/)?
+
+Gentoo is a free operating system based on either Linux or FreeBSD that can be automatically optimized and customized for just about any application or need. Extreme configurability, performance and a top-notch user and developer community are all hallmarks of the Gentoo experience.
+
+Thanks to a technology called Portage, Gentoo can become an ideal secure server, development workstation, professional desktop, gaming system, embedded solution or something else -- whatever you need it to be. Because of its near-unlimited adaptability, we call Gentoo a metadistribution.
+
+Of course, Gentoo is more than just the software it provides. It is a community built around a distribution which is driven by more than 300 developers and thousands of users. The distribution project provides the means for the users to enjoy Gentoo: documentation, infrastructure (mailinglists, site, forums ...), release engineering, software porting, quality assurance, security followup, hardening and more.
+
+To advise on and help with Gentoo's global development, a 7-member council is elected on a yearly basis which decides on global issues, policies and advancements in the Gentoo project.
+
+# What is Portage?
+
+Portage is the heart of Gentoo, and performs many key functions. For one, Portage is the software distribution system for Gentoo. To get the latest software for Gentoo, you type one command: emerge --sync. This command tells Portage to update your local "Portage tree" over the Internet. Your local Portage tree contains a complete collection of scripts that can be used by Portage to create and install the latest Gentoo packages. Currently, we have more than 10000 packages in our Portage tree, with updates and new ones being added all the time.
+
+Portage is also a package building and installation system. When you want to install a package, you type emerge packagename, at which point Portage automatically builds a custom version of the package to your exact specifications, optimizing it for your hardware and ensuring that the optional features in the package that you want are enabled -- and those you don't want aren't.
+
+Portage also keeps your system up-to-date. Typing emerge -uD world -- one command -- will ensure that all the packages that you want on your system are updated automatically.
+
+> [http://en.wikipedia.org/wiki/Gentoo_Linux](http://en.wikipedia.org/wiki/Gentoo_Linux)
+
+
+# About this image
+
+The `amd64:latest` tag will always point the latest built release (which is, at the time of this writing, `amd64:stage3`). Stable releases are also tagged with their version (ie, `amd64:latest` is currently also the same as `amd64:stable`).
+
+The same applies to amd64-hardened images.
+
+## stage3 source
+
+The mirror of choice for these images is [http://distfiles.gentoo.org/releases/amd64/autobuilds/](http://distfiles.gentoo.org/releases/amd64/autobuilds/) so that it's as close to optimal for everyone as possible, regardless of location.
+
+[amd64](http://distfiles.gentoo.org/releases/amd64/autobuilds/current-stage3-amd64/)
+
+[amd64-hardened](http://distfiles.gentoo.org/releases/amd64/autobuilds/current-stage3-amd64-hardened/)
+
+# Supported Docker versions
+
+This image is officially supported on Docker version 1.5.0.
+
+Support for older versions (down to 1.0) is provided on a best-effort basis.
+
+# User Feedback
+
+## Issues
+
+If you have any problems with or questions about this image, please contact us through a [GitHub issue](https://github.com/gentoo/gentoo-docker-images/issues).
+
+You can also reach many of the official image maintainers via the `#gentoo-contain` IRC channel on [Freenode](https://freenode.net).
+
+## Contributing
+
+You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can.
+
+Before you start to code, we recommend discussing your plans through a [GitHub issue](https://github.com/gentoo/gentoo-docker-images/issues), especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing.
diff --git a/docs/logo.png b/docs/logo.png
new file mode 100644
index 0000000..cef026e
--- /dev/null
+++ b/docs/logo.png
diff --git a/portage/Dockerfile b/portage/Dockerfile
index b7628a3..e78c52f 100644
--- a/portage/Dockerfile
+++ b/portage/Dockerfile
@@ -2,4 +2,7 @@ FROM busybox:latest
 MAINTAINER Gentoo Container Team <containers@gentoo.org>
 
 ADD http://distfiles.gentoo.org/snapshots/portage-latest.tar.bz2 /
-RUN mkdir -p /usr && bzcat /portage-latest.tar.bz2 | tar -xf - -C /usr
+RUN mkdir -p /usr && bzcat /portage-latest.tar.bz2 | tar -xf - -C /usr \
+	&& mkdir -p /usr/portage/{distfiles,metadata,packages} \
+	&& echo "masters = gentoo" > /usr/portage/metadata/layout.conf \
+	&& rm -f /portage-latest.tar.bz2
diff --git a/x86/.dockerignore b/x86/.dockerignore
new file mode 100644
index 0000000..2302238
--- /dev/null
+++ b/x86/.dockerignore
@@ -0,0 +1,7 @@
+*.bz2
+*.xz
+*.asc
+*.DIGESTS
+*.CONTENTS
+*.swp
+busybox*
diff --git a/x86/Dockerfile b/x86/Dockerfile
new file mode 100644
index 0000000..1c13cbf
--- /dev/null
+++ b/x86/Dockerfile
@@ -0,0 +1,29 @@
+FROM 32bit/debian:jessie
+
+MAINTAINER Gentoo Docker Team
+
+#ADD http://www.busybox.net/downloads/binaries/latest/busybox-i686 /busybox
+
+# This one should be present by running the build.sh script
+ADD build.sh /
+
+RUN apt-get update && apt-get install -y \
+	wget bzip2
+
+RUN /build.sh x86 i686
+
+# Setup the (virtually) current runlevel
+RUN echo "default" > /run/openrc/softlevel
+
+# Setup the rc_sys
+RUN sed -e 's/#rc_sys=""/rc_sys="lxc"/g' -i /etc/rc.conf
+
+# Setup the net.lo runlevel
+RUN ln -s /etc/init.d/net.lo /run/openrc/started/net.lo
+
+# Setup the net.eth0 runlevel
+RUN ln -s /etc/init.d/net.lo /etc/init.d/net.eth0
+RUN ln -s /etc/init.d/net.eth0 /run/openrc/started/net.eth0
+
+# By default, UTC system
+RUN echo 'UTC' > /etc/timezone
diff --git a/x86/build.sh b/x86/build.sh
new file mode 100755
index 0000000..528a0ae
--- /dev/null
+++ b/x86/build.sh
@@ -0,0 +1,29 @@
+suffix=$3 # e.g. -hardened
+arch=$1
+busybox_version=$2
+dist="http://distfiles.gentoo.org/releases/${arch}/autobuilds/"
+stage3="$(wget -q -O- ${dist}/latest-stage3-${busybox_version}${suffix}.txt | tail -n 1 | cut -f 1 -d ' ')"
+
+mkdir newWorldOrder; cd newWorldOrder
+echo "Downloading and extracting ${stage3}..."
+wget -q -c "${dist}/${stage3}"
+bunzip2 -c $(basename ${stage3}) | tar --exclude "./etc/hosts" --exclude "./sys/*" -xf -
+rm -f $(basename ${stage3})
+wget -q -O /busybox "http://www.busybox.net/downloads/binaries/latest/busybox-${busybox_version}"
+chmod +x /busybox
+/busybox rm -rf /lib* /usr /var /bin /sbin /opt /mnt /media /root /home /run /tmp
+/busybox cp -fRap lib* /
+/busybox cp -fRap bin boot home media mnt opt root run sbin tmp usr var /
+/busybox cp -fRap etc/* /etc/
+cd /
+#commit suicide
+/busybox rm -rf newWorldOrder /busybox /build.sh /linuxrc
+
+
+
+
+# Self destruct
+rm -f /Dockerfile /build.sh
+
+echo "Bootstrapped ${stage3} into /:"
+ls --color -lah