diff options
author | Pavlos Ratis <dastergon@dastergon.gr> | 2015-10-25 15:18:12 +0200 |
---|---|---|
committer | Pavlos Ratis <dastergon@dastergon.gr> | 2015-10-25 15:18:12 +0200 |
commit | cc62df6a19c138343a1e7d17cd2e872d4149d729 (patch) | |
tree | 326a13da28b8219fef1835abd6a830ceaa9925fa | |
parent | Fix link to dockerhub (diff) | |
parent | Add amd64-hardened-nomultilib build (diff) | |
download | docker-images-cc62df6a19c138343a1e7d17cd2e872d4149d729.tar.gz docker-images-cc62df6a19c138343a1e7d17cd2e872d4149d729.tar.bz2 docker-images-cc62df6a19c138343a1e7d17cd2e872d4149d729.zip |
Merge pull request #23 from steev/master
Add amd64-hardened-nomultilib build
-rw-r--r-- | amd64-hardened-nomultilib/Dockerfile | 24 | ||||
-rwxr-xr-x | amd64-hardened-nomultilib/build.sh | 29 |
2 files changed, 53 insertions, 0 deletions
diff --git a/amd64-hardened-nomultilib/Dockerfile b/amd64-hardened-nomultilib/Dockerfile new file mode 100644 index 0000000..30f9785 --- /dev/null +++ b/amd64-hardened-nomultilib/Dockerfile @@ -0,0 +1,24 @@ +FROM busybox + +MAINTAINER Gentoo Docker Team + +# This one should be present by running the build.sh script +ADD build.sh / + +RUN /build.sh amd64 x86_64 -hardened+nomultilib + +# Setup the (virtually) current runlevel +RUN echo "default" > /run/openrc/softlevel + +# Setup the rc_sys +RUN sed -e 's/#rc_sys=""/rc_sys="lxc"/g' -i /etc/rc.conf + +# Setup the net.lo runlevel +RUN ln -s /etc/init.d/net.lo /run/openrc/started/net.lo + +# Setup the net.eth0 runlevel +RUN ln -s /etc/init.d/net.lo /etc/init.d/net.eth0 +RUN ln -s /etc/init.d/net.eth0 /run/openrc/started/net.eth0 + +# By default, UTC system +RUN echo 'UTC' > /etc/timezone diff --git a/amd64-hardened-nomultilib/build.sh b/amd64-hardened-nomultilib/build.sh new file mode 100755 index 0000000..96f6ad8 --- /dev/null +++ b/amd64-hardened-nomultilib/build.sh @@ -0,0 +1,29 @@ +suffix=$3 # e.g. -hardened +arch=$1 +busybox_version=$2 +dist="http://distfiles.gentoo.org/releases/${arch}/autobuilds/" +stage3="$(wget -q -O- ${dist}/latest-stage3-${arch}${suffix}.txt | tail -n 1 | cut -f 1 -d ' ')" + +mkdir newWorldOrder; cd newWorldOrder +echo "Downloading and extracting ${stage3}..." +wget -q -c "${dist}/${stage3}" +bunzip2 -c $(basename ${stage3}) | tar --exclude "./etc/hosts" --exclude "./sys/*" -xf - +rm -f $(basename ${stage3}) +wget -q -O /busybox "http://www.busybox.net/downloads/binaries/latest/busybox-${busybox_version}" +chmod +x /busybox +/busybox rm -rf /lib* /usr /var /bin /sbin /opt /mnt /media /root /home /run /tmp +/busybox cp -fRap lib* / +/busybox cp -fRap bin boot home media mnt opt root run sbin tmp usr var / +/busybox cp -fRap etc/* /etc/ +cd / +#commit suicide +/busybox rm -rf newWorldOrder /busybox /build.sh /linuxrc + +latest_stage3=$(curl "${base_url}/latest-stage3-amd64-hardened+nomultilib.txt" 2>/dev/null | grep -v '#' | awk '{print $1}') +stage3=$(basename "${latest_stage3}") + +# Self destruct +rm -f /Dockerfile /build.sh + +echo "Bootstrapped ${stage3} into /:" +ls --color -lah |