1. docker
  2. Commit 9e5c0641e9046c1ed1f1d50c6ebfd93195bf4291
Browse code

Merge pull request #11124 from tianon/autoremove-recommends

Set "Apt::AutoRemove::RecommendsImportant" to "false" in debootstrap

Tianon Gravi authored on 2015/03/20 08:00:40
Showing 1 changed files
contrib/mkimage/debootstrap
History View file @ 9e5c064
... ... 
@@ -38,13 +38,13 @@ rootfs_chroot() {
38 38 
 # prevent init scripts from running during install/update
39 39 
 echo >&2 "+ echo exit 101 > '$rootfsDir/usr/sbin/policy-rc.d'"
40 40 
 cat > "$rootfsDir/usr/sbin/policy-rc.d" <<'EOF'
41 
-#!/bin/sh
41 
+	#!/bin/sh
42 42
43 
-# For most Docker users, "apt-get install" only happens during "docker build",
44 
-# where starting services doesn't work and often fails in humorous ways. This
45 
-# prevents those failures by stopping the services from attempting to start.
43 
+	# For most Docker users, "apt-get install" only happens during "docker build",
44 
+	# where starting services doesn't work and often fails in humorous ways. This
45 
+	# prevents those failures by stopping the services from attempting to start.
46 46
47 
-exit 101
47 
+	exit 101
48 48 
 EOF
49 49 
 chmod +x "$rootfsDir/usr/sbin/policy-rc.d"
50 50
... ... 
@@ -69,12 +69,12 @@ if strings "$rootfsDir/usr/bin/dpkg" | grep -q unsafe-io; then
69 69 
 	# force dpkg not to call sync() after package extraction (speeding up installs)
70 70 
 	echo >&2 "+ echo force-unsafe-io > '$rootfsDir/etc/dpkg/dpkg.cfg.d/docker-apt-speedup'"
71 71 
 	cat > "$rootfsDir/etc/dpkg/dpkg.cfg.d/docker-apt-speedup" <<-'EOF'
72 
-	# For most Docker users, package installs happen during "docker build", which
73 
-	# doesn't survive power loss and gets restarted clean afterwards anyhow, so
74 
-	# this minor tweak gives us a nice speedup (much nicer on spinning disks,
75 
-	# obviously).
72 
+		# For most Docker users, package installs happen during "docker build", which
73 
+		# doesn't survive power loss and gets restarted clean afterwards anyhow, so
74 
+		# this minor tweak gives us a nice speedup (much nicer on spinning disks,
75 
+		# obviously).
76 76
77 
-	force-unsafe-io
77 
+		force-unsafe-io
78 78 
 	EOF
79 79 
 fi
80 80
... ... 
@@ -107,26 +107,47 @@ if [ -d "$rootfsDir/etc/apt/apt.conf.d" ]; then
107 107 
 	# remove apt-cache translations for fast "apt-get update"
108 108 
 	echo >&2 "+ echo Acquire::Languages 'none' > '$rootfsDir/etc/apt/apt.conf.d/docker-no-languages'"
109 109 
 	cat > "$rootfsDir/etc/apt/apt.conf.d/docker-no-languages" <<-'EOF'
110 
-	# In Docker, we don't often need the "Translations" files, so we're just wasting
111 
-	# time and space by downloading them, and this inhibits that.  For users that do
112 
-	# need them, it's a simple matter to delete this file and "apt-get update". :)
110 
+		# In Docker, we don't often need the "Translations" files, so we're just wasting
111 
+		# time and space by downloading them, and this inhibits that.  For users that do
112 
+		# need them, it's a simple matter to delete this file and "apt-get update". :)
113 113
114 
-	Acquire::Languages "none";
114 
+		Acquire::Languages "none";
115 115 
 	EOF
116 116
117 117 
 	echo >&2 "+ echo Acquire::GzipIndexes 'true' > '$rootfsDir/etc/apt/apt.conf.d/docker-gzip-indexes'"
118 118 
 	cat > "$rootfsDir/etc/apt/apt.conf.d/docker-gzip-indexes" <<-'EOF'
119 
-	# Since Docker users using "RUN apt-get update && apt-get install -y ..." in
120 
-	# their Dockerfiles don't go delete the lists files afterwards, we want them to
121 
-	# be as small as possible on-disk, so we explicitly request "gz" versions and
122 
-	# tell Apt to keep them gzipped on-disk.
119 
+		# Since Docker users using "RUN apt-get update && apt-get install -y ..." in
120 
+		# their Dockerfiles don't go delete the lists files afterwards, we want them to
121 
+		# be as small as possible on-disk, so we explicitly request "gz" versions and
122 
+		# tell Apt to keep them gzipped on-disk.
123 123
124 
-	# For comparison, an "apt-get update" layer without this on a pristine
125 
-	# "debian:wheezy" base image was "29.88 MB", where with this it was only
126 
-	# "8.273 MB".
124 
+		# For comparison, an "apt-get update" layer without this on a pristine
125 
+		# "debian:wheezy" base image was "29.88 MB", where with this it was only
126 
+		# "8.273 MB".
127 127
128 
-	Acquire::GzipIndexes "true";
129 
-	Acquire::CompressionTypes::Order:: "gz";
128 
+		Acquire::GzipIndexes "true";
129 
+		Acquire::CompressionTypes::Order:: "gz";
130 
+	EOF
131 
+
132 
+	# update "autoremove" configuration to be aggressive about removing suggests deps that weren't manually installed
133 
+	echo >&2 "+ echo Apt::AutoRemove::SuggestsImportant 'false' > '$rootfsDir/etc/apt/apt.conf.d/docker-autoremove-suggests'"
134 
+	cat > "$rootfsDir/etc/apt/apt.conf.d/docker-autoremove-suggests" <<-'EOF'
135 
+		# Since Docker users are looking for the smallest possible final images, the
136 
+		# following emerges as a very common pattern:
137 
+
138 
+		#   RUN apt-get update \
139 
+		#       && apt-get install -y <packages> \
140 
+		#       && <do some compilation work> \
141 
+		#       && apt-get purge -y --auto-remove <packages>
142 
+
143 
+		# By default, APT will actually _keep_ packages installed via Recommends or
144 
+		# Depends if another package Suggests them, even and including if the package
145 
+		# that originally caused them to be installed is removed.  Setting this to
146 
+		# "false" ensures that APT is appropriately aggressive about removing the
147 
+		# packages it added.
148 
+
149 
+		# https://aptitude.alioth.debian.org/doc/en/ch02s05s05.html#configApt-AutoRemove-SuggestsImportant
150 
+		Apt::AutoRemove::SuggestsImportant "false";
130 151 
 	EOF
131 152 
 fi
132 153