Browse code
dockerfile update for seccomp
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
Jessica Frazelle authored on 2015/11/15 11:01:24Showing 1 changed files
| ... | ... |
@@ -55,6 +55,7 @@ RUN apt-get update && apt-get install -y \ |
| 55 | 55 |
libltdl-dev \ |
| 56 | 56 |
libsqlite3-dev \ |
| 57 | 57 |
libsystemd-journal-dev \ |
| 58 |
+ libtool \ |
|
| 58 | 59 |
mercurial \ |
| 59 | 60 |
parallel \ |
| 60 | 61 |
pkg-config \ |
| ... | ... |
@@ -125,6 +126,23 @@ RUN set -x \ |
| 125 | 125 |
&& UNATTENDED=yes OSX_VERSION_MIN=10.6 ${OSXCROSS_PATH}/build.sh
|
| 126 | 126 |
ENV PATH /osxcross/target/bin:$PATH |
| 127 | 127 |
|
| 128 |
+# install seccomp |
|
| 129 |
+# this can be changed to the ubuntu package libseccomp-dev if dockerinit is removed, |
|
| 130 |
+# we need libseccomp.a (which the package does not provide) for dockerinit |
|
| 131 |
+ENV SECCOMP_VERSION v2.2.3 |
|
| 132 |
+RUN set -x \ |
|
| 133 |
+ && export SECCOMP_PATH=$(mktemp -d) \ |
|
| 134 |
+ && git clone https://github.com/seccomp/libseccomp.git "$SECCOMP_PATH" \ |
|
| 135 |
+ && ( \ |
|
| 136 |
+ cd "$SECCOMP_PATH" \ |
|
| 137 |
+ && git checkout "$SECCOMP_VERSION" \ |
|
| 138 |
+ && ./autogen.sh \ |
|
| 139 |
+ && ./configure --prefix=/usr \ |
|
| 140 |
+ && make \ |
|
| 141 |
+ && make install \ |
|
| 142 |
+ ) \ |
|
| 143 |
+ && rm -rf "$SECCOMP_PATH" |
|
| 144 |
+ |
|
| 128 | 145 |
# Install registry |
| 129 | 146 |
ENV REGISTRY_COMMIT ec87e9b6971d831f0eff752ddb54fb64693e51cd |
| 130 | 147 |
RUN set -x \ |
| ... | ... |
@@ -168,7 +186,7 @@ RUN useradd --create-home --gid docker unprivilegeduser |
| 168 | 168 |
|
| 169 | 169 |
VOLUME /var/lib/docker |
| 170 | 170 |
WORKDIR /go/src/github.com/docker/docker |
| 171 |
-ENV DOCKER_BUILDTAGS apparmor selinux |
|
| 171 |
+ENV DOCKER_BUILDTAGS apparmor seccomp selinux |
|
| 172 | 172 |
|
| 173 | 173 |
# Let us use a .bashrc file |
| 174 | 174 |
RUN ln -sfv $PWD/.bashrc ~/.bashrc |