| FROM debian:buster-slim |
| |
| ENV container docker |
| ENV LC_ALL C.UTF-8 |
| ENV DEBIAN_FRONTEND noninteractive |
| |
| SHELL [ "/bin/bash", "-c" ] |
| |
| # Containers built from this image are meant to persist, once started. A user |
| # account is created on them where the work of building crosvm is carried out, |
| # persistently. |
| |
| RUN apt-get update \ |
| && apt-get install -y systemd \ |
| && apt-get clean \ |
| && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \ |
| && rm -f /var/run/nologin |
| |
| RUN rm -f /lib/systemd/system/multi-user.target.wants/* \ |
| /etc/systemd/system/*.wants/* \ |
| /lib/systemd/system/local-fs.target.wants/* \ |
| /lib/systemd/system/sockets.target.wants/*udev* \ |
| /lib/systemd/system/sockets.target.wants/*initctl* \ |
| /lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup* \ |
| /lib/systemd/system/systemd-update-utmp* |
| |
| VOLUME [ "/sys/fs/cgroup" ] |
| |
| CMD ["/lib/systemd/systemd"] |
| |
| RUN apt update \ |
| && apt install -y apt-utils sudo dpkg-dev coreutils \ |
| openssh-server openssh-client psmisc iptables iproute2 dnsmasq \ |
| net-tools rsyslog equivs |
| |
| RUN apt install -y dialog |
| |
| # Set up the user to be the same as the user creating the container. Not |
| # strictly necessary, but this way all the permissions of the generated files |
| # will match. |
| |
| ARG USER |
| ARG UID |
| |
| ENV USER $USER |
| ENV HOME /home/$USER |
| ENV CUSTOM_MANIFEST "" |
| |
| RUN apt update \ |
| && apt install -y sudo |
| |
| RUN useradd -m -s /bin/bash $USER -u $UID -d $HOME \ |
| && passwd -d $USER \ |
| && echo "$USER ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers |
| |
| RUN mkdir /source && chown -R $USER /source |
| RUN mkdir /output && chown -R $USER /output |
| RUN mkdir /working && chown -R $USER /working |
| RUN mkdir /static && chown -R $USER /static |
| |
| RUN sed -i -r -e 's/^#{0,1}\s*PasswordAuthentication\s+(yes|no)/PasswordAuthentication yes/g' /etc/ssh/sshd_config \ |
| && sed -i -r -e 's/^#{0,1}\s*PermitEmptyPasswords\s+(yes|no)/PermitEmptyPasswords yes/g' /etc/ssh/sshd_config \ |
| && sed -i -r -e 's/^#{0,1}\s*ChallengeResponseAuthentication\s+(yes|no)/ChallengeResponseAuthentication no/g' /etc/ssh/sshd_config \ |
| && sed -i -r -e 's/^#{0,1}\s*UsePAM\s+(yes|no)/UsePAM no/g' /etc/ssh/sshd_config |
| |
| USER $USER |
| WORKDIR $HOME |
| |
| COPY --chown=$USER x86_64-linux-gnu/manifest.xml /static/x86_64-linux-gnu/manifest.xml |
| COPY --chown=$USER aarch64-linux-gnu/manifest.xml /static/aarch64-linux-gnu/manifest.xml |
| COPY --chown=$USER rebuild-internal.sh /static/rebuild-internal.sh |
| |
| RUN TOOLS_DIR=/static/tools /static/rebuild-internal.sh install_packages |
| |
| USER root |
| |
| VOLUME /source |
| VOLUME /working |
| VOLUME /output |
| |
| # ENTRYPOINT ["/static/rebuild-internal.sh"] |