diff --git a/alpine/Dockerfile b/alpine/Dockerfile index 6409a1523..86ca7a787 100644 --- a/alpine/Dockerfile +++ b/alpine/Dockerfile @@ -9,14 +9,16 @@ RUN \ adduser -G docker -u 1001 -s /bin/sh -D -g "Docker" docker && \ apk update && apk upgrade && \ apk add \ - e2fsprogs docker chrony \ + e2fsprogs chrony \ + git xz iptables \ sfdisk lvm2 syslinux COPY etc /etc/ ADD kernel/aufs-utils.tar / - COPY mkinitrd.sh /bin/ +COPY packages/9pudc/9pudc packages/mdnstool/mdnstool /sbin/ +COPY packages/docker/docker /usr/bin/ RUN \ setup-timezone -z UTC && \ @@ -49,7 +51,4 @@ RUN \ rc-update add automount boot && \ ln -s /bin/busybox /init -# docker mac specific, should be packages -COPY packages/9pudc/9pudc packages/mdnstool/mdnstool /sbin/ - CMD ["/bin/sh"] diff --git a/alpine/Makefile b/alpine/Makefile index 0819efbb4..ff25a99ce 100644 --- a/alpine/Makefile +++ b/alpine/Makefile @@ -13,13 +13,10 @@ kernel/aufs-utils.tar: initrd.img: Dockerfile mkinitrd.sh repositories $(ETCFILES) kernel/aufs-utils.tar rm -f initrd.img - $(MAKE) -C packages/9pudc - $(MAKE) -C packages/mdnstool + $(MAKE) -C packages docker build -t moby:build . docker run moby:build /bin/mkinitrd.sh > $@ clean: rm -f initrd.img - $(MAKE) -C packages/9pudc clean - $(MAKE) -C packages/mdnstool clean - $(MAKE) -C kernel clean + $(MAKE) -C packages clean diff --git a/alpine/etc/conf.d/docker b/alpine/etc/conf.d/docker index efba49733..c77f18fb2 100644 --- a/alpine/etc/conf.d/docker +++ b/alpine/etc/conf.d/docker @@ -1,3 +1,5 @@ # /etc/conf.d/docker export DOCKER_RAMDISK="true" +export DOCKER_BINARY="/usr/bin/docker" +export DOCKER_OPTS="-s aufs" diff --git a/alpine/etc/init.d/docker b/alpine/etc/init.d/docker new file mode 100755 index 000000000..7cf9b80d9 --- /dev/null +++ b/alpine/etc/init.d/docker @@ -0,0 +1,26 @@ +#!/sbin/openrc-run +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +command="${DOCKER_BINARY:-/usr/bin/docker}" +pidfile="${DOCKER_PIDFILE:-/run/${RC_SVCNAME}.pid}" +command_args="daemon -p \"${pidfile}\" ${DOCKER_OPTS}" +DOCKER_LOGFILE="${DOCKER_LOGFILE:-/var/log/${RC_SVCNAME}.log}" +start_stop_daemon_args="--background \ + --stderr \"${DOCKER_LOGFILE}\" --stdout \"${DOCKER_LOGFILE}\"" + +grsecdir=/proc/sys/kernel/grsecurity + +start_pre() { + checkpath -f -m 0644 -o root:docker "$DOCKER_LOGFILE" + for i in $disable_grsec; do + if [ -e "$grsecdir/$i" ]; then + einfo " Disabling $i" + echo 0 > "$grsecdir/$i" + fi + done + + ulimit -n 1048576 + + return 0 +} diff --git a/alpine/packages/Makefile b/alpine/packages/Makefile new file mode 100644 index 000000000..28c9ee6b2 --- /dev/null +++ b/alpine/packages/Makefile @@ -0,0 +1,9 @@ +all: + $(MAKE) -C 9pudc + $(MAKE) -C mdnstool + $(MAKE) -C docker + +clean: + $(MAKE) -C 9pudc clean + $(MAKE) -C mdnstool clean + $(MAKE) -C docker clean diff --git a/alpine/packages/docker/.gitignore b/alpine/packages/docker/.gitignore new file mode 100644 index 000000000..bdb967096 --- /dev/null +++ b/alpine/packages/docker/.gitignore @@ -0,0 +1 @@ +docker diff --git a/alpine/packages/docker/APKBUILD b/alpine/packages/docker/APKBUILD deleted file mode 100644 index e10f3ab03..000000000 --- a/alpine/packages/docker/APKBUILD +++ /dev/null @@ -1,101 +0,0 @@ -# Maintainer: Eivind Uggedal -pkgname=docker -pkgver=1.9.1 -pkgrel=2 -_gitcommit=a34a1d5 -pkgdesc="Pack, ship and run any application as a lightweight container" -url="http://www.docker.io/" -arch="all" -license="ASL 2.0" -depends="iptables git xz" -depends_dev="" -makedepends="go sqlite-dev btrfs-progs-dev bash linux-headers" -options="!strip" -install="$pkgname.pre-install" -subpackages=" - $pkgname-bash-completion:bashcomp - $pkgname-zsh-completion:zshcomp - $pkgname-vim:vim - " -source=" - $pkgname-$pkgver.tar.gz::https://github.com/docker/docker/archive/v$pkgver.tar.gz - openrc-fixes.patch - " - -_builddir="$srcdir"/$pkgname-$pkgver -_buildtags="exclude_graphdriver_aufs exclude_graphdriver_devicemapper" - -prepare() { - local i - cd "$_builddir" - for i in $source; do - case $i in - *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; - esac - done -} - -build() { - cd "$_builddir" - - export AUTO_GOPATH=1 - export DOCKER_GITCOMMIT=$_gitcommit - export DOCKER_BUILDTAGS=$_buildtags - unset CC # prevent possible ccache issues - - ./hack/make.sh dynbinary -} - -package() { - cd "$_builddir" - local ver=$(cat VERSION) - - install -Dm755 bundles/$ver/dynbinary/docker-$ver \ - "$pkgdir"/usr/bin/docker - install -Dm755 bundles/$ver/dynbinary/dockerinit-$ver \ - "$pkgdir"/usr/lib/docker/dockerinit - - install -Dm755 contrib/init/openrc/docker.initd \ - "$pkgdir"/etc/init.d/docker - install -Dm644 contrib/init/openrc/docker.confd \ - "$pkgdir"/etc/conf.d/docker -} - -bashcomp() { - pkgdesc="Bash completion for Docker" - arch="noarch" - depends="" - install_if="$pkgname=$pkgver-r$pkgrel bash-completion" - - install -Dm644 "$_builddir"/contrib/completion/bash/$pkgname \ - "$subpkgdir"/usr/share/bash-completion/completions/$pkgname -} - -zshcomp() { - pkgdesc="Zsh completion for $pkgname" - arch="noarch" - depends="" - install_if="$pkgname=$pkgver-r$pkgrel zsh" - - install -Dm644 "$_builddir"/contrib/completion/zsh/_$pkgname \ - "$subpkgdir"/usr/share/zsh/site-functions/_$pkgname || return 1 -} - -vim() { - depends="" - pkgdesc="Vim syntax for Docker" - arch="noarch" - - local f= - for f in ftdetect/dockerfile.vim syntax/dockerfile.vim; do - install -Dm644 "$_builddir"/contrib/syntax/vim/$f \ - "$subpkgdir"/usr/share/vim/vimfiles/$f - done -} - -md5sums="e00baca222046de0359b1b2c066a4eb7 docker-1.9.1.tar.gz -506e32a6157a7f92e67511111fba6fe8 openrc-fixes.patch" -sha256sums="ff0ad9647b756381758a16440a48e6f3c8615bbc903e53680569aac0b0a85157 docker-1.9.1.tar.gz -864d229e21dfa6c931b29b908093302a48837ddb1aa4205088f6f7fd4d7da4e3 openrc-fixes.patch" -sha512sums="db9db1d5095b2afe2285265414c36026d2b42d5547301d7d462151b81553f33e242b403b566e7835727d51b77e3176c049f1e9f37f60b59b3c66b95403c97b9d docker-1.9.1.tar.gz -1162f62e8a7a5ded0c54cfe46014449efd67491bdb678fa22862117adb08206c909a3f98b0062125d25256dc1f48596b696bd4b19a8804d2862e758678a8bb62 openrc-fixes.patch" diff --git a/alpine/packages/docker/Makefile b/alpine/packages/docker/Makefile new file mode 100644 index 000000000..1a2b144f7 --- /dev/null +++ b/alpine/packages/docker/Makefile @@ -0,0 +1,11 @@ +all: docker + +DOCKER_VERSION=1.9.1 + +docker: + docker run docker:$(DOCKER_VERSION) cat /usr/local/bin/docker > docker + + chmod +x docker + +clean: + rm -f docker diff --git a/alpine/packages/docker/docker.pre-install b/alpine/packages/docker/docker.pre-install deleted file mode 100644 index 8a1dec6f2..000000000 --- a/alpine/packages/docker/docker.pre-install +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh - -if ! getent group docker >/dev/null; then - addgroup -S docker -fi -exit 0 diff --git a/alpine/packages/docker/openrc-fixes.patch b/alpine/packages/docker/openrc-fixes.patch deleted file mode 100644 index f350daaf9..000000000 --- a/alpine/packages/docker/openrc-fixes.patch +++ /dev/null @@ -1,34 +0,0 @@ -diff --git a/contrib/init/openrc/docker.initd b/contrib/init/openrc/docker.initd -index 26fa8ef..ea8a3b2 100644 ---- a/contrib/init/openrc/docker.initd -+++ b/contrib/init/openrc/docker.initd -@@ -9,11 +9,18 @@ DOCKER_LOGFILE="${DOCKER_LOGFILE:-/var/log/${RC_SVCNAME}.log}" - start_stop_daemon_args="--background \ - --stderr \"${DOCKER_LOGFILE}\" --stdout \"${DOCKER_LOGFILE}\"" - -+grsecdir=/proc/sys/kernel/grsecurity -+ - start_pre() { - checkpath -f -m 0644 -o root:docker "$DOCKER_LOGFILE" -+ for i in $disable_grsec; do -+ if [ -e "$grsecdir/$i" ]; then -+ einfo " Disabling $i" -+ echo 0 > "$grsecdir/$i" -+ fi -+ done - - ulimit -n 1048576 -- ulimit -u 1048576 - - return 0 - } - ---- a/contrib/init/openrc/docker.confd 2015-02-10 17:14:37.000000000 -0100 -+++ b/contrib/init/openrc/docker.confd 2015-03-31 14:52:47.323685914 -0200 -@@ -11,3 +11,6 @@ - - # any other random options you want to pass to docker - DOCKER_OPTS="" -+ -+# disable grsecurity features -+#disable_grsec="chroot_deny_chmod chroot_deny_mknod" diff --git a/alpine/repositories b/alpine/repositories index c59d2d436..4e82f29d2 100644 --- a/alpine/repositories +++ b/alpine/repositories @@ -1,3 +1,2 @@ http://dl-4.alpinelinux.org/alpine/edge/main http://dl-4.alpinelinux.org/alpine/edge/community -http://dl-4.alpinelinux.org/alpine/edge/testing