auditd: Use package from alpine 3.7

This was added to alpine since our package was created. Now we have upgraded we can just use the binary. The package contains an auditd.conf but we have a tweak local copy which writes to stdio (which goes to /var/log/auditd.*.log already). The package doesn't have an audit.rules so keep that here too. Signed-off-by: Ian Campbell <ijc@docker.com>
2025-07-20 17:49:10 +00:00 · 2017-12-15 11:05:53 +00:00 · 2017-12-15 11:05:53 +00:00 · abf0a5d098
commit abf0a5d098
parent d01f4e97d7
2 changed files with 2 additions and 26 deletions
--- a/pkg/auditd/Dockerfile
+++ b/pkg/auditd/Dockerfile
@ -1,15 +1,7 @@
-FROM linuxkit/alpine:d307c8a386fa3f32cddda9409b9687e191cdd6f1 AS build
-RUN apk add abuild gcc git
-
-ADD build.sh /
-RUN adduser -D -G abuild builder && sudo -u builder /build.sh
-
-FROM linuxkit/alpine:d307c8a386fa3f32cddda9409b9687e191cdd6f1 AS mirror
-COPY --from=build /home/builder/*apk /
+FROM linuxkit/alpine:4584958639b2378246371fe219f33b270667e22e AS mirror

 RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/
-RUN apk add --initdb -p /out alpine-baselayout busybox tini
-RUN apk add --allow-untrusted -p /out /*apk
+RUN apk add --initdb -p /out alpine-baselayout apk-tools audit busybox tini

 # Remove apk residuals. We have a read-only rootfs, so apk is of no use.
 RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache
--- a/pkg/auditd/build.sh
+++ b/pkg/auditd/build.sh
@ -1,16 +0,0 @@
-#!/bin/sh
-
-AUDIT_HASH=59763dd8e587d1821f2d039b2bf446c3a31ea58e
-
-set -e
-
-cd /home/builder
-
-git clone https://github.com/alpinelinux/aports && cd aports && git checkout $AUDIT_HASH
-cd testing/audit
-
-abuild-keygen -a
-abuild -F -r
-
-find ~/packages
-cp ~/packages/testing/$(abuild -A)/*apk ~