mirror of
https://github.com/linuxkit/linuxkit.git
synced 2026-04-10 23:19:33 +00:00
933372e45a
- this needs an init as it does not respond to stop signals, so include tini - needs CAP_SYS_ADMIN to write to kernel entropy estimate - set kernel.random.write_wakeup_threshold so that rngd does not need sysctl write access - build patches from Alpine, but statically linked - remove rngd from base image, means we no longer need community repository Signed-off-by: Justin Cormack <justin.cormack@docker.com>
34 lines
853 B
Docker
34 lines
853 B
Docker
FROM mobylinux/alpine-build-c:701eedf80c332bafcb8dd085b758702ed37dab0e
|
|
|
|
ENV pkgname=rng-tools pkgver=5
|
|
|
|
COPY . .
|
|
|
|
RUN curl -O -sSL http://downloads.sourceforge.net/project/gkernel/$pkgname/$pkgver/$pkgname-$pkgver.tar.gz
|
|
RUN sha256sum -c sha256sums
|
|
RUN zcat $pkgname-$pkgver.tar.gz | tar xf -
|
|
|
|
WORKDIR $pkgname-$pkgver
|
|
RUN for p in ../*.patch; do cat $p | patch -p1; done
|
|
|
|
RUN export LIBS="-largp" && \
|
|
LDFLAGS=-static ./configure \
|
|
--prefix=/usr \
|
|
--libexecdir=/usr/lib/rng-tools \
|
|
--sysconfdir=/etc \
|
|
--disable-silent-rules && \
|
|
make && \
|
|
make DESTDIR=/ install && \
|
|
strip /usr/sbin/rngd
|
|
|
|
WORKDIR /rootfs
|
|
|
|
RUN mkdir -p dev proc sys usr/sbin bin
|
|
|
|
RUN cp -a /usr/sbin/rngd usr/sbin/
|
|
RUN cp -a /tini bin/
|
|
|
|
RUN printf 'FROM scratch\nCOPY . ./\nCMD ["/bin/tini", "/usr/sbin/rngd", "-f"]\n' > Dockerfile
|
|
|
|
CMD ["tar", "cf", "-", "."]
|