github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-10-31 05:30:38 +00:00
Code Issues Projects Releases Wiki Activity
Files
c17e9d24b9b7ec719600d49e24c17d11a10c91a2
linuxkit/pkg/auditd/Dockerfile
Rolf Neugebauer 699a864302 pkg: Update to new Alpine base 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-07-01 18:11:45 +01:00

30 lines
942 B
Docker
Raw Blame History

FROM linuxkit/alpine:9bcf61f605ef0ce36cc94d59b8eac307862de6e1 AS build
RUN apk add abuild gcc git
ADD build.sh /
RUN adduser -D -G abuild builder && sudo -u builder /build.sh
FROM linuxkit/alpine:9bcf61f605ef0ce36cc94d59b8eac307862de6e1 AS mirror
COPY --from=build /home/builder/*apk /
RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/
RUN apk add --initdb -p /out alpine-baselayout tini
RUN apk add --allow-untrusted -p /out /*apk
# Remove apk residuals. We have a read-only rootfs, so apk is of no use.
RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache
FROM scratch
ENTRYPOINT []
CMD []
WORKDIR /
COPY --from=mirror /out/ /
COPY auditd.conf /etc/audit
COPY audit.rules /etc/audit
COPY runaudit.sh /usr/bin
CMD ["/sbin/tini", "/usr/bin/runaudit.sh"]
LABEL org.mobyproject.config='{"pid": "host", "binds": ["/var/log:/var/log"], "capabilities": ["CAP_AUDIT_CONTROL", "CAP_AUDIT_READ", "CAP_AUDIT_WRITE", "CAP_SYS_NICE"]}'
Reference in New Issue View Git Blame Copy Permalink