From 6691814ab4873915ba3fe5372804af4e6e0b0336 Mon Sep 17 00:00:00 2001 From: Thomas Klaehn Date: Thu, 16 Nov 2017 13:26:17 +0100 Subject: [PATCH] Yocto build container: start as builduser Signed-off-by: Thomas Klaehn --- Dockerfile | 7 +------ init.sh | 36 +++++++++++++++++++++++++----------- 2 files changed, 26 insertions(+), 17 deletions(-) diff --git a/Dockerfile b/Dockerfile index c430624..a5bc1fd 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ FROM debian:jessie -MAINTAINER Thomas Klaehn +LABEL maintainer="thomas.klaehn@u-blox.com" RUN apt-get update && \ apt-get install -yq sudo build-essential git python python3 man bash diffstat \ @@ -19,11 +19,6 @@ RUN echo "en_US.UTF-8 UTF-8" > /etc/locale.gen && locale-gen ENV LANG en_US.utf8 -RUN mkdir -p /var/build - -WORKDIR /var/build - ADD init.sh /usr/local/bin/init.sh ENTRYPOINT ["/usr/local/bin/init.sh"] - diff --git a/init.sh b/init.sh index e30e59f..ae1d322 100755 --- a/init.sh +++ b/init.sh @@ -1,31 +1,45 @@ #!/bin/bash -username=builduser -usergroup=buildgroup -builddir=/var/build +now="$(date +%s >&1)" +username=builduser_${now} +usergroup=buildgroup_${now} +builddir=$(pwd) homedir=/home/${username} sshdir=${homedir}/.ssh -# figure out the uid/gid we need to use by integrating the path that has -# been bind mounted in. this is then used for the builduser. +# Figure out the uid/gid we need to use by integrating the path that has +# been bind mounted in. This is then used for the builduser. BUILD_UID=$(stat --printf=%u ${builddir} 2> /dev/null) BUILD_GID=$(stat --printf=%g ${builddir} 2> /dev/null) -# create a group +# Add docker container group/user. groupadd --gid ${BUILD_GID} --non-unique ${usergroup} - -# add user useradd -s /bin/bash --home ${homedir} --non-unique --uid ${BUILD_UID} \ --gid ${BUILD_GID} --groups sudo ${username} -# give users in the sudo group sudo access in the container +# Give users in the sudo group sudo access in the container. echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers -# copy ssh key files +# Copy ssh key files. mkdir -p ${homedir} mkdir -p ${sshdir} cp /var/ssh/* ${sshdir}/ chown -R ${username}:${usergroup} ${homedir} -exec "$@" +# Determine parallel build capabilities. +parallel_build="$(nproc >&1)" +if [ ${parallel_build} -gt 20 ] +then + BB_NUMBER_THREADS=20 + PARALLEL_MAKE=20 +else + BB_NUMBER_THREADS=${parallel_build} + PARALLEL_MAKE=${parallel_build} +fi + +export BB_NUMBER_THREADS +export PARALLEL_MAKE + +# Execute CMD +su ${username} -c "$@"