Yocto build container: start as builduser
Signed-off-by: Thomas Klaehn <thomas.klaehn@u-blox.com>
This commit is contained in:
Thomas Klaehn
parent
d64c9e41b1
commit
6691814ab4
@ -1,6 +1,6 @@
|
|||||||
FROM debian:jessie
|
FROM debian:jessie
|
||||||
|
|
||||||
MAINTAINER Thomas Klaehn <thomas.klaehn@u-blox.com>
|
LABEL maintainer="thomas.klaehn@u-blox.com"
|
||||||
|
|
||||||
RUN apt-get update && \
|
RUN apt-get update && \
|
||||||
apt-get install -yq sudo build-essential git python python3 man bash diffstat \
|
apt-get install -yq sudo build-essential git python python3 man bash diffstat \
|
||||||
@ -19,11 +19,6 @@ RUN echo "en_US.UTF-8 UTF-8" > /etc/locale.gen && locale-gen
|
|||||||
|
|
||||||
ENV LANG en_US.utf8
|
ENV LANG en_US.utf8
|
||||||
|
|
||||||
RUN mkdir -p /var/build
|
|
||||||
|
|
||||||
WORKDIR /var/build
|
|
||||||
|
|
||||||
ADD init.sh /usr/local/bin/init.sh
|
ADD init.sh /usr/local/bin/init.sh
|
||||||
|
|
||||||
ENTRYPOINT ["/usr/local/bin/init.sh"]
|
ENTRYPOINT ["/usr/local/bin/init.sh"]
|
||||||
|
|
||||||
|
|||||||
36
init.sh
36
init.sh
@ -1,31 +1,45 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
username=builduser
|
now="$(date +%s >&1)"
|
||||||
usergroup=buildgroup
|
username=builduser_${now}
|
||||||
builddir=/var/build
|
usergroup=buildgroup_${now}
|
||||||
|
builddir=$(pwd)
|
||||||
homedir=/home/${username}
|
homedir=/home/${username}
|
||||||
sshdir=${homedir}/.ssh
|
sshdir=${homedir}/.ssh
|
||||||
|
|
||||||
# figure out the uid/gid we need to use by integrating the path that has
|
# Figure out the uid/gid we need to use by integrating the path that has
|
||||||
# been bind mounted in. this is then used for the builduser.
|
# been bind mounted in. This is then used for the builduser.
|
||||||
BUILD_UID=$(stat --printf=%u ${builddir} 2> /dev/null)
|
BUILD_UID=$(stat --printf=%u ${builddir} 2> /dev/null)
|
||||||
BUILD_GID=$(stat --printf=%g ${builddir} 2> /dev/null)
|
BUILD_GID=$(stat --printf=%g ${builddir} 2> /dev/null)
|
||||||
|
|
||||||
# create a group
|
# Add docker container group/user.
|
||||||
groupadd --gid ${BUILD_GID} --non-unique ${usergroup}
|
groupadd --gid ${BUILD_GID} --non-unique ${usergroup}
|
||||||
|
|
||||||
# add user
|
|
||||||
useradd -s /bin/bash --home ${homedir} --non-unique --uid ${BUILD_UID} \
|
useradd -s /bin/bash --home ${homedir} --non-unique --uid ${BUILD_UID} \
|
||||||
--gid ${BUILD_GID} --groups sudo ${username}
|
--gid ${BUILD_GID} --groups sudo ${username}
|
||||||
|
|
||||||
# give users in the sudo group sudo access in the container
|
# Give users in the sudo group sudo access in the container.
|
||||||
echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
|
echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
|
||||||
|
|
||||||
# copy ssh key files
|
# Copy ssh key files.
|
||||||
mkdir -p ${homedir}
|
mkdir -p ${homedir}
|
||||||
mkdir -p ${sshdir}
|
mkdir -p ${sshdir}
|
||||||
cp /var/ssh/* ${sshdir}/
|
cp /var/ssh/* ${sshdir}/
|
||||||
chown -R ${username}:${usergroup} ${homedir}
|
chown -R ${username}:${usergroup} ${homedir}
|
||||||
|
|
||||||
exec "$@"
|
# Determine parallel build capabilities.
|
||||||
|
parallel_build="$(nproc >&1)"
|
||||||
|
|
||||||
|
if [ ${parallel_build} -gt 20 ]
|
||||||
|
then
|
||||||
|
BB_NUMBER_THREADS=20
|
||||||
|
PARALLEL_MAKE=20
|
||||||
|
else
|
||||||
|
BB_NUMBER_THREADS=${parallel_build}
|
||||||
|
PARALLEL_MAKE=${parallel_build}
|
||||||
|
fi
|
||||||
|
|
||||||
|
export BB_NUMBER_THREADS
|
||||||
|
export PARALLEL_MAKE
|
||||||
|
|
||||||
|
# Execute CMD
|
||||||
|
su ${username} -c "$@"
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user