diff --git a/Dockerfile b/Dockerfile index a5bc1fd..b03c099 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,18 +2,23 @@ FROM debian:jessie LABEL maintainer="thomas.klaehn@u-blox.com" -RUN apt-get update && \ - apt-get install -yq sudo build-essential git python python3 man bash diffstat \ - gawk chrpath wget cpio texinfo lzop apt-utils bc screen libncurses5-dev \ - locales libc6-dev-i386 doxygen libssl-dev dos2unix unzip gcc-multilib socat \ - python3-pip python3-pexpect xz-utils debianutils iputils-ping libsdl1.2-dev \ - xterm p7zip-full && \ +RUN DEBIAN_FRONTEND=noninteractive apt-get update && \ + DEBIAN_FRONTEND=noninteractive apt-get install -yq build-essential git \ + python python3 man bash diffstat gawk chrpath wget cpio texinfo lzop \ + apt-utils bc screen libncurses5-dev locales libc6-dev-i386 doxygen \ + libssl-dev dos2unix unzip gcc-multilib socat python3-pip \ + python3-pexpect xz-utils debianutils iputils-ping libsdl1.2-dev \ + p7zip-full vim sssd libnss-sss libpam-sss && \ rm -rf /var/lib/apt-lists/* && \ echo "dash dash/sh boolean false" | debconf-set-selections && \ DEBIAN_FRONTEND=noninteractive dpkg-reconfigure dash && \ dpkg --add-architecture i386 && \ - apt-get update && \ - apt-get -yq install g++-multilib libusb-1.0-0-dev:i386 + DEBIAN_FRONTEND=noninteractive apt-get update && \ + DEBIAN_FRONTEND=noninteractive apt-get -yq install g++-multilib \ + libusb-1.0-0-dev:i386 + +#RUN echo " IdentiyFile /.ssh/id_rsa" >> /etc/ssh/ssh_config +RUN echo -e "auth required pam_sss.so\naccount required pam_sss.so\npassword required pam_sss.so\nsession required pam_sss.so" > /etc/pam.d/sss_test RUN echo "en_US.UTF-8 UTF-8" > /etc/locale.gen && locale-gen diff --git a/README.md b/README.md new file mode 100644 index 0000000..64526a1 --- /dev/null +++ b/README.md @@ -0,0 +1,27 @@ +# Yocto build container + +A docker container used to build yocto images. It's based on Debian jessie. + +## Prerequisites + +Docker needs to be installed and the docker daemon needs to run. Also the user +needs to be member of the _docker_ group. + +```sh +adduser docker +``` + +## Build the container + +```sh +docker build -t ":" . +``` + +## Run the container + +Run from HOME directory: + +```sh +docker run -it --rm -v=/var/lib/sss/pipes/:/var/lib/sss/pipes/:rw -v $(pwd):$(pwd) -w $(pwd) -u $(id -u $USER):$(id -g $USER) : /bin/bash +``` + diff --git a/init.sh b/init.sh index ae1d322..acdee2b 100755 --- a/init.sh +++ b/init.sh @@ -1,30 +1,22 @@ #!/bin/bash -now="$(date +%s >&1)" -username=builduser_${now} -usergroup=buildgroup_${now} -builddir=$(pwd) -homedir=/home/${username} -sshdir=${homedir}/.ssh +uid=$(id -u $USER) -# Figure out the uid/gid we need to use by integrating the path that has -# been bind mounted in. This is then used for the builduser. -BUILD_UID=$(stat --printf=%u ${builddir} 2> /dev/null) -BUILD_GID=$(stat --printf=%g ${builddir} 2> /dev/null) +if [ ${uid} -lt 100 ] +then + echo "Usage of system users isn't allowed (${uid})." + exit 1 +fi -# Add docker container group/user. -groupadd --gid ${BUILD_GID} --non-unique ${usergroup} -useradd -s /bin/bash --home ${homedir} --non-unique --uid ${BUILD_UID} \ - --gid ${BUILD_GID} --groups sudo ${username} +if [[ ! $(pwd) == /home/* ]] +then + echo "Only run it from any '/home/*' folder, not '$(pwd)'." + exit 2 +fi -# Give users in the sudo group sudo access in the container. -echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers - -# Copy ssh key files. -mkdir -p ${homedir} -mkdir -p ${sshdir} -cp /var/ssh/* ${sshdir}/ -chown -R ${username}:${usergroup} ${homedir} +USERNAME=$(whoami | sed -e 's/@.*$//') +HOME=/home/$USERNAME +HOSTNAME=oe # Determine parallel build capabilities. parallel_build="$(nproc >&1)" @@ -32,14 +24,18 @@ parallel_build="$(nproc >&1)" if [ ${parallel_build} -gt 20 ] then BB_NUMBER_THREADS=20 - PARALLEL_MAKE=20 + PARALLEL_MAKE="-j 20" else BB_NUMBER_THREADS=${parallel_build} - PARALLEL_MAKE=${parallel_build} + PARALLEL_MAKE="-j "${parallel_build} fi +BB_ENV_EXTRAWHITE="BB_NUMBER_THREADS PARALLEL_MAKE BB_NUMBER_PARSE_THREADS" + export BB_NUMBER_THREADS export PARALLEL_MAKE +export BB_ENV_EXTRAWHITE +export HOME +export HOSTNAME -# Execute CMD -su ${username} -c "$@" +exec "$@"