mirror of
https://github.com/home-assistant/operating-system.git
synced 2025-07-29 07:56:29 +00:00
Add explicit apparmor dependency for Docker (#1052)
Signed-off-by: Stefan Agner <stefan@agner.ch>
This commit is contained in:
Stefan Agner
GitHub
parent
a4f5670cd8
commit
7443c45001
@ -1,54 +0,0 @@
|
||||
From 8aa12f1835721959d0d1999fceee632404f28366 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <8aa12f1835721959d0d1999fceee632404f28366.1605131156.git.stefan@agner.ch>
|
||||
From: Pascal Vizeli <pvizeli@syshack.ch>
|
||||
Date: Mon, 13 Jan 2020 12:27:06 +0000
|
||||
Subject: [PATCH 1/7] Docker: AppArmor support
|
||||
|
||||
Signed-off-by: Pascal Vizeli <pvizeli@syshack.ch>
|
||||
---
|
||||
package/docker-containerd/docker-containerd.mk | 1 +
|
||||
package/docker-engine/docker-engine.mk | 2 +-
|
||||
package/runc/runc.mk | 2 +-
|
||||
3 files changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/package/docker-containerd/docker-containerd.mk b/package/docker-containerd/docker-containerd.mk
|
||||
index 71f9b4c065..e4a4105018 100644
|
||||
--- a/package/docker-containerd/docker-containerd.mk
|
||||
+++ b/package/docker-containerd/docker-containerd.mk
|
||||
@@ -17,6 +17,7 @@ DOCKER_CONTAINERD_LDFLAGS = \
|
||||
DOCKER_CONTAINERD_BUILD_TARGETS = cmd/ctr cmd/containerd cmd/containerd-shim
|
||||
|
||||
DOCKER_CONTAINERD_INSTALL_BINS = containerd containerd-shim
|
||||
+DOCKER_CONTAINERD_TAGS = apparmor
|
||||
|
||||
ifeq ($(BR2_PACKAGE_LIBSECCOMP),y)
|
||||
DOCKER_CONTAINERD_DEPENDENCIES += libseccomp host-pkgconf
|
||||
diff --git a/package/docker-engine/docker-engine.mk b/package/docker-engine/docker-engine.mk
|
||||
index 8cedf307ba..370cfdbaee 100644
|
||||
--- a/package/docker-engine/docker-engine.mk
|
||||
+++ b/package/docker-engine/docker-engine.mk
|
||||
@@ -17,7 +17,7 @@ DOCKER_ENGINE_LDFLAGS = \
|
||||
-X main.GitCommit=$(DOCKER_ENGINE_VERSION) \
|
||||
-X main.Version=$(DOCKER_ENGINE_VERSION)
|
||||
|
||||
-DOCKER_ENGINE_TAGS = cgo exclude_graphdriver_zfs autogen
|
||||
+DOCKER_ENGINE_TAGS = cgo exclude_graphdriver_zfs autogen apparmor
|
||||
DOCKER_ENGINE_BUILD_TARGETS = cmd/dockerd
|
||||
|
||||
ifeq ($(BR2_PACKAGE_LIBSECCOMP),y)
|
||||
diff --git a/package/runc/runc.mk b/package/runc/runc.mk
|
||||
index 3d177d23d5..d9e953c640 100644
|
||||
--- a/package/runc/runc.mk
|
||||
+++ b/package/runc/runc.mk
|
||||
@@ -10,7 +10,7 @@ RUNC_LICENSE = Apache-2.0
|
||||
RUNC_LICENSE_FILES = LICENSE
|
||||
|
||||
RUNC_LDFLAGS = -X main.gitCommit=$(RUNC_VERSION)
|
||||
-RUNC_TAGS = cgo static_build
|
||||
+RUNC_TAGS = cgo static_build apparmor
|
||||
|
||||
ifeq ($(BR2_PACKAGE_LIBSECCOMP),y)
|
||||
RUNC_TAGS += seccomp
|
||||
--
|
||||
2.29.2
|
||||
|
||||
65
buildroot-patches/0001-docker-add-AppArmor-support.patch
Normal file
65
buildroot-patches/0001-docker-add-AppArmor-support.patch
Normal file
@ -0,0 +1,65 @@
|
||||
From dd83e231779b8daaeaa0a78d6686b80eeb49c12b Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <dd83e231779b8daaeaa0a78d6686b80eeb49c12b.1607000394.git.stefan@agner.ch>
|
||||
From: Pascal Vizeli <pvizeli@syshack.ch>
|
||||
Date: Mon, 13 Jan 2020 12:27:06 +0000
|
||||
Subject: [PATCH 1/7] docker: add AppArmor support
|
||||
|
||||
Signed-off-by: Pascal Vizeli <pvizeli@syshack.ch>
|
||||
Signed-off-by: Stefan Agner <stefan@agner.ch>
|
||||
---
|
||||
package/docker-containerd/docker-containerd.mk | 5 +++++
|
||||
package/docker-engine/docker-engine.mk | 5 +++++
|
||||
package/runc/runc.mk | 5 +++++
|
||||
3 files changed, 15 insertions(+)
|
||||
|
||||
diff --git a/package/docker-containerd/docker-containerd.mk b/package/docker-containerd/docker-containerd.mk
|
||||
index d9a0eb28a6..c68e3818a8 100644
|
||||
--- a/package/docker-containerd/docker-containerd.mk
|
||||
+++ b/package/docker-containerd/docker-containerd.mk
|
||||
@@ -18,6 +18,11 @@ DOCKER_CONTAINERD_BUILD_TARGETS = cmd/ctr cmd/containerd cmd/containerd-shim
|
||||
|
||||
DOCKER_CONTAINERD_INSTALL_BINS = containerd containerd-shim
|
||||
|
||||
+ifeq ($(BR2_PACKAGE_LIBAPPARMOR),y)
|
||||
+DOCKER_CONTAINERD_DEPENDENCIES += libapparmor
|
||||
+DOCKER_CONTAINERD_TAGS += apparmor
|
||||
+endif
|
||||
+
|
||||
ifeq ($(BR2_PACKAGE_LIBSECCOMP),y)
|
||||
DOCKER_CONTAINERD_DEPENDENCIES += libseccomp host-pkgconf
|
||||
DOCKER_CONTAINERD_TAGS += seccomp
|
||||
diff --git a/package/docker-engine/docker-engine.mk b/package/docker-engine/docker-engine.mk
|
||||
index 8cedf307ba..7f898680b7 100644
|
||||
--- a/package/docker-engine/docker-engine.mk
|
||||
+++ b/package/docker-engine/docker-engine.mk
|
||||
@@ -20,6 +20,11 @@ DOCKER_ENGINE_LDFLAGS = \
|
||||
DOCKER_ENGINE_TAGS = cgo exclude_graphdriver_zfs autogen
|
||||
DOCKER_ENGINE_BUILD_TARGETS = cmd/dockerd
|
||||
|
||||
+ifeq ($(BR2_PACKAGE_LIBAPPARMOR),y)
|
||||
+DOCKER_ENGINE_DEPENDENCIES += libapparmor
|
||||
+DOCKER_ENGINE_TAGS += apparmor
|
||||
+endif
|
||||
+
|
||||
ifeq ($(BR2_PACKAGE_LIBSECCOMP),y)
|
||||
DOCKER_ENGINE_TAGS += seccomp
|
||||
DOCKER_ENGINE_DEPENDENCIES += libseccomp
|
||||
diff --git a/package/runc/runc.mk b/package/runc/runc.mk
|
||||
index 3d177d23d5..c559244e83 100644
|
||||
--- a/package/runc/runc.mk
|
||||
+++ b/package/runc/runc.mk
|
||||
@@ -12,6 +12,11 @@ RUNC_LICENSE_FILES = LICENSE
|
||||
RUNC_LDFLAGS = -X main.gitCommit=$(RUNC_VERSION)
|
||||
RUNC_TAGS = cgo static_build
|
||||
|
||||
+ifeq ($(BR2_PACKAGE_LIBAPPARMOR),y)
|
||||
+RUNC_DEPENDENCIES += libapparmor
|
||||
+RUNC_TAGS += apparmor
|
||||
+endif
|
||||
+
|
||||
ifeq ($(BR2_PACKAGE_LIBSECCOMP),y)
|
||||
RUNC_TAGS += seccomp
|
||||
RUNC_DEPENDENCIES += libseccomp host-pkgconf
|
||||
--
|
||||
2.29.2
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 05fa58fbff93719044a9d1bb9e7c82d67068e346 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <05fa58fbff93719044a9d1bb9e7c82d67068e346.1605131156.git.stefan@agner.ch>
|
||||
In-Reply-To: <8aa12f1835721959d0d1999fceee632404f28366.1605131156.git.stefan@agner.ch>
|
||||
References: <8aa12f1835721959d0d1999fceee632404f28366.1605131156.git.stefan@agner.ch>
|
||||
From 7c7198d6075748a5f831c0068441695455d06e6f Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <7c7198d6075748a5f831c0068441695455d06e6f.1607000394.git.stefan@agner.ch>
|
||||
In-Reply-To: <dd83e231779b8daaeaa0a78d6686b80eeb49c12b.1607000394.git.stefan@agner.ch>
|
||||
References: <dd83e231779b8daaeaa0a78d6686b80eeb49c12b.1607000394.git.stefan@agner.ch>
|
||||
From: Pascal Vizeli <pvizeli@syshack.ch>
|
||||
Date: Thu, 16 Apr 2020 11:51:46 +0000
|
||||
Subject: [PATCH 2/7] rpi-firmware: Bump firmware
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From d1f588ab003b001079b6fab1cfd5d43401989b3b Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <d1f588ab003b001079b6fab1cfd5d43401989b3b.1605131156.git.stefan@agner.ch>
|
||||
In-Reply-To: <8aa12f1835721959d0d1999fceee632404f28366.1605131156.git.stefan@agner.ch>
|
||||
References: <8aa12f1835721959d0d1999fceee632404f28366.1605131156.git.stefan@agner.ch>
|
||||
From 506a2a77b2967f911f93a3941bfbdfe9f6acfa77 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <506a2a77b2967f911f93a3941bfbdfe9f6acfa77.1607000394.git.stefan@agner.ch>
|
||||
In-Reply-To: <dd83e231779b8daaeaa0a78d6686b80eeb49c12b.1607000394.git.stefan@agner.ch>
|
||||
References: <dd83e231779b8daaeaa0a78d6686b80eeb49c12b.1607000394.git.stefan@agner.ch>
|
||||
From: Pascal Vizeli <pvizeli@syshack.ch>
|
||||
Date: Thu, 16 Apr 2020 14:32:45 +0000
|
||||
Subject: [PATCH 3/7] network-manager: wpa_supplicant
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From fe8fec1b597f65938376451c7cf84a462c492fd9 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <fe8fec1b597f65938376451c7cf84a462c492fd9.1605131156.git.stefan@agner.ch>
|
||||
In-Reply-To: <8aa12f1835721959d0d1999fceee632404f28366.1605131156.git.stefan@agner.ch>
|
||||
References: <8aa12f1835721959d0d1999fceee632404f28366.1605131156.git.stefan@agner.ch>
|
||||
From ad1b1c5ef75626ae0fc735473034ca1b571dc281 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <ad1b1c5ef75626ae0fc735473034ca1b571dc281.1607000394.git.stefan@agner.ch>
|
||||
In-Reply-To: <dd83e231779b8daaeaa0a78d6686b80eeb49c12b.1607000394.git.stefan@agner.ch>
|
||||
References: <dd83e231779b8daaeaa0a78d6686b80eeb49c12b.1607000394.git.stefan@agner.ch>
|
||||
From: Pascal Vizeli <pvizeli@syshack.ch>
|
||||
Date: Thu, 16 Apr 2020 12:01:44 +0000
|
||||
Subject: [PATCH 4/7] Fix dhcp client
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From baba5ba468fe84e1a85818dd5a2a111e1391d822 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <baba5ba468fe84e1a85818dd5a2a111e1391d822.1605131156.git.stefan@agner.ch>
|
||||
In-Reply-To: <8aa12f1835721959d0d1999fceee632404f28366.1605131156.git.stefan@agner.ch>
|
||||
References: <8aa12f1835721959d0d1999fceee632404f28366.1605131156.git.stefan@agner.ch>
|
||||
From 51babd578150f840311099d54abf8ea39b2127e6 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <51babd578150f840311099d54abf8ea39b2127e6.1607000394.git.stefan@agner.ch>
|
||||
In-Reply-To: <dd83e231779b8daaeaa0a78d6686b80eeb49c12b.1607000394.git.stefan@agner.ch>
|
||||
References: <dd83e231779b8daaeaa0a78d6686b80eeb49c12b.1607000394.git.stefan@agner.ch>
|
||||
From: Pascal Vizeli <pvizeli@syshack.ch>
|
||||
Date: Thu, 16 Apr 2020 12:05:21 +0000
|
||||
Subject: [PATCH 5/7] rpi: use latest wifi driver
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 502b35edadbac3d51c3f37b4c74917ffff6f1332 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <502b35edadbac3d51c3f37b4c74917ffff6f1332.1605131156.git.stefan@agner.ch>
|
||||
In-Reply-To: <8aa12f1835721959d0d1999fceee632404f28366.1605131156.git.stefan@agner.ch>
|
||||
References: <8aa12f1835721959d0d1999fceee632404f28366.1605131156.git.stefan@agner.ch>
|
||||
From 4526121b86b259e426766c4ba35b2911b2c0965c Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <4526121b86b259e426766c4ba35b2911b2c0965c.1607000394.git.stefan@agner.ch>
|
||||
In-Reply-To: <dd83e231779b8daaeaa0a78d6686b80eeb49c12b.1607000394.git.stefan@agner.ch>
|
||||
References: <dd83e231779b8daaeaa0a78d6686b80eeb49c12b.1607000394.git.stefan@agner.ch>
|
||||
From: Stefan Agner <stefan@agner.ch>
|
||||
Date: Wed, 11 Nov 2020 22:16:10 +0100
|
||||
Subject: [PATCH 6/7] ODROID-XU4: video firmware
|
||||
@ -12,7 +12,7 @@ Subject: [PATCH 6/7] ODROID-XU4: video firmware
|
||||
2 files changed, 12 insertions(+)
|
||||
|
||||
diff --git a/package/linux-firmware/Config.in b/package/linux-firmware/Config.in
|
||||
index 9b999034da..d3b7a2b79b 100644
|
||||
index 105daf42b8..109af152f8 100644
|
||||
--- a/package/linux-firmware/Config.in
|
||||
+++ b/package/linux-firmware/Config.in
|
||||
@@ -44,6 +44,12 @@ config BR2_PACKAGE_LINUX_FIRMWARE_QCOM_ADRENO
|
||||
@ -29,7 +29,7 @@ index 9b999034da..d3b7a2b79b 100644
|
||||
|
||||
menu "Bluetooth firmware"
|
||||
diff --git a/package/linux-firmware/linux-firmware.mk b/package/linux-firmware/linux-firmware.mk
|
||||
index d9ad942903..5474377a36 100644
|
||||
index 8808b5284c..f1c84a134d 100644
|
||||
--- a/package/linux-firmware/linux-firmware.mk
|
||||
+++ b/package/linux-firmware/linux-firmware.mk
|
||||
@@ -39,6 +39,12 @@ LINUX_FIRMWARE_FILES += qcom/a*
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 14cd8a7e9eec46e0cdd243db17827335de2803c5 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <14cd8a7e9eec46e0cdd243db17827335de2803c5.1605131156.git.stefan@agner.ch>
|
||||
In-Reply-To: <8aa12f1835721959d0d1999fceee632404f28366.1605131156.git.stefan@agner.ch>
|
||||
References: <8aa12f1835721959d0d1999fceee632404f28366.1605131156.git.stefan@agner.ch>
|
||||
From 0feaec5aace7006f2a4afbb8d69541acac0842e4 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <0feaec5aace7006f2a4afbb8d69541acac0842e4.1607000394.git.stefan@agner.ch>
|
||||
In-Reply-To: <dd83e231779b8daaeaa0a78d6686b80eeb49c12b.1607000394.git.stefan@agner.ch>
|
||||
References: <dd83e231779b8daaeaa0a78d6686b80eeb49c12b.1607000394.git.stefan@agner.ch>
|
||||
From: Pascal Vizeli <pvizeli@syshack.ch>
|
||||
Date: Thu, 7 May 2020 09:02:05 +0000
|
||||
Subject: [PATCH 7/7] docker-proxy: Bump version
|
||||
|
||||
@ -17,7 +17,11 @@ DOCKER_CONTAINERD_LDFLAGS = \
|
||||
DOCKER_CONTAINERD_BUILD_TARGETS = cmd/ctr cmd/containerd cmd/containerd-shim
|
||||
|
||||
DOCKER_CONTAINERD_INSTALL_BINS = containerd containerd-shim
|
||||
DOCKER_CONTAINERD_TAGS = apparmor
|
||||
|
||||
ifeq ($(BR2_PACKAGE_LIBAPPARMOR),y)
|
||||
DOCKER_CONTAINERD_DEPENDENCIES += libapparmor
|
||||
DOCKER_CONTAINERD_TAGS += apparmor
|
||||
endif
|
||||
|
||||
ifeq ($(BR2_PACKAGE_LIBSECCOMP),y)
|
||||
DOCKER_CONTAINERD_DEPENDENCIES += libseccomp host-pkgconf
|
||||
|
||||
@ -17,9 +17,14 @@ DOCKER_ENGINE_LDFLAGS = \
|
||||
-X main.GitCommit=$(DOCKER_ENGINE_VERSION) \
|
||||
-X main.Version=$(DOCKER_ENGINE_VERSION)
|
||||
|
||||
DOCKER_ENGINE_TAGS = cgo exclude_graphdriver_zfs autogen apparmor
|
||||
DOCKER_ENGINE_TAGS = cgo exclude_graphdriver_zfs autogen
|
||||
DOCKER_ENGINE_BUILD_TARGETS = cmd/dockerd
|
||||
|
||||
ifeq ($(BR2_PACKAGE_LIBAPPARMOR),y)
|
||||
DOCKER_ENGINE_DEPENDENCIES += libapparmor
|
||||
DOCKER_ENGINE_TAGS += apparmor
|
||||
endif
|
||||
|
||||
ifeq ($(BR2_PACKAGE_LIBSECCOMP),y)
|
||||
DOCKER_ENGINE_TAGS += seccomp
|
||||
DOCKER_ENGINE_DEPENDENCIES += libseccomp
|
||||
|
||||
@ -10,7 +10,12 @@ RUNC_LICENSE = Apache-2.0
|
||||
RUNC_LICENSE_FILES = LICENSE
|
||||
|
||||
RUNC_LDFLAGS = -X main.gitCommit=$(RUNC_VERSION)
|
||||
RUNC_TAGS = cgo static_build apparmor
|
||||
RUNC_TAGS = cgo static_build
|
||||
|
||||
ifeq ($(BR2_PACKAGE_LIBAPPARMOR),y)
|
||||
RUNC_DEPENDENCIES += libapparmor
|
||||
RUNC_TAGS += apparmor
|
||||
endif
|
||||
|
||||
ifeq ($(BR2_PACKAGE_LIBSECCOMP),y)
|
||||
RUNC_TAGS += seccomp
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user