mrrl

Minimal Reliable Reproducible Linux
git clone https://ccx.te2000.cz/git/mrrl
Log | Files | Refs | Submodules | README

container-bin-image (6078B)

      1 #!/usr/bin/env pthbs-build
      2 #+busybox.68f74170e6a13d2e0e3d99d29d2f02cd614667a68afec5007308ea1ece55ad64
      3 #+busybox-bzip2.9d87ac159c5af2abf932204167d7dd79a5e2854ec5603817b258b68b5584c07c
      4 #+busybox-gzip.1c4e6759f305d884692ed4260879ddf1ca5b722a4b2b8995fd7ac2ff244c1318
      5 #+busybox-lzop.f4feb74da70e7c871444211871d0fc78da65a9e8ebb6b2d09716cda043d9559f
      6 #+busybox-unzip.3525f1554aa628809b2af9b084dd93fe2a37c8f14dbd514faf0e888c25426073
      7 #+busybox-xz.ead5b695755cbb0c379db6ee22b83de1da44c6d75a5295889ae4536de2a22e58
      8 #+busybox-cpio.aae9207efa7aa6f41519f502d53ce4eabb45a70d339a22bf65d89f1aaf7a39de
      9 #+busybox-dpkg.4f8487d22d56efdc91cb2d6263149840ae08d3ff07047357b04d4437f0321f2d
     10 #+busybox-rpm.173468d54d79d9e5630360360e4479f04190c411b81fd1b1ad0139f618dd6b49
     11 #+busybox-tar.794822cecad4eba7d3977210cc3b83b2dc8011cc18c77d9e0ce5205098cffae8
     12 #+busybox-ed.afab42d8bf2060655b013c6225efcb43715780ef058e718d6a697e25de0dfa16
     13 #+busybox-sed.13120e3643a859180c04f69bc441a554327a643b8a8301ec412d412d3ae9e263
     14 #+busybox-vi.76239b7b2102b4489b0e8a0e86f19030f01d6149fa7310d00504580711d0b0f1
     15 #+busybox-xxd.f3350b2e6c2d9463bc4d0ac5761b2a3ca4d5b811e651c2c705d6143667656c76
     16 #+busybox-process-extra.4718339ba96e00c8091bf1348aef03c41cb830463fb26a943788db2c07d43509
     17 #+busybox-procps.d618aac5f7c813d68a26afdddd97c7989c1ccb671cfa2628642e15573944b541
     18 #+busybox-psmisc.8e915b0be8aa34811699584be98d8d1532c6fe91b44de921e0cbf527402859ad
     19 #+busybox-ash.ec7c45db8ddc5ce15e4890ac76b9058759c93db13f5a7d7af554888e3c5c593f
     20 #+busybox-bc.3e9cce6408b94240c76671a4d11bcade40182fcb5bcc1cfd1828208bef65a085
     21 #+busybox-coreutils.9bf9b030f85f1e2273dcd70b660827388694be93e5dbd86e8c812031195508cb
     22 #+busybox-coreutils-extra.8eb2d3d7aee3f89bc564e0da7e1dcf67071e7e49c1ea9b9dcbdba00069d4e247
     23 #+busybox-daemontools.ff774454c0914cb16b18b038863c4a5a8b7c267eb2a308a9c13b740089ea5727
     24 #+busybox-grep.acdcecd4d05a4d1c250b30ae8925ee38ed1f787276a99b9e3514b9850159d301
     25 #+busybox-misc.125f4e5526de9635e0e04ddc5b6ba8c98a9a0e9e817c423b55241a0f0571e0d4
     26 #+busybox-sh.991f989805551e1b6bb35424114e9339163a4e7c90bb03a946ae71b980936e97
     27 #+busybox-util-linux-unpriv.1f8b2c8640b56685a72666365d8aece78e21f1ebc8a83b4355bb4111536b7caa
     28 #+busybox-dosfstools.e820979cc12a5d67189e1a2ddd56b7acf74c997b1fc61e847d362bc71550a0f3
     29 #+busybox-e2fsprogs.c7d4c079efc3d8e52f8074964ab16ffc0c5fae76c17ddbd32004e3dd488b2e3f
     30 #+busybox-iproute2.c5784e69ccfc0c0cfc9059842944b5df497dd8a380acc33047edf5ab87125de4
     31 #+busybox-iputils.2530233389aa34303b99a903597b2f84d537eb44975ff118c9811e23292bb1f0
     32 #+busybox-net-misc.651c3d6430ef597007aa9027635b255e0ecc6b14aa287ace0177294f2685268f
     33 #+busybox-net-tools.498063f80693c71284f5bb10129bccae16776d1749b6c61f0c1f490e90147514
     34 #+busybox-traceroute.59d2a36762db242bf02b4f0cdb453563a1f3233ea386f0d1f67b90abb5846e83
     35 #+busybox-wget.d8f52ca95e4d8f87d77d646b143d200500fed53393c2ae224e80a096a2ac3fc2
     36 #+busybox-chpst.2e97cd93d9d28fead566486cb9995d9606212ba734639d5a51e43928cf341401
     37 #+busybox-console.c1afe1bab8a922fcf8a0cc81e144297f4e81100ec8efaaca731cd96aa4343184
     38 #+busybox-getty.a10a861f84d45540add21aca09c6826177905b14f62f29f1195a244da2d8ace5
     39 #+busybox-i2c-tools.20dff9a2c0595e41111edff6bfebd92884a3188c21a39f2d99552e3a4b3f5eab
     40 #+busybox-linux-extra.df176250cf3170516261609cac06ff0b6152e03addbf6c7fcca314a17dedc3b1
     41 #+busybox-mtd-utils.b8f4aa9c368a00439a5d32c12a9e2987d2c3334955fa91b1e359f9eb70ffde1a
     42 #+busybox-shadow.a6f6bf1873172315da5969e13f556129aeebf3899359559920b9604b356c42c7
     43 #+busybox-su.fc1e17b9e76bbe90a2bfe043d0a604262f872cb9a792eb2e53cf2c1a3b0ba635
     44 #+busybox-util-linux-priv.2257d5f3a2a91721d8eec0e37331d4f4f04ed5120c1f74bd6e32cf2b4c29d34b
     45 #+busybox-logging.a34aa1c5f1e4f4aee3b579751eab46cc24ff8a63a95523a4800731d6b7b95656
     46 #+busybox-cron.0e7308870754a61664a69417c8eed88ec8bd15db0ba1947a351518e3b8a18aca
     47 #+busybox-diffutils.9b52fd5ef8d705039558ba31d05f7933c588d7fe6f2a223a2ffece523ae679a3
     48 #+busybox-findutils.337e3980f5b5d2a07c3850d24ce41c9cbf70e54a3b8d3b4ed7b258756df0014e
     49 #+busybox-login.e2a13668d17cf3557742d395bbc5914765a48ebc38227fa549a4450f7e65de85
     50 #+execline.c9b2a98b336011eab78b31558f55135fab7791d42f91af6af9bff9026401cf95
     51 #+s6.ec4c7ce025c347bbf7c809a40b8138265d382862371e9bcabea457edd0426611
     52 #+ccx-utils.9b72f908e45c62128523289239f6269dcc1f84bb7cb73ab61bd4abcf62d60780
     53 #+applyuidgid-caps.fe4bd4e5813ccbfb0c15591e5b1d839a4fbb5f425f9f5a90dffc7cce501e9235
     54 #+easyseccomp.512d5c7c207a5cc66e804dcf3262aab03450e850d73b76c2fcd5c88adeb151a4
     55 #+mlog.b05e619c821588b46330d6bd9e3a7e670bb9a69dea8a171ba528c33e327a7951
     56 #+abduco.b70950ce5e5fa36620b34a71124f50159535eca0341ed0a3b2629694ff2aaa12
     57 #+nawk.89894c53f13b6d37465565571d13dd5f7ee380df8ecabaf81420ccc89b60253f
     58 #@sha256:b9236c0fd504ffbc56f65d0522d2acadcd2683380eaa6f1873e8201eaa7388a5:default-policy.easyseccomp
     59 
     60 img="$pthbs_destdir/versions/$pthbs_package/container-bin-image"
     61 mkdir -p "$img"
     62 easyseccomp -i default-policy.easyseccomp -o "$img/seccomp-default.bpf"
     63 easyseccomp -i default-policy.easyseccomp -d ALLOW_PTRACE -o "$img/seccomp-ptrace.bpf"
     64 easyseccomp -i default-policy.easyseccomp -d ALLOW_PTRACE -d ALLOW_SECCOMP -d ALLOW_LANDLOCK -o "$img/seccomp-build.bpf"
     65 easyseccomp -i default-policy.easyseccomp -d ALLOW_PTRACE -d ALLOW_SETUID_SETGID -o "$img/seccomp-xpra.bpf"
     66 easyseccomp -i default-policy.easyseccomp -d ALLOW_SETUID_SETGID -o "$img/seccomp-setuidgid.bpf"
     67 cd "$img"
     68 
     69 # first commands without argv0 aliases
     70 for cmd in "${PATH%%:*}"/*; do
     71 	rp=$(realpath "$cmd")
     72 	base=$(basename "$rp")
     73 	if test $base = "${cmd##*/}"; then
     74 		if test -e "./$base"; then
     75 			printf "fatal: duplicate command file: '%s'\n" "$base"
     76 			exit 1
     77 		fi
     78 		cp -p "$rp" ./
     79 	fi
     80 done
     81 
     82 # now alias using symlinks
     83 for cmd in "${PATH%%:*}"/*; do
     84 	rp=$(realpath "$cmd")
     85 	base=$(basename "$rp")
     86 	if ! test $base = "${cmd##*/}"; then
     87 		if ! test -f "./$base"; then
     88 			cp -p "$rp" ./
     89 		fi
     90 		ln -s "./$base" "./${cmd##*/}"
     91 	fi
     92 done
     93 
     94 for cmd in if busybox umount chpst spawn-pty ptsname applyuidgid-caps; do
     95 	if ! test -x "./$cmd"; then
     96 		printf "fatal: expected command not found: '%s'\n" "$cmd"
     97 		exit 1
     98 	fi
     99 done
    100 ./true
    101 ./seccomp-run ./seccomp-default.bpf ./true
    102 
    103 
    104 touch "$pthbs_destdir/versions/$pthbs_package/.install-links"