Skip to content

Commit

Permalink
Add "AlmaLinux Kitten release 10" support AlmaLinux#11
Browse files Browse the repository at this point in the history
  • Loading branch information
yuravk committed Sep 16, 2024
1 parent ebc48d8 commit 56b735f
Show file tree
Hide file tree
Showing 5 changed files with 395 additions and 0 deletions.
91 changes: 91 additions & 0 deletions Containerfiles/10-kitten/Containerfile.base
Original file line number Diff line number Diff line change
@@ -0,0 +1,91 @@
ARG SYSBASE=quay.io/ykohut/almalinux:10-kitten
FROM ${SYSBASE} AS system-build

RUN mkdir -p /mnt/sys-root; \
dnf install -y \
--installroot /mnt/sys-root --releasever 10 --setopt install_weak_deps=false --nodocs \
almalinux-release \
bash \
coreutils-single \
crypto-policies-scripts \
curl-minimal \
findutils \
gdb-gdbserver \
glibc-minimal-langpack \
gzip \
libcurl-minimal \
libusbx \
rootfiles \
systemd \
tar \
usermode \
vim-minimal \
virt-what \
yum \
; \
echo '%_install_langs en_US.UTF-8' > /etc/rpm/macros.image-language-conf ;\
dnf reinstall -y \
--installroot /mnt/sys-root \
--releasever 10 \
--setopt install_weak_deps=false \
--nodocs \
krb5-libs ; \
dnf --installroot /mnt/sys-root clean all;
# Additional hacks for kickstart file and backward compatable support
RUN rm -rf /mnt/sys-root/var/log/dnf* /mnt/sys-root/var/log/yum.* /mnt/sys-root/var/cache/dnf/* /mnt/sys-root/var/lib/dnf/repos; \
rm -rf /mnt/sys-root/var/log/hawkey.log /mnt/sys-root/boot /mnt/sys-root/dev/null /mnt/sys-root/var/log/* /mnt/sys-root/run/blkid ; \
mkdir -p /mnt/sys-root/run/lock; \
# generate build time file for compatibility with CentOS /mnt/sys-root/run/* /mnt/sys-root/var/lib/dnf/history*
/bin/date +%Y%m%d_%H%M > /mnt/sys-root/etc/BUILDTIME; \
echo '%_install_langs C.utf8' > /mnt/sys-root/etc/rpm/macros.image-language-conf; \
echo 'LANG="C.utf8"' > /mnt/sys-root/etc/locale.conf; \
echo 'container' > /mnt/sys-root/etc/dnf/vars/infra; \
touch /mnt/sys-root/etc/.pwd.lock; \
chmod 600 /mnt/sys-root/etc/.pwd.lock; \
touch /mnt/sys-root/run/utmp ;\
chmod 664 /mnt/sys-root/run/utmp ;\
echo '0.0 0 0.0' > /mnt/sys-root/etc/adjtime; \
echo '0' >> /mnt/sys-root/etc/adjtime; \
echo 'UTC' >> /mnt/sys-root/etc/adjtime; \
echo '# This file has been generated by the Anaconda Installer.' > /mnt/sys-root/etc/sysconfig/sshd-permitrootlogin ;\
echo '# Allow root to log in using ssh. Remove this file to opt-out.' >> /mnt/sys-root/etc/sysconfig/sshd-permitrootlogin ;\
echo 'PERMITROOTLOGIN="-oPermitRootLogin=yes"' >> /mnt/sys-root/etc/sysconfig/sshd-permitrootlogin ;\
echo 'KEYMAP="us"' > /mnt/sys-root/etc/vconsole.conf; \
echo 'FONT="eurlatgr"' >> /mnt/sys-root/etc/vconsole.conf; \
rm -rf /mnt/sys-root/usr/share/locale/en_CA/ /mnt/sys-root/usr/share/locale/en_GB/ /mnt/sys-root/usr/share/locale/en@* /mnt/sys-root/usr/share/locale/en /mnt/sys-root/usr/share/locale/en*@* /mnt/sys-root/usr/share/i18n/charmaps /mnt/sys-root/usr/share/i18n/locales ;\
rm -f /mnt/sys-root/etc/machine-id /mnt/sys-root/var/cache/dnf/.gpgkeyschecked.yum ; \
touch /mnt/sys-root/etc/machine-id; \
touch /mnt/sys-root/etc/resolv.conf; \
touch /mnt/sys-root/etc/hostname
# AL9 specific hacks
RUN mkdir -p /mnt/sys-root/var/cache/private /mnt/sys-root/var/lib/private /mnt/sys-root/var/lib/systemd/coredump /mnt/sys-root/var/lib/tpm2-tss/system/keystore ;\
mkdir -p /mnt/sys-root/run/cryptsetup /mnt/sys-root/run/lock/subsys /mnt/sys-root/run/log /mnt/sys-root/run/user /mnt/sys-root/run/tpm2-tss/eventlog ;\
mkdir -p /mnt/sys-root/run/systemd/ask-password /mnt/sys-root/run/systemd/machines /mnt/sys-root/run/systemd/seats /mnt/sys-root/run/systemd/sessions /mnt/sys-root/run/systemd/shutdown /mnt/sys-root/run/systemd/users ;\
chmod 700 /mnt/sys-root/var/cache/private ; \
chmod 700 /mnt/sys-root/var/lib/private ; \
chmod 700 /mnt/sys-root/run/cryptsetup ; \
groupadd -R '/mnt/sys-root/' -r -p '!*' -g 996 sgx && groupadd -R '/mnt/sys-root/' -r -p '!*' -g 995 systemd-oom ; \
useradd -R '/mnt/sys-root/' -r -c 'systemd Userspace OOM Killer' -g 995 -u 995 -s '/usr/sbin/nologin' -M -d '/' systemd-oom ; \
sed -i "/sgx/d" /mnt/sys-root/etc/group- ; \
sed -i "/sgx/d" /mnt/sys-root/etc/gshadow- ; \
cd /mnt/sys-root/etc ; \
ln -s ../usr/share/zoneinfo/UTC localtime ;

FROM scratch AS stage2

COPY --from=system-build /mnt/sys-root/ /

RUN systemctl set-default multi-user.target; \
systemctl mask systemd-remount-fs.service \
dev-hugepages.mount \
sys-fs-fuse-connections.mount \
systemd-logind.service \
getty.target \
console-getty.service

FROM scratch
COPY --from=stage2 / /

ENV LANG=C.utf8

CMD ["/bin/bash"]
95 changes: 95 additions & 0 deletions Containerfiles/10-kitten/Containerfile.default
Original file line number Diff line number Diff line change
@@ -0,0 +1,95 @@
ARG SYSBASE=quay.io/ykohut/almalinux:10-kitten
FROM ${SYSBASE} AS system-build

RUN mkdir /mnt/sys-root; \
dnf install -y \
--installroot /mnt/sys-root \
--releasever 10 \
--setopt install_weak_deps=false \
--nodocs \
almalinux-release \
bash \
binutils \
coreutils-single \
crypto-policies-scripts \
curl-minimal \
findutils \
hostname \
iputils \
glibc-minimal-langpack \
krb5-libs \
less \
libcurl-minimal \
rootfiles \
systemd \
tar \
vim-minimal \
yum \
xz \
; \
echo '%_install_langs en_US.UTF-8' > /etc/rpm/macros.image-language-conf ;\
dnf reinstall -y \
--installroot /mnt/sys-root \
--releasever 10 \
--setopt install_weak_deps=false \
--nodocs \
krb5-libs ; \
dnf --installroot /mnt/sys-root clean all;
# Additional hacks for kickstart file and backward compatable support /mnt/sys-root/var/lib/dnf/history*
RUN rm -rf /mnt/sys-root/var/log/dnf* /mnt/sys-root/var/log/yum.* /mnt/sys-root/usr/share/i18n/charmaps /mnt/sys-root/usr/share/i18n/locales ; \
rm -rf /mnt/sys-root/var/cache/dnf/* /mnt/sys-root/var/lib/dnf/repos /mnt/sys-root/boot /mnt/sys-root/dev/null ; \
rm -rf /mnt/sys-root/var/log/hawkey.log /mnt/sys-root/var/log/* ; \
mkdir -p /mnt/sys-root/run/lock; \
/bin/date +%Y%m%d_%H%M > /mnt/sys-root/etc/BUILDTIME; \
echo '%_install_langs C.utf8' > /mnt/sys-root/etc/rpm/macros.image-language-conf; \
echo 'LANG="C.utf8"' > /mnt/sys-root/etc/locale.conf; \
echo 'container' > /mnt/sys-root/etc/dnf/vars/infra; \
touch /mnt/sys-root/etc/.pwd.lock; \
chmod 600 /mnt/sys-root/etc/.pwd.lock; \
touch /mnt/sys-root/run/utmp ;\
chmod 664 /mnt/sys-root/run/utmp ;\
echo '0.0 0 0.0' > /mnt/sys-root/etc/adjtime; \
echo '0' >> /mnt/sys-root/etc/adjtime; \
echo 'UTC' >> /mnt/sys-root/etc/adjtime; \
echo '# This file has been generated by the Anaconda Installer.' > /mnt/sys-root/etc/sysconfig/sshd-permitrootlogin ;\
echo '# Allow root to log in using ssh. Remove this file to opt-out.' >> /mnt/sys-root/etc/sysconfig/sshd-permitrootlogin ;\
echo 'PERMITROOTLOGIN="-oPermitRootLogin=yes"' >> /mnt/sys-root/etc/sysconfig/sshd-permitrootlogin ;\
echo 'KEYMAP="us"' > /mnt/sys-root/etc/vconsole.conf; \
echo 'FONT="eurlatgr"' >> /mnt/sys-root/etc/vconsole.conf; \
rm -rf /mnt/sys-root/usr/share/locale/en_US@piglati* /mnt/sys-root/run/blkid /mnt/sys-root/var/cache/dnf/.gpgkeyschecked.yum ; \
rm -f /mnt/sys-root/etc/machine-id; \
touch /mnt/sys-root/etc/machine-id; \
touch /mnt/sys-root/etc/resolv.conf; \
touch /mnt/sys-root/etc/hostname
# AL9 specific hacks
RUN mkdir -p /mnt/sys-root/var/cache/private /mnt/sys-root/var/lib/private /mnt/sys-root/var/lib/systemd/coredump /mnt/sys-root/var/lib/tpm2-tss/system/keystore ;\
mkdir -p /mnt/sys-root/run/cryptsetup /mnt/sys-root/run/lock/subsys /mnt/sys-root/run/log /mnt/sys-root/run/user /mnt/sys-root/run/tpm2-tss/eventlog ;\
mkdir -p /mnt/sys-root/run/systemd/ask-password /mnt/sys-root/run/systemd/machines /mnt/sys-root/run/systemd/seats /mnt/sys-root/run/systemd/sessions /mnt/sys-root/run/systemd/shutdown /mnt/sys-root/run/systemd/users ;\
chmod 700 /mnt/sys-root/var/cache/private ; \
chmod 700 /mnt/sys-root/var/lib/private ; \
chmod 700 /mnt/sys-root/run/cryptsetup ; \
groupadd -R '/mnt/sys-root/' -r -p '!*' -g 996 sgx && groupadd -R '/mnt/sys-root/' -r -p '!*' -g 995 systemd-oom ; \
useradd -R '/mnt/sys-root/' -r -c 'systemd Userspace OOM Killer' -g 995 -u 995 -s '/usr/sbin/nologin' -M -d '/' systemd-oom ; \
sed -i "/sgx/d" /mnt/sys-root/etc/group- ; \
sed -i "/sgx/d" /mnt/sys-root/etc/gshadow- ; \
cd /mnt/sys-root/etc ; \
ln -s ../usr/share/zoneinfo/UTC localtime ;

# Almalinux default build
FROM scratch AS stage2
COPY --from=system-build /mnt/sys-root/ /

RUN systemctl set-default multi-user.target; \
systemctl mask systemd-remount-fs.service \
dev-hugepages.mount \
sys-fs-fuse-connections.mount \
systemd-logind.service \
getty.target \
console-getty.service

FROM scratch
COPY --from=stage2 / /

ENV LANG=C.utf8

CMD ["/bin/bash"]
103 changes: 103 additions & 0 deletions Containerfiles/10-kitten/Containerfile.init
Original file line number Diff line number Diff line change
@@ -0,0 +1,103 @@
ARG SYSBASE=quay.io/ykohut/almalinux:10-kitten
FROM ${SYSBASE} AS system-build

RUN mkdir /mnt/sys-root; \
dnf install -y \
# --nogpgcheck --repoid=AppStream --repoid=BaseOS \
# --repofrompath='BaseOS,https://repo.almalinux.org/almalinux/10/BaseOS/$basearch/os/' \
# --repofrompath='AppStream,https://repo.almalinux.org/almalinux/10/AppStream/$basearch/os/' \
--installroot /mnt/sys-root \
--releasever 10 \
--setopt install_weak_deps=false \
--nodocs \
almalinux-release \
bash \
coreutils-single \
crypto-policies-scripts \
curl-minimal \
findutils \
gdb-gdbserver \
glibc-minimal-langpack \
gzip \
libcurl-minimal \
libusbx \
procps-ng \
rootfiles \
systemd \
tar \
usermode \
vim-minimal \
virt-what \
yum \
; \
echo '%_install_langs en_US.UTF-8' > /etc/rpm/macros.image-language-conf ;\
dnf reinstall -y \
--installroot /mnt/sys-root \
--releasever 10 \
--setopt install_weak_deps=false \
--nodocs \
krb5-libs ; \
dnf --installroot /mnt/sys-root clean all;
# Additional hacks for kickstart file and backward compatable support
RUN rm -rf /mnt/sys-root/var/log/dnf* /mnt/sys-root/var/log/yum.* /mnt/sys-root/var/cache/dnf/* /mnt/sys-root/var/lib/dnf/repos; \
rm -rf /mnt/sys-root/var/log/hawkey.log /mnt/sys-root/boot /mnt/sys-root/dev/null /mnt/sys-root/var/log/* /mnt/sys-root/run/blkid ; \
mkdir -p /mnt/sys-root/run/lock; \
# generate build time file for compatibility with CentOS /mnt/sys-root/run/* /mnt/sys-root/var/lib/dnf/history*
/bin/date +%Y%m%d_%H%M > /mnt/sys-root/etc/BUILDTIME; \
echo '%_install_langs C.utf8' > /mnt/sys-root/etc/rpm/macros.image-language-conf; \
echo 'LANG="C.utf8"' > /mnt/sys-root/etc/locale.conf; \
echo 'container' > /mnt/sys-root/etc/dnf/vars/infra; \
touch /mnt/sys-root/etc/.pwd.lock; \
chmod 600 /mnt/sys-root/etc/.pwd.lock; \
touch /mnt/sys-root/run/utmp ;\
chmod 664 /mnt/sys-root/run/utmp ;\
echo '0.0 0 0.0' > /mnt/sys-root/etc/adjtime; \
echo '0' >> /mnt/sys-root/etc/adjtime; \
echo 'UTC' >> /mnt/sys-root/etc/adjtime; \
echo '# This file has been generated by the Anaconda Installer.' > /mnt/sys-root/etc/sysconfig/sshd-permitrootlogin ;\
echo '# Allow root to log in using ssh. Remove this file to opt-out.' >> /mnt/sys-root/etc/sysconfig/sshd-permitrootlogin ;\
echo 'PERMITROOTLOGIN="-oPermitRootLogin=yes"' >> /mnt/sys-root/etc/sysconfig/sshd-permitrootlogin ;\
echo 'KEYMAP="us"' > /mnt/sys-root/etc/vconsole.conf; \
echo 'FONT="eurlatgr"' >> /mnt/sys-root/etc/vconsole.conf; \
rm -rf /mnt/sys-root/usr/share/locale/en_CA/ /mnt/sys-root/usr/share/locale/en_GB/ /mnt/sys-root/usr/share/locale/en@* /mnt/sys-root/usr/share/locale/en /mnt/sys-root/usr/share/locale/en*@* /mnt/sys-root/usr/share/i18n/charmaps /mnt/sys-root/usr/share/i18n/locales ;\
rm -f /mnt/sys-root/etc/machine-id /mnt/sys-root/var/cache/dnf/.gpgkeyschecked.yum ; \
touch /mnt/sys-root/etc/machine-id; \
touch /mnt/sys-root/etc/resolv.conf; \
touch /mnt/sys-root/etc/hostname
# AL9 specific hacks
RUN mkdir -p /mnt/sys-root/var/cache/private /mnt/sys-root/var/lib/private /mnt/sys-root/var/lib/systemd/coredump /mnt/sys-root/var/lib/tpm2-tss/system/keystore ;\
mkdir -p /mnt/sys-root/run/cryptsetup /mnt/sys-root/run/lock/subsys /mnt/sys-root/run/log /mnt/sys-root/run/user /mnt/sys-root/run/tpm2-tss/eventlog ;\
mkdir -p /mnt/sys-root/run/systemd/ask-password /mnt/sys-root/run/systemd/machines /mnt/sys-root/run/systemd/seats /mnt/sys-root/run/systemd/sessions /mnt/sys-root/run/systemd/shutdown /mnt/sys-root/run/systemd/users ;\
chmod 700 /mnt/sys-root/var/cache/private ; \
chmod 700 /mnt/sys-root/var/lib/private ; \
chmod 700 /mnt/sys-root/run/cryptsetup ; \
groupadd -R '/mnt/sys-root/' -r -p '!*' -g 996 sgx && groupadd -R '/mnt/sys-root/' -r -p '!*' -g 995 systemd-oom ; \
useradd -R '/mnt/sys-root/' -r -c 'systemd Userspace OOM Killer' -g 995 -u 995 -s '/usr/sbin/nologin' -M -d '/' systemd-oom ; \
sed -i "/sgx/d" /mnt/sys-root/etc/group- ; \
sed -i "/sgx/d" /mnt/sys-root/etc/gshadow- ; \
cd /mnt/sys-root/etc ; \
ln -s ../usr/share/zoneinfo/UTC localtime ;

FROM scratch AS stage2

COPY --from=system-build /mnt/sys-root/ /

RUN systemctl set-default multi-user.target; \
systemctl mask systemd-remount-fs.service \
dev-hugepages.mount \
sys-fs-fuse-connections.mount \
systemd-logind.service \
getty.target \
console-getty.service \
systemd-udev-trigger.service \
systemd-udevd.service \
systemd-random-seed.service \
systemd-machine-id-commit.service

FROM scratch
COPY --from=stage2 / /

ENV LANG=C.utf8

STOPSIGNAL SIGRTMIN+3
CMD ["/sbin/init"]
37 changes: 37 additions & 0 deletions Containerfiles/10-kitten/Containerfile.micro
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
ARG SYSBASE=quay.io/ykohut/almalinux:10-kitten
FROM ${SYSBASE} AS system-build

RUN mkdir -p /mnt/sys-root; \
dnf install --installroot /mnt/sys-root coreutils-single glibc-minimal-langpack \
--releasever 10 --setopt install_weak_deps=false --nodocs -y; \
dnf --installroot /mnt/sys-root clean all;
# Additional hacks for kickstart file and backward compatable support
RUN rm -rf /mnt/sys-root/var/cache/dnf /mnt/sys-root/var/log/dnf* /mnt/sys-root/var/lib/dnf /mnt/sys-root/var/log/yum.* /mnt/sys-root/var/lib/rpm/* ; \
/bin/date +%Y%m%d_%H%M > /mnt/sys-root/etc/BUILDTIME ; \
echo '%_install_langs C.utf8' > /mnt/sys-root/etc/rpm/macros.image-language-conf; \
echo 'LANG="C.utf8"' > /mnt/sys-root/etc/locale.conf; \
echo 'container' > /mnt/sys-root/etc/dnf/vars/infra; \
rm -f /mnt/sys-root/etc/machine-id; \
touch /mnt/sys-root/etc/machine-id; \
touch /mnt/sys-root/etc/resolv.conf; \
touch /mnt/sys-root/etc/hostname; \
touch /mnt/sys-root/etc/.pwd.lock; \
chmod 600 /mnt/sys-root/etc/.pwd.lock; \
rm -rf /mnt/sys-root/usr/share/locale/en* /mnt/sys-root/boot /mnt/sys-root/dev/null /mnt/sys-root/var/log/hawkey.log ; \
echo '0.0 0 0.0' > /mnt/sys-root/etc/adjtime; \
echo '0' >> /mnt/sys-root/etc/adjtime; \
echo 'UTC' >> /mnt/sys-root/etc/adjtime; \
echo '# This file has been generated by the Anaconda Installer.' > /mnt/sys-root/etc/sysconfig/sshd-permitrootlogin ;\
echo '# Allow root to log in using ssh. Remove this file to opt-out.' >> /mnt/sys-root/etc/sysconfig/sshd-permitrootlogin ;\
echo 'PERMITROOTLOGIN="-oPermitRootLogin=yes"' >> /mnt/sys-root/etc/sysconfig/sshd-permitrootlogin ;\
echo 'KEYMAP="us"' > /mnt/sys-root/etc/vconsole.conf; \
echo 'FONT="eurlatgr"' >> /mnt/sys-root/etc/vconsole.conf; \
mkdir -p /mnt/sys-root/run/lock; \
cd /mnt/sys-root/etc ; \
ln -s ../usr/share/zoneinfo/UTC localtime

FROM scratch

COPY --from=system-build /mnt/sys-root/ /

CMD /bin/sh
69 changes: 69 additions & 0 deletions Containerfiles/10-kitten/Containerfile.minimal
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
ARG SYSBASE=quay.io/ykohut/almalinux:10-kitten
FROM ${SYSBASE} as system-build

RUN mkdir /mnt/sys-root; \
dnf install -y \
--installroot /mnt/sys-root \
--releasever 10 \
--setopt install_weak_deps=false \
--nodocs \
almalinux-release \
bash \
coreutils-single \
curl-minimal \
glibc-minimal-langpack \
libcurl-minimal \
libusbx \
microdnf \
rootfiles \
; \
echo '%_install_langs en_US.UTF-8' > /etc/rpm/macros.image-language-conf ;\
dnf reinstall -y \
--installroot /mnt/sys-root \
--releasever 10 \
--setopt install_weak_deps=false \
--nodocs \
krb5-libs ; \
dnf --installroot /mnt/sys-root clean all;
# Additional hacks for kickstart file and backward compatable support
RUN rm -rf /mnt/sys-root/var/log/dnf* /mnt/sys-root/var/log/yum.* /mnt/sys-root/var/cache/dnf /mnt/sys-root/var/lib/dnf/repos; \
rm -rf /mnt/sys-root/var/lib/dnf/history* /mnt/sys-root/var/log/hawkey.log /mnt/sys-root/boot /mnt/sys-root/dev/null /mnt/sys-root/run/*; \
mkdir -p /mnt/sys-root/run/lock; \
# generate build time file for compatibility with CentOS
/bin/date +%Y%m%d_%H%M > /mnt/sys-root/etc/BUILDTIME; \
echo '%_install_langs C.utf8' > /mnt/sys-root/etc/rpm/macros.image-language-conf; \
echo 'LANG="C.utf8"' > /mnt/sys-root/etc/locale.conf; \
echo 'container' > /mnt/sys-root/etc/dnf/vars/infra; \
touch /mnt/sys-root/etc/.pwd.lock; \
chmod 600 /mnt/sys-root/etc/.pwd.lock; \
echo '0.0 0 0.0' > /mnt/sys-root/etc/adjtime; \
echo '0' >> /mnt/sys-root/etc/adjtime; \
echo 'UTC' >> /mnt/sys-root/etc/adjtime; \
echo '# This file has been generated by the Anaconda Installer.' > /mnt/sys-root/etc/sysconfig/sshd-permitrootlogin ;\
echo '# Allow root to log in using ssh. Remove this file to opt-out.' >> /mnt/sys-root/etc/sysconfig/sshd-permitrootlogin ;\
echo 'PERMITROOTLOGIN="-oPermitRootLogin=yes"' >> /mnt/sys-root/etc/sysconfig/sshd-permitrootlogin ;\
echo 'KEYMAP="us"' > /mnt/sys-root/etc/vconsole.conf; \
echo 'FONT="eurlatgr"' >> /mnt/sys-root/etc/vconsole.conf; \
# /mnt/sys-root/usr/share/locale/en@* /mnt/sys-root/usr/share/locale/en /mnt/sys-root/usr/share/locale/en*@*
rm -rf /mnt/sys-root/usr/share/locale/en_CA/ /mnt/sys-root/usr/share/locale/en_GB/ /mnt/sys-root/usr/share/i18n/charmaps /mnt/sys-root/usr/share/i18n/locales ;\
rm -f /mnt/sys-root/etc/machine-id; \
touch /mnt/sys-root/etc/machine-id; \
touch /mnt/sys-root/etc/resolv.conf; \
touch /mnt/sys-root/etc/hostname; \
mkdir -p /mnt/sys-root/var/cache/private /mnt/sys-root/var/lib/private /mnt/sys-root/var/lib/systemd/coredump ;\
chmod 700 /mnt/sys-root/var/cache/private ; \
chmod 700 /mnt/sys-root/var/lib/private ; \
groupadd -R '/mnt/sys-root/' -r -p '!*' -g 996 sgx && groupadd -R '/mnt/sys-root/' -r -p '!*' -g 995 systemd-oom ; \
useradd -R '/mnt/sys-root/' -r -c 'systemd Userspace OOM Killer' -g 995 -u 995 -s '/usr/sbin/nologin' -M -d '/' systemd-oom ; \
sed -i "/sgx/d" /mnt/sys-root/etc/group- ; \
sed -i "/sgx/d" /mnt/sys-root/etc/gshadow- ; \
cd /mnt/sys-root/etc ; \
ln -s ../usr/share/zoneinfo/UTC localtime ; \
cd /mnt/sys-root/etc/systemd/system ; \
ln -s /usr/lib/systemd/system/multi-user.target default.target

# Almalinux minimal build
FROM scratch
COPY --from=system-build /mnt/sys-root/ /

CMD ["/bin/bash"]

0 comments on commit 56b735f

Please sign in to comment.