From 50e593e494b341ae780c5a5a5c3acfccf49511ef Mon Sep 17 00:00:00 2001 From: zador-blood-stained Date: Wed, 2 Aug 2017 20:00:29 +0300 Subject: [PATCH] Docker and Vagrant fixes and improvements --- Dockerfile | 2 +- Vagrantfile | 2 +- config-docker.conf | 14 +++++++++++--- lib/compilation.sh | 3 ++- lib/general.sh | 6 ++++++ lib/main.sh | 5 ----- 6 files changed, 21 insertions(+), 11 deletions(-) diff --git a/Dockerfile b/Dockerfile index bcf5b6b215..b6e0cf3a0e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -9,7 +9,7 @@ RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get -y dist-upgrade && curl gcc-arm-none-eabi libnewlib-arm-none-eabi patchutils python liblz4-tool libpython2.7-dev linux-base swig libpython-dev \ systemd-container udev distcc libstdc++-arm-none-eabi-newlib gcc-4.9-arm-linux-gnueabihf gcc-4.9-aarch64-linux-gnu \ g++-4.9-arm-linux-gnueabihf g++-4.9-aarch64-linux-gnu g++-5-aarch64-linux-gnu g++-5-arm-linux-gnueabihf lib32stdc++6 \ - libc6-i386 lib32ncurses5 lib32tinfo5 locales ncurses-base zlib1g:i386 aptly + libc6-i386 lib32ncurses5 lib32tinfo5 locales ncurses-base zlib1g:i386 aptly pixz RUN locale-gen en_US.UTF-8 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8' TERM=screen WORKDIR /root/armbian diff --git a/Vagrantfile b/Vagrantfile index d12bc0f986..8b56e521e4 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -14,7 +14,7 @@ apt-get update && DEBIAN_FRONTEND=noninteractive apt-get -y dist-upgrade && \ curl gcc-arm-none-eabi libnewlib-arm-none-eabi patchutils python liblz4-tool libpython2.7-dev linux-base swig libpython-dev \ systemd-container udev distcc libstdc++-arm-none-eabi-newlib gcc-4.9-arm-linux-gnueabihf gcc-4.9-aarch64-linux-gnu \ g++-4.9-arm-linux-gnueabihf g++-4.9-aarch64-linux-gnu g++-5-aarch64-linux-gnu g++-5-arm-linux-gnueabihf lib32stdc++6 \ - libc6-i386 lib32ncurses5 lib32tinfo5 locales ncurses-base zlib1g:i386 aptly + libc6-i386 lib32ncurses5 lib32tinfo5 locales ncurses-base zlib1g:i386 aptly pixz locale-gen en_US.UTF-8 git clone https://github.com/armbian/build /home/ubuntu/armbian ln -sf /vagrant/output /home/ubuntu/armbian/output diff --git a/config-docker.conf b/config-docker.conf index 2f3342a0f8..2f8bea38d7 100644 --- a/config-docker.conf +++ b/config-docker.conf @@ -8,6 +8,12 @@ # remove "docker" from the command line since "docker-guest" will be passed instead shift +# create user accessible directories and set their owner group and permissions +# if they are created from Docker they will be owned by root and require root permissions to change/delete +mkdir -p $SRC/{output,userpatches} +grep -q '^docker:' /etc/group && chgrp --quiet docker $SRC/{output,userpatches} +chmod --quiet g+w,g+s $SRC/{output,userpatches} + # build a new container based on provided Dockerfile display_alert "Building a Docker container" docker build -t armbian . @@ -18,14 +24,16 @@ DOCKER_FLAGS=() #DOCKER_FLAGS+=(--privileged) # add only required capabilities instead (though MKNOD should be already present) -DOCKER_FLAGS+=(--cap-add=SYS_ADMIN --cap-add=MKNOD) +# CAP_SYS_PTRACE is required for systemd-detect-virt in some cases +DOCKER_FLAGS+=(--cap-add=SYS_ADMIN --cap-add=MKNOD --cap-add=SYS_PTRACE) # mounting things inside the container on Ubuntu won't work without this # https://github.com/moby/moby/issues/16429#issuecomment-217126586 DOCKER_FLAGS+=(--security-opt=apparmor:unconfined) -# remove resulting container after exit -DOCKER_FLAGS+=(--rm) +# remove resulting container after exit to minimize clutter +# bad side effect - named volumes are considered not attached to anything and are removed on "docker volume prune" +#DOCKER_FLAGS+=(--rm) # pass through loop devices for d in /dev/loop*; do diff --git a/lib/compilation.sh b/lib/compilation.sh index fb48fc393e..4de2c2ae08 100644 --- a/lib/compilation.sh +++ b/lib/compilation.sh @@ -307,7 +307,8 @@ compile_sunxi_tools() fetch_from_repo "https://github.com/linux-sunxi/sunxi-tools.git" "sunxi-tools" "branch:master" # Compile and install only if git commit hash changed cd $SRC/cache/sources/sunxi-tools - if [[ ! -f .commit_id || $(git rev-parse @ 2>/dev/null) != $(<.commit_id) ]]; then + # need to check if /usr/loca/bin/sunxi-fexc to detect new Docker containers with old cached sources + if [[ ! -f .commit_id || $(git rev-parse @ 2>/dev/null) != $(<.commit_id) || ! -f /usr/local/bin/sunxi-fexc ]]; then display_alert "Compiling" "sunxi-tools" "info" make -s clean >/dev/null make -s tools >/dev/null diff --git a/lib/general.sh b/lib/general.sh index c1bf9a5d5f..f0a0eafce9 100644 --- a/lib/general.sh +++ b/lib/general.sh @@ -506,6 +506,12 @@ prepare_host() if ! grep -q -x -e "$packet" <<< "$installed"; then deps+=("$packet"); fi done + # sync clock + if [[ $SYNC_CLOCK != no ]]; then + display_alert "Syncing clock" "host" "info" + ntpdate -s ${NTP_SERVER:- time.ijs.si} + fi + if [[ ${#deps[@]} -gt 0 ]]; then eval '( apt-get -q update; apt-get -q -y --no-install-recommends install "${deps[@]}" )' \ ${PROGRESS_LOG_TO_FILE:+' | tee -a $DEST/debug/output.log'} \ diff --git a/lib/main.sh b/lib/main.sh index b91c3622e5..f8644cbda1 100644 --- a/lib/main.sh +++ b/lib/main.sh @@ -240,11 +240,6 @@ fi source $SRC/lib/configuration.sh -# sync clock -if [[ $SYNC_CLOCK != no ]]; then - display_alert "Syncing clock" "host" "info" - ntpdate -s ${NTP_SERVER:- time.ijs.si} -fi start=`date +%s` [[ $CLEAN_LEVEL == *sources* ]] && cleaning "sources"