spritsail/busybox
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Build glibc from source- it produces smaller & cleaner libs

Browse Source
This commit is contained in:
Joe Groocock 2017-05-12 11:50:24 +01:00
parent 800b32ee3a
commit 1c860794d2
1 changed files with 38 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
Dockerfile
View File

@ -1,9 +1,9 @@
FROM debian:jessie-slim as builder FROM debian:jessie-slim as builder
ARG ARCH=x86_64 ARG ARCH=x86_64
ARG PACKAGES="core/glibc"
ARG DEBIAN_FRONTEND=noninteractive ARG DEBIAN_FRONTEND=noninteractive
ARG GLIBC_VER=2.25
ARG BUSYB_VER=1.26.2 ARG BUSYB_VER=1.26.2
ARG SU_EXEC_VER=v0.2 ARG SU_EXEC_VER=v0.2
ARG TINI_VER=v0.14.0 ARG TINI_VER=v0.14.0
@ -12,24 +12,13 @@ WORKDIR /output
#Set up our dependencies, configure the output filesystem a bit #Set up our dependencies, configure the output filesystem a bit
RUN apt-get update -qy && \ RUN apt-get update -qy && \
apt-get install -qy curl build-essential && \ apt-get install -qy curl build-essential gawk linux-libc-dev && \
mkdir -p usr/bin usr/lib dev proc root etc && \ mkdir -p usr/bin usr/lib dev proc root etc && \
ln -sv usr/bin bin && \ ln -sv usr/bin bin && \
ln -sv usr/bin sbin && \ ln -sv usr/bin sbin && \
ln -sv usr/lib lib && \ ln -sv usr/lib lib && \
ln -sv usr/lib lib64 ln -sv usr/lib lib64
# Removing this :P
RUN for pkg in $PACKAGES; do \
repo=$(echo $pkg | cut -d/ -f1); \
name=$(echo $pkg | cut -d/ -f2); \
curl -L https://archlinux.org/packages/$repo/$ARCH/$name/download \
| tar xJ -C . ; \
done && \
rm -f .BUILDINFO .INSTALL .PKGINFO .MTREE && \
rm -rf usr/share usr/include lib/*.a lib/*.o lib/gconv \
bin/ldconfig bin/sln bin/localedef bin/nscd
# Pull busybox and some other utilities # Pull busybox and some other utilities
RUN curl -L https://busybox.net/downloads/binaries/$BUSYB_VER-defconfig-multiarch/busybox-$ARCH > /output/usr/bin/busybox && \ RUN curl -L https://busybox.net/downloads/binaries/$BUSYB_VER-defconfig-multiarch/busybox-$ARCH > /output/usr/bin/busybox && \
curl -L https://github.com/javabean/su-exec/releases/download/${SU_EXEC_VER}/su-exec.amd64 > /output/sbin/su-exec && \ curl -L https://github.com/javabean/su-exec/releases/download/${SU_EXEC_VER}/su-exec.amd64 > /output/sbin/su-exec && \
@ -38,6 +27,42 @@ RUN curl -L https://busybox.net/downloads/binaries/$BUSYB_VER-defconfig-multiarc
WORKDIR /tmp WORKDIR /tmp
ARG CFLAGS="-Os -pipe -fstack-protector-strong"
ARG LDFLAGS="-Wl,-O1,--sort-common -Wl,-s"
# Download and build glibc from source
RUN curl -L https://ftp.gnu.org/gnu/glibc/glibc-$GLIBC_VER.tar.xz | tar xJ && \
mkdir -p glibc-build && cd glibc-build && \
\
echo "slibdir=/lib" >> configparms && \
echo "rtlddir=/lib" >> configparms && \
echo "sbindir=/bin" >> configparms && \
echo "rootsbindir=/bin" >> configparms && \
\
rm -rf /usr/include/x86_64-linux-gnu/c++ && \
ln -sfv /usr/include/x86_64-linux-gnu/* /usr/include && \
../glibc-$GLIBC_VER/configure \
--prefix="$(pwd)/root" \
--libdir="$(pwd)/root/lib" \
--libexecdir=/lib \
--with-headers=/usr/include \
--enable-add-ons \
--enable-obsolete-rpc \
--enable-kernel=3.10.0 \
--enable-bind-now \
--disable-profile \
--enable-stackguard-randomization \
--enable-stack-protector=strong \
--enable-lock-elision \
--enable-multi-arch \
--disable-werror && \
make && make install_root=$(pwd)/out install
# Copy glibc libs & generate ld cache
RUN cp -r glibc-build/out/lib/*.so /output/lib && \
echo '/usr/lib' > /output/etc/ld.so.conf && \
ldconfig -r /output
# Build and install openssl # Build and install openssl
ARG DESTDIR=/output/libressl ARG DESTDIR=/output/libressl
RUN curl -L https://www.openssl.org/source/openssl-1.1.0e.tar.gz | \ RUN curl -L https://www.openssl.org/source/openssl-1.1.0e.tar.gz | \