From 89a51d5e7e4e93fd1a012bdd44544c034e2e8e69 Mon Sep 17 00:00:00 2001
From: Adam Dodman <adam.dodman@gmx.com>
Date: Thu, 11 May 2017 22:15:10 +0100
Subject: [PATCH] Refactor from scratch, not busybox

---
 Dockerfile | 90 +++++++++++++++++++++++-------------------------------
 pkgextract | 22 -------------
 2 files changed, 39 insertions(+), 73 deletions(-)
 delete mode 100755 pkgextract

diff --git a/Dockerfile b/Dockerfile
index 4893084..ae1f860 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,59 +1,47 @@
-FROM busybox:glibc
+FROM debian:jessie-slim as builder
 
-ARG REPO=http://ftp.de.debian.org/debian/pool/main
-ARG ARCH=amd64
 
-ARG LIBC6_VER=2.19-18+deb8u9
-ARG LIBGCC_VER=4.9.2-10
-ARG LIBSSL_VER=1.0.1t-1+deb8u6
+ARG ARCH=x86_64
+ARG PACKAGES="core/glibc community/busybox"
+ARG DEBIAN_FRONTEND=noninteractive
 
-ARG SU_EXEC_VER=v0.2
-ARG TINI_VER=v0.14.0
+WORKDIR /output
 
-ADD pkgextract /usr/local/bin/
+RUN apt-get update -qy && \
+    apt-get install -qy curl build-essential
+
+# Download and install glibc & busybox from Arch Linux
+RUN mkdir -p usr/bin usr/lib dev proc root etc && \
+    ln -sv usr/bin bin && \
+    ln -sv usr/bin sbin && \
+    ln -sv usr/lib lib && \
+    ln -sv usr/lib lib64 && \
+    for pkg in $PACKAGES; do \
+        repo=$(echo $pkg | cut -d/ -f1); \
+        name=$(echo $pkg | cut -d/ -f2); \
+        curl -L https://archlinux.org/packages/$repo/$ARCH/$name/download \
+            | tar xJ -C . ; \
+    done && \
+    rm -f .BUILDINFO .INSTALL .PKGINFO .MTREE && \
+    for i in $(bin/busybox --list); do ln -s /bin/busybox bin/$i; done && \
+    rm -rf usr/share usr/include lib/*.a lib/*.o lib/gconv \
+           bin/ldconfig bin/sln bin/localedef bin/nscd
+
+ARG DESTDIR=/output/libressl
 
 WORKDIR /tmp
-RUN mkdir -p /var/lib/dpkg/info && \
-    # Fetch dependencies
-    wget ${REPO}/g/glibc/libc6_${LIBC6_VER}_${ARCH}.deb && \
-    wget ${REPO}/g/glibc/libc6-${ARCH}_${LIBC6_VER}_i386.deb && \
-    wget ${REPO}/g/glibc/multiarch-support_${LIBC6_VER}_${ARCH}.deb && \
-    wget ${REPO}/g/gcc-4.9/libgcc1_${LIBGCC_VER}_${ARCH}.deb && \
-    wget ${REPO}/g/gcc-4.9/gcc-4.9-base_${LIBGCC_VER}_${ARCH}.deb && \
-    wget ${REPO}/o/openssl/libssl1.0.0_${LIBSSL_VER}_${ARCH}.deb && \
-    wget ${REPO}/o/openssl/openssl_${LIBSSL_VER}_${ARCH}.deb && \
-    \
-    # Lie about libc6 being installed 
-    dpkg-deb -f libc6_*.deb | sed '/Depends: .*/d' > /var/lib/dpkg/status && \
-    echo "Status: install ok installed" >> /var/lib/dpkg/status && \
-    \
-    # Install multiarch && gcc
-    pkgextract libc6-${ARCH}*.deb && \
-    pkgextract multiarch-support*.deb && \
-    pkgextract gcc-4.9-base*.deb && \
-    pkgextract libgcc1*.deb && \
-    \
-    # Lie about libssl being installed to dpkg
-    dpkg-deb -f libssl1.0*.deb | sed 's|, debconf.*||g' >> /var/lib/dpkg/status && \
-    echo "Status: install ok installed" >> /var/lib/dpkg/status && \
-    # Actually 'install' libssl by extracting the files
-    dpkg-deb -x libssl1.0*.deb / && \
-    # Manually link the library files
-    ln -sfv /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0 /lib && \
-    ln -sfv /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0 /lib && \
-    # Install openssl
-    pkgextract openssl*.deb && \
-    \
-    # Install su-exec & tini
-    mkdir -p /usr/local/bin /sbin && \
-    wget -O /usr/local/bin/su-exec https://github.com/javabean/su-exec/releases/download/${SU_EXEC_VER}/su-exec.${ARCH} && \
-    wget -O /sbin/tini https://github.com/krallin/tini/releases/download/${TINI_VER}/tini-${ARCH} && \
-    chmod +x /usr/local/bin/su-exec /sbin/tini && \
-    \
-    # Cleanup
-    rm -f *.deb && \
-    rm -rf /usr/share && \
-    rm -rf /usr/lib64/gconv # Hopefully this isn't required
 
+# Build and install openssl
+RUN curl -L https://www.openssl.org/source/openssl-1.1.0e.tar.gz | \
+    tar xz -C /tmp --strip-components=1 && \
+    ./config --prefix=/output && \
+    make install_sw && \
+    rm /output/lib/*.a && \
+    rm -r /output/include
+    
+# =============
+
+FROM scratch
 WORKDIR /
-ENV LD_LIBRARY_PATH=/lib:/lib/x86_64-linux-gnu:/usr/lib:/usr/lib/x86_64-linux-gnu
+COPY --from=builder /output/ / 
+CMD ["sh"]
diff --git a/pkgextract b/pkgextract
deleted file mode 100755
index 8e18875..0000000
--- a/pkgextract
+++ /dev/null
@@ -1,22 +0,0 @@
-#!/bin/sh
-set -e
-
-FPATH="$(realpath $1)"
-FNAME="$(basename "$FPATH")"
-
-PKG_NAME="$(echo "$FNAME" | sed 's|_.*||g')"
-
-# Extract package control files
-CTRL_PATH="/tmp/${PKG_NAME}-DEBIAN"
-dpkg-deb -e "$FPATH" "$CTRL_PATH"
-
-cd "$CTRL_PATH"
-
-# Rename and move control info files
-find * -exec mv "{}" "/var/lib/dpkg/info/$PKG_NAME.{}" \;
-
-cd -
-# If this fails, there was probably a 
-rmdir "$CTRL_PATH"
-
-dpkg -i "$FPATH"