github.com/alibaba/sealer@v0.8.6-0.20220430115802-37a2bdaa8173/pkg/infra/container/imagecontext/arm/Dockerfile

github.com/alibaba/sealer@v0.8.6-0.20220430115802-37a2bdaa8173/pkg/infra/container/imagecontext/arm/Dockerfile (about)

     1  # Copyright © 2021 Alibaba Group Holding Ltd.
     2  #
     3  # Licensed under the Apache License, Version 2.0 (the "License");
     4  # you may not use this file except in compliance with the License.
     5  # You may obtain a copy of the License at
     6  #
     7  #     http://www.apache.org/licenses/LICENSE-2.0
     8  #
     9  # Unless required by applicable law or agreed to in writing, software
    10  # distributed under the License is distributed on an "AS IS" BASIS,
    11  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  # See the License for the specific language governing permissions and
    13  # limitations under the License.
    14  
    15  FROM multiarch/ubuntu-core:arm64-focal
    16  COPY entrypoint /usr/bin/
    17  RUN chmod +x /usr/bin/entrypoint
    18  ARG PASSWORD="Seadent123"
    19  
    20  RUN echo "Installing Packages ..." \
    21      && sed -i "s/ports.ubuntu.com/mirrors.aliyun.com/g" /etc/apt/sources.list \
    22      && apt-get update \
    23      && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
    24        systemd \
    25        conntrack iproute2 ethtool socat util-linux mount ebtables kmod \
    26        libseccomp2 pigz \
    27        bash ca-certificates curl rsync vim openssh-server ufw \
    28      && apt-get clean -y                                               \
    29      && rm -rf                                                         \
    30         /var/cache/debconf/*                                           \
    31         /var/lib/apt/lists/*                                           \
    32         /var/log/*                                                     \
    33         /tmp/*                                                         \
    34         /var/tmp/*                                                     \
    35         /usr/share/doc/*                                               \
    36         /usr/share/man/*                                               \
    37         /usr/share/local/*                                             \
    38      && find /lib/systemd/system/sysinit.target.wants/ -name "systemd-tmpfiles-setup.service" -delete \
    39      && rm -f /lib/systemd/system/multi-user.target.wants/* \
    40      && rm -f /etc/systemd/system/*.wants/* \
    41      && rm -f /lib/systemd/system/local-fs.target.wants/* \
    42      && rm -f /lib/systemd/system/sockets.target.wants/*udev* \
    43      && rm -f /lib/systemd/system/sockets.target.wants/*initctl* \
    44      && rm -f /lib/systemd/system/basic.target.wants/* \
    45      && echo "ReadKMsg=no" >> /etc/systemd/journald.conf \
    46      && ln -s "$(which systemd)" /sbin/init
    47  
    48  RUN echo "Config ssh ..." \
    49      && echo "PermitRootLogin yes" >> /etc/ssh/sshd_config \
    50      && sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config \
    51      && sed -i '/^session\s\+required\s\+pam_loginuid.so/s/^/#/' /etc/pam.d/sshd \
    52      && echo "root:${PASSWORD}" | chpasswd \
    53      && mkdir -p /root/.ssh && chown root.root /root && chmod 700 /root/.ssh
    54  
    55  RUN echo "Enabling ssh ... " \
    56      && systemctl enable ssh
    57  
    58  # tell systemd that it is in docker (it will check for the container env)
    59  # https://systemd.io/CONTAINER_INTERFACE/
    60  ENV container docker
    61  # systemd exits on SIGRTMIN+3, not SIGTERM (which re-executes it)
    62  # https://bugzilla.redhat.com/show_bug.cgi?id=1201657
    63  STOPSIGNAL SIGRTMIN+3
    64  EXPOSE 22
    65  
    66  # NOTE: this is *only* for documentation, the entrypoint is overridden later
    67  ENTRYPOINT [ "/usr/bin/entrypoint", "/sbin/init" ]