github.com/hanks177/podman/v4@v4.1.3-0.20220613032544-16d90015bc83/contrib/podmanimage/stable/Containerfile

github.com/hanks177/podman/v4@v4.1.3-0.20220613032544-16d90015bc83/contrib/podmanimage/stable/Containerfile (about)

     1  # stable/Containerfile
     2  #
     3  # Build a Podman container image from the latest
     4  # stable version of Podman on the Fedoras Updates System.
     5  # https://bodhi.fedoraproject.org/updates/?search=podman
     6  # This image can be used to create a secured container
     7  # that runs safely with privileges within the container.
     8  #
     9  FROM registry.fedoraproject.org/fedora:latest
    10  
    11  # Don't include container-selinux and remove
    12  # directories used by dnf that are just taking
    13  # up space.
    14  RUN dnf -y update && \
    15      rpm --setcaps shadow-utils 2>/dev/null && \
    16      dnf -y install podman fuse-overlayfs \
    17          --exclude container-selinux && \
    18      dnf clean all && \
    19      rm -rf /var/cache /var/log/dnf* /var/log/yum.*
    20  
    21  RUN useradd podman; \
    22  echo -e "podman:1:999\npodman:1001:64535" > /etc/subuid; \
    23  echo -e "podman:1:999\npodman:1001:64535" > /etc/subgid;
    24  
    25  ARG _REPO_URL="https://raw.githubusercontent.com/containers/podman/main/contrib/podmanimage/stable"
    26  ADD $_REPO_URL/containers.conf /etc/containers/containers.conf
    27  ADD $_REPO_URL/podman-containers.conf /home/podman/.config/containers/containers.conf
    28  
    29  RUN mkdir -p /home/podman/.local/share/containers && \
    30      chown podman:podman -R /home/podman && \
    31      chmod 644 /etc/containers/containers.conf
    32  
    33  # Copy & modify the defaults to provide reference if runtime changes needed.
    34  # Changes here are required for running with fuse-overlay storage inside container.
    35  RUN sed -e 's|^#mount_program|mount_program|g' \
    36             -e '/additionalimage.*/a "/var/lib/shared",' \
    37             -e 's|^mountopt[[:space:]]*=.*$|mountopt = "nodev,fsync=0"|g' \
    38             /usr/share/containers/storage.conf \
    39             > /etc/containers/storage.conf
    40  
    41  # Note VOLUME options must always happen after the chown call above
    42  # RUN commands can not modify existing volumes
    43  VOLUME /var/lib/containers
    44  VOLUME /home/podman/.local/share/containers
    45  
    46  RUN mkdir -p /var/lib/shared/overlay-images \
    47               /var/lib/shared/overlay-layers \
    48               /var/lib/shared/vfs-images \
    49               /var/lib/shared/vfs-layers && \
    50      touch /var/lib/shared/overlay-images/images.lock && \
    51      touch /var/lib/shared/overlay-layers/layers.lock && \
    52      touch /var/lib/shared/vfs-images/images.lock && \
    53      touch /var/lib/shared/vfs-layers/layers.lock
    54  
    55  ENV _CONTAINERS_USERNS_CONFIGURED=""