github.com/hanks177/podman/v4@v4.1.3-0.20220613032544-16d90015bc83/contrib/podmanimage/upstream/Containerfile (about)

     1  # upstream/Containerfile
     2  #
     3  # Build a Podman container image from the latest
     4  # upstream version of Podman on GitHub.
     5  # https://github.com/containers/podman
     6  # This image can be used to create a secured container
     7  # that runs safely with privileges within the container.
     8  # The containers created by this image also come with a
     9  # Podman development environment in /root/podman.
    10  #
    11  FROM registry.fedoraproject.org/fedora:latest
    12  
    13  # Don't include container-selinux and remove
    14  # directories used by dnf that are just taking
    15  # up space.  The latest podman + deps. come from
    16  # https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/
    17  RUN dnf -y update && \
    18      rpm --setcaps shadow-utils 2>/dev/null && \
    19      dnf -y install 'dnf-command(copr)' --enablerepo=updates-testing && \
    20      dnf -y copr enable rhcontainerbot/podman-next && \
    21      dnf -y install podman fuse-overlayfs \
    22          --exclude container-selinux \
    23          --enablerepo=updates-testing && \
    24      dnf clean all && \
    25      rm -rf /var/cache /var/log/dnf* /var/log/yum.*
    26  
    27  RUN useradd podman; \
    28  echo -e "podman:1:999\npodman:1001:64535" > /etc/subuid; \
    29  echo -e "podman:1:999\npodman:1001:64535" > /etc/subgid;
    30  
    31  ARG _REPO_URL="https://raw.githubusercontent.com/containers/podman/main/contrib/podmanimage/stable"
    32  ADD $_REPO_URL/containers.conf /etc/containers/containers.conf
    33  ADD $_REPO_URL/podman-containers.conf /home/podman/.config/containers/containers.conf
    34  
    35  RUN mkdir -p /home/podman/.local/share/containers && \
    36      chown podman:podman -R /home/podman && \
    37      chmod 644 /etc/containers/containers.conf
    38  
    39  # Copy & modify the defaults to provide reference if runtime changes needed.
    40  # Changes here are required for running with fuse-overlay storage inside container.
    41  RUN sed -e 's|^#mount_program|mount_program|g' \
    42             -e '/additionalimage.*/a "/var/lib/shared",' \
    43             -e 's|^mountopt[[:space:]]*=.*$|mountopt = "nodev,fsync=0"|g' \
    44             /usr/share/containers/storage.conf \
    45             > /etc/containers/storage.conf
    46  
    47  # Note VOLUME options must always happen after the chown call above
    48  # RUN commands can not modify existing volumes
    49  VOLUME /var/lib/containers
    50  VOLUME /home/podman/.local/share/containers
    51  
    52  RUN mkdir -p /var/lib/shared/overlay-images \
    53               /var/lib/shared/overlay-layers \
    54               /var/lib/shared/vfs-images \
    55               /var/lib/shared/vfs-layers && \
    56      touch /var/lib/shared/overlay-images/images.lock && \
    57      touch /var/lib/shared/overlay-layers/layers.lock && \
    58      touch /var/lib/shared/vfs-images/images.lock && \
    59      touch /var/lib/shared/vfs-layers/layers.lock
    60  
    61  ENV _CONTAINERS_USERNS_CONFIGURED=""