From ec1e3fc61f7fb2ba57d0793c79f51a0d8471c3d3 Mon Sep 17 00:00:00 2001
From: Eric Nemchik <eric@nemchik.com>
Date: Wed, 20 Jan 2021 21:21:42 -0600
Subject: [PATCH] Apply docker mods run logic with patch
---
Dockerfile | 5 +
Dockerfile.aarch64 | 5 +
Dockerfile.armhf | 5 +
patch/etc/s6/init/init-stage2.patch | 15 ++
root/etc/s6/init/init-stage2 | 226 ----------------------------
5 files changed, 30 insertions(+), 226 deletions(-)
create mode 100644 patch/etc/s6/init/init-stage2.patch
delete mode 100755 root/etc/s6/init/init-stage2
diff --git a/Dockerfile b/Dockerfile
index bf9e594..4b5ad7f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -36,6 +36,7 @@ ARG OVERLAY_ARCH="amd64"
# add s6 overlay
ADD https://github.com/just-containers/s6-overlay/releases/download/${OVERLAY_VERSION}/s6-overlay-${OVERLAY_ARCH}-installer /tmp/
RUN chmod +x /tmp/s6-overlay-${OVERLAY_ARCH}-installer && /tmp/s6-overlay-${OVERLAY_ARCH}-installer / && rm /tmp/s6-overlay-${OVERLAY_ARCH}-installer
+COPY patch/ /tmp/patch
# set environment variables
ARG DEBIAN_FRONTEND="noninteractive"
@@ -89,6 +90,7 @@ RUN \
apt-get install -y \
curl \
gnupg \
+ patch \
tzdata && \
echo "**** generate locale ****" && \
locale-gen en_US.UTF-8 && \
@@ -100,7 +102,10 @@ RUN \
/config \
/defaults && \
mv /usr/bin/with-contenv /usr/bin/with-contenvb && \
+ patch -u /etc/s6/init/init-stage2 -i /tmp/patch/etc/s6/init/init-stage2.patch && \
echo "**** cleanup ****" && \
+ apt-get remove -y patch && \
+ apt-get autoremove && \
apt-get clean && \
rm -rf \
/tmp/* \
diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64
index fc82af9..0c4463c 100644
--- a/Dockerfile.aarch64
+++ b/Dockerfile.aarch64
@@ -36,6 +36,7 @@ ARG OVERLAY_ARCH="aarch64"
# add s6 overlay
ADD https://github.com/just-containers/s6-overlay/releases/download/${OVERLAY_VERSION}/s6-overlay-${OVERLAY_ARCH}-installer /tmp/
RUN chmod +x /tmp/s6-overlay-${OVERLAY_ARCH}-installer && /tmp/s6-overlay-${OVERLAY_ARCH}-installer / && rm /tmp/s6-overlay-${OVERLAY_ARCH}-installer
+COPY patch/ /tmp/patch
# set environment variables
ARG DEBIAN_FRONTEND="noninteractive"
@@ -89,6 +90,7 @@ RUN \
apt-get install -y \
curl \
gnupg \
+ patch \
tzdata && \
echo "**** generate locale ****" && \
locale-gen en_US.UTF-8 && \
@@ -100,12 +102,15 @@ RUN \
/config \
/defaults && \
mv /usr/bin/with-contenv /usr/bin/with-contenvb && \
+ patch -u /etc/s6/init/init-stage2 -i /tmp/patch/etc/s6/init/init-stage2.patch && \
echo "**** add qemu ****" && \
curl -o \
/usr/bin/qemu-aarch64-static -L \
"https://lsio-ci.ams3.digitaloceanspaces.com/qemu-aarch64-static" && \
chmod +x /usr/bin/qemu-aarch64-static && \
echo "**** cleanup ****" && \
+ apt-get remove -y patch && \
+ apt-get autoremove && \
apt-get clean && \
rm -rf \
/tmp/* \
diff --git a/Dockerfile.armhf b/Dockerfile.armhf
index 3879a3e..da8dc7b 100644
--- a/Dockerfile.armhf
+++ b/Dockerfile.armhf
@@ -36,6 +36,7 @@ ARG OVERLAY_ARCH="arm"
# add s6 overlay
ADD https://github.com/just-containers/s6-overlay/releases/download/${OVERLAY_VERSION}/s6-overlay-${OVERLAY_ARCH}-installer /tmp/
RUN chmod +x /tmp/s6-overlay-${OVERLAY_ARCH}-installer && /tmp/s6-overlay-${OVERLAY_ARCH}-installer / && rm /tmp/s6-overlay-${OVERLAY_ARCH}-installer
+COPY patch/ /tmp/patch
# set environment variables
ARG DEBIAN_FRONTEND="noninteractive"
@@ -89,6 +90,7 @@ RUN \
apt-get install -y \
curl \
gnupg \
+ patch \
tzdata && \
echo "**** generate locale ****" && \
locale-gen en_US.UTF-8 && \
@@ -100,12 +102,15 @@ RUN \
/config \
/defaults && \
mv /usr/bin/with-contenv /usr/bin/with-contenvb && \
+ patch -u /etc/s6/init/init-stage2 -i /tmp/patch/etc/s6/init/init-stage2.patch && \
echo "**** add qemu ****" && \
curl -o \
/usr/bin/qemu-arm-static -L \
"https://lsio-ci.ams3.digitaloceanspaces.com/qemu-arm-static" && \
chmod +x /usr/bin/qemu-arm-static && \
echo "**** cleanup ****" && \
+ apt-get remove -y patch && \
+ apt-get autoremove && \
apt-get clean && \
rm -rf \
/tmp/* \
diff --git a/patch/etc/s6/init/init-stage2.patch b/patch/etc/s6/init/init-stage2.patch
new file mode 100644
index 0000000..db176f8
--- /dev/null
+++ b/patch/etc/s6/init/init-stage2.patch
@@ -0,0 +1,15 @@
+--- init-stage2 2021-01-20 20:21:41.628300700 -0600
++++ init-stage2_new 2021-01-20 20:23:48.123677700 -0600
+@@ -17,6 +17,12 @@
+ backtick -D 0 -n S6_READ_ONLY_ROOT { printcontenv S6_READ_ONLY_ROOT }
+ importas -u S6_READ_ONLY_ROOT S6_READ_ONLY_ROOT
+
++# Docker Mods run logic
++foreground
++{
++ /docker-mods
++}
++
+ foreground
+ {
+ if
diff --git a/root/etc/s6/init/init-stage2 b/root/etc/s6/init/init-stage2
deleted file mode 100755
index 7efa57a..0000000
--- a/root/etc/s6/init/init-stage2
+++ /dev/null
@@ -1,226 +0,0 @@
-#!/bin/execlineb -S0
-
-# This file is executed (not as process 1!) as soon as s6-svscan
-# starts, with the original stdin/out/err, but NOT the original
-# environment.
-# Purpose of this file: to perform all the one-time initialization tasks.
-
-# Merge environments from our custom stage into current context
-s6-envdir -I /var/run/s6/env-stage2
-
-# This env decides what to do if stage2 fails
-backtick -D 0 -n S6_BEHAVIOUR_IF_STAGE2_FAILS { printcontenv S6_BEHAVIOUR_IF_STAGE2_FAILS }
-importas -u S6_BEHAVIOUR_IF_STAGE2_FAILS S6_BEHAVIOUR_IF_STAGE2_FAILS
-
-# This env determines whether user provided files in /etc should be linked
-# or copied into /var/run/s6
-backtick -D 0 -n S6_READ_ONLY_ROOT { printcontenv S6_READ_ONLY_ROOT }
-importas -u S6_READ_ONLY_ROOT S6_READ_ONLY_ROOT
-
-# Docker Mods run logic
-foreground
-{
- /docker-mods
-}
-
-foreground
-{
- if
- {
- /etc/s6/init/init-stage2-redirfd
- foreground
- {
- ##
- ## copy user provided files to /var/run/s6/etc, depending on S6_RUNTIME_PROFILE env,
- ## /etc (if not defined) or /etc/cont-profile.d/${S6_RUNTIME_PROFILE} will be used
- ## as copying source.
- ##
-
- if
- {
- if { s6-echo -n -- "[s6-init] making user provided files available at /var/run/s6/etc..." }
- foreground
- {
- backtick -n S6_RUNTIME_PROFILE { printcontenv S6_RUNTIME_PROFILE }
- importas -u S6_RUNTIME_PROFILE S6_RUNTIME_PROFILE
- backtick -n S6_RUNTIME_PROFILE_SRC {
- ifte { s6-echo "/etc/cont-profile.d/${S6_RUNTIME_PROFILE}" } { s6-echo "/etc" }
- s6-test -n ${S6_RUNTIME_PROFILE}
- }
- importas -u S6_RUNTIME_PROFILE_SRC S6_RUNTIME_PROFILE_SRC
- if { s6-rmrf /var/run/s6/etc }
- if { s6-mkdir -pm 0755 /var/run/s6/etc }
- forx i { "fix-attrs.d" "cont-init.d" "cont-finish.d" "services.d" }
- importas -u i i
- if { s6-test -d ${S6_RUNTIME_PROFILE_SRC}/${i} }
- # although s6-hiercopy is prefered, and until it doesn't support 'follow symlinks'
- # option, there is no clean way to allow symlinks between user provided runcoms.
- ifelse { s6-test ${S6_READ_ONLY_ROOT} -eq 0 } {
- s6-ln -s ${S6_RUNTIME_PROFILE_SRC}/${i} /var/run/s6/etc/${i}
- }
- if { s6-hiercopy ${S6_RUNTIME_PROFILE_SRC}/${i} /var/run/s6/etc/${i} }
- }
- importas -u ? ?
- if { s6-echo -- "exited ${?}." }
- ifelse { s6-test ${S6_BEHAVIOUR_IF_STAGE2_FAILS} -eq 0 } { exit 0 }
- exit ${?}
- }
-
-
- ##
- ## fix-attrs: ensure user-provided files have correct ownership & perms
- ##
-
- if
- {
- if { s6-echo -n -- "[s6-init] ensuring user provided files have correct perms..." }
- foreground { redirfd -r 0 /etc/s6/init/init-stage2-fixattrs.txt fix-attrs }
- importas -u ? ?
- if { s6-echo -- "exited ${?}." }
- ifelse { s6-test ${S6_BEHAVIOUR_IF_STAGE2_FAILS} -eq 0 } { exit 0 }
- exit ${?}
- }
-
-
- ##
- ## fix-attrs.d: apply user-provided ownership & permission fixes
- ##
-
- if
- {
- if -t { s6-test -d /var/run/s6/etc/fix-attrs.d }
- if { s6-echo "[fix-attrs.d] applying ownership & permissions fixes..." }
- if
- {
- pipeline { s6-ls -0 -- /var/run/s6/etc/fix-attrs.d }
- pipeline { s6-sort -0 -- }
- forstdin -0 -- i
- importas -u i i
- if { s6-echo -- "[fix-attrs.d] ${i}: applying... " }
- foreground { redirfd -r 0 /var/run/s6/etc/fix-attrs.d/${i} fix-attrs }
- importas -u ? ?
- if { s6-echo -- "[fix-attrs.d] ${i}: exited ${?}." }
- ifelse { s6-test ${S6_BEHAVIOUR_IF_STAGE2_FAILS} -eq 0 } { exit 0 }
- exit ${?}
- }
- if { s6-echo -- "[fix-attrs.d] done." }
- }
-
- ##
- ## cont-init.d: one-time init scripts
- ##
-
- if
- {
- if -t { s6-test -d /var/run/s6/etc/cont-init.d }
- if { s6-echo "[cont-init.d] executing container initialization scripts..." }
- if
- {
- pipeline { s6-ls -0 -- /var/run/s6/etc/cont-init.d }
- pipeline { s6-sort -0 -- }
- forstdin -o 0 -0 -- i
- importas -u i i
- if { s6-echo -- "[cont-init.d] ${i}: executing... " }
- foreground { /var/run/s6/etc/cont-init.d/${i} }
- importas -u ? ?
- if { s6-echo -- "[cont-init.d] ${i}: exited ${?}." }
- ifelse { s6-test ${S6_BEHAVIOUR_IF_STAGE2_FAILS} -eq 0 } { exit 0 }
- exit ${?}
- }
- if { s6-echo -- "[cont-init.d] done." }
- }
-
- ##
- ## services.d: long-lived processes to be supervised
- ##
-
- if
- {
- if -t { s6-test -d /var/run/s6/etc/services.d }
- if { s6-echo "[services.d] starting services" }
- if
- {
- pipeline { s6-ls -0 -- /var/run/s6/etc/services.d }
- forstdin -0 -p -- i
- importas -u i i
- if { s6-test -d /var/run/s6/etc/services.d/${i} }
- s6-hiercopy /var/run/s6/etc/services.d/${i} /var/run/s6/services/${i}
- }
- if { s6-svscanctl -a /var/run/s6/services }
- if
- {
- # This envs decide if CMD should wait until services are up
- backtick -D 0 -n S6_CMD_WAIT_FOR_SERVICES { printcontenv S6_CMD_WAIT_FOR_SERVICES }
- importas -u S6_CMD_WAIT_FOR_SERVICES S6_CMD_WAIT_FOR_SERVICES
- backtick -D 5000 -n S6_CMD_WAIT_FOR_SERVICES_MAXTIME { printcontenv S6_CMD_WAIT_FOR_SERVICES_MAXTIME }
- importas -u S6_CMD_WAIT_FOR_SERVICES_MAXTIME S6_CMD_WAIT_FOR_SERVICES_MAXTIME
-
- if -t { if { s6-test ${S6_CMD_WAIT_FOR_SERVICES} -ne 0 } s6-test $# -ne 0 }
- s6-maximumtime -t ${S6_CMD_WAIT_FOR_SERVICES_MAXTIME}
- pipeline { s6-ls -0 -- /var/run/s6/etc/services.d }
- forstdin -0 -o 0 -- i
- importas -u i i
- ifelse { s6-test -f /var/run/s6/services/${i}/down } { exit 0 }
- ifelse { s6-test -f /var/run/s6/services/${i}/notification-fd }
- {
- s6-svwait -t ${S6_CMD_WAIT_FOR_SERVICES_MAXTIME} -U /var/run/s6/services/${i}
- }
- s6-svwait -t ${S6_CMD_WAIT_FOR_SERVICES_MAXTIME} -u /var/run/s6/services/${i}
- }
- if { s6-echo -- "[services.d] done." }
- }
- }
- importas -u ? ?
- ifelse { s6-test ${S6_BEHAVIOUR_IF_STAGE2_FAILS} -eq 0 } { exit 0 }
-
- # Make stage2 exit code available in stage3
- foreground { redirfd -w 1 /var/run/s6/env-stage3/S6_STAGE2_EXITED s6-echo -n -- "${?}" }
- exit ${?}
- }
-
-
- ##
- ## The init is complete, If the user has a given CMD, run it now, then
- ## kill everything when it exits.
- ##
-
- if -t { s6-test $# -ne 0 }
-
- foreground {
- s6-setsid -gq -- with-contenv
- backtick -D 0 -n S6_LOGGING { printcontenv S6_LOGGING }
- importas S6_LOGGING S6_LOGGING
- ifelse { s6-test ${S6_LOGGING} -eq 2 }
- {
- redirfd -w 1 /var/run/s6/uncaught-logs-fifo
- fdmove -c 2 1
- $@
- }
- $@
- }
-
- importas -u ? ?
-
- foreground {
- /etc/s6/init/init-stage2-redirfd
- s6-echo -- "[cmd] ${1} exited ${?}"
- }
-
- # Make CMD exit code available in stage3
- foreground { redirfd -w 1 /var/run/s6/env-stage3/S6_STAGE2_EXITED s6-echo -n -- "${?}" }
-
- # Stop supervision tree
- foreground { s6-svscanctl -t /var/run/s6/services }
-
- # Wait to be nuked
- s6-pause -th
-
-}
-importas -u ? ?
-if { s6-test ${?} -ne 0 }
-if { s6-test ${S6_BEHAVIOUR_IF_STAGE2_FAILS} -ne 0 }
-ifelse { s6-test ${S6_BEHAVIOUR_IF_STAGE2_FAILS} -ne 1 }
-{
- s6-svscanctl -t /var/run/s6/services
-}
-s6-echo -- "\n!!!!!\n init-stage2 failed.\n!!!!!"
--
GitLab