-
Notifications
You must be signed in to change notification settings - Fork 35
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
7 additions
and
10 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,24 +1,21 @@ | ||
## Building AppArmor & libseccomp | ||
FROM debian:10 as apparmor-libseccomp-builder | ||
|
||
LABEL maintainer="[email protected]" | ||
|
||
ARG MAKECHECK | ||
LABEL maintainer="vArmor authors" | ||
|
||
RUN apt-get update && apt-get -y upgrade | ||
RUN apt-get install -y git python3-pip python3-dev swig bison flex dejagnu pyflakes3 autoconf libtool zlib1g-dev gettext gperf autoconf-archive | ||
RUN pip3 install notify2 psutil python-config | ||
RUN apt-get install --no-install-recommends -y git build-essential apache2-dev autoconf autoconf-archive automake bison dejagnu flex libpam-dev libtool pkg-config python3-all-dev python3-setuptools ruby-dev swig zlib1g-dev gperf | ||
|
||
RUN git clone https://gitlab.com/apparmor/apparmor.git | ||
WORKDIR /apparmor | ||
RUN git checkout apparmor-3.0 | ||
RUN git checkout apparmor-3.1 | ||
RUN cd ./libraries/libapparmor && \ | ||
sh ./autogen.sh && \ | ||
sh ./configure --prefix=/usr --with-perl --with-python && \ | ||
make && if [ ${MAKECHECK} = "check" ]; then make check; fi && make install | ||
RUN cd ./binutils && make && if [ ${MAKECHECK} = "check" ]; then make check; fi && make install | ||
RUN cd ./parser && make && if [ ${MAKECHECK} = "check" ]; then make check; fi && make install | ||
RUN cd ./utils && make && if [ ${MAKECHECK} = "check" ]; then make check PYFLAKES=/usr/bin/pyflakes3; fi && make install | ||
make && make install | ||
RUN cd ./binutils && make && make install | ||
RUN cd ./parser && make && make install | ||
RUN cd ./utils && make && make install | ||
RUN cd ./profiles && make && make install | ||
# Set the AppArmor feature ABI file to our custom version, this will lock policy down to a given stable feature set. | ||
RUN echo "policy-features=/etc/apparmor.d/abi/varmor" >> /etc/apparmor/parser.conf | ||
|