forked from aquasecurity/tracee
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile.ubuntu-packaging
79 lines (66 loc) · 3.14 KB
/
Dockerfile.ubuntu-packaging
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
#
# Creates a building environment for tracee ubuntu pkgs.
#
ARG version
ARG uid=1000
ARG gid=1000
FROM ubuntu:$version
ARG version
ARG uid
ARG gid
# install needed environment (with ubuntu packaging dependencies)
RUN export DEBIAN_FRONTEND=noninteractive && \
sed -i 's/# deb-src/deb-src/g' /etc/apt/sources.list && \
sed -i 's:archive.ubuntu.com:br.archive.ubuntu.com:g' /etc/apt/sources.list && \
cat /etc/apt/sources.list | grep -Ev 'proposed|backports|security' > /tmp/sources.list && \
mv /tmp/sources.list /etc/apt/sources.list && \
apt-get update && \
apt-get install -y sudo coreutils findutils && \
apt-get install -y bash git curl rsync && \
apt-get install -y llvm clang golang make gcc && \
apt-get install -y linux-headers-generic && \
apt-get install -y libelf-dev && \
apt-get install -y zlib1g-dev && \
apt-get install -y build-essential devscripts ubuntu-dev-tools && \
apt-get install -y debhelper dh-exec dpkg-dev pkg-config && \
apt-get install -y software-properties-common && \
curl -L -o /usr/bin/opa https://github.com/open-policy-agent/opa/releases/download/v0.48.0/opa_linux_amd64_static && \
chmod 755 /usr/bin/opa
# allow TRACEE* and LIBBPFGO* environment variables through sudo
RUN echo "Defaults env_keep += \"LANG LC_* HOME EDITOR PAGER GIT_PAGER MAN_PAGER\"" > /etc/sudoers && \
echo "Defaults env_keep += \"LIBBPFGO* TRACEE*\"" >> /etc/sudoers && \
echo "root ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers && \
echo "tracee ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers && \
chmod 0440 /etc/sudoers
# prepare tracee user to be $UID:$GID host equivalent
RUN export uid=$uid gid=$gid && \
mkdir -p /tracee/tracee && \
mkdir -p /home/tracee && \
echo "tracee:x:${uid}:${gid}:Tracee,,,:/home/tracee:/bin/bash" >> /etc/passwd && \
echo "tracee:x:${gid}:" >> /etc/group && \
echo "tracee::99999:0:99999:7:::" >> /etc/shadow && \
chown ${uid}:${gid} -R /home/tracee && \
chown ${uid}:${gid} -R /tracee && \
echo "export PS1=\"\u@\h[\w]$ \"" > /home/tracee/.bashrc && \
echo "alias ls=\"ls --color\"" >> /home/tracee/.bashrc && \
ln -s /home/tracee/.bashrc /home/tracee/.profile
# install golang
RUN export DEBIAN_FRONTEND=noninteractive && \
curl -L -o /tmp/golang.tar.xz https://go.dev/dl/go1.19.5.linux-amd64.tar.gz && \
tar -C /usr/local -xzf /tmp/golang.tar.xz && \
echo "export GOROOT=/usr/local/go" >> /home/tracee/.bashrc && \
echo "export GOPATH=/home/tracee/go" >> /home/tracee/.bashrc && \
echo "export PATH=/home/tracee/go/bin:/usr/local/go/bin:$PATH" >> /home/tracee/.bashrc && \
update-alternatives --install /usr/bin/go go /usr/local/go/bin/go 1 && \
update-alternatives --install /usr/bin/gofmt gofmt /usr/local/go/bin/gofmt 1
# install clang
RUN export DEBIAN_FRONTEND=noninteractive && \
curl -L -o /llvm.sh https://apt.llvm.org/llvm.sh && \
chmod 755 /llvm.sh && \
/llvm.sh 14 && \
rm /llvm.sh && \
update-alternatives --install /usr/bin/llc llc /usr/bin/llc-14 1 && \
update-alternatives --install /usr/bin/clang clang /usr/bin/clang-14 1
USER tracee
ENV HOME /home/tracee
WORKDIR /tracee/tracee