50 lines
1.7 KiB
Docker
50 lines
1.7 KiB
Docker
ARG REGISTRY=local
|
|
FROM ${REGISTRY}/bootstrap:latest as bootstrap
|
|
|
|
FROM bootstrap as base
|
|
ENV SRC_SITE http://musl.libc.org
|
|
ENV SRC_VERSION 1.2.4
|
|
ENV SRC_HASH 7a35eae33d5372a7c0da1188de798726f68825513b7ae3ebe97aaaa52114f039
|
|
ENV CFLAGS="-Os -fstack-clash-protection -Wformat -Werror=format-security"
|
|
ENV CXXFLAGS="-Os -fstack-clash-protection -Wformat -Werror=format-security -D_GLIBCXX_ASSERTIONS=1 -D_LIBCPP_ENABLE_THREAD_SAFETY_ANNOTATIONS=1 -D_LIBCPP_ENABLE_HARDENED_MODE=1"
|
|
ENV LDFLAGS="-Wl,--as-needed,-O1,--sort-common -Wl,-soname,libc.musl-x86_64.so.1"
|
|
|
|
FROM base as fetch
|
|
RUN wget ${SRC_SITE}/releases/musl-$SRC_VERSION.tar.gz
|
|
RUN echo "${SRC_HASH} musl-${SRC_VERSION}.tar.gz" | sha256sum -c
|
|
|
|
FROM fetch as build
|
|
RUN tar -xzf musl-${SRC_VERSION}.tar.gz
|
|
WORKDIR musl-${SRC_VERSION}
|
|
ADD lfs64.patch .
|
|
ADD lfs64-2.patch .
|
|
RUN set -eux; \
|
|
patch -p1 < lfs64.patch; \
|
|
patch -p1 < lfs64-2.patch; \
|
|
./configure \
|
|
--build=x86_64-linux-musl \
|
|
--host=x86_64-linux-musl \
|
|
--prefix=/usr \
|
|
--sysconfdir=/etc \
|
|
--mandir=/usr/share/man \
|
|
--infodir=/usr/share/info \
|
|
--localstatedir=/var \
|
|
--enable-debug; \
|
|
make
|
|
|
|
FROM build as install
|
|
USER 0:0
|
|
RUN set -eux; \
|
|
make DESTDIR=/rootfs install; \
|
|
mkdir -p /rootfs/usr/bin; \
|
|
printf "%s\n%s\n" '#!/bin/sh' 'exec /lib/ld-musl-x86_64.so.1 --list "$@"' \
|
|
> /rootfs/usr/bin/ldd; \
|
|
chmod 755 /rootfs/usr/bin/ldd; \
|
|
mv -f /rootfs/usr/lib/libc.so /rootfs/lib/ld-musl-x86_64.so.1; \
|
|
ln -sf ld-musl-x86_64.so.1 /rootfs/lib/libc.musl-x86_64.so.1; \
|
|
ln -sf ../../lib/ld-musl-x86_64.so.1 /rootfs/usr/lib/libc.so; \
|
|
find /rootfs -exec touch -hcd "@0" "{}" +
|
|
|
|
FROM scratch as package
|
|
COPY --from=install /rootfs /
|