create repro for bug in runc

Signed-off-by: Jess Frazelle <acidburn@microsoft.com>
2024-11-23 11:31:49 +01:00 · 2018-03-14 14:06:56 -04:00 · 2018-03-14 14:06:56 -04:00 · 6ebc157029
commit 6ebc157029
parent 621bb0ca70
3 changed files with 48 additions and 0 deletions
--- a/runc-rootless/Dockerfile
+++ b/runc-rootless/Dockerfile
@ -0,0 +1,33 @@
+FROM golang:1.9-alpine AS runc
+ARG RUNC_VERSION=9f9c96235cc97674e935002fc3d78361b696a69e
+RUN apk add --no-cache \
+	bash \
+	curl \
+	g++ \
+	git \
+	libseccomp-dev \
+	linux-headers \
+	make
+RUN git clone https://github.com/jessfraz/runc.git "$GOPATH/src/github.com/opencontainers/runc" \
+	&& cd "$GOPATH/src/github.com/opencontainers/runc" \
+	&& git checkout -q "demo-rootless" \
+	&& make static BUILDTAGS="seccomp" EXTRA_FLAGS="-buildmode pie" EXTRA_LDFLAGS="-extldflags \\\"-fno-PIC -static\\\"" \
+	&& mv runc /usr/bin/runc
+
+FROM alpine
+MAINTAINER Jessica Frazelle <jess@linux.com>
+RUN apk add --no-cache \
+	bash \
+	shadow \
+	shadow-uidmap \
+	strace
+COPY --from=runc /usr/bin/runc /usr/bin/runc
+COPY start.sh /usr/bin/start.sh
+ENV HOME /home/user
+RUN useradd --create-home --home-dir $HOME user
+COPY busybox.tar /home/user/busybox.tar
+RUN chown -R user:user $HOME /run /tmp
+USER user
+WORKDIR $HOME
+
+CMD ["start.sh"]
--- a/runc-rootless/busybox.tar
+++ b/runc-rootless/busybox.tar
--- a/runc-rootless/start.sh
+++ b/runc-rootless/start.sh
@ -0,0 +1,15 @@
+#!/bin/bash
+set -e
+set -o pipefail
+
+mkdir -p "${HOME}/rootfs"
+mkdir -p "${HOME}/containerroot"
+
+# untar the rootfs
+tar -C "${HOME}/rootfs" -xf "${HOME}/busybox.tar"
+
+# create the spec
+runc spec --rootless
+
+# run the container
+runc --root "${HOME}/containerroot" run mycontainer