From 06a908594fdc1e55ddd72b3f2746cb09e2907a3f Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Wed, 1 Mar 2023 22:22:35 +0100 Subject: T5003: backport changes from master to support latest Docker version on CI hosts The newer Docker versions seem to be a bit more picky when using tools like goso. The container will no longer start if the gosu binary has the setuid root bit set. This change adjusts the container to continue working on recent Docker versions. --- docker/Dockerfile | 4 ++-- docker/entrypoint.sh | 7 +++++-- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index 350ba5f5..9e563397 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -609,8 +609,8 @@ RUN gem install public_suffix -v 4.0.7 RUN gem install --no-document fpm # Allow password-less 'sudo' for all users in group 'sudo' -RUN sed "s/^%sudo.*/%sudo\tALL=(ALL) NOPASSWD:ALL/g" -i /etc/sudoers && \ - chmod a+s /usr/sbin/useradd /usr/sbin/groupadd /usr/sbin/gosu /usr/sbin/usermod +RUN echo -e "vyos_bld\tALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/vyos_bld && \ + chmod a+s /usr/sbin/useradd /usr/sbin/groupadd # Ensure sure all users have access to our OCAM and Go installation RUN echo "$(opam env --root=/opt/opam --set-root)" >> /etc/skel/.bashrc && \ diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh index 8db41103..19c9423e 100755 --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -24,9 +24,12 @@ if ! grep -q $NEW_GID /etc/group; then fi useradd --shell /bin/bash --uid $NEW_UID --gid $NEW_GID --non-unique --create-home $USER_NAME -usermod --append --groups sudo $USER_NAME sudo chown $NEW_UID:$NEW_GID /home/$USER_NAME export HOME=/home/$USER_NAME +if [ "$(id -u)" == "0" ]; then + exec gosu $USER_NAME "$@" +fi + # Execute process -exec /usr/sbin/gosu $USER_NAME "$@" +exec "$@" -- cgit v1.2.3 From 39035427cfcbf7ed37d66cc15fd24fdef1965a14 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Wed, 1 Mar 2023 22:24:39 +0100 Subject: Kernel: T3318: update Linux Kernel to v5.4.233 --- data/defaults.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/defaults.json b/data/defaults.json index 0f10dc99..08e5e40c 100644 --- a/data/defaults.json +++ b/data/defaults.json @@ -5,7 +5,7 @@ "debian_distribution": "buster", "vyos_mirror": "http://dev.packages.vyos.net/repositories/equuleus", "vyos_branch": "equuleus", - "kernel_version": "5.4.229", + "kernel_version": "5.4.233", "kernel_flavor": "amd64-vyos", "release_train": "equuleus", "additional_repositories": [ -- cgit v1.2.3