ryan-distrust.co/stagex
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

Merge remote-tracking branch 'origin/2024.03.x'

Browse source
This commit is contained in:
Anton Livaja 2024-03-05 15:36:04 -05:00
commit 8f3bfd7ef8
No known key found for this signature in database
GPG key ID: 44A86CFF1FDF0E85
268 changed files with 3426 additions and 341 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
AUTHORS
View file

@ -1,10 +0,0 @@
# This is the list of the significant contributors to this repository
#
# This does not necessarily list everyone who has contributed code,
# especially since many employees of one corporation may be contributing.
# To see the full list of contributors, see the revision history in
# source control.
Distrust, LLC
Lance Vick
Turnkey Global, Inc.

77
MAINTAINERS Normal file
View file

@ -0,0 +1,77 @@
[people]
[people.lancevick]
Name = "Lance Vick"
Location = Silicon Valley, USA
Email = stagex@lance.vick.house
Matrix = @lance:matrix.org
Fediverse = @lrvick@mastodon.social
Keyoxide = https://keyoxide.org/E90A401336C8AAA9
Website = https://lance.dev
[people.antonlivaja]
Name = "Anton Livaja"
Location = Toronto, Canada
Email = stagex@livaja.me
Matrix = @antonleviathan:matrix.org
Fediverse = @anton@mastodon.online
Keyoxide = https://keyoxide.org/DC4B7D1F52E0BA4D
Website = https://antonlivaja.com/
[keys]
[keys.lancevick.personal]
ID = 6B61ECD76088748C70590D55E90A401336C8AAA9
Algorithm = RSA4096
Servers = openpgp.org
Devices = Yubikey 4 Nano, Yubikey 5c, FST-01
OfflineCA = Yes
Backup = Yes
Interaction = Yes
[keys.antonlivaja.personal]
ID = F4BF5C81EC78A5DD341C91EEDC4B7D1F52E0BA4D
Algorithm = RSA4096
Servers = openpgp.org
Devices = Yubikey 5c
OfflineCA = Yes
Backup = Yes
Interaction = Yes
[machines]
[machines.lancevick.local1]
Owner = Lance Vick
Location = Silicon Valley, USA
Type = metal
Arch = x86_64
Brand = AMD
Model = Ryzen Threadripper 2990WX
Ghz = 3
Cores = 32
OS = QubesOS / Debian
Runtime = Docker
[machines.lancevick.remote1]
Owner = Hetzner Online GmbH
Location = Finland, Europe
Type = metal
Arch = x86_64
Brand = AMD
Model = EPYC 7502P
Ghz = 2.2
Cores = 32
OS = Debian
Runtime = Docker
[machines.antonlivaja.remote1]
Owner = Hetzner Online GmbH
Location = Hillsboro, OR, USA
Type = vm
Arch = x86_64
Brand = AMD
Model = EPYC Milan
Ghz = 2.0
Cores = 32
OS = Debian
Runtime = Docker

8
Makefile
View file

@ -32,6 +32,10 @@ all: \
compat:
./src/compat.sh
.PHONY: preseed
preseed:
./src/preseed.sh
.PHONY: digests
digests:
@for each in $$(find out -iname "index.json"| sort); do \
@ -49,7 +53,8 @@ digests.txt:
out/graph.svg: Makefile
$(MAKE) -Bnd | make2graph | dot -Tsvg -o graph.svg
src/packages.mk: out/sxctl/index.json $(shell find packages/*/Containerfile | tr '\n' ' ')
.PHONY: gen-make
gen-make: out/sxctl/index.json $(shell find packages/*/Containerfile | tr '\n' ' ')
env -C out/sxctl tar -cf - . | docker load
docker run \
--rm \
@ -57,4 +62,3 @@ src/packages.mk: out/sxctl/index.json $(shell find packages/*/Containerfile | tr
--user $(shell id -u):$(shell id -g) \
stagex/sxctl -baseDir=/src gen make
touch $@

47
README.md
View file

@ -5,7 +5,7 @@
---
Minimalism and security first repository of reproducible and multi-signed OCI
images of common open source software toolchains full-source bootsrapped from
images of common open source software toolchains full-source bootstrapped from
Stage 0 all the way up.
If you want to build or deploy software on a foundation of minimalism and
@ -18,7 +18,7 @@ You can do anything with these images you would with most any other musl based
containerized linux distro, only with high supply chain integrity and
determinism.
For a full list of images see the "src" directory.
For a full list of images see the "packages" directory.
### Examples
@ -159,29 +159,20 @@ seminal paper by Ken Thomson, [Reflections on Trusting Trust](https://www.cs.cmu
A comparison of `stagex` to other distros in some of the areas we care about:
| Distro | Single-Sig | Multi-Sig |Diver.| Musl | Stage0 | Repro. | Rust Deps |
|--------|------------|-----------|------|------|--------|--------|-----------|
| Stagex | x | p | p | x | x | x | 4 |
| Guix | x | | | | x | x | 4 |
| Nix | | | | | | p | 4 |
| Debian | x | | | | | p | 232 |
| Arch | x | | | | | p | 262 |
| Fedora | x | | | | | | 166 |
| Alpine | | | | x | x | | 32 |
| Distro | Containerized | Signatures | Libc | Bootstrapped | Reproducible | Rust Deps |
|--------|---------------|------------|-------|--------------|--------------|-----------|
| Stagex | Native | 2+ Human | Musl | Yes | Yes | 4 |
| Guix | No | 1 Human | Glibc | Yes | Yes | 4 |
| Nix | No | 1 Bot | Glibc | Partial | Mostly | 4 |
| Debian | Adapted | 1 Human | Glibc | No | Partial | 232 |
| Arch | Adapted | 1 Human | Glibc | No | Partial | 262 |
| Fedora | Adapted | 1 Bot | Glibc | No | No | 166 |
| Alpine | Adapted | None | Musl | No | No | 32 |
### Legend
### Notes
- x = true
- p = planned
- “Single-sig”: one person, typically the maintainer, signed a given package
- Some distros blindly sign all packages with a shared accees server
- We see this as mostly security theater and do not include it here
- “Multi-sig”: more than one human verified/signed every package artifact
- And ideally also signed the source
- “Diver.”: Can the entire distro be built with a diversity of toolchains
- “Musl”: entire distro and resulting artifacts are built against musl libc
- “Stage0”: Can the entire distro be full-source-bootstrapped from Stage0
- “Repro.”: Is the entire distro reproducible bit-for-bit identically
- “Bootstrapped”: Can the entire distro be full-source-bootstrapped from Stage0
- “Reproducible”: Is the entire distro reproducible bit-for-bit identically
- “Rust Deps”: the number of total dependencies installed to use rustc
- Rust is a worst case example for compiler deps and build complexity
- It is kind of a nightmare most distros skip
@ -226,7 +217,7 @@ as Docker, Podman, Kaniko, or Buildah.
This is only part of the story though, because being able to build
deterministically means the compilers that compile our code themselves must
be [bootstapped](https://en.wikipedia.org/wiki/Bootstrapping_(compilers)) all the way from source code in a deterministic way.
be [bootstrapped](https://en.wikipedia.org/wiki/Bootstrapping_(compilers)) all the way from source code in a deterministic way.
* Final distributable packages are always OCI container images
* OCI allows reproduction by totally different toolchains
@ -234,12 +225,12 @@ be [bootstapped](https://en.wikipedia.org/wiki/Bootstrapping_(compilers)) all th
* OCI allows unlimited signatures on builds as part of the spec
* E.g: each party that chooses to reproduce adds their own signature
* We always "Full Source Bootstrap" everything from 0
* [Stage0](src/bootstrap/stage0/Dockerfile): 387 bytes of x86 assembly built by 3 distros with the same hash
* [Stage0](packages/stage0/Containerfile): 387 bytes of x86 assembly built by 3 distros with the same hash
* Also the same hash many others get from wildly different toolchains
* Relevant: [Guix: Building From Source All The Way Down](https://guix.gnu.org/en/blog/2023/the-full-source-bootstrap-building-from-source-all-the-way-down/)
* [Stage1](src/bootstrap/stage1/Dockerfile): A full x86 toolchain built from stage0 via [live-bootstrap](https://github.com/fosslinux/live-bootstrap/blob/master/parts.rst)
* [Stage2](src/bootstrap/stage2/Dockerfile): Cross toolchain bridging us to modern 64 bit architectures
* [Stage3](src/bootstrap/stage3/Dockerfile): Native toolchain in native 64 bit architecture
* [Stage1](packages/stage1/Containerfile): A full x86 toolchain built from stage0 via [live-bootstrap](https://github.com/fosslinux/live-bootstrap/blob/master/parts.rst)
* [Stage2](packages/stage2/Containerfile): Cross toolchain bridging us to modern 64 bit architectures
* [Stage3](packages/stage3/Containerfile): Native toolchain in native 64 bit architecture
* [Stage(x)](.): Later stages build the distributed packages in this repo
For further reading see the [Bootstrappable Builds](https://bootstrappable.org/) Project.

154
digests.txt
View file

@ -1,74 +1,88 @@
07aa9cca2f40b0c7bdf0175b6ed28e5b0ea6ec8dd0e5e1c66c1f1b0c835e8b86 argp-standalone
6182649f89c512b7f783eb9efb5023f0b109f82335e8a225c0e41e98ebffa4d0 autoconf
0c59a7aaa5ad0c546a6d1d6ee1c3aa8a9f232432ca2843760915b2f41b667759 automake
39c6d22701e58c79548cf0601e72f85bb07bf30608827540e74db30220802430 bash
2737b992893b0b2f6e5aa6580fdd75193346587a74d1a27710af687449da0957 bc
9cc26e56cdfce106108a0f4c416a27967060d8d07c4da0cbc0e14fa87f7b1dfa binutils
3536eba008f58f1406f648fb48caf63c9cd7f18f0d2f199fe3c08d13f3d7fd91 bison
6c1bce892ecda22691eb7e7ea02ccf939f018dcbb54af12ef99ce0b2066a8f4c busybox
70c5136051c748fff0d1399101d082ecc204c1eb29d93da094ccf0d25f341121 ca-certificates
959dfa09f384e82ba5757451ab1ac45dca39b89c5125d13efda8cfc421bb5f33 clang
3b6e8d2e1b70cef5deca905d4ddd55894733a77befbf8ea458a1054a7285c622 cmake
85341b2055493ff8bf3d90c9d4e7a5993e4dd7a1d11a06854f23e0434bb4abaa coreutils
3658a11745eb86a8b330fb5ad7b81b404411066700ee27dc2add2085374d5e98 cpio
a07a45675b6813cc260d548e1b6f131ebc6bdeb23577a67ff7e1123f85a41acb curl
c0bebca763b17d4a831853845488c66e057bbf353675a8ac890bb3e3bdafa4e0 diffutils
236c57599566507b42cd6d0b49cd4c31885158e3b07fe474955ee025b01fe23d ed
561ac95d02f1a5caf1d600cd2dbf487d1bb63450de0af2b528a9b657c66c12a8 eif_build
6a21381befd2cc307ad2cc21a0c4a76ba5336205284bd6b0e78010ff716b427e elfutils
8ce66c0574777bca83c8297b74372e0be7a6cc5d2b7e21061391726ad6d6d406 file
d0d30ce5d176fe2e40e93f707220ae6f54788ff14972005d1a51961c17f5294b findutils
25646080d9cb558349fa7e6be2b62c0e187e439cea03e57e3ca6fcc00ef55dbf flex
568c3521e99ad7f73d3f290391e442249558ac633f7ab614e2e213ae9968b82c gawk
bb550daddcf95acdce9999e359e3ffb1c497916aea41bdd0cae1d6a5a908b4b9 gcc
6d323df1291bfd26e3a1db33065cbec1c44d397dd6b0f23b2f25c0f8c9f7ce76 gen_initramfs
e42a5935a7cb5923ee5d04d8125055c0cb949835a091a3fdfc2d781144f37f95 gettext
3a2853fa2fa725f7f02565e24f508912b33223e49bed915e55a5d3f85548d190 git
09b9ae04e252286a40e4e721a38489f6b462909d5d203ecedff47c84d13d7ca1 go
430280ba830a50a25ae99771a040385be7748035a294cace119019812a31de7b gpg
565d7cc8257d45f19326b3ecbbc2dd3096b4a228977c91f4ed07a265faeb8b05 grep
f138eb91bb5d24062bbd0276918d9dd8aa06cd1d83b1760b80e7724ea36b02d6 grub
305773270714f0166edf0037f0b5c5c196693efa45871c4212036d9c89a890eb gzip
6f5cd82ae023776af2f5fe4e579a72855ec417968d549cde1c0e380370a81021 libassuan
2f0358f9dba6940cc55147da0642d1e8ab3f68014a685607217380e8e3723522 libgcrypt
8cc32a59067bd176a7aa3b0a0f98e6f69e97a825ae7c329f10dee073a13c05bd libgpg-error
a39c4227b7a0b6d95b5569369fa9346a26a6d611a2630f2edc3dcc006079a28e libksba
00ca2e8ff54f64b7a2f4d2af777751bb20b1eb08abb3bd36fcbf8bdc6ceb15d8 libtool
422fe0a108d9f1253dd9694ce432aa195d49a3b60b1d977aa4e94024c7ac52bf libunwind
b785a8e8f21917ded141f23bc76c7b5b47b9ccd782d0623a8693f0a237440a53 libxml2
da82eeb707217605d978ffcce2b7c8e4be9964889b7fbbe256b5c93b6187661f libzstd
87943b30bef233a6f920c6c1fd2fba13b02fe0e49e2a959225b7629a3b415041 linux-generic
d392ce6595d728c8715b79d9c44056f60268cfec375e8f61606b47a0f5437d03 linux-headers
9f624633eb28d8d47024a3a824884a8e0c528ac221f00911b028f90f49580d18 linux-nitro
8baee1e67cfca4d2830828387641b5ca54ba9ec08c4d430077849c39aba4d92c llvm13
9dfc53795c89295da52719959f96df9122e0b921da6283c7bd7a582749545b1d llvm
f31bf6036be8b91aafc0ea60f9e550a29285da727f306017f678d737343b6760 lzip
bf0fa75319037b4bb5c0d015b889b0f921bfe8742b464085fe2bb411aefe627f m4
d9d72dd8d002b274247b60be97ecdb8cccf250c6ffa02ba5d38c34c7e86bfb23 make
d90f1dfb3e4602296f9ef1963661d61ac3b17e6d709e7ad2f367d2215306c87b meson
36cb28b1378efaab30e5d4791f5216c48e17ebad15d11cc98285d4c8ce0ea522 musl-fts
27ca6026619beae07a1e7096caa7ac41b1403f5c1839ed4ff79b5aee3c409cec musl
904accad0c71d2d1202a1c6391e530b7b089f2b7a379a2b8381a86e27d5bfbb7 musl-obstack
ec7dd7b6706977a83f77b9258ddfa2c28f133a290d855e2c7257ca3684af3e96 ninja
d8b72642a956bbb4060db2baae032fbfb14db6ab263278bae3303fcccc3a28c3 npth
f4e218dba1167008456899c5f19d9e1a1be17d4fc6fb6bb84d41b8eb477fd402 openssl
818ee8367335a47109ec5464bfb8c4a313a25909c430176d543619b75a6c339a pcsc-lite
a852218d6102ac38fc26197f2935d2ed0801a5a72636482193427032c89bf270 perl
36fc4ed10a6e044d068aa7316e72588dbd365be4eb0271a84cf632521dbd8a09 pkgconf
6815ae91c3958497a4209a711b4d39b1f3370f51b11bbe6df6dd76e735be54c2 py-setuptools
3eb2776e02f645e383021510d0e56cccfa5c777b192f97328601d9e4691b3d24 python
e7a7a152ddf91ba4f2d6e426867c54ab43b76eef3f2a97dd0c3d9234090f3ce8 rust
48829fb14a6d375c24416c60ab2cb8d75cd9d7407a613694ee7cb59bc56ec6ff sed
1c3d836f5e881edf4da54738b487c44c57f1f4f7b25c81015f52aea7ac2e9b2d sops
e1c5a4b92f3ddf34227147cc81a64b175931feb9e1f697380aa4d480fe248195 argp-standalone
8ecbec4e36a5c2a0954ce5f02948ac8664e59f7b421bf91ccf7305778f08b2c2 autoconf
fee9c7be682cced815fbad755ca845803ca0b81e8b7f1fe858de6ede752d0fcd automake
d1cbbb56847e6b1e7b879214aa6926b6fdfa210e9b42a2f612a6aea850ddeefc bash
e170a8f562f0e61030560b30cec824e4e1f4e16e158d2e6ed05ccdcc2f3ce6e2 bc
3af41227e1fe6a8f9b3df9916ef4876840f33eaa172168e1db1d8f457ba011d5 binutils
c8dccb8b6a9bfa5b7894dd3b428df47135fb17f64cc66e0e6a419331e5a2e773 bison
0978421e294499c7342cd696a766082d6bb1fe3e3a06fc5c0e9daa39e35418ec busybox
6746d2d203be3455bfc5ffd5a051c8edb73ecfd7be77c3da5a2973003a30794f ca-certificates
07da999e6ed9025c266365271c23afda50e21d863f084fc190924d59d02cfb0f clang
f3454a3eacf08b130cfea25af54dbe8e9b6d9ca99c0c3ac909135baff054ff96 cmake
cf4032ca6b5f912a8b9d572d527d388401b68a0c9224cc086173e46bc4e1eabe coreutils
4f04450aea097cdf1945f2a57bf538868d2281a1b9087c7c7148f062fa1ace45 cpio
2056d53b79f956176754e7b47f40151b8af1ef9b7ca0ccf5f01cf51c97d0f4d2 curl
6cacfe2f563837f690e3b8dc46d4bc7c9e82d624ace6845d8e59f622e1199610 diffutils
327a0c7671ebc2c88c98f72f23cd552af04a5fba6ce98b8aa4a228e2d424f6eb dosfstools
378aeecca74b62216a5c544c8101e51f372c5834f1d2af9df12df8898b0888c4 ed
6f3fed0aeaf9f9eebb43a370a5495fab92fcb21119fc23e261f0f24e1174009c eif_build
fa3eec703c85cb8d42bddbe7e16ad8ce5dfda2ac75d7d1033a2cae058870a0ef elfutils
6f464e185546b89c23bdd39607f43602139b7f3d14c77843ad313232203d2d22 eudev
7fd68d1e7d5e1d3b1e52433bb6709f28d3e362ea89c9e13586b852ca0412f640 file
42c8353db508ac79599df38c684502e50167352de2cddc5aea9b89486e7f8498 filesystem
475ea3488840297454f0f20b58e1b8292bf9b3944f901e3fce432fa4afeaa4cd findutils
8bbbaccb5defe75c4f0fc5c276cfbd3fa2b56aacd60c920ed27472626cf04888 flex
cec18f18e3313e3872c7d0415ac7014c320f0047ef89f8063beb8affaef97409 gawk
25798fdde278a9f1f27e4092a1668e93d2766d4f8b089fba38d4684b20a9b0f7 gcc
a51c840a1c82dbc00c0a813964195d4f4bcb20463701083999320f826ffa49bf gen_initramfs
f58589b526c6c287a9308f47c1a5d88c66a04a62d32f1d19c7ecf46ff819cc2e gettext
2c11f2daf9b8c1738cbd966b6de5dd0bcfaf81b675c2d268d30f972ddab9d9df git
5d22bf80f84a8b9814ee924328f46573cb6c0401721895cc6ab8a39f287574f8 gmp
0a5c5bbf4d9b1f0009f477dc8151aebcccb6f5bdd0d5d033e47a1b90aad295b1 go
e9bbc175fc8f00479d1dcd54e71bc1476865880caa04b320b1fe0f2eb3c2b61a gperf
3db58a40e833751bcd80a11e050eefc951024e4e639e6695cdc4bc9bb7cfe012 gpg
589465adc0125128c21534eb560299c335a41935e0ce182a632f4b739bf25c60 grep
1e74bcfb0763d6eb12cc0075638f0eabc227d25ae2501676fa880cf6139f5a61 grub
f93802c4e51982fc447f6a1dc36bd8e21967907bcd6d8e2bb4483b1f58239b0a gzip
32a98e967abc27d707026f1a521d60877ec3513b3afe5f1070a4dcad3a1a978c keyfork
17a7f84f2f279134fa51b7b5b3343ec6483cc0878229e611fb8021690c4b015c libassuan
201b63783b638471595e0ae0c087a508c3de4087cd6158d5b2ef741a62a3d279 libcap
be9ae50baf0306bde9b6cb5a2ba4e80ccf478812d89686ff46c21985a192b406 libgcrypt
7eeb32f44f446988993f6818789e2a89f229129bef66289bd84a00a6a6a8b52d libgpg-error
4d73d01cb6078adb04309907f4557642fa3a593d9db93c9beb1a9999fbd61af7 libksba
6ffaa6bb7678bbab9ba4d78a658cba1da7f9b7817f51cd3750dd170ba71cb3bf libtool
e74819e47c79f68a008302927ef02a5aa39cf12e859a8dfeccf9d1b4769b4833 libunwind
d43434b5447392db78219321683724567bbee50651f618d1bdcca2efb315baa1 libxml2
488f414425de6f0b60a1362cd05407e56220548612d96edff45795b1bcd5d346 libzstd
051016158bdf79eaeeb318d94c40922b56ba45fa7a2a179cb37c80c89c876ad0 linux-airgap
f59b263921691ff9155dbe5877c8acd7b01a2023f399eb133a185579bb6c9093 linux-generic
4d505f84bd03e75d10c65704934007cf42bbc24ad6e459202690322f412fc254 linux-headers
073c4603686e3bdc0ed6755fee3203f6f6f1512e0ded09eaea8866b002b04264 linux-nitro
ee422bb296c38f941dff8e05936c7f07ca72dac719653882e9c673ea2e19cf2d lld
97d0f3d32f58dca648cd70b0d58364d9bea5170bb99054c0a0b19ef57a7da7b1 llvm13
8e361f1da92e956d947e37b6fc0a3951fcc1130863e2d3a9b4fca40ab4fd07f6 llvm
9018914b6acb79d3aa3e623fd8c025ab62071dfe6d0421ae3dd82042f1565542 lzip
8432f11bfa4632a65f8da3212cb2999e1f1629fee8d1acdcaddde564f5219e32 m4
a71ad6dbc9747a3b9ed6792bc1f482066abc1fb2cf2705d6b2deda475fe9416e make
54d4659199ed02f8f9b324f247f73f317e22fb190b53686327f59e0b7a6ff483 meson
56bb005aaeb77ae1d09d7087a1521c4516e06cc0989503da8334f9e995130715 mtools
73c3c4647010f7151c711ed5005ef946c7c1a19c6e8921e057b5dbc15ef9559a musl-fts
7db05e6817058a512a66ea82f3b99163069424c281363c2e9a48091d0d1d3bd9 musl
4b6737815460908f666fa7a8e91138610d0a0909c408165a575ffb42bf21cd66 musl-obstack
0eedc4e98e564be570ff00c6e18668e6bd59bced80f87a08bf159fe96404381f nettle
4ca7232eb6fb77b4a3a3c8b56b57014080c22cac2a6b2291d42d7b2a15da7ae3 ninja
5b9dfaa2683e024fdaf88291f01c4186e7d98935975c59ecf52389bcf9845cbc npth
1a2f656ced34d1ade99279c5663fcf0ec4f6526bcc50142079ef8adc080be3a9 openssl
e720e1795706c7c8c1db14bf730b10521e3ff42e4bed90addc590f7446aac8af pcsc-lite
2fe4740ed9a9193dfd312eac523c3ca2b8de9e4b4283c7f180ffb6e4bbd1a21b perl
31ce4eddaf4e777ddb51f01923089f3321ec5272ca0aa834d475f644279209b8 pkgconf
4613d37bb6cb380d557a035e10ae4468291ce73a1b5de1ddfa10d7b5d404bf8f py-setuptools
5523e4da0d547eff77bb3d452b53dc68f230496eccbd4a52bcb89de53a792216 python
fe22a0fcdb569cb70b8147378463fb6ff800e642be9d50542f8e25a38d90ec7f rust
277d8afd5b06aa5da315516c63289612284cde0a091078bf1ec9ab5be4a82017 sed
929abbe8d89368b9d037fc5f3f80edd7832c7952e82ad6c78d8983c228bf2fec sops
287accc6d2b9874a18ef81b2e76c118cfa163c6d0a28cab213edc992895b7411 stage0
fab1b8b14d6e26f78ed85fb6b30b42a79538b6cd2f38cb01f54f7433e37dbc09 stage1
bdb7f62e9b883d163b9c814325625cb2deebe45622b0efc4a71405d12bc880db stage2
2e277387d263f3c846e33a0e2c08a8b77fa924514c206716a1683ce29a03bbd9 stage3
80f3880572cc98b03349fe2cb0e760777763ee804eae97ca7afbf1e6fdf04811 strace
26d0823d9889dce70143e16688cf41b9abfac71f9e7603b7ba714e4e13d27ac3 sxctl
ecfaa9cdc4ee8e0b31957f6efdf1a452c535cd3657339a37bb92e7be60a9650d tar
894252820df392724247a802c9767cb047270bbed907ad1bf1b90944e0b5b51e texinfo
697c023380594e42086e4f0026191b6e15342dfe2a763be05eda9abc80baf0b3 tofu
f20bc897edac11148381042f30afc15b767fb70b03c365b80c4420a2ed0e4974 xorriso
2351e886a06959051d9f68695f4b94612d1276bccc030d63c5269fb532a8d54c xz
d5df909418ef436e3dd23af397ba2b202bd72f45c81b0e161b507adc9e3e9b9c zlib
ae012a214bf7c03145568c4fb35b1f059cc9a3e407306b5a6857948c18b1c282 strace
86ea3240142f7d3ec3ca5202a3c2d71c769b1874fe79cbe78568d57dacbfbbe9 sxctl
95d5d9f8d51c7be634ebbbfabd48c54cc6ee9971c15491e527649904001ff288 syslinux
73d7fcfe87099258bd711603a2cdf8f51273631dabb1e48a252c18cee52631cb tar
a07cbc7deee1be0387a66e3b75ec2044611b10563d62d4a2a61486e715cebcf1 texinfo
955d05dc3ab5b16459eed2efefcc38a53fb36dab592661af062b3594dc5f49dd tofu
392e9fb791d6575949c183b77f7c8908fadca80566f6b81157d538fd470751e0 util-linux
10f5ad5161e448dde1280cd904e9fd1b571c3203e43f86d2794df69f29df7c23 xorriso
c31fd8d37576eabd15b75666342af84e0cc9d43593cd06ea279d711c15c2479a xz
0054e9d40ad9dae19fc3c4aac4fca576e7980e52f1aba917e02c4f28b572a027 zig
de8f56f3ece28b14d575329bead53fc5318962ae3cb8f161a2d69710f7ec51f4 zlib

4
packages/argp-standalone/Containerfile
View file

@ -41,5 +41,5 @@ RUN <<-EOF
EOF
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/autoconf/Containerfile
View file

@ -29,5 +29,5 @@ from build as install
RUN --network=none make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/automake/Containerfile
View file

@ -28,5 +28,5 @@ FROM build as install
RUN make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

6
packages/bash/Containerfile
View file

@ -21,7 +21,7 @@ RUN --network=none <<-EOF
--build=x86_64-unknown-linux-musl \
--host=x86_64-unknown-linux-musl \
--prefix=/usr \
--bindir=/bin \
--bindir=/usr/bin \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
--disable-nls \
@ -35,5 +35,5 @@ FROM build as install
RUN make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

5
packages/bc/Containerfile
View file

@ -32,7 +32,6 @@ RUN tar -xf ${SRC_FILE}
WORKDIR bc-${VERSION}
RUN --network=none <<-EOF
set -ex
mkdir /tmp
./configure \
--build=${ARCH}-linux-musl \
--host=${ARCH}-linux-musl \
@ -47,5 +46,5 @@ FROM build as install
RUN --network=none make DESTDIR="/rootfs" install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/binutils/Containerfile
View file

@ -53,5 +53,5 @@ FROM build as install
RUN --network=none make DESTDIR="/rootfs" install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/bison/Containerfile
View file

@ -32,5 +32,5 @@ from build as install
RUN --network=none make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

24
packages/busybox/Containerfile
View file

@ -54,26 +54,14 @@ EOF
FROM build as install
RUN --network=none <<-EOF
set -eux
mkdir -p /rootfs/bin
cp busybox /rootfs/bin
cp busybox /bin
mkdir -p /rootfs/usr/bin
cp busybox /rootfs/usr/bin
cp busybox /usr/bin
cd /rootfs
mkdir -p home/user var/tmp etc tmp lib bin
/bin/busybox --install -s bin
echo "user:x:1000:" > etc/group
echo "user:x:1000:1000::/home/user:/bin/sh" > etc/passwd
ln -sT /lib lib64
chown -R 1000:1000 /rootfs/home/user /rootfs/tmp /rootfs/var/tmp
/usr/bin/busybox --install -s usr/bin
EOF
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
WORKDIR /home/user
USER 1000:1000
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /
ENTRYPOINT ["/bin/sh"]
ENV TZ=UTC
ENV LANG=C.UTF-8
ENV SOURCE_DATE_EPOCH=1
ENV KCONFIG_NOTIMESTAMP=1
ENV PS1="stage4 $ "

4
packages/ca-certificates/Containerfile
View file

@ -6,5 +6,5 @@ COPY --from=stagex/busybox . /
COPY cacert.pem /rootfs/etc/ssl/certs/ca-certificates.crt
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

7
packages/clang/Containerfile
View file

@ -19,8 +19,7 @@ COPY --from=stagex/py-setuptools . /
COPY --from=stagex/openssl . /
COPY --from=stagex/gcc . /
COPY --from=stagex/llvm . /
# HACK: figure out why gcc package puts these in the wrong path at install time
COPY --from=stagex/gcc /usr/lib64/* /usr/lib/
COPY --from=stagex/zlib . /
RUN tar -xf ${SRC_FILE}
WORKDIR llvm-project-${VERSION}.src
@ -44,5 +43,5 @@ FROM build as install
RUN DESTDIR="/rootfs" cmake --install build
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

6
packages/cmake/Containerfile
View file

@ -19,8 +19,6 @@ COPY --from=stagex/zlib . /
COPY --from=stagex/openssl . /
RUN tar -xf ${SRC_FILE}
WORKDIR cmake-${VERSION}
# HACK: figure out why gcc package puts these in the wrong path at install time
COPY --from=stagex/gcc /usr/lib64/* /usr/lib/
RUN --network=none <<-EOF
set -eux
./bootstrap \
@ -39,5 +37,5 @@ FROM build as install
RUN --network=none DESTDIR=/rootfs bin/cmake -P cmake_install.cmake
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/coreutils/Containerfile
View file

@ -43,5 +43,5 @@ FROM build as install
RUN --network=none make DESTDIR="/rootfs" install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

6
packages/cpio/Containerfile
View file

@ -21,7 +21,7 @@ RUN --network=none <<-EOF
--build=x86_64-unknown-linux-musl \
--host=x86_64-unknown-linux-musl \
--prefix=/usr \
--bindir=/bin \
--bindir=/usr/bin \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
gl_cv_func_getcwd_path_max="no, but it is partly working"
@ -35,5 +35,5 @@ RUN <<-EOF
EOF
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/curl/Containerfile
View file

@ -35,5 +35,5 @@ FROM build as install
RUN make install DESTDIR=/rootfs
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/diffutils/Containerfile
View file

@ -32,5 +32,5 @@ FROM build as install
RUN --network=none make DESTDIR="/rootfs" install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

42
packages/dosfstools/Containerfile Normal file
View file

@ -0,0 +1,42 @@
FROM scratch as base
ENV VERSION=4.2
ENV SRC_HASH=64926eebf90092dca21b14259a5301b7b98e7b1943e8a201c7d726084809b527
ENV SRC_FILE=dosfstools-${VERSION}.tar.gz
ENV SRC_SITE=https://github.com/dosfstools/dosfstools/releases/download/v${VERSION}/${SRC_FILE}
FROM base as fetch
ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .
FROM fetch as build
COPY --from=stagex/busybox . /
COPY --from=stagex/gcc . /
COPY --from=stagex/binutils . /
COPY --from=stagex/make . /
COPY --from=stagex/m4 . /
COPY --from=stagex/libtool . /
COPY --from=stagex/perl . /
COPY --from=stagex/autoconf . /
COPY --from=stagex/automake . /
COPY --from=stagex/musl . /
RUN tar -xzf ${SRC_FILE}
WORKDIR dosfstools-${VERSION}
RUN --network=none <<-EOF
set -eux
./autogen.sh
./configure \
--build=x86_64-unknown-linux-musl \
--host=x86_64-unknown-linux-musl \
--prefix=/usr \
--sbindir=/usr/sbin \
--sysconfdir=/etc \
--mandir=/usr/share/man \
--localstatedir=/var \
--enable-compat-symlinks
EOF
FROM build as install
RUN --network=none make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

8
packages/ed/Containerfile
View file

@ -16,8 +16,6 @@ COPY --from=stagex/make . /
COPY --from=stagex/tar . /
COPY --from=stagex/lzip . /
COPY --from=stagex/gcc . /
# HACK: figure out why gcc package puts these in the wrong path at install time
COPY --from=stagex/gcc /usr/lib64/* /usr/lib/
RUN tar --lzip -xf ${SRC_FILE}
WORKDIR ed-${VERSION}
RUN --network=none <<-EOF
@ -27,7 +25,7 @@ RUN --network=none <<-EOF
--host=${ARCH}-linux-musl \
--target=${ARCH}-linux-musl \
--prefix=/usr \
--bindir=/bin \
--bindir=/usr/bin \
--mandir=/usr/share/man
make -j "$(nproc)"
EOF
@ -36,5 +34,5 @@ FROM build as install
RUN --network=none make DESTDIR="/rootfs" install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

6
packages/eif_build/Containerfile
View file

@ -18,8 +18,6 @@ COPY --from=stagex/binutils . /
COPY --from=stagex/pkgconf . /
COPY --from=stagex/git . /
COPY --from=stagex/rust . /
# HACK: figure out why gcc package puts these in the wrong path at install time
COPY --from=stagex/gcc /usr/lib64/* /usr/lib/
RUN tar -xzf ${SRC_FILE}
RUN mv tkhq-eif_build-* eif_build
WORKDIR eif_build
@ -39,5 +37,5 @@ WORKDIR /rootfs/usr/bin
RUN cp /eif_build/target/x86_64-unknown-linux-musl/release/eif_build .
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/elfutils/Containerfile
View file

@ -58,5 +58,5 @@ FROM build as install
RUN --network=none make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

33
packages/eudev/Containerfile Normal file
View file

@ -0,0 +1,33 @@
FROM scratch AS base
ENV VERSION=3.2.14
ENV SRC_HASH=8da4319102f24abbf7fff5ce9c416af848df163b29590e666d334cc1927f006f
ENV SRC_FILE=eudev-${VERSION}.tar.gz
ENV SRC_SITE=https://github.com/eudev-project/eudev/releases/download/v${VERSION}/${SRC_FILE}
FROM base AS fetch
ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .
FROM fetch AS build
COPY --from=stagex/busybox . /
COPY --from=stagex/binutils . /
COPY --from=stagex/musl . /
COPY --from=stagex/linux-headers . /
COPY --from=stagex/make . /
COPY --from=stagex/gcc . /
COPY --from=stagex/gperf . /
RUN --network=none tar -xf ${SRC_FILE}
WORKDIR eudev-${VERSION}
RUN --network=none <<EOF
set -eux
./configure
make
EOF
FROM build AS install
RUN --network=none DESTDIR=/rootfs make install
RUN --network=none find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch AS package
COPY --from=install /rootfs/. /

4
packages/file/Containerfile
View file

@ -36,5 +36,5 @@ FROM build as install
RUN --network=none make DESTDIR="/rootfs" install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

119
packages/filesystem/Containerfile Normal file
View file

@ -0,0 +1,119 @@
FROM scratch as build
COPY --from=stagex/stage3 . /
WORKDIR rootfs
RUN <<-EOF
install -d -m0750 root
install -d -m0644 etc
install -d -m0644 usr
install -d -m1777 tmp
install -d -m1777 var/tmp
install -d -m1777 var/spool/mail
install -o 1000:1000 -d -m0755 home/user
ln -sT usr/lib lib64
ln -sT usr/lib lib
ln -sT usr/bin bin
ln -sT usr/sbin sbin
ln -sT lib usr/lib64
ln -sT ../run var/run
ln -sT ../run/lock var/lock
EOF
COPY --chmod=644 <<-EOF etc/passwd
root:x:0:0:root:/root:/bin/sh
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/mail:/sbin/nologin
news:x:9:13:news:/usr/lib/news:/sbin/nologin
uucp:x:10:14:uucp:/var/spool/uucppublic:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
man:x:13:15:man:/usr/man:/sbin/nologin
postmaster:x:14:12:postmaster:/var/mail:/sbin/nologin
cron:x:16:16:cron:/var/spool/cron:/sbin/nologin
ftp:x:21:21::/var/lib/ftp:/sbin/nologin
sshd:x:22:22:sshd:/dev/null:/sbin/nologin
at:x:25:25:at:/var/spool/cron/atjobs:/sbin/nologin
squid:x:31:31:Squid:/var/cache/squid:/sbin/nologin
xfs:x:33:33:X Font Server:/etc/X11/fs:/sbin/nologin
games:x:35:35:games:/usr/games:/sbin/nologin
cyrus:x:85:12::/usr/cyrus:/sbin/nologin
vpopmail:x:89:89::/var/vpopmail:/sbin/nologin
ntp:x:123:123:NTP:/var/empty:/sbin/nologin
smmsp:x:209:209:smmsp:/var/spool/mqueue:/sbin/nologin
guest:x:405:100:guest:/dev/null:/sbin/nologin
user:x:1000:1000::/home/user:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
EOF
COPY --chmod=644 <<-EOF etc/group
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:lp
mem:x:8:
kmem:x:9:
wheel:x:10:root
floppy:x:11:root
mail:x:12:mail
news:x:13:news
uucp:x:14:uucp
man:x:15:man
cron:x:16:cron
console:x:17:
audio:x:18:
cdrom:x:19:
dialout:x:20:root
ftp:x:21:
sshd:x:22:
input:x:23:
at:x:25:at
tape:x:26:root
video:x:27:root
netdev:x:28:
readproc:x:30:
squid:x:31:squid
xfs:x:33:xfs
kvm:x:34:kvm
games:x:35:
shadow:x:42:
cdrw:x:80:
www-data:x:82:
usb:x:85:
vpopmail:x:89:
users:x:100:games
ntp:x:123:
nofiles:x:200:
smmsp:x:209:smmsp
locate:x:245:
abuild:x:300:
utmp:x:406:
ping:x:999:
user:x:1000:
EOF
COPY --chmod=644 <<-EOF etc/os-release
NAME="[Stageˣ]"
ID=stagex
HOME_URL="https://stagex.tools"
SUPPORT_URL="https://codeberg.org/stagex/stagex/src/branch/main/README.md"
BUG_REPORT_URL="https://codeberg.org/stagex/stagex/issues"
EOF
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=build /rootfs/. /
USER 1000:1000
ENTRYPOINT ["/bin/sh"]
ENV PS1="[Stageˣ] $ "
ENV TZ=UTC
ENV LANG=C.UTF-8
ENV LC_ALL=C
ENV USER=user
ENV HOME=/home/user
ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

4
packages/findutils/Containerfile
View file

@ -34,5 +34,5 @@ FROM build as install
RUN --network=none make DESTDIR="/rootfs" install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

6
packages/flex/Containerfile
View file

@ -29,7 +29,7 @@ RUN --network=none <<-EOF
--build=x86_64-unknown-linux-musl \
--host=x86_64-unknown-linux-musl \
--prefix=/usr \
--bindir=/bin \
--bindir=/usr/bin \
--mandir=/usr/share/man \
--infodir=/usr/share/info
make LDFLAGS=-static
@ -39,5 +39,5 @@ FROM build as install
RUN --network=none make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/gawk/Containerfile
View file

@ -34,5 +34,5 @@ FROM build as install
RUN --network=none make DESTDIR="/rootfs" install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

8
packages/gcc/Containerfile
View file

@ -57,6 +57,8 @@ RUN --network=none <<-EOF
set -eux
make DESTDIR=/rootfs install-strip
ln -s gcc /rootfs/usr/bin/cc
mv /rootfs/usr/lib64/* /rootfs/usr/lib/
rm -rf /rootfs/usr/lib64
EOF
RUN find /rootfs -exec touch -hcd "@0" "{}" +
@ -64,7 +66,7 @@ FROM scratch as test
COPY --from=stagex/busybox . /
COPY --from=stagex/binutils . /
COPY --from=stagex/musl . /
COPY --from=install /rootfs /
COPY --from=install /rootfs/. /
COPY <<-EOF test.c
#include <stdio.h>
int main() { printf("Success\n"); return 0; }
@ -75,5 +77,5 @@ RUN <<-EOF
./main | grep "Success"
EOF
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/gen_initramfs/Containerfile
View file

@ -28,5 +28,5 @@ RUN --network=none <<-EOF
EOF
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/gettext/Containerfile
View file

@ -31,5 +31,5 @@ from build as install
RUN make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

8
packages/git/Containerfile
View file

@ -25,7 +25,7 @@ RUN --network=none <<-EOF
--build=x86_64-unknown-linux-musl \
--host=x86_64-unknown-linux-musl \
--prefix=/usr \
--bindir=/bin \
--bindir=/usr/bin \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
--disable-nls \
@ -41,7 +41,7 @@ RUN make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM base as test
COPY --from=install /rootfs /
COPY --from=install /rootfs/. /
COPY --from=stagex/zlib . /
COPY --from=stagex/musl . /
COPY --from=stagex/busybox . /
@ -55,5 +55,5 @@ RUN /bin/sh <<-EOF
fi
EOF
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

37
packages/gmp/Containerfile Normal file
View file

@ -0,0 +1,37 @@
FROM scratch AS base
ARG ARCH=x86_64
ENV VERSION=6.3.0
ENV SRC_HASH=a3c2b80201b89e68616f4ad30bc66aee4927c3ce50e33929ca819d5c43538898
ENV SRC_FILE=gmp-${VERSION}.tar.xz
ENV SRC_SITE=https://gmplib.org/download/gmp/${SRC_FILE}
FROM base AS fetch
ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .
FROM fetch AS build
COPY --from=stagex/busybox . /
COPY --from=stagex/binutils . /
COPY --from=stagex/musl . /
COPY --from=stagex/make . /
COPY --from=stagex/perl . /
COPY --from=stagex/autoconf . /
COPY --from=stagex/automake . /
COPY --from=stagex/libtool . /
COPY --from=stagex/m4 . /
COPY --from=stagex/gcc . /
RUN --network=none tar -xf ${SRC_FILE}
WORKDIR gmp-${VERSION}
RUN --network=none <<EOF
set -eux
./configure \
--prefix=/usr \
--build=${ARCH}-linux-musl
make
EOF
FROM build AS install
RUN --network=none DESTDIR=/rootfs make install
RUN --network=none find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch AS package
COPY --from=install /rootfs/. /

11
packages/go/Containerfile
View file

@ -80,13 +80,14 @@ EOF
FROM build as install
RUN <<-EOF
set -eux
mkdir -p /rootfs
cp -R bin lib pkg src /rootfs
mkdir -p /rootfs/usr
cp -R pkg src /rootfs
cp -R bin lib /rootfs/usr
EOF
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM base as test
COPY --from=install /rootfs /
COPY --from=install /rootfs/. /
COPY <<-EOF test.go
package main
import "fmt"
@ -98,5 +99,5 @@ RUN <<-EOF
./test | grep "Success"
EOF
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

31
packages/gperf/Containerfile Normal file
View file

@ -0,0 +1,31 @@
FROM scratch AS base
ENV VERSION=3.1
ENV SRC_HASH=588546b945bba4b70b6a3a616e80b4ab466e3f33024a352fc2198112cdbb3ae2
ENV SRC_FILE=gperf-${VERSION}.tar.gz
ENV SRC_SITE=http://ftp.gnu.org/pub/gnu/gperf/${SRC_FILE}
FROM base AS fetch
ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .
FROM fetch AS build
COPY --from=stagex/busybox . /
COPY --from=stagex/binutils . /
COPY --from=stagex/musl . /
COPY --from=stagex/make . /
COPY --from=stagex/gcc . /
RUN --network=none tar -xf ${SRC_FILE}
WORKDIR gperf-${VERSION}
RUN --network=none <<EOF
set -eux
./configure
make
EOF
FROM build AS install
RUN --network=none DESTDIR=/rootfs make install
RUN --network=none find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch AS package
COPY --from=install /rootfs/. /

8
packages/gpg/Containerfile
View file

@ -26,7 +26,7 @@ RUN --network=none <<-EOF
--build=x86_64-unknown-linux-musl \
--host=x86_64-unknown-linux-musl \
--prefix=/usr \
--bindir=/bin \
--bindir=/usr/bin \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
make
@ -37,7 +37,7 @@ RUN make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM base as test
COPY --from=install /rootfs /
COPY --from=install /rootfs/. /
COPY --from=stagex/zlib . /
COPY --from=stagex/musl . /
COPY --from=stagex/busybox . /
@ -57,5 +57,5 @@ RUN /bin/sh <<-EOF
fi
EOF
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/grep/Containerfile
View file

@ -34,5 +34,5 @@ FROM build as install
RUN --network=none make DESTDIR="/rootfs" install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

6
packages/grub/Containerfile
View file

@ -33,7 +33,7 @@ RUN find /rootfs -exec touch -hcd "@0" "{}" +
RUN ls -la .
FROM base as test
COPY --from=install /rootfs /
COPY --from=install /rootfs/. /
COPY --from=stagex/musl . /
COPY --from=stagex/busybox . /
RUN grub-install --version
@ -46,5 +46,5 @@ RUN /bin/sh <<-EOF
fi
EOF
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/gzip/Containerfile
View file

@ -33,5 +33,5 @@ FROM build as install
RUN --network=none make DESTDIR="/rootfs" install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

93
packages/keyfork/Containerfile Normal file
View file

@ -0,0 +1,93 @@
ARG RUST_VERSION=1.76.0
FROM scratch AS base
ENV VERSION=0.1.0
# https://git.distrust.co/public/keyfork/archive/keyfork-v0.1.0.tar.gz
ENV SRC_HASH=f6104056538f846a9575e8e407a1e5bb938eac47b3852de4c7359a6972abdcda
ENV SRC_FILE=keyfork-v${VERSION}.tar.gz
ENV SRC_SITE=https://git.distrust.co/public/keyfork/archive/${SRC_FILE}
FROM base AS fetch
ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .
FROM stagex/rust:${RUST_VERSION} AS rust
FROM fetch AS rust-fetch
COPY --from=stagex/busybox . /
COPY --from=stagex/musl . /
COPY --from=rust . /
COPY --from=stagex/gcc . /
COPY --from=stagex/llvm . /
COPY --from=stagex/libunwind . /
COPY --from=stagex/openssl . /
COPY --from=stagex/zlib . /
# NOTE: Necessary for `cargo fetch`, but CA trust is not relied upon
COPY --from=stagex/ca-certificates . /
RUN --network=none <<EOF
set -eux
mkdir keyfork
tar xf ${SRC_FILE}
EOF
WORKDIR keyfork
ADD <<EOF /.cargo/config.toml
[registries.distrust]
index = "https://git.distrust.co/public/_cargo-index.git"
EOF
RUN cargo fetch
FROM rust-fetch AS build
# Rust build deps
COPY --from=stagex/binutils . /
COPY --from=stagex/gcc . /
COPY --from=stagex/llvm . /
COPY --from=stagex/make . /
COPY --from=stagex/musl . /
# Keyfork build deps
COPY --from=stagex/clang . /
COPY --from=stagex/linux-headers . /
COPY --from=stagex/gmp . /
COPY --from=stagex/nettle . /
COPY --from=stagex/pcsc-lite . /
COPY --from=stagex/pkgconf . /
ENV RUST_BACKTRACE=1
ENV RUSTFLAGS='-C target-feature=-crt-static -C codegen-units=1'
ENV GIT_REVISION=d338ed98cbb7dd1e9de9340ae9486880dfcb389a
RUN --network=none cargo build --frozen --release --bin keyfork
FROM scratch AS install
COPY --from=stagex/busybox . /
COPY --from=stagex/busybox . /rootfs
COPY --from=stagex/libunwind . /rootfs
COPY --from=stagex/gcc . /rootfs
COPY --from=stagex/musl . /rootfs
# HACK: gcc puts things in /usr/lib64
COPY --from=stagex/gcc /usr/lib64/* /rootfs/usr/lib/
COPY --from=stagex/gmp . /rootfs
COPY --from=stagex/nettle . /rootfs
COPY --from=stagex/pcsc-lite . /rootfs
COPY --from=build keyfork/target/release/keyfork /rootfs/usr/bin/keyfork
RUN --network=none find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch AS package
COPY --from=install /rootfs/. /
ENTRYPOINT ["/usr/bin/keyfork"]
CMD ["--version"]

8
packages/libassuan/Containerfile
View file

@ -22,7 +22,7 @@ RUN --network=none <<-EOF
--build=x86_64-unknown-linux-musl \
--host=x86_64-unknown-linux-musl \
--prefix=/usr \
--bindir=/bin \
--bindir=/usr/bin \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
make
@ -33,7 +33,7 @@ RUN make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM base as test
COPY --from=install /rootfs /
COPY --from=install /rootfs/. /
COPY --from=stagex/busybox . /
RUN /bin/sh <<-EOF
set -eux
@ -44,5 +44,5 @@ RUN /bin/sh <<-EOF
fi
EOF
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

40
packages/libcap/Containerfile Normal file
View file

@ -0,0 +1,40 @@
FROM scratch as base
ENV VERSION=2.69
ENV SRC_HASH=9cc2fa3ee744d881629cdac1a1b54c302e7684fda3e3622056218c7681642ffb
ENV SRC_FILE=libcap-${VERSION}.tar.gz
ENV SRC_SITE=https://git.kernel.org/pub/scm/libs/libcap/libcap.git/snapshot/${SRC_FILE}
FROM base as fetch
ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .
FROM fetch as build
COPY --from=stagex/bash . /
COPY --from=stagex/binutils . /
COPY --from=stagex/busybox . /
COPY --from=stagex/linux-headers . /
COPY --from=stagex/make . /
COPY --from=stagex/musl . /
COPY --from=stagex/perl . /
COPY --from=stagex/gcc . /
# HACK: figure out why gcc package puts these in the wrong path at install time
COPY --from=stagex/gcc /usr/lib64/* /usr/lib/
RUN tar -xzf ${SRC_FILE}
WORKDIR libcap-${VERSION}
RUN --network=none ARCH=x86_64 make
FROM build as install
RUN --network=none make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as test
COPY --from=install /rootfs /
RUN --network=none <<-EOF
set -eux
getcap --license | grep LICENSE || true
setcap -l | grep LICENSE || true
getpcaps --license | grep LICENSE || true
capsh --license | grep License || true
EOF
FROM scratch as package
COPY --from=install /rootfs /

8
packages/libgcrypt/Containerfile
View file

@ -22,7 +22,7 @@ RUN --network=none <<-EOF
--build=x86_64-unknown-linux-musl \
--host=x86_64-unknown-linux-musl \
--prefix=/usr \
--bindir=/bin \
--bindir=/usr/bin \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
make
@ -33,7 +33,7 @@ RUN make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM base as test
COPY --from=install /rootfs /
COPY --from=install /rootfs/. /
COPY --from=stagex/busybox . /
RUN /bin/sh <<-EOF
set -eux
@ -44,5 +44,5 @@ RUN /bin/sh <<-EOF
fi
EOF
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

7
packages/libgpg-error/Containerfile
View file

@ -22,7 +22,6 @@ RUN --network=none <<-EOF
--build=x86_64-unknown-linux-musl \
--host=x86_64-unknown-linux-musl \
--prefix=/usr \
--bindir=/bin \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
make
@ -33,7 +32,7 @@ RUN make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM base as test
COPY --from=install /rootfs /
COPY --from=install /rootfs/. /
COPY --from=stagex/busybox . /
RUN /bin/sh <<-EOF
set -eux
@ -44,5 +43,5 @@ RUN /bin/sh <<-EOF
fi
EOF
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

10
packages/libksba/Containerfile
View file

@ -14,7 +14,7 @@ COPY --from=stagex/gcc . /
COPY --from=stagex/binutils . /
COPY --from=stagex/make . /
COPY --from=stagex/npth . /
COPY --from=stagex/libgpg-error . /
COPY --from=stagex/libgpg-error . /
RUN tar -xvf $SRC_FILE
WORKDIR libksba-${VERSION}
RUN --network=none <<-EOF
@ -22,7 +22,7 @@ RUN --network=none <<-EOF
./configure \
--build=x86_64-unknown-linux-musl \
--host=x86_64-unknown-linux-musl \
--prefix=/usr \
--prefix=/usr/ \
--bindir=/bin \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
@ -34,7 +34,7 @@ RUN make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM base as test
COPY --from=install /rootfs /
COPY --from=install /rootfs/. /
COPY --from=stagex/zlib . /
COPY --from=stagex/musl . /
COPY --from=stagex/busybox . /
@ -48,5 +48,5 @@ RUN /bin/sh <<-EOF
fi
EOF
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/libtool/Containerfile
View file

@ -29,5 +29,5 @@ RUN --network=none <<-EOF
EOF
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/libunwind/Containerfile
View file

@ -37,5 +37,5 @@ FROM build as install
RUN --network=none make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/libxml2/Containerfile
View file

@ -48,5 +48,5 @@ RUN --network=none <<-EOF
EOF
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

6
packages/libzstd/Containerfile
View file

@ -17,8 +17,6 @@ COPY --from=stagex/ninja . /
COPY --from=stagex/binutils . /
COPY --from=stagex/pkgconf . /
COPY --from=stagex/zlib . /
# HACK: figure out why gcc package puts these in the wrong path at install time
COPY --from=stagex/gcc /usr/lib64/* /usr/lib/
RUN tar -xf ${SRC_FILE}
WORKDIR zstd-${VERSION}
RUN --network=none <<-EOF
@ -73,5 +71,5 @@ FROM build as install
RUN --network=none DESTDIR=/rootfs meson install --no-rebuild -C output
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

58
packages/linux-airgap/Containerfile Normal file
View file

@ -0,0 +1,58 @@
FROM scratch as base
ENV VERSION=6.7
ENV SRC_HASH=ef31144a2576d080d8c31698e83ec9f66bf97c677fa2aaf0d5bbb9f3345b1069
ENV SRC_FILE=linux-${VERSION}.tar.xz
ENV SRC_SITE=http://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/${SRC_FILE}
FROM base as fetch
ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .
FROM fetch as build
COPY --from=stagex/musl . /
COPY --from=stagex/make . /
COPY --from=stagex/binutils . /
COPY --from=stagex/linux-headers . /
COPY --from=stagex/elfutils . /
COPY --from=stagex/openssl . /
COPY --from=stagex/perl . /
COPY --from=stagex/m4 . /
COPY --from=stagex/gcc . /
COPY --from=stagex/bison . /
COPY --from=stagex/libzstd . /
COPY --from=stagex/zlib . /
COPY --from=stagex/flex . /
COPY --from=stagex/pkgconf . /
COPY --from=stagex/coreutils . /
COPY --from=stagex/findutils . /
COPY --from=stagex/diffutils . /
COPY --from=stagex/tar . /
COPY --from=stagex/gzip . /
COPY --from=stagex/xz . /
COPY --from=stagex/sed . /
COPY --from=stagex/grep . /
COPY --from=stagex/gawk . /
COPY --from=stagex/bc . /
COPY --from=stagex/bash . /
COPY --from=stagex/bash /bin/bash /bin/sh
RUN tar -xf ${SRC_FILE}
WORKDIR linux-${VERSION}
ADD linux.config .config
ENV KBUILD_BUILD_HOST=stagex
ENV KBUILD_BUILD_USER=user
ENV KBUILD_BUILD_TIMESTAMP=1
RUN <<-EOF
set -eux
make bzImage
EOF
FROM build as install
RUN <<-EOF
set -eux
mkdir /rootfs
cp .config /rootfs/linux.config
cp arch/x86_64/boot/bzImage /rootfs
EOF
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

1785
packages/linux-airgap/linux.config Normal file
View file

File diff suppressed because it is too large Load diff

30
packages/linux-generic/Containerfile
View file

@ -8,7 +8,6 @@ FROM base as fetch
ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .
FROM fetch as build
COPY --from=stagex/busybox . /
COPY --from=stagex/musl . /
COPY --from=stagex/make . /
COPY --from=stagex/binutils . /
@ -23,21 +22,40 @@ COPY --from=stagex/libzstd . /
COPY --from=stagex/zlib . /
COPY --from=stagex/flex . /
COPY --from=stagex/pkgconf . /
COPY --from=stagex/coreutils . /
COPY --from=stagex/findutils . /
COPY --from=stagex/diffutils . /
COPY --from=stagex/tar . /
COPY --from=stagex/gzip . /
COPY --from=stagex/xz . /
COPY --from=stagex/sed . /
COPY --from=stagex/grep . /
COPY --from=stagex/gawk . /
COPY --from=stagex/bc . /
COPY --from=stagex/bash . /
COPY --from=stagex/bash /bin/bash /bin/sh
RUN tar -xf ${SRC_FILE}
WORKDIR linux-${VERSION}
ENV KBUILD_BUILD_HOST=stagex
ENV KBUILD_BUILD_USER=user
ENV KBUILD_BUILD_TIMESTAMP=1
RUN <<-EOF
set -eux
make oldconfig
make
make bzImage
make modules INSTALL_MOD_PATH=/rootfs
EOF
FROM build as install
RUN <<-EOF
set -eux
make DESTDIR=/rootfs install
mkdir -p /rootfs/usr
mkdir -p /rootfs/usr/lib/modules
make INSTALL_MOD_PATH=/rootfs/usr modules_install
cp .config /rootfs/linux.config
cp arch/x86_64/boot/bzImage /rootfs
EOF
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/linux-headers/Containerfile
View file

@ -23,5 +23,5 @@ RUN <<-EOF
EOF
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

7
packages/linux-nitro/Containerfile
View file

@ -44,10 +44,11 @@ RUN tar -xf ${NSM_SRC_FILE} -C nitro-bootstrap --strip-components 1
RUN tar -xf ${SRC_FILE}
WORKDIR linux-${VERSION}
ADD linux.config .config
ENV KBUILD_BUILD_HOST=stagex
ENV KBUILD_BUILD_USER=user
ENV KBUILD_BUILD_TIMESTAMP=1
RUN <<-EOF
set -eux
mkdir /tmp
make olddefconfig
make bzImage
make modules_prepare
@ -65,5 +66,5 @@ RUN <<-EOF
EOF
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

45
packages/lld/Containerfile Normal file
View file

@ -0,0 +1,45 @@
FROM scratch as base
ENV VERSION=16.0.6
ENV SRC_HASH=ce5e71081d17ce9e86d7cbcfa28c4b04b9300f8fb7e78422b1feb6bc52c3028e
ENV SRC_FILE=llvm-project-${VERSION}.src.tar.xz
ENV SRC_SITE=https://github.com/llvm/llvm-project/releases/download/llvmorg-${VERSION}/${SRC_FILE}
FROM base as fetch
ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .
FROM fetch as build
COPY --from=stagex/busybox . /
COPY --from=stagex/binutils . /
COPY --from=stagex/cmake . /
COPY --from=stagex/ninja . /
COPY --from=stagex/musl . /
COPY --from=stagex/gcc . /
COPY --from=stagex/python . /
COPY --from=stagex/py-setuptools . /
COPY --from=stagex/openssl . /
COPY --from=stagex/gcc . /
COPY --from=stagex/llvm . /
COPY --from=stagex/zlib . /
# HACK: figure out why gcc package puts these in the wrong path at install time
COPY --from=stagex/gcc /usr/lib64/* /usr/lib/
RUN tar -xf ${SRC_FILE}
WORKDIR llvm-project-${VERSION}.src
RUN set -eux; \
cmake \
-S lld \
-B build \
-G Ninja \
-Wno-dev \
-DCMAKE_BUILD_TYPE=Release \
-DCMAKE_INSTALL_PREFIX=/usr/ \
-DCMAKE_INSTALL_RPATH=/usr/ \
-DLLVM_ENABLE_ZLIB=FORCE_ON; \
cmake --build build
FROM build as install
RUN DESTDIR="/rootfs" cmake --install build
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

8
packages/llvm/Containerfile
View file

@ -18,8 +18,6 @@ COPY --from=stagex/python . /
COPY --from=stagex/py-setuptools . /
COPY --from=stagex/zlib . /
COPY --from=stagex/openssl . /
# HACK: figure out why gcc package puts these in the wrong path at install time
COPY --from=stagex/gcc /usr/lib64/* /usr/lib/
RUN tar -xf ${SRC_FILE}
WORKDIR llvm-project-${VERSION}.src
ADD *.patch .
@ -52,7 +50,7 @@ RUN --network=none <<-EOF
-DLLVM_ENABLE_RTTI=ON \
-DLLVM_ENABLE_SPHINX=OFF \
-DLLVM_ENABLE_TERMINFO=ON \
-DLLVM_ENABLE_ZLIB=OFF \
-DLLVM_ENABLE_ZLIB=FORCE_ON \
-DLLVM_ENABLE_ZSTD=OFF \
-DLLVM_INCLUDE_BENCHMARKS=OFF \
-DLLVM_INCLUDE_EXAMPLES=OFF \
@ -72,5 +70,5 @@ RUN <<-EOF
EOF
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

6
packages/llvm13/Containerfile
View file

@ -18,8 +18,6 @@ COPY --from=stagex/python . /
COPY --from=stagex/py-setuptools . /
COPY --from=stagex/zlib . /
COPY --from=stagex/openssl . /
# HACK: figure out why gcc package puts these in the wrong path at install time
COPY --from=stagex/gcc /usr/lib64/* /usr/lib/
RUN tar -xf ${SRC_FILE}
WORKDIR llvm-project-${VERSION}.src
ADD *.patch .
@ -72,5 +70,5 @@ RUN <<-EOF
EOF
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/lzip/Containerfile
View file

@ -27,5 +27,5 @@ FROM build as install
RUN --network=none make DESTDIR="/rootfs" install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/m4/Containerfile
View file

@ -26,5 +26,5 @@ FROM build as install
RUN --network=none make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/make/Containerfile
View file

@ -25,5 +25,5 @@ FROM build as install
RUN --network=none make DESTDIR="/rootfs" install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/meson/Containerfile
View file

@ -21,5 +21,5 @@ FROM build as install
RUN --network=none python setup.py install --root=/rootfs
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

38
packages/mtools/Containerfile Normal file
View file

@ -0,0 +1,38 @@
FROM scratch as base
ARG ARCH=x86_64
ENV VERSION=4.0.43
ENV SRC_HASH=541e179665dc4e272b9602f2074243591a157da89cc47064da8c5829dbd2b339
ENV SRC_FILE=mtools-${VERSION}.tar.bz2
ENV SRC_SITE=https://ftp.gnu.org/gnu/mtools/${SRC_FILE}
FROM base as fetch
ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .
FROM fetch as build
COPY --from=stagex/busybox . /
COPY --from=stagex/binutils . /
COPY --from=stagex/musl . /
COPY --from=stagex/make . /
COPY --from=stagex/gcc . /
RUN tar -xjf ${SRC_FILE}
WORKDIR mtools-${VERSION}
ENV FORCE_UNSAFE_CONFIGURE=1
RUN --network=none <<-EOF
set -ex
./configure \
--build=${ARCH}-linux-musl \
--host=${ARCH}-linux-musl \
--prefix=/usr \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
--sysconfdir=/etc/mtools \
--without-x
make -j "$(nproc)"
EOF
FROM build as install
RUN --network=none make DESTDIR="/rootfs" install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/musl-fts/Containerfile
View file

@ -42,5 +42,5 @@ RUN <<-EOF
EOF
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/musl-obstack/Containerfile
View file

@ -32,5 +32,5 @@ FROM build as install
RUN --network=none make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

19
packages/musl/Containerfile
View file

@ -2,7 +2,7 @@ FROM scratch as base
ARG ARCH=x86_64
ENV VERSION=1.2.4
ENV SRC_FILE=musl-${VERSION}.tar.gz
ENV SRC_SITE=http://musl.libc.org/${SRC_FILE}
ENV SRC_SITE=http://musl.libc.org/releases/${SRC_FILE}
ENV SRC_HASH=7a35eae33d5372a7c0da1188de798726f68825513b7ae3ebe97aaaa52114f039
ENV CFLAGS="-Os -fstack-clash-protection -Wformat -Werror=format-security"
ENV CXXFLAGS="-Os -fstack-clash-protection -Wformat -Werror=format-security -D_GLIBCXX_ASSERTIONS=1 -D_LIBCPP_ENABLE_THREAD_SAFETY_ANNOTATIONS=1 -D_LIBCPP_ENABLE_HARDENED_MODE=1"
@ -37,15 +37,14 @@ FROM build as install
RUN --network=none <<-EOF
set -eux
make DESTDIR=/rootfs install
mkdir -p /rootfs/usr/bin
printf "%s\n%s\n" '#!/bin/sh' 'exec /lib/ld-musl-${ARCH}.so.1 --list "$@"' \
> /rootfs/usr/bin/ldd; \
chmod 755 /rootfs/usr/bin/ldd
mv -f /rootfs/usr/lib/libc.so /rootfs/lib/ld-musl-${ARCH}.so.1
ln -sf ld-musl-${ARCH}.so.1 /rootfs/lib/libc.musl-${ARCH}.so.1
ln -sf ../../lib/ld-musl-${ARCH}.so.1 /rootfs/usr/lib/libc.so
mkdir -p /rootfs/usr/bin /rootfs/usr/lib
rm -rf /rootfs/lib
ln -sf /usr/lib/ld-musl-${ARCH}.so.1 /rootfs/usr/bin/ldd
mv -f /rootfs/usr/lib/libc.so /rootfs/usr/lib/ld-musl-${ARCH}.so.1
ln -sf ld-musl-${ARCH}.so.1 /rootfs/usr/lib/libc.musl-${ARCH}.so.1
ln -sf /usr/lib/ld-musl-${ARCH}.so.1 /rootfs/usr/lib/libc.so
EOF
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

39
packages/nettle/Containerfile Normal file
View file

@ -0,0 +1,39 @@
FROM scratch AS base
ENV VERSION=3.9.1_release_20230601
ENV SRC_HASH=7278dd8fb89cae88552e1dc4a6294f1c62a8a9548a18f635515242f389797fed
ENV SRC_FILE=nettle-nettle_${VERSION}.tar.gz
ENV SRC_SITE=https://git.lysator.liu.se/nettle/nettle/-/archive/nettle_${VERSION}/${SRC_FILE}
FROM base AS fetch
ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .
FROM fetch AS build
COPY --from=stagex/busybox . /
COPY --from=stagex/binutils . /
COPY --from=stagex/musl . /
COPY --from=stagex/make . /
COPY --from=stagex/perl . /
COPY --from=stagex/autoconf . /
COPY --from=stagex/automake . /
COPY --from=stagex/libtool . /
COPY --from=stagex/m4 . /
COPY --from=stagex/gcc . /
COPY --from=stagex/gmp . /
RUN --network=none tar -xf ${SRC_FILE}
WORKDIR nettle-nettle_${VERSION}
RUN --network=none <<EOF
set -eux
ls
autoreconf -vfi
./configure --prefix=/usr --libdir=/usr/lib --enable-public-key
make
EOF
FROM build AS install
RUN --network=none DESTDIR=/rootfs make install
RUN --network=none find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch AS package
COPY --from=install /rootfs/. /

7
packages/ninja/Containerfile
View file

@ -18,11 +18,8 @@ COPY --from=stagex/openssl . /
RUN tar -xf ${SRC_FILE}
WORKDIR ninja-${VERSION}
ADD *.patch .
# HACK: figure out why gcc package puts these in the wrong path at install time
COPY --from=stagex/gcc /usr/lib64/* /usr/lib/
RUN --network=none <<-EOF
set -eux
cp -R /usr/lib64/* /usr/lib/
patch -p1 < fix-musl.patch
python ./configure.py --bootstrap
EOF
@ -35,5 +32,5 @@ RUN <<-EOF
EOF
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

8
packages/npth/Containerfile
View file

@ -21,7 +21,7 @@ RUN --network=none <<-EOF
--build=x86_64-unknown-linux-musl \
--host=x86_64-unknown-linux-musl \
--prefix=/usr \
--bindir=/bin \
--bindir=/usr/bin \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
make
@ -32,7 +32,7 @@ RUN make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM base as test
COPY --from=install /rootfs /
COPY --from=install /rootfs/. /
COPY --from=stagex/zlib . /
COPY --from=stagex/musl . /
COPY --from=stagex/busybox . /
@ -46,5 +46,5 @@ RUN /bin/sh <<-EOF
fi
EOF
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/openssl/Containerfile
View file

@ -46,5 +46,5 @@ FROM build as install
RUN --network=none make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

9
packages/pcsc-lite/Containerfile
View file

@ -16,6 +16,8 @@ COPY --from=stagex/binutils . /
COPY --from=stagex/make . /
COPY --from=stagex/perl . /
COPY --from=stagex/flex . /
COPY --from=stagex/pkgconf . /
COPY --from=stagex/eudev . /
RUN tar -xvf $SRC_FILE
WORKDIR pcsc-lite-${VERSION}
RUN --network=none <<-EOF
@ -36,7 +38,6 @@ RUN --network=none <<-EOF
--disable-libsystemd \
--disable-polkit \
--disable-strict \
--disable-libudev \
--enable-static
make
EOF
@ -46,7 +47,7 @@ RUN make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM base as test
COPY --from=install /rootfs /
COPY --from=install /rootfs/. /
COPY --from=stagex/busybox . /
RUN /bin/sh <<-EOF
set -eux
@ -57,5 +58,5 @@ RUN /bin/sh <<-EOF
fi
EOF
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

6
packages/perl/Containerfile
View file

@ -61,7 +61,7 @@ RUN --network=none make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as test
COPY --from=install /rootfs /
COPY --from=install /rootfs/. /
COPY --from=stagex/musl . /
COPY <<-EOF test.pl
use strict;
@ -70,5 +70,5 @@ COPY <<-EOF test.pl
EOF
RUN perl test.pl | grep "Success"
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/pkgconf/Containerfile
View file

@ -30,5 +30,5 @@ RUN --network=none <<-EOF
EOF
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/py-setuptools/Containerfile
View file

@ -20,5 +20,5 @@ FROM build as install
RUN python setup.py install --root=/rootfs
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

6
packages/python/Containerfile
View file

@ -39,12 +39,12 @@ EOF
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as test
COPY --from=install /rootfs /
COPY --from=install /rootfs/. /
COPY --from=stagex/musl . /
COPY <<-EOF test.py
print("Success")
EOF
RUN python test.py | grep "Success"
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

11
packages/rust/Containerfile
View file

@ -70,8 +70,6 @@ COPY --from=stagex/perl . /
COPY --from=stagex/gcc . /
COPY --from=stagex/libunwind . /
COPY --from=stagex/musl . /
# HACK: figure out why gcc package puts these in the wrong path at install time
COPY --from=stagex/gcc /usr/lib64/* /usr/lib/
FROM build-base as build-mrustc
COPY --from=stagex/llvm13 . /
@ -107,6 +105,7 @@ COPY <<-'EOF' build.sh
set -eux
VERSION=${1}
BUILD_VERSION=${2}
TOOLS=${3:-cargo}
PREFIX=/rust-${VERSION}/usr
BUILD_PREFIX=/rust-${BUILD_VERSION}/usr
#HACK because rust build seemindly ignores LD_LIBRARY_PATH
@ -120,7 +119,7 @@ COPY <<-'EOF' build.sh
--enable-local-rust \
--llvm-root="/usr/lib" \
--disable-docs \
--tools="cargo" \
--tools="${TOOLS}" \
--enable-llvm-link-shared \
--enable-option-checking \
--enable-locked-deps \
@ -185,7 +184,7 @@ RUN sh build.sh 1.74.0 1.73.0
# HACK: Required by Rust 1.75.0
RUN mkdir -p $HOME/.cargo/registry/src/index.crates.io-6f17d22bba15001f/
RUN sh build.sh 1.75.0 1.74.0
RUN sh build.sh 1.76.0 1.75.0
RUN sh build.sh 1.76.0 1.75.0 cargo,clippy,rustdoc,rustfmt,rust-demangler
FROM build as install
RUN <<-EOF
@ -201,5 +200,5 @@ RUN <<-EOF
find /rootfs -exec touch -hcd "@0" "{}" +
EOF
FROM scratch as package
COPY --from=install /rootfs/ /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

6
packages/sed/Containerfile
View file

@ -18,7 +18,7 @@ WORKDIR sed-${VERSION}
RUN --network=none <<-EOF
set -eux
./configure \
--prefix=/; \
--prefix=/usr; \
make
EOF
@ -26,5 +26,5 @@ FROM build as install
RUN make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/sops/Containerfile
View file

@ -33,5 +33,5 @@ RUN <<-EOF
EOF
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs/ /
FROM stagex/filesystem as package
COPY --from=install /rootfs/./ /

4
packages/strace/Containerfile
View file

@ -34,5 +34,5 @@ FROM build as install
RUN --network=none make DESTDIR="/rootfs" install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/sxctl/Containerfile
View file

@ -19,6 +19,6 @@ WORKDIR /rootfs
RUN cp /sxctl/cmd/sxctl/sxctl .
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /
ENTRYPOINT ["/sxctl"]

46
packages/syslinux/Containerfile Normal file
View file

@ -0,0 +1,46 @@
FROM scratch as base
ENV VERSION=6.04-pre1
ENV SRC_HASH=3f6d50a57f3ed47d8234fd0ab4492634eb7c9aaf7dd902f33d3ac33564fd631d
ENV SRC_FILE=syslinux-${VERSION}.tar.xz
ENV SRC_SITE=https://www.kernel.org/pub/linux/utils/boot/syslinux/Testing/6.04/${SRC_FILE}
FROM base as fetch
ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} ${SRC_FILE}
FROM fetch as build
COPY --from=stagex/busybox . /
COPY --from=stagex/gcc . /
COPY --from=stagex/binutils . /
COPY --from=stagex/make . /
COPY --from=stagex/perl . /
COPY --from=stagex/musl . /
COPY --from=stagex/util-linux . /
COPY --from=stagex/linux-headers . /
RUN tar -xf ${SRC_FILE}
WORKDIR syslinux-${VERSION}
COPY *.patch .
RUN --network=none <<-EOF
patch -p1 < fix-sysmacros.patch
patch -p1 < prevent-pow-optimization.patch
patch -p1 < gcc-10.patch
make -j1 bios efi64 installer
EOF
FROM build as install
RUN make -j1 \
INSTALLROOT="/rootfs" \
MANDIR=/usr/share/man \
BINDIR=/usr/bin \
SBINDIR=/usr/sbin \
LIBDIR=/usr/lib \
install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM base as test
COPY --from=install /rootfs/. /
COPY --from=stagex/musl . /
COPY --from=stagex/busybox . /
RUN syslinux --version
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

12
packages/syslinux/fix-sysmacros.patch Normal file
View file

@ -0,0 +1,12 @@
diff --git a/extlinux/main.c b/extlinux/main.c
index a7ebd49..69bb164 100644
--- a/extlinux/main.c
+++ b/extlinux/main.c
@@ -41,6 +41,7 @@
#include <sys/types.h>
#include <sys/mount.h>
#include <sys/vfs.h>
+#include <sys/sysmacros.h>
#include "linuxioctl.h"

109
packages/syslinux/gcc-10.patch Normal file
View file

@ -0,0 +1,109 @@
From 951928f2cad5682c2844e6bd0f7201236c5d9b66 Mon Sep 17 00:00:00 2001
From: Merlin Mathesius <mmathesi@redhat.com>
Date: Wed, 13 May 2020 08:02:27 -0500
Subject: [PATCH] Workaround multiple definition of symbol errors
---
com32/cmenu/Makefile | 2 +-
com32/elflink/ldlinux/Makefile | 2 +-
com32/gpllib/Makefile | 2 +-
com32/hdt/Makefile | 2 +-
core/Makefile | 2 +-
dos/Makefile | 2 +-
efi/Makefile | 2 +-
7 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/com32/cmenu/Makefile b/com32/cmenu/Makefile
index b81b68ed..2ae989c4 100644
--- a/com32/cmenu/Makefile
+++ b/com32/cmenu/Makefile
@@ -49,7 +49,7 @@ makeoutputdirs:
@mkdir -p $(OBJ)/libmenu
libmenu/libmenu.elf: $(LIBMENU)
- $(LD) -shared $(LDFLAGS) -soname $(patsubst %.elf,%.c32,$(@F)) \
+ $(LD) -shared $(LDFLAGS) -z muldefs -soname $(patsubst %.elf,%.c32,$(@F)) \
-o $@ $^
tidy dist:
diff --git a/com32/elflink/ldlinux/Makefile b/com32/elflink/ldlinux/Makefile
index 87c0d362..2be2a01a 100644
--- a/com32/elflink/ldlinux/Makefile
+++ b/com32/elflink/ldlinux/Makefile
@@ -33,7 +33,7 @@ endif
all: $(BTARGET) ldlinux_lnx.a
ldlinux.elf : $(OBJS)
- $(LD) $(LDFLAGS) -soname $(SONAME) -o $@ $^ $(LIBS)
+ $(LD) $(LDFLAGS) -z muldefs -soname $(SONAME) -o $@ $^ $(LIBS)
LNXCFLAGS += -D__export='__attribute__((visibility("default")))'
LNXLIBOBJS = get_key.lo
diff --git a/com32/gpllib/Makefile b/com32/gpllib/Makefile
index 1fec9145..2d764d0b 100644
--- a/com32/gpllib/Makefile
+++ b/com32/gpllib/Makefile
@@ -24,7 +24,7 @@ makeoutputdirs:
$(addprefix $(OBJ),$(sort $(dir $(LIBOBJS)))),$(b))
libgpl.elf : $(LIBOBJS)
- $(LD) -shared $(LDFLAGS) -soname $(patsubst %.elf,%.c32,$(@F)) -o $@ $^
+ $(LD) -shared $(LDFLAGS) -z muldefs -soname $(patsubst %.elf,%.c32,$(@F)) -o $@ $^
tidy dist clean:
find . \( -name \*.o -o -name .\*.d -o -name \*.tmp \) -print0 | \
diff --git a/com32/hdt/Makefile b/com32/hdt/Makefile
index 61736d05..1d947857 100644
--- a/com32/hdt/Makefile
+++ b/com32/hdt/Makefile
@@ -52,7 +52,7 @@ QEMU ?= qemu-kvm
all: $(MODULES) $(TESTFILES)
hdt.elf : $(OBJS) $(LIBS) $(C_LIBS)
- $(LD) $(LDFLAGS) -o $@ $^
+ $(LD) $(LDFLAGS) -z muldefs -o $@ $^
memtest:
-[ ! -f $(FLOPPY_DIR)/$(MEMTEST) ] && $(WGET) $(MEMTEST_URL) -O $(FLOPPY_DIR)/$(MEMTEST)
diff --git a/core/Makefile b/core/Makefile
index 46cb037c..f0cfcbe9 100644
--- a/core/Makefile
+++ b/core/Makefile
@@ -156,7 +156,7 @@ LDSCRIPT = $(SRC)/$(ARCH)/syslinux.ld
NASM_ELF = elf
%.elf: %.o $(LIBDEP) $(LDSCRIPT) $(AUXLIBS)
- $(LD) $(LDFLAGS) -pie -Bsymbolic \
+ $(LD) $(LDFLAGS) -z muldefs -pie -Bsymbolic \
-T $(LDSCRIPT) \
--unresolved-symbols=report-all \
-E --hash-style=gnu -M -o $@ $< \
diff --git a/dos/Makefile b/dos/Makefile
index 4c930d19..5d1c72ca 100644
--- a/dos/Makefile
+++ b/dos/Makefile
@@ -19,7 +19,7 @@ include $(MAKEDIR)/embedded.mk
CFLAGS += -D__MSDOS__ -mregparm=3 -DREGPARM=3
# CFLAGS += -DDEBUG
-LDFLAGS = -T $(SRC)/dosexe.ld
+LDFLAGS = -T $(SRC)/dosexe.ld -z muldefs
OPTFLAGS = -g
INCLUDES = -include code16.h -nostdinc -iwithprefix include \
-I$(SRC) -I$(SRC)/.. -I$(SRC)/../libfat \
diff --git a/efi/Makefile b/efi/Makefile
index bbf23f24..3dd922d5 100644
--- a/efi/Makefile
+++ b/efi/Makefile
@@ -69,7 +69,7 @@ $(OBJS): | $(OBJ)/$(ARCH)
BTARGET = syslinux.efi
syslinux.so: $(OBJS) $(CORE_OBJS) $(LIB_OBJS)
- $(LD) $(LDFLAGS) --strip-debug -o $@ $^ -lgnuefi -lefi
+ $(LD) $(LDFLAGS) -z muldefs --strip-debug -o $@ $^ -lgnuefi -lefi
# We need to rename the .hash section because the EFI firmware
# linker really doesn't like it.
--
2.25.1

36
packages/syslinux/prevent-pow-optimization.patch Normal file
View file

@ -0,0 +1,36 @@
From: Lukas Schwaighofer <lukas@schwaighofer.name>
Date: Tue, 26 Feb 2019 23:13:58 +0100
Subject: Prevent optimizing the pow() function
With the current GCC 8.2.0 from Debian, a section of code calling pow() in
zzjson_parse.c is turned into a sequence calling exp(). Since no exp()
implementation is available in syslinux those optimizations need to be
disabled.
---
com32/gpllib/zzjson/zzjson_parse.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/com32/gpllib/zzjson/zzjson_parse.c b/com32/gpllib/zzjson/zzjson_parse.c
index ecb6f61..e66a9d8 100644
--- a/com32/gpllib/zzjson/zzjson_parse.c
+++ b/com32/gpllib/zzjson/zzjson_parse.c
@@ -138,6 +138,10 @@ static ZZJSON *parse_string2(ZZJSON_CONFIG *config) {
return zzjson;
}
+static double __attribute__((optimize("O0"))) pow_noopt(double x, double y) {
+ return pow(x, y);
+}
+
static ZZJSON *parse_number(ZZJSON_CONFIG *config) {
ZZJSON *zzjson;
unsigned long long ival = 0, expo = 0;
@@ -213,7 +217,7 @@ skipexpo:
if (dbl) {
dval = sign * (long long) ival;
dval += sign * frac;
- dval *= pow(10.0, (double) signexpo * expo);
+ dval *= pow_noopt(10.0, (double) signexpo * expo);
}
zzjson = config->calloc(1, sizeof(ZZJSON));

4
packages/tar/Containerfile
View file

@ -35,5 +35,5 @@ FROM build as install
RUN --network=none make DESTDIR="/rootfs" install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

5
packages/texinfo/Containerfile
View file

@ -30,7 +30,6 @@ RUN tar -xf ${SRC_FILE}
WORKDIR texinfo-${VERSION}
RUN --network=none <<-EOF
set -ex
mkdir /tmp
./configure \
--build=${ARCH}-linux-musl \
--host=${ARCH}-linux-musl \
@ -43,5 +42,5 @@ FROM build as install
RUN --network=none make DESTDIR="/rootfs" install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/tofu/Containerfile
View file

@ -33,5 +33,5 @@ RUN <<-EOF
EOF
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs/ /
FROM stagex/filesystem as package
COPY --from=install /rootfs/./ /

53
packages/util-linux/Containerfile Normal file
View file

@ -0,0 +1,53 @@
FROM scratch as base
ENV VERSION=2.39.3
ENV SRC_HASH=d3315ff701890f4fa1dd38ea387767fcb9e1aaeb763eb904677c03d2a7a5bdc1
ENV SRC_FILE=util-linux-${VERSION}.tar.gz
ENV SRC_SITE=https://codeload.github.com/util-linux/util-linux/legacy.tar.gz/v${VERSION}
FROM base as fetch
ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} ${SRC_FILE}
FROM fetch as build
COPY --from=stagex/busybox . /
COPY --from=stagex/musl . /
COPY --from=stagex/gcc . /
COPY --from=stagex/binutils . /
COPY --from=stagex/perl . /
COPY --from=stagex/pkgconf . /
COPY --from=stagex/autoconf . /
COPY --from=stagex/automake . /
COPY --from=stagex/gettext . /
COPY --from=stagex/bison . /
COPY --from=stagex/libtool . /
COPY --from=stagex/linux-headers . /
COPY --from=stagex/m4 . /
COPY --from=stagex/make . /
RUN mkdir util-linux
RUN tar -xvf $SRC_FILE --strip-components=1 -C util-linux
WORKDIR util-linux
RUN --network=none <<-EOF
set -eux
./autogen.sh
./configure \
--build=x86_64-unknown-linux-musl \
--host=x86_64-unknown-linux-musl \
--prefix=/usr \
--exec-prefix=/usr \
--sbindir=/usr/sbin \
--bindir=/usr/bin \
--libdir=/usr/lib \
--with-vendordir=/usr/lib \
--enable-fs-paths-extra=/usr/sbin \
--disable-nls \
--disable-silent-rules \
--disable-gtk-doc \
--enable-newgrp
make
EOF
FROM build as install
RUN make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

6
packages/xorriso/Containerfile
View file

@ -28,7 +28,7 @@ RUN make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM base as test
COPY --from=install /rootfs /
COPY --from=install /rootfs/. /
COPY --from=stagex/musl . /
COPY --from=stagex/busybox . /
RUN /bin/sh <<-EOF
@ -40,5 +40,5 @@ RUN /bin/sh <<-EOF
fi
EOF
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

4
packages/xz/Containerfile
View file

@ -36,5 +36,5 @@ FROM build as install
RUN --network=none make DESTDIR="/rootfs" install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

47
packages/zig/Containerfile Normal file
View file

@ -0,0 +1,47 @@
FROM scratch as base
ENV VERSION=0.11.0
ENV SRC_HASH=72014e700e50c0d3528cef3adf80b76b26ab27730133e8202716a187a799e951
ENV SRC_FILE=zig-${VERSION}.tar.xz
ENV SRC_SITE=https://ziglang.org/download/${VERSION}/${SRC_FILE}
FROM base as fetch
ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .
COPY static-glibc.patch .
FROM fetch as build
COPY --from=stagex/binutils . /
COPY --from=stagex/busybox . /
COPY --from=stagex/clang . /
COPY --from=stagex/cmake . /
COPY --from=stagex/gcc . /
COPY --from=stagex/libzstd . /
COPY --from=stagex/lld . /
COPY --from=stagex/llvm . /
COPY --from=stagex/make . /
COPY --from=stagex/musl . /
COPY --from=stagex/openssl . /
COPY --from=stagex/zlib . /
RUN --network=none tar -xf ${SRC_FILE}
WORKDIR zig-${VERSION}
RUN --network=none patch -p1 -i ../static-glibc.patch
RUN --network=none <<-EOF
set -eux
cmake -Bbuild \
-DCMAKE_INSTALL_PREFIX=/usr \
-DCMAKE_BUILD_TYPE=None \
-DZIG_STATIC=ON \
-DZIG_TARGET_TRIPLE=native-linux-musl \
-DZIG_TARGET_MCPU=baseline
cmake --build build
EOF
FROM build as install
RUN --network=none <<-EOF
set -eux
DESTDIR=/rootfs cmake --install build
EOF
RUN --network=none find /rootfs -exec touch -hcd "@0" "{}" +
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

17
packages/zig/static-glibc.patch Normal file
View file

@ -0,0 +1,17 @@
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 9c06d24715..26777640d8 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -906,11 +906,7 @@ if(ZIG_SINGLE_THREADED)
else()
set(ZIG_SINGLE_THREADED_ARG "")
endif()
-if(ZIG_STATIC AND NOT MSVC)
- set(ZIG_STATIC_ARG "-Duse-zig-libcxx")
-else()
- set(ZIG_STATIC_ARG "")
-endif()
+set(ZIG_STATIC_ARG "")
if(CMAKE_POSITION_INDEPENDENT_CODE OR ZIG_PIE)
set(ZIG_PIE_ARG "-Dpie")

6
packages/zlib/Containerfile
View file

@ -19,7 +19,7 @@ RUN --network=none <<-EOF
set -eux; \
./configure \
--prefix=/usr \
--libdir=/lib \
--libdir=/usr/lib \
--shared; \
make
EOF
@ -28,5 +28,5 @@ FROM build as install
RUN make DESTDIR=/rootfs install
RUN find /rootfs -exec touch -hcd "@0" "{}" +
FROM scratch as package
COPY --from=install /rootfs /
FROM stagex/filesystem as package
COPY --from=install /rootfs/. /

BIN
signatures/stagex/argp-standalone@sha256=e1c5a4b92f3ddf34227147cc81a64b175931feb9e1f697380aa4d480fe248195/signature-1 Normal file
View file

Binary file not shown.

BIN
signatures/stagex/argp-standalone@sha256=e1c5a4b92f3ddf34227147cc81a64b175931feb9e1f697380aa4d480fe248195/signature-2 Normal file
View file

Binary file not shown.

BIN
signatures/stagex/autoconf@sha256=8ecbec4e36a5c2a0954ce5f02948ac8664e59f7b421bf91ccf7305778f08b2c2/signature-1 Normal file
View file

Binary file not shown.

BIN
signatures/stagex/autoconf@sha256=8ecbec4e36a5c2a0954ce5f02948ac8664e59f7b421bf91ccf7305778f08b2c2/signature-2 Normal file
View file

Binary file not shown.

BIN
signatures/stagex/automake@sha256=fee9c7be682cced815fbad755ca845803ca0b81e8b7f1fe858de6ede752d0fcd/signature-1 Normal file
View file

Binary file not shown.

BIN
signatures/stagex/automake@sha256=fee9c7be682cced815fbad755ca845803ca0b81e8b7f1fe858de6ede752d0fcd/signature-2 Normal file
View file

Binary file not shown.

Some files were not shown because too many files have changed in this diff Show more