Co-authored-by: AkihiroSuda <suda.kyoto@gmail.com>
Co-authored-by: Mike Brown <brownwm@us.ibm.com>
Signed-off-by: Bennett White <59664869+bennett-white@users.noreply.github.com>
For testing and possibly other operations go might need elevated
permissions. Some parts of documentation and the BUILDING.md mention
using `sudo go` but does not explain how to achieve this. This commit
inserts instructions to the BUILDING.md as a small note. Note mentions
systemwide and local solutions.
Signed-off-by: Mete Durlu <mete.durlu@ibm.com>
The DESTDIR environment variable is used in the wrong way: since 30+ years
it's common practise using it for specifying *temporary* target *root*
(where eg. packaging infrastructure picks up the install image), instead
of the installation *prefix* on the final target.
Fixing this by introducing PREFIX variable (with default /usr/local) and
using both variables according to the 30 years matured common practise.
That way, distro packagers and other standardized build/installation
systems can easily do correct deployments w/o individual hacks.
changes v2: removed variables not used yet
added documentation
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Now that the dependency on runc (libcontaienr) code has been reduced
considerably, it is probbaly ok to cut the version dependency between
libcontainer and the runc binary that is supported.
This patch separates the runc binary version from the version of
libcontainer that is defined in go.mod, and updates the documentation
accordingly.
The RUNC_COMMIT variable in the install-runc script is renamed to
RUNC_VERSION to encourage using tagged versions, and the Dockerfile
in contrib is updated to allow building with a custom version.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
From the runc v1.0.0-rc93 release notes:
> The "selinux" and "apparmor" buildtags have been removed, and now all runc
> builds will have SELinux and AppArmor support enabled. Note that "seccomp"
> is still optional (though we very highly recommend you enable it).
Also adding a note about kmem support.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The build tag was removed in go-selinux v1.8.0: opencontainers/selinux#132
Related: remove "apparmor" build tag: 0a9147f3aa
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
The "apparmor" build tag does not have any cgo dependency and can be removed safely.
Related: https://github.com/opencontainers/runc/issues/2704
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
I got these errors when I try to build containerd:
```
go build "-mod=vendor" "-buildmode=pie" -tags "seccomp selinux apparmor" -ldflags "-X main.gitCommit="a220b9c6cc100f71ddc67152a12fc04622313dca" -X main.version=1.0.0-rc92+dev " -o runc .
Package libseccomp was not found in the pkg-config search path.
Perhaps you should add the directory containing `libseccomp.pc'
to the PKG_CONFIG_PATH environment variable
No package 'libseccomp' found
Package libseccomp was not found in the pkg-config search path.
Perhaps you should add the directory containing `libseccomp.pc'
to the PKG_CONFIG_PATH environment variable
No package 'libseccomp' found
pkg-config: exit status 1
```
Solved this problem by installing one extra dependency `libseccomp-dev`. I am using Ubuntu 20.04 and everything works well!
See also: opencontainers/runc#1032
Signed-off-by: Jun Lin Chen <webmaster@mc256.com>
* `-linkmode external` is required since Go 1.15 for static builds: https://github.com/golang/go/issues/40711
* Clarify the meaning of "loading plugins"
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
The cgo dependency on libseccomp was removed in containerd/cri#1548.
The `seccomp` build tag is now ignored (and the seccomp support is always built-in).
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
This commit fixes the btrfs dependency in the
"Build containerd and runc" section of BUILDING.md needed
for building containerd. btrfs/ioctl.h is now contained in
libbtrfs-dev.
Fixes#3865
Signed-off-by: Alex Price <aprice@atlassian.com>
btrfs/ioctl.h is now included in libbtrfs-dev instead of btrfs-tools.
Update BUILDING.md Dockerfile to install the correct dependency.
Resolves: #3813
Signed-off-by: Reid Li <reid.li@utexas.edu>
Go 1.11 includes a fix to os/user to be working in a static binary
(fixing https://github.com/golang/go/issues/23265). The fix requires
`osusergo` build tag to be set for static binaries, which is what
this commit documents.
[v2: sort tags alphabetically]
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Including some build information about runc that has been helpful in my
development environment. This should allow one to build and install runc
next to containerd so that both can be worked on simultaneously.
Signed-off-by: Stephen Day <stephen.day@getcruise.com>
As of opencontainers/runc@db093f621f runc
no longer depends on libapparmor thus libapparmor-dev no longer needs to
be installed to build it. Adjust the documentation accordingly.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
When compiling containerd binaries statically, linker rightfully
complains:
```
+ make BUILDTAGS=static_build 'EXTRA_FLAGS=-buildmode pie'
'EXTRA_LDFLAGS=-extldflags "-fno-PIC -static"'
🇩 bin/ctr
/tmp/go-link-343047789/000000.o: In function
`_cgo_b0c710f30cfd_C2func_getaddrinfo':
/tmp/go-build/net/_obj/cgo-gcc-prolog:46: warning: Using 'getaddrinfo'
in statically linked applications requires at runtime the shared
libraries from the glibc version used for linking
```
The same error appears for ctr, containerd, and containerd-stress
binaries.
The fix is to use Go's own DNS resolver functions, rather than
glibc's getaddrinfo() -- this option is turned on by `netgo` build
tag.
See https://golang.org/pkg/net/ (look for "Name Resolution") for
more details.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
