[clug] init.d for chroot

Michael Ellerman michael at ellerman.id.au
Fri Jul 14 11:50:34 UTC 2017


Bob Edwards via linux <linux at lists.samba.org> writes:

> On 14/07/17 14:45, Mike Carden via linux wrote:
>> While you're thinking about chroots and containers etc, I suggest having a
>> quick read of Jessie Frazelle's blog. She writes very well on the topic:
>> https://blog.jessfraz.com/
>>
>
> Looks cool. She does write well, but aimed well above my head.
>
> Looking at:
> https://blog.jessfraz.com/post/docker-containers-on-the-desktop/
> can anyone suggest how I can follow her lead on running lynx inside
> a Docker container (point 4. Lynx)?
>
> So far:
>   sudo apt-get install docker.io
> ('cause the Debian "docker" package is not docker...)
> futz around to get a shell with me in the docker group...
>
>   docker run -it --name lynx bob/lynx
> (changed jess/lynx to bob/lynx - no idea what this is about).

The jess/lynx is the name of the image. Think of it like a tarball of
the root filesystem + metadata.

To create a container you use docker run and give it the name of the
image.

> gives me:
> Unable to find image 'bob/lynx:latest' locally
> Pulling repository bob/lynx
> FATA[0003] Error: image bob/lynx:latest not found

You need to have a bob/lynx image to run. You didn't, so it tried to
pull it (download it) from docker hub (website with lots of images on
it).

> Looked at the link "Dockerfile" - not sure what to do with this
> file...

The Dockerfile is meant to be analagous to a Makefile, but it builds a
docker image not a software package. They're actually quite different in
detail though.

If you look at her Dockerfile:

  FROM debian:stretch

That says "start with a root filesystem that has debian stretch on it".

  LABEL maintainer "Jessie Frazelle <jess at linux.com>"
 
That just gives the image a maintainer, you can drop it or change it to you.

  RUN apt-get update && apt-get install -y \
  	lynx \
  	--no-install-recommends \
  	&& rm -rf /var/lib/apt/lists/*
  
This is a bit gross because of some of the details of how docker works,
but the key thing is that it RUNs a command. It starts by doing an
apt-get update, because the debian root filesystem you start from has
no/out-of-date package lists. Then it just apt-get installs lynx, and
finally it deletes the apt lists because you don't want to carry them
around in your image for ever.

  ENTRYPOINT [ "lynx" ]

That just says "when someone docker runs this image, run lynx".


To actually build the image you want to:

  $ mkdir whatever
  $ cd whatever
  $ wget https://raw.githubusercontent.com/jessfraz/dockerfiles/master/lynx/Dockerfile
  $ docker build -t bob/lynx .

Output will be ~=:

Sending build context to Docker daemon  2.048kB
Step 1/4 : FROM debian:stretch
stretch: Pulling from library/debian
c75480ad9aaf: Pull complete 
Digest: sha256:7d067f77d2ae5a23fe6920f8fbc2936c4b0d417e9d01b26372561860750815f0
Status: Downloaded newer image for debian:stretch
 ---> a2ff708b7413
Step 2/4 : LABEL maintainer "Jessie Frazelle <jess at linux.com>"
 ---> Running in aeeb879cb468
 ---> 2a0a34fa5c4a
Removing intermediate container aeeb879cb468
Step 3/4 : RUN apt-get update && apt-get install -y 	lynx 	--no-install-recommends 	&& rm -rf /var/lib/apt/lists/*
 ---> Running in 8766b0977ac7
Get:1 http://security.debian.org stretch/updates InRelease [62.9 kB]
Ign:2 http://deb.debian.org/debian stretch InRelease
Get:3 http://deb.debian.org/debian stretch-updates InRelease [88.5 kB]
Get:4 http://security.debian.org stretch/updates/main amd64 Packages [76.6 kB]
Get:5 http://deb.debian.org/debian stretch Release [113 kB]
Get:6 http://deb.debian.org/debian stretch Release.gpg [3108 B]
Get:7 http://deb.debian.org/debian stretch/main amd64 Packages [9497 kB]
Fetched 9841 kB in 5s (1708 kB/s)
Reading package lists...
Reading package lists...
Building dependency tree...
Reading state information...
The following additional packages will be installed:
  libbsd0 libffi6 libgmp10 libgnutls30 libhogweed4 libidn11 libnettle6
  libp11-kit0 libtasn1-6 lynx-common
Suggested packages:
  gnutls-bin
Recommended packages:
  mime-support
The following NEW packages will be installed:
  libbsd0 libffi6 libgmp10 libgnutls30 libhogweed4 libidn11 libnettle6
  libp11-kit0 libtasn1-6 lynx lynx-common
0 upgraded, 11 newly installed, 0 to remove and 1 not upgraded.
Need to get 3585 kB of archives.
After this operation, 10.4 MB of additional disk space will be used.
Get:1 http://deb.debian.org/debian stretch/main amd64 libgmp10 amd64 2:6.1.2+dfsg-1 [253 kB]
<snip>
Get:11 http://deb.debian.org/debian stretch/main amd64 lynx amd64 2.8.9dev11-1 [632 kB]
debconf: delaying package configuration, since apt-utils is not installed
Fetched 3585 kB in 1s (2346 kB/s)
Selecting previously unselected package libgmp10:amd64.
(Reading database ... 6491 files and directories currently installed.)
Preparing to unpack .../00-libgmp10_2%3a6.1.2+dfsg-1_amd64.deb ...
<snip>
Setting up lynx (2.8.9dev11-1) ...
update-alternatives: using /usr/bin/lynx to provide /usr/bin/www-browser (www-browser) in auto mode
Processing triggers for libc-bin (2.24-11+deb9u1) ...
 ---> 4de94b48575c
Removing intermediate container 8766b0977ac7
Step 4/4 : ENTRYPOINT lynx
 ---> Running in 526873907d34
 ---> 8f5ad0738bd7
Removing intermediate container 526873907d34
Successfully built 8f5ad0738bd7
Successfully tagged bob/lynx:latest


Then:

$ docker images
REPOSITORY           TAG                 IMAGE ID            CREATED              SIZE
bob/lynx             latest              8f5ad0738bd7        About a minute ago   110MB

The ID will be different.

And then you can do:

$ docker run -it --name lynx bob/lynx

Once you quit out of lynx you can do:

$ docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                      PORTS               NAMES
b9544063b465        bob/lynx            "lynx"              31 seconds ago      Exited (0) 26 seconds ago                       lynx

You can run that container again with:

$ docker start -ia b9544063b465

Or delete it with:

$ docker rm b9544063b465

If you want to have a look around inside the image do:

$ docker run -it --entrypoint=/bin/sh bob/lynx
# cat /etc/issue
Debian GNU/Linux 9 \n \l
# id
uid=0(root) gid=0(root) groups=0(root)

etc.

cheers



More information about the linux mailing list