2022-11-08 10:54:30 +08:00
|
|
|
#! /usr/bin/env bash
|
|
|
|
|
## vim:set ts=4 sw=4 et:
|
|
|
|
|
set -e; set -o pipefail
|
|
|
|
|
argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
|
|
|
|
|
|
|
|
|
|
# run an interactive shell in the image
|
|
|
|
|
# using a rootless Podman container
|
|
|
|
|
|
2023-07-09 23:36:24 +08:00
|
|
|
image="$("$argv0dir/10-create-image.sh" --print-image)"
|
2022-11-08 10:54:30 +08:00
|
|
|
|
2023-06-07 05:16:28 +08:00
|
|
|
flags=( --read-only --rm --pull=never )
|
2022-11-08 10:54:30 +08:00
|
|
|
flags+=( --cap-drop=all ) # drop all capabilities
|
|
|
|
|
flags+=( --network=none ) # no network needed
|
2023-06-07 05:16:28 +08:00
|
|
|
flags+=( -ti -e TERM="$TERM" ) # allocate an interactive pseudo-tty and pass $TERM
|
2022-11-08 10:54:30 +08:00
|
|
|
if [[ 1 == 1 ]]; then
|
|
|
|
|
# run as user upx 2000:2000
|
|
|
|
|
flags+=( --user 2000 )
|
|
|
|
|
# map container users 0..999 to subuid-users 1..1000, and map container user 2000 to current host user
|
|
|
|
|
flags+=( --uidmap=0:1:1000 --uidmap=2000:0:1 )
|
|
|
|
|
# map container groups 0..999 to subgid-groups 1..1000, and map container group 2000 to current host group
|
|
|
|
|
flags+=( --gidmap=0:1:1000 --gidmap=2000:0:1 )
|
|
|
|
|
# NOTE: we mount the upx top-level directory read-write under /home/upx/src/upx
|
|
|
|
|
# INFO: SELinux users *may* have to add ":z" to the volume mount flags; check the docs!
|
2023-07-22 06:19:11 +08:00
|
|
|
flags+=( -v "${argv0dir}/../../..:/home/upx/src/upx" )
|
2022-11-08 10:54:30 +08:00
|
|
|
flags+=( -w /home/upx/src/upx ) # set working directory
|
2023-06-30 07:20:48 +08:00
|
|
|
flags+=( --tmpfs /home/upx/.cache:rw,exec ) # mount a writeable tmpfs
|
|
|
|
|
flags+=( --tmpfs /home/upx/.local:rw,exec ) # mount a writeable tmpfs
|
2022-11-08 10:54:30 +08:00
|
|
|
else
|
|
|
|
|
# run as user root 0:0
|
|
|
|
|
# ONLY FOR DEBUGGING THE IMAGE
|
|
|
|
|
# map container user/group 0 to current host user/group
|
|
|
|
|
flags+=( --user 0 )
|
|
|
|
|
fi
|
|
|
|
|
|
2023-07-20 02:12:20 +08:00
|
|
|
if [[ $# == 0 ]]; then
|
|
|
|
|
podman run "${flags[@]}" "$image" bash -l
|
|
|
|
|
else
|
|
|
|
|
podman run "${flags[@]}" "$image" "$@"
|
|
|
|
|
fi
|
2022-11-08 10:54:30 +08:00
|
|
|
|
|
|
|
|
# now we can cross-compile UPX for Windows:
|
|
|
|
|
# cd /home/upx/src/upx
|
2023-01-05 07:57:01 +08:00
|
|
|
# rm -rf ./build/extra/cross-windows-mingw64/release
|
|
|
|
|
# make build/extra/cross-windows-mingw64/release
|
2022-11-08 10:54:30 +08:00
|
|
|
|
2023-01-20 02:17:26 +08:00
|
|
|
# and we can run the clang Static Analyzer (scan-build)
|
|
|
|
|
# cd /home/upx/src/upx
|
|
|
|
|
# rm -rf ./build/extra/scan-build/release
|
|
|
|
|
# make build/extra/scan-build/release
|
|
|
|
|
|
|
|
|
|
# and lots of other cross-compilers are installed; see "ls /usr/bin/*g++*"
|
2023-01-06 08:48:32 +08:00
|
|
|
|
2023-02-06 00:20:32 +08:00
|
|
|
# and finally see
|
2023-07-22 06:19:11 +08:00
|
|
|
# ./misc/podman/cross-compile-upx-ubuntu/build-all-inside-container.sh
|
2023-01-20 02:17:26 +08:00
|
|
|
# after running that script we can do cool things like:
|
2023-07-22 06:19:11 +08:00
|
|
|
# cd /home/upx/src/upx/build/cross-compile-upx-ubuntu2204/alpha-linux-gnu/debug
|
2023-02-06 00:20:32 +08:00
|
|
|
# qemu-alpha -L /usr/alpha-linux-gnu ./upx --version
|
2023-07-22 06:19:11 +08:00
|
|
|
# cd /home/upx/src/upx/build/cross-compile-upx-ubuntu2204/hppa-linux-gnu/debug
|
2023-02-06 00:20:32 +08:00
|
|
|
# qemu-hppa -L /usr/hppa-linux-gnu ./upx --version
|
2023-01-20 02:17:26 +08:00
|
|
|
# (similar for many other architectures/builds)
|
