misc: add misc/cross-compile-upx-with-podman

2022-11-08 03:54:30 +01:00 · 2022-11-08 03:54:30 +01:00 · 82a6ccac4d
parent 2d74298001
commit 82a6ccac4d
4 changed files with 108 additions and 4 deletions
--- a/misc/cross-compile-upx-with-podman/10-create-image.sh
+++ b/misc/cross-compile-upx-with-podman/10-create-image.sh
@ -0,0 +1,17 @@
+#! /usr/bin/env bash
+## vim:set ts=4 sw=4 et:
+set -e; set -o pipefail
+argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
+
+# create the image from Dockerfile
+# using a rootless Podman container
+
+# NOTE: this image is based on rebuild-stubs-with-upx/upx-stubtools-20210104-vX,
+#   so you have to create that image first
+# WARNING: we install many packages, so the resulting image needs A LOT of disk space!
+image=upx-cross-compile-20221108-v7
+
+podman build -t "$image" -f "$argv0dir/Dockerfile" "$argv0dir"
+
+podman image list "$image"
+podman image tree "$image"
--- a/misc/cross-compile-upx-with-podman/20-image-run-shell.sh
+++ b/misc/cross-compile-upx-with-podman/20-image-run-shell.sh
@ -0,0 +1,40 @@
+#! /usr/bin/env bash
+## vim:set ts=4 sw=4 et:
+set -e; set -o pipefail
+argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
+
+# run an interactive shell in the image
+# using a rootless Podman container
+
+image=upx-cross-compile-20221108-v7
+
+flags=( -ti --read-only --rm )
+flags+=( --cap-drop=all )               # drop all capabilities
+flags+=( --network=none )               # no network needed
+flags+=( -e TERM="$TERM" )              # pass $TERM
+if [[ 1 == 1 ]]; then
+    # run as user upx 2000:2000
+    flags+=( --user 2000 )
+    # map container users 0..999 to subuid-users 1..1000, and map container user 2000 to current host user
+    flags+=( --uidmap=0:1:1000 --uidmap=2000:0:1 )
+    # map container groups 0..999 to subgid-groups 1..1000, and map container group 2000 to current host group
+    flags+=( --gidmap=0:1:1000 --gidmap=2000:0:1 )
+    # NOTE: we mount the upx top-level directory read-write under /home/upx/src/upx
+    # INFO: SELinux users *may* have to add ":z" to the volume mount flags; check the docs!
+    flags+=( -v "${argv0dir}/../..:/home/upx/src/upx" )
+    flags+=( -w /home/upx/src/upx )     # set working directory
+else
+    # run as user root 0:0
+    # ONLY FOR DEBUGGING THE IMAGE
+    # map container user/group 0 to current host user/group
+    flags+=( --user 0 )
+fi
+
+podman run "${flags[@]}" "$image" bash -l
+
+# now we can cross-compile UPX for Windows:
+#   cd /home/upx/src/upx
+#   rm -rf ./build/release-cross-mingw64
+#   make build/release-cross-mingw64
+
+# lots of other cross-compilers are installed; see "ls /usr/bin/*g++*"
--- a/misc/cross-compile-upx-with-podman/Dockerfile
+++ b/misc/cross-compile-upx-with-podman/Dockerfile
@ -0,0 +1,47 @@
+# NOTE: this image is based on rebuild-stubs-with-upx/upx-stubtools-20210104-vX,
+#   so you have to create that image first
+# WARNING: we install many packages, so the resulting image needs A LOT of disk space!
+FROM localhost/upx-stubtools-20210104-v7
+ARG DEBIAN_FRONTEND=noninteractive
+
+USER root
+
+# Ubuntu 22.04
+RUN apt-get update && apt-get upgrade -y \
+    && apt-get install -y \
+        # Linux cross compilers
+        g++-aarch64-linux-gnu \
+        g++-alpha-linux-gnu \
+        g++-arm-linux-gnueabi \
+        g++-arm-linux-gnueabihf \
+        g++-hppa-linux-gnu \
+        g++-i686-linux-gnu \
+        g++-m68k-linux-gnu \
+        g++-mips-linux-gnu \
+        g++-mipsel-linux-gnu \
+        g++-mips64-linux-gnuabi64 \
+        g++-mips64el-linux-gnuabi64 \
+        g++-powerpc-linux-gnu \
+        g++-powerpc64-linux-gnu \
+        g++-powerpc64le-linux-gnu \
+        g++-riscv64-linux-gnu \
+        g++-s390x-linux-gnu \
+        g++-sh4-linux-gnu \
+        g++-sparc64-linux-gnu \
+        # Linux cross compilers - ILP32 on 64-bit CPUs
+        g++-x86-64-linux-gnux32 \
+        # Windows cross compilers
+        g++-mingw-w64-i686 \
+        g++-mingw-w64-x86-64 \
+    && true
+RUN apt-get install -y \
+        # clang-14 and tools
+        clang-14 clang-format-14 clang-tidy-14 clang-tools-14 lldb-14 llvm-14 \
+        # QEMU and Wine
+        qemu-system qemu-user wine wine32 \
+        # misc
+        gdb lsb-release valgrind \
+    && true
+
+# switch back to default user upx 2000:2000
+USER upx
--- a/misc/rebuild-stubs-with-podman/20-image-run-shell.sh
+++ b/misc/rebuild-stubs-with-podman/20-image-run-shell.sh
@ -15,10 +15,10 @@ flags+=( -e TERM="$TERM" )              # pass $TERM
 if [[ 1 == 1 ]]; then
    # run as user upx 2000:2000
    flags+=( --user 2000 )
-    # map container user 0 to subuid-user 1, and map container user 2000 to current host user
-    flags+=( --uidmap=0:1:1 --uidmap=2000:0:1 )
-    # map container group 0 to subgid-group 1, and map container group 2000 to current host group
-    flags+=( --gidmap=0:1:1 --gidmap=2000:0:1 )
+    # map container users 0..999 to subuid-users 1..1000, and map container user 2000 to current host user
+    flags+=( --uidmap=0:1:1000 --uidmap=2000:0:1 )
+    # map container groups 0..999 to subgid-groups 1..1000, and map container group 2000 to current host group
+    flags+=( --gidmap=0:1:1000 --gidmap=2000:0:1 )
    # NOTE: we mount the upx top-level directory read-write under /home/upx/src/upx
    # INFO: SELinux users *may* have to add ":z" to the volume mount flags; check the docs!
    flags+=( -v "${argv0dir}/../..:/home/upx/src/upx" )