From 27ae7a1eaa24c63c85bd93da28b40842c94b77cb Mon Sep 17 00:00:00 2001 From: Joseph Ferguson Date: Fri, 5 Jan 2024 10:59:59 -0800 Subject: [PATCH 1/2] install gosu from github to fix crash on mips64le The `mips64le` `gosu` binary from Debian bookworm packages fails to run with this error: fatal error: AllThreadsSyscall6 results differ between threads; runtime corrupted --- 5.0/bookworm/Dockerfile | 32 ++++++++++++++++++++++++++++++-- 5.1/bookworm/Dockerfile | 32 ++++++++++++++++++++++++++++++-- Dockerfile-debian.template | 32 ++++++++++++++++++++++++++++++-- 3 files changed, 90 insertions(+), 6 deletions(-) diff --git a/5.0/bookworm/Dockerfile b/5.0/bookworm/Dockerfile index 92aeef1..162fdd1 100644 --- a/5.0/bookworm/Dockerfile +++ b/5.0/bookworm/Dockerfile @@ -28,8 +28,6 @@ RUN set -eux; \ ghostscript \ gsfonts \ imagemagick \ -# grab gosu for easy step-down from root - gosu \ # grab tini for signal processing and zombie killing tini \ ; \ @@ -37,6 +35,36 @@ RUN set -eux; \ sed -ri 's/(rights)="none" (pattern="PDF")/\1="read" \2/' /etc/ImageMagick-6/policy.xml; \ rm -rf /var/lib/apt/lists/* +# grab gosu for easy step-down from root +ENV GOSU_VERSION 1.17 +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + gnupg \ + ; \ + rm -rf /var/lib/apt/lists/*; \ + \ + dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \ + wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \ + wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \ + gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \ + \ + apt-mark auto '.*' > /dev/null; \ + apt-mark manual $savedAptMark > /dev/null; \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + \ +# smoke test + chmod +x /usr/local/bin/gosu; \ + gosu --version; \ + gosu nobody true + + ENV RAILS_ENV production WORKDIR /usr/src/redmine diff --git a/5.1/bookworm/Dockerfile b/5.1/bookworm/Dockerfile index 6805df6..0db2b7a 100644 --- a/5.1/bookworm/Dockerfile +++ b/5.1/bookworm/Dockerfile @@ -28,8 +28,6 @@ RUN set -eux; \ ghostscript \ gsfonts \ imagemagick \ -# grab gosu for easy step-down from root - gosu \ # grab tini for signal processing and zombie killing tini \ ; \ @@ -37,6 +35,36 @@ RUN set -eux; \ sed -ri 's/(rights)="none" (pattern="PDF")/\1="read" \2/' /etc/ImageMagick-6/policy.xml; \ rm -rf /var/lib/apt/lists/* +# grab gosu for easy step-down from root +ENV GOSU_VERSION 1.17 +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + gnupg \ + ; \ + rm -rf /var/lib/apt/lists/*; \ + \ + dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \ + wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \ + wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \ + gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \ + \ + apt-mark auto '.*' > /dev/null; \ + apt-mark manual $savedAptMark > /dev/null; \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + \ +# smoke test + chmod +x /usr/local/bin/gosu; \ + gosu --version; \ + gosu nobody true + + ENV RAILS_ENV production WORKDIR /usr/src/redmine diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template index cf2bd47..6e466c8 100644 --- a/Dockerfile-debian.template +++ b/Dockerfile-debian.template @@ -22,8 +22,6 @@ RUN set -eux; \ ghostscript \ gsfonts \ imagemagick \ -# grab gosu for easy step-down from root - gosu \ # grab tini for signal processing and zombie killing tini \ ; \ @@ -31,6 +29,36 @@ RUN set -eux; \ sed -ri 's/(rights)="none" (pattern="PDF")/\1="read" \2/' /etc/ImageMagick-6/policy.xml; \ rm -rf /var/lib/apt/lists/* +# grab gosu for easy step-down from root +ENV GOSU_VERSION 1.17 +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + gnupg \ + ; \ + rm -rf /var/lib/apt/lists/*; \ + \ + dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \ + wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \ + wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \ + gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \ + \ + apt-mark auto '.*' > /dev/null; \ + apt-mark manual $savedAptMark > /dev/null; \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + \ +# smoke test + chmod +x /usr/local/bin/gosu; \ + gosu --version; \ + gosu nobody true + + ENV RAILS_ENV production WORKDIR /usr/src/redmine From 9f8737bd02cab294935e8ef8521ae51bfad9aee8 Mon Sep 17 00:00:00 2001 From: Joseph Ferguson Date: Fri, 5 Jan 2024 11:02:57 -0800 Subject: [PATCH 2/2] fix nokogiri install on mips64le by using system libraries instead of gem-provided ones --- 5.0/bookworm/Dockerfile | 4 ++++ 5.1/bookworm/Dockerfile | 4 ++++ Dockerfile-debian.template | 4 ++++ 3 files changed, 12 insertions(+) diff --git a/5.0/bookworm/Dockerfile b/5.0/bookworm/Dockerfile index 162fdd1..61d882e 100644 --- a/5.0/bookworm/Dockerfile +++ b/5.0/bookworm/Dockerfile @@ -105,6 +105,8 @@ RUN set -eux; \ gcc \ libpq-dev \ libsqlite3-dev \ + libxml2-dev \ + libxslt-dev \ make \ patch \ pkgconf \ @@ -124,6 +126,8 @@ RUN set -eux; \ echo "$adapter:" >> ./config/database.yml; \ echo " adapter: $adapter" >> ./config/database.yml; \ done; \ +# nokogiri's vendored libxml2 + libxslt do not build on mips64le, so use the apt packages when building + gosu redmine bundle config build.nokogiri --use-system-libraries; \ gosu redmine bundle install --jobs "$(nproc)"; \ rm ./config/database.yml; \ # fix permissions for running as an arbitrary user diff --git a/5.1/bookworm/Dockerfile b/5.1/bookworm/Dockerfile index 0db2b7a..539e958 100644 --- a/5.1/bookworm/Dockerfile +++ b/5.1/bookworm/Dockerfile @@ -105,6 +105,8 @@ RUN set -eux; \ gcc \ libpq-dev \ libsqlite3-dev \ + libxml2-dev \ + libxslt-dev \ make \ patch \ pkgconf \ @@ -124,6 +126,8 @@ RUN set -eux; \ echo "$adapter:" >> ./config/database.yml; \ echo " adapter: $adapter" >> ./config/database.yml; \ done; \ +# nokogiri's vendored libxml2 + libxslt do not build on mips64le, so use the apt packages when building + gosu redmine bundle config build.nokogiri --use-system-libraries; \ gosu redmine bundle install --jobs "$(nproc)"; \ rm ./config/database.yml; \ # fix permissions for running as an arbitrary user diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template index 6e466c8..234c83c 100644 --- a/Dockerfile-debian.template +++ b/Dockerfile-debian.template @@ -99,6 +99,8 @@ RUN set -eux; \ gcc \ libpq-dev \ libsqlite3-dev \ + libxml2-dev \ + libxslt-dev \ make \ patch \ pkgconf \ @@ -118,6 +120,8 @@ RUN set -eux; \ echo "$adapter:" >> ./config/database.yml; \ echo " adapter: $adapter" >> ./config/database.yml; \ done; \ +# nokogiri's vendored libxml2 + libxslt do not build on mips64le, so use the apt packages when building + gosu redmine bundle config build.nokogiri --use-system-libraries; \ gosu redmine bundle install --jobs "$(nproc)"; \ rm ./config/database.yml; \ # fix permissions for running as an arbitrary user