Skip to content

linux32 emulation fails in docker build (v1.10+) #20634

New issue
New issue
Closed
Closed
linux32 emulation fails in docker build (v1.10+)#20634
Labels
area/security/seccomppriority/P3Best effort: those are nice to have / minor issues.
Milestone
1.10.3
@injectives

Description

@injectives
injectives
opened on Feb 23, 2016

Hello everyone.

Starting from Docker v1.10 my build has stopped building the right image, it installs the wrong packages.
The problem is that I need to install some 32bit packages and I am using RUN linux32 yum install..... in my Dockerfile.
On Docker v1.9.1 linux32 arch command returns i686 and yum installation works fine.
But staring from Docker v1.10 linux32 arch returns x86_64.
There are also 32bit images on the Hub that use linux32 as an Entrypoint, as I understand they won't work as well.

Output of docker version:

Client:
Version: 1.9.1
API version: 1.21
Go version: go1.4.3
Git commit: a34a1d5
Built: Fri Nov 20 17:56:04 UTC 2015
OS/Arch: darwin/amd64

Server:
Version: 1.10.2
API version: 1.22
Go version: go1.5.3
Git commit: c3959b1
Built: 2016-02-22T22:37:33.778002647+00:00
OS/Arch: linux/amd64

Output of docker info:

Containers: 0
Images: 1
Server Version: 1.10.2
Storage Driver: aufs
Root Dir: /mnt/sda1/var/lib/docker/aufs
Backing Filesystem: extfs
Dirs: 4
Dirperm1 Supported: true
Execution Driver: native-0.2
Logging Driver: json-file
Kernel Version: 4.1.18-boot2docker
Operating System: Boot2Docker 1.10.2 (TCL 6.4.1); master : 611be10 - Mon Feb 22 22:47:06 UTC 2016
CPUs: 1
Total Memory: 996.1 MiB
Name: default
ID: KEC5:K5P7:VKR7:YBLP:YS2L:NLTY:2PII:GKHH:RRCQ:JBSZ:QOJM:HNX6
Debug mode (server): true
File Descriptors: 14
Goroutines: 22
System Time: 2016-02-23T23:24:08.889412265Z

Steps to reproduce:

  1. Create Docker Machine from Boot2Docker version 1.10.2 (Docker version 1.10.2)
  2. docker run --rm -ti centos bash
  3. linux32 arch

Expected: i686
Actual: x86_64

It is possible to make it work by using docker run option --security-opt=seccomp:unconfined or --privileged. BUT none of those is available for the docker build command.

On the Boot2Docker version 1.9.1 (Docker version 1.9.1), the build works fine.

I believe it might be related to the default seccomp profile, that was introduced in v1.10.
Would it be possible to use a custom profile for the build command or turn the feature off without recompiling the kernel configuration? There can be other cases when the installation requires some additional features and it would help to have the opportunity to override the default profile for the build command.

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/security/seccomppriority/P3Best effort: those are nice to have / minor issues.

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions