mirror of
https://github.com/freeipa/ansible-freeipa.git
synced 2026-06-10 10:45:55 +00:00
4c3f4e6f7d
This adds the capabilities SYS_ADMIN and SYSLOG to the container_create call in build.sh as long as server deployment has been enabled. The privileged option has been removed as it is no longer needed. The hostnamectl-wrapper for the container has been removed as it is no longer needed.
40 lines
1.0 KiB
Plaintext
40 lines
1.0 KiB
Plaintext
FROM quay.io/centos/centos:stream10-development
|
|
ENV container=podman
|
|
|
|
RUN rm -fv /var/cache/dnf/metadata_lock.pid; \
|
|
dnf makecache; \
|
|
dnf --assumeyes install \
|
|
/usr/bin/dnf-3 \
|
|
sudo \
|
|
bash \
|
|
systemd \
|
|
procps-ng \
|
|
iproute \
|
|
hostname; \
|
|
rm -rf /var/cache/dnf/;
|
|
|
|
RUN (cd /lib/systemd/system/; \
|
|
if [ -e dbus-broker.service ] && [ ! -e dbus.service ]; then \
|
|
ln -s dbus-broker.service dbus.service; \
|
|
fi \
|
|
)
|
|
COPY system-service/container-ipa.target /lib/systemd/system/
|
|
RUN systemctl set-default container-ipa.target
|
|
RUN (cd /etc/systemd/system/; \
|
|
rm -rf multi-user.target.wants \
|
|
&& mkdir container-ipa.target.wants \
|
|
&& ln -s container-ipa.target.wants multi-user.target.wants \
|
|
)
|
|
|
|
COPY system-service/fixnet.sh /root/
|
|
COPY system-service/fixipaip.sh /root/
|
|
COPY system-service/fixnet.service /etc/systemd/system/
|
|
COPY system-service/fixipaip.service /etc/systemd/system/
|
|
RUN chmod +x /root/fixnet.sh /root/fixipaip.sh
|
|
|
|
STOPSIGNAL RTMIN+3
|
|
|
|
VOLUME ["/sys/fs/cgroup"]
|
|
|
|
CMD ["/usr/sbin/init"]
|