diff --git a/README.md b/README.md index c8942f6..4584ef0 100644 --- a/README.md +++ b/README.md @@ -42,7 +42,7 @@ Build the following Dockerfile and try it out: ``` # Use your favorite image FROM ubuntu -ARG S6_OVERLAY_VERSION=3.1.5.0 +ARG S6_OVERLAY_VERSION=3.1.6.0 RUN apt-get update && apt-get install -y nginx xz-utils RUN echo "daemon off;" >> /etc/nginx/nginx.conf @@ -956,7 +956,7 @@ RUN cd /tmp && sha256sum -c *.sha256 ### `USER` directive -As of version 3.1.5.0, s6-overlay has limited support for running as a user other than `root`: +As of version 3.1.6.0, s6-overlay has limited support for running as a user other than `root`: * Tools like `fix-attrs` and `logutil-service` are unlikely to work (they rely on being able to change UIDs). @@ -969,6 +969,26 @@ services, or daemons that expect a real system with complete Unix infrastructure then USER is probably not a good idea and you would benefit more from using privilege separation between services in your container. +### Terminal support + +Generally speaking, you *should not* run your containers with `docker run -it`. +It is bad practice to have console access to your containers. That said, if your +CMD is interactive and needs a terminal, s6-overlay will try to support it whenever +possible, but the nature of terminals makes it difficult to ensure that everything +works perfectly in all cases. + +In particular, if you are stacking virtualization environments and other layers +already have their own kludges for terminals - for instance, if you are running +s6-overlay under qemu - then it is almost guaranteed that `docker run -it` will +not work. However, once the container is running, you should always be able to +access an interactive shell inside it via `docker exec -it containername /bin/sh`. + +The same caveats apply to stopping containers with ^C. Normally containers are +stopped via `docker stop`, or when the CMD exits; ^C is not an officially supported +method of stopping them. s6-overlay *tries* to exit cleanly on ^C, whether the +container is running with `-it` or not, but there will be cases where it is +unfortunately impossible. + ## Releases diff --git a/conf/defaults.mk b/conf/defaults.mk index aecf0b3..c33b676 100644 --- a/conf/defaults.mk +++ b/conf/defaults.mk @@ -1,9 +1,9 @@ # This file normally shouldn't be changed; the values can be # overridden by invoking make with arguments. -# e.g.: make SHEBANGDIR=/usr/bin VERSION=3.1.4.0 +# e.g.: make SHEBANGDIR=/usr/bin VERSION=3.1.6.0 # The version of the software being built. -VERSION := 3.1.5.0 +VERSION := 3.1.6.0 # Where stuff is going to be built. Change for out-of-tree builds. OUTPUT := output @@ -21,7 +21,7 @@ TOOLCHAIN_PATH := # When fetching one from the web, what version we want. # Only a few versions are available, don't change blindly. -TOOLCHAIN_VERSION := 13.1.0 +TOOLCHAIN_VERSION := 13.2.0 # For fetching toolchains: the download command. # Change to curl -O if you don't have wget. diff --git a/conf/versions b/conf/versions index b81b09d..bed8105 100644 --- a/conf/versions +++ b/conf/versions @@ -3,35 +3,35 @@ # These version numbers are either git commit hashes or git tags. # Try to keep to the latest commits. -BEARSSL_VERSION=46f7dddce75227f2e40ab94d66ceb9f19ee6b1b0 +BEARSSL_VERSION=79c060eea3eea1257797f15ea1608a9a9923aa6f # BEARSSL_VERSION=v0.6 -# SKALIBS_VERSION=68b3e92df39db7d496ef91054318d5d9facdfd9d -SKALIBS_VERSION=v2.13.1.1 +# SKALIBS_VERSION=50da02706335d2f7a45a97ba3b6bdbe223e214a8 +SKALIBS_VERSION=v2.14.0.0 -# EXECLINE_VERSION=4676457df2c8a73b4f589a66315b9b137ee89202 -EXECLINE_VERSION=v2.9.3.0 +# EXECLINE_VERSION=813a7ae859c0563f87c2afef79d346b853c20e36 +EXECLINE_VERSION=v2.9.4.0 -# S6_VERSION=b4070f01c00a07d4f2df6a3ff85eb6f2b1386b84 -S6_VERSION=v2.11.3.2 +# S6_VERSION=0c3cf16e675a65a15b9167c45179cf5c66b826e7 +S6_VERSION=v2.12.0.0 -# S6_RC_VERSION=58f93f6c710cc88acfa721a45efc1f64dfc557df -S6_RC_VERSION=v0.5.4.1 +# S6_RC_VERSION=940e4bb20f7927a54c9ee92bcea1c54f8b60666d +S6_RC_VERSION=v0.5.4.2 -# S6_LINUX_INIT_VERSION=3be1f17208a1e3d48c1c0607bff50402bc45ceb3 -S6_LINUX_INIT_VERSION=v1.1.1.1 +# S6_LINUX_INIT_VERSION=421ff132dee36124fd6fe4eaaffe3576179c3812 +S6_LINUX_INIT_VERSION=v1.1.2.0 -# S6_PORTABLE_UTILS_VERSION=a80a1304ff86b8cf493265696d517aea2cf7a703 -S6_PORTABLE_UTILS_VERSION=v2.3.0.2 +# S6_PORTABLE_UTILS_VERSION=aed143be3f5deace8e7b57ed48151fc17265cd9b +S6_PORTABLE_UTILS_VERSION=v2.3.0.3 -# S6_LINUX_UTILS_VERSION=d983a8fe0a8efce4fbbf5fc53fc64e796b794fcb -S6_LINUX_UTILS_VERSION=v2.6.1.2 +# S6_LINUX_UTILS_VERSION=d492e79229d1f5f96c5c618cbd5504ffb32e2d72 +S6_LINUX_UTILS_VERSION=v2.6.2.0 -# S6_DNS_VERSION=132f199d2e5561b5f9337201c2d991b513894c60 -S6_DNS_VERSION=v2.3.5.5 +# S6_DNS_VERSION=2ac33222d297ad53bfdc15aa10563cf2c7eea042 +S6_DNS_VERSION=v2.3.6.0 -# S6_NETWORKING_VERSION=e4a928d539281bb85305d4b23aef6c270f63f9fa -S6_NETWORKING_VERSION=v2.5.1.3 +# S6_NETWORKING_VERSION=6342cffb3485d64340563b9e86d54a667b7148ce +S6_NETWORKING_VERSION=v2.6.0.0 -# S6_OVERLAY_HELPERS_VERSION=ec2ca4c650928a64de31dbbe589e0be0e452c992 -S6_OVERLAY_HELPERS_VERSION=v0.1.0.1 +# S6_OVERLAY_HELPERS_VERSION=b23f96cbfabf23f686f71de826a482c272dd3645 +S6_OVERLAY_HELPERS_VERSION=v0.1.0.2 diff --git a/mk/skaware.mk b/mk/skaware.mk index 56df580..887f653 100644 --- a/mk/skaware.mk +++ b/mk/skaware.mk @@ -23,24 +23,24 @@ S6_NETWORKING_CATEGORY := net S6_OVERLAY_HELPERS_CATEGORY := admin SKALIBS_TOKEN := libskarnet.a.xyzzy -EXECLINE_TOKEN := execlineb +EXECLINE_TOKEN := execline S6_TOKEN := s6-supervise S6_RC_TOKEN := s6-rc S6_LINUX_INIT_TOKEN := s6-linux-init-maker -S6_PORTABLE_UTILS_TOKEN := s6-test -S6_LINUX_UTILS_TOKEN := s6-ps +S6_PORTABLE_UTILS_TOKEN := s6-portable-utils +S6_LINUX_UTILS_TOKEN := s6-linux-utils S6_DNS_TOKEN := s6-dnsip4 S6_NETWORKING_TOKEN := s6-tlsd-io S6_OVERLAY_HELPERS_TOKEN := s6-overlay-suexec SKAWARE_OPTIONS := --enable-slashpackage --enable-static-libc --disable-shared -SKALIBS_OPTIONS := --with-default-path=/command:/usr/bin:/bin --with-sysdep-devurandom=yes --with-sysdep-grndinsecure=no +SKALIBS_OPTIONS := --with-default-path=/command:/usr/bin:/bin --with-sysdep-devurandom=yes --with-sysdep-grndinsecure=no --with-sysdep-posixspawnearlyreturn=no EXECLINE_OPTIONS := --disable-pedantic-posix --enable-multicall S6_OPTIONS := S6_RC_OPTIONS := S6_LINUX_INIT_OPTIONS := -S6_PORTABLE_UTILS_OPTIONS := -S6_LINUX_UTILS_OPTIONS := +S6_PORTABLE_UTILS_OPTIONS := --enable-multicall +S6_LINUX_UTILS_OPTIONS := --enable-multicall S6_DNS_OPTIONS := S6_NETWORKING_OPTIONS := --enable-ssl=bearssl --with-ssl-path=$(OUTPUT)/staging-$(ARCH) S6_OVERLAY_HELPERS_OPTIONS :=