Adding upstream version 1.9.15p5.upstream/1.9.15p5upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

8 files changed, 111 insertions, 0 deletions

diff --git a/docker/README b/docker/README
new file mode 100644
index 0000000..679446b
--- /dev/null
+++ b/docker/README
@@ -0,0 +1,45 @@
+Container images are stored in https://hub.docker.com/repositories as
+user sudoproject.  Build images are named based on the distro and use
+the tag to differentiate between different versions and architectures.
+There should always be a "latest" tag (or manifest).
+
+When creating a new Dockerfile, use one of the Debian or Fedora files
+as a template.  The examples below use podman rather than docker but it
+should be possible to them interchangeably.
+
+To build Debian containers for both amd64 and i386 (others only have amd64):
+
+    podman build --arch amd64 --pull -t sudoproject/debian:latest.amd64 \
+	docker/debian/latest
+    podman build --arch 386 --pull -t sudoproject/debian:latest.i386 \
+	docker/debian/latest
+
+Then push it to dockerhub (may need to run "podman login" first):
+    podman push sudoproject/debian:latest.amd64
+    podman push sudoproject/debian:latest.i386
+
+Multi-arch containers are supported by creating a manifest, e.g.:
+    podman manifest create sudoproject/debian:latest
+    podman manifest add sudoproject/debian:latest \
+	sudoproject/debian:latest.amd64
+    podman manifest add sudoproject/debian:latest \
+	sudoproject/debian:latest.i386
+
+Finally push the manifest to dockerhub:
+    podman push sudoproject/debian:latest
+
+When building bleeding edge images it is possible that the seccomp
+filter will be out of date with respect to system calls.  It may
+be necessary to pass podman the --security-opt=seccomp=unconfined
+option in this case.
+
+Note that memory sanitizer uses ptrace which is not allowed for
+non-root containers by default.  This will cause a failure when
+running the tests if sudo is configured with --enable-sanitizer.
+The simplest solution is to run the container with the SYS_PTRACE
+capability.  E.g.
+    podman run -it --cap-add SYS_PTRACE ...
+
+Alternately, disable leak sanitizer by setting
+    ASAN_OPTIONS=detect_leaks=0
+in the environment of the container doing "make check".
diff --git a/docker/debian/latest/Dockerfile b/docker/debian/latest/Dockerfile
new file mode 100644
index 0000000..6621cec
--- /dev/null
+++ b/docker/debian/latest/Dockerfile
@@ -0,0 +1,10 @@
+FROM docker.io/library/debian:latest
+
+RUN DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get update && \
+    DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get install -y \
+	build-essential curl dpkg-dev ed fakeroot file git libapparmor-dev \
+	libaudit-dev libkrb5-dev libldap2-dev libpam0g-dev libpython3-dev \
+	libsasl2-dev libselinux1-dev libsepol-dev libssl-dev libwolfssl-dev \
+	lsb-release ncurses-term openssh-client pkg-config procps python3-dev \
+	ssh zlib1g-dev
+RUN useradd -ms /bin/bash build
diff --git a/docker/debian/testing/Dockerfile b/docker/debian/testing/Dockerfile
new file mode 100644
index 0000000..83f0e4a
--- /dev/null
+++ b/docker/debian/testing/Dockerfile
@@ -0,0 +1,10 @@
+FROM docker.io/library/debian:testing
+
+RUN DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get update && \
+    DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get install -y \
+	build-essential curl dpkg-dev ed fakeroot file git libapparmor-dev \
+	libaudit-dev libkrb5-dev libldap2-dev libpam0g-dev libpython3-dev \
+	libsasl2-dev libselinux1-dev libsepol-dev libssl-dev libwolfssl-dev \
+	lsb-release ncurses-term openssh-client pkg-config procps python3-dev \
+	ssh zlib1g-dev
+RUN useradd -ms /bin/bash build
diff --git a/docker/fedora/latest/Dockerfile b/docker/fedora/latest/Dockerfile
new file mode 100644
index 0000000..dec471a
--- /dev/null
+++ b/docker/fedora/latest/Dockerfile
@@ -0,0 +1,8 @@
+FROM docker.io/library/fedora:latest
+ENV TZ=America/Denver
+
+RUN dnf -y install audit-libs-devel cyrus-sasl-devel glibc-devel krb5-devel \
+    libasan libubsan libselinux-devel libsepol-devel make openldap-devel \
+    openssl-devel pam-devel python3-devel rpm-build zlib-devel binutils \
+    ed gcc gdb git openssh pkg-config procps which
+RUN useradd -ms /bin/bash build
diff --git a/docker/fedora/rawhide/Dockerfile b/docker/fedora/rawhide/Dockerfile
new file mode 100644
index 0000000..21b400d
--- /dev/null
+++ b/docker/fedora/rawhide/Dockerfile
@@ -0,0 +1,8 @@
+FROM docker.io/library/fedora:rawhide
+ENV TZ=America/Denver
+
+RUN dnf -y install audit-libs-devel cyrus-sasl-devel glibc-devel krb5-devel \
+    libasan libubsan libselinux-devel libsepol-devel make openldap-devel \
+    openssl-devel pam-devel python3-devel rpm-build zlib-devel binutils \
+    ed gcc gdb git openssh pkg-config procps which
+RUN useradd -ms /bin/bash build
diff --git a/docker/ubuntu/devel/Dockerfile b/docker/ubuntu/devel/Dockerfile
new file mode 100644
index 0000000..f5d305a
--- /dev/null
+++ b/docker/ubuntu/devel/Dockerfile
@@ -0,0 +1,10 @@
+FROM docker.io/library/ubuntu:devel
+
+RUN DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get update && \
+    DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get install -y \
+        build-essential curl dpkg-dev ed fakeroot file git libapparmor-dev \
+	libaudit-dev libkrb5-dev libldap2-dev libpam0g-dev libpython3-dev \
+	libsasl2-dev libselinux1-dev libsepol-dev libssl-dev libwolfssl-dev \
+	lsb-release ncurses-term openssh-client pkg-config procps python3-dev \
+	ssh zlib1g-dev
+RUN useradd -ms /bin/bash build
diff --git a/docker/ubuntu/latest/Dockerfile b/docker/ubuntu/latest/Dockerfile
new file mode 100644
index 0000000..582baae
--- /dev/null
+++ b/docker/ubuntu/latest/Dockerfile
@@ -0,0 +1,10 @@
+FROM docker.io/library/ubuntu:latest
+
+RUN DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get update && \
+    DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get install -y \
+        build-essential curl dpkg-dev ed fakeroot file git libapparmor-dev \
+	libaudit-dev libkrb5-dev libldap2-dev libpam0g-dev libpython3-dev \
+	libsasl2-dev libselinux1-dev libsepol-dev libssl-dev libwolfssl-dev \
+	lsb-release ncurses-term openssh-client pkg-config procps python3-dev \
+	ssh zlib1g-dev
+RUN useradd -ms /bin/bash build
diff --git a/docker/ubuntu/rolling/Dockerfile b/docker/ubuntu/rolling/Dockerfile
new file mode 100644
index 0000000..bf31a96
--- /dev/null
+++ b/docker/ubuntu/rolling/Dockerfile
@@ -0,0 +1,10 @@
+FROM docker.io/library/ubuntu:rolling
+
+RUN DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get update && \
+    DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get install -y \
+        build-essential curl dpkg-dev ed fakeroot file git libapparmor-dev \
+	libaudit-dev libkrb5-dev libldap2-dev libpam0g-dev libpython3-dev \
+	libsasl2-dev libselinux1-dev libsepol-dev libssl-dev libwolfssl-dev \
+	lsb-release ncurses-term openssh-client pkg-config procps python3-dev \
+	ssh zlib1g-dev
+RUN useradd -ms /bin/bash build