From b09fa3a287269dc6f901050725a1f5771ab59cf6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20M=C3=ADchal?= Date: Thu, 20 Aug 2020 10:06:03 +0200 Subject: [PATCH] build: Statically link the toolbox binary The Go implementation of Toolbox uses in few places code written in C (not directly in the Toolbox code but in some library). This causes Toolbox to be dynamically linked to the systems C library (libc). Under other circumstances this would not be a problem but Toolbox itself is being used as the entry-point of toolbox containers. The most widely used implementation of libc is glibc. Its versions seem to be backwards-compatible but not forward-compatible, making Toolbox unusable in older distros that ship a previous version of glibc. One of the solutions is to statically link libc (resp. glibc) which is what this commit does. The size of the final binary seems to not be affected. CGO_ENABLED=0 forces the build not to use cgo making it effectively statically linked and '-tags osusergo' forces the use of purely Go implementation of os/user. https://golang.org/pkg/os/user/ https://golang.org/cmd/cgo/ https://github.com/containers/toolbox/pull/531 --- src/go-build-wrapper | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/go-build-wrapper b/src/go-build-wrapper index 8f84277ed..7b59957fc 100755 --- a/src/go-build-wrapper +++ b/src/go-build-wrapper @@ -27,5 +27,5 @@ if ! cd "$1"; then exit 1 fi -go build -trimpath -ldflags "-X github.com/containers/toolbox/pkg/version.currentVersion=$3" -o "$2" +CGO_ENABLED=0 go build -tags osusergo -trimpath -ldflags "-X github.com/containers/toolbox/pkg/version.currentVersion=$3" -o "$2" exit "$?"