0

I'm trying to build a Docker image (based on debian:latest) for cross compilation. One step within this process is the creation of a cross-compilation sysroot, which involves running the following command within the running container:

mk-sbuild \
 --name=rpi3b-bookworm \
 --arch=arm64 \
 --debootstrap-mirror="http://ftp.debian.org/debian" \
 --skip-proposed --skip-updates --skip-security \
 bookworm

However, this command only works if the container is started with docker run --priviledged (because it needs to chroot and what not). It seems like there's no way to pass this flag to docker build.

What are my options to save the image besides docker commit after running mk-sbuild? I heard that using docker commit is discouraged. Is there any way to run this command inside the Dockerfile?

asked Dec 13, 2024 at 22:16
1
  • Can you create the chroot environment on the host system, and COPY it into the image? That's essentially how the base debian image is created. For that matter, it might work to create a build stage FROM --platform=... debian, and then COPY that environment into the target image. In some ways a Docker image is a lot like a glorified chroot that's harder to escape, and so this combination is a little unusual; since you need root-equivalent permissions to run docker commands, just using a host chroot environment may be simpler. Commented Dec 14, 2024 at 11:49

1 Answer 1

2

Turns out debootstrap is the more appropriate tool for making a cross-compilation sysroot. The difference is that mk-sbuild will fail if it cannot mount /proc inside the chroot (which is only possible with the --priviledged Docker flag), whereas debootstrap simply issues a warning.

For reference, this is the complete Dockerfile that I ended up with:

FROM mcr.microsoft.com/devcontainers/cpp:debian-12
ARG sysroot_path=/home/vscode/rpi3b-bookworm-arm64
# Make apt non-interactive (or else the build might hang)
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && \
 apt-get install -y --no-install-recommends \
 file neovim \
 clangd clang-format \
 debootstrap \
 gcc-aarch64-linux-gnu \
 g++-aarch64-linux-gnu \
 gfortran-aarch64-linux-gnu \
 qemu-user-static
# Use debootstrap to make the sysroot
RUN debootstrap --arch=arm64 --foreign bookworm \
 "$sysroot_path" "http://deb.debian.org/debian"
# Due to the foreign architecture, the 2nd-stage has to be run separately
RUN chroot "$sysroot_path" \
 /debootstrap/debootstrap --second-stage
# Install more packages
RUN chroot "$sysroot_path" \
 apt install -y --no-install-recommends \
 libgpiod-dev \
 libfmt-dev libfmt-doc libfmt9
answered Dec 16, 2024 at 15:44
Sign up to request clarification or add additional context in comments.

1 Comment

This looked promising but, for me at least, the --second-stage command hangs on apt-config AUTOPROXY configuration.

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.