mirror of
https://github.com/aljazceru/kata-containers.git
synced 2026-01-02 22:14:27 +01:00
54f37864f6
In order to improve the security of Kata, nothing should be able to modify the images. It would be really bad if a malicious container or process modified them. fixes #631 Signed-off-by: Julio Montes <julio.montes@intel.com>
18 lines
831 B
Makefile
Executable File
18 lines
831 B
Makefile
Executable File
#!/usr/bin/make -f
|
|
|
|
%:
|
|
dh $@
|
|
override_dh_auto_build:
|
|
|
|
override_dh_auto_install:
|
|
mkdir -p debian/kata-containers-image ; \
|
|
tar xzf /usr/src/packages/SOURCES/kata-containers.tar.gz -C /usr/src/packages/SOURCES/ ; \
|
|
image=$$(find /usr/src/packages/SOURCES/ -type f -name '*.img') ; \
|
|
initrd=$$(find /usr/src/packages/SOURCES/ -type f -name '*.initrd') ; \
|
|
install -m 0400 -D $${image} ./debian/kata-containers-image/usr/share/kata-containers/ ; \
|
|
install -m 0400 -D $${initrd} ./debian/kata-containers-image/usr/share/kata-containers/ ; \
|
|
ln -s /usr/share/kata-containers/$$(basename $${image}) \
|
|
./debian/kata-containers-image/usr/share/kata-containers/kata-containers.img ; \
|
|
ln -s /usr/share/kata-containers/$$(basename $${initrd}) \
|
|
./debian/kata-containers-image/usr/share/kata-containers/kata-containers-initrd.img ;
|