在隔离的 Centos 7 服务器中将 libseccomp 升级到最新版本

在隔离的 Centos 7 服务器中将 libseccomp 升级到最新版本

我尝试在隔离的 Centos 7 服务器中安装 docker rpm,但遇到错误,提示需要 libseccomp >=2.3。

--> Finished Dependency Resolution
Error: Package: docker-ce-selinux-17.03.3.ce-1.el7.noarch (/docker-ce-selinux-17.03.3.ce-1.el7.noarch)
           Requires: selinux-policy-base >= 3.13.1-102
           Installed: selinux-policy-targeted-3.13.1-60.el7_2.13.noarch (@tm-rhel-x86_64-server-7.2.eus)
               selinux-policy-base = 3.13.1-60.el7_2.13
Error: Package: containerd.io-1.3.7-3.1.el7.x86_64 (/containerd.io-1.3.7-3.1.el7.x86_64)
           Requires: container-selinux >= 2:2.74
Error: Package: 3:docker-ce-19.03.9-3.el7.x86_64 (/docker-ce-19.03.9-3.el7.x86_64)
           Requires: libseccomp.so.2()(64bit)
Error: Package: 3:docker-ce-19.03.9-3.el7.x86_64 (/docker-ce-19.03.9-3.el7.x86_64)
           Requires: container-selinux >= 2:2.74
Error: Package: docker-ce-selinux-17.03.3.ce-1.el7.noarch (/docker-ce-selinux-17.03.3.ce-1.el7.noarch)
           Requires: selinux-policy-targeted >= 3.13.1-102
           Installed: selinux-policy-targeted-3.13.1-60.el7_2.13.noarch (@tm-rhel-x86_64-server-7.2.eus)
               selinux-policy-targeted = 3.13.1-60.el7_2.13
Error: Package: containerd.io-1.3.7-3.1.el7.x86_64 (/containerd.io-1.3.7-3.1.el7.x86_64)
           Requires: libseccomp
Error: Package: 3:docker-ce-19.03.9-3.el7.x86_64 (/docker-ce-19.03.9-3.el7.x86_64)
           Requires: libseccomp >= 2.3
 You could try using --skip-broken to work around the problem
 You could try running: rpm -Va --nofiles --nodigest

我从https://github.com/seccomp/libseccomp,传输到服务器并运行通常的

./configure
make
sudo make install

libseccomp >=2.3 required但是,当我再次尝试安装 docker rpm 时,我继续收到错误。 sudo make installlibseccomp 之后还有其他步骤吗? 我是否需要启用 Linux 模块或库来激活新的 libseccomp。

作为参考,以下是 sudo make install 的输出

TEST [libseccomp-2.4.4]$ sudo make install
[sudo] password for testadmin:
Making install in include
 /usr/bin/mkdir -p '/usr/local/include'
 /usr/bin/install -c -m 644 seccomp.h seccomp-syscalls.h '/usr/local/include'
Making install in src
Making install in .
 /usr/bin/mkdir -p '/usr/local/lib'
 /bin/sh ../libtool   --mode=install /usr/bin/install -c   libseccomp.la '/usr/local/lib'
libtool: install: /usr/bin/install -c .libs/libseccomp.so.2.4.4 /usr/local/lib/libseccomp.so.2.4.4
libtool: install: (cd /usr/local/lib && { ln -s -f libseccomp.so.2.4.4 libseccomp.so.2 || { rm -f libseccomp.so.2 && ln -s libseccomp.so.2.4.4 libseccomp.so.2; }; })
libtool: install: (cd /usr/local/lib && { ln -s -f libseccomp.so.2.4.4 libseccomp.so || { rm -f libseccomp.so && ln -s libseccomp.so.2.4.4 libseccomp.so; }; })libtool: install: /usr/bin/install -c .libs/libseccomp.lai /usr/local/lib/libseccomp.la
libtool: install: /usr/bin/install -c .libs/libseccomp.a /usr/local/lib/libseccomp.a
libtool: install: chmod 644 /usr/local/lib/libseccomp.a
libtool: install: ranlib /usr/local/lib/libseccomp.a
libtool: finish: PATH="/sbin:/bin:/usr/sbin:/usr/bin:/sbin" ldconfig -n /usr/local/lib
----------------------------------------------------------------------
Libraries have been installed in:
   /usr/local/lib

If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the '-LLIBDIR'
flag during linking and do at least one of the following:
   - add LIBDIR to the 'LD_LIBRARY_PATH' environment variable
     during execution
   - add LIBDIR to the 'LD_RUN_PATH' environment variable
     during linking
   - use the '-Wl,-rpath -Wl,LIBDIR' linker flag
   - have your system administrator add LIBDIR to '/etc/ld.so.conf'

See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
Making install in tools
 /usr/bin/mkdir -p '/usr/local/bin'
  /bin/sh ../libtool   --mode=install /usr/bin/install -c scmp_sys_resolver '/usr/local/bin'
libtool: install: /usr/bin/install -c .libs/scmp_sys_resolver /usr/local/bin/scmp_sys_resolver
Making install in tests
Making install in doc
 /usr/bin/mkdir -p '/usr/local/share/man/man1'
 /usr/bin/install -c -m 644 man/man1/scmp_sys_resolver.1 '/usr/local/share/man/man1'
 /usr/bin/mkdir -p '/usr/local/share/man/man3'
 /usr/bin/install -c -m 644 man/man3/seccomp_arch_add.3 man/man3/seccomp_arch_exist.3 man/man3/seccomp_arch_native.3 man/man3/seccomp_arch_remove.3 man/man3/seccomp_arch_resolve_name.3 man/man3/seccomp_attr_get.3 man/man3/seccomp_attr_set.3 man/man3/seccomp_export_bpf.3 man/man3/seccomp_export_pfc.3 man/man3/seccomp_init.3 man/man3/seccomp_load.3 man/man3/seccomp_merge.3 man/man3/seccomp_release.3 man/man3/seccomp_reset.3 man/man3/seccomp_rule_add.3 man/man3/seccomp_rule_add_array.3 man/man3/seccomp_rule_add_exact.3 man/man3/seccomp_rule_add_exact_array.3 man/man3/seccomp_syscall_priority.3 man/man3/seccomp_syscall_resolve_name.3 man/man3/seccomp_syscall_resolve_name_arch.3 man/man3/seccomp_syscall_resolve_name_rewrite.3 man/man3/seccomp_syscall_resolve_num_arch.3 man/man3/seccomp_version.3 man/man3/seccomp_api_get.3 man/man3/seccomp_api_set.3 '/usr/local/share/man/man3'
 /usr/bin/mkdir -p '/usr/local/lib/pkgconfig'
 /usr/bin/install -c -m 644 libseccomp.pc '/usr/local/lib/pkgconfig'

编辑

目前,docker rpm 可以从以下网址下载https://download.docker.com/linux/centos/7/x86_64/stable/Packages/

TEST [docker-rpm]$ ls
containerd.io-1.3.7-3.1.el7.x86_64.rpm
docker-ce-19.03.9-3.el7.x86_64.rpm
docker-ce-cli-19.03.9-3.el7.x86_64.rpm
docker-ce-selinux-17.03.3.ce-1.el7.noarch.rpm

相关内容