diff --git a/docker/Dockerfile b/docker/Dockerfile index 837d717c35f30f012cd96b8be0d2e613f9d32b81..42bdf9b2f090fa233fb68850b7bd70d1cedcbbef 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,38 +1,49 @@ # Version 1 + FROM gcc:9.3.0 # Ensure use of bash + SHELL ["/bin/bash","-c"] # timezone + ENV TZ=Europe/Paris -# apt-get preparation +# apt-get general preparation + RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections ARG DEBIAN_FRONTEND=noninteractive RUN apt-get update \ && apt-get install -y apt-utils # c++ tools + RUN apt-get install -y build-essential \ && apt-get install -y cppcheck \ && apt-get install -y libc6-dbg gdb \ && apt-get install -y binutils graphviz \ && apt-get install -y valgrind kcachegrind +RUN echo "set auto-load safe-path /" > /root/.gdbinit + # python + RUN apt-get install -y python-backports.functools-lru-cache \ && apt-get install -y python-tk \ && apt-get install -y python-pip + RUN pip install numpy RUN pip install matplotlib # other + RUN rm -rf /var/lib/apt/lists/* ENV PATH=${PATH}:. ENV LD_LIBRARY_PATH=. # start a shell by default + CMD bash diff --git a/docker/WORK.md b/docker/WORK.md deleted file mode 100644 index c13031873e3bf31eb2f2311dd01a30f0be779299..0000000000000000000000000000000000000000 --- a/docker/WORK.md +++ /dev/null @@ -1,31 +0,0 @@ - ---- -# Gdb - -When playing with gdb, there is a disturbing warning, to be understood : - -``` -warning: Error disabling address space randomization: Operation not permitted -warning: File "/usr/local/lib64/libstdc++.so.6.0.28-gdb.py" auto-loading has been declined by your `auto-load safe-path' set to "$debugdir:$datadir/auto-load". -To enable execution of this file add - add-auto-load-safe-path /usr/local/lib64/libstdc++.so.6.0.28-gdb.py -line to your configuration file "/root/.gdbinit". -To completely disable this security protection add - set auto-load safe-path / -line to your configuration file "/root/.gdbinit". -For more information about this security protection see the -"Auto-loading safe path" section in the GDB manual. E.g., run from the shell: - info "(gdb)Auto-loading safe path" -``` - - ---- -# Marrying C++ and Python - -Should we install something for the C++/Python connection ? - -Also, the python example mandel.py (and perhaps others) needs an X11 display... and: -* pylab -* ... - -Grosse galère avec "functools_lru_cache"... \ No newline at end of file diff --git a/docker/run.sh b/docker/run.sh index e6909115a0130f452a6e3e0144d68c9bf178c8d0..c1e1320d7c0b830862f00e7a6b1ee93c7f540596 100755 --- a/docker/run.sh +++ b/docker/run.sh @@ -3,4 +3,4 @@ SCRIPT_NAME=${BASH_SOURCE[0]} SCRIPT_DIR=`dirname ${SCRIPT_NAME}` -docker run -it --rm -v $PWD:/work -w /work `cat ${SCRIPT_DIR}/name.txt` $* +docker run --security-opt seccomp=unconfined -it --rm -v $PWD:/work -w /work `cat ${SCRIPT_DIR}/name.txt` $* diff --git a/docker/run_x11_linux.sh b/docker/run_x11_linux.sh index 68c1163d1a110d78eafe42ff362e3f4e4562afcd..e258bfd11d42e3a7cc8b15a8d7ceea06348fafa5 100755 --- a/docker/run_x11_linux.sh +++ b/docker/run_x11_linux.sh @@ -6,4 +6,4 @@ SCRIPT_DIR=`dirname ${SCRIPT_NAME}` export DISPLAY=:0 xhost + -docker run -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix:rw -it --rm -v $PWD:/work -w /work `cat ${SCRIPT_DIR}/name.txt` $* +docker run -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix:rw --security-opt seccomp=unconfined -it --rm -v $PWD:/work -w /work `cat ${SCRIPT_DIR}/name.txt` $* diff --git a/docker/run_x11_macos.sh b/docker/run_x11_macos.sh index 938622eea95015b9f32cb1407f425c2b7b1575fc..5d6ff6c41fdd6e72047b77bf958fb40f7b5ce5f0 100755 --- a/docker/run_x11_macos.sh +++ b/docker/run_x11_macos.sh @@ -6,4 +6,4 @@ SCRIPT_DIR=`dirname ${SCRIPT_NAME}` export DISPLAY=${MYIP}:0 xhost + ${MYIP} -docker run -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix:rw -it --rm -v $PWD:/work -w /work `cat ${SCRIPT_DIR}/name.txt` $* +docker run -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix:rw --security-opt seccomp=unconfined -it --rm -v $PWD:/work -w /work `cat ${SCRIPT_DIR}/name.txt` $* diff --git a/docker/run_x11_win.sh b/docker/run_x11_win.sh index 278cacf1401241170f560d9b07309306638c61fc..a03150d118eb7ddb0f50dcddb894aa2793671c55 100755 --- a/docker/run_x11_win.sh +++ b/docker/run_x11_win.sh @@ -6,4 +6,4 @@ SCRIPT_DIR=`dirname ${SCRIPT_NAME}` export DISPLAY=${MYIP}:0 xhost + ${MYIP} -docker run -e DISPLAY=$DISPLAY -it --rm -v $PWD:/work -w /work `cat ${SCRIPT_DIR}/name.txt` $* +docker run -e DISPLAY=$DISPLAY --security-opt seccomp=unconfined -it --rm -v $PWD:/work -w /work `cat ${SCRIPT_DIR}/name.txt` $*