diff options
author | Pramod Raghavendra Jayathirth <pramod.raghavendra.jayathirth@intel.com> | 2018-07-11 09:21:53 -0700 |
---|---|---|
committer | Pramod Raghavendra Jayathirth <pramod.raghavendra.jayathirth@intel.com> | 2018-07-16 04:42:08 -0700 |
commit | 80eb5b198a6e233740b8957902d5480732274631 (patch) | |
tree | 16ad32f13163d50721ac8ecb659d0598550f0559 /bin/abrmdcontainer | |
parent | a00f00a2c5f390281196e371280f4f481a5f4be0 (diff) |
Changing the directory of ABRMD container files
Including the ABRMD in a seperare directory for
better organization
Change-Id: I1097a2d7be5bc99b40b0bd59a4bdb939478d5129
Issue-ID: AAF-342
Signed-off-by: Pramod Raghavendra Jayathirth <pramod.raghavendra.jayathirth@intel.com>
Diffstat (limited to 'bin/abrmdcontainer')
-rw-r--r-- | bin/abrmdcontainer/README.md | 27 | ||||
-rw-r--r-- | bin/abrmdcontainer/dockerfile | 62 | ||||
-rwxr-xr-x | bin/abrmdcontainer/entrypoint.sh | 11 |
3 files changed, 100 insertions, 0 deletions
diff --git a/bin/abrmdcontainer/README.md b/bin/abrmdcontainer/README.md new file mode 100644 index 0000000..ad2f3bc --- /dev/null +++ b/bin/abrmdcontainer/README.md @@ -0,0 +1,27 @@ +### Building Docker Images + +``` +$ docker build -t <image name> -f dockerfile . +``` + +### Running ABRMD Container + +``` +$ docker run -d --privileged -v /tmp/run/dbus:/var/run/dbus --name <container name> <image name> +``` + +### Running Tools Container +This command will drop you into the tools container with everything setup appropriately: +``` +# Runs without any privileges. +# Requires that the dbus be mounted from the same host folder +# This is to enable communication between the tools and ABRMD +$ docker run -v /tmp/run/dbus:/var/run/dbus --name <container name> -it --entrypoint /bin/bash <image name> +``` + +##### Sanity Check +Run the following command in the tools container to see if everything is setup correctly: + +``` +tpm2_listpcrs +``` diff --git a/bin/abrmdcontainer/dockerfile b/bin/abrmdcontainer/dockerfile new file mode 100644 index 0000000..d1c9480 --- /dev/null +++ b/bin/abrmdcontainer/dockerfile @@ -0,0 +1,62 @@ +FROM ubuntu:xenial + +RUN apt-get -y update && \ + apt-get -y install \ + autoconf \ + autoconf-archive \ + libglib2.0-dev \ + libdbus-1-dev \ + automake \ + libtool \ + autotools-dev \ + libcppunit-dev \ + p11-kit \ + libcurl4-gnutls-dev \ + libcmocka0 \ + libcmocka-dev \ + build-essential \ + git \ + pkg-config \ + gcc \ + g++ \ + m4 \ + wget \ + liburiparser-dev \ + libssl-dev \ + pandoc + +RUN apt-get -y install libgcrypt20-dev + +RUN git clone https://github.com/tpm2-software/tpm2-tss.git +RUN git clone https://github.com/tpm2-software/tpm2-abrmd.git +RUN git clone https://github.com/tpm2-software/tpm2-tools.git + +RUN cd tpm2-tss && \ + git checkout 1.2.0 && \ + ./bootstrap && \ + ./configure && \ + make && \ + make install + +RUN cd tpm2-abrmd && \ + git checkout 1.1.1 && \ + useradd --system --user-group tss && \ + ./bootstrap && \ + ./configure --with-dbuspolicydir=/etc/dbus-1/system.d \ + --with-udevrulesdir=/etc/udev/rules.d/ \ + --with-systemdsystemunitdir=/lib/systemd/system && \ + make && \ + make install + +RUN cd tpm2-tools && \ + git checkout 2.1.0 && \ + ./bootstrap && \ + ./configure --with-tcti-tabrmd=yes && \ + make && \ + make install + +RUN echo "/usr/local/lib" > /etc/ld.so.conf.d/tpm2.conf && \ + ldconfig + +ADD entrypoint.sh /entrypoint.sh +ENTRYPOINT ["/entrypoint.sh"]
\ No newline at end of file diff --git a/bin/abrmdcontainer/entrypoint.sh b/bin/abrmdcontainer/entrypoint.sh new file mode 100755 index 0000000..b13c681 --- /dev/null +++ b/bin/abrmdcontainer/entrypoint.sh @@ -0,0 +1,11 @@ +#!/bin/bash +set -e + +# Start DBUS +mkdir -p /var/run/dbus +stdbuf -oL -eL dbus-daemon --system --nofork 2>&1 1> /var/log/dbus-daemon.log & + +# Start Resource Manager +hostip=$(ip route show | awk '/default/ {print $3}') +echo "Connecting to $hostip\n" +tpm2-abrmd -a $hostip -t socket
\ No newline at end of file |