From 66a4f89602a7e77bf9832cf9a5b43d6d0254f088 Mon Sep 17 00:00:00 2001 From: Tianon Gravi Date: Mon, 2 Mar 2015 18:33:38 -0700 Subject: [PATCH 1/2] Update contrib/mkimage/debootstrap whitespace for consistency Signed-off-by: Andrew "Tianon" Page Upstream-commit: dec67f7f573855cd1760ed180efc006f5a900c2d Component: engine --- components/engine/contrib/mkimage/debootstrap | 46 +++++++++---------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/components/engine/contrib/mkimage/debootstrap b/components/engine/contrib/mkimage/debootstrap index c7a2b66830..0438ff2b29 100755 --- a/components/engine/contrib/mkimage/debootstrap +++ b/components/engine/contrib/mkimage/debootstrap @@ -28,13 +28,13 @@ shift # prevent init scripts from running during install/update echo >&2 "+ echo exit 101 > '$rootfsDir/usr/sbin/policy-rc.d'" cat > "$rootfsDir/usr/sbin/policy-rc.d" <<'EOF' -#!/bin/sh + #!/bin/sh -# For most Docker users, "apt-get install" only happens during "docker build", -# where starting services doesn't work and often fails in humorous ways. This -# prevents those failures by stopping the services from attempting to start. + # For most Docker users, "apt-get install" only happens during "docker build", + # where starting services doesn't work and often fails in humorous ways. This + # prevents those failures by stopping the services from attempting to start. -exit 101 + exit 101 EOF chmod +x "$rootfsDir/usr/sbin/policy-rc.d" @@ -59,12 +59,12 @@ if strings "$rootfsDir/usr/bin/dpkg" | grep -q unsafe-io; then # force dpkg not to call sync() after package extraction (speeding up installs) echo >&2 "+ echo force-unsafe-io > '$rootfsDir/etc/dpkg/dpkg.cfg.d/docker-apt-speedup'" cat > "$rootfsDir/etc/dpkg/dpkg.cfg.d/docker-apt-speedup" <<-'EOF' - # For most Docker users, package installs happen during "docker build", which - # doesn't survive power loss and gets restarted clean afterwards anyhow, so - # this minor tweak gives us a nice speedup (much nicer on spinning disks, - # obviously). + # For most Docker users, package installs happen during "docker build", which + # doesn't survive power loss and gets restarted clean afterwards anyhow, so + # this minor tweak gives us a nice speedup (much nicer on spinning disks, + # obviously). - force-unsafe-io + force-unsafe-io EOF fi @@ -97,26 +97,26 @@ if [ -d "$rootfsDir/etc/apt/apt.conf.d" ]; then # remove apt-cache translations for fast "apt-get update" echo >&2 "+ echo Acquire::Languages 'none' > '$rootfsDir/etc/apt/apt.conf.d/docker-no-languages'" cat > "$rootfsDir/etc/apt/apt.conf.d/docker-no-languages" <<-'EOF' - # In Docker, we don't often need the "Translations" files, so we're just wasting - # time and space by downloading them, and this inhibits that. For users that do - # need them, it's a simple matter to delete this file and "apt-get update". :) + # In Docker, we don't often need the "Translations" files, so we're just wasting + # time and space by downloading them, and this inhibits that. For users that do + # need them, it's a simple matter to delete this file and "apt-get update". :) - Acquire::Languages "none"; + Acquire::Languages "none"; EOF echo >&2 "+ echo Acquire::GzipIndexes 'true' > '$rootfsDir/etc/apt/apt.conf.d/docker-gzip-indexes'" cat > "$rootfsDir/etc/apt/apt.conf.d/docker-gzip-indexes" <<-'EOF' - # Since Docker users using "RUN apt-get update && apt-get install -y ..." in - # their Dockerfiles don't go delete the lists files afterwards, we want them to - # be as small as possible on-disk, so we explicitly request "gz" versions and - # tell Apt to keep them gzipped on-disk. + # Since Docker users using "RUN apt-get update && apt-get install -y ..." in + # their Dockerfiles don't go delete the lists files afterwards, we want them to + # be as small as possible on-disk, so we explicitly request "gz" versions and + # tell Apt to keep them gzipped on-disk. - # For comparison, an "apt-get update" layer without this on a pristine - # "debian:wheezy" base image was "29.88 MB", where with this it was only - # "8.273 MB". + # For comparison, an "apt-get update" layer without this on a pristine + # "debian:wheezy" base image was "29.88 MB", where with this it was only + # "8.273 MB". - Acquire::GzipIndexes "true"; - Acquire::CompressionTypes::Order:: "gz"; + Acquire::GzipIndexes "true"; + Acquire::CompressionTypes::Order:: "gz"; EOF fi From 288b71d9e8e78418e89e80c54d34954b3caa8f2a Mon Sep 17 00:00:00 2001 From: Tianon Gravi Date: Mon, 2 Mar 2015 18:42:26 -0700 Subject: [PATCH 2/2] Set "Apt::AutoRemove::SuggestsImportant" to "false" in debootstrap This makes APT be appropriately aggressive about removing packages it added due to `Recommends` or `Depends` if the packages they were added for are removed (even if other packages only have the softer `Suggests` relationship). Signed-off-by: Andrew "Tianon" Page Upstream-commit: e6a18da53f99185882ecd0e915c236cf9d14f522 Component: engine --- components/engine/contrib/mkimage/debootstrap | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/components/engine/contrib/mkimage/debootstrap b/components/engine/contrib/mkimage/debootstrap index 0438ff2b29..2601eddac7 100755 --- a/components/engine/contrib/mkimage/debootstrap +++ b/components/engine/contrib/mkimage/debootstrap @@ -118,6 +118,27 @@ if [ -d "$rootfsDir/etc/apt/apt.conf.d" ]; then Acquire::GzipIndexes "true"; Acquire::CompressionTypes::Order:: "gz"; EOF + + # update "autoremove" configuration to be aggressive about removing suggests deps that weren't manually installed + echo >&2 "+ echo Apt::AutoRemove::SuggestsImportant 'false' > '$rootfsDir/etc/apt/apt.conf.d/docker-autoremove-suggests'" + cat > "$rootfsDir/etc/apt/apt.conf.d/docker-autoremove-suggests" <<-'EOF' + # Since Docker users are looking for the smallest possible final images, the + # following emerges as a very common pattern: + + # RUN apt-get update \ + # && apt-get install -y \ + # && \ + # && apt-get purge -y --auto-remove + + # By default, APT will actually _keep_ packages installed via Recommends or + # Depends if another package Suggests them, even and including if the package + # that originally caused them to be installed is removed. Setting this to + # "false" ensures that APT is appropriately aggressive about removing the + # packages it added. + + # https://aptitude.alioth.debian.org/doc/en/ch02s05s05.html#configApt-AutoRemove-SuggestsImportant + Apt::AutoRemove::SuggestsImportant "false"; + EOF fi if [ -z "$DONT_TOUCH_SOURCES_LIST" ]; then