ExternalVendorCode/balena-supervisor
1
0
Fork 0
mirror of https://github.com/balena-os/balena-supervisor.git synced 2025-05-29 13:54:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Pin iptables to 1.8.9 (legacy)

Browse Source 
With Alpine 3.19, iptables gets bumped to 1.8.10 which uses nftables.
The host OS still uses iptables 1.8.7 (legacy), and we should
use legacy as well until the OS uses nftables.

See: https://balena.zulipchat.com/#narrow/stream/345889-balena-io.2Fos/topic/iptables.20host.20vs.2E.20nftables.20Supervisor
Change-type: patch
Signed-off-by: Christina Ying Wang <christina@balena.io>
This commit is contained in:
Christina Ying Wang 2024-03-18 14:14:58 -07:00
parent 8b173918ea
commit 3d881347e7
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
Dockerfile.template
View File

@ -58,7 +58,6 @@ RUN apt-get update && apt-get install -y --no-install-recommends systemd
COPY ./build-utils/setup-journal.sh / COPY ./build-utils/setup-journal.sh /
RUN /setup-journal.sh RUN /setup-journal.sh
################################################### ###################################################
# Extra dependencies. This uses alpine 3.11 as the # Extra dependencies. This uses alpine 3.11 as the
# procmail package was removed on 3.12 # procmail package was removed on 3.12
@ -92,14 +91,18 @@ COPY mount-partitions.sh .
# Runtime dependencies # Runtime dependencies
RUN apk add --update --no-cache \ RUN apk add --update --no-cache \
$NODE \ $NODE \
iptables \
ip6tables \
rsync \ rsync \
dbus \ dbus \
dmidecode \ dmidecode \
sqlite-libs \ sqlite-libs \
lsblk lsblk
# Iptables should be pinned to 1.8.9 (legacy) as balenaOS still uses iptables-legacy
RUN apk add --update --no-cache \
--repository=http://dl-cdn.alpinelinux.org/alpine/v3.18/main \
iptables~=1.8.9 \
ip6tables~=1.8.9
ARG ARCH ARG ARCH
ARG VERSION=master ARG VERSION=master
ENV LED_FILE=/dev/null \ ENV LED_FILE=/dev/null \