├── squash_and_upload.sh ├── LICENSE ├── README.md └── Dockerfile /squash_and_upload.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | 4 | # You need to install docker-squash from: 5 | # https://github.com/goldmann/docker-squash 6 | 7 | docker-squash -f 15 -t yantis/archlinux-tiny:latest yantis/archlinux-tiny:latest 8 | docker push yantis/archlinux-tiny 9 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2015 Jonathan O. Yantis 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # archlinux-tiny 2 | 3 | On Docker hub [archlinux-tiny](https://registry.hub.docker.com/u/yantis/archlinux-tiny/) 4 | on Github [docker-archlinux-tiny](https://github.com/yantis/docker-archlinux-tiny) 5 | 6 | 119 MB Arch Linux base container. The goal of this was to build an extremely small Arch Linux base without giving up any functionality. 7 | I used Les Aker's [dock0/arch](https://github.com/dock0/arch) as a foundation. 8 | I also added some amazing repos like [BlackArch](http://blackarch.org) and [BBQLinux](http://bbqlinux.org). 9 | 10 | The goal was to maintain complete functionality so I did not swap out coreutils for busybox. 11 | But you could swap out a few things for the busybox version of them and reduce the size down another 20 MB or so. 12 | 13 | 14 | ## Docker Images Structure 15 | 16 | >[yantis/archlinux-tiny](https://github.com/yantis/docker-archlinux-tiny) 17 | >>[yantis/archlinux-small](https://github.com/yantis/docker-archlinux-small) 18 | >>>[yantis/archlinux-small-ssh-hpn](https://github.com/yantis/docker-archlinux-ssh-hpn) 19 | >>>>[yantis/ssh-hpn-x](https://github.com/yantis/docker-ssh-hpn-x) 20 | >>>>>[yantis/dynamic-video](https://github.com/yantis/docker-dynamic-video) 21 | >>>>>>[yantis/virtualgl](https://github.com/yantis/docker-virtualgl) 22 | >>>>>>>[yantis/wine](https://github.com/yantis/docker-wine) 23 | 24 | 25 | ## Features 26 | * Arch Linux 64 bit core, extra, community repos 27 | * Arch Linux 32 bit multilib repo 28 | * [BBQLinux](http://bbqlinux.org) repo for Android Developers. 29 | * [BlackArch](http://blackarch.org) repo for penetration testers and security professionals. 30 | * [Arch Linux CN](https://github.com/archlinuxcn) repo 31 | * user:docker password:docker 32 | * [Reflector] (https://wiki.archlinux.org/index.php/Reflector) mirror optimized for western USA. 33 | * cower and package-query for interacting with the AUR. 34 | * compact (removal of a lot of unneeded stuff that pacman will auto re-install if needed) 35 | 36 | 2/13/2017 Fixed it to make it work again. It is bigger than it used to be as it 37 | uses the default SSL which has perl installed. 38 | 39 | 7/2/2016 added but currently not taking advantage of it 40 | [Amylum] (https://github.com/amylum/repo) Arch packages primarily compiled statically and built against musl 41 | 42 | As an example this is a search for chrome with the above repos installed: 43 | ![](http://yantis-scripts.s3.amazonaws.com/screenshot_20150407-030717.jpg) 44 | 45 | ## How did you get it so small. 46 | The biggest win was the removal of Perl at 40MB. Perl is needed for two things on the base Arch Linux install 47 | OpenSSL (it shouldn't be honestly since it isn't really used other than for one small thing on Windows) 48 | Some other distros have already fixed this [issue] (https://github.com/NixOS/nixpkgs/issues/6763) like NixOS 49 | Also, see this [thread](https://bbs.archlinux.org/viewtopic.php?id=73200) and [this](https://bugs.archlinux.org/task/14903). 50 | And for [texinfo](http://www.gnu.org/software/texinfo) (8 MB) which we patched out with a fake stub. 51 | 52 | As well as aggressively cleaning of info, doc and man pages as well as stripping out the non English international stuff. 53 | 54 | ## Caveats 55 | This is slimmed down as much as possible while still having full pacman functionality to install any package needed. 56 | This is ment to be more of the lowest possible base to build upon. Try out one of my other Arch Linux versions if you want something more. 57 | 58 | Where it might break is all but the English locales have been removed, as well as any terminfo configs that are not xterm based. 59 | Do not expect any info, documents or manual pages to exist locally either as those have been purged as well. 60 | 61 | I am currently experimenting with the removal of zoneinfo and i18n and no problems so far. 62 | 63 | Anything you install with pacman should just install fine but if you want to install something from the AUR you are going to need 64 | to install dev tools first like make, gcc, autoconf etc. 65 | 66 | 67 | ## Miscellaneous 68 | 69 | To save on space the pacman databases are purged. You need run pacman -Sy at least once before using pacman. 70 | 71 | ```bash 72 | RUN pacman -Sy 73 | ``` 74 | 75 | Most of the time pacman will install packages and dependencies just fine. Sometimes though it will say 76 | "error: command failed to execute correctly " with a command not found message. That means you need to install a dependency. 77 | 78 | For example the git package uses groupadd and useradd which are both in the shadow package but you may not know that so to find it you can use the pkgfile tool. 79 | This will show you which package to install. In this case you would install the shadow package before installing git. 80 | 81 | ```bash 82 | $ pacman -S pkgfile && pkgfile --update 83 | $ pkgfile useradd 84 | core/shadow 85 | extra/bash-completion 86 | ``` 87 | 88 | 89 | This image has a user docker with the password docker. You will most likely want to change the password. Just add this line to your Dockerfile. 90 | 91 | ```bash 92 | RUN echo -e "docker\nyournewpassword" | passwd docker 93 | ``` 94 | 95 | The mirrors are optimized for US West If you want it for your area just add this to the top of your Dockerfile. 96 | 97 | ```bash 98 | RUN pacman -S reflector --noconfirm && \ 99 | reflector --verbose -l 5 --protocol https --sort rate --save /etc/pacman.d/mirrorlist && \ 100 | pacman -Rs reflector --noconfirm 101 | ``` 102 | 103 | Included is cower and package-query for interacting with the AUR. You might want another one like 104 | [yaourt](https://wiki.archlinux.org/index.php/Yaourt). To install that just: 105 | 106 | ```bash 107 | RUN pacman -S --noconfirm yaourt 108 | ``` 109 | 110 | The different repositories have a lot of really nice packages. To get a list just run package-query like this. 111 | 112 | ```bash 113 | package-query -Sl archassault 114 | ``` 115 | 116 | ![](http://yantis-scripts.s3.amazonaws.com/screenshot_20150407-023220.jpg) 117 | 118 | 119 | ## Random Thoughts (Stuff that you could do that wasn't done) 120 | * Tried converting coreutils to busybox. It just wasn't worth breaking GNU compatibility that pacman needs. 121 | Try [shingonoide's image](https://github.com/shingonoide/docker_archlinux-busybox) first before going this route to see if this works for you. 122 | * The /etc/include directory contains 14 MB of header files. Those could get purged downstream if you knew you were never going to compile or update. Though if that was the case you could delete a whole lot more than that. 123 | * You could remove linux-api-headers and get 3.3MB of space there but you would have to remember to re-install before any builds. 124 | * One could remove the licenses package and get 1 MB. (ie: zip it up. Upload it and provide a link). I didn't mess with this for obvious reasons. 125 | * glibc is a monster. You could look into using [musl](http://www.musl-libc.org/faq.html) but in this case you should probably just use [Alpine Linux](http://alpinelinux.org) 126 | * /var/lib/pacman/local has 2.5MB in it that could be purged and restored with this [script](https://bbs.archlinux.org/viewtopic.php?pid=670876) 127 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | ########################################################### 2 | # Dockerfile for custom Arch Linux base to be as small as possible 3 | # 4 | # Currently 119 MB 5 | ############################################################ 6 | 7 | FROM dock0/arch 8 | MAINTAINER Jonathan Yantis 9 | 10 | ENV TERM xterm 11 | WORKDIR /tmp 12 | 13 | RUN pacman -Syyu --noconfirm && \ 14 | 15 | ## Configure pacman 16 | 17 | # Fix for failed: IPC connect call failed 18 | dirmngr /dev/null 2>&1 && \ 19 | 20 | # Allow for colored output in pacman.conf 21 | sed -i "s/#Color/Color/" /etc/pacman.conf && \ 22 | 23 | # Add hercula repo for vim-tiny 24 | # Removed this even though it is nice because it blocks dockerhub 25 | # http://repo.herecura.eu/herecura-stable/x86_64/ 26 | # echo "[herecura-stable]" >> /etc/pacman.conf && \ 27 | # echo "Server = http://repo.herecura.be/herecura-stable/\$arch" >> /etc/pacman.conf && \ 28 | 29 | # Archlinux CN repo (has yaourt and sometimes other interesting tools) 30 | echo "[archlinuxcn]" >> /etc/pacman.conf && \ 31 | echo "SigLevel = Optional TrustAll" >> /etc/pacman.conf && \ 32 | echo "Server = http://repo.archlinuxcn.org/\$arch" >> /etc/pacman.conf && \ 33 | 34 | # BlackArch 35 | echo "[blackarch]" >> /etc/pacman.conf && \ 36 | echo "Server = http://mirror.clibre.uqam.ca/blackarch/\$repo/os/\$arch" >> /etc/pacman.conf && \ 37 | pacman-key -r 4345771566D76038C7FEB43863EC0ADBEA87E4E3 && \ 38 | pacman-key --lsign-key 4345771566D76038C7FEB43863EC0ADBEA87E4E3 && \ 39 | pacman-key -r 7533BAFE69A25079 && \ 40 | pacman-key --lsign-key 7533BAFE69A25079 && \ 41 | 42 | # BBQLinux 43 | echo "[bbqlinux]" >> /etc/pacman.conf && \ 44 | echo "Server = http://packages.bbqlinux.org/\$repo/os/\$arch" >> /etc/pacman.conf && \ 45 | pacman-key -r 04C0A941 && \ 46 | pacman-key --lsign-key 04C0A941 && \ 47 | 48 | # Add multilib repo 49 | sed -i '/#\[multilib\]/,/#Include = \/etc\/pacman.d\/mirrorlist/ s/#//' /etc/pacman.conf && \ 50 | sed -i '/#\[multilib\]/,/#Include = \/etc\/pacman.d\/mirrorlist/ s/#//' /etc/pacman.conf && \ 51 | sed -i 's/#\[multilib\]/\[multilib\]/g' /etc/pacman.conf && \ 52 | 53 | # Remove PGP Checks from dock0 amylum repo 54 | # https://github.com/amylum/repo 55 | sed -i 's/SigLevel = Required/SigLevel = Optional TrustAll/g' /etc/pacman.conf && \ 56 | 57 | # Update and force a refresh of all package lists even if they appear up to date. 58 | pacman -Syyu --noconfirm && \ 59 | 60 | # Install all the repo keyrings and mirrorlists 61 | pacman --noconfirm -S archlinuxcn-keyring blackarch-keyring bbqlinux-keyring && \ 62 | 63 | # Install yaourt, package-query and cower for easy AUR usage. 64 | # TODO make sure package query still exists later after yaourt uninstall 65 | pacman -S --noconfirm yaourt package-query cower && \ 66 | 67 | # TODO switch to rankmirrors since its built in for pacman. 68 | # Setup pacman to use the fastest mirrors. 69 | pacman -S reflector --noconfirm && \ 70 | reflector --verbose -l 5 --protocol https --sort rate --save /etc/pacman.d/mirrorlist && \ 71 | pacman -Rs reflector --noconfirm && \ 72 | 73 | # Create new account that isn't root. user: docker password: docker 74 | useradd --create-home docker && \ 75 | echo -e "docker\ndocker" | passwd docker && \ 76 | 77 | # Allow passwordedless sudo for now but we will remove it later. 78 | pacman --noconfirm -S sudo && \ 79 | echo "docker ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers && \ 80 | 81 | # Replace texinfo with a fake textinfo so we can remove Perl 82 | 83 | pacman --noconfirm -S wget file patch binutils gcc autoconf make fakeroot && \ 84 | # runuser -l docker -c "yaourt --noconfirm -Rdd texinfo" && \ 85 | # runuser -l docker -c "yaourt --noconfirm -S texinfo-fake" && \ 86 | 87 | # Install localepurge 88 | runuser -l docker -c "yaourt --noconfirm -S localepurge" && \ 89 | 90 | # Configure localepurge 91 | sed -i "s/NEEDSCONFIGFIRST/#NEEDSCONFIGFIRST/" /etc/locale.nopurge && \ 92 | sed -i "s/#DONTBOTHERNEWLOCALE/DONTBOTHERNEWLOCALE/" /etc/locale.nopurge && \ 93 | 94 | # Reinstall openssl without a Perl dependency (This really isn't needed. Seriously) 95 | # Patch makepkg so we can run as it as root. 96 | # sed -i 's/EUID == 0/EUID == -1/' /usr/bin/makepkg && \ 97 | # wget --content-disposition "https://git.archlinux.org/svntogit/packages.git/plain/trunk/ssl3-test-failure.patch?h=packages/openssl" && \ 98 | # wget --content-disposition "https://git.archlinux.org/svntogit/packages.git/plain/trunk/ca-dir.patch?h=packages/openssl" && \ 99 | # wget --content-disposition "https://git.archlinux.org/svntogit/packages.git/plain/trunk/no-rpath.patch?h=packages/openssl" && \ 100 | # wget --content-disposition "https://git.archlinux.org/svntogit/packages.git/plain/trunk/PKGBUILD?h=packages/openssl" && \ 101 | # sed -i "s/depends=('perl')/depends=('pacman')/" PKGBUILD && \ 102 | # sed -i "s/make test//" PKGBUILD && \ 103 | # makepkg --noconfirm -si --skippgpcheck && \ 104 | 105 | # Unpatch makepkg 106 | # sed -i 's/EUID == -1/EUID == 0/' /usr/bin/makepkg && \ 107 | 108 | # Remove stuff we used for compliling packages since huge (219 mB) 109 | pacman --noconfirm -Runs \ 110 | binutils \ 111 | gcc \ 112 | make \ 113 | autoconf \ 114 | # perl \ 115 | yaourt \ 116 | diffutils \ 117 | 118 | # Remove other stuff 119 | gzip \ 120 | # wget \ 121 | # file \ 122 | # patch \ 123 | sudo \ 124 | gettext \ 125 | less \ 126 | sysfsutils \ 127 | which \ 128 | git \ 129 | 130 | # (7.1MB) Iproute2 and iptables 131 | iproute2 \ 132 | 133 | # (1.76MB) Utilities for monitoring your system and its processes 134 | procps-ng \ 135 | 136 | # .73 MB 137 | iputils && \ 138 | 139 | # Remove stuff that still needs subitems 140 | pacman --noconfirm -R \ 141 | util-linux \ 142 | fakeroot \ 143 | shadow && \ 144 | 145 | 146 | # Remove ducktape & shim & leftover mirrorstatus. 147 | # rm -r /.ducktape /.shim && \ 148 | rm /tmp/.root.mirrorstatus.json && \ 149 | 150 | ########################################################################## 151 | # CLEAN UP SECTION - THIS GOES AT THE END # 152 | ########################################################################## 153 | localepurge && \ 154 | 155 | # Remove info, man and docs 156 | rm -r /usr/share/info/* && \ 157 | rm -r /usr/share/man/* && \ 158 | rm -r /usr/share/doc/* && \ 159 | 160 | # was a bit worried about these at first but I haven't seen an issue yet on them. 161 | rm -r /usr/share/zoneinfo/* && \ 162 | rm -r /usr/share/i18n/* && \ 163 | 164 | # Delete any backup files like /etc/pacman.d/gnupg/pubring.gpg~ 165 | find /. -name "*~" -type f -delete && \ 166 | 167 | # Keep only xterm related profiles in terminfo. 168 | find /usr/share/terminfo/. ! -name "*xterm*" ! -name "*screen*" ! -name "*screen*" -type f -delete && \ 169 | 170 | # Remove anything left in temp. 171 | rm -r /tmp/* && \ 172 | 173 | pacman -S --noconfirm awk && \ 174 | bash -c "echo 'y' | pacman -Scc >/dev/null 2>&1" && \ 175 | paccache -rk0 >/dev/null 2>&1 && \ 176 | pacman-optimize && \ 177 | pacman -Runs --noconfirm gawk tar && \ 178 | rm -r /var/lib/pacman/sync/* 179 | 180 | ######################################################################### 181 | 182 | WORKDIR / 183 | CMD /usr/bin/bash 184 | --------------------------------------------------------------------------------