1

I have a maven project where I'm building a docker image (using the fabric8 docker-maven-plugin).

As part of the build, I want to compile a simple C class:

#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <unistd.h>

int main()
{
    setuid( 0 );
    system( "/usr/sbin/update-ca-certificates");
    return 0;
}

into a binary that will be copied into the Docker image during the maven build.

What's the best way to do this? I know of at least a couple of maven plugins, but not sure which I should use, and what options I need? The maven build could be running on Windows, Linux or Mac, but the resulting binary will only be executed on Linux (Opensuse).

https://www.mojohaus.org/maven-native/native-maven-plugin/

https://github.com/maven-nar/nar-maven-plugin

For example, the above 2 plugins seem to require the <packaging>so</packaging> or <packaging>nar</packaging> element at the top level of the pom.xml, but my pom.xml already has a <packaging>pom</packaging>? Should the above plugins maybe go into a maven submodule project in their own pom.xml?

rmf
  • 625
  • 2
  • 9
  • 39
  • 3
    Why are you making this as a C program when it could be just a simple command or at worst a shell script? – Some programmer dude May 28 '21 at 10:53
  • 1
    Maven is intended for Building/packaging etc. of Java code but not for C code I strongly recommend not to do such things. The question is why do you need a C program to call things like that? Can be done during the docker image creation without the need for compiling things etc. Need more details and context. – khmarbaise May 28 '21 at 11:03
  • @Someprogrammerdude It is a binary and not a script because the setuid flag will be set on it, and the setuid flag has no effect on scripts: https://unix.stackexchange.com/a/369 – rmf May 28 '21 at 11:44

0 Answers0