Alpine Build

[hosom]

I've been trying out Stenographer on Alpine and have some notes that I wanted to share (in addition to possibly adding a few pull requests in the near future to help handle the easier ones).

Extra Packages Required

apk add libaio-dev leveldb-dev snappy-dev g++ \
make libcap libseccomp-dev jq openssl go libunwind-dev argp-standalone bash curl

Note: libunwind-dev, argp-standalone, and bash are not required on other platforms.

Unwind provides execinfo for backtrace information. Argp-standalone provides functions included in glibc but not included in musl. Bash is required because a number of the scripts distributed with stenographer require it to function.

A number of these packages are not available in the main repository and you must install the community and testing repositories to install them.

seccomp sandboxing

So far, I have been unable to get seccomp functioning with Alpine. I'm not sure what's missing, since I haven't had the time to troubleshoot. For now it is running with --seccomp=none as an argument for stenotype.

service script

These are simple to write, but slightly different from upstart and systemd.

#!/sbin/openrc-run

name=$RC_SVCNAME
description="Stenographer - packet capture to disk."
command="/usr/bin/stenographer"
command_args=" "
command_user="stenographer"
command_background="yes"
pidfile="/var/run/stenographer.pid"
rc_ulimit="-n 1000000"

depend() {
    need net
}

stop_post() {
    /usr/bin/pkill -9 stenotype
}

Start on boot

rc-update add stenographer default

Setting ulimits

While it is always good to declare ulimits in /etc/security/limits.d/stenographer.conf, this will do absolutely nothing for modifying a service's ulimit in Alpine. You'll need to modify the ulimit in the rc configuration file (this is already done above, but called out for awareness) using the rc_ulimit argument.