From f0d1278458d7bce36c68bd96caedf0efad34a631 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9mi=20Bernon?= <rbernon@codeweavers.com>
Date: Tue, 12 Jan 2021 14:08:43 +0100
Subject: [PATCH] build: Don't use priviledged / init docker.

Images already embed tini to pass kill signals.
---
 build/makefile_base.mak | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/build/makefile_base.mak b/build/makefile_base.mak
index 6299ec51..2a68bd4a 100644
--- a/build/makefile_base.mak
+++ b/build/makefile_base.mak
@@ -64,12 +64,11 @@ cc-option = $(shell if test -z "`echo 'void*p=1;' | \
               then echo "$(2)"; else echo "$(3)"; fi ;)
 
 # Selected container mode shell
-DOCKER_BASE = docker run --rm --init --privileged --cap-add=SYS_ADMIN --security-opt apparmor:unconfined \
+DOCKER_BASE = docker run --rm -e HOME -e USER -e USERID=$(shell id -u) -u $(shell id -u):$(shell id -g) \
                                     -v $(HOME):$(HOME) -v /tmp:/tmp \
-                                    -v /etc/passwd:/etc/passwd:ro -v /etc/group:/etc/group:ro  -v /etc/shadow:/etc/shadow:ro \
-                                    -w $(CURDIR) -e HOME=$(HOME) -e PATH=$(PATH) $(DOCKER_CCACHE_FLAG) -u $(shell id -u):$(shell id -g) -h $(shell hostname) \
+                                    -w $(CURDIR) -e PATH=$(PATH) $(DOCKER_CCACHE_FLAG) \
                                     $(DOCKER_OPTS) \
-                                    $(STEAMRT_IMAGE) /sbin/docker-init -sg --
+                                    $(STEAMRT_IMAGE)
 
 STEAMRT_NAME ?= soldier
 ifeq ($(STEAMRT_NAME),soldier)