Created
March 29, 2025 13:31
-
-
Save jpcercal/e3954dffc5c0390f58ca147e0eceaa40 to your computer and use it in GitHub Desktop.
Build "dig" for aarch64 (tested on Asus Router RT-BE88U) using MUSL leveraging docker to do so
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # How to run it? | |
| # | |
| # Create a file on the current directory named "Dockerfile.bind-tools", and place | |
| # the entire content of this gist onto it, save, and run the following: | |
| # | |
| # rm -Rf ./dig && \ | |
| # docker build -f Dockerfile.bind-tools -t dig-static-builder . && \ | |
| # docker run --rm -v "$PWD:/out" dig-static-builder /bin/sh -c "cp /dig /out/dig" && \ | |
| # echo "\n\n\nldd ./dig" && \ | |
| # docker run --rm -v "$PWD:/work" -w /work --platform linux/arm64 alpine ldd ./dig && \ | |
| # echo "\n\n\nfile ./dig" && \ | |
| # file ./dig && \ | |
| # echo "\n\n" | |
| # | |
| # The command above will then create a file on the current folder named "./dig", | |
| # that can then be transferred to the target platform. | |
| # | |
| # The final binary created runs successfully on the Asus Router RT-BE88U | |
| FROM alpine:3.19 AS build | |
| WORKDIR /build | |
| # --- Install build tools and static dependencies --- | |
| RUN apk add --no-cache \ | |
| build-base \ | |
| musl-dev \ | |
| linux-headers \ | |
| autoconf \ | |
| automake \ | |
| libtool \ | |
| m4 \ | |
| bison \ | |
| flex \ | |
| wget \ | |
| tar \ | |
| xz \ | |
| bash \ | |
| python3 \ | |
| py3-pip \ | |
| py3-ply \ | |
| git \ | |
| zlib-dev \ | |
| zlib-static | |
| # --- Build OpenSSL statically --- | |
| WORKDIR /build/openssl | |
| RUN wget https://www.openssl.org/source/openssl-1.1.1w.tar.gz && \ | |
| tar -xzf openssl-1.1.1w.tar.gz && \ | |
| cd openssl-1.1.1w && \ | |
| ./Configure linux-aarch64 no-shared no-dso --prefix=/usr/local/ssl && \ | |
| make -j$(nproc) && \ | |
| make install_sw | |
| # --- Download and extract BIND --- | |
| WORKDIR /build | |
| RUN wget https://ftp.isc.org/isc/bind9/9.11.36/bind-9.11.36.tar.gz && \ | |
| tar -xzf bind-9.11.36.tar.gz | |
| WORKDIR /build/bind-9.11.36 | |
| # --- Set static flags (do NOT override CC) --- | |
| ENV CFLAGS="-static -no-pie -fPIC -I/usr/local/ssl/include -I/usr/include" | |
| ENV LDFLAGS="-static -no-pie -L/usr/local/ssl/lib -L/usr/lib" | |
| # --- Configure everything for static build --- | |
| RUN ./configure \ | |
| --disable-shared \ | |
| --enable-static \ | |
| --without-python \ | |
| --without-libxml2 \ | |
| --disable-threads \ | |
| --disable-linux-caps \ | |
| --disable-symtable \ | |
| --disable-dnstap \ | |
| --with-openssl=/usr/local/ssl \ | |
| --with-zlib | |
| # --- Let BIND build everything it needs (including config.h, headers, etc) --- | |
| RUN make -j$(nproc) | |
| # --- Strip the resulting dig binary --- | |
| RUN strip bin/dig/dig | |
| # --- Final stage: just dig in BusyBox --- | |
| FROM busybox:uclibc | |
| COPY --from=build /build/bind-9.11.36/bin/dig/dig /dig |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment