graphene-manifest – Graphene manifest preprocessor

Synopsis

graphene-manifest [OPTION]… [SOURCE-FILE [OUTPUT-FILE]]

Description

graphene-manifest is used to preprocess manifests for Graphene using Jinja markup.

Command line arguments

--define <key>=<value>, -D <key>=<value>

Have a variable available in the template.

Functions and constants available in templates

graphene.libos

Path to libsysdb.so.

graphene.runtimedir([libc])

The path to runtime directory with patched libc. The default libc is 'glibc'.

python.stdlib

stdlib installation path from sysconfig module

python.platstdlib

platstdlib installation path from sysconfig module

python.purelib

purelib installation path from sysconfig module

python.distlib

On Debian systems, this is /usr/lib/python3/dist-packages.

python.get_path(...)

sysconfig.get_path

python.get_paths(...)

sysconfig.get_paths

python.implementation

sys.implementation

env.[ENVVAR]

The content of $ENVVAR environment variable.

ldd(*executables)

List of libraries which are linked from executables. Each library is provided at most once.

Example

manifest.template:

loader.preload = "file:{{ graphene.libos }}"
libos.entrypoint = "file:{{ entrypoint }}"
loader.env.LD_LIBRARY_PATH = "/lib:{{ arch_libdir }}:/usr{{ arch_libdir }}"

[fs.mount.runtime]
type = "chroot"
path = "/lib"
uri = "file:{{ graphene.runtimedir() }}"

[sgx.trusted_files]
entrypoint = "file:{{ entrypoint }}"
runtime = "file:{{ graphene.runtimedir() }}/"

Makefile:

%.manifest: manifest.template
   graphene-manifest \
      -Dentrypoint=$(ENTRYPOINT) \
      -Darch_libdir=$(ARCH_LIBDIR) \
      $< $@