Update installation instructions

Signed-off-by: h-vetinari <h.vetinari@gmx.com>

1 files changed, 136 insertions, 62 deletions

diff --git a/install.md b/install.md
index bd7f326c3..82dd4c36a 100644
--- a/install.md
+++ b/install.md
@@ -8,7 +8,7 @@
 sudo pacman -S podman
 ```
 
-If you have problems when running podman in [rootless](README.md#rootless) mode follow [these instructions](https://wiki.archlinux.org/index.php/Linux_Containers#Enable_support_to_run_unprivileged_containers_(optional))
+If you have problems when running Podman in [rootless](README.md#rootless) mode follow the instructions [here](https://wiki.archlinux.org/index.php/Linux_Containers#Enable_support_to_run_unprivileged_containers_(optional))
 
 #### [Fedora](https://www.fedoraproject.org), [CentOS](https://www.centos.org)
 
@@ -16,7 +16,6 @@ If you have problems when running podman in [rootless](README.md#rootless) mode
 sudo yum -y install podman
 ```
 
-
 #### [Fedora-CoreOS](https://coreos.fedoraproject.org), [Fedora SilverBlue](https://silverblue.fedoraproject.org)
 
 Built-in, no need to install
@@ -39,7 +38,7 @@ Built-in, no need to install
 
 #### [RHEL7](https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux)
 
-Subscribe, then enable Extras channel and install podman.
+Subscribe, then enable Extras channel and install Podman.
 
 ```bash
 sudo subscription-manager repos --enable=rhel-7-server-extras-rpms
@@ -53,8 +52,12 @@ sudo yum module enable -y container-tools:1.0
 sudo yum module install -y container-tools:1.0
 ```
 
+### Installing development versions of Podman
+
 #### [Ubuntu](https://www.ubuntu.com)
 
+The latest builds are available in a PPA. Take note of the [Build and Run Dependencies](#build-and-run-dependencies) listed below if you run into any issues.
+
 ```bash
 sudo apt-get update -qq
 sudo apt-get install -qq -y software-properties-common uidmap
@@ -63,25 +66,20 @@ sudo apt-get update -qq
 sudo apt-get -qq -y install podman
 ```
 
-Take note of the [Build and Run Dependencies](#build-and-run-dependencies) listed below if you run into any issues.
-
-## Building from scratch
+#### Fedora
 
-### Prerequisites
+You can test the very latest Podman in Fedora's `updates-testing`
+repository before it goes out to all Fedora users.
 
-#### runc installed
-
-The latest version of `runc` is expected to be installed on the system. It is picked up as the default runtime by podman.
-
-#### conmon installed
-
-The latest version of `conmon` is expected to be installed on the system. Conmon is used to monitor OCI Runtimes.
+```console
+sudo yum distro-sync --enablerepo=updates-testing podman
+```
 
-#### Setup CNI networking
+If you use a newer Podman package from Fedora's `updates-testing`, we would
+appreciate your `+1` feedback in [Bodhi, Fedora's update management
+system](https://bodhi.fedoraproject.org/updates/?packages=podman).
 
-A proper description of setting up CNI networking is given in the [`cni` README](cni/README.md).
-But the gist is that you need to have some basic network configurations enabled and
-CNI plugins installed on your system.
+## Building from scratch
 
 ### Build and Run Dependencies
 
@@ -90,7 +88,7 @@ CNI plugins installed on your system.
 Fedora, CentOS, RHEL, and related distributions:
 
 ```bash
-yum install -y \
+sudo yum install -y \
   atomic-registries \
   btrfs-progs-devel \
   conmon \
@@ -118,42 +116,133 @@ yum install -y \
 Debian, Ubuntu, and related distributions:
 
 ```bash
-apt-get install -y \
+sudo apt-get install \
   btrfs-tools \
   git \
   golang-go \
   go-md2man \
   iptables \
   libassuan-dev \
+  libc6-dev \
   libdevmapper-dev \
   libglib2.0-dev \
-  libc6-dev \
-  libgpgme11-dev \
+  libgpgme-dev \
   libgpg-error-dev \
+  libostree-dev \
   libprotobuf-dev \
   libprotobuf-c0-dev \
   libseccomp-dev \
   libselinux1-dev \
+  libsystemd-dev \
   pkg-config \
+  runc \
   uidmap
 ```
 
-Debian, Ubuntu, and related distributions will also need to do the following setup:
+### Building missing dependencies
 
- * A copy of the development libraries for `ostree`, either in the form of the `libostree-dev` package from the [flatpak](https://launchpad.net/~alexlarsson/+archive/ubuntu/flatpak) PPA, or built [from source](https://github.com/ostreedev/ostree) (more on that [here](https://ostree.readthedocs.io/en/latest/#building)). As of Ubuntu 18.04, `libostree-dev` is available in the main repositories, and the PPA is no longer required.
- * [Add required configuration files](https://github.com/containers/libpod/blob/master/docs/tutorials/podman_tutorial.md#adding-required-configuration-files)
- * Install conmon, CNI plugins and runc
-   * [Install conmon](https://github.com/containers/libpod/blob/master/docs/tutorials/podman_tutorial.md#building-and-installing-conmon)
-   * [Install CNI plugins](https://github.com/containers/libpod/blob/master/docs/tutorials/podman_tutorial.md#installing-cni-plugins)
-   * [runc Installation](https://github.com/containers/libpod/blob/master/docs/tutorials/podman_tutorial.md#installing-runc) - Although installable, the latest runc is not available in the Ubuntu repos. Version 1.0.0-rc4 is the minimal requirement.
+If any dependencies cannot be installed or are not sufficiently current, they have to be built from source.
+This will mainly affect Debian, Ubuntu, and related distributions, or RHEL where no subscription is active (e.g. Cloud VMs).
 
-**NOTE**
+#### ostree
 
-If using an older release or a long-term support release, be careful to double-check that the version of `runc` is new enough (running `runc --version` should produce `spec: 1.0.0`), or else [build](https://github.com/containers/libpod/blob/master/docs/tutorials/podman_tutorial.md#installing-runc) your own.
+A copy of the development libraries for `ostree` is necessary, either in the form of the `libostree-dev` package
+from the [flatpak](https://launchpad.net/~alexlarsson/+archive/ubuntu/flatpak) PPA,
+or built [from source](https://github.com/ostreedev/ostree/blob/master/docs/contributing-tutorial.md)
+(see also [here](https://ostree.readthedocs.io/en/latest/#building)). As of Ubuntu 18.04, `libostree-dev` is available in the main repositories,
+and the PPA is no longer required.
 
-Be careful to double-check that the version of golang is new enough, version 1.10.x or higher is required.  If needed, golang kits are available at https://golang.org/dl/
+To build, use the following (running `make` can take a while):
+```bash
+git clone https://github.com/ostreedev/ostree ~/ostree
+cd ~/ostree
+git submodule update --init
+# for Fedora, CentOS, RHEL
+sudo yum install -y automake bison e2fsprogs-devel fuse-devel libtool xz-devel zlib-devel
+# for Debian, Ubuntu etc.
+sudo apt-get install -y automake bison e2fsprogs fuse liblzma-dev libtool zlib1g
+
+./autogen.sh --prefix=/usr --libdir=/usr/lib64 --sysconfdir=/etc
+# remove --nonet option due to https:/github.com/ostreedev/ostree/issues/1374
+sed -i '/.*--nonet.*/d' ./Makefile-man.am
+make
+sudo make install
+```
+
+#### golang
+
+Be careful to double-check that the version of golang is new enough (i.e. `go version`), version 1.10.x or higher is required.
+If needed, golang kits are available at https://golang.org/dl/. Alternatively, go can be built from source as follows
+(it's helpful to leave the system-go installed, to avoid having to [bootstrap go](https://golang.org/doc/install/source):
+
+```bash
+export GOPATH=~/go
+git clone https://go.googlesource.com/go $GOPATH
+cd $GOPATH
+git checkout tags/go1.10.8  # optional
+cd src
+./all.bash
+export PATH=$GOPATH/bin:$PATH
+```
 
-**Optional**
+#### conmon
+
+The latest version of `conmon` is expected to be installed on the system. Conmon is used to monitor OCI Runtimes.
+To build from source, use the following (if not already executed above, run `export GOPATH=~/go && mkdir -p $GOPATH`):
+
+```bash
+git clone https://github.com/cri-o/cri-o $GOPATH/src/github.com/cri-o/cri-o
+cd $GOPATH/src/github.com/cri-o/cri-o
+mkdir bin
+make bin/conmon
+sudo install -D -m 755 bin/conmon /usr/libexec/podman/conmon
+```
+
+#### runc
+
+The latest version of `runc` is expected to be installed on the system. It is picked up as the default runtime by Podman.
+Version 1.0.0-rc4 is the minimal requirement, which is available in Ubuntu 18.04 already.
+To double-check, `runc --version` should produce at least `spec: 1.0.1`, otherwise build your own:
+
+```bash
+git clone https://github.com/opencontainers/runc.git $GOPATH/src/github.com/opencontainers/runc
+cd $GOPATH/src/github.com/opencontainers/runc
+make BUILDTAGS="selinux seccomp"
+sudo cp runc /usr/bin/runc
+```
+
+#### CNI plugins
+
+```bash
+git clone https://github.com/containernetworking/plugins.git $GOPATH/src/github.com/containernetworking/plugins
+cd $GOPATH/src/github.com/containernetworking/plugins
+./build_linux.sh
+sudo mkdir -p /usr/libexec/cni
+sudo cp bin/* /usr/libexec/cni
+```
+
+#### Setup CNI networking
+
+A proper description of setting up CNI networking is given in the [`cni` README](cni/README.md).
+
+Using the CNI plugins from above, a more basic network config is achieved with:
+
+```bash
+mkdir -p /etc/cni/net.d
+curl -qsSL https://raw.githubusercontent.com/containers/libpod/master/cni/87-podman-bridge.conflist | sudo tee /etc/cni/net.d/99-loopback.conf
+```
+
+
+#### Add configuration
+
+```bash
+sudo mkdir -p /etc/containers
+sudo curl https://raw.githubusercontent.com/projectatomic/registries/master/registries.fedora -o /etc/containers/registries.conf
+sudo curl https://raw.githubusercontent.com/containers/skopeo/master/default-policy.json -o /etc/containers/policy.json
+```
+
+
+#### Optional packages
 
 Fedora, CentOS, RHEL, and related distributions:
 
@@ -168,53 +257,38 @@ apt-get install -y \
 
 ### Get Source Code
 
-As with other Go projects, PODMAN must be cloned into a directory structure like:
+As with other Go projects, Podman must be cloned into a directory structure like:
 
 ```
 GOPATH
 └── src
     └── github.com
-	└── containers
-	    └── libpod
-```
-
-First, configure a `GOPATH` (if you are using go1.8 or later, this defaults to `~/go`)
-and then add $GOPATH/bin to your $PATH environment variable.
-
-```bash
-export GOPATH=~/go
-mkdir -p $GOPATH
-export PATH=$PATH:$GOPATH/bin
+        └── containers
+            └── libpod
 ```
 
-Next, clone the source code using:
+First, ensure that the go version that is found first on the $PATH (in case you built your own; see [above](#golang)) is sufficiently recent -
+`go version` must be higher than 1.10.x). Then we can finally build Podman (assuming we already have a `$GOPATH` and the corresponding folder,
+`export GOPATH=~/go && mkdir -p $GOPATH`):
 
 ```bash
-mkdir -p $GOPATH/src/github.com/containers
-cd $_ # or cd $GOPATH/src/github.com/containers
-git clone https://github.com/containers/libpod # or your fork
-cd libpod
+git clone https://github.com/containers/libpod/ $GOPATH/src/github.com/containers/libpod
+cd $GOPATH/src/github.com/containers/libpod
+make BUILDTAGS="selinux seccomp"
+sudo make install PREFIX=
 ```
 
-### Build
-
-```bash
-make install.tools
-make
-sudo make install
-```
+#### Build Tags
 
-Otherwise, if you do not want to build `podman` with seccomp support you can add `BUILDTAGS=""` when running make.
+Otherwise, if you do not want to build Podman with seccomp or selinux support you can add `BUILDTAGS=""` when running make.
 
 ```bash
 make BUILDTAGS=""
 sudo make install
 ```
 
-#### Build Tags
-
-`podman` supports optional build tags for compiling support of various features.
-To add build tags to the make option the `BUILDTAGS` variable must be set.
+Podman supports optional build tags for compiling support of various features.
+To add build tags to the make option the `BUILDTAGS` variable must be set, for example:
 
 ```bash
 make BUILDTAGS='seccomp apparmor'