Hello,
I've been investigating some bugs related to the seccomp sandbox. While doing this, I've developed some docker containers that can run tor with different versions of glibc. As this might be useful for future problems, I wanted to share them.
You can find the containers in my github repository: https://github.com/Jigsaw52/docker-containers-glibc-tor
I've created containers for the currently supported versions of Ubuntu and Debian. Each container builds the glibc versions with which I was able to start the tor built on that container. They also download and build tor from the current master branch and create a test torrc which enables Sandbox and %includes folders and files in the home folder of user user. There is also a container for alpine to test tor with musl libc.
To run a program with a specific version of glibc, use the command: run_with_glibc <GLIBC_VERSION> <PROGRAM_PATH> [<ARGS>]
You can see which glibc versions are installed in /opt/ or in the dockerfile. On the root user home folder, you will find a script install_glibc.sh that will download and build the glibc versions passed as arguments. The script supports glibc 2.13 and above. If you need to build versions of glibc before 2.13, the following page will be helpful: https://www.lordaro.co.uk/posts/2018-08-26-compiling-glibc.htm
Even though we can build glibc 2.13, even the oldest containers (Debian 8 and Ubuntu 14.04) are only able to run tor with starting with glibc 2.17. This is because the tor binary built in the container (using the container system glibc) requires symbols for glibc 2.17. According to this page (https://gist.github.com/wagenet/35adca1a032cec2999d47b6c40aa45b1) this provides coverage for the glibc versions present in the supported versions of the top 10 Linux distros, except for CentOS 6.10 which EOLs in November. Two containers (Ubuntu 14.04 and 18.04 or Debian 8 and Debian 10) are enough to cover the glibc versions from 2.17 to 2.31.
Best regards,