summaryrefslogtreecommitdiff
path: root/app-containers
diff options
context:
space:
mode:
authorV3n3RiX <venerix@koprulu.sector>2023-07-25 22:29:02 +0100
committerV3n3RiX <venerix@koprulu.sector>2023-07-25 22:29:02 +0100
commit240b57012ace855bbfd9934b07642416ceeeb5b8 (patch)
treef73ef3c4e5df8a1c5ca8d47177cb034006e0ac09 /app-containers
parent5c636a121a9064a4373d06b60d49a6f5d67c0e2f (diff)
gentoo auto-resync : 25:07:2023 - 22:29:01
Diffstat (limited to 'app-containers')
-rw-r--r--app-containers/Manifest.gzbin7701 -> 7710 bytes
-rw-r--r--app-containers/cni-plugins/Manifest2
-rw-r--r--app-containers/cni-plugins/cni-plugins-1.3.0.ebuild37
-rw-r--r--app-containers/containerd/Manifest4
-rw-r--r--app-containers/containerd/containerd-1.7.2.ebuild (renamed from app-containers/containerd/containerd-1.6.19.ebuild)7
-rw-r--r--app-containers/distrobox/Manifest2
-rw-r--r--app-containers/distrobox/distrobox-1.5.0.2.ebuild2
-rw-r--r--app-containers/docker-cli/Manifest7
-rw-r--r--app-containers/docker-cli/docker-cli-23.0.3.ebuild70
-rw-r--r--app-containers/docker-cli/docker-cli-24.0.4-r1.ebuild74
-rw-r--r--app-containers/docker-cli/files/docker-cli-24.0.4-vendor.patch78
-rw-r--r--app-containers/docker/Manifest9
-rw-r--r--app-containers/docker/docker-23.0.3.ebuild340
-rw-r--r--app-containers/docker/docker-23.0.4.ebuild340
-rw-r--r--app-containers/docker/docker-24.0.4-r2.ebuild331
-rw-r--r--app-containers/docker/files/docker-24.0.4-client-define-a-dummy-hostname-for-local-connections.patch290
-rw-r--r--app-containers/docker/metadata.xml4
-rw-r--r--app-containers/runc/Manifest2
-rw-r--r--app-containers/runc/runc-1.1.4.ebuild78
19 files changed, 48 insertions, 1629 deletions
diff --git a/app-containers/Manifest.gz b/app-containers/Manifest.gz
index a031f94ac084..84aca98feaad 100644
--- a/app-containers/Manifest.gz
+++ b/app-containers/Manifest.gz
Binary files differ
diff --git a/app-containers/cni-plugins/Manifest b/app-containers/cni-plugins/Manifest
index 54e6f1671df1..5735ebf85470 100644
--- a/app-containers/cni-plugins/Manifest
+++ b/app-containers/cni-plugins/Manifest
@@ -2,8 +2,10 @@ AUX cni-dhcp.initd 376 BLAKE2B 5fe40f28773ffbb12416b40e3813578d28787e9ee26ec4a62
DIST cni-plugins-0.9.1.tar.gz 2703099 BLAKE2B 878f476e62f12020b39d33a79723fe246b34d80705d3a336573401743392adca9a57b196d6d191b4a6f281110f47ecbb1525aacd91cd488bea61c7aaed12a6ef SHA512 24e8fcedbff2ae7a83aa96085b546b164de6a0884d593e3b5386e9d2de3c4d9a215db9e9405332020cc45c371709a32b600e263e4f8dee62c51adafdc0180f24
DIST cni-plugins-1.1.1.tar.gz 3076064 BLAKE2B 2fd70260995e423d2b4ac3a8d2135074baffe5d36177d5e1e5a9ce146f6d2ecfeb3b843de62e43f863085ff965be4160cf5f4cae892d3c59070ef390409ef3c9 SHA512 03da31caee5f9595abf65d4a551984b995bc18c5e97409549f08997c5a6a2b41a8950144f8a5b4f810cb401ddbe312232d2be76ec977acf8108eb490786b1817
DIST cni-plugins-1.2.0.tar.gz 3365015 BLAKE2B 6b487a9c9b240c73510f2bc6aaa4a6c79055e43cacca8204781dbc65d231164fed9f3f68a2a0cead7a41a67bfc9d9e4480b488be26415d368da007559a721b25 SHA512 fb6fb4f46ac1610b3721f5f3a6ddfb096cbf2e5d5b792306edca5351a3944d2f802170d83e5adec01420395bf64fc8a174ede61ac9b93b5ac6b938a4b48651e6
+DIST cni-plugins-1.3.0.tar.gz 3684138 BLAKE2B c5599f1d8ac3bffb802877ae8c49024a9dea1940923316e534397a8dc7e467f6fe3ceef514a41522611a8f06c4f4ba0788105081e68a4712e2eefade33226c7b SHA512 87e186b3cd64f66280f5b2293dcdd1fc22cb8f51a248124fb622adc48a893348419ba4c29c4769dede4d9e60f2e9fea5d4198f10badb4ecd20a1551e0b344e10
EBUILD cni-plugins-0.9.1.ebuild 948 BLAKE2B 340be886eb779358a8a7f6fe7a94bbc45dd53e51b65f729bfc1eb614e2a8e7db1b7b19622b75b8fb382882ce6d4915ab1b9a3282b7cc76de7efbfd07cea40fc6 SHA512 0a25abd6833e459576afdc3174afe57491a86b5eff6aba6d718db439af1acd983ccc769619448683ae42b57a561a785599146a9f6423dbae7395c625819739cd
EBUILD cni-plugins-1.1.1-r1.ebuild 1119 BLAKE2B cdff1f61f07687a78b846e69766519f53b6f06f1624c13835658d430ce74710959db3a50c6f8d893855d02d91c841c75b7caed6d49b128a5f3ff931fa92cbfa1 SHA512 8e4493e5720ba4726285b7aaf90c55378b163256c7c92bd64e029f8dadd1b2327dfeaa06bb8d44ff9e3c099c82fc867845dfa3050d49a436b47a14f06c27f372
EBUILD cni-plugins-1.1.1.ebuild 1026 BLAKE2B 43b5cfb19b0f5413ae5a34168c29746cd9994a29f75b062189ce7b21fca28c504509a7778f302355d6ab9feb4717111a78adefd93a5a401fedb439f9c16c29bb SHA512 8a177cfb045ccb108abde16e90f61bda39bec7227e9161e8957f37c8049004cad4628b5dcc82bb98e789f56856d38e9c27628a57d473b4ad843329072470362d
EBUILD cni-plugins-1.2.0.ebuild 1119 BLAKE2B f5534fbe2d24ffb0b24c860ff713a9dd81d2db48b39561a812f98cce7da45c096d6af879e4f199d64e7c39fe4997bdec6d130c44c6c33b71b7374f7bc2798a02 SHA512 a5c49edd662f1a8fd2b4826bdefe56aa5a1de78e40ac0fd3154b4b014e4b7319b936959b10f41e6ce298340f14cf591f66bb98f105b1d2628c11d91246e950bd
+EBUILD cni-plugins-1.3.0.ebuild 1119 BLAKE2B f5534fbe2d24ffb0b24c860ff713a9dd81d2db48b39561a812f98cce7da45c096d6af879e4f199d64e7c39fe4997bdec6d130c44c6c33b71b7374f7bc2798a02 SHA512 a5c49edd662f1a8fd2b4826bdefe56aa5a1de78e40ac0fd3154b4b014e4b7319b936959b10f41e6ce298340f14cf591f66bb98f105b1d2628c11d91246e950bd
MISC metadata.xml 351 BLAKE2B 3565fe13764f828aed1288724a2939be57e523e0d0a9ccf3c091715e6f1e102155a7fa28191a3c87d669d51a0fa087a89587d83fe6c4747d5d9b31da11c1578c SHA512 6cfe3058d20387245c2f4823c7629d464115783e3c9ed1e45769d6e13f2f35f94656c66c0b1572f8eb229e6bf43510dbc35d117d6a3379e15b5b6ababc077856
diff --git a/app-containers/cni-plugins/cni-plugins-1.3.0.ebuild b/app-containers/cni-plugins/cni-plugins-1.3.0.ebuild
new file mode 100644
index 000000000000..b21d3a20952c
--- /dev/null
+++ b/app-containers/cni-plugins/cni-plugins-1.3.0.ebuild
@@ -0,0 +1,37 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+inherit go-module linux-info systemd
+
+DESCRIPTION="Standard networking plugins for container networking"
+HOMEPAGE="https://github.com/containernetworking/plugins"
+SRC_URI="https://github.com/containernetworking/plugins/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="Apache-2.0"
+SLOT="0"
+KEYWORDS="~amd64 ~arm64 ~ppc64 ~riscv"
+IUSE="hardened"
+
+RDEPEND="net-firewall/iptables"
+
+CONFIG_CHECK="~BRIDGE_VLAN_FILTERING ~NETFILTER_XT_MATCH_COMMENT
+ ~NETFILTER_XT_MATCH_MULTIPORT"
+
+S="${WORKDIR}/plugins-${PV}"
+
+src_compile() {
+ CGO_LDFLAGS="$(usex hardened '-fno-PIC ' '')" ./build_linux.sh || die
+}
+
+src_install() {
+ exeinto /opt/cni/bin
+ doexe bin/*
+ dodoc README.md
+ local i
+ for i in plugins/{meta/{bandwidth,firewall,flannel,portmap,sbr,tuning},main/{bridge,host-device,ipvlan,loopback,macvlan,ptp,vlan},ipam/{dhcp,host-local,static},sample}; do
+ newdoc README.md ${i##*/}.README.md
+ done
+ systemd_dounit plugins/ipam/dhcp/systemd/cni-dhcp.{service,socket}
+ newinitd "${FILESDIR}"/cni-dhcp.initd cni-dhcp
+}
diff --git a/app-containers/containerd/Manifest b/app-containers/containerd/Manifest
index 8369191f1475..9dad3a5f5ada 100644
--- a/app-containers/containerd/Manifest
+++ b/app-containers/containerd/Manifest
@@ -1,7 +1,7 @@
AUX containerd.confd 124 BLAKE2B 25f72941a47374fa0de3a2dce3d8ca57420f013a0d7527e59697499490ed964b7606819c6d67b9eee1ac6691fa52a65750446d8e46ed9af708d946c24e86704b SHA512 66d891b0d2a541fee2017382ccbea6ea3f93d94c4ff15e1d8626ed84d3d7c0231b0939b2473804d41ac3ad2714267255347d1c671e1d99952d484a8b555948be
AUX containerd.initd 794 BLAKE2B 88a1976615e4e9d67c10ed3748aadd74ae13ef4cf004bb5b5d45216275715e3acffa8c0c98309d81298795ac007bde02d2f3afd466c7c54e58012a12f156198f SHA512 f31b088e988beb84ef029992255018561417c0e92803dffe35ec481515e1be79ba4611cc139bb5000b0ac79a437f1a6dec3516d6f9580d4b384f1e0f092d8370
-DIST containerd-1.6.19.tar.gz 8706434 BLAKE2B cd6a85721f0752b6c7c5c098153d581375db6f877e261097a7d74a78dc0957e6beeea38c1aa7c53227ed84e727744811fa38863097cb137b8ba775e1f04fb9b2 SHA512 dca78d472dfbc6fc4d9b0b3a0d0a131d3575163c52e4fe18ea2c6147868b8822c54046c0709974e9b90472b882ba3890ada7f0fcbf31549efffba0d91531886c
DIST containerd-1.7.1.tar.gz 9682254 BLAKE2B f168070caf2b76f0be350a98f41bfdbfe6d78344d68821fb92a29f839a6e847d795e5b79436e36f985aa88028ff1c3f44f134cf6bd502ddac22453a457bd952b SHA512 e9b00ba8f4dd1b5b1088060d3822f684611d43b367ddfeb1bee1660140af85f31e9c9bfc600a67e8fc8645a625dc4e1919d9af7291bdeaa607bff7065a4fc945
-EBUILD containerd-1.6.19.ebuild 1927 BLAKE2B 7131884f709d6703034b75cd03dcd31e8bd7972177b415931fdeb4e2698ae6412e423a7596c1826d4ff3550eab34af98f73d1b19c2ee97498f503cd66a241892 SHA512 4d6f87a38149de29e87e6ee6ce5b54dbee16974138ed9ba8a7a101467dfeaebf58b76f220277fc5b616d45e7f90f5d84303f822e9e5692887724b601d6c6e6dd
+DIST containerd-1.7.2.tar.gz 9688701 BLAKE2B d31cd0e96bb2675390cc63d06114e37d532b7c666b3ffc5b0087dfcef8de23559471f08bf8a52b164c5f645faf1b8102ab2ccdd8ec417a1c74336097f0c3a899 SHA512 c0d4c02991b7e9fc341c4ef3df2d93097f5854a51b99596ed95436a79f7a586820bb8bb7c17fc43b5f38d97ea942e59490fbbf6c9710391ef9caae3d34627bc5
EBUILD containerd-1.7.1-r1.ebuild 1975 BLAKE2B 46d84564110988f1c9a6a76101fbc439237d303dc9bd63c240250b666abbbbad92416cac822c0bf6882fe2ab6f2aac4cdea9a42b0eba67b472a88c24a88c2fe4 SHA512 ba2b77f93c115a57286eecefa4b826c925ccb06ebcd8283b13981548cfd82a2f0b0e9febf147d04eb4f47711cc5ea95ca8017cdf7f4ddfb32b502b8ade0f547d
+EBUILD containerd-1.7.2.ebuild 1978 BLAKE2B d5c26371468150ed09683ea01250b87802e9862cbb5d15556a16488841ff1f98f9f2aaed054bec160a88e3e00291065c13c9c35e1df5be35639910c44c0d376e SHA512 ec53beae6b6365911a164ffca5d9993b22f4c5a68aeaa886705a1be1aa5d965beef59a704f6c9de16e41442b63ba39e81ab52793c2d544c1b0bcc89a03b43213
MISC metadata.xml 1093 BLAKE2B 692497be353e27b92d968142a155b5010a60f60739e1cfc9faeb966033f868c67e18c8feaaf661903266f160742a0c9e3d34485258df3ace9e8982d2ad3602d6 SHA512 18280d46fe79ecbcfd4e3f9cc139103da1fca31b6a5cfafb4c9c30d8b2a559fa30bf71f17f228a96c56506c5e18eb7c1f3340b5428c213be9e2e45e4cf5fc407
diff --git a/app-containers/containerd/containerd-1.6.19.ebuild b/app-containers/containerd/containerd-1.7.2.ebuild
index ae8d1150aa07..498fb8d90a5f 100644
--- a/app-containers/containerd/containerd-1.6.19.ebuild
+++ b/app-containers/containerd/containerd-1.7.2.ebuild
@@ -3,7 +3,7 @@
EAPI=8
inherit go-module systemd
-GIT_REVISION=1e1ea6e986c6c86565bc33d52e34b81b3e2bc71f
+GIT_REVISION=0cae528dd6cb557f7201036e9f43420650207b58
DESCRIPTION="A daemon to control runC"
HOMEPAGE="https://containerd.io/"
@@ -11,7 +11,7 @@ SRC_URI="https://github.com/containerd/containerd/archive/v${PV}.tar.gz -> ${P}.
LICENSE="Apache-2.0"
SLOT="0"
-KEYWORDS="amd64 ~arm arm64 ppc64 ~riscv ~x86"
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86"
IUSE="apparmor btrfs device-mapper +cri hardened +seccomp selinux test"
DEPEND="
@@ -22,7 +22,7 @@ DEPEND="
# recommended version of runc is found in script/setup/runc-version
RDEPEND="
${DEPEND}
- ~app-containers/runc-1.1.4
+ ~app-containers/runc-1.1.7[apparmor?,seccomp?]
"
BDEPEND="
@@ -69,6 +69,7 @@ src_compile() {
}
src_install() {
+ rm "${D}"/bin/gen-manpages
dobin bin/*
doman man/*
newconfd "${FILESDIR}"/${PN}.confd "${PN}"
diff --git a/app-containers/distrobox/Manifest b/app-containers/distrobox/Manifest
index c4d66221111b..94f287d281ea 100644
--- a/app-containers/distrobox/Manifest
+++ b/app-containers/distrobox/Manifest
@@ -1,6 +1,6 @@
DIST distrobox-1.4.2.1.tar.gz 235019 BLAKE2B dd512b183763a2e4c7e2b495bb50cc3fc3d764c48ce902b83e0b543587b60b458c6b9ae937057bfc91860dc415f9ad68fb648cf06faeeb56d0a4c27180e4c2e0 SHA512 d3bc1de91bf33b7ac500c0ae471feb28c9b1efdef6878bf1aed50ef394f69d2d36f99296f0a8182b139d9339558720b891f7dc1249a7f91c883c00bac5597283
DIST distrobox-1.5.0.2.tar.gz 5899915 BLAKE2B 2ab49e09b49dc674e0fdfd2783e4a63f12a9ec954674950c5c6f497500e1b1a6697b7350b7dfd9a246f4d3efe228c7610adde79832b0da13967b88c561186194 SHA512 41f889e8e0c0ce7019d4b1a8c638b8de8260df5c541c4068430580820094ae04b6bd8dd5a6e1a82541daf8c4f5cfed0165dc1a85e01906093d3c1a4d715e23b1
EBUILD distrobox-1.4.2.1.ebuild 722 BLAKE2B 199e4736b0acd141bdc427697b0c43f823c9a8228d0370e56c06100c99e98f1e7234ec38944f2afe937b682eea4a19b0463d0ee404e4e2d57fdc6fba000ad824 SHA512 45dc34339c58d55d2cfc742cd4b1ff9ccf846468ae8edb5930c187b1bc9f13ca89acf34e24f265fdfbd87493fcbc11ef4f021f81d55ae9e8e22e785ecf749a29
-EBUILD distrobox-1.5.0.2.ebuild 723 BLAKE2B 5a7c80037a99b9731d779e5df9257a4c450175f1b936b7d856590f0f29009bbd73f5eb452e1db2ab848c9fc6a4354056d5509e6425df3363cecfbf52451fd436 SHA512 2772e5b244bd9e4758b52ecb916ca3fb06c86adc6db34c9b8970e99360f115dfd292640855159094eb66e58cc3c254db47129edf383ff2ecfccea8b416ebbdbf
+EBUILD distrobox-1.5.0.2.ebuild 734 BLAKE2B dbabe8f458b107b33c71f86ffb59402882a047e5b74012a2b2fede98d36346ed4eca745f185af912e8916812d6360d849db9676347aa06ce2b033c557255633c SHA512 21daa080d77a242ac995c88578253151b67f0a85ea725a157e78611011d5c69a8beb35c96d5bd276191dd2a67e54897664e84af6587d6e9d2ff42097cc71c8cb
EBUILD distrobox-9999.ebuild 723 BLAKE2B 19fdaf771bc7ba3217245b84fd5eccc86285e106671dc44d37ffd94b4827849c68f327d80e91aae35c9ff5dca6f6a575770d96281066c6c27a7e7fde6fb95604 SHA512 ed1ab9ee3115fc409b9e2aefc2cd5063cc76d05e3fac891fe5ddea3dbb527cc576b76ff0f49e30c28e8b32e06a466968ae0b28bfd1f3f00b4613ff340b21dbfa
MISC metadata.xml 957 BLAKE2B a02f57f2c65a9241edbc6a1e99170712ceca000977c2271ba51c5311e7718471585ea791ed8c978a86a961d02450623c05b5f9006d4386be2130df08341b0e49 SHA512 65f455bcfd246a8de0084e1534dc85f09435f1fad2590ba87dda0bed90d8fa976d3fad2142b2006a596e713d3d91f0d3d3156017cebacf9dc7883596edb0740f
diff --git a/app-containers/distrobox/distrobox-1.5.0.2.ebuild b/app-containers/distrobox/distrobox-1.5.0.2.ebuild
index b9fc4f8ee11b..222e12a7952b 100644
--- a/app-containers/distrobox/distrobox-1.5.0.2.ebuild
+++ b/app-containers/distrobox/distrobox-1.5.0.2.ebuild
@@ -13,7 +13,7 @@ if [[ ${PV} == *9999* ]] ; then
else
SRC_URI="https://github.com/89luca89/${PN}/archive/${PV}.tar.gz
-> ${P}.tar.gz"
- KEYWORDS="~amd64 ~x86"
+ KEYWORDS="amd64 ~arm ~arm64 ~x86"
fi
LICENSE="GPL-3" # GPL-3.0-only !
diff --git a/app-containers/docker-cli/Manifest b/app-containers/docker-cli/Manifest
index b1054ad453e1..722b9ae33433 100644
--- a/app-containers/docker-cli/Manifest
+++ b/app-containers/docker-cli/Manifest
@@ -1,11 +1,4 @@
-AUX docker-cli-24.0.4-vendor.patch 3505 BLAKE2B c94237a3dcea1001ab160bcbec83fdc1a504bd0762217538327538d619413e9df40acfdda2d675690b3d53c01373fbcea34ec41bfd780be88d41d4fea8b47f15 SHA512 648d5ca9f3a36c1a25bafb9bdc452e92fe7c4c6e73bf70cb6afdda56e1478e464019fa06652e1bf5b8d0fd40a9e946ffc9672e07a56ec6544b0034a5a74924d6
-DIST docker-cli-23.0.3-man.tar.xz 81976 BLAKE2B e7390b429d0db2445035da506bb796364f97e6560e766a28d1245e6a76c84314c38af1f3a946d2eb1785132d26805e0d3a76c374559e70989b64e8ce917f8423 SHA512 842d7187ad8a3933d815057ec535c13466c56bd051c7133e6e0a9c85f5140e4ef61b66771ee6788c8fb50d10652a86b663f29fe4ec3190773f70fd45f36fbcd4
-DIST docker-cli-23.0.3.tar.gz 6215298 BLAKE2B 817ca474d61839c8b5929db9bfa964b936285622859ab30f45be2f382238a5e49987fdbcdc896eaa7109f114166cf0e1dbc4f001cefe293a6c286b50e2737258 SHA512 873783a0fe9ecab3b8f251c842ba69070e0dffbb4a758c16165441b2f483d55d15b98fd7da0707e483995ac2d1fbb9a0f13f570b78486382b26d6ca6c5e612a9
-DIST docker-cli-24.0.4-man.tar.xz 82500 BLAKE2B 67b113ea0a0b8377a2ab8c887849e2d8e6a57cf914bf1c6a1cdcc44978e154ee5b18abdc1b509d3c7367760204bcb1b896f2335a6ff18470433b08f3ce82d346 SHA512 fe7320bb0bacbddba0b00c1351591eceb96386e0e5141b7c399d483f6e549b687b8b3db4b33c127ded118f723d6eb5cbb995733be13c362a0e680f96b221b351
-DIST docker-cli-24.0.4.tar.gz 6242506 BLAKE2B 2cc66a43dce613f0940a0aa2ffac075562ff58a483e68511f47a05bb27dc997547522ebd546d314c932d79eb366699b319d9ed561d481ef072bcd40d6993a6d1 SHA512 6b59e01ad975961f64a7c04c719b83dcd95875c223fc11dc3cb4fc6792b6a478fd014559a775ab59b8156e4476a1424cb997c7ae97a692be317b9e7d24ed92fb
DIST docker-cli-24.0.5-man.tar.xz 82496 BLAKE2B f3295b684dbf8d251ba13a19b9bad9b828fce7d2f76b6643b1cf579cd297b770e8f7304bd3fce823badfbe97e9b760a108b819ca3c760a55e352cf3c5235d815 SHA512 683b0f131902e0a57512207daa49534d73aac6db99dc8621ac6b48eeef26b873e2ba03fe4afe6f1e84c5922e4c60bf0e80e24cc95cdbf2a4953d1c11b80d56ad
DIST docker-cli-24.0.5.tar.gz 6243993 BLAKE2B a7ce84ecf329bc74e48f3a6e1b12a9e310a8f27ac68918ffeb40ab9c4eab8b79e753265b48220fcd3ab40b4136de5ebd44607831f642664eaf732111bd8f41b1 SHA512 765c67634d91d248b156d3e407398b98b7a0a89507bbac0310d4a68b95aa1a05e3af43c8b90bc10166748749d8cc36670619fc9efca110beefbdcd4385dc96be
-EBUILD docker-cli-23.0.3.ebuild 1916 BLAKE2B 714ccdfe708f2d2c9adae830189243a5fa38eaf144418bf77925e8e2acd5716220a96d5924b65b66bf3f8699336bb47c215f29fb58746089939755c813737562 SHA512 caba0e08042eb3694b82e4d8b8eb80bbf4823fed10048eae02529c7e87e23c53b0365eb609cb64e966d90515b571e72757aa5d1c23bb9dbc6af516f47906a111
-EBUILD docker-cli-24.0.4-r1.ebuild 1962 BLAKE2B 0944259392cf77112dc12d5a2ac48af51ba5dca11b61018efed1be4d264d22ac2bee71cd537defba15cc5df29bbbc07872023aa6e71db74719dcbf4a203470bc SHA512 e0357318d62687a191f8ab11f9e51c7dc38fe71fe804bddf8b2a99eaccef3c4179523a3e2a24733205fa84b34591c4e5b62f3f4e23506d4a775f500af3139ed5
EBUILD docker-cli-24.0.5.ebuild 1916 BLAKE2B a5a41f88d0865638c92efc4b4e377d54db4b32d4c1d21befab6c0822b0a243c36e14a38449ca022ac0a9e2d234198d558ba0bc0febeb9879fd416cdbad3ee8dc SHA512 2eec9b6af9baa8b6741ea4cfd87aa81f674ac4d896ae8ccc15b1495fca9670acd0df3f75bcfd2271bf8f2ac2f555f28776e55f04389e8b539d4cda2057ef0f01
MISC metadata.xml 689 BLAKE2B 45f4a07f9d949ad4e0175908af936140573bd257f7b11f9b9cc25cdd52bb821a294036635fd81662bcd348aa21e69b5582ab2dc8efaf94dbbdc9608b131414f4 SHA512 efe37f3ae8bc6b26433b7bacfda203ea3b480f419b343921214f19a4ad4e25b2cca5f0426a27348902f51ef15f558e81599ccdadcab6504f9d22314bb472d80c
diff --git a/app-containers/docker-cli/docker-cli-23.0.3.ebuild b/app-containers/docker-cli/docker-cli-23.0.3.ebuild
deleted file mode 100644
index beff01152401..000000000000
--- a/app-containers/docker-cli/docker-cli-23.0.3.ebuild
+++ /dev/null
@@ -1,70 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-GIT_COMMIT=3e7cbfdee1
-EGO_PN="github.com/docker/cli"
-MY_PV=${PV/_/-}
-inherit bash-completion-r1 golang-vcs-snapshot
-
-DESCRIPTION="the command line binary for docker"
-HOMEPAGE="https://www.docker.com/"
-SRC_URI="https://github.com/docker/cli/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz"
-SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-man.tar.xz"
-
-LICENSE="Apache-2.0"
-SLOT="0"
-KEYWORDS="amd64 ~arm arm64 ~loong ppc64 ~riscv ~x86"
-IUSE="hardened selinux"
-
-RDEPEND="!<app-containers/docker-20.10.1
- selinux? ( sec-policy/selinux-docker )"
-BDEPEND="
- >=dev-lang/go-1.16.6"
-
-RESTRICT="installsources strip test"
-
-S="${WORKDIR}/${P}/src/${EGO_PN}"
-
-src_unpack() {
- golang-vcs-snapshot_src_unpack
- set -- ${A}
- unpack ${2}
-}
-
-src_prepare() {
- default
- sed -i 's@dockerd\?\.exe@@g' contrib/completion/bash/docker || die
-}
-
-src_compile() {
- export DISABLE_WARN_OUTSIDE_CONTAINER=1
- export GOPATH="${WORKDIR}/${P}"
- # setup CFLAGS and LDFLAGS for separate build target
- # see https://github.com/tianon/docker-overlay/pull/10
- export CGO_CFLAGS="-I${ESYSROOT}/usr/include"
- export CGO_LDFLAGS="-L${ESYSROOT}/usr/$(get_libdir)"
- emake \
- LDFLAGS="$(usex hardened '-extldflags -fno-PIC' '')" \
- VERSION="${PV}" \
- GITCOMMIT="${GIT_COMMIT}" \
- dynbinary
-}
-
-src_install() {
- dobin build/docker
- doman "${WORKDIR}"/man/man?/*
- dobashcomp contrib/completion/bash/*
- bashcomp_alias docker dockerd
- insinto /usr/share/fish/vendor_completions.d/
- doins contrib/completion/fish/docker.fish
- insinto /usr/share/zsh/site-functions
- doins contrib/completion/zsh/_*
-}
-
-pkg_postinst() {
- has_version "app-containers/docker-buildx" && return
- ewarn "the 'docker build' command is deprecated and will be removed in a"
- ewarn "future release. If you need this functionality, install"
- ewarn "app-containers/docker-buildx."
-}
diff --git a/app-containers/docker-cli/docker-cli-24.0.4-r1.ebuild b/app-containers/docker-cli/docker-cli-24.0.4-r1.ebuild
deleted file mode 100644
index 16114e7f2004..000000000000
--- a/app-containers/docker-cli/docker-cli-24.0.4-r1.ebuild
+++ /dev/null
@@ -1,74 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-GIT_COMMIT=3713ee1eea
-EGO_PN="github.com/docker/cli"
-MY_PV=${PV/_/-}
-inherit bash-completion-r1 golang-vcs-snapshot
-
-DESCRIPTION="the command line binary for docker"
-HOMEPAGE="https://www.docker.com/"
-SRC_URI="https://github.com/docker/cli/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz"
-SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-man.tar.xz"
-
-LICENSE="Apache-2.0"
-SLOT="0"
-KEYWORDS="amd64 ~arm arm64 ~loong ppc64 ~riscv ~x86"
-IUSE="hardened selinux"
-
-RDEPEND="!<app-containers/docker-20.10.1
- selinux? ( sec-policy/selinux-docker )"
-BDEPEND="
- >=dev-lang/go-1.16.6"
-
-PATCHES=(
- "${FILESDIR}/${P}-vendor.patch"
-)
-
-RESTRICT="installsources strip test"
-
-S="${WORKDIR}/${P}/src/${EGO_PN}"
-
-src_unpack() {
- golang-vcs-snapshot_src_unpack
- set -- ${A}
- unpack ${2}
-}
-
-src_prepare() {
- default
- sed -i 's@dockerd\?\.exe@@g' contrib/completion/bash/docker || die
-}
-
-src_compile() {
- export DISABLE_WARN_OUTSIDE_CONTAINER=1
- export GOPATH="${WORKDIR}/${P}"
- # setup CFLAGS and LDFLAGS for separate build target
- # see https://github.com/tianon/docker-overlay/pull/10
- export CGO_CFLAGS="-I${ESYSROOT}/usr/include"
- export CGO_LDFLAGS="-L${ESYSROOT}/usr/$(get_libdir)"
- emake \
- LDFLAGS="$(usex hardened '-extldflags -fno-PIC' '')" \
- VERSION="${PV}" \
- GITCOMMIT="${GIT_COMMIT}" \
- dynbinary
-}
-
-src_install() {
- dobin build/docker
- doman "${WORKDIR}"/man/man?/*
- dobashcomp contrib/completion/bash/*
- bashcomp_alias docker dockerd
- insinto /usr/share/fish/vendor_completions.d/
- doins contrib/completion/fish/docker.fish
- insinto /usr/share/zsh/site-functions
- doins contrib/completion/zsh/_*
-}
-
-pkg_postinst() {
- has_version "app-containers/docker-buildx" && return
- ewarn "the 'docker build' command is deprecated and will be removed in a"
- ewarn "future release. If you need this functionality, install"
- ewarn "app-containers/docker-buildx."
-}
diff --git a/app-containers/docker-cli/files/docker-cli-24.0.4-vendor.patch b/app-containers/docker-cli/files/docker-cli-24.0.4-vendor.patch
deleted file mode 100644
index 557486542ede..000000000000
--- a/app-containers/docker-cli/files/docker-cli-24.0.4-vendor.patch
+++ /dev/null
@@ -1,78 +0,0 @@
-diff --git a/vendor/github.com/docker/docker/client/client.go b/vendor/github.com/docker/docker/client/client.go
-index 1c081a5..54fa36c 100644
---- a/vendor/github.com/docker/docker/client/client.go
-+++ b/vendor/github.com/docker/docker/client/client.go
-@@ -56,6 +56,36 @@ import (
- "github.com/pkg/errors"
- )
-
-+// DummyHost is a hostname used for local communication.
-+//
-+// It acts as a valid formatted hostname for local connections (such as "unix://"
-+// or "npipe://") which do not require a hostname. It should never be resolved,
-+// but uses the special-purpose ".localhost" TLD (as defined in [RFC 2606, Section 2]
-+// and [RFC 6761, Section 6.3]).
-+//
-+// [RFC 7230, Section 5.4] defines that an empty header must be used for such
-+// cases:
-+//
-+// If the authority component is missing or undefined for the target URI,
-+// then a client MUST send a Host header field with an empty field-value.
-+//
-+// However, [Go stdlib] enforces the semantics of HTTP(S) over TCP, does not
-+// allow an empty header to be used, and requires req.URL.Scheme to be either
-+// "http" or "https".
-+//
-+// For further details, refer to:
-+//
-+// - https://github.com/docker/engine-api/issues/189
-+// - https://github.com/golang/go/issues/13624
-+// - https://github.com/golang/go/issues/61076
-+// - https://github.com/moby/moby/issues/45935
-+//
-+// [RFC 2606, Section 2]: https://www.rfc-editor.org/rfc/rfc2606.html#section-2
-+// [RFC 6761, Section 6.3]: https://www.rfc-editor.org/rfc/rfc6761#section-6.3
-+// [RFC 7230, Section 5.4]: https://datatracker.ietf.org/doc/html/rfc7230#section-5.4
-+// [Go stdlib]: https://github.com/golang/go/blob/6244b1946bc2101b01955468f1be502dbadd6807/src/net/http/transport.go#L558-L569
-+const DummyHost = "api.moby.localhost"
-+
- // ErrRedirect is the error returned by checkRedirect when the request is non-GET.
- var ErrRedirect = errors.New("unexpected redirect in response")
-
-diff --git a/vendor/github.com/docker/docker/client/hijack.go b/vendor/github.com/docker/docker/client/hijack.go
-index 6bdacab..db9b02e 100644
---- a/vendor/github.com/docker/docker/client/hijack.go
-+++ b/vendor/github.com/docker/docker/client/hijack.go
-@@ -64,7 +64,10 @@ func fallbackDial(proto, addr string, tlsConfig *tls.Config) (net.Conn, error) {
- }
-
- func (cli *Client) setupHijackConn(ctx context.Context, req *http.Request, proto string) (net.Conn, string, error) {
-- req.Host = cli.addr
-+ if cli.proto == "unix" || cli.proto == "npipe" {
-+ // For local communications, it doesn't matter what the host is.
-+ req.URL.Host = DummyHost
-+ }
- req.Header.Set("Connection", "Upgrade")
- req.Header.Set("Upgrade", proto)
-
-diff --git a/vendor/github.com/docker/docker/client/request.go b/vendor/github.com/docker/docker/client/request.go
-index c799095..8f43553 100644
---- a/vendor/github.com/docker/docker/client/request.go
-+++ b/vendor/github.com/docker/docker/client/request.go
-@@ -98,12 +98,12 @@ func (cli *Client) buildRequest(method, path string, body io.Reader, headers hea
- req = cli.addHeaders(req, headers)
-
- if cli.proto == "unix" || cli.proto == "npipe" {
-- // For local communications, it doesn't matter what the host is. We just
-- // need a valid and meaningful host name. (See #189)
-- req.Host = "docker"
-+ // For local communications, it doesn't matter what the host is.
-+ req.URL.Host = DummyHost
-+ } else {
-+ req.URL.Host = cli.addr
- }
-
-- req.URL.Host = cli.addr
- req.URL.Scheme = cli.scheme
-
- if expectedPayload && req.Header.Get("Content-Type") == "" {
diff --git a/app-containers/docker/Manifest b/app-containers/docker/Manifest
index 900dfe2f439e..d66437ecbb70 100644
--- a/app-containers/docker/Manifest
+++ b/app-containers/docker/Manifest
@@ -1,11 +1,4 @@
AUX 0001-Openrc-Depend-on-containerd-init-script.patch 774 BLAKE2B a7ac6f6a1e9ee88751e8e0471cd33429b8141cbea07a3a56c61eccd63c796c9135edafaf5977571a4413e5d71931aac44b5313110af94c3206e286b15394f637 SHA512 bc709b6f0dd8685fbf2404be589743f32a5f4deb24dec8ed6aeec18f0fcd1db4c5d59587209c28f62d964d78ec9ab3a3fdbb795dc4b7e3fabd00a06a002af34e
-AUX docker-24.0.4-client-define-a-dummy-hostname-for-local-connections.patch 11883 BLAKE2B e5c57a6d01fe97d2e5e9015a01b92c8fcba7d537e1c451503ddbed0489bac90cf2e2424a95e093aba83aec008a88c717a5b9c85937208a41658255fffd40e5fd SHA512 0ea1d9578a9ee37fe2e4891557c16f00211a4ea1873f9cbc97090c9310fca4d3f741bef4d443b0b1d4d1b692420f745a5ecfe3606ab018b7e15b7d5629759ebe
-DIST docker-23.0.3.tar.gz 13621933 BLAKE2B fd548b6083df495c35cc4d27374afdbc37e3678454b33477e9e88ba7c1564901d91a87eb0b87da2cfeab6a7c120bec95cad3a94db15a49719713a3660fae9958 SHA512 1f47a0c669c07ad1e628c99d153623076cd5c8e65e82fa54f7dd0d32579fae803ec9bee748e4ba1a6dc8fe37654602aaf005e58e09f00d8ff4f32e6047240caa
-DIST docker-23.0.4.tar.gz 13625597 BLAKE2B ab4d50e9b334f18e620979bc13a7b146f8e0381d52aca0e45785108f1d53743e0157eb1e5bda76bc1300df1aa7825ca1ca141a21aeea39e81bc626ad1ea77775 SHA512 94d2c748541cf402197e98f93f574daf72bd84fc7603bf30e23674be36862ddbff5f37ad667455a710d730b9c5bc11962c287d6fd60a20320e0e0a41e3329c44
-DIST docker-24.0.4.tar.gz 14453359 BLAKE2B d089721469857eee87fd63b04c43cfde97ab9a38b5017c52c859b9b291574be4055b25585304434e070a7b74f90fa2582bb4fd8cddeae795637aaa23242fe8cb SHA512 5d749764a3541104d13ebe42e7b4225f66a98f9cc81f6406790be8a534f6c0d5ec13b145212bf75899e489feddf7679add6f43c6f9dd76b704291ed0e638eb6e
DIST docker-24.0.5.tar.gz 14456089 BLAKE2B be13a4256787152cb35ddb96d80e97a5e5b587094f1c61d18158737a037c4e81b88c186098ba7416eb7778022ece07bc31ee55af13d3e3da8e0bbd5452ad027f SHA512 cde2e47e7658b153399ee29154ec21eebf54b292185e07d43b968895dcfdfead95e4507fefb713859a4540f21d8007116d3ebeaa1fb7ba305fb2a0449ba1bee6
-EBUILD docker-23.0.3.ebuild 8284 BLAKE2B 21e8c4a8cd80f4a6a79d0bd5514da2d653fd163a58589b67e32b4c71176be7f8656df1bcef872f8a5b22e9780d514ce5cca76c1c4db79ce6ce1a58c7e5e460fe SHA512 9a3f51cfa4059d0271baff5413bbe3ae29795f9d912ac912d045359ff1846408c7ad011a08102d3c6a7a560159180acf809d6fa2e7b3751cea6e78d00f209385
-EBUILD docker-23.0.4.ebuild 8287 BLAKE2B ff38c5c75e8bfdde6b0a3f2927090aa41c3cb28509333c254368d9b42a2c4583fd8784d47cb092f1bf91b170a2aea7de3c18b3aff915d5d21a7769cec496b328 SHA512 d471fae81b86e66d34e5d4373f739bc5d15d99abe1e7eca0199d12453e44e7f147813c14b64ab1a595083a731d74b69a9379e39b864cf19996d1bd33e6f90a58
-EBUILD docker-24.0.4-r2.ebuild 7757 BLAKE2B 4a138e60371c6cc53ad945a150131e0c02e03e8134322e7c8107d4ae2e13275958abf1d692f2583289b78edf6f8a77f332d608d9b6cd45aa49181434fc526843 SHA512 3792d5656031457075a53791987268c8d79f241964a854c37b054f12f502e2b8a4b3a7f6f4d000d6b6f82872da38986781f672a4e7d1e0f3ff3375b2cb7716a6
EBUILD docker-24.0.5.ebuild 7678 BLAKE2B 6a810a6e620d5d767196f407168935ae86a6c386666170728bcc740d2219b63fb7341c553e3df8c0600c5399043954fd5ef93708851b7d2f1475cc3a880f90b8 SHA512 d3ef18e6c19e08eda50da385f914db0b906c17e018809f28043d251d29af754a276dcc52e7c493b41ccf242c2f18eccf842bdd502061d744a5daf0f9b4a30c15
-MISC metadata.xml 1414 BLAKE2B fa9d3dd12a13f980523afebd1eee07a8746c55b7f89e6b1f0d42dc9f64649acc835904ee1dfe09bb4319cd7589dd6e19feb6d646a7ae1b41fb90e54d1f0d0cf0 SHA512 1175abde53b8d4690ffb2586734dd6fab94b3725c83a59f61d4abf53b04bfa8e5128b5cb914a9fd1eb142f77881ad503a40b14b6f5a994d19ca00aabc1b4db3e
+MISC metadata.xml 1293 BLAKE2B c6ae1e8098653df526877e8faa1f81a122fd46dc423ae55bf006a63f6e366d1596c36bf3e178f4c17e74597130a7b0201aa556943dfe46c3db66e5aa986c7d60 SHA512 c0e0782f388ccc874da0e4c4fc6eb56ac3c0f5c5de7869083acca19d3e4dadae4a4d5fb76f38196930248e65d67d6273be689e51ca42ef3d4650731956fd920e
diff --git a/app-containers/docker/docker-23.0.3.ebuild b/app-containers/docker/docker-23.0.3.ebuild
deleted file mode 100644
index a2754cb1e601..000000000000
--- a/app-containers/docker/docker-23.0.3.ebuild
+++ /dev/null
@@ -1,340 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-EGO_PN=github.com/docker/docker
-MY_PV=${PV/_/-}
-inherit linux-info systemd udev golang-vcs-snapshot
-GIT_COMMIT=59118bff500fc0d95d0560a9788735a8d89568ce
-
-DESCRIPTION="The core functions you need to create Docker images and run Docker containers"
-HOMEPAGE="https://www.docker.com/"
-SRC_URI="https://github.com/moby/moby/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz"
-
-LICENSE="Apache-2.0"
-SLOT="0"
-KEYWORDS="amd64 ~arm arm64 ppc64 ~riscv ~x86"
-IUSE="apparmor aufs btrfs +container-init device-mapper overlay seccomp selinux"
-
-DEPEND="
- acct-group/docker
- >=dev-db/sqlite-3.7.9:3
- apparmor? ( sys-libs/libapparmor )
- btrfs? ( >=sys-fs/btrfs-progs-3.16.1 )
- device-mapper? ( >=sys-fs/lvm2-2.02.89[thin] )
- seccomp? ( >=sys-libs/libseccomp-2.2.1 )
-"
-
-# https://github.com/moby/moby/blob/master/project/PACKAGERS.md#runtime-dependencies
-# https://github.com/moby/moby/blob/master/project/PACKAGERS.md#optional-dependencies
-# https://github.com/moby/moby/tree/master//hack/dockerfile/install
-# make sure docker-proxy is pinned to exact version from ^,
-# for appropriate branchch/version of course
-RDEPEND="
- ${DEPEND}
- >=net-firewall/iptables-1.4
- sys-process/procps
- >=dev-vcs/git-1.7
- >=app-arch/xz-utils-4.9
- dev-libs/libltdl
- >=app-containers/containerd-1.6.19[apparmor?,btrfs?,device-mapper?,seccomp?]
- ~app-containers/docker-proxy-0.8.0_p20230118
- container-init? ( >=sys-process/tini-0.19.0[static] )
- selinux? ( sec-policy/selinux-docker )
-"
-
-# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#build-dependencies
-BDEPEND="
- >=dev-lang/go-1.16.12
- dev-go/go-md2man
- virtual/pkgconfig
-"
-# tests require running dockerd as root and downloading containers
-RESTRICT="installsources strip test"
-
-S="${WORKDIR}/${P}/src/${EGO_PN}"
-
-# https://bugs.gentoo.org/748984 https://github.com/etcd-io/etcd/pull/12552
-PATCHES=(
- "${FILESDIR}/0001-Openrc-Depend-on-containerd-init-script.patch"
-)
-
-pkg_setup() {
- # this is based on "contrib/check-config.sh" from upstream's sources
- # required features.
- CONFIG_CHECK="
- ~NAMESPACES ~NET_NS ~PID_NS ~IPC_NS ~UTS_NS
- ~CGROUPS ~CGROUP_CPUACCT ~CGROUP_DEVICE ~CGROUP_FREEZER ~CGROUP_SCHED ~CPUSETS ~MEMCG
- ~KEYS
- ~VETH ~BRIDGE ~BRIDGE_NETFILTER
- ~IP_NF_FILTER ~IP_NF_TARGET_MASQUERADE
- ~NETFILTER_XT_MATCH_ADDRTYPE
- ~NETFILTER_XT_MATCH_CONNTRACK
- ~NETFILTER_XT_MATCH_IPVS
- ~NETFILTER_XT_MARK
- ~IP_NF_NAT ~NF_NAT
- ~POSIX_MQUEUE
- "
- WARNING_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE: is required for bind-mounting /dev/mqueue into containers"
-
- if kernel_is lt 4 8; then
- CONFIG_CHECK+="
- ~DEVPTS_MULTIPLE_INSTANCES
- "
- fi
-
- if kernel_is le 5 1; then
- CONFIG_CHECK+="
- ~NF_NAT_IPV4
- "
- fi
-
- if kernel_is le 5 2; then
- CONFIG_CHECK+="
- ~NF_NAT_NEEDED
- "
- fi
-
- if kernel_is ge 4 15; then
- CONFIG_CHECK+="
- ~CGROUP_BPF
- "
- fi
-
- # optional features
- CONFIG_CHECK+="
- ~USER_NS
- "
-
- if use seccomp; then
- CONFIG_CHECK+="
- ~SECCOMP ~SECCOMP_FILTER
- "
- fi
-
- CONFIG_CHECK+="
- ~CGROUP_PIDS
- "
-
- if kernel_is lt 6 1; then
- CONFIG_CHECK+="
- ~MEMCG_SWAP
- "
- fi
-
- if kernel_is le 5 8; then
- CONFIG_CHECK+="
- ~MEMCG_SWAP_ENABLED
- "
- fi
-
- CONFIG_CHECK+="
- ~!LEGACY_VSYSCALL_NATIVE
- "
- if kernel_is lt 5 19; then
- CONFIG_CHECK+="
- ~LEGACY_VSYSCALL_EMULATE
- "
- fi
- CONFIG_CHECK+="
- ~!LEGACY_VSYSCALL_NONE
- "
- WARNING_LEGACY_VSYSCALL_NONE="CONFIG_LEGACY_VSYSCALL_NONE enabled: \
- Containers with <=glibc-2.13 will not work"
-
- if kernel_is le 4 5; then
- CONFIG_CHECK+="
- ~MEMCG_KMEM
- "
- fi
-
- if kernel_is lt 5; then
- CONFIG_CHECK+="
- ~IOSCHED_CFQ ~CFQ_GROUP_IOSCHED
- "
- fi
-
- CONFIG_CHECK+="
- ~BLK_CGROUP ~BLK_DEV_THROTTLING
- ~CGROUP_PERF
- ~CGROUP_HUGETLB
- ~NET_CLS_CGROUP ~CGROUP_NET_PRIO
- ~CFS_BANDWIDTH ~FAIR_GROUP_SCHED ~RT_GROUP_SCHED
- ~IP_NF_TARGET_REDIRECT
- ~IP_VS
- ~IP_VS_NFCT
- ~IP_VS_PROTO_TCP
- ~IP_VS_PROTO_UDP
- ~IP_VS_RR
- "
- WARNING_RT_GROUP_SCHED="CONFIG_RT_GROUP_SCHED is disabled: Depending on your docker setup, you may want to enable this. See https://docs.docker.com/config/containers/resource_constraints/#configure-the-realtime-scheduler for more information."
-
- if use selinux; then
- CONFIG_CHECK+="
- ~SECURITY_SELINUX
- "
- fi
-
- if use apparmor; then
- CONFIG_CHECK+="
- ~SECURITY_APPARMOR
- "
- fi
-
- # if ! is_set EXT4_USE_FOR_EXT2; then
- # check_flags EXT3_FS EXT3_FS_XATTR EXT3_FS_POSIX_ACL EXT3_FS_SECURITY
- # if ! is_set EXT3_FS || ! is_set EXT3_FS_XATTR || ! is_set EXT3_FS_POSIX_ACL || ! is_set EXT3_FS_SECURITY; then
- # echo " $(wrap_color '(enable these ext3 configs if you are using ext3 as backing filesystem)' bold black)"
- # fi
- # fi
-
- CONFIG_CHECK+="
- ~EXT4_FS ~EXT4_FS_POSIX_ACL ~EXT4_FS_SECURITY
- "
-
- # if ! is_set EXT4_FS || ! is_set EXT4_FS_POSIX_ACL || ! is_set EXT4_FS_SECURITY; then
- # if is_set EXT4_USE_FOR_EXT2; then
- # echo " $(wrap_color 'enable these ext4 configs if you are using ext3 or ext4 as backing filesystem' bold black)"
- # else
- # echo " $(wrap_color 'enable these ext4 configs if you are using ext4 as backing filesystem' bold black)"
- # fi
- # fi
-
- # network drivers
- CONFIG_CHECK+="
- ~VXLAN ~BRIDGE_VLAN_FILTERING
- ~CRYPTO ~CRYPTO_AEAD ~CRYPTO_GCM ~CRYPTO_SEQIV ~CRYPTO_GHASH
- ~XFRM ~XFRM_USER ~XFRM_ALGO ~INET_ESP
- "
- if kernel_is le 5 3; then
- CONFIG_CHECK+="
- ~INET_XFRM_MODE_TRANSPORT
- "
- fi
-
- CONFIG_CHECK+="
- ~IPVLAN
- "
- CONFIG_CHECK+="
- ~MACVLAN ~DUMMY
- "
- CONFIG_CHECK+="
- ~NF_NAT_FTP ~NF_CONNTRACK_FTP ~NF_NAT_TFTP ~NF_CONNTRACK_TFTP
- "
-
- # storage drivers
- if use aufs; then
- CONFIG_CHECK+="
- ~AUFS_FS
- "
- ERROR_AUFS_FS="CONFIG_AUFS_FS: is required to be set if and only if aufs is patched to kernel instead of using standalone"
- fi
-
- if use btrfs; then
- CONFIG_CHECK+="
- ~BTRFS_FS
- ~BTRFS_FS_POSIX_ACL
- "
- fi
-
- if use device-mapper; then
- CONFIG_CHECK+="
- ~BLK_DEV_DM ~DM_THIN_PROVISIONING
- "
- fi
-
- CONFIG_CHECK+="
- ~OVERLAY_FS
- "
-
- linux-info_pkg_setup
-}
-
-src_compile() {
- export DOCKER_GITCOMMIT="${GIT_COMMIT}"
- export GOPATH="${WORKDIR}/${P}"
- export VERSION=${PV}
-
- # setup CFLAGS and LDFLAGS for separate build target
- # see https://github.com/tianon/docker-overlay/pull/10
- export CGO_CFLAGS="-I${ESYSROOT}/usr/include"
- export CGO_LDFLAGS="-L${ESYSROOT}/usr/$(get_libdir)"
-
- # let's set up some optional features :)
- export DOCKER_BUILDTAGS=''
- for gd in aufs btrfs device-mapper overlay; do
- if ! use $gd; then
- DOCKER_BUILDTAGS+=" exclude_graphdriver_${gd//-/}"
- fi
- done
-
- for tag in apparmor seccomp; do
- if use $tag; then
- DOCKER_BUILDTAGS+=" $tag"
- fi
- done
-
- # build daemon
- ./hack/make.sh dynbinary || die 'dynbinary failed'
-}
-
-src_install() {
- dosym containerd /usr/bin/docker-containerd
- dosym containerd-shim /usr/bin/docker-containerd-shim
- dosym runc /usr/bin/docker-runc
- use container-init && dosym tini /usr/bin/docker-init
- newbin bundles/dynbinary-daemon/dockerd dockerd
-
- newinitd contrib/init/openrc/docker.initd docker
- newconfd contrib/init/openrc/docker.confd docker
-
- systemd_dounit contrib/init/systemd/docker.{service,socket}
-
- udev_dorules contrib/udev/*.rules
-
- dodoc AUTHORS CONTRIBUTING.md NOTICE README.md
- dodoc -r docs/*
-
- # note: intentionally not using "doins" so that we preserve +x bits
- dodir /usr/share/${PN}/contrib
- cp -R contrib/* "${ED}/usr/share/${PN}/contrib"
-}
-
-pkg_postinst() {
- udev_reload
-
- elog
- elog "To use Docker, the Docker daemon must be running as root. To automatically"
- elog "start the Docker daemon at boot:"
- if systemd_is_booted || has_version sys-apps/systemd; then
- elog " systemctl enable docker.service"
- else
- elog " rc-update add docker default"
- fi
- elog
- elog "To use Docker as a non-root user, add yourself to the 'docker' group:"
- elog ' usermod -aG docker <youruser>'
- elog
-
- if use device-mapper; then
- elog " Devicemapper storage driver has been deprecated"
- elog " It will be removed in a future release"
- elog
- fi
-
- if use overlay; then
- elog " Overlay storage driver/USEflag has been deprecated"
- elog " in favor of overlay2 (enabled unconditionally)"
- elog
- fi
-
- if has_version sys-fs/zfs; then
- elog " ZFS storage driver is available"
- elog " Check https://docs.docker.com/storage/storagedriver/zfs-driver for more info"
- elog
- fi
-}
-
-pkg_postrm() {
- udev_reload
-}
diff --git a/app-containers/docker/docker-23.0.4.ebuild b/app-containers/docker/docker-23.0.4.ebuild
deleted file mode 100644
index 897b19c88f3f..000000000000
--- a/app-containers/docker/docker-23.0.4.ebuild
+++ /dev/null
@@ -1,340 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-EGO_PN=github.com/docker/docker
-MY_PV=${PV/_/-}
-inherit linux-info systemd udev golang-vcs-snapshot
-GIT_COMMIT=cbce3319305c39df3405c969a12e0a5d2bad3f4f
-
-DESCRIPTION="The core functions you need to create Docker images and run Docker containers"
-HOMEPAGE="https://www.docker.com/"
-SRC_URI="https://github.com/moby/moby/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz"
-
-LICENSE="Apache-2.0"
-SLOT="0"
-KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86"
-IUSE="apparmor aufs btrfs +container-init device-mapper overlay seccomp selinux"
-
-DEPEND="
- acct-group/docker
- >=dev-db/sqlite-3.7.9:3
- apparmor? ( sys-libs/libapparmor )
- btrfs? ( >=sys-fs/btrfs-progs-3.16.1 )
- device-mapper? ( >=sys-fs/lvm2-2.02.89[thin] )
- seccomp? ( >=sys-libs/libseccomp-2.2.1 )
-"
-
-# https://github.com/moby/moby/blob/master/project/PACKAGERS.md#runtime-dependencies
-# https://github.com/moby/moby/blob/master/project/PACKAGERS.md#optional-dependencies
-# https://github.com/moby/moby/tree/master//hack/dockerfile/install
-# make sure docker-proxy is pinned to exact version from ^,
-# for appropriate branchch/version of course
-RDEPEND="
- ${DEPEND}
- >=net-firewall/iptables-1.4
- sys-process/procps
- >=dev-vcs/git-1.7
- >=app-arch/xz-utils-4.9
- dev-libs/libltdl
- >=app-containers/containerd-1.6.20[apparmor?,btrfs?,device-mapper?,seccomp?]
- ~app-containers/docker-proxy-0.8.0_p20230118
- container-init? ( >=sys-process/tini-0.19.0[static] )
- selinux? ( sec-policy/selinux-docker )
-"
-
-# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#build-dependencies
-BDEPEND="
- >=dev-lang/go-1.16.12
- dev-go/go-md2man
- virtual/pkgconfig
-"
-# tests require running dockerd as root and downloading containers
-RESTRICT="installsources strip test"
-
-S="${WORKDIR}/${P}/src/${EGO_PN}"
-
-# https://bugs.gentoo.org/748984 https://github.com/etcd-io/etcd/pull/12552
-PATCHES=(
- "${FILESDIR}/0001-Openrc-Depend-on-containerd-init-script.patch"
-)
-
-pkg_setup() {
- # this is based on "contrib/check-config.sh" from upstream's sources
- # required features.
- CONFIG_CHECK="
- ~NAMESPACES ~NET_NS ~PID_NS ~IPC_NS ~UTS_NS
- ~CGROUPS ~CGROUP_CPUACCT ~CGROUP_DEVICE ~CGROUP_FREEZER ~CGROUP_SCHED ~CPUSETS ~MEMCG
- ~KEYS
- ~VETH ~BRIDGE ~BRIDGE_NETFILTER
- ~IP_NF_FILTER ~IP_NF_TARGET_MASQUERADE
- ~NETFILTER_XT_MATCH_ADDRTYPE
- ~NETFILTER_XT_MATCH_CONNTRACK
- ~NETFILTER_XT_MATCH_IPVS
- ~NETFILTER_XT_MARK
- ~IP_NF_NAT ~NF_NAT
- ~POSIX_MQUEUE
- "
- WARNING_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE: is required for bind-mounting /dev/mqueue into containers"
-
- if kernel_is lt 4 8; then
- CONFIG_CHECK+="
- ~DEVPTS_MULTIPLE_INSTANCES
- "
- fi
-
- if kernel_is le 5 1; then
- CONFIG_CHECK+="
- ~NF_NAT_IPV4
- "
- fi
-
- if kernel_is le 5 2; then
- CONFIG_CHECK+="
- ~NF_NAT_NEEDED
- "
- fi
-
- if kernel_is ge 4 15; then
- CONFIG_CHECK+="
- ~CGROUP_BPF
- "
- fi
-
- # optional features
- CONFIG_CHECK+="
- ~USER_NS
- "
-
- if use seccomp; then
- CONFIG_CHECK+="
- ~SECCOMP ~SECCOMP_FILTER
- "
- fi
-
- CONFIG_CHECK+="
- ~CGROUP_PIDS
- "
-
- if kernel_is lt 6 1; then
- CONFIG_CHECK+="
- ~MEMCG_SWAP
- "
- fi
-
- if kernel_is le 5 8; then
- CONFIG_CHECK+="
- ~MEMCG_SWAP_ENABLED
- "
- fi
-
- CONFIG_CHECK+="
- ~!LEGACY_VSYSCALL_NATIVE
- "
- if kernel_is lt 5 19; then
- CONFIG_CHECK+="
- ~LEGACY_VSYSCALL_EMULATE
- "
- fi
- CONFIG_CHECK+="
- ~!LEGACY_VSYSCALL_NONE
- "
- WARNING_LEGACY_VSYSCALL_NONE="CONFIG_LEGACY_VSYSCALL_NONE enabled: \
- Containers with <=glibc-2.13 will not work"
-
- if kernel_is le 4 5; then
- CONFIG_CHECK+="
- ~MEMCG_KMEM
- "
- fi
-
- if kernel_is lt 5; then
- CONFIG_CHECK+="
- ~IOSCHED_CFQ ~CFQ_GROUP_IOSCHED
- "
- fi
-
- CONFIG_CHECK+="
- ~BLK_CGROUP ~BLK_DEV_THROTTLING
- ~CGROUP_PERF
- ~CGROUP_HUGETLB
- ~NET_CLS_CGROUP ~CGROUP_NET_PRIO
- ~CFS_BANDWIDTH ~FAIR_GROUP_SCHED ~RT_GROUP_SCHED
- ~IP_NF_TARGET_REDIRECT
- ~IP_VS
- ~IP_VS_NFCT
- ~IP_VS_PROTO_TCP
- ~IP_VS_PROTO_UDP
- ~IP_VS_RR
- "
- WARNING_RT_GROUP_SCHED="CONFIG_RT_GROUP_SCHED is disabled: Depending on your docker setup, you may want to enable this. See https://docs.docker.com/config/containers/resource_constraints/#configure-the-realtime-scheduler for more information."
-
- if use selinux; then
- CONFIG_CHECK+="
- ~SECURITY_SELINUX
- "
- fi
-
- if use apparmor; then
- CONFIG_CHECK+="
- ~SECURITY_APPARMOR
- "
- fi
-
- # if ! is_set EXT4_USE_FOR_EXT2; then
- # check_flags EXT3_FS EXT3_FS_XATTR EXT3_FS_POSIX_ACL EXT3_FS_SECURITY
- # if ! is_set EXT3_FS || ! is_set EXT3_FS_XATTR || ! is_set EXT3_FS_POSIX_ACL || ! is_set EXT3_FS_SECURITY; then
- # echo " $(wrap_color '(enable these ext3 configs if you are using ext3 as backing filesystem)' bold black)"
- # fi
- # fi
-
- CONFIG_CHECK+="
- ~EXT4_FS ~EXT4_FS_POSIX_ACL ~EXT4_FS_SECURITY
- "
-
- # if ! is_set EXT4_FS || ! is_set EXT4_FS_POSIX_ACL || ! is_set EXT4_FS_SECURITY; then
- # if is_set EXT4_USE_FOR_EXT2; then
- # echo " $(wrap_color 'enable these ext4 configs if you are using ext3 or ext4 as backing filesystem' bold black)"
- # else
- # echo " $(wrap_color 'enable these ext4 configs if you are using ext4 as backing filesystem' bold black)"
- # fi
- # fi
-
- # network drivers
- CONFIG_CHECK+="
- ~VXLAN ~BRIDGE_VLAN_FILTERING
- ~CRYPTO ~CRYPTO_AEAD ~CRYPTO_GCM ~CRYPTO_SEQIV ~CRYPTO_GHASH
- ~XFRM ~XFRM_USER ~XFRM_ALGO ~INET_ESP
- "
- if kernel_is le 5 3; then
- CONFIG_CHECK+="
- ~INET_XFRM_MODE_TRANSPORT
- "
- fi
-
- CONFIG_CHECK+="
- ~IPVLAN
- "
- CONFIG_CHECK+="
- ~MACVLAN ~DUMMY
- "
- CONFIG_CHECK+="
- ~NF_NAT_FTP ~NF_CONNTRACK_FTP ~NF_NAT_TFTP ~NF_CONNTRACK_TFTP
- "
-
- # storage drivers
- if use aufs; then
- CONFIG_CHECK+="
- ~AUFS_FS
- "
- ERROR_AUFS_FS="CONFIG_AUFS_FS: is required to be set if and only if aufs is patched to kernel instead of using standalone"
- fi
-
- if use btrfs; then
- CONFIG_CHECK+="
- ~BTRFS_FS
- ~BTRFS_FS_POSIX_ACL
- "
- fi
-
- if use device-mapper; then
- CONFIG_CHECK+="
- ~BLK_DEV_DM ~DM_THIN_PROVISIONING
- "
- fi
-
- CONFIG_CHECK+="
- ~OVERLAY_FS
- "
-
- linux-info_pkg_setup
-}
-
-src_compile() {
- export DOCKER_GITCOMMIT="${GIT_COMMIT}"
- export GOPATH="${WORKDIR}/${P}"
- export VERSION=${PV}
-
- # setup CFLAGS and LDFLAGS for separate build target
- # see https://github.com/tianon/docker-overlay/pull/10
- export CGO_CFLAGS="-I${ESYSROOT}/usr/include"
- export CGO_LDFLAGS="-L${ESYSROOT}/usr/$(get_libdir)"
-
- # let's set up some optional features :)
- export DOCKER_BUILDTAGS=''
- for gd in aufs btrfs device-mapper overlay; do
- if ! use $gd; then
- DOCKER_BUILDTAGS+=" exclude_graphdriver_${gd//-/}"
- fi
- done
-
- for tag in apparmor seccomp; do
- if use $tag; then
- DOCKER_BUILDTAGS+=" $tag"
- fi
- done
-
- # build daemon
- ./hack/make.sh dynbinary || die 'dynbinary failed'
-}
-
-src_install() {
- dosym containerd /usr/bin/docker-containerd
- dosym containerd-shim /usr/bin/docker-containerd-shim
- dosym runc /usr/bin/docker-runc
- use container-init && dosym tini /usr/bin/docker-init
- newbin bundles/dynbinary-daemon/dockerd dockerd
-
- newinitd contrib/init/openrc/docker.initd docker
- newconfd contrib/init/openrc/docker.confd docker
-
- systemd_dounit contrib/init/systemd/docker.{service,socket}
-
- udev_dorules contrib/udev/*.rules
-
- dodoc AUTHORS CONTRIBUTING.md NOTICE README.md
- dodoc -r docs/*
-
- # note: intentionally not using "doins" so that we preserve +x bits
- dodir /usr/share/${PN}/contrib
- cp -R contrib/* "${ED}/usr/share/${PN}/contrib"
-}
-
-pkg_postinst() {
- udev_reload
-
- elog
- elog "To use Docker, the Docker daemon must be running as root. To automatically"
- elog "start the Docker daemon at boot:"
- if systemd_is_booted || has_version sys-apps/systemd; then
- elog " systemctl enable docker.service"
- else
- elog " rc-update add docker default"
- fi
- elog
- elog "To use Docker as a non-root user, add yourself to the 'docker' group:"
- elog ' usermod -aG docker <youruser>'
- elog
-
- if use device-mapper; then
- elog " Devicemapper storage driver has been deprecated"
- elog " It will be removed in a future release"
- elog
- fi
-
- if use overlay; then
- elog " Overlay storage driver/USEflag has been deprecated"
- elog " in favor of overlay2 (enabled unconditionally)"
- elog
- fi
-
- if has_version sys-fs/zfs; then
- elog " ZFS storage driver is available"
- elog " Check https://docs.docker.com/storage/storagedriver/zfs-driver for more info"
- elog
- fi
-}
-
-pkg_postrm() {
- udev_reload
-}
diff --git a/app-containers/docker/docker-24.0.4-r2.ebuild b/app-containers/docker/docker-24.0.4-r2.ebuild
deleted file mode 100644
index ac380bf3bc9d..000000000000
--- a/app-containers/docker/docker-24.0.4-r2.ebuild
+++ /dev/null
@@ -1,331 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-EGO_PN=github.com/docker/docker
-MY_PV=${PV/_/-}
-inherit linux-info systemd udev golang-vcs-snapshot
-GIT_COMMIT=4ffc61430bbe6d3d405bdf357b766bf303ff3cc5
-
-DESCRIPTION="The core functions you need to create Docker images and run Docker containers"
-HOMEPAGE="https://www.docker.com/"
-SRC_URI="https://github.com/moby/moby/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz"
-
-LICENSE="Apache-2.0"
-SLOT="0"
-KEYWORDS="amd64 ~arm arm64 ppc64 ~riscv ~x86"
-IUSE="apparmor btrfs +container-init device-mapper overlay seccomp selinux"
-
-DEPEND="
- acct-group/docker
- >=dev-db/sqlite-3.7.9:3
- apparmor? ( sys-libs/libapparmor )
- btrfs? ( >=sys-fs/btrfs-progs-3.16.1 )
- device-mapper? ( >=sys-fs/lvm2-2.02.89[thin] )
- seccomp? ( >=sys-libs/libseccomp-2.2.1 )
-"
-
-# https://github.com/moby/moby/blob/master/project/PACKAGERS.md#runtime-dependencies
-# https://github.com/moby/moby/blob/master/project/PACKAGERS.md#optional-dependencies
-RDEPEND="
- ${DEPEND}
- >=net-firewall/iptables-1.4
- sys-process/procps
- >=dev-vcs/git-1.7
- >=app-arch/xz-utils-4.9
- dev-libs/libltdl
- >=app-containers/containerd-1.7.1[apparmor?,btrfs?,device-mapper?,seccomp?]
- !app-containers/docker-proxy
- container-init? ( >=sys-process/tini-0.19.0[static] )
- selinux? ( sec-policy/selinux-docker )
-"
-
-# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#build-dependencies
-BDEPEND="
- >=dev-lang/go-1.16.12
- dev-go/go-md2man
- virtual/pkgconfig
-"
-# tests require running dockerd as root and downloading containers
-RESTRICT="installsources strip test"
-
-S="${WORKDIR}/${P}/src/${EGO_PN}"
-
-# https://bugs.gentoo.org/748984 https://github.com/etcd-io/etcd/pull/12552
-PATCHES=(
- "${FILESDIR}/0001-Openrc-Depend-on-containerd-init-script.patch"
- "${FILESDIR}/${P}-client-define-a-dummy-hostname-for-local-connections.patch"
-)
-
-pkg_setup() {
- # this is based on "contrib/check-config.sh" from upstream's sources
- # required features.
- CONFIG_CHECK="
- ~NAMESPACES ~NET_NS ~PID_NS ~IPC_NS ~UTS_NS
- ~CGROUPS ~CGROUP_CPUACCT ~CGROUP_DEVICE ~CGROUP_FREEZER ~CGROUP_SCHED ~CPUSETS ~MEMCG
- ~KEYS
- ~VETH ~BRIDGE ~BRIDGE_NETFILTER
- ~IP_NF_FILTER ~IP_NF_TARGET_MASQUERADE
- ~NETFILTER_XT_MATCH_ADDRTYPE
- ~NETFILTER_XT_MATCH_CONNTRACK
- ~NETFILTER_XT_MATCH_IPVS
- ~NETFILTER_XT_MARK
- ~IP_NF_NAT ~NF_NAT
- ~POSIX_MQUEUE
- "
- WARNING_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE: is required for bind-mounting /dev/mqueue into containers"
-
- if kernel_is lt 4 8; then
- CONFIG_CHECK+="
- ~DEVPTS_MULTIPLE_INSTANCES
- "
- fi
-
- if kernel_is le 5 1; then
- CONFIG_CHECK+="
- ~NF_NAT_IPV4
- "
- fi
-
- if kernel_is le 5 2; then
- CONFIG_CHECK+="
- ~NF_NAT_NEEDED
- "
- fi
-
- if kernel_is ge 4 15; then
- CONFIG_CHECK+="
- ~CGROUP_BPF
- "
- fi
-
- # optional features
- CONFIG_CHECK+="
- ~USER_NS
- "
-
- if use seccomp; then
- CONFIG_CHECK+="
- ~SECCOMP ~SECCOMP_FILTER
- "
- fi
-
- CONFIG_CHECK+="
- ~CGROUP_PIDS
- "
-
- if kernel_is lt 6 1; then
- CONFIG_CHECK+="
- ~MEMCG_SWAP
- "
- fi
-
- if kernel_is le 5 8; then
- CONFIG_CHECK+="
- ~MEMCG_SWAP_ENABLED
- "
- fi
-
- CONFIG_CHECK+="
- ~!LEGACY_VSYSCALL_NATIVE
- "
- if kernel_is lt 5 19; then
- CONFIG_CHECK+="
- ~LEGACY_VSYSCALL_EMULATE
- "
- fi
- CONFIG_CHECK+="
- ~!LEGACY_VSYSCALL_NONE
- "
- WARNING_LEGACY_VSYSCALL_NONE="CONFIG_LEGACY_VSYSCALL_NONE enabled: \
- Containers with <=glibc-2.13 will not work"
-
- if kernel_is le 4 5; then
- CONFIG_CHECK+="
- ~MEMCG_KMEM
- "
- fi
-
- if kernel_is lt 5; then
- CONFIG_CHECK+="
- ~IOSCHED_CFQ ~CFQ_GROUP_IOSCHED
- "
- fi
-
- CONFIG_CHECK+="
- ~BLK_CGROUP ~BLK_DEV_THROTTLING
- ~CGROUP_PERF
- ~CGROUP_HUGETLB
- ~NET_CLS_CGROUP ~CGROUP_NET_PRIO
- ~CFS_BANDWIDTH ~FAIR_GROUP_SCHED
- ~IP_NF_TARGET_REDIRECT
- ~IP_VS
- ~IP_VS_NFCT
- ~IP_VS_PROTO_TCP
- ~IP_VS_PROTO_UDP
- ~IP_VS_RR
- "
-
- if use selinux; then
- CONFIG_CHECK+="
- ~SECURITY_SELINUX
- "
- fi
-
- if use apparmor; then
- CONFIG_CHECK+="
- ~SECURITY_APPARMOR
- "
- fi
-
- # if ! is_set EXT4_USE_FOR_EXT2; then
- # check_flags EXT3_FS EXT3_FS_XATTR EXT3_FS_POSIX_ACL EXT3_FS_SECURITY
- # if ! is_set EXT3_FS || ! is_set EXT3_FS_XATTR || ! is_set EXT3_FS_POSIX_ACL || ! is_set EXT3_FS_SECURITY; then
- # echo " $(wrap_color '(enable these ext3 configs if you are using ext3 as backing filesystem)' bold black)"
- # fi
- # fi
-
- CONFIG_CHECK+="
- ~EXT4_FS ~EXT4_FS_POSIX_ACL ~EXT4_FS_SECURITY
- "
-
- # if ! is_set EXT4_FS || ! is_set EXT4_FS_POSIX_ACL || ! is_set EXT4_FS_SECURITY; then
- # if is_set EXT4_USE_FOR_EXT2; then
- # echo " $(wrap_color 'enable these ext4 configs if you are using ext3 or ext4 as backing filesystem' bold black)"
- # else
- # echo " $(wrap_color 'enable these ext4 configs if you are using ext4 as backing filesystem' bold black)"
- # fi
- # fi
-
- # network drivers
- CONFIG_CHECK+="
- ~VXLAN ~BRIDGE_VLAN_FILTERING
- ~CRYPTO ~CRYPTO_AEAD ~CRYPTO_GCM ~CRYPTO_SEQIV ~CRYPTO_GHASH
- ~XFRM ~XFRM_USER ~XFRM_ALGO ~INET_ESP
- "
- if kernel_is le 5 3; then
- CONFIG_CHECK+="
- ~INET_XFRM_MODE_TRANSPORT
- "
- fi
-
- CONFIG_CHECK+="
- ~IPVLAN
- "
- CONFIG_CHECK+="
- ~MACVLAN ~DUMMY
- "
- CONFIG_CHECK+="
- ~NF_NAT_FTP ~NF_CONNTRACK_FTP ~NF_NAT_TFTP ~NF_CONNTRACK_TFTP
- "
-
- # storage drivers
- if use btrfs; then
- CONFIG_CHECK+="
- ~BTRFS_FS
- ~BTRFS_FS_POSIX_ACL
- "
- fi
-
- if use device-mapper; then
- CONFIG_CHECK+="
- ~BLK_DEV_DM ~DM_THIN_PROVISIONING
- "
- fi
-
- CONFIG_CHECK+="
- ~OVERLAY_FS
- "
-
- linux-info_pkg_setup
-}
-
-src_compile() {
- export DOCKER_GITCOMMIT="${GIT_COMMIT}"
- export GOPATH="${WORKDIR}/${P}"
- export VERSION=${PV}
-
- # setup CFLAGS and LDFLAGS for separate build target
- # see https://github.com/tianon/docker-overlay/pull/10
- export CGO_CFLAGS="-I${ESYSROOT}/usr/include"
- export CGO_LDFLAGS="-L${ESYSROOT}/usr/$(get_libdir)"
-
- # let's set up some optional features :)
- export DOCKER_BUILDTAGS=''
- for gd in btrfs device-mapper overlay; do
- if ! use $gd; then
- DOCKER_BUILDTAGS+=" exclude_graphdriver_${gd//-/}"
- fi
- done
-
- for tag in apparmor seccomp; do
- if use $tag; then
- DOCKER_BUILDTAGS+=" $tag"
- fi
- done
-
- # build binaries
- ./hack/make.sh dynbinary || die 'dynbinary failed'
-}
-
-src_install() {
- dosym containerd /usr/bin/docker-containerd
- dosym containerd-shim /usr/bin/docker-containerd-shim
- dosym runc /usr/bin/docker-runc
- use container-init && dosym tini /usr/bin/docker-init
- dobin bundles/dynbinary-daemon/dockerd
- dobin bundles/dynbinary-daemon/docker-proxy
-
- newinitd contrib/init/openrc/docker.initd docker
- newconfd contrib/init/openrc/docker.confd docker
-
- systemd_dounit contrib/init/systemd/docker.{service,socket}
-
- udev_dorules contrib/udev/*.rules
-
- dodoc AUTHORS CONTRIBUTING.md NOTICE README.md
- dodoc -r docs/*
-
- # note: intentionally not using "doins" so that we preserve +x bits
- dodir /usr/share/${PN}/contrib
- cp -R contrib/* "${ED}/usr/share/${PN}/contrib"
-}
-
-pkg_postinst() {
- udev_reload
-
- elog
- elog "To use Docker, the Docker daemon must be running as root. To automatically"
- elog "start the Docker daemon at boot:"
- if systemd_is_booted || has_version sys-apps/systemd; then
- elog " systemctl enable docker.service"
- else
- elog " rc-update add docker default"
- fi
- elog
- elog "To use Docker as a non-root user, add yourself to the 'docker' group:"
- elog ' usermod -aG docker <youruser>'
- elog
-
- if use device-mapper; then
- elog " Devicemapper storage driver has been deprecated"
- elog " It will be removed in a future release"
- elog
- fi
-
- if use overlay; then
- elog " Overlay storage driver/USEflag has been deprecated"
- elog " in favor of overlay2 (enabled unconditionally)"
- elog
- fi
-
- if has_version sys-fs/zfs; then
- elog " ZFS storage driver is available"
- elog " Check https://docs.docker.com/storage/storagedriver/zfs-driver for more info"
- elog
- fi
-}
-
-pkg_postrm() {
- udev_reload
-}
diff --git a/app-containers/docker/files/docker-24.0.4-client-define-a-dummy-hostname-for-local-connections.patch b/app-containers/docker/files/docker-24.0.4-client-define-a-dummy-hostname-for-local-connections.patch
deleted file mode 100644
index 91c0f12daae0..000000000000
--- a/app-containers/docker/files/docker-24.0.4-client-define-a-dummy-hostname-for-local-connections.patch
+++ /dev/null
@@ -1,290 +0,0 @@
-From 18b6066f21dd24671c96c3d9f1b3a7e39da1dabf Mon Sep 17 00:00:00 2001
-From: Sebastiaan van Stijn <github@gone.nl>
-Date: Wed, 12 Jul 2023 14:15:38 +0200
-Subject: [PATCH 1/3] client: define a "dummy" hostname to use for local
- connections
-
-For local communications (npipe://, unix://), the hostname is not used,
-but we need valid and meaningful hostname.
-
-The current code used the client's `addr` as hostname in some cases, which
-could contain the path for the unix-socket (`/var/run/docker.sock`), which
-gets rejected by go1.20.6 and go1.19.11 because of a security fix for
-[CVE-2023-29406 ][1], which was implemented in https://go.dev/issue/60374.
-
-Prior versions go Go would clean the host header, and strip slashes in the
-process, but go1.20.6 and go1.19.11 no longer do, and reject the host
-header.
-
-This patch introduces a `DummyHost` const, and uses this dummy host for
-cases where we don't need an actual hostname.
-
-Before this patch (using go1.20.6):
-
- make GO_VERSION=1.20.6 TEST_FILTER=TestAttach test-integration
- === RUN TestAttachWithTTY
- attach_test.go:46: assertion failed: error is not nil: http: invalid Host header
- --- FAIL: TestAttachWithTTY (0.11s)
- === RUN TestAttachWithoutTTy
- attach_test.go:46: assertion failed: error is not nil: http: invalid Host header
- --- FAIL: TestAttachWithoutTTy (0.02s)
- FAIL
-
-With this patch applied:
-
- make GO_VERSION=1.20.6 TEST_FILTER=TestAttach test-integration
- INFO: Testing against a local daemon
- === RUN TestAttachWithTTY
- --- PASS: TestAttachWithTTY (0.12s)
- === RUN TestAttachWithoutTTy
- --- PASS: TestAttachWithoutTTy (0.02s)
- PASS
-
-[1]: https://github.com/advisories/GHSA-f8f7-69v5-w4vx
-
-Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
-(cherry picked from commit 5119e8c98f31f36a9e73884d4132c326cd931c34)
-Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
----
- client/client.go | 30 ++++++++++++++++++++++++++++++
- client/hijack.go | 5 ++++-
- client/request.go | 8 ++++----
- client/request_test.go | 20 ++++++++------------
- 4 files changed, 46 insertions(+), 17 deletions(-)
-
-diff --git a/client/client.go b/client/client.go
-index 1c081a51ae69..54fa36cca88e 100644
---- a/client/client.go
-+++ b/moby-24.0.4/client/client.go
-@@ -56,6 +56,36 @@ import (
- "github.com/pkg/errors"
- )
-
-+// DummyHost is a hostname used for local communication.
-+//
-+// It acts as a valid formatted hostname for local connections (such as "unix://"
-+// or "npipe://") which do not require a hostname. It should never be resolved,
-+// but uses the special-purpose ".localhost" TLD (as defined in [RFC 2606, Section 2]
-+// and [RFC 6761, Section 6.3]).
-+//
-+// [RFC 7230, Section 5.4] defines that an empty header must be used for such
-+// cases:
-+//
-+// If the authority component is missing or undefined for the target URI,
-+// then a client MUST send a Host header field with an empty field-value.
-+//
-+// However, [Go stdlib] enforces the semantics of HTTP(S) over TCP, does not
-+// allow an empty header to be used, and requires req.URL.Scheme to be either
-+// "http" or "https".
-+//
-+// For further details, refer to:
-+//
-+// - https://github.com/docker/engine-api/issues/189
-+// - https://github.com/golang/go/issues/13624
-+// - https://github.com/golang/go/issues/61076
-+// - https://github.com/moby/moby/issues/45935
-+//
-+// [RFC 2606, Section 2]: https://www.rfc-editor.org/rfc/rfc2606.html#section-2
-+// [RFC 6761, Section 6.3]: https://www.rfc-editor.org/rfc/rfc6761#section-6.3
-+// [RFC 7230, Section 5.4]: https://datatracker.ietf.org/doc/html/rfc7230#section-5.4
-+// [Go stdlib]: https://github.com/golang/go/blob/6244b1946bc2101b01955468f1be502dbadd6807/src/net/http/transport.go#L558-L569
-+const DummyHost = "api.moby.localhost"
-+
- // ErrRedirect is the error returned by checkRedirect when the request is non-GET.
- var ErrRedirect = errors.New("unexpected redirect in response")
-
-diff --git a/client/hijack.go b/client/hijack.go
-index 6bdacab10adb..db9b02e1601f 100644
---- a/client/hijack.go
-+++ b/moby-24.0.4/client/hijack.go
-@@ -64,7 +64,10 @@ func fallbackDial(proto, addr string, tlsConfig *tls.Config) (net.Conn, error) {
- }
-
- func (cli *Client) setupHijackConn(ctx context.Context, req *http.Request, proto string) (net.Conn, string, error) {
-- req.Host = cli.addr
-+ if cli.proto == "unix" || cli.proto == "npipe" {
-+ // For local communications, it doesn't matter what the host is.
-+ req.URL.Host = DummyHost
-+ }
- req.Header.Set("Connection", "Upgrade")
- req.Header.Set("Upgrade", proto)
-
-diff --git a/client/request.go b/client/request.go
-index c799095c1227..8f43553fb7c5 100644
---- a/client/request.go
-+++ b/moby-24.0.4/client/request.go
-@@ -98,12 +98,12 @@ func (cli *Client) buildRequest(method, path string, body io.Reader, headers hea
- req = cli.addHeaders(req, headers)
-
- if cli.proto == "unix" || cli.proto == "npipe" {
-- // For local communications, it doesn't matter what the host is. We just
-- // need a valid and meaningful host name. (See #189)
-- req.Host = "docker"
-+ // For local communications, it doesn't matter what the host is.
-+ req.URL.Host = DummyHost
-+ } else {
-+ req.URL.Host = cli.addr
- }
-
-- req.URL.Host = cli.addr
- req.URL.Scheme = cli.scheme
-
- if expectedPayload && req.Header.Get("Content-Type") == "" {
-diff --git a/client/request_test.go b/client/request_test.go
-index 6e5a6e81f21c..1a99197ca231 100644
---- a/client/request_test.go
-+++ b/moby-24.0.4/client/request_test.go
-@@ -28,24 +28,20 @@ func TestSetHostHeader(t *testing.T) {
- expectedURLHost string
- }{
- {
-- "unix:///var/run/docker.sock",
-- "docker",
-- "/var/run/docker.sock",
-+ host: "unix:///var/run/docker.sock",
-+ expectedURLHost: DummyHost,
- },
- {
-- "npipe:////./pipe/docker_engine",
-- "docker",
-- "//./pipe/docker_engine",
-+ host: "npipe:////./pipe/docker_engine",
-+ expectedURLHost: DummyHost,
- },
- {
-- "tcp://0.0.0.0:4243",
-- "",
-- "0.0.0.0:4243",
-+ host: "tcp://0.0.0.0:4243",
-+ expectedURLHost: "0.0.0.0:4243",
- },
- {
-- "tcp://localhost:4243",
-- "",
-- "localhost:4243",
-+ host: "tcp://localhost:4243",
-+ expectedURLHost: "localhost:4243",
- },
- }
-
-
-From d22fa2bb92fd1ea37071487465f58c8bcb58badd Mon Sep 17 00:00:00 2001
-From: Sebastiaan van Stijn <github@gone.nl>
-Date: Wed, 12 Jul 2023 15:07:59 +0200
-Subject: [PATCH 2/3] pkg/plugins: use a dummy hostname for local connections
-
-For local communications (npipe://, unix://), the hostname is not used,
-but we need valid and meaningful hostname.
-
-The current code used the socket path as hostname, which gets rejected by
-go1.20.6 and go1.19.11 because of a security fix for [CVE-2023-29406 ][1],
-which was implemented in https://go.dev/issue/60374.
-
-Prior versions go Go would clean the host header, and strip slashes in the
-process, but go1.20.6 and go1.19.11 no longer do, and reject the host
-header.
-
-Before this patch, tests would fail on go1.20.6:
-
- === FAIL: pkg/authorization TestAuthZRequestPlugin (15.01s)
- time="2023-07-12T12:53:45Z" level=warning msg="Unable to connect to plugin: //tmp/authz2422457390/authz-test-plugin.sock/AuthZPlugin.AuthZReq: Post \"http://%2F%2Ftmp%2Fauthz2422457390%2Fauthz-test-plugin.sock/AuthZPlugin.AuthZReq\": http: invalid Host header, retrying in 1s"
- time="2023-07-12T12:53:46Z" level=warning msg="Unable to connect to plugin: //tmp/authz2422457390/authz-test-plugin.sock/AuthZPlugin.AuthZReq: Post \"http://%2F%2Ftmp%2Fauthz2422457390%2Fauthz-test-plugin.sock/AuthZPlugin.AuthZReq\": http: invalid Host header, retrying in 2s"
- time="2023-07-12T12:53:48Z" level=warning msg="Unable to connect to plugin: //tmp/authz2422457390/authz-test-plugin.sock/AuthZPlugin.AuthZReq: Post \"http://%2F%2Ftmp%2Fauthz2422457390%2Fauthz-test-plugin.sock/AuthZPlugin.AuthZReq\": http: invalid Host header, retrying in 4s"
- time="2023-07-12T12:53:52Z" level=warning msg="Unable to connect to plugin: //tmp/authz2422457390/authz-test-plugin.sock/AuthZPlugin.AuthZReq: Post \"http://%2F%2Ftmp%2Fauthz2422457390%2Fauthz-test-plugin.sock/AuthZPlugin.AuthZReq\": http: invalid Host header, retrying in 8s"
- authz_unix_test.go:82: Failed to authorize request Post "http://%2F%2Ftmp%2Fauthz2422457390%2Fauthz-test-plugin.sock/AuthZPlugin.AuthZReq": http: invalid Host header
-
-[1]: https://github.com/advisories/GHSA-f8f7-69v5-w4vx
-
-Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
-(cherry picked from commit a4a861f9fbdd6293f95ef8d6d35241c6f6c29853)
-Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
----
- pkg/plugins/client.go | 14 ++++++++++++--
- 1 file changed, 12 insertions(+), 2 deletions(-)
-
-diff --git a/pkg/plugins/client.go b/pkg/plugins/client.go
-index 752fecd0ae47..a740a8c3dac1 100644
---- a/pkg/plugins/client.go
-+++ b/moby-24.0.4/pkg/plugins/client.go
-@@ -18,6 +18,12 @@ import (
-
- const (
- defaultTimeOut = 30
-+
-+ // dummyHost is a hostname used for local communication.
-+ //
-+ // For local communications (npipe://, unix://), the hostname is not used,
-+ // but we need valid and meaningful hostname.
-+ dummyHost = "plugin.moby.localhost"
- )
-
- func newTransport(addr string, tlsConfig *tlsconfig.Options) (transport.Transport, error) {
-@@ -44,8 +50,12 @@ func newTransport(addr string, tlsConfig *tlsconfig.Options) (transport.Transpor
- return nil, err
- }
- scheme := httpScheme(u)
--
-- return transport.NewHTTPTransport(tr, scheme, socket), nil
-+ hostName := u.Host
-+ if hostName == "" || u.Scheme == "unix" || u.Scheme == "npipe" {
-+ // For local communications, it doesn't matter what the host is.
-+ hostName = dummyHost
-+ }
-+ return transport.NewHTTPTransport(tr, scheme, hostName), nil
- }
-
- // NewClient creates a new plugin client (http).
-
-From af1c09666a5c7ea12685fb8b482e64433a58f820 Mon Sep 17 00:00:00 2001
-From: Sebastiaan van Stijn <github@gone.nl>
-Date: Wed, 12 Jul 2023 17:37:01 +0200
-Subject: [PATCH 3/3] testutil: use dummyhost for non-tcp connections
-
-Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
-(cherry picked from commit 524506a452dab8f67cb2c287c8acacdbe2599906)
-Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
----
- integration-cli/docker_api_attach_test.go | 9 ++++++++-
- testutil/request/request.go | 9 +++++++--
- 2 files changed, 15 insertions(+), 3 deletions(-)
-
-diff --git a/integration-cli/docker_api_attach_test.go b/integration-cli/docker_api_attach_test.go
-index 6d31c51ec344..0064b48bdf7b 100644
---- a/integration-cli/docker_api_attach_test.go
-+++ b/moby-24.0.4/integration-cli/docker_api_attach_test.go
-@@ -234,7 +234,14 @@ func requestHijack(method, endpoint string, data io.Reader, ct, daemon string, m
- return nil, nil, errors.Wrap(err, "could not create new request")
- }
- req.URL.Scheme = "http"
-- req.URL.Host = hostURL.Host
-+
-+ // FIXME(thaJeztah): this should really be done by client.ParseHostURL
-+ if hostURL.Scheme == "unix" || hostURL.Scheme == "npipe" {
-+ // For local communications, it doesn't matter what the host is.
-+ req.URL.Host = client.DummyHost
-+ } else {
-+ req.URL.Host = hostURL.Host
-+ }
-
- for _, opt := range modifiers {
- opt(req)
-diff --git a/testutil/request/request.go b/testutil/request/request.go
-index d5f559c66637..239e27a8fc1d 100644
---- a/testutil/request/request.go
-+++ b/moby-24.0.4/testutil/request/request.go
-@@ -123,8 +123,13 @@ func newRequest(endpoint string, opts *Options) (*http.Request, error) {
- } else {
- req.URL.Scheme = "http"
- }
-- req.URL.Host = hostURL.Host
--
-+ // FIXME(thaJeztah): this should really be done by client.ParseHostURL
-+ if hostURL.Scheme == "unix" || hostURL.Scheme == "npipe" {
-+ // For local communications, it doesn't matter what the host is.
-+ req.URL.Host = client.DummyHost
-+ } else {
-+ req.URL.Host = hostURL.Host
-+ }
- for _, config := range opts.requestModifiers {
- if err := config(req); err != nil {
- return nil, err
diff --git a/app-containers/docker/metadata.xml b/app-containers/docker/metadata.xml
index c8dfe231c86b..d58b9b295fb1 100644
--- a/app-containers/docker/metadata.xml
+++ b/app-containers/docker/metadata.xml
@@ -17,10 +17,6 @@
<name>Georgy Yakovlev</name>
</maintainer>
<use>
- <flag name="aufs">
- Enables dependencies for the "aufs" graph driver, including
- necessary kernel flags.
- </flag>
<flag name="btrfs">
Enables dependencies for the "btrfs" graph driver, including
necessary kernel flags.
diff --git a/app-containers/runc/Manifest b/app-containers/runc/Manifest
index 9738abbcfa47..6d9a32d7d968 100644
--- a/app-containers/runc/Manifest
+++ b/app-containers/runc/Manifest
@@ -1,5 +1,3 @@
-DIST runc-1.1.4.tar.gz 2334639 BLAKE2B bc7eb7de29e8ebb9ce146bc77bf6cfc116f4af3e28c0344059183cf0c8082c629ccb235531c368cce99915991b25df0b50b7cbb98b9c6a7d141ba6cc15958651 SHA512 c8e79ad839964680d29ab56a4de255f91192741951673025da6889c544a232d4d392db2da8005d8e22999a37bfbc9c9fe7f6043b165bc4edc2f2a29261d8a3d6
DIST runc-1.1.7.tar.gz 2511464 BLAKE2B 63f09052659636b62185abbb178f7e104d22125190899e80e71ed2ba35567eb855abf786d3c7fff3dd9a1ab43ee282fcaecb6650cd8a1ce49c05acefd7c12cde SHA512 e3a18f04ac2c3553a815074ca64e04cfd71af54d78edbd4a13819f187476f96d7311c23bb63fb5c311b91865db4540985a6f9daa84819b0bac5f023b3b2a832c
-EBUILD runc-1.1.4.ebuild 1843 BLAKE2B e390f7829d122bf1b69a366a01e4303bfa54d8362b44b74f9dfc85a88045f458a8e0827311931405b33e56868eddbb995499a169c1bec54bdbe5b2ecc0e07f27 SHA512 1850d961cab32b9b117c910bd05377128a67fdc8d93575395e0f7e913cc2058d55c1c59e38d68f0f07bbdc8777c3696155b0d6e92d02145299351d8aa922576e
EBUILD runc-1.1.7.ebuild 1843 BLAKE2B 5dcdf28d4b75f14a565ad7766b9dfe6e4bf6ff644449175a7425a809d49048a219708a93bc77a51840cb6ab305f2a13551fb35449e3d4084aa68bab02a5aaa05 SHA512 b3dd66a07869fa8de8db8a13b06bfa19cbb593fe61b9092882073e4b0369e4000daf2735e5a23ba453dcde617e22bb822c76b145e864f6cb486fa0b352f84a90
MISC metadata.xml 759 BLAKE2B 2eefd8bf06b709fe70d91b444fb232fb23e51702d75c29b0fb49675056e9721f8f63dac596b55a2ae33ef7b46825a1543a9ffdaaeddcb80448953daa5505bd60 SHA512 34d1dd28f55a6aff44c2f6dadef2dede502837af0fb8411b55a7f3ef96d35d2ddae9cc0d230525715e41c423d813b0089c36369dfa666c1249f152de90a5c555
diff --git a/app-containers/runc/runc-1.1.4.ebuild b/app-containers/runc/runc-1.1.4.ebuild
deleted file mode 100644
index 8818b620d307..000000000000
--- a/app-containers/runc/runc-1.1.4.ebuild
+++ /dev/null
@@ -1,78 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-inherit go-module linux-info
-
-# update on bump, look for https://github.com/docker\
-# docker-ce/blob/<docker ver OR branch>/components/engine/hack/dockerfile/install/runc.installer
-RUNC_COMMIT=5fd4c4d144137e991c4acebb2146ab1483a97925
-CONFIG_CHECK="~USER_NS"
-
-DESCRIPTION="runc container cli tools"
-HOMEPAGE="http://github.com/opencontainers/runc/"
-MY_PV="${PV/_/-}"
-SRC_URI="https://github.com/opencontainers/${PN}/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz"
-
-LICENSE="Apache-2.0 BSD-2 BSD MIT"
-SLOT="0"
-KEYWORDS="amd64 ~arm arm64 ppc64 ~riscv ~x86"
-IUSE="apparmor hardened +kmem +seccomp selinux test"
-
-DEPEND="seccomp? ( sys-libs/libseccomp )"
-
-RDEPEND="
- ${DEPEND}
- !app-emulation/docker-runc
- apparmor? ( sys-libs/libapparmor )
- selinux? ( sec-policy/selinux-container )
-"
-
-BDEPEND="
- dev-go/go-md2man
- test? ( "${RDEPEND}" )
-"
-
-# tests need busybox binary, and portage namespace
-# sandboxing disabled: mount-sandbox pid-sandbox ipc-sandbox
-# majority of tests pass
-RESTRICT+=" test"
-
-S="${WORKDIR}/${PN}-${MY_PV}"
-
-src_compile() {
- # Taken from app-containers/docker-1.7.0-r1
- export CGO_CFLAGS="-I${ESYSROOT}/usr/include"
- export CGO_LDFLAGS="$(usex hardened '-fno-PIC ' '')
- -L${ESYSROOT}/usr/$(get_libdir)"
-
- # build up optional flags
- local options=(
- $(usev apparmor)
- $(usev seccomp)
- $(usex kmem '' 'nokmem')
- )
-
- myemakeargs=(
- BUILDTAGS="${options[*]}"
- COMMIT="${RUNC_COMMIT}"
- )
-
- emake "${myemakeargs[@]}" runc man
-}
-
-src_install() {
- myemakeargs+=(
- PREFIX="${ED}/usr"
- BINDIR="${ED}/usr/bin"
- MANDIR="${ED}/usr/share/man"
- )
- emake "${myemakeargs[@]}" install install-man install-bash
-
- local DOCS=( README.md PRINCIPLES.md docs/. )
- einstalldocs
-}
-
-src_test() {
- emake "${myemakeargs[@]}" localunittest
-}