gentoo resync : 29.06.2020

author: V3n3RiX <venerix@redcorelinux.org> 2020-06-29 11:38:31 +0100
committer: V3n3RiX <venerix@redcorelinux.org> 2020-06-29 11:38:31 +0100
commit: 90c88731bd036e5698b281fbc0a5f3aa4c9983ac (patch)
tree: 83fc5facb6b12be510a37bc3d241cc63e965b13a /app-emulation/lxc
parent: feb0daf81d888e9160f9f94502de09b66f2a63fd (diff)
5 files changed, 53 insertions, 196 deletions
diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest
index 42351bc40f05..67de090b7fc9 100644
--- a/app-emulation/lxc/Manifest
+++ b/app-emulation/lxc/Manifest
@@ -1,11 +1,9 @@
 AUX lxc-2.0.5-omit-sysconfig.patch 259 BLAKE2B 977e151fbb8c9d98e89aaa5ee0426e64ab4286b4440af1582086a0ced8c6568efb470ccf68786da6ea52c82d1f4e81feac45bec411febc04fc31d108f05ccde2 SHA512 0aed9aca687accc6df79e97f48ab333043256e8ae68c8643f2b2452cc8013191238867d64ec71f7d399c59a43d3ba698b35d965090c5cb149b4f41302432e6e7
 AUX lxc-3.0.0-bash-completion.patch 915 BLAKE2B 8bb879e391cec349d211b47d321c64ea091c8475ac9a8c4adfb45918c044f6c49d9b9bce546082907d696f697baf0870893c4427abeafa496db89f99190cd091 SHA512 2f3728fcf5e88eecc1ae05bf038ef83baa375194c5bef0d0ef68feaf4d8092cdd8efef6b3c27207c4abd28b085f087af517242c65747b47d0a8fa840f6b9d279
-AUX lxc.initd.7 3468 BLAKE2B 37b0d044594f1c66631f991315e49c4ceea4640bf6c459e6bba713fb76ef9a8ee1fcbc49da68bd0f1e2929cf9904e0113a3b321166f7c3d360fcebeab6665e5a SHA512 c5841cff7d8b58d4283a26719e8a5db1be2c4add0f31065393b863b6626460180d91632106bc50cde4d3e74ae46a57d581fa1f01140dfa95522aba12277f9eaa
 AUX lxc.initd.8 3669 BLAKE2B 50d41e0923ba26b9653ca3b5b559dd0905e61ec81969e709650fe7f1b26a4dcdc17158b7e449d666e2103047d9f196e53df8beca15fffd529fa8e743de97bd82 SHA512 1182b53a65399746f6d6bced0df5c1fde09c1ede4a28bfe95b5ed0bbd969d6f6423f63021d4b6f1dc62c7b2703f6963c03d881291650bdf21cfcf8432586c1b4
-AUX lxc_at.service.4 265 BLAKE2B 4454528e69a5c986c23c0c4ccc10ebe03a0650e47cd30208355d2f4a70a4cb46392473eccddd736988f1b72954948876601aaf99977d8e6014a7c774a416160f SHA512 d61e7103e90e6ffb3202533e7d7555d8c02b943f06ec6c0d673713c1c0ede58641312c65d6dd6a15907c1171522e6148c2313d7b11acbd85d59fe65758cd52b3
 AUX lxc_at.service.4.0.0 284 BLAKE2B 1adc76b9861f2499b7b703f7076782a258f9b21a3d1e32b69334f753faca9ecd8c6fb2a03baf04698e765f079e73ee683434d8c7c6d3b3082427a6af74ab33b1 SHA512 4c2f9846ca60bb78df7e652309900c0e788b45d569f268a9e5b98842518542b35fce253e2aedeb0eded3d37274390988ef887b01d1d37859ccddf6225286b4bb
-DIST lxc-3.0.3.tar.gz 1263371 BLAKE2B 77d0f593119654f570ae748d305e86c27117fd4e9ec7bdab1110f5356afb4a00d81c105ae9757d9da5827f6883a4a5d8ddc43b5b6e56a2927ed990e757f7c7b6 SHA512 cdc411364153d7ed494bab604260f5cbdfd5bd7734a59af970b3198c7b3cb340b6736856a2189d5989e169945a817ac8b531bc3ab62217a4285dd63a851f9c8a
 DIST lxc-4.0.2.tar.gz 1352667 BLAKE2B 2ecc076bacb9bb1c2a808422f7b2e0cbfc74bf3bec6ca89ea58eb6ef4a414353c2e58163bff17b3304beb39f4980d10f54365f739645c1581bfca9f6079bf57c SHA512 0de6c1f9649d161579b45fc28a735f703c4498eff9c588462b838220aeab73f91921db628f77bc461eff38c7583cac10a38951263181956e2d33412a406f3ef3
-EBUILD lxc-3.0.3.ebuild 5047 BLAKE2B a648bfd8160f61c1798a6540350ad2b45ae38b5ac8587a5b1a7db7a4f750756b2d65f798c022500c7ea1bfef312aa083f403e8cb61dc116f6ebc91ae5510b077 SHA512 273ff2df6188f58bdc55efb702bd6c92f276bee3baa2cfe0ec550f7ee9707ce6dc2db0bd0ec60276fcfb137c5963dfc7840a6b750a3036a65378bb108d17f47e
-EBUILD lxc-4.0.2-r2.ebuild 4415 BLAKE2B 13a6aec708e20cc54dfd3d48e34183ed760367fa18f9c3f7ac36e9491f166350fc91f66fc1c3656e1fcbf89bf0f1120e9675561caf1c523d4214daf2be51c578 SHA512 4420cb4a4856408d66f49b15348e6cafde2efc68300b188c89ce752f337bab1bb9dd368146fdb38ef0cfc9c9a0e448667d806199401ec0d4f8acdfb7239b383a
+DIST lxc-4.0.3.tar.gz 1368461 BLAKE2B 861bd8f3736ecda9075c57338845d386811ae3aeceb72cd054023a25a9758d5d7c9ceec917fc634c118a13f8fb142b28bd93f27138b9ee1d0817f8360fda88da SHA512 a5d45626b1f26c0f098f6f0f5852472ea065f65f9918b972826e087a9a71a34253c85dd6f1b6b6837ca97303f8d43478a66595057d65a6e72a72334a3257ef88
+EBUILD lxc-4.0.2-r2.ebuild 4413 BLAKE2B cefb6671714dc8b83bc346743cc2021f02e7a24ac6943905cb67f69bf2305f556a8151207659460487088c811576420a19a847469860517dc475ecf08d763a97 SHA512 63d40850523186a87e4c9539d4da43cbc8a45a2823a812479d8a7a75652f6d9ba425f7bfb7d2e32684a27267ed5caca00d08a263315d3991f0c47e0d7daf4e33
+EBUILD lxc-4.0.3.ebuild 4415 BLAKE2B 13a6aec708e20cc54dfd3d48e34183ed760367fa18f9c3f7ac36e9491f166350fc91f66fc1c3656e1fcbf89bf0f1120e9675561caf1c523d4214daf2be51c578 SHA512 4420cb4a4856408d66f49b15348e6cafde2efc68300b188c89ce752f337bab1bb9dd368146fdb38ef0cfc9c9a0e448667d806199401ec0d4f8acdfb7239b383a
 MISC metadata.xml 614 BLAKE2B 8c637599d38ecb5fd975fbb4385998886e450cd01d71c342a212258acf6fa0de3a377189544ab744da55b1d85ad5dd8fd2bbbb2daef7389ce61dd7d17bab7f00 SHA512 a14166b818647f0c5c6bb8402f82b333ce52591645c7ec86c8fff953889d61d00db0bcf46faca630a2f472c2918484a230b7b3fcc06099fbdbe4e31ec6bb9270
diff --git a/app-emulation/lxc/files/lxc.initd.7 b/app-emulation/lxc/files/lxc.initd.7
deleted file mode 100644
index 6a42b6aac520..000000000000
--- a/app-emulation/lxc/files/lxc.initd.7
+++ /dev/null
@@ -1,124 +0,0 @@
-#!/sbin/openrc-run
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-CONTAINER=${SVCNAME#*.}
-
-LXC_PATH=`lxc-config lxc.lxcpath`
-
-lxc_get_configfile() {
-	if [ -f "${LXC_PATH}/${CONTAINER}.conf" ]; then
-		echo "${LXC_PATH}/${CONTAINER}.conf"
-	elif [ -f "${LXC_PATH}/${CONTAINER}/config" ]; then
-		echo "${LXC_PATH}/${CONTAINER}/config"
-	else
-		eerror "Unable to find a suitable configuration file."
-		eerror "If you set up the container in a non-standard"
-		eerror "location, please set the CONFIGFILE variable."
-		return 1
-	fi
-}
-
-[ $CONTAINER != $SVCNAME ] && CONFIGFILE=${CONFIGFILE:-$(lxc_get_configfile)}
-
-lxc_get_var() {
-	awk 'BEGIN { FS="[ \t]*=[ \t]*" } $1 == "'$1'" { print $2; exit }' ${CONFIGFILE}
-}
-
-lxc_get_net_link_type() {
-	awk 'BEGIN { FS="[ \t]*=[ \t]*"; _link=""; _type="" }
-		$1 == "lxc.network.type" {_type=$2;}
-		$1 == "lxc.network.link" {_link=$2;}
-		match($1, /lxc\.net\.[[:digit:]]+\.type/) {_type=$2;}
-		match($1, /lxc\.net\.[[:digit:]]+\.link/) {_link=$2;}
-		{if(_link != "" && _type != ""){
-			printf("%s:%s\n", _link, _type );
-			_link=""; _type="";
-		}; }' <${CONFIGFILE}
-}
-
-checkconfig() {
-	if [ ${CONTAINER} = ${SVCNAME} ]; then
-		eerror "You have to create an init script for each container:"
-		eerror " ln -s lxc /etc/init.d/lxc.container"
-		return 1
-	fi
-
-	# no need to output anything, the function takes care of that.
-	[ -z "${CONFIGFILE}" ] && return 1
-
-	utsname=$(lxc_get_var lxc.uts.name)
-	if [ -z "$utsname" ] ; then
-		utsname=$(lxc_get_var lxc.utsname)
-	fi
-
-	if [ "${CONTAINER}" != "${utsname}" ]; then
-	    eerror "You should use the same name for the service and the"
-	    eerror "container. Right now the container is called ${utsname}"
-	    return 1
-	fi
-}
-
-depend() {
-	# be quiet, since we have to run depend() also for the
-	# non-muxed init script, unfortunately.
-	checkconfig 2>/dev/null || return 0
-
-	config ${CONFIGFILE}
-	need localmount
-	use lxcfs
-
-	local _x _if
-	for _x in $(lxc_get_net_link_type); do
-		_if=${_x%:*}
-		case "${_x##*:}" in
-			# when the network type is set to phys, we can make use of a
-			# network service (for instance to set it up before we disable
-			# the net_admin capability), but we might also not set it up
-			# at all on the host and leave the net_admin capable service
-			# to take care of it.
-			phys)	use net.${_if} ;;
-			*)	need net.${_if} ;;
-		esac
-	done
-}
-
-start() {
-	checkconfig || return 1
-	rm -f /var/log/lxc/${CONTAINER}.log
-
-	rootpath=$(lxc_get_var lxc.rootfs)
-
-	# Check the format of our init and the chroot's init, to see
-	# if we have to use linux32 or linux64; always use setarch
-	# when required, as that makes it easier to deal with
-	# x32-based containers.
-	case $(scanelf -BF '%a#f' ${rootpath}/sbin/init) in
-		EM_X86_64)	setarch=linux64;;
-		EM_386)		setarch=linux32;;
-	esac
-
-	ebegin "Starting ${CONTAINER}"
-	env -i ${setarch} $(which lxc-start) -l WARN -n ${CONTAINER} -f ${CONFIGFILE} -d -o /var/log/lxc/${CONTAINER}.log
-	sleep 1
-
-	# lxc-start -d will _always_ report a correct startup, even if it
-	# failed, so rather than trust that, check that the cgroup exists.
-	[ -d /sys/fs/cgroup/cpuset/lxc/${CONTAINER} ]
-	eend $?
-}
-
-stop() {
-	checkconfig || return 1
-
-
-	if ! [ -d /sys/fs/cgroup/cpuset/lxc/${CONTAINER} ]; then
-	    ewarn "${CONTAINER} doesn't seem to be started."
-	    return 0
-	fi
-
-	# 10s should be enough to shut everything down
-	ebegin "Stopping ${CONTAINER}"
-	lxc-stop -t 10 -n ${CONTAINER}
-	eend $?
-}
diff --git a/app-emulation/lxc/files/lxc_at.service.4 b/app-emulation/lxc/files/lxc_at.service.4
deleted file mode 100644
index 64ae7457096c..000000000000
--- a/app-emulation/lxc/files/lxc_at.service.4
+++ /dev/null
@@ -1,14 +0,0 @@
-[Unit]
-Description=Linux Container %I
-After=network.target
-Wants=lxcfs.service
-
-[Service]
-Restart=always
-ExecStart=/usr/bin/lxc-start -n %i -F
-ExecReload=/usr/bin/lxc-restart -n %i
-ExecStop=/usr/bin/lxc-stop -n %i
-Delegate=yes
-
-[Install]
-WantedBy=multi-user.target
diff --git a/app-emulation/lxc/lxc-4.0.2-r2.ebuild b/app-emulation/lxc/lxc-4.0.2-r2.ebuild
index 9f71458a5e7e..18554a5e703a 100644
--- a/app-emulation/lxc/lxc-4.0.2-r2.ebuild
+++ b/app-emulation/lxc/lxc-4.0.2-r2.ebuild
@@ -9,7 +9,7 @@ DESCRIPTION="LinuX Containers userspace utilities"
 HOMEPAGE="https://linuxcontainers.org/ https://github.com/lxc/lxc"
 SRC_URI="https://linuxcontainers.org/downloads/lxc/${P}.tar.gz"
 
-KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86"
+KEYWORDS="amd64 ~arm ~arm64 ~ppc64 x86"
 
 LICENSE="LGPL-3"
 SLOT="0"
diff --git a/app-emulation/lxc/lxc-3.0.3.ebuild b/app-emulation/lxc/lxc-4.0.3.ebuild
index 136493184f47..9f71458a5e7e 100644
--- a/app-emulation/lxc/lxc-3.0.3.ebuild
+++ b/app-emulation/lxc/lxc-4.0.3.ebuild
@@ -1,38 +1,38 @@
-# Copyright 1999-2019 Gentoo Authors
+# Copyright 1999-2020 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=7
 
-inherit autotools bash-completion-r1 linux-info flag-o-matic systemd readme.gentoo-r1 pam
+inherit autotools bash-completion-r1 linux-info flag-o-matic pam readme.gentoo-r1 systemd
 
 DESCRIPTION="LinuX Containers userspace utilities"
-HOMEPAGE="https://linuxcontainers.org/"
+HOMEPAGE="https://linuxcontainers.org/ https://github.com/lxc/lxc"
 SRC_URI="https://linuxcontainers.org/downloads/lxc/${P}.tar.gz"
 
-KEYWORDS="amd64 ~arm ~arm64 ppc64 x86"
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86"
 
 LICENSE="LGPL-3"
 SLOT="0"
-IUSE="apparmor examples pam python seccomp selinux +templates"
+IUSE="apparmor +caps doc examples libressl pam seccomp selinux +ssl +templates +tools"
 
-RDEPEND="
-	net-libs/gnutls
+RDEPEND="app-misc/pax-utils
+	sys-apps/util-linux
 	sys-libs/libcap
+	virtual/awk
+	caps? ( sys-libs/libcap )
 	pam? ( sys-libs/pam )
 	seccomp? ( sys-libs/libseccomp )
-	selinux? ( sys-libs/libselinux )"
-
+	selinux? ( sys-libs/libselinux )
+	ssl? (
+		!libressl? ( dev-libs/openssl:0= )
+		libressl? ( dev-libs/libressl:0= )
+	)"
 DEPEND="${RDEPEND}
 	>=app-text/docbook-sgml-utils-0.6.14-r2
-	>=sys-kernel/linux-headers-3.2"
-
-RDEPEND="${RDEPEND}
-	sys-apps/util-linux
-	app-misc/pax-utils
-	virtual/awk"
-
-PDEPEND="templates? ( app-emulation/lxc-templates )
-	python? ( dev-python/python3-lxc )"
+	>=sys-kernel/linux-headers-3.2
+	apparmor? ( sys-apps/apparmor )"
+BDEPEND="doc? ( app-doc/doxygen )"
+PDEPEND="templates? ( app-emulation/lxc-templates )"
 
 CONFIG_CHECK="~CGROUPS ~CGROUP_DEVICE
 	~CPUSETS ~CGROUP_CPUACCT
@@ -46,44 +46,19 @@ CONFIG_CHECK="~CGROUPS ~CGROUP_DEVICE
 	~VETH ~MACVLAN
 
 	~POSIX_MQUEUE
-	~!NETPRIO_CGROUP
-
-	~!GRKERNSEC_CHROOT_MOUNT
-	~!GRKERNSEC_CHROOT_DOUBLE
-	~!GRKERNSEC_CHROOT_PIVOT
-	~!GRKERNSEC_CHROOT_CHMOD
-	~!GRKERNSEC_CHROOT_CAPS
-	~!GRKERNSEC_PROC
-	~!GRKERNSEC_SYSFS_RESTRICT
-	~!GRKERNSEC_CHROOT_FINDTASK
-"
-
-ERROR_DEVPTS_MULTIPLE_INSTANCES="CONFIG_DEVPTS_MULTIPLE_INSTANCES:  needed for pts inside container"
+	~!NETPRIO_CGROUP"
 
 ERROR_CGROUP_FREEZER="CONFIG_CGROUP_FREEZER:  needed to freeze containers"
-
 ERROR_UTS_NS="CONFIG_UTS_NS:  needed to unshare hostnames and uname info"
 ERROR_NET_NS="CONFIG_NET_NS:  needed for unshared network"
-
 ERROR_VETH="CONFIG_VETH:  needed for internal (host-to-container) networking"
 ERROR_MACVLAN="CONFIG_MACVLAN:  needed for internal (inter-container) networking"
-
 ERROR_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE:  needed for lxc-execute command"
-
 ERROR_NETPRIO_CGROUP="CONFIG_NETPRIO_CGROUP:  as of kernel 3.3 and lxc 0.8.0_rc1 this causes LXCs to fail booting."
 
-ERROR_GRKERNSEC_CHROOT_MOUNT="CONFIG_GRKERNSEC_CHROOT_MOUNT:  some GRSEC features make LXC unusable see postinst notes"
-ERROR_GRKERNSEC_CHROOT_DOUBLE="CONFIG_GRKERNSEC_CHROOT_DOUBLE:  some GRSEC features make LXC unusable see postinst notes"
-ERROR_GRKERNSEC_CHROOT_PIVOT="CONFIG_GRKERNSEC_CHROOT_PIVOT:  some GRSEC features make LXC unusable see postinst notes"
-ERROR_GRKERNSEC_CHROOT_CHMOD="CONFIG_GRKERNSEC_CHROOT_CHMOD:  some GRSEC features make LXC unusable see postinst notes"
-ERROR_GRKERNSEC_CHROOT_CAPS="CONFIG_GRKERNSEC_CHROOT_CAPS:  some GRSEC features make LXC unusable see postinst notes"
-ERROR_GRKERNSEC_PROC="CONFIG_GRKERNSEC_PROC:  this GRSEC feature is incompatible with unprivileged containers"
-ERROR_GRKERNSEC_SYSFS_RESTRICT="CONFIG_GRKERNSEC_SYSFS_RESTRICT:  this GRSEC feature is incompatible with unprivileged containers"
-
-DOCS=(AUTHORS CONTRIBUTING MAINTAINERS NEWS README doc/FAQ.txt)
+DOCS=( AUTHORS CONTRIBUTING MAINTAINERS NEWS README doc/FAQ.txt )
 
 pkg_setup() {
-	kernel_is -lt 4 7 && CONFIG_CHECK="${CONFIG_CHECK} ~DEVPTS_MULTIPLE_INSTANCES"
 	linux-info_pkg_setup
 }
 
@@ -103,23 +78,45 @@ src_configure() {
 	# --enable-doc is for manpages which is why we don't link it to a "doc"
 	# USE flag. We always want man pages.
 	local myeconfargs=(
-		--localstatedir=/var
 		--bindir=/usr/bin
+		--localstatedir=/var
 		--sbindir=/usr/bin
+
 		--with-config-path=/var/lib/lxc
-		--with-rootfs-path=/var/lib/lxc/rootfs
 		--with-distro=gentoo
+		--with-init-script=systemd
+		--with-rootfs-path=/var/lib/lxc/rootfs
 		--with-runtime-path=/run
-		--disable-apparmor
+		--with-systemdsystemunitdir=$(systemd_get_systemunitdir)
+
+		--disable-asan
+		--disable-coverity-build
+		--disable-dlog
+		--disable-mutex-debugging
+		--disable-rpath
+		--disable-tests
+		--disable-ubsan
 		--disable-werror
+
+		--enable-bash
+		--enable-commands
 		--enable-doc
+		--enable-memfd-rexec
+		--enable-thread-safety
+
 		$(use_enable apparmor)
+		$(use_enable caps capabilities)
+		$(use_enable doc api-docs)
 		$(use_enable examples)
 		$(use_enable pam)
-		$(use_with pam pamdir $(getpam_mod_dir))
 		$(use_enable seccomp)
 		$(use_enable selinux)
+		$(use_enable ssl openssl)
+		$(use_enable tools)
+
+		$(use_with pam pamdir $(getpam_mod_dir))
 	)
+
 	econf "${myeconfargs[@]}"
 }
 
@@ -133,14 +130,14 @@ src_install() {
 	keepdir /etc/lxc /var/lib/lxc/rootfs /var/log/lxc
 	rmdir "${D}"/var/cache/lxc "${D}"/var/cache || die "rmdir failed"
 
-	find "${D}" -name '*.la' -delete
+	find "${D}" -name '*.la' -delete -o -name '*.a' -delete || die
 
 	# Gentoo-specific additions!
-	newinitd "${FILESDIR}/${PN}.initd.7" ${PN}
+	newinitd "${FILESDIR}/${PN}.initd.8" ${PN}
 
 	# Remember to compare our systemd unit file with the upstream one
 	# config/init/systemd/lxc.service.in
-	systemd_newunit "${FILESDIR}"/${PN}_at.service.4 "lxc@.service"
+	systemd_newunit "${FILESDIR}"/${PN}_at.service.4.0.0 "lxc@.service"
 
 	DOC_CONTENTS="
 	For openrc, there is an init script provided with the package.
author	V3n3RiX <venerix@redcorelinux.org>	2020-06-29 11:38:31 +0100
committer	V3n3RiX <venerix@redcorelinux.org>	2020-06-29 11:38:31 +0100
commit	90c88731bd036e5698b281fbc0a5f3aa4c9983ac (patch)
tree	83fc5facb6b12be510a37bc3d241cc63e965b13a /app-emulation/lxc
parent	feb0daf81d888e9160f9f94502de09b66f2a63fd (diff)