gentoo resync : 22.06.2019

4 files changed, 129 insertions, 0 deletions

diff --git a/sys-apps/minijail/Manifest b/sys-apps/minijail/Manifest
new file mode 100644
index 000000000000..24f6e85e6c6e
--- /dev/null
+++ b/sys-apps/minijail/Manifest
@@ -0,0 +1,4 @@
+AUX minijail-9-makefile.patch 1589 BLAKE2B d2b253f769e79c179fce51b858ce9b7b70dec806e7f3f330928e5befc7a6fc12e4a09e5fca0e29404badbab2f389bb4c9385d0ecc555610d3b45df272c5d34e1 SHA512 38a3afe8c17f591e8172ad6725f04d5a898ee3ec3a97ee99c6118c1c12189061906a442b95243e7907031c194f0477c3bdbc6d96df4923b43487f60ededa403b
+DIST minijail-9.tar.gz 118700 BLAKE2B 7d2959d5dd71bd9d8d8a0b7c278dab66771740f73acec20f19502da33990ca858796b4734676ffedc404cef72eee8c419c669ba7092ac00cbafa2e410564aba2 SHA512 6d05fbe8615f410e8314045d11f7a3638f563f3311f7d52b5a0c47cad8692d11b0a7db4fbb45141b56453a9beb0de7683d58e5298f0a27029aa017539bb48717
+EBUILD minijail-9.ebuild 1664 BLAKE2B bf24144705af04455679a028b4dc2f57ef9d5c3720957ee93ac29b88c547adde9bf057ec87c53c0bb3ffdb02d6464e65985a7f125c8e29d4d666f8453b7160f2 SHA512 39bd30383281af95df050e1585b74974a86891bbfe9e4d7204f4d00dcb138a8aae65f156070dc934227ccbb7276935a0277acd3310238eec694b3263e47bb6ff
+MISC metadata.xml 301 BLAKE2B d5f9282d8aabde609103f044f2d3716395795229a7651e0c0f34df9c3995593633cf13d515fddda390096403bd1f52ca286a9c6f8fe287fb5af575b333b2146d SHA512 e88cdf0fc48e93ef15d4048015fde4939955cc48a437c9cc4f8f5053e3af4524206ee4ee3b11067fce6f0defc511484b1ba2b4afde82c9684d9df4e4750b9599
diff --git a/sys-apps/minijail/files/minijail-9-makefile.patch b/sys-apps/minijail/files/minijail-9-makefile.patch
new file mode 100644
index 000000000000..6ec44a8079ad
--- /dev/null
+++ b/sys-apps/minijail/files/minijail-9-makefile.patch
@@ -0,0 +1,44 @@
+diff --git a/Makefile b/Makefile
+index 54ee978..a50ee9a 100644
+--- a/Makefile
++++ b/Makefile
+@@ -46,8 +46,8 @@ ifeq ($(USE_SYSTEM_GTEST),no)
+ GTEST_CXXFLAGS := -std=gnu++14
+ GTEST_LIBS := gtest.a
+ else
+-GTEST_CXXFLAGS := $(shell gtest-config --cxxflags)
+-GTEST_LIBS := $(shell gtest-config --libs)
++GTEST_CXXFLAGS ?= $(shell gtest-config --cxxflags)
++GTEST_LIBS ?= $(shell gtest-config --libs)
+ endif
+ 
+ CORE_OBJECT_FILES := libminijail.o syscall_filter.o signal_handler.o \
+@@ -73,6 +73,7 @@ clean: CLEAN(minijail0)
+ 
+ 
+ CC_LIBRARY(libminijail.so): LDLIBS += -lcap
++CC_LIBRARY(libminijail.so): LDFLAGS += -Wl,-soname,libminijail.so
+ CC_LIBRARY(libminijail.so): $(CORE_OBJECT_FILES)
+ clean: CLEAN(libminijail.so)
+ 
+@@ -91,6 +92,7 @@ TEST(CXX_BINARY(libminijail_unittest)): CC_LIBRARY(libminijailpreload.so)
+ 
+ 
+ CC_LIBRARY(libminijailpreload.so): LDLIBS += -lcap -ldl
++CC_LIBRARY(libminijailpreload.so): LDFLAGS += -Wl,-soname,libminijail.so
+ CC_LIBRARY(libminijailpreload.so): libminijailpreload.o $(CORE_OBJECT_FILES)
+ clean: CLEAN(libminijailpreload.so)
+ 
+diff --git a/common.mk b/common.mk
+index 77879d8..1cd815b 100644
+--- a/common.mk
++++ b/common.mk
+@@ -323,7 +323,7 @@ COMMON_CFLAGS := -Wall -Wunused -Wno-unused-parameter -Werror -Wformat=2 \
+   -fno-strict-aliasing $(SSP_CFLAGS) -O1
+ CXXFLAGS += $(COMMON_CFLAGS) $(COMMON_CFLAGS-$(CXXDRIVER)) -std=gnu++14
+ CFLAGS += $(COMMON_CFLAGS) $(COMMON_CFLAGS-$(CDRIVER)) -std=gnu11
+-CPPFLAGS += -D_FORTIFY_SOURCE=2
++CPPFLAGS +=
+ 
+ # Enable large file support.
+ CPPFLAGS += -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE
diff --git a/sys-apps/minijail/metadata.xml b/sys-apps/minijail/metadata.xml
new file mode 100644
index 000000000000..aa105de6900b
--- /dev/null
+++ b/sys-apps/minijail/metadata.xml
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<maintainer type="person">
+		<email>coles.david@gmail.com</email>
+	</maintainer>
+	<maintainer type="person">
+		<email>chutzpah@gentoo.org</email>
+	</maintainer>
+</pkgmetadata>
diff --git a/sys-apps/minijail/minijail-9.ebuild b/sys-apps/minijail/minijail-9.ebuild
new file mode 100644
index 000000000000..3daec8d2d3b5
--- /dev/null
+++ b/sys-apps/minijail/minijail-9.ebuild
@@ -0,0 +1,71 @@
+# Copyright 2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit linux-info toolchain-funcs
+
+DESCRIPTION="helper binary and library for sandboxing & restricting privs of service"
+HOMEPAGE="https://android.googlesource.com/platform/external/minijail"
+
+# Use GitHub mirror as Gitiles doesn't generate stable tarballs.
+SRC_URI="https://github.com/google/${PN}/archive/linux-v${PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+seccomp test"
+
+RDEPEND="sys-libs/libcap-ng:="
+DEPEND="${RDEPEND}
+	test? (
+		virtual/pkgconfig
+		>=dev-cpp/gtest-1.8.0:=
+	)"
+
+S="${WORKDIR}/${PN}-linux-v${PV}"
+
+PATCHES=(
+	"${FILESDIR}/minijail-9-makefile.patch"
+)
+
+pkg_pretend() {
+	local CONFIG_CHECK="~NAMESPACES ~UTS_NS ~IPC_NS ~USER_NS ~PID_NS ~NET_NS
+		~SECCOMP ~SECCOMP_FILTER ~CGROUPS"
+	check_extra_config
+}
+
+src_configure() {
+	export LIBDIR="/usr/$(get_libdir)"
+	export USE_seccomp="$(usex seccomp)"
+	export USE_SYSTEM_GTEST=yes
+	export GTEST_CXXFLAGS="$(pkg-config --cflags gtest_main)"
+	export GTEST_LIBS="$(pkg-config --libs gtest_main)"
+}
+
+src_compile() {
+	tc-env_build emake VERBOSE=1 all parse_seccomp_policy
+}
+
+src_test() {
+	GTEST_FILTER="-NamespaceTest.test_tmpfs_userns:NamespaceTest.test_namespaces" \
+		tc-env_build emake VERBOSE=1 tests
+}
+
+src_install() {
+	dosbin minijail0
+	dolib.so libminijail{,preload}.so
+	dobin parse_seccomp_policy
+
+	doman minijail0.[15]
+
+	local include_dir="/usr/include"
+
+	"${S}"/platform2_preinstall.sh "${PV}" "${include_dir}"
+	insinto "/usr/$(get_libdir)/pkgconfig"
+	doins libminijail.pc
+
+	insinto "${include_dir}"
+	doins libminijail.h
+	doins scoped_minijail.h
+}