diff options
Diffstat (limited to 'app-containers/lxc')
| -rw-r--r-- | app-containers/lxc/Manifest | 8 | ||||
| -rw-r--r-- | app-containers/lxc/files/lxc-5.0.0-dont-depend-on-static-libcap.patch | 27 | ||||
| -rw-r--r-- | app-containers/lxc/files/lxc-monitord.service.5.0.0 | 11 | ||||
| -rw-r--r-- | app-containers/lxc/files/lxc-net.service.5.0.0 | 15 | ||||
| -rw-r--r-- | app-containers/lxc/files/lxc.service-5.0.0 | 19 | ||||
| -rw-r--r-- | app-containers/lxc/files/lxc_at.service.5.0.0 | 19 | ||||
| -rw-r--r-- | app-containers/lxc/lxc-5.0.0.ebuild | 159 |
7 files changed, 258 insertions, 0 deletions
diff --git a/app-containers/lxc/Manifest b/app-containers/lxc/Manifest index 76c41733a561..d22eccd7e2c4 100644 --- a/app-containers/lxc/Manifest +++ b/app-containers/lxc/Manifest @@ -1,7 +1,15 @@ AUX lxc-2.0.5-omit-sysconfig.patch 259 BLAKE2B 977e151fbb8c9d98e89aaa5ee0426e64ab4286b4440af1582086a0ced8c6568efb470ccf68786da6ea52c82d1f4e81feac45bec411febc04fc31d108f05ccde2 SHA512 0aed9aca687accc6df79e97f48ab333043256e8ae68c8643f2b2452cc8013191238867d64ec71f7d399c59a43d3ba698b35d965090c5cb149b4f41302432e6e7 +AUX lxc-5.0.0-dont-depend-on-static-libcap.patch 912 BLAKE2B 7c3cbb9607e83d9ea64075312f77f0b0a9a6bea982f3b9bdfb51e696a592c583970c8813a8789cad36ffcc5cbd5f4d55e1a98efd4e3a56e5329793a4ae908003 SHA512 3272b7fbf2435366242d5aa582111b6a6e21e8978bc5abf25947a77eb25540234068cb2afee9c3e7cf95f0299f04132385e34b315a0872aa14e9495c6a20c568 +AUX lxc-monitord.service.5.0.0 219 BLAKE2B 5be0ec2b7bd19d661dac97e5d067f0e6d1e297c22c4a642a0b2258003f632263e25349c6d190438f2886064f3202018a452a481e0fb9c9614a5eec5ffa306e39 SHA512 ab63db7a5e0470ac1001e7b05fcbcde3adbe422bdd1030c9e55cd3b1e69855efcf141174f48102ab304035cc4b3497bc569b0f7bc4b231851880872258b28e95 +AUX lxc-net.service.5.0.0 304 BLAKE2B bd7125d2f1401d249946f89e0f58966bc426adc09d5759564174d6a666797d687eb85e4b235ff761e1c1b9d87d133cd28fb12f27092da1b0bff2633d4f4fd704 SHA512 06bf3d233cc152d1b67f6c687c9b31bdd5f60e8664e6bcf4234e878cbf840437b82c1e1cf21cc4847f56b57d3ae664f9557264da4d3b3603bef8945a86658be9 AUX lxc.initd.8 3669 BLAKE2B 50d41e0923ba26b9653ca3b5b559dd0905e61ec81969e709650fe7f1b26a4dcdc17158b7e449d666e2103047d9f196e53df8beca15fffd529fa8e743de97bd82 SHA512 1182b53a65399746f6d6bced0df5c1fde09c1ede4a28bfe95b5ed0bbd969d6f6423f63021d4b6f1dc62c7b2703f6963c03d881291650bdf21cfcf8432586c1b4 +AUX lxc.service-5.0.0 527 BLAKE2B 44d1fca919615c1acb672baa7b77bd43680975782683addb4b918b763f14923c070567cec18659892d7629dff2ea717258ee339d00ce9f8b12fe29349a85b645 SHA512 a56e44ba983d1c9ec7e0e2080e46537fe11c0e92422f1bb46476434d3ebe1a8ac4af7ae1c574bde57a56709541a611eed1123f9a21d9f54aceeaff935da9cc0e AUX lxc_at.service.4.0.0 284 BLAKE2B 1adc76b9861f2499b7b703f7076782a258f9b21a3d1e32b69334f753faca9ecd8c6fb2a03baf04698e765f079e73ee683434d8c7c6d3b3082427a6af74ab33b1 SHA512 4c2f9846ca60bb78df7e652309900c0e788b45d569f268a9e5b98842518542b35fce253e2aedeb0eded3d37274390988ef887b01d1d37859ccddf6225286b4bb +AUX lxc_at.service.5.0.0 395 BLAKE2B b4a329964041a9b3017df80aedb73f296d60e0b78097c72e52b921de939246a45d07591535d3971458cee38bf4ddf84021af3f325bffac6db9ba7c4c78a48a5b SHA512 d896c2eb889b83a77041fcd51604bea11db65b8b494c9c063a72ed182006577ed49e2e2c0842353de4676b3fc1246508e5b7c669d797929818cccf485282d85c DIST lxc-4.0.12.tar.gz 1565070 BLAKE2B 819b5140b641dbc1ed6cf5f2840bb0ee6d3ab8c687f4f8064e42d347113bdf50fcbb653a6fb26598db0daab0c83ad88fe0d27fd2842fac9d7f5fef73656d7976 SHA512 04437d9c891cd3a22f756c42f05e97398772587175d65aff9d394f0f3e810efc5c1fe7077c39573de3ec259e0605bc2a7ea51093613b2cef908372ae338df19d DIST lxc-4.0.12.tar.gz.asc 833 BLAKE2B 2fca60b5ac267a893f70875ccdbe39db6b98b5fe51fe396692449e310b6e680e7b142380e193f5d8299f18e796ed2fd0e08cd186859069877fcca6bc26e44717 SHA512 4f2912879e6f3bf5fdbebb902cf16ca6b766b5720b817c4b4996e62098a1d282327d330ffd9768d45d69aeddb50184dc8485b0ef75b046449ce4c544cdc43c9b +DIST lxc-5.0.0.tar.gz 968678 BLAKE2B 82fa15353bdd78a1cc4cdb915f4a8366790b4ac317247bb03ceae91137368ef953ec52f6882ba9d44f6b9bddd3ac20579339e6bbedb4e5642adc81473825a91d SHA512 ecdce46a83602197716c9a4e50e0514a7e0764fbf34db6d5e3497e90669b4c8ced4b787fb220967d95dd8e50016075f3b118e85d9d63c21b2ba17de2e7aefb81 +DIST lxc-5.0.0.tar.gz.asc 833 BLAKE2B 3519789f7a9797895c1b89371db28add0833b0db5a32b71f8fdff98f689a2ed6edd77db90fad89658e7c148a94a1008a718dca32bc3ce40dbfce9b44c9506dbd SHA512 d475073543e82481675a4d7ffe642445b73698ad0675cfd996768c6f026786c694cea062d50139264362a516b8777fc4e1a5fb5592eeed35ac2f6d64460c505d EBUILD lxc-4.0.12.ebuild 5184 BLAKE2B 1c3a59f4bb1b43c66acae7de91014ea3aea152d3595e2e6431f30e56d99a2316b2c1d73bcb975371f84273b88282c22eda1691f798a4d3a373a3873596bfdb74 SHA512 a5435cfc04ead876fe7c3e7931307ebdd18057849e7cfd9e0b18073a5aff73e03e4f3b9f7cbf4efe608f4ba1502dde59195ebde8a6591c566cb2ac16ae1ba456 +EBUILD lxc-5.0.0.ebuild 4663 BLAKE2B a5733909bb20c878fb25fb747b334c862fbab8672edfc6824178c5d0c56184b2b0d15c517fd18b7da0e471107c06048fe51dea8643619edbc0876f8a6ce69ce4 SHA512 f1a0bd46860424b7f008238505f44231e0a816039cc34337df9a3cf6fa94b6ddb16a33dfaa46b157810a9f8fd5c5bc9e19178fefe0776e2e8ae0dd794fe98f8a MISC metadata.xml 713 BLAKE2B 982d13dbe2adffcdb473804981effa8eabc89ca95dc2f39ae6ebdbdce0f786311333c8f9cbfe2105faf55dcbaf7a63a09b46e6b7c7987ba629f5e87de24a348c SHA512 4c9d018afe1967708c18747f504b98487f110b6a021cd97c94693fa4b39d892b148ad19ae64399396b34502ed6f598d7515418b69d0b22031776366a9f172f3b diff --git a/app-containers/lxc/files/lxc-5.0.0-dont-depend-on-static-libcap.patch b/app-containers/lxc/files/lxc-5.0.0-dont-depend-on-static-libcap.patch new file mode 100644 index 000000000000..74f3d353c561 --- /dev/null +++ b/app-containers/lxc/files/lxc-5.0.0-dont-depend-on-static-libcap.patch @@ -0,0 +1,27 @@ +From 7d72354898feac15bc4082130bcbe638bae02450 Mon Sep 17 00:00:00 2001 +From: Fabrice Fontaine <fontaine.fabrice@gmail.com> +Date: Thu, 14 Jul 2022 17:03:40 +0200 +Subject: [PATCH] meson.build: fix build with -Dcapabilities=false + +Define libcap_static to an empty array to avoid the following build +failure with -Dcapabilities=false: + +output/build/lxc-5.0.0/src/lxc/cmd/meson.build:64:4: ERROR: Unknown variable "libcap_static". + +Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> +--- + meson.build | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/meson.build b/meson.build +index 992fa08c72..4ed57a655b 100644 +--- a/meson.build ++++ b/meson.build +@@ -443,6 +443,7 @@ int main(int argc, char *argv[]) { return 0; }; + srcconf.set10('HAVE_STATIC_LIBCAP', false) + endif + else ++ libcap_static = [] + srcconf.set10('HAVE_LIBCAP', false) + srcconf.set10('HAVE_STATIC_LIBCAP', false) + endif diff --git a/app-containers/lxc/files/lxc-monitord.service.5.0.0 b/app-containers/lxc/files/lxc-monitord.service.5.0.0 new file mode 100644 index 000000000000..ff4a201152c0 --- /dev/null +++ b/app-containers/lxc/files/lxc-monitord.service.5.0.0 @@ -0,0 +1,11 @@ +[Unit] +Description=LXC Container Monitoring Daemon +After=syslog.service network.target +Documentation=man:lxc + +[Service] +Type=simple +ExecStart=/usr/libexec/lxc/lxc-monitord --daemon + +[Install] +WantedBy=multi-user.target diff --git a/app-containers/lxc/files/lxc-net.service.5.0.0 b/app-containers/lxc/files/lxc-net.service.5.0.0 new file mode 100644 index 000000000000..8a037fcb7614 --- /dev/null +++ b/app-containers/lxc/files/lxc-net.service.5.0.0 @@ -0,0 +1,15 @@ +[Unit] +Description=LXC network bridge setup +After=network-online.target +Before=lxc.service +Documentation=man:lxc +ConditionVirtualization=!lxc + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/libexec/lxc/lxc-net start +ExecStop=/usr/libexec/lxc/lxc-net stop + +[Install] +WantedBy=multi-user.target diff --git a/app-containers/lxc/files/lxc.service-5.0.0 b/app-containers/lxc/files/lxc.service-5.0.0 new file mode 100644 index 000000000000..35d0dff241d0 --- /dev/null +++ b/app-containers/lxc/files/lxc.service-5.0.0 @@ -0,0 +1,19 @@ +[Unit] +Description=LXC Container Initialization and Autoboot Code +After=network.target lxc-net.service remote-fs.target +Wants=lxc-net.service +Documentation=man:lxc-autostart man:lxc + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStartPre=/usr/libexec/lxc/lxc-apparmor-load +ExecStart=/usr/libexec//lxc/lxc-containers start +ExecStop=/usr/libexec/lxc/lxc-containers stop +ExecReload=/usr/libexec/lxc/lxc-apparmor-load +# Environment=BOOTUP=serial +# Environment=CONSOLETYPE=serial +Delegate=yes + +[Install] +WantedBy=multi-user.target diff --git a/app-containers/lxc/files/lxc_at.service.5.0.0 b/app-containers/lxc/files/lxc_at.service.5.0.0 new file mode 100644 index 000000000000..447b6c87ec5d --- /dev/null +++ b/app-containers/lxc/files/lxc_at.service.5.0.0 @@ -0,0 +1,19 @@ +[Unit] +Description=LXC Container: %i +# This pulls in apparmor, dev-setup, lxc-net +After=lxc.service +Wants=lxc.service +Documentation=man:lxc-start man:lxc + +[Service] +Type=simple +KillMode=mixed +TimeoutStopSec=120s +ExecStart=/usr/bin/lxc-start -F -n %i +ExecStop=/usr/bin/lxc-stop -n %i +# Environment=BOOTUP=serial +# Environment=CONSOLETYPE=serial +Delegate=yes + +[Install] +WantedBy=multi-user.target diff --git a/app-containers/lxc/lxc-5.0.0.ebuild b/app-containers/lxc/lxc-5.0.0.ebuild new file mode 100644 index 000000000000..40f95941aeac --- /dev/null +++ b/app-containers/lxc/lxc-5.0.0.ebuild @@ -0,0 +1,159 @@ +# Copyright 2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit bash-completion-r1 linux-info meson optfeature systemd verify-sig + +DESCRIPTION="A userspace interface for the Linux kernel containment features" +HOMEPAGE="https://linuxcontainers.org/ https://github.com/lxc/lxc" +SRC_URI="https://linuxcontainers.org/downloads/lxc/${P}.tar.gz + verify-sig? ( https://linuxcontainers.org/downloads/lxc/${P}.tar.gz.asc )" + +LICENSE="GPL-2 LGPL-2.1 LGPL-3" +SLOT="0" +KEYWORDS="~amd64 ~riscv ~x86" +IUSE="apparmor +caps examples io-uring man pam seccomp selinux ssl systemd test +tools verify-sig" + +RDEPEND="acct-group/lxc + acct-user/lxc + apparmor? ( sys-libs/libapparmor ) + caps? ( sys-libs/libcap[static-libs] ) + io-uring? ( >=sys-libs/liburing-2:= ) + pam? ( sys-libs/pam ) + seccomp? ( sys-libs/libseccomp ) + selinux? ( sys-libs/libselinux ) + ssl? ( dev-libs/openssl:0= ) + systemd? ( sys-apps/systemd ) + tools? ( sys-libs/libcap[static-libs] )" +DEPEND="${RDEPEND} + sys-kernel/linux-headers" +BDEPEND="virtual/pkgconfig + man? ( app-text/docbook2X ) + verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" + +RESTRICT="!test? ( test )" + +CONFIG_CHECK="~!NETPRIO_CGROUP + ~CGROUPS + ~CGROUP_CPUACCT + ~CGROUP_DEVICE + ~CGROUP_FREEZER + + ~CGROUP_SCHED + ~CPUSETS + ~IPC_NS + ~MACVLAN + + ~MEMCG + ~NAMESPACES + ~NET_NS + ~PID_NS + + ~POSIX_MQUEUE + ~USER_NS + ~UTS_NS + ~VETH" + +ERROR_CGROUP_FREEZER="CONFIG_CGROUP_FREEZER: needed to freeze containers" +ERROR_MACVLAN="CONFIG_MACVLAN: needed for internal (inter-container) networking" +ERROR_MEMCG="CONFIG_MEMCG: needed for memory resource control in containers" +ERROR_NET_NS="CONFIG_NET_NS: needed for unshared network" +ERROR_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE: needed for lxc-execute command" +ERROR_UTS_NS="CONFIG_UTS_NS: needed to unshare hostnames and uname info" +ERROR_VETH="CONFIG_VETH: needed for internal (host-to-container) networking" + +VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/linuxcontainers.asc + +DOCS=( AUTHORS CONTRIBUTING MAINTAINERS README.md doc/FAQ.txt ) + +PATCHES=( "${FILESDIR}"/lxc-5.0.0-dont-depend-on-static-libcap.patch ) + +pkg_setup() { + linux-info_pkg_setup +} + +src_configure() { + local emesonargs=( + -Dcoverity-build=false + -Doss-fuzz=false + + -Dcommands=true + -Dmemfd-rexec=true + -Dthread-safety=true + + $(meson_use apparmor) + $(meson_use caps capabilities) + $(meson_use examples) + $(meson_use io-uring io-uring-event-loop) + $(meson_use man) + $(meson_use pam pam-cgroup) + $(meson_use seccomp) + $(meson_use selinux) + $(meson_use ssl openssl) + $(meson_use test tests) + $(meson_use tools) + + -Ddata-path=/var/lib/lxc + -Ddoc-path=/usr/share/doc/${PF} + -Dlog-path=/var/log/lxc + -Drootfs-mount-path=/var/lib/lxc/rootfs + -Druntime-path=/run + ) + + if use systemd; then + local emesonargs+=( -Dinit-script="systemd" ) + else + local emesonargs+=( -Dinit-script="sysvinit" ) + fi + + use tools && local emesonargs+=( -Dcapabilities=true ) + + meson_src_configure +} + +src_install() { + meson_src_install + + # The main bash-completion file will collide with lxd, need to relocate and update symlinks. + mkdir -p "${ED}"/$(get_bashcompdir) || die "Failed to create bashcompdir." + + if use tools; then + bashcomp_alias lxc-start lxc-{attach,cgroup,copy,console,create,destroy,device,execute,freeze,info,monitor,snapshot,stop,unfreeze,usernsexec,wait} + else + bashcomp_alias lxc-start lxc-usernsexec + fi + + keepdir /var/lib/cache/lxc /var/lib/lib/lxc + + find "${ED}" -name '*.la' -delete -o -name '*.a' -delete || die + + # Replace upstream sysvinit/systemd files. + if use systemd; then + rm -r "${ED}"/lib/systemd || die "Failed to remove systemd lib dir" + else + rm "${ED}"/etc/init.d/lxc-{containers,net} || die "Failed to remove sysvinit scripts" + fi + + newinitd "${FILESDIR}/${PN}.initd.8" ${PN} + systemd_newunit "${FILESDIR}"/lxc-monitord.service.5.0.0 lxc-monitord.service + systemd_newunit "${FILESDIR}"/lxc-net.service.5.0.0 lxc-net.service + systemd_newunit "${FILESDIR}"/lxc.service-5.0.0 lxc.service + systemd_newunit "${FILESDIR}"/lxc_at.service.5.0.0 "lxc@.service" + + if ! use apparmor; then + sed -i '/lxc-apparmor-load/d' "${ED}"/lib/systemd/system/lxc.service || die "Failed to remove apparmor references from lxc.service systemd unit." + fi +} + +pkg_postinst() { + elog "Please refer to " + elog "https://wiki.gentoo.org/wiki/LXC for introduction and usage guide." + elog + elog "Run 'lxc-checkconfig' to see optional kernel features." + elog + + optfeature "automatic template scripts" app-containers/lxc-templates + optfeature "Debian-based distribution container image support" dev-util/debootstrap + optfeature "snapshot & restore functionality" sys-process/criu +} |