From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 6556213835A for ; Wed, 2 Dec 2020 19:56:26 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 5C62FE0849; Wed, 2 Dec 2020 19:56:25 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 44EB1E0849 for ; Wed, 2 Dec 2020 19:56:25 +0000 (UTC) Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 939B2335D31 for ; Wed, 2 Dec 2020 19:56:23 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 18D3D3B7 for ; Wed, 2 Dec 2020 19:56:22 +0000 (UTC) From: "Georgy Yakovlev" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Georgy Yakovlev" Message-ID: <1606938447.5a30b66574ee67ab8bef771c13fff12bb73fe71f.gyakovlev@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: app-emulation/containerd/ X-VCS-Repository: repo/gentoo X-VCS-Files: app-emulation/containerd/Manifest app-emulation/containerd/containerd-1.3.9.ebuild X-VCS-Directories: app-emulation/containerd/ X-VCS-Committer: gyakovlev X-VCS-Committer-Name: Georgy Yakovlev X-VCS-Revision: 5a30b66574ee67ab8bef771c13fff12bb73fe71f X-VCS-Branch: master Date: Wed, 2 Dec 2020 19:56:22 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: b6c35b55-f00e-4ea0-b660-a5c117a4fb92 X-Archives-Hash: 9c696c395143d3f015799b41581fbf64 commit: 5a30b66574ee67ab8bef771c13fff12bb73fe71f Author: Georgy Yakovlev gentoo org> AuthorDate: Wed Dec 2 19:40:21 2020 +0000 Commit: Georgy Yakovlev gentoo org> CommitDate: Wed Dec 2 19:47:27 2020 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5a30b665 app-emulation/containerd: bump to 1.3.9 ( for CVE-2020-15257 ) Package-Manager: Portage-3.0.11, Repoman-3.0.2 Signed-off-by: Georgy Yakovlev gentoo.org> app-emulation/containerd/Manifest | 1 + app-emulation/containerd/containerd-1.3.9.ebuild | 84 ++++++++++++++++++++++++ 2 files changed, 85 insertions(+) diff --git a/app-emulation/containerd/Manifest b/app-emulation/containerd/Manifest index 0f5c4312268..bb55e05e21a 100644 --- a/app-emulation/containerd/Manifest +++ b/app-emulation/containerd/Manifest @@ -1 +1,2 @@ DIST containerd-1.3.7.tar.gz 5709989 BLAKE2B 0cfa6f5bcd41c1591e64f41dbba2720bed5f25d61625b6d09be19df56fe74b61532b627c35a830e1e4937333f790f7ff8a5fad18b8869a679a6fec18daf238d3 SHA512 7c6de27b6529e3fb3f924ec67a260a51bc45186d69baa4cae6720a08e5c3b74aeb43d236c0a4739f297b2863233bde7d2246a597c9e17713c48bec767c6bbfee +DIST containerd-1.3.9.tar.gz 5717856 BLAKE2B f6b9741f7d793a18b44813453d185cb9e8f4742fbb2987521445104fb44bca913571d6b4f6386ea048084d6565d41759c6ec95ac4591bd9b2101b40bbaafd8fa SHA512 79e0baab72169f84b8661b77f54d0a906a380cd00cbabd00bfec6c10d71a13fc4dd81c7b5e1c3ce184f91d3f68d6df9b735f13e6e04d494792bf7374058d43aa diff --git a/app-emulation/containerd/containerd-1.3.9.ebuild b/app-emulation/containerd/containerd-1.3.9.ebuild new file mode 100644 index 00000000000..a6dcc20d842 --- /dev/null +++ b/app-emulation/containerd/containerd-1.3.9.ebuild @@ -0,0 +1,84 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +# update on bump, look for https://github.com/docker\ +# docker-ce/blob//components/engine/hack/dockerfile/install/containerd.installer +CONTAINERD_COMMIT="ea765ab" +EGO_PN="github.com/containerd/${PN}" + +inherit golang-vcs-snapshot toolchain-funcs + +DESCRIPTION="A daemon to control runC" +HOMEPAGE="https://containerd.io/" +SRC_URI="https://github.com/containerd/${PN}/archive/${CONTAINERD_COMMIT}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86" +IUSE="apparmor btrfs device-mapper +cri hardened +seccomp selinux test" + +DEPEND=" + btrfs? ( sys-fs/btrfs-progs ) + seccomp? ( sys-libs/libseccomp ) +" + +RDEPEND=" + ${DEPEND} + ~app-emulation/runc-1.0.0_rc10 +" + +BDEPEND=" + dev-go/go-md2man + virtual/pkgconfig + test? ( "${RDEPEND}" ) +" + +# tests require root or docker +# upstream does not recommend stripping binary +RESTRICT+=" strip test" + +S="${WORKDIR}/${P}/src/${EGO_PN}" + +src_prepare() { + default + sed -i -e "s/git describe --match.*$/echo ${PV})/"\ + -e "s/git rev-parse HEAD.*$/echo ${CONTAINERD_COMMIT})/"\ + -e "s/-s -w//" \ + Makefile || die +} + +src_compile() { + local options=( + $(usev apparmor) + $(usex btrfs "" "no_btrfs") + $(usex cri "" "no_cri") + $(usex device-mapper "" "no_devmapper") + $(usev seccomp) + $(usev selinux) + ) + + myemakeargs=( + BUILDTAGS="${options[*]}" + DESTDIR="${ED}" + LDFLAGS=$(usex hardened '-extldflags -fno-PIC' '') + ) + + export GOPATH="${WORKDIR}/${P}" # ${PWD}/vendor + export GOFLAGS="-v -x -mod=vendor" + emake "${myemakeargs[@]}" all man +} + +src_install() { + dobin bin/* + doman man/* + newinitd "${FILESDIR}"/${PN}.initd "${PN}" + keepdir /var/lib/containerd + + # we already installed manpages, remove markdown source + # before installing docs directory + rm -rf docs/man || die + local DOCS=( README.md PLUGINS.md docs/. ) + einstalldocs +}