[gentoo-commits] repo/gentoo:master commit in: app-emulation/podman/

["Zac Medico" <zmedico@gentoo.org>]

commit:     6ba1707f2083f32c57825fbf2d418a7018b9bc09
Author:     Zac Medico <zmedico <AT> gentoo <DOT> org>
AuthorDate: Mon Apr 26 23:26:06 2021 +0000
Commit:     Zac Medico <zmedico <AT> gentoo <DOT> org>
CommitDate: Mon Apr 26 23:31:40 2021 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6ba1707f

app-emulation/podman: Remove vulnerable version

podman-3.0.1 is vulnerable because it uses
containers-storage v1.24.6 vendored in this commit:

https://github.com/containers/podman/commit/5a520cb4cae29e97085adfcf95b9d18e9e7a4c45

podman-3.1.2 is *not* vulnerable because it uses
containers-storage v1.30.0 vendored in this commit:

https://github.com/containers/podman/commit/5aef11026a850bb99d8394dba17810bf05d727bc

Bug: https://bugs.gentoo.org/785901
Package-Manager: Portage-3.0.18, Repoman-3.0.3
Signed-off-by: Zac Medico <zmedico <AT> gentoo.org>

 app-emulation/podman/Manifest            |   1 -
 app-emulation/podman/podman-3.0.1.ebuild | 165 -------------------------------
 2 files changed, 166 deletions(-)

diff --git a/app-emulation/podman/Manifest b/app-emulation/podman/Manifest
index 37d3b05f010..f297759d5ef 100644
--- a/app-emulation/podman/Manifest
+++ b/app-emulation/podman/Manifest
@@ -1,2 +1 @@
-DIST podman-3.0.1.tar.gz 10365348 BLAKE2B 93a227bf1395145ebaec8e18aa8ad8101704e8e0f7344c8850ee9e1532b191aef96b1cbbba2e21bd716591d68969cfd16ee811621a383cb2d31e4105a44834bf SHA512 4addc986ad94b512d90b675a5a1988eeef365fff02c3449fd310582245a91d4ee96ff9fd3c56ce333a972dca627aa28fbd468a4a363c5c8963524bb67bc26754
 DIST podman-3.1.2.tar.gz 10488539 BLAKE2B 8536f6856e436467541f7714e75d5055545e1514604d6541671894117e752609a9e791355c162ef8fcdbc0cbd992823ecab8a3ab760bab3a469d9768b6b008e4 SHA512 fdc26368f3cce6a11fe9adeae34a2f04396a554bb5f245e07fc98d1ce21dff66faba5549e9e0b94793d67768ff03fea2990e7a2759dd41ed2b72778431f5dd9d

diff --git a/app-emulation/podman/podman-3.0.1.ebuild b/app-emulation/podman/podman-3.0.1.ebuild
deleted file mode 100644
index f82494e1737..00000000000
--- a/app-emulation/podman/podman-3.0.1.ebuild
+++ /dev/null
@@ -1,165 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit bash-completion-r1 flag-o-matic go-module
-
-DESCRIPTION="Library and podman tool for running OCI-based containers in Pods"
-HOMEPAGE="https://github.com/containers/podman/"
-MY_PN=podman
-MY_P=${MY_PN}-${PV}
-SRC_URI="https://github.com/containers/podman/archive/v${PV}.tar.gz -> ${MY_P}.tar.gz"
-LICENSE="Apache-2.0 BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0"
-SLOT="0"
-
-KEYWORDS="~amd64 ~arm64"
-IUSE="apparmor btrfs +fuse +rootless selinux"
-RESTRICT="test"
-
-COMMON_DEPEND="
-	app-crypt/gpgme:=
-	>=app-emulation/conmon-2.0.0
-	|| ( >=app-emulation/runc-1.0.0_rc6 app-emulation/crun )
-	dev-libs/libassuan:=
-	dev-libs/libgpg-error:=
-	>=net-misc/cni-plugins-0.8.6
-	sys-fs/lvm2
-	sys-libs/libseccomp:=
-
-	apparmor? ( sys-libs/libapparmor )
-	btrfs? ( sys-fs/btrfs-progs )
-	rootless? ( app-emulation/slirp4netns )
-	selinux? ( sys-libs/libselinux:= )
-"
-DEPEND="
-	${COMMON_DEPEND}
-	dev-go/go-md2man"
-RDEPEND="${COMMON_DEPEND}
-	fuse? ( sys-fs/fuse-overlayfs )"
-
-S=${WORKDIR}/${MY_P}
-
-src_prepare() {
-	default
-
-	# Disable installation of python modules here, since those are
-	# installed by separate ebuilds.
-	local makefile_sed_args=(
-		-e '/^GIT_.*/d'
-		-e 's/$(GO) build/$(GO) build -v -work -x/'
-		-e 's/^\(install:.*\) install\.python$/\1/'
-		-e 's|^pkg/varlink/iopodman.go: .gopathok pkg/varlink/io.podman.varlink$|pkg/varlink/iopodman.go: pkg/varlink/io.podman.varlink|'
-	)
-
-	has_version -b '>=dev-lang/go-1.13.9' || makefile_sed_args+=(-e 's:GO111MODULE=off:GO111MODULE=on:')
-
-	sed "${makefile_sed_args[@]}" -i Makefile || die
-
-	sed -e 's|OUTPUT="${CIRRUS_TAG:.*|OUTPUT='v${PV}'|' \
-		-i hack/get_release_info.sh || die
-}
-
-src_compile() {
-	local git_commit
-	git_commit=$(grep '^[[:space:]]*gitCommit[[:space:]]' vendor/k8s.io/client-go/pkg/version/base.go)
-	git_commit=${git_commit#*\"}
-	git_commit=${git_commit%\"*}
-	[[ ${git_commit} ]] || die "failed to determine gitCommit"
-
-	# Filter unsupported linker flags
-	filter-flags '-Wl,*'
-
-	[[ -f hack/apparmor_tag.sh ]] || die
-	if use apparmor; then
-		echo -e "#!/bin/sh\necho apparmor" > hack/apparmor_tag.sh || die
-	else
-		echo -e "#!/bin/sh\ntrue" > hack/apparmor_tag.sh || die
-	fi
-
-	[[ -f hack/btrfs_installed_tag.sh ]] || die
-	if use btrfs; then
-		echo -e "#!/bin/sh\ntrue" > hack/btrfs_installed_tag.sh || die
-	else
-		echo -e "#!/bin/sh\necho exclude_graphdriver_btrfs" > \
-			hack/btrfs_installed_tag.sh || die
-	fi
-
-	[[ -f hack/selinux_tag.sh ]] || die
-	if use selinux; then
-		echo -e "#!/bin/sh\necho selinux" > hack/selinux_tag.sh || die
-	else
-		echo -e "#!/bin/sh\ntrue" > hack/selinux_tag.sh || die
-	fi
-
-	# Avoid this error when generating pkg/varlink/iopodman.go:
-	# cannot find package "github.com/varlink/go/varlink/idl"
-	mkdir -p _output || die
-	ln -snf ../vendor _output/src || die
-	GO111MODULE=off GOPATH=${PWD}/_output go generate ./pkg/varlink/... || die
-	rm _output/src || die
-
-	export -n GOCACHE GOPATH XDG_CACHE_HOME
-	GOBIN="${S}/bin" \
-		emake all \
-			GIT_BRANCH=master \
-			GIT_BRANCH_CLEAN=master \
-			COMMIT_NO="${git_commit}" \
-			GIT_COMMIT="${git_commit}"
-}
-
-src_install() {
-	emake DESTDIR="${D}" PREFIX="${EPREFIX}/usr" install
-
-	insinto /etc/containers
-	newins test/registries.conf registries.conf.example
-	newins test/policy.json policy.json.example
-
-	insinto /usr/share/containers
-	doins vendor/github.com/containers/common/pkg/seccomp/seccomp.json
-
-	newconfd "${FILESDIR}"/podman.confd podman
-	newinitd "${FILESDIR}"/podman.initd podman
-
-	insinto /etc/logrotate.d
-	newins "${FILESDIR}/podman.logrotated" podman
-
-	dobashcomp completions/bash/*
-
-	insinto /usr/share/zsh/site-functions
-	doins completions/zsh/*
-
-	insinto /usr/share/fish/vendor_completions.d
-	doins completions/fish/*
-
-	keepdir /var/lib/containers
-}
-
-pkg_preinst() {
-	PODMAN_ROOTLESS_UPGRADE=false
-	if use rootless; then
-		has_version 'app-emulation/podman[rootless]' || PODMAN_ROOTLESS_UPGRADE=true
-	fi
-}
-
-pkg_postinst() {
-	local want_newline=false
-	if [[ ! ( -e ${EROOT%/*}/etc/containers/policy.json && -e ${EROOT%/*}/etc/containers/registries.conf ) ]]; then
-		elog "You need to create the following config files:"
-		elog "/etc/containers/registries.conf"
-		elog "/etc/containers/policy.json"
-		elog "To copy over default examples, use:"
-		elog "cp /etc/containers/registries.conf{.example,}"
-		elog "cp /etc/containers/policy.json{.example,}"
-		want_newline=true
-	fi
-	if [[ ${PODMAN_ROOTLESS_UPGRADE} == true ]] ; then
-		${want_newline} && elog ""
-		elog "For rootless operation, you need to configure subuid/subgid"
-		elog "for user running podman. In case subuid/subgid has only been"
-		elog "configured for root, run:"
-		elog "usermod --add-subuids 1065536-1131071 <user>"
-		elog "usermod --add-subgids 1065536-1131071 <user>"
-		want_newline=true
-	fi
-}