From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 3AB1D158094 for ; Mon, 25 Jul 2022 09:53:12 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 6B58AE0EE4; Mon, 25 Jul 2022 09:53:11 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 4BD4DE0EE4 for ; Mon, 25 Jul 2022 09:53:11 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 31BC1340D4C for ; Mon, 25 Jul 2022 09:53:10 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id A19434FA for ; Mon, 25 Jul 2022 09:53:08 +0000 (UTC) From: "Matthias Maier" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Matthias Maier" Message-ID: <1658742781.319514d2fb6c6e9c00c986ada3f4fa1c46a18a73.tamiko@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: app-containers/lxc/ X-VCS-Repository: repo/gentoo X-VCS-Files: app-containers/lxc/lxc-5.0.0-r1.ebuild X-VCS-Directories: app-containers/lxc/ X-VCS-Committer: tamiko X-VCS-Committer-Name: Matthias Maier X-VCS-Revision: 319514d2fb6c6e9c00c986ada3f4fa1c46a18a73 X-VCS-Branch: master Date: Mon, 25 Jul 2022 09:53:08 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: 8bd37363-5144-4ebf-a825-5152991a970c X-Archives-Hash: 2b758a9cd0803eab0576a129302bfbf3 commit: 319514d2fb6c6e9c00c986ada3f4fa1c46a18a73 Author: Matthias Maier gentoo org> AuthorDate: Mon Jul 25 09:48:50 2022 +0000 Commit: Matthias Maier gentoo org> CommitDate: Mon Jul 25 09:53:01 2022 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=319514d2 app-containers/lxc: do not hardcode systemd paths Use $(systemd_get_systemunitdir) instead of hardcoding paths. Thanks to Arfrever for pointing this out. Signed-off-by: Matthias Maier gentoo.org> app-containers/lxc/lxc-5.0.0-r1.ebuild | 160 +++++++++++++++++++++++++++++++++ 1 file changed, 160 insertions(+) diff --git a/app-containers/lxc/lxc-5.0.0-r1.ebuild b/app-containers/lxc/lxc-5.0.0-r1.ebuild new file mode 100644 index 000000000000..1ab8d12bf9d6 --- /dev/null +++ b/app-containers/lxc/lxc-5.0.0-r1.ebuild @@ -0,0 +1,160 @@ +# Copyright 2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit bash-completion-r1 linux-info meson optfeature systemd verify-sig + +DESCRIPTION="A userspace interface for the Linux kernel containment features" +HOMEPAGE="https://linuxcontainers.org/ https://github.com/lxc/lxc" +SRC_URI="https://linuxcontainers.org/downloads/lxc/${P}.tar.gz + verify-sig? ( https://linuxcontainers.org/downloads/lxc/${P}.tar.gz.asc )" + +LICENSE="GPL-2 LGPL-2.1 LGPL-3" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" +IUSE="apparmor +caps examples io-uring man pam seccomp selinux ssl systemd test +tools verify-sig" + +RDEPEND="acct-group/lxc + acct-user/lxc + apparmor? ( sys-libs/libapparmor ) + caps? ( sys-libs/libcap[static-libs] ) + io-uring? ( >=sys-libs/liburing-2:= ) + pam? ( sys-libs/pam ) + seccomp? ( sys-libs/libseccomp ) + selinux? ( sys-libs/libselinux ) + ssl? ( dev-libs/openssl:0= ) + systemd? ( sys-apps/systemd ) + tools? ( sys-libs/libcap[static-libs] )" +DEPEND="${RDEPEND} + sys-kernel/linux-headers" +BDEPEND="virtual/pkgconfig + man? ( app-text/docbook2X ) + verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" + +RESTRICT="!test? ( test )" + +CONFIG_CHECK="~!NETPRIO_CGROUP + ~CGROUPS + ~CGROUP_CPUACCT + ~CGROUP_DEVICE + ~CGROUP_FREEZER + + ~CGROUP_SCHED + ~CPUSETS + ~IPC_NS + ~MACVLAN + + ~MEMCG + ~NAMESPACES + ~NET_NS + ~PID_NS + + ~POSIX_MQUEUE + ~USER_NS + ~UTS_NS + ~VETH" + +ERROR_CGROUP_FREEZER="CONFIG_CGROUP_FREEZER: needed to freeze containers" +ERROR_MACVLAN="CONFIG_MACVLAN: needed for internal (inter-container) networking" +ERROR_MEMCG="CONFIG_MEMCG: needed for memory resource control in containers" +ERROR_NET_NS="CONFIG_NET_NS: needed for unshared network" +ERROR_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE: needed for lxc-execute command" +ERROR_UTS_NS="CONFIG_UTS_NS: needed to unshare hostnames and uname info" +ERROR_VETH="CONFIG_VETH: needed for internal (host-to-container) networking" + +VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/linuxcontainers.asc + +DOCS=( AUTHORS CONTRIBUTING MAINTAINERS README.md doc/FAQ.txt ) + +PATCHES=( "${FILESDIR}"/lxc-5.0.0-dont-depend-on-static-libcap.patch + "${FILESDIR}"/${PN}-5.0.0-fix-strerror-r-char-p-musl.patch ) + +pkg_setup() { + linux-info_pkg_setup +} + +src_configure() { + local emesonargs=( + -Dcoverity-build=false + -Doss-fuzz=false + + -Dcommands=true + -Dmemfd-rexec=true + -Dthread-safety=true + + $(meson_use apparmor) + $(meson_use caps capabilities) + $(meson_use examples) + $(meson_use io-uring io-uring-event-loop) + $(meson_use man) + $(meson_use pam pam-cgroup) + $(meson_use seccomp) + $(meson_use selinux) + $(meson_use ssl openssl) + $(meson_use test tests) + $(meson_use tools) + + -Ddata-path=/var/lib/lxc + -Ddoc-path=/usr/share/doc/${PF} + -Dlog-path=/var/log/lxc + -Drootfs-mount-path=/var/lib/lxc/rootfs + -Druntime-path=/run + ) + + if use systemd; then + local emesonargs+=( -Dinit-script="systemd" ) + else + local emesonargs+=( -Dinit-script="sysvinit" ) + fi + + use tools && local emesonargs+=( -Dcapabilities=true ) + + meson_src_configure +} + +src_install() { + meson_src_install + + # The main bash-completion file will collide with lxd, need to relocate and update symlinks. + mkdir -p "${ED}"/$(get_bashcompdir) || die "Failed to create bashcompdir." + + if use tools; then + bashcomp_alias lxc-start lxc-{attach,cgroup,copy,console,create,destroy,device,execute,freeze,info,monitor,snapshot,stop,unfreeze,usernsexec,wait} + else + bashcomp_alias lxc-start lxc-usernsexec + fi + + keepdir /var/lib/cache/lxc /var/lib/lib/lxc + + find "${ED}" -name '*.la' -delete -o -name '*.a' -delete || die + + # Replace upstream sysvinit/systemd files. + if use systemd; then + rm -r "${D}$(systemd_get_systemunitdir)" || die "Failed to remove systemd lib dir" + else + rm "${ED}"/etc/init.d/lxc-{containers,net} || die "Failed to remove sysvinit scripts" + fi + + newinitd "${FILESDIR}/${PN}.initd.8" ${PN} + systemd_newunit "${FILESDIR}"/lxc-monitord.service.5.0.0 lxc-monitord.service + systemd_newunit "${FILESDIR}"/lxc-net.service.5.0.0 lxc-net.service + systemd_newunit "${FILESDIR}"/lxc.service-5.0.0 lxc.service + systemd_newunit "${FILESDIR}"/lxc_at.service.5.0.0 "lxc@.service" + + if ! use apparmor; then + sed -i '/lxc-apparmor-load/d' "${D}$(systemd_get_systemunitdir)/lxc.service" || die "Failed to remove apparmor references from lxc.service systemd unit." + fi +} + +pkg_postinst() { + elog "Please refer to " + elog "https://wiki.gentoo.org/wiki/LXC for introduction and usage guide." + elog + elog "Run 'lxc-checkconfig' to see optional kernel features." + elog + + optfeature "automatic template scripts" app-containers/lxc-templates + optfeature "Debian-based distribution container image support" dev-util/debootstrap + optfeature "snapshot & restore functionality" sys-process/criu +}