From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1496210-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 1DC3B15A7D9
	for <garchives@archives.gentoo.org>; Tue, 14 Mar 2023 16:50:17 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 4FCB0E075F;
	Tue, 14 Mar 2023 16:50:16 +0000 (UTC)
Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 2E50DE075F
	for <gentoo-commits@lists.gentoo.org>; Tue, 14 Mar 2023 16:50:16 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 3C717341087
	for <gentoo-commits@lists.gentoo.org>; Tue, 14 Mar 2023 16:50:15 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id 89AC87F9
	for <gentoo-commits@lists.gentoo.org>; Tue, 14 Mar 2023 16:50:13 +0000 (UTC)
From: "William Hubbs" <williamh@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "William Hubbs" <williamh@gentoo.org>
Message-ID: <1678812593.6f78eaca943ed47dbea9a7c44e9f438aa3575438.williamh@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: app-containers/docker/
X-VCS-Repository: repo/gentoo
X-VCS-Files: app-containers/docker/docker-23.0.1.ebuild
X-VCS-Directories: app-containers/docker/
X-VCS-Committer: williamh
X-VCS-Committer-Name: William Hubbs
X-VCS-Revision: 6f78eaca943ed47dbea9a7c44e9f438aa3575438
X-VCS-Branch: master
Date: Tue, 14 Mar 2023 16:50:13 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: 9ea554ed-eb39-411f-ac05-820f55f47e10
X-Archives-Hash: 8c925a45bc0a699cc22ed81cec5c8a23

commit:     6f78eaca943ed47dbea9a7c44e9f438aa3575438
Author:     William Hubbs <williamh <AT> gentoo <DOT> org>
AuthorDate: Tue Mar 14 16:44:19 2023 +0000
Commit:     William Hubbs <williamh <AT> gentoo <DOT> org>
CommitDate: Tue Mar 14 16:49:53 2023 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6f78eaca

app-containers/docker: more kernel option fixes

- put SECURITY_SELINUX and SECURITY_APPARMOR behind the appropriate use flags
- put MEMCG_SWAP and LEGACY_SYSCALL_EMULATE behind kernel version checks

Bug: https://bugs.gentoo.org/900845
Signed-off-by: William Hubbs <williamh <AT> gentoo.org>

 app-containers/docker/docker-23.0.1.ebuild | 37 +++++++++++++++++++++++-------
 1 file changed, 29 insertions(+), 8 deletions(-)

diff --git a/app-containers/docker/docker-23.0.1.ebuild b/app-containers/docker/docker-23.0.1.ebuild
index d592dae8135b..227d05ce400b 100644
--- a/app-containers/docker/docker-23.0.1.ebuild
+++ b/app-containers/docker/docker-23.0.1.ebuild
@@ -114,9 +114,14 @@ pkg_setup() {
 
 	CONFIG_CHECK+="
 		~CGROUP_PIDS
-		~MEMCG_SWAP
 	"
 
+	if kernel_is lt 6 1; then
+		CONFIG_CHECK+="
+			~MEMCG_SWAP
+			"
+	fi
+
 	if kernel_is le 5 8; then
 		CONFIG_CHECK+="
 			~MEMCG_SWAP_ENABLED
@@ -124,10 +129,16 @@ pkg_setup() {
 	fi
 
 	CONFIG_CHECK+="
-	~!LEGACY_VSYSCALL_NATIVE
-	~LEGACY_VSYSCALL_EMULATE
-	~!LEGACY_VSYSCALL_NONE
-	"
+		~!LEGACY_VSYSCALL_NATIVE
+		"
+	if kernel_is lt 5 19; then
+		CONFIG_CHECK+="
+			~LEGACY_VSYSCALL_EMULATE
+			"
+	fi
+	CONFIG_CHECK+="
+		~!LEGACY_VSYSCALL_NONE
+		"
 	WARNING_LEGACY_SYSCALL_NONE="CONFIG_LEGACY_VSYSCALL_NONE enabled: \
 		Containers with <=glibc-2.13 will not work"
 
@@ -155,9 +166,19 @@ pkg_setup() {
 		~IP_VS_PROTO_TCP
 		~IP_VS_PROTO_UDP
 		~IP_VS_RR
-		~SECURITY_SELINUX
-		~SECURITY_APPARMOR
-	"
+		"
+
+	if use selinux; then
+		CONFIG_CHECK+="
+			~SECURITY_SELINUX
+			"
+	fi
+
+	if use apparmor; then
+		CONFIG_CHECK+="
+			~SECURITY_APPARMOR
+			"
+	fi
 
 	# if ! is_set EXT4_USE_FOR_EXT2; then
 	#	check_flags EXT3_FS EXT3_FS_XATTR EXT3_FS_POSIX_ACL EXT3_FS_SECURITY