Date: Friday, March 8, 2019 @ 11:04:06 Author: bpiotrowski Revision: 438051
1.7.1-1 Modified: buildah/trunk/PKGBUILD Deleted: buildah/trunk/0001-Revert-SELinux-support.patch -----------------------------------+ 0001-Revert-SELinux-support.patch | 159 ------------------------------------ PKGBUILD | 18 +--- 2 files changed, 6 insertions(+), 171 deletions(-) Deleted: 0001-Revert-SELinux-support.patch =================================================================== --- 0001-Revert-SELinux-support.patch 2019-03-08 10:56:24 UTC (rev 438050) +++ 0001-Revert-SELinux-support.patch 2019-03-08 11:04:06 UTC (rev 438051) @@ -1,159 +0,0 @@ -From 0dcc87af0cdd484480e8cc3f968b9e3d44758f15 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Bart=C5=82omiej=20Piotrowski?= <[email protected]> -Date: Wed, 23 Jan 2019 08:55:02 +0100 -Subject: [PATCH] Revert SELinux support - ---- - ostree/ostree_dest.go | 62 +++++-------------------------------------- - 1 file changed, 7 insertions(+), 55 deletions(-) - -diff --git a/ostree/ostree_dest.go b/ostree/ostree_dest.go -index d69f4fa..78b15e5 100644 ---- a/ostree/ostree_dest.go -+++ b/ostree/ostree_dest.go -@@ -15,32 +15,26 @@ import ( - "path/filepath" - "runtime" - "strconv" -- "strings" -- "syscall" - "time" -- "unsafe" - - "github.com/containers/image/manifest" - "github.com/containers/image/types" - "github.com/containers/storage/pkg/archive" - "github.com/klauspost/pgzip" - "github.com/opencontainers/go-digest" -- selinux "github.com/opencontainers/selinux/go-selinux" - "github.com/ostreedev/ostree-go/pkg/otbuiltin" - "github.com/pkg/errors" - "github.com/vbatts/tar-split/tar/asm" - "github.com/vbatts/tar-split/tar/storage" - ) - --// #cgo pkg-config: glib-2.0 gobject-2.0 ostree-1 libselinux -+// #cgo pkg-config: glib-2.0 gobject-2.0 ostree-1 - // #include <glib.h> - // #include <glib-object.h> - // #include <gio/gio.h> - // #include <stdlib.h> - // #include <ostree.h> - // #include <gio/ginputstream.h> --// #include <selinux/selinux.h> --// #include <selinux/label.h> - import "C" - - type blobToImport struct { -@@ -179,7 +173,7 @@ func (d *ostreeImageDestination) PutBlob(ctx context.Context, stream io.Reader, - return types.BlobInfo{Digest: computedDigest, Size: size}, nil - } - --func fixFiles(selinuxHnd *C.struct_selabel_handle, root string, dir string, usermode bool) error { -+func fixFiles(dir string, usermode bool) error { - entries, err := ioutil.ReadDir(dir) - if err != nil { - return err -@@ -194,42 +188,13 @@ func fixFiles(selinuxHnd *C.struct_selabel_handle, root string, dir string, user - continue - } - -- if selinuxHnd != nil { -- relPath, err := filepath.Rel(root, fullpath) -- if err != nil { -- return err -- } -- // Handle /exports/hostfs as a special case. Files under this directory are copied to the host, -- // thus we benefit from maintaining the same SELinux label they would have on the host as we could -- // use hard links instead of copying the files. -- relPath = fmt.Sprintf("/%s", strings.TrimPrefix(relPath, "exports/hostfs/")) -- -- relPathC := C.CString(relPath) -- defer C.free(unsafe.Pointer(relPathC)) -- var context *C.char -- -- res, err := C.selabel_lookup_raw(selinuxHnd, &context, relPathC, C.int(info.Mode()&os.ModePerm)) -- if int(res) < 0 && err != syscall.ENOENT { -- return errors.Wrapf(err, "cannot selabel_lookup_raw %s", relPath) -- } -- if int(res) == 0 { -- defer C.freecon(context) -- fullpathC := C.CString(fullpath) -- defer C.free(unsafe.Pointer(fullpathC)) -- res, err = C.lsetfilecon_raw(fullpathC, context) -- if int(res) < 0 { -- return errors.Wrapf(err, "cannot setfilecon_raw %s", fullpath) -- } -- } -- } -- - if info.IsDir() { - if usermode { - if err := os.Chmod(fullpath, info.Mode()|0700); err != nil { - return err - } - } -- err = fixFiles(selinuxHnd, root, fullpath, usermode) -+ err = fixFiles(fullpath, usermode) - if err != nil { - return err - } -@@ -285,9 +250,7 @@ func generateTarSplitMetadata(output *bytes.Buffer, file string) (digest.Digest, - return digester.Digest(), written, nil - } - --func (d *ostreeImageDestination) importBlob(selinuxHnd *C.struct_selabel_handle, repo *otbuiltin.Repo, blob *blobToImport) error { -- // TODO: This can take quite some time, and should ideally be cancellable using a context.Context. -- -+func (d *ostreeImageDestination) importBlob(repo *otbuiltin.Repo, blob *blobToImport) error { - ostreeBranch := fmt.Sprintf("ociimage/%s", blob.Digest.Hex()) - destinationPath := filepath.Join(d.tmpDirPath, blob.Digest.Hex(), "root") - if err := ensureDirectoryExists(destinationPath); err != nil { -@@ -308,7 +271,7 @@ func (d *ostreeImageDestination) importBlob(selinuxHnd *C.struct_selabel_handle, - if err := archive.UntarPath(blob.BlobPath, destinationPath); err != nil { - return err - } -- if err := fixFiles(selinuxHnd, destinationPath, destinationPath, false); err != nil { -+ if err := fixFiles(destinationPath, false); err != nil { - return err - } - } else { -@@ -317,7 +280,7 @@ func (d *ostreeImageDestination) importBlob(selinuxHnd *C.struct_selabel_handle, - return err - } - -- if err := fixFiles(selinuxHnd, destinationPath, destinationPath, true); err != nil { -+ if err := fixFiles(destinationPath, true); err != nil { - return err - } - } -@@ -430,17 +393,6 @@ func (d *ostreeImageDestination) Commit(ctx context.Context) error { - return err - } - -- var selinuxHnd *C.struct_selabel_handle -- -- if os.Getuid() == 0 && selinux.GetEnabled() { -- selinuxHnd, err = C.selabel_open(C.SELABEL_CTX_FILE, nil, 0) -- if selinuxHnd == nil { -- return errors.Wrapf(err, "cannot open the SELinux DB") -- } -- -- defer C.selabel_close(selinuxHnd) -- } -- - checkLayer := func(hash string) error { - blob := d.blobs[hash] - // if the blob is not present in d.blobs then it is already stored in OSTree, -@@ -448,7 +400,7 @@ func (d *ostreeImageDestination) Commit(ctx context.Context) error { - if blob == nil { - return nil - } -- err := d.importBlob(selinuxHnd, repo, blob) -+ err := d.importBlob(repo, blob) - if err != nil { - return err - } --- -2.20.1 - Modified: PKGBUILD =================================================================== --- PKGBUILD 2019-03-08 10:56:24 UTC (rev 438050) +++ PKGBUILD 2019-03-08 11:04:06 UTC (rev 438051) @@ -1,8 +1,8 @@ # Maintainer: Bartłomiej Piotrowski <[email protected]> pkgname=buildah -pkgver=1.6 -pkgrel=2 +pkgver=1.7.1 +pkgrel=1 pkgdesc="A tool which facilitates building OCI images" arch=(x86_64) url="https://github.com/containers/buildah"; @@ -10,11 +10,9 @@ depends=(ostree runc skopeo) makedepends=(go-pie git bash-bats btrfs-progs device-mapper gpgme libassuan bzip2 go-md2man runc skopeo) -_commit=5f95bd9a350a2dcff776914c19192df1cf272b97 # tags/v1.6 -source=(git://github.com/containers/buildah.git#commit=$_commit - 0001-Revert-SELinux-support.patch) -md5sums=('SKIP' - '19fc0a2a56c4c5e8257bbe7bc5af08c0') +_commit=93747b1fd5124fdc64344e569b79a8ec49d5f8ae # tags/v1.7.1 +source=(git://github.com/containers/buildah.git#commit=$_commit) +md5sums=('SKIP') pkgver() { cd buildah @@ -22,10 +20,6 @@ } prepare() { - pushd buildah/vendor/github.com/containers/image/ - patch -p1 -i "$srcdir/0001-Revert-SELinux-support.patch" - popd - mkdir -p src/github.com/containers cp -r $pkgname src/github.com/containers } @@ -33,7 +27,7 @@ build() { export GOPATH="${srcdir}" cd src/github.com/containers/buildah - make PREFIX=/usr + make PREFIX=/usr BUILDTAGS="containers_image_ostree_stub ostree seccomp" } package() {
