commit: 1c437fe99eb4beb6b279b843587c5c559ce452ad
Author: Erik Mackdanz <stasibear <AT> gentoo <DOT> org>
AuthorDate: Mon Jun 13 15:40:41 2016 +0000
Commit: Erik Mackdanz <stasibear <AT> gentoo <DOT> org>
CommitDate: Mon Jun 13 15:41:40 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1c437fe9
app-emulation/lxd: bump to 2.0.2
Address CVE-2016-1581 and CVE-2016-1582
Package-Manager: portage-2.3.0_rc1
app-emulation/lxd/Manifest | 1 +
.../lxd/files/lxd-2.0.2-dont-go-get.patch | 20 +++
app-emulation/lxd/files/lxd-2.0.2.confd | 27 ++++
app-emulation/lxd/files/lxd-2.0.2.initd | 50 +++++++
app-emulation/lxd/lxd-2.0.2.ebuild | 149 +++++++++++++++++++++
5 files changed, 247 insertions(+)
diff --git a/app-emulation/lxd/Manifest b/app-emulation/lxd/Manifest
index 8297025..072650a 100644
--- a/app-emulation/lxd/Manifest
+++ b/app-emulation/lxd/Manifest
@@ -2,3 +2,4 @@ DIST lxd-2.0.0.tar.bz2 2305314 SHA256
da5bab198cff8bee4528f35537221a252b4b2a23d6
DIST lxd-2.0.0_beta4.tar.bz2 2291955 SHA256
6487750275e21ab3e862ea56807b9fcf28e9a646040e1f50f3967e9f76cf27e5 SHA512
ae67b9098946f037c1c938cc46f141fb8089ae33b980dd55cebc9cc3f14fbcd645e810e185fdc61dacbd6437569d079e4d9bd9763d12fefb65cfcecf13c10b28
WHIRLPOOL
6c781b47b80d044128647567b6de81352b174e2224e9ff91f2e1eacc5dfbb9141e53aa74e9bce479ebee1bb6c691282849897c34f815415623abcf3d666c7033
DIST lxd-2.0.0_rc2.tar.bz2 2306077 SHA256
d74babbd5c537430a574a13c0f70c7633affc9bbd0e21bf0039872bdfb801fe9 SHA512
6a21620e19277293a3b665d4061f5aa9443d1a9a5ab88fa885096ff77acf828b215e247136bb99ea1ba230f015181bc9a86a919664c9288577509a2146a5aa66
WHIRLPOOL
f88e0f3b5ecd9803bc8baee864ffbdf33b39f331a5e5ceb170b2792d2e26b6f4faae3a8cc6aae090e81accd3835408f2956a117095bc790ca7c16cd7f21d205e
DIST lxd-2.0.1.tar.bz2 2330217 SHA256
b9a315825bfc66469a442f3b3da73e2af97dba270ffe1bc18c871cd6c1c7ad69 SHA512
67b1c42a0957bd2f4963c860372211dbbc38cb8e9346e83c6319749efd9e1a188c00033865901d285650298531460b9f54cba0e88d0973179c0c17bcd30cc97d
WHIRLPOOL
4ae640fc6410dff9d08816a6ac7ddb47a4cce9dfbbfaa65baf8456517aca25a501b0e680d9a6855a0fa3b9efe8cd1eddb0a9981d43de9ef573c16be936f5104a
+DIST lxd-2.0.2.tar.bz2 2340565 SHA256
0054b0e79ba0bc1a1189eb63ca8ac2ca2bafd10c500ce53f67abbd5abc03b542 SHA512
c79f1c7f0aeb289ba7bea745917aaac0d339baf0e6b4fe62cbcb67b8da072ef135e971d4c17546e2e208aeae921ad2853073493f9e7a6e300876bd72b808e516
WHIRLPOOL
a30bddfc79ad0c7d941db811f1942fff67afc79a217a251d55b1cf37d80cdb21f8f1f72df268382cbcd34d408005ef4185f5bd59f95369b51558938352f05c60
diff --git a/app-emulation/lxd/files/lxd-2.0.2-dont-go-get.patch
b/app-emulation/lxd/files/lxd-2.0.2-dont-go-get.patch
new file mode 100644
index 0000000..d2e622e
--- /dev/null
+++ b/app-emulation/lxd/files/lxd-2.0.2-dont-go-get.patch
@@ -0,0 +1,20 @@
+--- Makefile.orig 2016-02-19 00:16:40.720102639 +0000
++++ Makefile 2016-02-19 00:18:10.886096473 +0000
+@@ -12,17 +12,11 @@
+
+ .PHONY: default
+ default:
+- # Must run twice due to go get race
+- -go get -t -v -d ./...
+- -go get -t -v -d ./...
+ go install -v $(DEBUG) ./...
+ @echo "LXD built successfully"
+
+ .PHONY: client
+ client:
+- # Must run twice due to go get race
+- -go get -t -v -d ./...
+- -go get -t -v -d ./...
+ go install -v $(DEBUG) ./lxc
+ @echo "LXD client built successfully"
+
diff --git a/app-emulation/lxd/files/lxd-2.0.2.confd
b/app-emulation/lxd/files/lxd-2.0.2.confd
new file mode 100644
index 0000000..3d55327
--- /dev/null
+++ b/app-emulation/lxd/files/lxd-2.0.2.confd
@@ -0,0 +1,27 @@
+# Group which owns the shared socket
+LXD_OPTIONS+=" --group lxd"
+
+
+
+# Enable cpu profiling into the specified file
+#LXD_OPTIONS+=" --cpuprofile /tmp/lxc_cpu_profile"
+
+# Enable memory profiling into the specified file
+#LXD_OPTIONS+=" --memprofile /tmp/lxc_mem_profile"
+
+
+
+# Enables debug mode
+#LXD_OPTIONS+=" --debug"
+
+# For debugging, print a complete stack trace every n seconds
+#LXD_OPTIONS+=" --print-goroutines-every 5"
+
+# Enables verbose mode
+#LXD_OPTIONS+=" -v"
+
+# Logfile to log to
+#LXD_OPTIONS+=" --logfile /var/log/lxd/lxd.log"
+
+# Enables syslog logging
+#LXD_OPTIONS+=" --syslog"
diff --git a/app-emulation/lxd/files/lxd-2.0.2.initd
b/app-emulation/lxd/files/lxd-2.0.2.initd
new file mode 100644
index 0000000..c1aef37
--- /dev/null
+++ b/app-emulation/lxd/files/lxd-2.0.2.initd
@@ -0,0 +1,50 @@
+#!/sbin/openrc-run
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+DAEMON=/usr/sbin/lxd
+PIDFILE=/run/lxd.pid
+
+extra_commands="stopall"
+
+depend() {
+ need net
+ use lxcfs
+
+ # remove with 2.0 release
+ need cgmanager
+}
+
+start() {
+ ebegin "Starting lxd server"
+
+ start-stop-daemon --start \
+ --pidfile ${PIDFILE} \
+ --exec ${DAEMON} \
+ --background \
+ --make-pidfile \
+ -- \
+ ${LXD_OPTIONS}
+
+ eend $?
+}
+
+stop() {
+ if [[ $RC_GOINGDOWN = YES ]] || [[ $RC_REBOOT = YES ]]; then
+ stopall
+ else
+ ebegin "Stopping lxd service (but not containers)"
+ start-stop-daemon --stop --quiet -R TERM/45 -p ${PIDFILE}
+ eend $?
+ fi
+}
+
+stopall() {
+ ebegin "Stopping lxd service and containers"
+ if "${DAEMON}" shutdown; then
+ /etc/init.d/lxd zap
+ rm -f ${PIDFILE}
+ fi
+ eend $?
+}
diff --git a/app-emulation/lxd/lxd-2.0.2.ebuild
b/app-emulation/lxd/lxd-2.0.2.ebuild
new file mode 100644
index 0000000..fdb143b
--- /dev/null
+++ b/app-emulation/lxd/lxd-2.0.2.ebuild
@@ -0,0 +1,149 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+DESCRIPTION="Fast, dense and secure container management"
+HOMEPAGE="https://linuxcontainers.org/lxd/introduction/";
+EGO_PN_PARENT="github.com/lxc"
+EGO_PN="${EGO_PN_PARENT}/lxd"
+SRC_URI="https://dev.gentoo.org/~stasibear/distfiles/${P}.tar.bz2";
+LICENSE="Apache-2.0"
+SLOT="0"
+KEYWORDS="~amd64"
+
+PLOCALES="de fr ja"
+IUSE="+daemon nls test"
+
+# IUSE and PLOCALES must be defined before l10n inherited
+inherit bash-completion-r1 eutils golang-build l10n systemd user vcs-snapshot
+
+DEPEND="
+ dev-go/go-crypto
+ dev-libs/protobuf
+ dev-vcs/git
+ nls? ( sys-devel/gettext )
+ test? (
+ app-misc/jq
+ dev-db/sqlite
+ net-misc/curl
+ sys-devel/gettext
+ )
+"
+
+RDEPEND="
+ daemon? (
+ app-admin/cgmanager
+ app-arch/xz-utils
+ app-emulation/lxc[cgmanager,seccomp]
+ net-misc/rsync[xattr]
+ sys-apps/iproute2
+ virtual/acl
+ )
+"
+
+# KNOWN ISSUES:
+# - Translations may not work. I've been unsuccessful in forcing
+# localized output. Anyway, upstream (Canonical) doesn't install the
+# message files.
+
+# TODO:
+# - since 0.15 gccgo is a supported compiler ('make gccgo'). It would
+# be preferable for that support to go into the golang-build eclass not
+# this package directly.
+
+src_prepare() {
+ cd "${S}/src/${EGO_PN}" || die "Failed to change to deep src dir"
+
+ epatch "${FILESDIR}/${P}-dont-go-get.patch"
+
+ tmpgoroot="${T}/goroot"
+ mkdir -p "$tmpgoroot" || die "Failed to create temporary GOROOT"
+ cp -sR "$(get_golibdir_gopath)"/* "${tmpgoroot}" || die "Failed to copy
files to temporary GOROOT"
+
+ # Warn on unhandled locale changes
+ l10n_find_plocales_changes po "" .po
+}
+
+src_compile() {
+ golang-build_src_compile
+
+ cd "${S}/src/${EGO_PN}" || die "Failed to change to deep src dir"
+
+ tmpgoroot="${T}/goroot"
+ if use daemon; then
+ # Build binaries
+ GOPATH="${S}:${tmpgoroot}" emake
+ else
+ # build client tool
+ GOPATH="${S}:${tmpgoroot}" emake client
+ fi
+
+ use nls && emake build-mo
+}
+
+src_test() {
+ if use daemon; then
+ # Go native tests should succeed
+ golang-build_src_test
+ fi
+}
+
+src_install() {
+ # Installs all src,pkg to /usr/lib/go-gentoo
+ golang-build_src_install
+
+ cd "${S}"
+ dobin bin/lxc
+ use daemon && dosbin bin/lxd
+
+ cd "src/${EGO_PN}"
+
+ if use nls; then
+ for lingua in ${PLOCALES}; do
+ if use linguas_${lingua}; then
+ domo po/${lingua}.mo
+ fi
+ done
+ fi
+
+ if use daemon; then
+ newinitd "${FILESDIR}"/${P}.initd lxd
+ newconfd "${FILESDIR}"/${P}.confd lxd
+
+ systemd_dounit "${FILESDIR}"/lxd.service
+ fi
+
+ newbashcomp config/bash/lxd-client lxc
+
+ dodoc AUTHORS CONTRIBUTING.md README.md doc/*
+}
+
+pkg_postinst() {
+ einfo
+ einfo "Consult https://wiki.gentoo.org/wiki/LXD for more information,"
+ einfo "including a Quick Start."
+
+ # The messaging below only applies to daemon installs
+ use daemon || return 0
+
+ # The control socket will be owned by (and writeable by) this group.
+ enewgroup lxd
+
+ # Ubuntu also defines an lxd user but it appears unused (the daemon
+ # must run as root)
+
+ einfo
+ einfo "Though not strictly required, some features are enabled at
run-time"
+ einfo "when the relevant helper programs are detected:"
+ einfo "- sys-apps/apparmor"
+ einfo "- sys-fs/btrfs-progs"
+ einfo "- sys-fs/lvm2"
+ einfo "- sys-fs/lxcfs"
+ einfo "- sys-fs/zfs"
+ einfo "- sys-process/criu"
+ einfo
+ einfo "Since these features can't be disabled at build-time they are"
+ einfo "not USE-conditional."
+}
