commit: 5a30b66574ee67ab8bef771c13fff12bb73fe71f Author: Georgy Yakovlev <gyakovlev <AT> gentoo <DOT> org> AuthorDate: Wed Dec 2 19:40:21 2020 +0000 Commit: Georgy Yakovlev <gyakovlev <AT> gentoo <DOT> org> CommitDate: Wed Dec 2 19:47:27 2020 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5a30b665
app-emulation/containerd: bump to 1.3.9 ( for CVE-2020-15257 ) Package-Manager: Portage-3.0.11, Repoman-3.0.2 Signed-off-by: Georgy Yakovlev <gyakovlev <AT> gentoo.org> app-emulation/containerd/Manifest | 1 + app-emulation/containerd/containerd-1.3.9.ebuild | 84 ++++++++++++++++++++++++ 2 files changed, 85 insertions(+) diff --git a/app-emulation/containerd/Manifest b/app-emulation/containerd/Manifest index 0f5c4312268..bb55e05e21a 100644 --- a/app-emulation/containerd/Manifest +++ b/app-emulation/containerd/Manifest @@ -1 +1,2 @@ DIST containerd-1.3.7.tar.gz 5709989 BLAKE2B 0cfa6f5bcd41c1591e64f41dbba2720bed5f25d61625b6d09be19df56fe74b61532b627c35a830e1e4937333f790f7ff8a5fad18b8869a679a6fec18daf238d3 SHA512 7c6de27b6529e3fb3f924ec67a260a51bc45186d69baa4cae6720a08e5c3b74aeb43d236c0a4739f297b2863233bde7d2246a597c9e17713c48bec767c6bbfee +DIST containerd-1.3.9.tar.gz 5717856 BLAKE2B f6b9741f7d793a18b44813453d185cb9e8f4742fbb2987521445104fb44bca913571d6b4f6386ea048084d6565d41759c6ec95ac4591bd9b2101b40bbaafd8fa SHA512 79e0baab72169f84b8661b77f54d0a906a380cd00cbabd00bfec6c10d71a13fc4dd81c7b5e1c3ce184f91d3f68d6df9b735f13e6e04d494792bf7374058d43aa diff --git a/app-emulation/containerd/containerd-1.3.9.ebuild b/app-emulation/containerd/containerd-1.3.9.ebuild new file mode 100644 index 00000000000..a6dcc20d842 --- /dev/null +++ b/app-emulation/containerd/containerd-1.3.9.ebuild @@ -0,0 +1,84 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +# update on bump, look for https://github.com/docker\ +# docker-ce/blob/<docker ver OR branch>/components/engine/hack/dockerfile/install/containerd.installer +CONTAINERD_COMMIT="ea765ab" +EGO_PN="github.com/containerd/${PN}" + +inherit golang-vcs-snapshot toolchain-funcs + +DESCRIPTION="A daemon to control runC" +HOMEPAGE="https://containerd.io/"; +SRC_URI="https://github.com/containerd/${PN}/archive/${CONTAINERD_COMMIT}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86" +IUSE="apparmor btrfs device-mapper +cri hardened +seccomp selinux test" + +DEPEND=" + btrfs? ( sys-fs/btrfs-progs ) + seccomp? ( sys-libs/libseccomp ) +" + +RDEPEND=" + ${DEPEND} + ~app-emulation/runc-1.0.0_rc10 +" + +BDEPEND=" + dev-go/go-md2man + virtual/pkgconfig + test? ( "${RDEPEND}" ) +" + +# tests require root or docker +# upstream does not recommend stripping binary +RESTRICT+=" strip test" + +S="${WORKDIR}/${P}/src/${EGO_PN}" + +src_prepare() { + default + sed -i -e "s/git describe --match.*$/echo ${PV})/"\ + -e "s/git rev-parse HEAD.*$/echo ${CONTAINERD_COMMIT})/"\ + -e "s/-s -w//" \ + Makefile || die +} + +src_compile() { + local options=( + $(usev apparmor) + $(usex btrfs "" "no_btrfs") + $(usex cri "" "no_cri") + $(usex device-mapper "" "no_devmapper") + $(usev seccomp) + $(usev selinux) + ) + + myemakeargs=( + BUILDTAGS="${options[*]}" + DESTDIR="${ED}" + LDFLAGS=$(usex hardened '-extldflags -fno-PIC' '') + ) + + export GOPATH="${WORKDIR}/${P}" # ${PWD}/vendor + export GOFLAGS="-v -x -mod=vendor" + emake "${myemakeargs[@]}" all man +} + +src_install() { + dobin bin/* + doman man/* + newinitd "${FILESDIR}"/${PN}.initd "${PN}" + keepdir /var/lib/containerd + + # we already installed manpages, remove markdown source + # before installing docs directory + rm -rf docs/man || die + local DOCS=( README.md PLUGINS.md docs/. ) + einstalldocs +}
