[gentoo-commits] repo/gentoo:master commit in: sys-process/criu/

Sun, 21 Jan 2024 01:44:49 -0800 

commit:     0b3a2136634e16e7a2b6a22ae95810512ca089dd
Author:     Florian Schmaus <flow <AT> gentoo <DOT> org>
AuthorDate: Thu Jan 11 09:28:35 2024 +0000
Commit:     Florian Schmaus <flow <AT> gentoo <DOT> org>
CommitDate: Sun Jan 21 09:44:30 2024 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0b3a2136

sys-process/criu: add support for rootless CRIU via filecaps

Closes: https://bugs.gentoo.org/921763
Closes: https://github.com/gentoo/gentoo/pull/34742
Signed-off-by: Florian Schmaus <flow <AT> gentoo.org>

 sys-process/criu/criu-3.18.ebuild | 8 ++++++--
 sys-process/criu/metadata.xml     | 1 +
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/sys-process/criu/criu-3.18.ebuild 
b/sys-process/criu/criu-3.18.ebuild
index 4dcfb79c1ff1..be93c33e7d03 100644
--- a/sys-process/criu/criu-3.18.ebuild
+++ b/sys-process/criu/criu-3.18.ebuild
@@ -1,11 +1,11 @@
-# Copyright 1999-2023 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=8
 
 PYTHON_COMPAT=( python3_{9..11} )
 DISTUTILS_USE_PEP517=setuptools
-inherit toolchain-funcs linux-info distutils-r1
+inherit fcaps toolchain-funcs linux-info distutils-r1
 
 DESCRIPTION="utility to checkpoint/restore a process tree"
 HOMEPAGE="
@@ -61,6 +61,10 @@ PATCHES=(
        "${FILESDIR}/criu-3.18-buildsystem.patch"
 )
 
+FILECAPS=(
+       cap_checkpoint_restore usr/bin/criu
+)
+
 criu_arch() {
        # criu infers the arch from $(uname -m).  We never want this to happen.
        case ${ARCH} in

diff --git a/sys-process/criu/metadata.xml b/sys-process/criu/metadata.xml
index 5f7652d71661..748d2c99ee6c 100644
--- a/sys-process/criu/metadata.xml
+++ b/sys-process/criu/metadata.xml
@@ -10,6 +10,7 @@
                <name>Gentoo Virtualization Project</name>
        </maintainer>
        <use>
+               <flag name="filecaps">Install the criu binary with file 
capabilities to allow for rootless CRIU</flag>
                <flag name="setproctitle">Use <pkg>dev-libs/libbsd</pkg> to 
make process titles of service workers to be more verbose</flag>
                <flag name="bpf">Add support for BPF programs via 
<pkg>dev-libs/libbpf</pkg></flag>
                <flag name="nftables">Add support for 
<pkg>net-firewall/nftables</pkg></flag>

Reply via email to