[arch-commits] Commit in slirp4netns/trunk (PKGBUILD pr153.patch)
Date: Wednesday, October 30, 2019 @ 13:10:24
Author: bpiotrowski
Revision: 520981
0.4.2-1
Modified:
slirp4netns/trunk/PKGBUILD
Deleted:
slirp4netns/trunk/pr153.patch
-+
PKGBUILD| 26 +++--
pr153.patch | 114 --
2 files changed, 15 insertions(+), 125 deletions(-)
Modified: PKGBUILD
===
--- PKGBUILD2019-10-30 13:06:34 UTC (rev 520980)
+++ PKGBUILD2019-10-30 13:10:24 UTC (rev 520981)
@@ -2,30 +2,34 @@
pkgname=slirp4netns
pkgdesc='User-mode networking for unprivileged network namespaces'
-pkgver=0.4.1
-pkgrel=2
+pkgver=0.4.2
+pkgrel=1
arch=(x86_64)
-url="https://github.com/rootless-containers/$pkgname";
+url="https://github.com/rootless-containers/slirp4netns";
license=(GPL2)
depends=(glibc glib2 libcap libseccomp)
-source=($pkgname-$pkgver.tar.gz::$url/archive/v${pkgver}.tar.gz
-pr153.patch)
-sha256sums=('75d2a7411cc2b3e341d8530228750bb1db06077b349d10fbdddbb582c27f8cfc'
-'7ce56f88cdd941d786117c388a31669018b6c37fd27f3afe97f2c4369cd92fac')
+makedepends=(git)
+_commit=69153b0d1cb82216d6782179ff7c3c5e91c731a1 # tags/v0.4.2
+source=("git+$url#commit=$_commit")
+sha256sums=('SKIP')
+pkgver() {
+ cd $pkgname
+ git describe --tags | sed 's/^v//;s/-/+/g'
+}
+
prepare() {
- cd $pkgname-$pkgver
- patch -p1 -i "$srcdir/pr153.patch"
+ cd $pkgname
autoreconf -fi
}
build() {
- cd $pkgname-$pkgver
+ cd $pkgname
./configure --prefix=/usr
make
}
package() {
- cd $pkgname-$pkgver
+ cd $pkgname
make DESTDIR="$pkgdir" install
}
Deleted: pr153.patch
===
--- pr153.patch 2019-10-30 13:06:34 UTC (rev 520980)
+++ pr153.patch 2019-10-30 13:10:24 UTC (rev 520981)
@@ -1,114 +0,0 @@
-From a9c57a90817c10b256389d425ec715d311cceb76 Mon Sep 17 00:00:00 2001
-From: Giuseppe Scrivano
-Date: Mon, 30 Sep 2019 21:11:09 +0200
-Subject: [PATCH 1/2] sandbox: do not propagate mounts to the parent ns
-
-when creating the sandbox, make sure the mounts are marked with
-MS_SLAVE so that events are not propagated to other mount namespaces.
-
-Closes: https://github.com/containers/libpod/issues/4113
-
-Signed-off-by: Giuseppe Scrivano
- sandbox.c | 10 ++
- 1 file changed, 10 insertions(+)
-
-diff --git a/sandbox.c b/sandbox.c
-index 05d29e8..256bf04 100644
a/sandbox.c
-+++ b/sandbox.c
-@@ -16,6 +16,11 @@ static int add_mount(const char *from, const char *to)
- {
- int ret;
-
-+ret = mount("", from, "", MS_SLAVE | MS_REC, NULL);
-+if (ret < 0 && errno != EINVAL) {
-+fprintf(stderr, "cannot make mount propagation slave %s\n", from);
-+return ret;
-+}
- ret = mount(from, to, "",
- MS_BIND | MS_REC | MS_SLAVE | MS_NOSUID | MS_NODEV |
MS_NOEXEC,
- NULL);
-@@ -23,6 +28,11 @@ static int add_mount(const char *from, const char *to)
- fprintf(stderr, "cannot bind mount %s to %s\n", from, to);
- return ret;
- }
-+ret = mount("", to, "", MS_SLAVE | MS_REC, NULL);
-+if (ret < 0) {
-+fprintf(stderr, "cannot make mount propagation slave %s\n", to);
-+return ret;
-+}
- ret = mount(from, to, "",
- MS_REMOUNT | MS_BIND | MS_RDONLY | MS_NOSUID | MS_NODEV |
- MS_NOEXEC,
-
-From 4c2e8c68205f5cacd96d49287584e647e483c6f9 Mon Sep 17 00:00:00 2001
-From: Giuseppe Scrivano
-Date: Tue, 1 Oct 2019 09:29:47 +0200
-Subject: [PATCH 2/2] tests: --create-sandbox doesn't umount under /run
-
-Signed-off-by: Giuseppe Scrivano
- Makefile.am | 1 +
- tests/slirp4netns-no-unmount.sh | 29 +
- tests/test-slirp4netns.sh | 2 ++
- 3 files changed, 32 insertions(+)
- create mode 100755 tests/slirp4netns-no-unmount.sh
-
-diff --git a/Makefile.am b/Makefile.am
-index 1298d38..7708820 100644
a/Makefile.am
-+++ b/Makefile.am
-@@ -16,6 +16,7 @@ EXTRA_DIST = \
- api.h \
- sandbox.h \
- seccompfilter.h \
-+ tests/slirp4netns-no-unmount.sh \
- vendor/libslirp/COPYRIGHT \
- vendor/libslirp/README.md \
- vendor/libslirp/src/bootp.h \
-diff --git a/tests/slirp4netns-no-unmount.sh b/tests/slirp4netns-no-unmount.sh
-new file mode 100755
-index 000..6e8ed15
/dev/null
-+++ b/tests/slirp4netns-no-unmount.sh
-@@ -0,0 +1,29 @@
-+#!/bin/bash
-+set -xeuo pipefail
-+
-+. $(dirname $0)/common.sh
-+
-+# it is a part of test-slirp4netns.sh
-+# must run in a new mount namespace
-+
-+mount -t tmpfs tmpfs /run
-+mkdir /run/foo
-+mount -t tmpfs tmpfs /run/foo
-+mount --make-rshared /run
-+
-+unshare -n sleep infinity &
-+child=$!
-+
-+wait_for_network_namespace $child
-+
-+./slirp4netns --enable-sandbox --netns-type=path /proc/$child/ns/net tun11 &
-+slirp_pid=$!
-+
-+function cleanup {
-+kill -9 $child $slirp_pid
-+}
-+trap cleanup EXIT
-+
-+wa
[arch-commits] Commit in slirp4netns/trunk (PKGBUILD pr153.patch)
Date: Friday, October 4, 2019 @ 12:40:52
Author: bpiotrowski
Revision: 512724
0.4.1-2: backport "sandbox: do not propagate mounts to the parent ns"
Added:
slirp4netns/trunk/pr153.patch
Modified:
slirp4netns/trunk/PKGBUILD
-+
PKGBUILD|9 +++-
pr153.patch | 114 ++
2 files changed, 120 insertions(+), 3 deletions(-)
Modified: PKGBUILD
===
--- PKGBUILD2019-10-04 12:39:43 UTC (rev 512723)
+++ PKGBUILD2019-10-04 12:40:52 UTC (rev 512724)
@@ -3,16 +3,19 @@
pkgname=slirp4netns
pkgdesc='User-mode networking for unprivileged network namespaces'
pkgver=0.4.1
-pkgrel=1
+pkgrel=2
arch=(x86_64)
url="https://github.com/rootless-containers/$pkgname";
license=(GPL2)
depends=(glibc glib2 libcap libseccomp)
-source=($pkgname-$pkgver.tar.gz::$url/archive/v${pkgver}.tar.gz)
-sha256sums=('75d2a7411cc2b3e341d8530228750bb1db06077b349d10fbdddbb582c27f8cfc')
+source=($pkgname-$pkgver.tar.gz::$url/archive/v${pkgver}.tar.gz
+pr153.patch)
+sha256sums=('75d2a7411cc2b3e341d8530228750bb1db06077b349d10fbdddbb582c27f8cfc'
+'7ce56f88cdd941d786117c388a31669018b6c37fd27f3afe97f2c4369cd92fac')
prepare() {
cd $pkgname-$pkgver
+ patch -p1 -i "$srcdir/pr153.patch"
autoreconf -fi
}
Added: pr153.patch
===
--- pr153.patch (rev 0)
+++ pr153.patch 2019-10-04 12:40:52 UTC (rev 512724)
@@ -0,0 +1,114 @@
+From a9c57a90817c10b256389d425ec715d311cceb76 Mon Sep 17 00:00:00 2001
+From: Giuseppe Scrivano
+Date: Mon, 30 Sep 2019 21:11:09 +0200
+Subject: [PATCH 1/2] sandbox: do not propagate mounts to the parent ns
+
+when creating the sandbox, make sure the mounts are marked with
+MS_SLAVE so that events are not propagated to other mount namespaces.
+
+Closes: https://github.com/containers/libpod/issues/4113
+
+Signed-off-by: Giuseppe Scrivano
+---
+ sandbox.c | 10 ++
+ 1 file changed, 10 insertions(+)
+
+diff --git a/sandbox.c b/sandbox.c
+index 05d29e8..256bf04 100644
+--- a/sandbox.c
b/sandbox.c
+@@ -16,6 +16,11 @@ static int add_mount(const char *from, const char *to)
+ {
+ int ret;
+
++ret = mount("", from, "", MS_SLAVE | MS_REC, NULL);
++if (ret < 0 && errno != EINVAL) {
++fprintf(stderr, "cannot make mount propagation slave %s\n", from);
++return ret;
++}
+ ret = mount(from, to, "",
+ MS_BIND | MS_REC | MS_SLAVE | MS_NOSUID | MS_NODEV |
MS_NOEXEC,
+ NULL);
+@@ -23,6 +28,11 @@ static int add_mount(const char *from, const char *to)
+ fprintf(stderr, "cannot bind mount %s to %s\n", from, to);
+ return ret;
+ }
++ret = mount("", to, "", MS_SLAVE | MS_REC, NULL);
++if (ret < 0) {
++fprintf(stderr, "cannot make mount propagation slave %s\n", to);
++return ret;
++}
+ ret = mount(from, to, "",
+ MS_REMOUNT | MS_BIND | MS_RDONLY | MS_NOSUID | MS_NODEV |
+ MS_NOEXEC,
+
+From 4c2e8c68205f5cacd96d49287584e647e483c6f9 Mon Sep 17 00:00:00 2001
+From: Giuseppe Scrivano
+Date: Tue, 1 Oct 2019 09:29:47 +0200
+Subject: [PATCH 2/2] tests: --create-sandbox doesn't umount under /run
+
+Signed-off-by: Giuseppe Scrivano
+---
+ Makefile.am | 1 +
+ tests/slirp4netns-no-unmount.sh | 29 +
+ tests/test-slirp4netns.sh | 2 ++
+ 3 files changed, 32 insertions(+)
+ create mode 100755 tests/slirp4netns-no-unmount.sh
+
+diff --git a/Makefile.am b/Makefile.am
+index 1298d38..7708820 100644
+--- a/Makefile.am
b/Makefile.am
+@@ -16,6 +16,7 @@ EXTRA_DIST = \
+ api.h \
+ sandbox.h \
+ seccompfilter.h \
++ tests/slirp4netns-no-unmount.sh \
+ vendor/libslirp/COPYRIGHT \
+ vendor/libslirp/README.md \
+ vendor/libslirp/src/bootp.h \
+diff --git a/tests/slirp4netns-no-unmount.sh b/tests/slirp4netns-no-unmount.sh
+new file mode 100755
+index 000..6e8ed15
+--- /dev/null
b/tests/slirp4netns-no-unmount.sh
+@@ -0,0 +1,29 @@
++#!/bin/bash
++set -xeuo pipefail
++
++. $(dirname $0)/common.sh
++
++# it is a part of test-slirp4netns.sh
++# must run in a new mount namespace
++
++mount -t tmpfs tmpfs /run
++mkdir /run/foo
++mount -t tmpfs tmpfs /run/foo
++mount --make-rshared /run
++
++unshare -n sleep infinity &
++child=$!
++
++wait_for_network_namespace $child
++
++./slirp4netns --enable-sandbox --netns-type=path /proc/$child/ns/net tun11 &
++slirp_pid=$!
++
++function cleanup {
++kill -9 $child $slirp_pid
++}
++trap cleanup EXIT
++
++wait_for_network_device $child tun11
++
++findmnt /run/foo
+diff --git a/tests/test-slirp4netns.sh b/tests/test-slirp4netns.sh
+index 2586e7d..5ed0217 100755
+--- a/tests/test-slirp4netns.sh
b/tests/test-slirp4netns.sh
+@@ -67,3 +67,5 @@ wait_for_network_device $child tun11
+
+ nsenter --preserve-c
