[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/
commit: 190499d396a2eac96f71a02e4b9e65d1d169d0e7 Author: Joonas Niilola gentoo org> AuthorDate: Fri Oct 29 07:11:32 2021 + Commit: Joonas Niilola gentoo org> CommitDate: Fri Oct 29 07:14:27 2021 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=190499d3 app-emulation/lxc: add io-uring patches for 4.0.11 Bug: https://bugs.gentoo.org/820545 Signed-off-by: Joonas Niilola gentoo.org> .../lxc/files/lxc-4.0.11_p1-liburing-sync1.patch | 29 .../lxc/files/lxc-4.0.11_p1-liburing-sync2.patch | 28 +++ app-emulation/lxc/lxc-4.0.11_p1.ebuild | 188 + 3 files changed, 245 insertions(+) diff --git a/app-emulation/lxc/files/lxc-4.0.11_p1-liburing-sync1.patch b/app-emulation/lxc/files/lxc-4.0.11_p1-liburing-sync1.patch new file mode 100644 index 000..cd497a75552 --- /dev/null +++ b/app-emulation/lxc/files/lxc-4.0.11_p1-liburing-sync1.patch @@ -0,0 +1,29 @@ +From aac3f106ff012e1d6835b20c250dcf09c364530c Mon Sep 17 00:00:00 2001 +From: Christian Brauner +Date: Thu, 28 Oct 2021 17:39:11 +0200 +Subject: [PATCH] mainloop: make sure that descr->ring is allocated + +This is future proofing more than anything else. + +Signed-off-by: Christian Brauner +--- + src/lxc/mainloop.c | 6 -- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/src/lxc/mainloop.c b/src/lxc/mainloop.c +index 7c8f5d86af..17a4d55293 100644 +--- a/src/lxc/mainloop.c b/src/lxc/mainloop.c +@@ -515,8 +515,10 @@ void lxc_mainloop_close(struct lxc_async_descr *descr) + + if (descr->type == LXC_MAINLOOP_IO_URING) { + #if HAVE_LIBURING +- io_uring_queue_exit(descr->ring); +- munmap(descr->ring, sizeof(struct io_uring)); ++ if (descr->ring) { ++ io_uring_queue_exit(descr->ring); ++ munmap(descr->ring, sizeof(struct io_uring)); ++ } + #else + ERROR("Unsupported io_uring mainloop"); + #endif diff --git a/app-emulation/lxc/files/lxc-4.0.11_p1-liburing-sync2.patch b/app-emulation/lxc/files/lxc-4.0.11_p1-liburing-sync2.patch new file mode 100644 index 000..33b8554193d --- /dev/null +++ b/app-emulation/lxc/files/lxc-4.0.11_p1-liburing-sync2.patch @@ -0,0 +1,28 @@ +From a585382b972c25ee8489147d94918d001ef439a7 Mon Sep 17 00:00:00 2001 +From: Christian Brauner +Date: Thu, 28 Oct 2021 17:39:42 +0200 +Subject: [PATCH] start: check event loop type before closing fd + +Since this is a union we might otherwise stomp on io_uring mmap()ed +memory. + +Fixes: #4016 +Signed-off-by: Christian Brauner +--- + src/lxc/start.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/lxc/start.c b/src/lxc/start.c +index 8f7173ec8c..1a6046c7a4 100644 +--- a/src/lxc/start.c b/src/lxc/start.c +@@ -629,7 +629,8 @@ int lxc_poll(const char *name, struct lxc_handler *handler) + TRACE("Mainloop is ready"); + + ret = lxc_mainloop(, -1); +- close_prot_errno_disarm(descr.epfd); ++ if (descr.type == LXC_MAINLOOP_EPOLL) ++ close_prot_errno_disarm(descr.epfd); + if (ret < 0 || !handler->init_died) + goto out_mainloop_console; + diff --git a/app-emulation/lxc/lxc-4.0.11_p1.ebuild b/app-emulation/lxc/lxc-4.0.11_p1.ebuild new file mode 100644 index 000..e7de06da0ae --- /dev/null +++ b/app-emulation/lxc/lxc-4.0.11_p1.ebuild @@ -0,0 +1,188 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit autotools bash-completion-r1 linux-info flag-o-matic optfeature pam readme.gentoo-r1 systemd verify-sig + +DESCRIPTION="A userspace interface for the Linux kernel containment features" +HOMEPAGE="https://linuxcontainers.org/ https://github.com/lxc/lxc; +SRC_URI="https://linuxcontainers.org/downloads/lxc/${P/_p1}.tar.gz + verify-sig? ( https://linuxcontainers.org/downloads/lxc/${P/_p1}.tar.gz.asc )" + +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" + +LICENSE="GPL-2 LGPL-2.1 LGPL-3" +SLOT="0" +IUSE="apparmor +caps doc io-uring man pam seccomp selinux +ssl +tools verify-sig" + +RDEPEND="acct-group/lxc + acct-user/lxc + app-misc/pax-utils + sys-apps/util-linux + sys-libs/libcap + virtual/awk + caps? ( sys-libs/libcap ) + io-uring? ( sys-libs/liburing:= ) + pam? ( sys-libs/pam ) + seccomp? ( sys-libs/libseccomp ) + selinux? ( sys-libs/libselinux ) + ssl? ( + dev-libs/openssl:0= + )" +DEPEND="${RDEPEND} + >=sys-kernel/linux-headers-4 + apparmor? ( sys-apps/apparmor )" +BDEPEND="virtual/pkgconfig + doc? ( app-doc/doxygen[dot] ) + man? ( app-text/docbook-sgml-utils ) + verify-sig? ( app-crypt/openpgp-keys-linuxcontainers )" + +CONFIG_CHECK="~!NETPRIO_CGROUP + ~CGROUPS + ~CGROUP_CPUACCT + ~CGROUP_DEVICE + ~CGROUP_FREEZER + + ~CGROUP_SCHED + ~CPUSETS +
[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/
commit: 4dc7966809327f076560b08c54b9823c05a53472 Author: Joonas Niilola gentoo org> AuthorDate: Mon Oct 4 05:35:35 2021 + Commit: Joonas Niilola gentoo org> CommitDate: Mon Oct 4 05:40:20 2021 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4dc79668 app-emulation/lxc: drop 4.0.9-r1 Signed-off-by: Joonas Niilola gentoo.org> app-emulation/lxc/Manifest | 2 - ...lxc-4.0.9-handle-kernels-with-CAP_SETFCAP.patch | 93 --- app-emulation/lxc/lxc-4.0.9-r1.ebuild | 174 - 3 files changed, 269 deletions(-) diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest index 09e200675c9..4733a92e509 100644 --- a/app-emulation/lxc/Manifest +++ b/app-emulation/lxc/Manifest @@ -1,4 +1,2 @@ DIST lxc-4.0.10.tar.gz 1515002 BLAKE2B 2a5b94ad767c8a11a5c34d19f12d812bd284337045ad5021c80a5f69be608085ac465edde8c385cc558e45638c9f061793c0c9db616ccbe0614554b4fbf62005 SHA512 ec3ccf344a91b50b30985562c54ad93d2db2d29c24d31da8e3a69e801c8bd23c1560274c1850c39eb7e984940ba86d3ebae75db136320d6bbc5eb03bda4c5318 DIST lxc-4.0.10.tar.gz.asc 833 BLAKE2B 3dd6e8793d1b725ab9eb73d4fa78ce2767bf830fb70d6cc7052e70d2adbc46e4fcf6d986595322b64cb9c71417b801ef6ee3c7612c46dbeb10acba01a5bd69e0 SHA512 dd2d3ac4e066eca4e0358c9a2c371a227d3a0b5cf6e452fe34fa5c8cff46e25fa0555c9f707511a8603348fa969c1e7abf85ad7d27fdcaff613b733066861608 -DIST lxc-4.0.9.tar.gz 1500310 BLAKE2B 3796d36b6f76ec595dc28207e66ec9f5a7c1a39f5c5ebc851638c519be35f59b4ec06a71b2866cd8fef0a6140f61fd4b70c900f5a8ffd42d7da7a30d3ff59975 SHA512 4ef9d9efdd4118fdffde8b49c6ae71cf5eb060be51daaa4f4ceb804c743fbf3278e6518e6a694faefc720f2834f98ac48d67842d589a2120b8f7ec4c3b61fa84 -DIST lxc-4.0.9.tar.gz.asc 833 BLAKE2B 2d275c968831410d987aa7f8062f4e35ba15043f92f38fd3bdd6bf80964906741d05ccd93789132d421ee1c8778cec6a2e76c4f0eb2165cf0107261495fa6856 SHA512 4c90dfbdba90959ee8df5da8ca8b240f65ab03ab91637833c677e2a73592c09f9c5a55b9a261be6efb0888156c916223ff1aa9003b18d46e667908aaa550c944 diff --git a/app-emulation/lxc/files/lxc-4.0.9-handle-kernels-with-CAP_SETFCAP.patch b/app-emulation/lxc/files/lxc-4.0.9-handle-kernels-with-CAP_SETFCAP.patch deleted file mode 100644 index 6fba3c4154a..000 --- a/app-emulation/lxc/files/lxc-4.0.9-handle-kernels-with-CAP_SETFCAP.patch +++ /dev/null @@ -1,93 +0,0 @@ -From 91ad9b94bcd964adfbaa8d84d8f39304d39835d0 Mon Sep 17 00:00:00 2001 -From: Christian Brauner -Date: Thu, 6 May 2021 18:16:45 +0200 -Subject: [PATCH] conf: handle kernels with CAP_SETFCAP - -LXC is being very clever and sometimes maps the caller's uid into the -child userns. This means that the caller can technically write fscaps -that are valid in the ancestor userns (which can be a security issue in -some scenarios) so newer kernels require CAP_SETFCAP to do this. Until -newuidmap/newgidmap are updated to account for this simply write the -mapping directly in this case. - -Cc: stable-4.0 -Signed-off-by: Christian Brauner - src/lxc/conf.c | 25 - - 1 file changed, 20 insertions(+), 5 deletions(-) - -diff --git a/src/lxc/conf.c b/src/lxc/conf.c -index 72e21b5300..f388946970 100644 a/src/lxc/conf.c -+++ b/src/lxc/conf.c -@@ -2978,6 +2978,9 @@ static int lxc_map_ids_exec_wrapper(void *args) - return -1; - } - -+static struct id_map *find_mapped_hostid_entry(const struct lxc_list *idmap, -+ unsigned id, enum idtype idtype); -+ - int lxc_map_ids(struct lxc_list *idmap, pid_t pid) - { - int fill, left; -@@ -2991,12 +2994,22 @@ int lxc_map_ids(struct lxc_list *idmap, pid_t pid) - char mapbuf[STRLITERALLEN("new@idmap") + STRLITERALLEN(" ") + - INTTYPE_TO_STRLEN(pid_t) + STRLITERALLEN(" ") + - LXC_IDMAPLEN] = {0}; -- bool had_entry = false, use_shadow = false; -+ bool had_entry = false, maps_host_root = false, use_shadow = false; - int hostuid, hostgid; - - hostuid = geteuid(); - hostgid = getegid(); - -+ /* -+ * Check whether caller wants to map host root. -+ * Due to a security fix newer kernels require CAP_SETFCAP when mapping -+ * host root into the child userns as you would be able to write fscaps -+ * that would be valid in the ancestor userns. Mapping host root should -+ * rarely be the case but LXC is being clever in a bunch of cases. -+ */ -+ if (find_mapped_hostid_entry(idmap, 0, ID_TYPE_UID)) -+ maps_host_root = true; -+ - /* If new{g,u}idmap exists, that is, if shadow is handing out subuid -* ranges, then insist that root also reserve ranges in subuid. This -* will protected it by preventing another user from being handed the -@@ -3014,7 +3027,9 @@ int lxc_map_ids(struct lxc_list *idmap, pid_t pid) - else if (!gidmap) - WARN("newgidmap is lacking necessary privileges"); - -- if (uidmap > 0 && gidmap > 0) { -+
[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/
commit: 6c40eb984e49764b0684e1823d2805adaea69c52 Author: Joonas Niilola gentoo org> AuthorDate: Fri Jun 26 07:54:21 2020 + Commit: Joonas Niilola gentoo org> CommitDate: Fri Jun 26 08:13:01 2020 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6c40eb98 app-emulation/lxc: remove old 3.0.3 Signed-off-by: Joonas Niilola gentoo.org> app-emulation/lxc/Manifest | 1 - app-emulation/lxc/files/lxc.initd.7 | 124 --- app-emulation/lxc/files/lxc_at.service.4 | 14 --- app-emulation/lxc/lxc-3.0.3.ebuild | 163 --- 4 files changed, 302 deletions(-) diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest index 768faa21194..f8760f06bb4 100644 --- a/app-emulation/lxc/Manifest +++ b/app-emulation/lxc/Manifest @@ -1,2 +1 @@ -DIST lxc-3.0.3.tar.gz 1263371 BLAKE2B 77d0f593119654f570ae748d305e86c27117fd4e9ec7bdab1110f5356afb4a00d81c105ae9757d9da5827f6883a4a5d8ddc43b5b6e56a2927ed990e757f7c7b6 SHA512 cdc411364153d7ed494bab604260f5cbdfd5bd7734a59af970b3198c7b3cb340b6736856a2189d5989e169945a817ac8b531bc3ab62217a4285dd63a851f9c8a DIST lxc-4.0.2.tar.gz 1352667 BLAKE2B 2ecc076bacb9bb1c2a808422f7b2e0cbfc74bf3bec6ca89ea58eb6ef4a414353c2e58163bff17b3304beb39f4980d10f54365f739645c1581bfca9f6079bf57c SHA512 0de6c1f9649d161579b45fc28a735f703c4498eff9c588462b838220aeab73f91921db628f77bc461eff38c7583cac10a38951263181956e2d33412a406f3ef3 diff --git a/app-emulation/lxc/files/lxc.initd.7 b/app-emulation/lxc/files/lxc.initd.7 deleted file mode 100644 index 6a42b6aac52..000 --- a/app-emulation/lxc/files/lxc.initd.7 +++ /dev/null @@ -1,124 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -CONTAINER=${SVCNAME#*.} - -LXC_PATH=`lxc-config lxc.lxcpath` - -lxc_get_configfile() { - if [ -f "${LXC_PATH}/${CONTAINER}.conf" ]; then - echo "${LXC_PATH}/${CONTAINER}.conf" - elif [ -f "${LXC_PATH}/${CONTAINER}/config" ]; then - echo "${LXC_PATH}/${CONTAINER}/config" - else - eerror "Unable to find a suitable configuration file." - eerror "If you set up the container in a non-standard" - eerror "location, please set the CONFIGFILE variable." - return 1 - fi -} - -[ $CONTAINER != $SVCNAME ] && CONFIGFILE=${CONFIGFILE:-$(lxc_get_configfile)} - -lxc_get_var() { - awk 'BEGIN { FS="[ \t]*=[ \t]*" } $1 == "'$1'" { print $2; exit }' ${CONFIGFILE} -} - -lxc_get_net_link_type() { - awk 'BEGIN { FS="[ \t]*=[ \t]*"; _link=""; _type="" } - $1 == "lxc.network.type" {_type=$2;} - $1 == "lxc.network.link" {_link=$2;} - match($1, /lxc\.net\.[[:digit:]]+\.type/) {_type=$2;} - match($1, /lxc\.net\.[[:digit:]]+\.link/) {_link=$2;} - {if(_link != "" && _type != ""){ - printf("%s:%s\n", _link, _type ); - _link=""; _type=""; - }; }' <${CONFIGFILE} -} - -checkconfig() { - if [ ${CONTAINER} = ${SVCNAME} ]; then - eerror "You have to create an init script for each container:" - eerror " ln -s lxc /etc/init.d/lxc.container" - return 1 - fi - - # no need to output anything, the function takes care of that. - [ -z "${CONFIGFILE}" ] && return 1 - - utsname=$(lxc_get_var lxc.uts.name) - if [ -z "$utsname" ] ; then - utsname=$(lxc_get_var lxc.utsname) - fi - - if [ "${CONTAINER}" != "${utsname}" ]; then - eerror "You should use the same name for the service and the" - eerror "container. Right now the container is called ${utsname}" - return 1 - fi -} - -depend() { - # be quiet, since we have to run depend() also for the - # non-muxed init script, unfortunately. - checkconfig 2>/dev/null || return 0 - - config ${CONFIGFILE} - need localmount - use lxcfs - - local _x _if - for _x in $(lxc_get_net_link_type); do - _if=${_x%:*} - case "${_x##*:}" in - # when the network type is set to phys, we can make use of a - # network service (for instance to set it up before we disable - # the net_admin capability), but we might also not set it up - # at all on the host and leave the net_admin capable service - # to take care of it. - phys) use net.${_if} ;; - *) need net.${_if} ;; - esac - done -} - -start() { - checkconfig || return 1 - rm -f /var/log/lxc/${CONTAINER}.log - - rootpath=$(lxc_get_var lxc.rootfs) - - # Check the format of our init and the chroot's init, to see - # if we have to use
[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/
commit: 8d9eb3429c0bf701bde2eb67c43d9147c225dfdd Author: Virgil Dupras gentoo org> AuthorDate: Sun Oct 7 02:24:34 2018 + Commit: Virgil Dupras gentoo org> CommitDate: Sun Oct 7 02:24:34 2018 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8d9eb342 app-emulation/lxc: remove old Signed-off-by: Virgil Dupras gentoo.org> Package-Manager: Portage-2.3.50, Repoman-2.3.11 app-emulation/lxc/Manifest | 1 - .../lxc/files/lxc-3.0.1-cve-2018-6556.patch| 110 -- app-emulation/lxc/lxc-3.0.1-r1.ebuild | 163 - 3 files changed, 274 deletions(-) diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest index 8682903f737..06d28c40ad9 100644 --- a/app-emulation/lxc/Manifest +++ b/app-emulation/lxc/Manifest @@ -1,3 +1,2 @@ DIST lxc-2.1.1.tar.gz 1378640 BLAKE2B 5fca516540a886729434579ff99acf3baa06977fa0e0b6f24dbf15094626335fc073597d308276e3dd20e27ceabf1477cc8e99d1fd24cf50b9aed2720b887b69 SHA512 2989d57acddfe091adcf8031721c3c9a2f8eff5476bd6155366b76ea7511e0f6120e669276e056e3963863e0f0acf3b095d44c36fa6652e67c197671f28cbdd4 -DIST lxc-3.0.1.tar.gz 1239920 BLAKE2B 7be668c11d7211540fe7e2fb6318d38eac0d8d493914f4705d097fca4c004a8d2191609d02bd9e1d9204c3c0b9ea937084d3f9050fc841f6d68067af3d19 SHA512 f51b0844f61f64d4efc530454eae1fa499f7f1b908bd3b40d7031e7f311a402893a7504bddbc53f2ef9da2b3154d1b047fc4d876b99f0d487d7c79de64eea505 DIST lxc-3.0.2.tar.gz 1236975 BLAKE2B 68047f6374b9081fb308586726797ed94fa66b5e94eb3fc12ad1a0aedc15ac1ee518ca5a341db79a715015e34ad38659200ad6aaf21f74639ebb55e7e1360645 SHA512 d7f5e3f91e5c8800e3e092ab209158a4d3e3c2816623249aeaaf2e0950428484ac5d1432d71298787721e1419cd962c0798ba14979e62161299fa15a299efde8 diff --git a/app-emulation/lxc/files/lxc-3.0.1-cve-2018-6556.patch b/app-emulation/lxc/files/lxc-3.0.1-cve-2018-6556.patch deleted file mode 100644 index 198e835e6c5..000 --- a/app-emulation/lxc/files/lxc-3.0.1-cve-2018-6556.patch +++ /dev/null @@ -1,110 +0,0 @@ -From f2314625c5702cfd25974929599fa439bdac8bdf Mon Sep 17 00:00:00 2001 -From: Christian Brauner -Date: Wed, 25 Jul 2018 19:56:54 +0200 -Subject: [PATCH] CVE 2018-6556: verify netns fd in lxc-user-nic - -Signed-off-by: Christian Brauner - src/lxc/cmd/lxc_user_nic.c | 35 --- - src/lxc/utils.c| 12 - src/lxc/utils.h| 5 + - 3 files changed, 49 insertions(+), 3 deletions(-) - -diff --git a/src/lxc/cmd/lxc_user_nic.c b/src/lxc/cmd/lxc_user_nic.c -index ec9cd97e..c5beb6c8 100644 a/src/lxc/cmd/lxc_user_nic.c -+++ b/src/lxc/cmd/lxc_user_nic.c -@@ -1179,12 +1179,41 @@ int main(int argc, char *argv[]) - exit(EXIT_FAILURE); - } - } else if (request == LXC_USERNIC_DELETE) { -- netns_fd = open(args.pid, O_RDONLY); -+ char opath[LXC_PROC_PID_FD_LEN]; -+ -+ /* Open the path with O_PATH which will not trigger an actual -+ * open(). Don't report an errno to the caller to not leak -+ * information whether the path exists or not. -+ * When stracing setuid is stripped so this is not a concern -+ * either. -+ */ -+ netns_fd = open(args.pid, O_PATH | O_CLOEXEC); - if (netns_fd < 0) { -- usernic_error("Could not open \"%s\": %s\n", args.pid, --strerror(errno)); -+ usernic_error("Failed to open \"%s\"\n", args.pid); -+ exit(EXIT_FAILURE); -+ } -+ -+ if (!fhas_fs_type(netns_fd, NSFS_MAGIC)) { -+ usernic_error("Path \"%s\" does not refer to a network namespace path\n", args.pid); -+ close(netns_fd); -+ exit(EXIT_FAILURE); -+ } -+ -+ ret = snprintf(opath, sizeof(opath), "/proc/self/fd/%d", netns_fd); -+ if (ret < 0 || (size_t)ret >= sizeof(opath)) { -+ close(netns_fd); -+ exit(EXIT_FAILURE); -+ } -+ -+ /* Now get an fd that we can use in setns() calls. */ -+ ret = open(opath, O_RDONLY | O_CLOEXEC); -+ if (ret < 0) { -+ usernic_error("Failed to open \"%s\": %s\n", args.pid, strerror(errno)); -+ close(netns_fd); - exit(EXIT_FAILURE); - } -+ close(netns_fd); -+ netns_fd = ret; - } - - if (!create_db_dir(LXC_USERNIC_DB)) { -diff --git a/src/lxc/utils.c b/src/lxc/utils.c -index 26f1b058..69d362dc 100644 a/src/lxc/utils.c -+++ b/src/lxc/utils.c -@@ -2548,6 +2548,18 @@ bool has_fs_type(const char *path, fs_type_magic magic_val) - return has_type; - } - -+bool fhas_fs_type(int fd, fs_type_magic magic_val) -+{ -+ int ret; -+
[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/
commit: 29dedb39a6a6587a6d71b11444de28f24a98b0bb Author: Virgil Dupras gentoo org> AuthorDate: Sun Aug 5 15:11:40 2018 + Commit: Virgil Dupras gentoo org> CommitDate: Mon Aug 6 16:08:11 2018 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=29dedb39 app-emulation/lxc: fix CVE-2018-6556 Apply patches from upstream. In the case of the 2.1.1 patch, I had to modify it to make the code compile. See ADDENDUM in patch. Bug: https://bugs.gentoo.org/662780 Package-Manager: Portage-2.3.44, Repoman-2.3.10 .../lxc/files/lxc-2.1.1-cve-2018-6556.patch| 118 +++ .../lxc/files/lxc-3.0.1-cve-2018-6556.patch| 110 +++ app-emulation/lxc/lxc-2.1.1-r1.ebuild | 215 + app-emulation/lxc/lxc-3.0.1-r1.ebuild | 163 4 files changed, 606 insertions(+) diff --git a/app-emulation/lxc/files/lxc-2.1.1-cve-2018-6556.patch b/app-emulation/lxc/files/lxc-2.1.1-cve-2018-6556.patch new file mode 100644 index 000..bad1e274527 --- /dev/null +++ b/app-emulation/lxc/files/lxc-2.1.1-cve-2018-6556.patch @@ -0,0 +1,118 @@ +From d183654ec1a2cd1149bdb92601ccb7246bddb14e Mon Sep 17 00:00:00 2001 +From: Christian Brauner +Date: Wed, 25 Jul 2018 19:56:54 +0200 +Subject: [PATCH] CVE 2018-6556: verify netns fd in lxc-user-nic + +Signed-off-by: Christian Brauner +--- + src/lxc/lxc_user_nic.c | 35 --- + src/lxc/utils.c| 12 + src/lxc/utils.h| 5 + + 3 files changed, 49 insertions(+), 3 deletions(-) + +ADDENDUM from vdup...@gentoo.org: Original patch from Christian didn't +include LXC_PROC_PID_FD_LEN define, but referenced it. This resulted in +code that doesn't compile. I fetched the definition from the stable-3.0 +branch and included it to this patch. Also, this diff is regenerated +from lxc-2.1.1 tag instead of stable-2.0 branch. + +diff --git a/src/lxc/lxc_user_nic.c b/src/lxc/lxc_user_nic.c +index 6f550f0d..09a342ac 100644 +--- a/src/lxc/lxc_user_nic.c b/src/lxc/lxc_user_nic.c +@@ -1124,12 +1124,41 @@ int main(int argc, char *argv[]) + exit(EXIT_FAILURE); + } + } else if (request == LXC_USERNIC_DELETE) { +- netns_fd = open(args.pid, O_RDONLY); ++ char opath[LXC_PROC_PID_FD_LEN]; ++ ++ /* Open the path with O_PATH which will not trigger an actual ++ * open(). Don't report an errno to the caller to not leak ++ * information whether the path exists or not. ++ * When stracing setuid is stripped so this is not a concern ++ * either. ++ */ ++ netns_fd = open(args.pid, O_PATH | O_CLOEXEC); + if (netns_fd < 0) { +- usernic_error("Could not open \"%s\": %s\n", args.pid, +-strerror(errno)); ++ usernic_error("Failed to open \"%s\"\n", args.pid); + exit(EXIT_FAILURE); + } ++ ++ if (!fhas_fs_type(netns_fd, NSFS_MAGIC)) { ++ usernic_error("Path \"%s\" does not refer to a network namespace path\n", args.pid); ++ close(netns_fd); ++ exit(EXIT_FAILURE); ++ } ++ ++ ret = snprintf(opath, sizeof(opath), "/proc/self/fd/%d", netns_fd); ++ if (ret < 0 || (size_t)ret >= sizeof(opath)) { ++ close(netns_fd); ++ exit(EXIT_FAILURE); ++ } ++ ++ /* Now get an fd that we can use in setns() calls. */ ++ ret = open(opath, O_RDONLY | O_CLOEXEC); ++ if (ret < 0) { ++ usernic_error("Failed to open \"%s\": %s\n", args.pid, strerror(errno)); ++ close(netns_fd); ++ exit(EXIT_FAILURE); ++ } ++ close(netns_fd); ++ netns_fd = ret; + } + + if (!create_db_dir(LXC_USERNIC_DB)) { +diff --git a/src/lxc/utils.c b/src/lxc/utils.c +index e6a44a51..c2a08a9d 100644 +--- a/src/lxc/utils.c b/src/lxc/utils.c +@@ -2380,6 +2380,18 @@ bool has_fs_type(const char *path, fs_type_magic magic_val) + return has_type; + } + ++bool fhas_fs_type(int fd, fs_type_magic magic_val) ++{ ++ int ret; ++ struct statfs sb; ++ ++ ret = fstatfs(fd, ); ++ if (ret < 0) ++ return false; ++ ++ return is_fs_type(, magic_val); ++} ++ + bool lxc_nic_exists(char *nic) + { + #define __LXC_SYS_CLASS_NET_LEN 15 + IFNAMSIZ + 1 +diff --git a/src/lxc/utils.h b/src/lxc/utils.h +index e83ed49e..06ec74d7 100644 +--- a/src/lxc/utils.h b/src/lxc/utils.h +@@ -46,11 +46,16 @@ + #define __S_ISTYPE(mode, mask) (((mode)_IFMT) == (mask)) + #endif + ++#ifndef NSFS_MAGIC ++#define NSFS_MAGIC 0x6e736673 ++#endif ++ + /* Useful macros */ + /* Maximum number for 64 bit
[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/
commit: ba77a0dedea123401b3015213dbcf6e1b9d44471 Author: Virgil Dupras hardcoded net> AuthorDate: Wed Apr 11 01:14:59 2018 + Commit: Matthias Maier gentoo org> CommitDate: Thu Apr 26 01:35:49 2018 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ba77a0de app-emulation/lxc: Bump to v3.0.0 Many notable changes: 1. Drop python and lua. Bindings are no longer bundled with LXC and live in separate packages. 2. Drop cgmanager USE flag. cgmanager isn't supported anymore by upstream. 3. Remove versionator inherit. It wasn't used. 4. Remove two patches which were simple cherry pick from upstreams. They're applied upstream now. 5. Remove notice about path change in v1.1. It's been a while, it lost relevance. 6. Remove start-ephemeral bash completion. Upstream finally removed it from its own completions. 7. Add "pam" USE flag for the compilation and installation of the new builtin "pam_cgfs.so" module. Closes: https://bugs.gentoo.org/652582 Closes: https://github.com/gentoo/gentoo/pull/7934 Package-Manager: Portage-2.3.24, Repoman-2.3.6 Signed-off-by: Matthias Maier gentoo.org> app-emulation/lxc/Manifest | 1 + .../lxc/files/lxc-3.0.0-bash-completion.patch | 27 app-emulation/lxc/lxc-3.0.0.ebuild | 169 + 3 files changed, 197 insertions(+) diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest index 5c6a4ead6f8..b6edf39a003 100644 --- a/app-emulation/lxc/Manifest +++ b/app-emulation/lxc/Manifest @@ -3,3 +3,4 @@ DIST lxc-1.0.8.tar.gz 575127 BLAKE2B 246ac7a2b4306c52a741b2f763bcc81dfb27942 DIST lxc-2.0.7.tar.gz 792557 BLAKE2B e5f1e6d8961938200e116527fab8ce341cf285826afdccac88f4bae65ffd649a406dac7555024557f38c4b415a59cd3b5fb255f1dbf015ce01d4975bed3b1c80 SHA512 eb48dc800ce43d2f4d46e0cecc4d0a714b3e22c6a4975776b54d17d1d20d5a1411e6b605215282f1f77286ddf22b61c80b86b83752191fc18023894ef7a1c44d DIST lxc-2.0.9.tar.gz 1333044 BLAKE2B 44d405bf933923a020a6aadca9d84cfce04db72ac0ef1a727c83eca8121683419a2e74849f08fb4773010002928b424840fa9ec19ab619e420b1dfb5156de5c6 SHA512 c7c595fbc6163e500700b756ae30c96b70d41b9bf297a609622b5d5b8431171ed8db70fa8368c3b9650c86452820e9da7f329f9186ae75c24a7adb15d5826102 DIST lxc-2.1.1.tar.gz 1378640 BLAKE2B 5fca516540a886729434579ff99acf3baa06977fa0e0b6f24dbf15094626335fc073597d308276e3dd20e27ceabf1477cc8e99d1fd24cf50b9aed2720b887b69 SHA512 2989d57acddfe091adcf8031721c3c9a2f8eff5476bd6155366b76ea7511e0f6120e669276e056e3963863e0f0acf3b095d44c36fa6652e67c197671f28cbdd4 +DIST lxc-3.0.0.tar.gz 1233316 BLAKE2B ba726a07f48b1d32366012c8d885a853e33f88d8c45c910b061d9deecf472d940f7d45a1e742c8194517ba3231e1875a49bbf303b2c3fd2c9ece33b941670bb7 SHA512 21372e6fe4d38e2cf54707fab4133137793deff1dd500ed7ed02c03bbaa809de56c7490971594cddbdcb2b96f0c03ab5dfb43a8582a584598a12c5943b7ca490 diff --git a/app-emulation/lxc/files/lxc-3.0.0-bash-completion.patch b/app-emulation/lxc/files/lxc-3.0.0-bash-completion.patch new file mode 100644 index 000..2a08eedb1c2 --- /dev/null +++ b/app-emulation/lxc/files/lxc-3.0.0-bash-completion.patch @@ -0,0 +1,27 @@ +diff --git a/config/bash/lxc.in b/config/bash/lxc.in +index 43056882..0a22d4ad 100644 +--- a/config/bash/lxc.in b/config/bash/lxc.in +@@ -1,4 +1,3 @@ +-_have lxc-start && { + _lxc_names() { + COMPREPLY=( $( compgen -W "$( lxc-ls )" "$cur" ) ) + } +@@ -108,4 +107,3 @@ _have lxc-start && { + complete -o default -F _lxc_generic_t lxc-create + + complete -o default -F _lxc_generic_o lxc-copy +-} +diff --git a/configure.ac b/configure.ac +index 50c99836..0569caec 100644 +--- a/configure.ac b/configure.ac +@@ -395,7 +395,7 @@ AM_CONDITIONAL([ENABLE_BASH], [test "x$enable_bash" = "xyes"]) + AM_COND_IF([ENABLE_BASH], + [AC_MSG_CHECKING([bash completion directory]) + PKG_CHECK_VAR(bashcompdir, [bash-completion], [completionsdir], , +- bashcompdir="${sysconfdir}/bash_completion.d") ++ bashcompdir="$datadir/bash-completion/completions") + AC_MSG_RESULT([$bashcompdir]) + AC_SUBST(bashcompdir) + ]) diff --git a/app-emulation/lxc/lxc-3.0.0.ebuild b/app-emulation/lxc/lxc-3.0.0.ebuild new file mode 100644 index 000..2b427710f98 --- /dev/null +++ b/app-emulation/lxc/lxc-3.0.0.ebuild @@ -0,0 +1,169 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit autotools bash-completion-r1 linux-info flag-o-matic systemd readme.gentoo-r1 pam + +DESCRIPTION="LinuX Containers userspace utilities" +HOMEPAGE="https://linuxcontainers.org/; +SRC_URI="https://linuxcontainers.org/downloads/lxc/${P}.tar.gz; + +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86" + +LICENSE="LGPL-3" +SLOT="0" +IUSE="examples pam seccomp selinux" + +RDEPEND=" + net-libs/gnutls + sys-libs/libcap + pam? ( virtual/pam ) + seccomp? ( sys-libs/libseccomp ) + selinux? (
[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/
commit: dd450253467dd8d704a398d794d1a704cac81ecc Author: i.Dark_Templar dark-templar-archives net> AuthorDate: Sun Nov 5 08:50:03 2017 + Commit: Matthias Maier gentoo org> CommitDate: Tue Jan 30 17:00:12 2018 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dd450253 app-emulation/lxc: bump to version 2.1.1. [tamiko: regenerate metadata to make remote hook happy] Closes: https://bugs.gentoo.org/636572 Closes: https://github.com/gentoo/gentoo/pull/6128 Signed-off-by: Matthias Maier gentoo.org> app-emulation/lxc/Manifest | 1 + ...ps-enable-container-without-CAP_SYS_ADMIN.patch | 164 + .../files/lxc-2.1.1-fix-cgroup2-detection.patch| 26 +++ app-emulation/lxc/files/lxc.initd.7| 124 + app-emulation/lxc/lxc-2.1.1.ebuild | 201 + 5 files changed, 516 insertions(+) diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest index c9008c2d3c8..5c6a4ead6f8 100644 --- a/app-emulation/lxc/Manifest +++ b/app-emulation/lxc/Manifest @@ -2,3 +2,4 @@ DIST lxc-1.0.11.tar.gz 850645 BLAKE2B 1a8eff91d970d3160d5ca7338f4e4d68c722a277a8 DIST lxc-1.0.8.tar.gz 575127 BLAKE2B 246ac7a2b4306c52a741b2f763bcc81dfb27942ef93d6a786ed2ea010c646f5a2388407d26425387b8a819cacae927c8512995bf19b11d610e1887ea6470 SHA512 f552a4f48bb47d26c6b9ddaf8221a439c0848e3f54ec41b77d54717c21bddd56193941046cc96c699790e8265e762a926469c25ee687adcf7795f2906b1c260a DIST lxc-2.0.7.tar.gz 792557 BLAKE2B e5f1e6d8961938200e116527fab8ce341cf285826afdccac88f4bae65ffd649a406dac7555024557f38c4b415a59cd3b5fb255f1dbf015ce01d4975bed3b1c80 SHA512 eb48dc800ce43d2f4d46e0cecc4d0a714b3e22c6a4975776b54d17d1d20d5a1411e6b605215282f1f77286ddf22b61c80b86b83752191fc18023894ef7a1c44d DIST lxc-2.0.9.tar.gz 1333044 BLAKE2B 44d405bf933923a020a6aadca9d84cfce04db72ac0ef1a727c83eca8121683419a2e74849f08fb4773010002928b424840fa9ec19ab619e420b1dfb5156de5c6 SHA512 c7c595fbc6163e500700b756ae30c96b70d41b9bf297a609622b5d5b8431171ed8db70fa8368c3b9650c86452820e9da7f329f9186ae75c24a7adb15d5826102 +DIST lxc-2.1.1.tar.gz 1378640 BLAKE2B 5fca516540a886729434579ff99acf3baa06977fa0e0b6f24dbf15094626335fc073597d308276e3dd20e27ceabf1477cc8e99d1fd24cf50b9aed2720b887b69 SHA512 2989d57acddfe091adcf8031721c3c9a2f8eff5476bd6155366b76ea7511e0f6120e669276e056e3963863e0f0acf3b095d44c36fa6652e67c197671f28cbdd4 diff --git a/app-emulation/lxc/files/lxc-2.1.1-cgroups-enable-container-without-CAP_SYS_ADMIN.patch b/app-emulation/lxc/files/lxc-2.1.1-cgroups-enable-container-without-CAP_SYS_ADMIN.patch new file mode 100644 index 000..8493491d0d6 --- /dev/null +++ b/app-emulation/lxc/files/lxc-2.1.1-cgroups-enable-container-without-CAP_SYS_ADMIN.patch @@ -0,0 +1,164 @@ +From b635e92d21d2a4d71a553388f18cfa08f44bf1ba Mon Sep 17 00:00:00 2001 +From: Christian Brauner+Date: Mon, 30 Oct 2017 14:16:46 +0100 +Subject: [PATCH] cgroups: enable container without CAP_SYS_ADMIN + +In case cgroup namespaces are supported but we do not have CAP_SYS_ADMIN we +need to mount cgroups for the container. This patch enables both privileged and +unprivileged containers without CAP_SYS_ADMIN. + +Closes #1737. + +Signed-off-by: Christian Brauner +--- + src/lxc/cgroups/cgfs.c | 3 ++- + src/lxc/cgroups/cgfsng.c | 52 +--- + src/lxc/cgroups/cgroup.c | 2 +- + src/lxc/conf.c | 3 --- + src/lxc/conf.h | 1 + + 5 files changed, 53 insertions(+), 8 deletions(-) + +diff --git a/src/lxc/cgroups/cgfs.c b/src/lxc/cgroups/cgfs.c +index bcbd6613..efd627f0 100644 +--- a/src/lxc/cgroups/cgfs.c b/src/lxc/cgroups/cgfs.c +@@ -1418,11 +1418,12 @@ static bool cgroupfs_mount_cgroup(void *hdata, const char *root, int type) + struct cgfs_data *cgfs_d; + struct cgroup_process_info *info, *base_info; + int r, saved_errno = 0; ++ struct lxc_handler *handler = hdata; + + if (cgns_supported()) + return true; + +- cgfs_d = hdata; ++ cgfs_d = handler->cgroup_data; + if (!cgfs_d) + return false; + base_info = cgfs_d->info; +diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c +index e43edd7d..ec6440c1 100644 +--- a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c +@@ -50,6 +50,7 @@ + #include + #include + ++#include "caps.h" + #include "cgroup.h" + #include "cgroup_utils.h" + #include "commands.h" +@@ -1616,17 +1617,49 @@ do_secondstage_mounts_if_needed(int type, struct hierarchy *h, + return 0; + } + ++static int mount_cgroup_cgns_supported(struct hierarchy *h, const char *controllerpath) ++{ ++ int ret; ++ char *controllers = NULL; ++ char *type = "cgroup2"; ++ ++ if (!h->is_cgroup_v2) { ++ controllers = lxc_string_join(",", (const char **)h->controllers, false); ++ if (!controllers)
[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/
commit: 5bde8835894effb1efaa093dea785343dfcd6a1d Author: Matthias Maier gentoo org> AuthorDate: Fri Dec 15 01:52:25 2017 + Commit: Matthias Maier gentoo org> CommitDate: Fri Dec 15 01:55:04 2017 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5bde8835 app-emulation/lxc: major cleanup - leave an old 1.0.x (1.0.11) version around for compatibility. - remove all unstable, obsolete 2.0.x versions - clean up patches Package-Manager: Portage-2.3.18, Repoman-2.3.6 Signed-off-by: Virgil Dupras hardcoded.net> app-emulation/lxc/Manifest | 5 - .../lxc/files/lxc-1.0.8-bash-completion.patch | 35 .../lxc/files/lxc-2.0.3-bash-completion.patch | 31 .../lxc/files/lxc-2.0.3-omit-sysconfig.patch | 5 - .../lxc/files/lxc-2.0.4-bash-completion.patch | 31 .../lxc/files/lxc-2.0.4-omit-sysconfig.patch | 5 - .../lxc/files/lxc-2.0.5-bash-completion.patch | 31 app-emulation/lxc/lxc-1.0.8.ebuild | 188 --- app-emulation/lxc/lxc-2.0.3-r1.ebuild | 196 app-emulation/lxc/lxc-2.0.4.ebuild | 200 app-emulation/lxc/lxc-2.0.5.ebuild | 200 app-emulation/lxc/lxc-2.0.6-r1.ebuild | 201 - 12 files changed, 1128 deletions(-) diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest index b425522f07c..265bac0824f 100644 --- a/app-emulation/lxc/Manifest +++ b/app-emulation/lxc/Manifest @@ -1,8 +1,3 @@ DIST lxc-1.0.11.tar.gz 850645 BLAKE2B 1a8eff91d970d3160d5ca7338f4e4d68c722a277a804396e7c30b34dbf4aeccc0609982940bb660992880078167cdf3382a55af404b3e52ebe8cd8af104b1efc SHA512 5537e61a286cfce3c763b81eec625538c796ea1e8f5e94c5a28fc8964762c8c0efa7983a188d521bf3420a42569d7124e6587950bc90b79583fa42cc8e2f8f74 -DIST lxc-1.0.8.tar.gz 575127 BLAKE2B 246ac7a2b4306c52a741b2f763bcc81dfb27942ef93d6a786ed2ea010c646f5a2388407d26425387b8a819cacae927c8512995bf19b11d610e1887ea6470 SHA512 f552a4f48bb47d26c6b9ddaf8221a439c0848e3f54ec41b77d54717c21bddd56193941046cc96c699790e8265e762a926469c25ee687adcf7795f2906b1c260a -DIST lxc-2.0.3.tar.gz 772448 BLAKE2B 2336edea328a0ac033f2183386a2907ee8a088032b089c073ae8bbce6f54c55788288be85fe35a0b547976d5868abc31b27ffe5a5049e8769350c2b48dd9310c SHA512 df714f189ec7aa681710fbd58405b8958740102032c0130d8a0eaaae0341a9bc91a215136203c404ad79773800f620bf6f71f811b3effe559aed66efa4f34fef -DIST lxc-2.0.4.tar.gz 775634 BLAKE2B 9699ae598c3dfddf458f62ca154a4ec75c3510d8dc0be98ebb6b10a30b21ec5e56ff9ec20615c0104a92124c4833e9439f88d04e0312a7c82f79ed7b6f802bbd SHA512 3f985bba5aaa8a70f0329316ea4f42ab135d58c47611154c62e103718212a4b2c5e4f25fd45c372424db1fbf40afdc8269ae98655fb3bc8e31085a5d948f702b -DIST lxc-2.0.5.tar.gz 778842 BLAKE2B 02015ece79c2d0f3d0028b004c56042e12d40993ac0fff3c56c747de542debb33c32256d66d266fa99b4263fecaa8bb77c5cc48dbf6e9ca322f87613c2099821 SHA512 8e14036597fa3407c87fb92d13b40bbca9a646d27d817e0a9d20fe626625d6cf04a1df65b1a723391d41a311b9f4f3432b3213004892d64355fe0edc7858cb9f -DIST lxc-2.0.6.tar.gz 788483 BLAKE2B 2b147f1699ad8cef9f7cae6e674af072fd92b017e94567dc8d50fad00a6ba75562dfd984b85d1b648aec059533a378b2212fef4be70941dfa3bd69ec1f53fb13 SHA512 f44c0498876462d78e57d19816eab666e90470badc2bbd38fed9f504e8b21c3e68e4d0f63a8676fa8716be60481befb3db44098228fd71b480972af2b5dcf1e3 DIST lxc-2.0.7.tar.gz 792557 BLAKE2B e5f1e6d8961938200e116527fab8ce341cf285826afdccac88f4bae65ffd649a406dac7555024557f38c4b415a59cd3b5fb255f1dbf015ce01d4975bed3b1c80 SHA512 eb48dc800ce43d2f4d46e0cecc4d0a714b3e22c6a4975776b54d17d1d20d5a1411e6b605215282f1f77286ddf22b61c80b86b83752191fc18023894ef7a1c44d DIST lxc-2.0.8.tar.gz 1308705 BLAKE2B 044e82e182f4ca325da237b888ff16b0469eb11ecdab2ed55f5e9372e84d816ec30edee28ef1473aaa7211a9d9aee0d26f45f169320551e45098da9de7a74104 SHA512 ed9fd47e92007f433695cffea659180866a5ac2778712f4eb13b6629bb18292589f5b674b734853ca196ba1f6d38bdbf3cc8a2bb28e25d3540b06b945fcf9096 diff --git a/app-emulation/lxc/files/lxc-1.0.8-bash-completion.patch b/app-emulation/lxc/files/lxc-1.0.8-bash-completion.patch deleted file mode 100644 index e9e0e6c98df..000 --- a/app-emulation/lxc/files/lxc-1.0.8-bash-completion.patch +++ /dev/null @@ -1,35 +0,0 @@ -Index: lxc-lxc-1.0.8/config/bash/Makefile.am -=== lxc-lxc-1.0.8.orig/config/bash/Makefile.am -+++ lxc-lxc-1.0.8/config/bash/Makefile.am -@@ -2,12 +2,12 @@ EXTRA_DIST = lxc - - if ENABLE_BASH - install-bash: -- $(MKDIR_P) $(DESTDIR)$(sysconfdir)/bash_completion.d/ -- $(INSTALL_DATA) lxc $(DESTDIR)$(sysconfdir)/bash_completion.d/ -+ $(MKDIR_P) $(DESTDIR)$(datarootdir)/bash-completion/completions/ -+ $(INSTALL_DATA) lxc $(DESTDIR)$(datarootdir)/bash-completion/completions/ - - uninstall-bash: -- rm -f $(DESTDIR)$(sysconfdir)/bash_completion.d/lxc --
[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/
commit: 2891603788e6f92f8c58ea74d26a48e62c3c21ab Author: Yixun Lan gentoo org> AuthorDate: Sat Dec 3 13:30:30 2016 + Commit: Yixun Lan gentoo org> CommitDate: Sat Dec 3 13:38:51 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=28916037 app-emulation/lxc: version bump rework bashcomp patch to make 2.0.6 happy Package-Manager: portage-2.3.2 app-emulation/lxc/Manifest | 1 + .../lxc/files/lxc-2.0.6-bash-completion.patch | 27 +++ app-emulation/lxc/lxc-2.0.6.ebuild | 200 + 3 files changed, 228 insertions(+) diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest index 155b6f9..075d3bf 100644 --- a/app-emulation/lxc/Manifest +++ b/app-emulation/lxc/Manifest @@ -3,3 +3,4 @@ DIST lxc-1.0.8.tar.gz 575127 SHA256 399ac3eb4e0a89d657fb2e2a57f686ed061d3f1ea473 DIST lxc-2.0.3.tar.gz 772448 SHA256 635afa330088fea57883018da326fc72f85460b5a6c7802ad68044381aff14f3 SHA512 df714f189ec7aa681710fbd58405b8958740102032c0130d8a0eaaae0341a9bc91a215136203c404ad79773800f620bf6f71f811b3effe559aed66efa4f34fef WHIRLPOOL 89ce2f6762c7279e24658c1154b5c2960d3db32e0ec3724b338f5d30da77cc0b33a2376e5eebe6d9c356bdd34c2aa9da1e2434aecd7e428fa4b729389e35b862 DIST lxc-2.0.4.tar.gz 775634 SHA256 57d40234aeecf5b60fb29d563e5a09d6a04c89e1267eb22a6704388ac8573e7b SHA512 3f985bba5aaa8a70f0329316ea4f42ab135d58c47611154c62e103718212a4b2c5e4f25fd45c372424db1fbf40afdc8269ae98655fb3bc8e31085a5d948f702b WHIRLPOOL b001c75d67d676e75b203d789cf2c0643ba9a47aa31965441340b66f28e18371415b9d44ce752e35102bc8677688eec6e586d800a33a2a965c8a046c091ebc06 DIST lxc-2.0.5.tar.gz 778842 SHA256 1f1c491b2ad5e74a85b8eb791ccac8128e6eaf5ddcc1323e9360997c030f7072 SHA512 8e14036597fa3407c87fb92d13b40bbca9a646d27d817e0a9d20fe626625d6cf04a1df65b1a723391d41a311b9f4f3432b3213004892d64355fe0edc7858cb9f WHIRLPOOL fa6ac86d67fe563f92411cbd09a0d66d729a0a15fe48076b42f4b3996e6b786826990bd51382c14606fd1b5240d413bc8d217fac37becd9baccd89de15d30b22 +DIST lxc-2.0.6.tar.gz 788483 SHA256 8723ef5973a47e7b2c439002c28590d74689e871d36f03089965503c0c0d50b2 SHA512 f44c0498876462d78e57d19816eab666e90470badc2bbd38fed9f504e8b21c3e68e4d0f63a8676fa8716be60481befb3db44098228fd71b480972af2b5dcf1e3 WHIRLPOOL 5bb2648637a46e3547edeba2ad46eb131b2ae194f5efe52a688157cfa3f361f51a832554a94bcd47074e65cbf8d1e1119d23548bdf83ca62c131400c40aff34a diff --git a/app-emulation/lxc/files/lxc-2.0.6-bash-completion.patch b/app-emulation/lxc/files/lxc-2.0.6-bash-completion.patch new file mode 100644 index ..6033e36 --- /dev/null +++ b/app-emulation/lxc/files/lxc-2.0.6-bash-completion.patch @@ -0,0 +1,27 @@ +diff --git a/config/bash/lxc.in b/config/bash/lxc.in +index 7dcf302..5927fe2 100644 +--- a/config/bash/lxc.in b/config/bash/lxc.in +@@ -1,4 +1,3 @@ +-_have lxc-start && { + _lxc_names() { + COMPREPLY=( $( compgen -W "$( lxc-ls )" "$cur" ) ) + } +@@ -100,4 +99,3 @@ _have lxc-start && { + + complete -o default -F _lxc_generic_o lxc-copy + complete -o default -F _lxc_generic_o lxc-start-ephemeral +-} +diff --git a/configure.ac b/configure.ac +index 4640c0d..14ccdd3 100644 +--- a/configure.ac b/configure.ac +@@ -478,7 +478,7 @@ AM_CONDITIONAL([ENABLE_BASH], [test "x$enable_bash" = "xyes"]) + AM_COND_IF([ENABLE_BASH], + [AC_MSG_CHECKING([bash completion directory]) + PKG_CHECK_VAR(bashcompdir, [bash-completion], [completionsdir], , +- bashcompdir="${sysconfdir}/bash_completion.d") ++ bashcompdir="$datadir/bash-completion/completions") + AC_MSG_RESULT([$bashcompdir]) + AC_SUBST(bashcompdir) + ]) diff --git a/app-emulation/lxc/lxc-2.0.6.ebuild b/app-emulation/lxc/lxc-2.0.6.ebuild new file mode 100644 index ..11e2839 --- /dev/null +++ b/app-emulation/lxc/lxc-2.0.6.ebuild @@ -0,0 +1,200 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="6" + +MY_P="${P/_/-}" +PYTHON_COMPAT=( python{3_4,3_5} ) +DISTUTILS_OPTIONAL=1 + +inherit autotools bash-completion-r1 distutils-r1 linux-info versionator flag-o-matic systemd + +DESCRIPTION="LinuX Containers userspace utilities" +HOMEPAGE="https://linuxcontainers.org/; +SRC_URI="https://github.com/lxc/lxc/archive/${MY_P}.tar.gz; + +KEYWORDS="~amd64 ~arm ~arm64" + +LICENSE="LGPL-3" +SLOT="0" +IUSE="cgmanager doc examples lua python seccomp" + +RDEPEND="net-libs/gnutls + sys-libs/libcap + cgmanager? ( app-admin/cgmanager ) + lua? ( >=dev-lang/lua-5.1:= ) + python? ( ${PYTHON_DEPS} ) + seccomp? ( sys-libs/libseccomp )" + +DEPEND="${RDEPEND} + doc? ( app-text/docbook-sgml-utils ) + >=sys-kernel/linux-headers-3.2" + +RDEPEND="${RDEPEND} + sys-process/criu + sys-apps/util-linux + app-misc/pax-utils + virtual/awk" + +CONFIG_CHECK="~CGROUPS ~CGROUP_DEVICE + ~CPUSETS ~CGROUP_CPUACCT + ~CGROUP_SCHED +
[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/
commit: 7ff4458b663f7af03854c75f020e4fb60b68ab09 Author: Erik Mackdanz gentoo org> AuthorDate: Sun Sep 4 15:28:43 2016 + Commit: Erik Mackdanz gentoo org> CommitDate: Sun Sep 4 15:29:40 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7ff4458b app-emulation/lxc: bump to 2.0.4 EAPI=6. Also add a condition around a removed kernel config option. Package-Manager: portage-2.3.0 app-emulation/lxc/Manifest | 1 + .../lxc/files/lxc-2.0.4-bash-completion.patch | 31 .../lxc/files/lxc-2.0.4-omit-sysconfig.patch | 5 + app-emulation/lxc/lxc-2.0.4.ebuild | 201 + 4 files changed, 238 insertions(+) diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest index 3260e04..fe865f9 100644 --- a/app-emulation/lxc/Manifest +++ b/app-emulation/lxc/Manifest @@ -1,3 +1,4 @@ DIST lxc-1.0.7.tar.gz 564985 SHA256 a0b1b09592e076e270dcb3ba004616d9ac3147f9de0b78ca39a30f8956b0a8f2 SHA512 e6ff42a7b41177e1be0d2cd47d4c554565c7fc35355f3aa8aeba00d4adc7a0f364ecd060ddb6c97b2fe5968329c4e4c4b3cb022bffd2da145f30880f077264a8 WHIRLPOOL f07e5e9efb8ff394aa9cdd6c3e725b453c8137ec221399cbf910d57dbc9268fc84e7227273567792821415dc14e774942b76a58a1a478de57d5c82e545702000 DIST lxc-1.0.8.tar.gz 575127 SHA256 399ac3eb4e0a89d657fb2e2a57f686ed061d3f1ea4733e7521b1539e9906c7ee SHA512 f552a4f48bb47d26c6b9ddaf8221a439c0848e3f54ec41b77d54717c21bddd56193941046cc96c699790e8265e762a926469c25ee687adcf7795f2906b1c260a WHIRLPOOL 72cd0b8b0345692dd9a3ed8785ee27f5e575794a96c515db1f1d073c29be4c06ae8c1ee24fa375a5ede2bba2494704916710b2e8814ed991d43330a40dff3d56 DIST lxc-2.0.3.tar.gz 772448 SHA256 635afa330088fea57883018da326fc72f85460b5a6c7802ad68044381aff14f3 SHA512 df714f189ec7aa681710fbd58405b8958740102032c0130d8a0eaaae0341a9bc91a215136203c404ad79773800f620bf6f71f811b3effe559aed66efa4f34fef WHIRLPOOL 89ce2f6762c7279e24658c1154b5c2960d3db32e0ec3724b338f5d30da77cc0b33a2376e5eebe6d9c356bdd34c2aa9da1e2434aecd7e428fa4b729389e35b862 +DIST lxc-2.0.4.tar.gz 775634 SHA256 57d40234aeecf5b60fb29d563e5a09d6a04c89e1267eb22a6704388ac8573e7b SHA512 3f985bba5aaa8a70f0329316ea4f42ab135d58c47611154c62e103718212a4b2c5e4f25fd45c372424db1fbf40afdc8269ae98655fb3bc8e31085a5d948f702b WHIRLPOOL b001c75d67d676e75b203d789cf2c0643ba9a47aa31965441340b66f28e18371415b9d44ce752e35102bc8677688eec6e586d800a33a2a965c8a046c091ebc06 diff --git a/app-emulation/lxc/files/lxc-2.0.4-bash-completion.patch b/app-emulation/lxc/files/lxc-2.0.4-bash-completion.patch new file mode 100644 index ..6feb4c2 --- /dev/null +++ b/app-emulation/lxc/files/lxc-2.0.4-bash-completion.patch @@ -0,0 +1,31 @@ +--- /config/bash/Makefile.am.orig 2016-05-18 20:40:42.238487678 + /config/bash/Makefile.am 2016-05-18 20:43:02.163497779 + +@@ -2,12 +2,12 @@ + + if ENABLE_BASH + install-bash: +- $(MKDIR_P) $(DESTDIR)$(sysconfdir)/bash_completion.d/ +- $(INSTALL_DATA) lxc $(DESTDIR)$(sysconfdir)/bash_completion.d/ ++ $(MKDIR_P) $(DESTDIR)$(datarootdir)/bash-completion/completions/ ++ $(INSTALL_DATA) lxc $(DESTDIR)$(datarootdir)/bash-completion/completions/ + + uninstall-bash: +- rm -f $(DESTDIR)$(sysconfdir)/bash_completion.d/lxc +- rmdir $(DESTDIR)$(sysconfdir)/bash_completion.d/ || : ++ rm -f $(DESTDIR)$(datarootdir)/bash-completion/completions/lxc ++ rmdir $(DESTDIR)$(datarootdir)/bash-completion/completions/ || : + + install-data-local: install-bash + uninstall-local: uninstall-bash +--- /config/bash/lxc.in.orig 2016-05-18 20:40:51.079488316 + /config/bash/lxc.in2016-05-18 20:45:03.506506538 + +@@ -1,4 +1,3 @@ +-_have lxc-start && { + _lxc_names() { + COMPREPLY=( $( compgen -W "$( lxc-ls )" "$cur" ) ) + } +@@ -100,4 +99,3 @@ + + complete -o default -F _lxc_generic_o lxc-copy + complete -o default -F _lxc_generic_o lxc-start-ephemeral +-} diff --git a/app-emulation/lxc/files/lxc-2.0.4-omit-sysconfig.patch b/app-emulation/lxc/files/lxc-2.0.4-omit-sysconfig.patch new file mode 100644 index ..3ec8135 --- /dev/null +++ b/app-emulation/lxc/files/lxc-2.0.4-omit-sysconfig.patch @@ -0,0 +1,5 @@ +--- /config/Makefile.am.orig 2016-05-19 02:56:11.891113982 + /config/Makefile.am2016-05-19 02:56:32.596115476 + +@@ -1 +1 @@ +-SUBDIRS = apparmor bash etc init selinux templates yum sysconfig ++SUBDIRS = apparmor bash etc init selinux templates yum diff --git a/app-emulation/lxc/lxc-2.0.4.ebuild b/app-emulation/lxc/lxc-2.0.4.ebuild new file mode 100644 index ..452f249 --- /dev/null +++ b/app-emulation/lxc/lxc-2.0.4.ebuild @@ -0,0 +1,201 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="6" + +MY_P="${P/_/-}" +PYTHON_COMPAT=( python{3_3,3_4,3_5} ) +DISTUTILS_OPTIONAL=1 + +inherit autotools bash-completion-r1 distutils-r1 linux-info versionator flag-o-matic
[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/
commit: 181fa35d157157f02add732e0b338c6127b51338 Author: Erik Mackdanz gentoo org> AuthorDate: Thu Jul 14 02:31:33 2016 + Commit: Erik Mackdanz gentoo org> CommitDate: Thu Jul 14 02:31:33 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=181fa35d app-emulation/lxc: Revbump to repair unit file Gentoo-bug: 588740 Package-Manager: portage-2.3.0 app-emulation/lxc/files/lxc.initd.5 | 119 +++ app-emulation/lxc/files/lxc_at.service.4 | 14 +++ app-emulation/lxc/lxc-2.0.3-r1.ebuild| 197 +++ 3 files changed, 330 insertions(+) diff --git a/app-emulation/lxc/files/lxc.initd.5 b/app-emulation/lxc/files/lxc.initd.5 new file mode 100644 index 000..e5a5236 --- /dev/null +++ b/app-emulation/lxc/files/lxc.initd.5 @@ -0,0 +1,119 @@ +#!/sbin/openrc-run +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +CONTAINER=${SVCNAME#*.} + +LXC_PATH=`lxc-config lxc.lxcpath` + +lxc_get_configfile() { + if [ -f "${LXC_PATH}/${CONTAINER}.conf" ]; then + echo "${LXC_PATH}/${CONTAINER}.conf" + elif [ -f "${LXC_PATH}/${CONTAINER}/config" ]; then + echo "${LXC_PATH}/${CONTAINER}/config" + else + eerror "Unable to find a suitable configuration file." + eerror "If you set up the container in a non-standard" + eerror "location, please set the CONFIGFILE variable." + return 1 + fi +} + +[ $CONTAINER != $SVCNAME ] && CONFIGFILE=${CONFIGFILE:-$(lxc_get_configfile)} + +lxc_get_var() { + awk 'BEGIN { FS="[ \t]*=[ \t]*" } $1 == "'$1'" { print $2; exit }' ${CONFIGFILE} +} + +lxc_get_net_link_type() { + awk 'BEGIN { FS="[ \t]*=[ \t]*"; _link=""; _type="" } + $1 == "lxc.network.type" {_type=$2;} + $1 == "lxc.network.link" {_link=$2;} + {if(_link != "" && _type != ""){ + printf("%s:%s\n", _link, _type ); + _link=""; _type=""; + }; }' <${CONFIGFILE} +} + +checkconfig() { + if [ ${CONTAINER} = ${SVCNAME} ]; then + eerror "You have to create an init script for each container:" + eerror " ln -s lxc /etc/init.d/lxc.container" + return 1 + fi + + # no need to output anything, the function takes care of that. + [ -z "${CONFIGFILE}" ] && return 1 + + utsname=$(lxc_get_var lxc.utsname) + if [ ${CONTAINER} != ${utsname} ]; then + eerror "You should use the same name for the service and the" + eerror "container. Right now the container is called ${utsname}" + return 1 + fi +} + +depend() { + # be quiet, since we have to run depend() also for the + # non-muxed init script, unfortunately. + checkconfig 2>/dev/null || return 0 + + config ${CONFIGFILE} + need localmount + use lxcfs + + local _x _if + for _x in $(lxc_get_net_link_type); do + _if=${_x%:*} + case "${_x##*:}" in + # when the network type is set to phys, we can make use of a + # network service (for instance to set it up before we disable + # the net_admin capability), but we might also not set it up + # at all on the host and leave the net_admin capable service + # to take care of it. + phys) use net.${_if} ;; + *) need net.${_if} ;; + esac + done +} + +start() { + checkconfig || return 1 + rm -f /var/log/lxc/${CONTAINER}.log + + rootpath=$(lxc_get_var lxc.rootfs) + + # Check the format of our init and the chroot's init, to see + # if we have to use linux32 or linux64; always use setarch + # when required, as that makes it easier to deal with + # x32-based containers. + case $(scanelf -BF '%a#f' ${rootpath}/sbin/init) in + EM_X86_64) setarch=linux64;; + EM_386) setarch=linux32;; + esac + + ebegin "Starting ${CONTAINER}" + env -i ${setarch} $(which lxc-start) -l WARN -n ${CONTAINER} -f ${CONFIGFILE} -d -o /var/log/lxc/${CONTAINER}.log + sleep 0.5 + + # lxc-start -d will _always_ report a correct startup, even if it + # failed, so rather than trust that, check that the cgroup exists. + [ -d /sys/fs/cgroup/cpuset/lxc/${CONTAINER} ] + eend $? +} + +stop() { + checkconfig || return 1 + + + if ! [ -d /sys/fs/cgroup/cpuset/lxc/${CONTAINER} ]; then + ewarn "${CONTAINER} doesn't seem to be started." + return 0 + fi + + # 10s should be enough to shut everything down + ebegin "Stopping ${CONTAINER}" + lxc-stop -t 10 -n ${CONTAINER} + eend $? +} diff --git
[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/
commit: b67a58f568f1f4077c7d9a12cc7b9e70b287e9c0 Author: Erik Mackdanz gentoo org> AuthorDate: Thu May 19 04:24:59 2016 + Commit: Erik Mackdanz gentoo org> CommitDate: Thu May 19 04:24:59 2016 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b67a58f5 app-emulation/lxc: version bump to 2.0.1 Gentoo-bug: 558854, 575352, 580864, 582018 Package-Manager: portage-2.2.28 app-emulation/lxc/Manifest | 1 + .../lxc/files/lxc-2.0.1-bash-completion.patch | 31 .../lxc/files/lxc-2.0.1-omit-sysconfig.patch | 5 + app-emulation/lxc/files/lxc.initd.4| 119 app-emulation/lxc/files/lxc_at.service.3 | 15 ++ app-emulation/lxc/lxc-2.0.1.ebuild | 200 + 6 files changed, 371 insertions(+) diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest index 4e61c43..ef86569 100644 --- a/app-emulation/lxc/Manifest +++ b/app-emulation/lxc/Manifest @@ -7,3 +7,4 @@ DIST lxc-1.1.2.tar.gz 597158 SHA256 f22fcf2659ca98dfe864e632374de98c42cdf465d0c6 DIST lxc-1.1.3.tar.gz 599889 SHA256 b75fb8e376d3313e152f31fb7372b68f33a953a12191a39de4cded04fff94300 SHA512 cafa4fbe4fe23b8c0b98007a79f20899c4a3b98c51d797b9c16e38dfec1eee5a513b58621308fe6551707d38028d9e5bd78ade8822691ffe4a7a369b10a48dda WHIRLPOOL 04ad57d8b189ab089b27adad8e511dcc2e5c563505f8134323ac9d738283bd5d0d929ebadeb69cd49ea68ea3e182f22c72590505cbf6f9d8438112e46909e1b5 DIST lxc-1.1.4.tar.gz 604167 SHA256 b087baf5ac4b94618388e6e759d9cdafcf5c98ed67bf9012ee9660076f9fb0d1 SHA512 b239c285b68ddb25c165e998307d69b368bb802e89c1e26de9daab956ffc05cb8e80bf7c796233552b08a57d1cc37c22777bb7a7469db111582184ee13272c93 WHIRLPOOL 2d69d0540c15274627cdbd0f1944a119b601e1298b9328ba336beae0aa6bffd62dfdf85af82f54c3926489e19b4cee7eaa6c35bcfb72e4b3904f85102055ae85 DIST lxc-1.1.5.tar.gz 607219 SHA256 eefce4cc679656cb8636bf0849f3ba6981c48167884e13dbcb377820a717c09c SHA512 e48ab549f1317afcb5f7768ab988ba27a3e9f1458504e1d70b2e27c502233e7b3538b8ce0b79940140a59a37681bcd8e459416e814f9e4814a4ed86b89e8df1c WHIRLPOOL 0d65ec400913b3298517ba0cb50e064b894d8b26cbd331662e11caee285a37aa1e0d1e4623b69e75585c4369544ca02ff97db90d5127c697cd53fde87d2bc968 +DIST lxc-2.0.1.tar.gz 772083 SHA256 543b927e0be6df256562afe05281552645c78c4a9c0881bf313e31ae13679a29 SHA512 f64cc7167bfed1cc74689bf7d9a5b1ad5b957d5791529c8319c55d2cc671dbd00df9c08fb8f10f73c0d77465a54eb4c98c980e66dd888f52c7670640c6bbf78f WHIRLPOOL a4d25a6733200fcc488b90c34715af8d5d9cd53632f8c82085e5dfe0216500c4714414b616bddda82f4ee014525fd222604d9d46d385658147e411060632f748 diff --git a/app-emulation/lxc/files/lxc-2.0.1-bash-completion.patch b/app-emulation/lxc/files/lxc-2.0.1-bash-completion.patch new file mode 100644 index 000..9ef6013 --- /dev/null +++ b/app-emulation/lxc/files/lxc-2.0.1-bash-completion.patch @@ -0,0 +1,31 @@ +--- lxc-lxc-2.0.1/config/bash/Makefile.am.orig 2016-05-18 20:40:42.238487678 + lxc-lxc-2.0.1/config/bash/Makefile.am 2016-05-18 20:43:02.163497779 + +@@ -2,12 +2,12 @@ + + if ENABLE_BASH + install-bash: +- $(MKDIR_P) $(DESTDIR)$(sysconfdir)/bash_completion.d/ +- $(INSTALL_DATA) lxc $(DESTDIR)$(sysconfdir)/bash_completion.d/ ++ $(MKDIR_P) $(DESTDIR)$(datarootdir)/bash-completion/completions/ ++ $(INSTALL_DATA) lxc $(DESTDIR)$(datarootdir)/bash-completion/completions/ + + uninstall-bash: +- rm -f $(DESTDIR)$(sysconfdir)/bash_completion.d/lxc +- rmdir $(DESTDIR)$(sysconfdir)/bash_completion.d/ || : ++ rm -f $(DESTDIR)$(datarootdir)/bash-completion/completions/lxc ++ rmdir $(DESTDIR)$(datarootdir)/bash-completion/completions/ || : + + install-data-local: install-bash + uninstall-local: uninstall-bash +--- lxc-lxc-2.0.1/config/bash/lxc.in.orig 2016-05-18 20:40:51.079488316 + lxc-lxc-2.0.1/config/bash/lxc.in 2016-05-18 20:45:03.506506538 + +@@ -1,4 +1,3 @@ +-_have lxc-start && { + _lxc_names() { + COMPREPLY=( $( compgen -W "$( lxc-ls )" "$cur" ) ) + } +@@ -100,4 +99,3 @@ + + complete -o default -F _lxc_generic_o lxc-copy + complete -o default -F _lxc_generic_o lxc-start-ephemeral +-} diff --git a/app-emulation/lxc/files/lxc-2.0.1-omit-sysconfig.patch b/app-emulation/lxc/files/lxc-2.0.1-omit-sysconfig.patch new file mode 100644 index 000..9b83a3b --- /dev/null +++ b/app-emulation/lxc/files/lxc-2.0.1-omit-sysconfig.patch @@ -0,0 +1,5 @@ +--- lxc-lxc-2.0.1/config/Makefile.am.orig 2016-05-19 02:56:11.891113982 + lxc-lxc-2.0.1/config/Makefile.am 2016-05-19 02:56:32.596115476 + +@@ -1 +1 @@ +-SUBDIRS = apparmor bash etc init selinux templates yum sysconfig ++SUBDIRS = apparmor bash etc init selinux templates yum diff --git a/app-emulation/lxc/files/lxc.initd.4 b/app-emulation/lxc/files/lxc.initd.4 new file mode 100644 index 000..c8325bc --- /dev/null +++ b/app-emulation/lxc/files/lxc.initd.4 @@ -0,0 +1,119 @@ +#!/sbin/runscript +#
[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/
commit: e5087471168deb08473cbbd2d1b62d4758e99110 Author: Markos Chandras gentoo org> AuthorDate: Sun Dec 6 16:49:09 2015 + Commit: Markos Chandras gentoo org> CommitDate: Sun Dec 6 18:54:07 2015 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e5087471 app-emulation/lxc: Version bump. Bug #565688 Package-Manager: portage-2.2.26 app-emulation/lxc/Manifest | 2 + .../lxc/files/lxc-1.0.8-bash-completion.patch | 35 app-emulation/lxc/lxc-1.0.8.ebuild | 189 app-emulation/lxc/lxc-1.1.5.ebuild | 198 + 4 files changed, 424 insertions(+) diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest index 59c2136..4e61c43 100644 --- a/app-emulation/lxc/Manifest +++ b/app-emulation/lxc/Manifest @@ -1,7 +1,9 @@ DIST lxc-1.0.6.tar.gz 561249 SHA256 2aea199a89e2cd946f93406af6c3f62844f36954b79a6991b36d2c33022cb11c SHA512 fe85ccb57865d86704df6b4b79d60f31892785b07dc9dd2580cc6c384c89c29c23516e906b7a16bc03c6582c1fb2432bb8ff11bd17c09efa8f6a035fb41f46b1 WHIRLPOOL 9e77453fbe31523a2e8f39cfaba6f09fef68d00b54549167a0cde56c00934f827f5b4190b9fb64242f36782a9fcda63e6796c35fd47420870c2cee7b9bc0a1c8 DIST lxc-1.0.7.tar.gz 564985 SHA256 a0b1b09592e076e270dcb3ba004616d9ac3147f9de0b78ca39a30f8956b0a8f2 SHA512 e6ff42a7b41177e1be0d2cd47d4c554565c7fc35355f3aa8aeba00d4adc7a0f364ecd060ddb6c97b2fe5968329c4e4c4b3cb022bffd2da145f30880f077264a8 WHIRLPOOL f07e5e9efb8ff394aa9cdd6c3e725b453c8137ec221399cbf910d57dbc9268fc84e7227273567792821415dc14e774942b76a58a1a478de57d5c82e545702000 +DIST lxc-1.0.8.tar.gz 575127 SHA256 399ac3eb4e0a89d657fb2e2a57f686ed061d3f1ea4733e7521b1539e9906c7ee SHA512 f552a4f48bb47d26c6b9ddaf8221a439c0848e3f54ec41b77d54717c21bddd56193941046cc96c699790e8265e762a926469c25ee687adcf7795f2906b1c260a WHIRLPOOL 72cd0b8b0345692dd9a3ed8785ee27f5e575794a96c515db1f1d073c29be4c06ae8c1ee24fa375a5ede2bba2494704916710b2e8814ed991d43330a40dff3d56 DIST lxc-1.1.0.tar.gz 592543 SHA256 216e806f7e18e5bfbc782493a9e44fc255f24a587d6faee94cda848a0b949155 SHA512 160da88d6dc96cd9f0679f948bfed057c024adcd459fa4b79e872d12284fa3774ac33a13923c6e150072886a371ccfcdf7ab2c4587efa7f6175fc91a67525c4a WHIRLPOOL 2caf81418850ea8b1ecf25b25e799895563ecf1819f32310fcbb4efe88f711eafe2bcb16a0d3b8ee59072c770a5520b4df90a5962215b932e68a4705c4a56d61 DIST lxc-1.1.1.tar.gz 594112 SHA256 64951fdd39df2bea083bb5a8ac35a7390daf2dc7753d8fce33138129892ef672 SHA512 8af3fb43127b57de4e252baf5cb387270955062ff3838e4807a93d04520ca23f0457913bc8274da51b20961fb08650f9b976a84d395785aca2b2d300b285d549 WHIRLPOOL 4f28b976dd6710705d6361b9a45fef9a1265dffef0cedd0fb304f2820585ece3e2bb64d4c5289d444b3ab55bac265850943c63cdf258c40c45c99176a788ca2a DIST lxc-1.1.2.tar.gz 597158 SHA256 f22fcf2659ca98dfe864e632374de98c42cdf465d0c694834b6f6098a3cb8519 SHA512 7c4c9b5418321eedcd37a3f5c2c99ff227de48f672cabd1722a74722077d33badb038675ec95fc3e338eaf2b06972c4ffb2e11f36347587ef71a95fad5b66daa WHIRLPOOL 2b657a9195b6357a367f6aa7609952d9162aae7d7be3f2c5e4cda4b2e81f2c7411835e75af5740cca053d445a3cf7dc7457f9e76ca866de7265e99ed42c744e9 DIST lxc-1.1.3.tar.gz 599889 SHA256 b75fb8e376d3313e152f31fb7372b68f33a953a12191a39de4cded04fff94300 SHA512 cafa4fbe4fe23b8c0b98007a79f20899c4a3b98c51d797b9c16e38dfec1eee5a513b58621308fe6551707d38028d9e5bd78ade8822691ffe4a7a369b10a48dda WHIRLPOOL 04ad57d8b189ab089b27adad8e511dcc2e5c563505f8134323ac9d738283bd5d0d929ebadeb69cd49ea68ea3e182f22c72590505cbf6f9d8438112e46909e1b5 DIST lxc-1.1.4.tar.gz 604167 SHA256 b087baf5ac4b94618388e6e759d9cdafcf5c98ed67bf9012ee9660076f9fb0d1 SHA512 b239c285b68ddb25c165e998307d69b368bb802e89c1e26de9daab956ffc05cb8e80bf7c796233552b08a57d1cc37c22777bb7a7469db111582184ee13272c93 WHIRLPOOL 2d69d0540c15274627cdbd0f1944a119b601e1298b9328ba336beae0aa6bffd62dfdf85af82f54c3926489e19b4cee7eaa6c35bcfb72e4b3904f85102055ae85 +DIST lxc-1.1.5.tar.gz 607219 SHA256 eefce4cc679656cb8636bf0849f3ba6981c48167884e13dbcb377820a717c09c SHA512 e48ab549f1317afcb5f7768ab988ba27a3e9f1458504e1d70b2e27c502233e7b3538b8ce0b79940140a59a37681bcd8e459416e814f9e4814a4ed86b89e8df1c WHIRLPOOL 0d65ec400913b3298517ba0cb50e064b894d8b26cbd331662e11caee285a37aa1e0d1e4623b69e75585c4369544ca02ff97db90d5127c697cd53fde87d2bc968 diff --git a/app-emulation/lxc/files/lxc-1.0.8-bash-completion.patch b/app-emulation/lxc/files/lxc-1.0.8-bash-completion.patch new file mode 100644 index 000..e9e0e6c --- /dev/null +++ b/app-emulation/lxc/files/lxc-1.0.8-bash-completion.patch @@ -0,0 +1,35 @@ +Index: lxc-lxc-1.0.8/config/bash/Makefile.am +=== +--- lxc-lxc-1.0.8.orig/config/bash/Makefile.am lxc-lxc-1.0.8/config/bash/Makefile.am +@@ -2,12 +2,12 @@ EXTRA_DIST = lxc + + if ENABLE_BASH + install-bash: +- $(MKDIR_P) $(DESTDIR)$(sysconfdir)/bash_completion.d/ +- $(INSTALL_DATA) lxc $(DESTDIR)$(sysconfdir)/bash_completion.d/ ++
[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/
commit: ded368f9a246102c62a83377408b4b8ba489129f Author: Markos Chandras gentoo org> AuthorDate: Sat Sep 5 08:06:36 2015 + Commit: Markos Chandras gentoo org> CommitDate: Sat Sep 5 08:08:23 2015 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ded368f9 app-emulation/lxc: Version bump Package-Manager: portage-2.2.20.1 app-emulation/lxc/Manifest | 1 + .../lxc/files/lxc-1.1.3-bash-completion.patch | 35 app-emulation/lxc/lxc-1.1.3.ebuild | 194 + 3 files changed, 230 insertions(+) diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest index cc4a565..fe67c91 100644 --- a/app-emulation/lxc/Manifest +++ b/app-emulation/lxc/Manifest @@ -3,3 +3,4 @@ DIST lxc-1.0.7.tar.gz 564985 SHA256 a0b1b09592e076e270dcb3ba004616d9ac3147f9de0b DIST lxc-1.1.0.tar.gz 592543 SHA256 216e806f7e18e5bfbc782493a9e44fc255f24a587d6faee94cda848a0b949155 SHA512 160da88d6dc96cd9f0679f948bfed057c024adcd459fa4b79e872d12284fa3774ac33a13923c6e150072886a371ccfcdf7ab2c4587efa7f6175fc91a67525c4a WHIRLPOOL 2caf81418850ea8b1ecf25b25e799895563ecf1819f32310fcbb4efe88f711eafe2bcb16a0d3b8ee59072c770a5520b4df90a5962215b932e68a4705c4a56d61 DIST lxc-1.1.1.tar.gz 594112 SHA256 64951fdd39df2bea083bb5a8ac35a7390daf2dc7753d8fce33138129892ef672 SHA512 8af3fb43127b57de4e252baf5cb387270955062ff3838e4807a93d04520ca23f0457913bc8274da51b20961fb08650f9b976a84d395785aca2b2d300b285d549 WHIRLPOOL 4f28b976dd6710705d6361b9a45fef9a1265dffef0cedd0fb304f2820585ece3e2bb64d4c5289d444b3ab55bac265850943c63cdf258c40c45c99176a788ca2a DIST lxc-1.1.2.tar.gz 597158 SHA256 f22fcf2659ca98dfe864e632374de98c42cdf465d0c694834b6f6098a3cb8519 SHA512 7c4c9b5418321eedcd37a3f5c2c99ff227de48f672cabd1722a74722077d33badb038675ec95fc3e338eaf2b06972c4ffb2e11f36347587ef71a95fad5b66daa WHIRLPOOL 2b657a9195b6357a367f6aa7609952d9162aae7d7be3f2c5e4cda4b2e81f2c7411835e75af5740cca053d445a3cf7dc7457f9e76ca866de7265e99ed42c744e9 +DIST lxc-1.1.3.tar.gz 599889 SHA256 b75fb8e376d3313e152f31fb7372b68f33a953a12191a39de4cded04fff94300 SHA512 cafa4fbe4fe23b8c0b98007a79f20899c4a3b98c51d797b9c16e38dfec1eee5a513b58621308fe6551707d38028d9e5bd78ade8822691ffe4a7a369b10a48dda WHIRLPOOL 04ad57d8b189ab089b27adad8e511dcc2e5c563505f8134323ac9d738283bd5d0d929ebadeb69cd49ea68ea3e182f22c72590505cbf6f9d8438112e46909e1b5 diff --git a/app-emulation/lxc/files/lxc-1.1.3-bash-completion.patch b/app-emulation/lxc/files/lxc-1.1.3-bash-completion.patch new file mode 100644 index 000..3bcb40c --- /dev/null +++ b/app-emulation/lxc/files/lxc-1.1.3-bash-completion.patch @@ -0,0 +1,35 @@ +Index: lxc-lxc-1.1.3/config/bash/Makefile.am +=== +--- lxc-lxc-1.1.3.orig/config/bash/Makefile.am lxc-lxc-1.1.3/config/bash/Makefile.am +@@ -2,12 +2,12 @@ EXTRA_DIST = lxc + + if ENABLE_BASH + install-bash: +- $(MKDIR_P) $(DESTDIR)$(sysconfdir)/bash_completion.d/ +- $(INSTALL_DATA) lxc $(DESTDIR)$(sysconfdir)/bash_completion.d/ ++ $(MKDIR_P) $(DESTDIR)$(datarootdir)/bash-completion/completions// ++ $(INSTALL_DATA) lxc $(DESTDIR)$(datarootdir)/bash-completion/completions/ + + uninstall-bash: +- rm -f $(DESTDIR)$(sysconfdir)/bash_completion.d/lxc +- rmdir $(DESTDIR)$(sysconfdir)/bash_completion.d/ || : ++ rm -f $(DESTDIR)$(datarootdir)/bash-completion/completions/lxc ++ rmdir $(DESTDIR)$(datarootdir)/bash-completion/ || : + + install-data-local: install-bash + uninstall-local: uninstall-bash +Index: lxc-lxc-1.1.3/config/bash/lxc.in +=== +--- lxc-lxc-1.1.3.orig/config/bash/lxc.in lxc-lxc-1.1.3/config/bash/lxc.in +@@ -1,4 +1,3 @@ +-have lxc-start && { + _lxc_names() { + COMPREPLY=( $( compgen -W "$( lxc-ls )" "$cur" ) ) + } +@@ -100,4 +99,3 @@ have lxc-start && { + + complete -o default -F _lxc_generic_o lxc-clone + complete -o default -F _lxc_generic_o lxc-start-ephemeral +-} diff --git a/app-emulation/lxc/lxc-1.1.3.ebuild b/app-emulation/lxc/lxc-1.1.3.ebuild new file mode 100644 index 000..4a336ef --- /dev/null +++ b/app-emulation/lxc/lxc-1.1.3.ebuild @@ -0,0 +1,194 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +MY_P="${P/_/-}" +PYTHON_COMPAT=( python{3_3,3_4} ) +DISTUTILS_OPTIONAL=1 + +inherit autotools bash-completion-r1 distutils-r1 eutils linux-info versionator flag-o-matic systemd + +DESCRIPTION="LinuX Containers userspace utilities" +HOMEPAGE="https://linuxcontainers.org/; +SRC_URI="https://github.com/lxc/lxc/archive/${MY_P}.tar.gz; + +KEYWORDS="~amd64 ~arm ~arm64" + +LICENSE="LGPL-3" +SLOT="0" +IUSE="cgmanager doc examples lua python seccomp" + +RDEPEND="net-libs/gnutls + sys-libs/libcap + cgmanager? ( app-admin/cgmanager ) + lua? ( >=dev-lang/lua-5.1:= ) + python? (