[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/

2021-10-29 Thread Joonas Niilola 
commit: 190499d396a2eac96f71a02e4b9e65d1d169d0e7
Author: Joonas Niilola  gentoo  org>
AuthorDate: Fri Oct 29 07:11:32 2021 +
Commit: Joonas Niilola  gentoo  org>
CommitDate: Fri Oct 29 07:14:27 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=190499d3

app-emulation/lxc: add io-uring patches for 4.0.11

Bug: https://bugs.gentoo.org/820545
Signed-off-by: Joonas Niilola  gentoo.org>

 .../lxc/files/lxc-4.0.11_p1-liburing-sync1.patch   |  29 
 .../lxc/files/lxc-4.0.11_p1-liburing-sync2.patch   |  28 +++
 app-emulation/lxc/lxc-4.0.11_p1.ebuild | 188 +
 3 files changed, 245 insertions(+)

diff --git a/app-emulation/lxc/files/lxc-4.0.11_p1-liburing-sync1.patch 
b/app-emulation/lxc/files/lxc-4.0.11_p1-liburing-sync1.patch
new file mode 100644
index 000..cd497a75552
--- /dev/null
+++ b/app-emulation/lxc/files/lxc-4.0.11_p1-liburing-sync1.patch
@@ -0,0 +1,29 @@
+From aac3f106ff012e1d6835b20c250dcf09c364530c Mon Sep 17 00:00:00 2001
+From: Christian Brauner 
+Date: Thu, 28 Oct 2021 17:39:11 +0200
+Subject: [PATCH] mainloop: make sure that descr->ring is allocated
+
+This is future proofing more than anything else.
+
+Signed-off-by: Christian Brauner 
+---
+ src/lxc/mainloop.c | 6 --
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/src/lxc/mainloop.c b/src/lxc/mainloop.c
+index 7c8f5d86af..17a4d55293 100644
+--- a/src/lxc/mainloop.c
 b/src/lxc/mainloop.c
+@@ -515,8 +515,10 @@ void lxc_mainloop_close(struct lxc_async_descr *descr)
+ 
+   if (descr->type == LXC_MAINLOOP_IO_URING) {
+ #if HAVE_LIBURING
+-  io_uring_queue_exit(descr->ring);
+-  munmap(descr->ring, sizeof(struct io_uring));
++  if (descr->ring) {
++  io_uring_queue_exit(descr->ring);
++  munmap(descr->ring, sizeof(struct io_uring));
++  }
+ #else
+   ERROR("Unsupported io_uring mainloop");
+ #endif

diff --git a/app-emulation/lxc/files/lxc-4.0.11_p1-liburing-sync2.patch 
b/app-emulation/lxc/files/lxc-4.0.11_p1-liburing-sync2.patch
new file mode 100644
index 000..33b8554193d
--- /dev/null
+++ b/app-emulation/lxc/files/lxc-4.0.11_p1-liburing-sync2.patch
@@ -0,0 +1,28 @@
+From a585382b972c25ee8489147d94918d001ef439a7 Mon Sep 17 00:00:00 2001
+From: Christian Brauner 
+Date: Thu, 28 Oct 2021 17:39:42 +0200
+Subject: [PATCH] start: check event loop type before closing fd
+
+Since this is a union we might otherwise stomp on io_uring mmap()ed
+memory.
+
+Fixes: #4016
+Signed-off-by: Christian Brauner 
+---
+ src/lxc/start.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/lxc/start.c b/src/lxc/start.c
+index 8f7173ec8c..1a6046c7a4 100644
+--- a/src/lxc/start.c
 b/src/lxc/start.c
+@@ -629,7 +629,8 @@ int lxc_poll(const char *name, struct lxc_handler *handler)
+   TRACE("Mainloop is ready");
+ 
+   ret = lxc_mainloop(, -1);
+-  close_prot_errno_disarm(descr.epfd);
++  if (descr.type == LXC_MAINLOOP_EPOLL)
++  close_prot_errno_disarm(descr.epfd);
+   if (ret < 0 || !handler->init_died)
+   goto out_mainloop_console;
+ 

diff --git a/app-emulation/lxc/lxc-4.0.11_p1.ebuild 
b/app-emulation/lxc/lxc-4.0.11_p1.ebuild
new file mode 100644
index 000..e7de06da0ae
--- /dev/null
+++ b/app-emulation/lxc/lxc-4.0.11_p1.ebuild
@@ -0,0 +1,188 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools bash-completion-r1 linux-info flag-o-matic optfeature pam 
readme.gentoo-r1 systemd verify-sig
+
+DESCRIPTION="A userspace interface for the Linux kernel containment features"
+HOMEPAGE="https://linuxcontainers.org/ https://github.com/lxc/lxc;
+SRC_URI="https://linuxcontainers.org/downloads/lxc/${P/_p1}.tar.gz
+   verify-sig? ( 
https://linuxcontainers.org/downloads/lxc/${P/_p1}.tar.gz.asc )"
+
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86"
+
+LICENSE="GPL-2 LGPL-2.1 LGPL-3"
+SLOT="0"
+IUSE="apparmor +caps doc io-uring man pam seccomp selinux +ssl +tools 
verify-sig"
+
+RDEPEND="acct-group/lxc
+   acct-user/lxc
+   app-misc/pax-utils
+   sys-apps/util-linux
+   sys-libs/libcap
+   virtual/awk
+   caps? ( sys-libs/libcap )
+   io-uring? ( sys-libs/liburing:= )
+   pam? ( sys-libs/pam )
+   seccomp? ( sys-libs/libseccomp )
+   selinux? ( sys-libs/libselinux )
+   ssl? (
+   dev-libs/openssl:0=
+   )"
+DEPEND="${RDEPEND}
+   >=sys-kernel/linux-headers-4
+   apparmor? ( sys-apps/apparmor )"
+BDEPEND="virtual/pkgconfig
+   doc? ( app-doc/doxygen[dot] )
+   man? ( app-text/docbook-sgml-utils )
+   verify-sig? ( app-crypt/openpgp-keys-linuxcontainers )"
+
+CONFIG_CHECK="~!NETPRIO_CGROUP
+   ~CGROUPS
+   ~CGROUP_CPUACCT
+   ~CGROUP_DEVICE
+   ~CGROUP_FREEZER
+
+   ~CGROUP_SCHED
+   ~CPUSETS
+

[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/

2021-10-03 Thread Joonas Niilola 
commit: 4dc7966809327f076560b08c54b9823c05a53472
Author: Joonas Niilola  gentoo  org>
AuthorDate: Mon Oct  4 05:35:35 2021 +
Commit: Joonas Niilola  gentoo  org>
CommitDate: Mon Oct  4 05:40:20 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4dc79668

app-emulation/lxc: drop 4.0.9-r1

Signed-off-by: Joonas Niilola  gentoo.org>

 app-emulation/lxc/Manifest |   2 -
 ...lxc-4.0.9-handle-kernels-with-CAP_SETFCAP.patch |  93 ---
 app-emulation/lxc/lxc-4.0.9-r1.ebuild  | 174 -
 3 files changed, 269 deletions(-)

diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest
index 09e200675c9..4733a92e509 100644
--- a/app-emulation/lxc/Manifest
+++ b/app-emulation/lxc/Manifest
@@ -1,4 +1,2 @@
 DIST lxc-4.0.10.tar.gz 1515002 BLAKE2B 
2a5b94ad767c8a11a5c34d19f12d812bd284337045ad5021c80a5f69be608085ac465edde8c385cc558e45638c9f061793c0c9db616ccbe0614554b4fbf62005
 SHA512 
ec3ccf344a91b50b30985562c54ad93d2db2d29c24d31da8e3a69e801c8bd23c1560274c1850c39eb7e984940ba86d3ebae75db136320d6bbc5eb03bda4c5318
 DIST lxc-4.0.10.tar.gz.asc 833 BLAKE2B 
3dd6e8793d1b725ab9eb73d4fa78ce2767bf830fb70d6cc7052e70d2adbc46e4fcf6d986595322b64cb9c71417b801ef6ee3c7612c46dbeb10acba01a5bd69e0
 SHA512 
dd2d3ac4e066eca4e0358c9a2c371a227d3a0b5cf6e452fe34fa5c8cff46e25fa0555c9f707511a8603348fa969c1e7abf85ad7d27fdcaff613b733066861608
-DIST lxc-4.0.9.tar.gz 1500310 BLAKE2B 
3796d36b6f76ec595dc28207e66ec9f5a7c1a39f5c5ebc851638c519be35f59b4ec06a71b2866cd8fef0a6140f61fd4b70c900f5a8ffd42d7da7a30d3ff59975
 SHA512 
4ef9d9efdd4118fdffde8b49c6ae71cf5eb060be51daaa4f4ceb804c743fbf3278e6518e6a694faefc720f2834f98ac48d67842d589a2120b8f7ec4c3b61fa84
-DIST lxc-4.0.9.tar.gz.asc 833 BLAKE2B 
2d275c968831410d987aa7f8062f4e35ba15043f92f38fd3bdd6bf80964906741d05ccd93789132d421ee1c8778cec6a2e76c4f0eb2165cf0107261495fa6856
 SHA512 
4c90dfbdba90959ee8df5da8ca8b240f65ab03ab91637833c677e2a73592c09f9c5a55b9a261be6efb0888156c916223ff1aa9003b18d46e667908aaa550c944

diff --git 
a/app-emulation/lxc/files/lxc-4.0.9-handle-kernels-with-CAP_SETFCAP.patch 
b/app-emulation/lxc/files/lxc-4.0.9-handle-kernels-with-CAP_SETFCAP.patch
deleted file mode 100644
index 6fba3c4154a..000
--- a/app-emulation/lxc/files/lxc-4.0.9-handle-kernels-with-CAP_SETFCAP.patch
+++ /dev/null
@@ -1,93 +0,0 @@
-From 91ad9b94bcd964adfbaa8d84d8f39304d39835d0 Mon Sep 17 00:00:00 2001
-From: Christian Brauner 
-Date: Thu, 6 May 2021 18:16:45 +0200
-Subject: [PATCH] conf: handle kernels with CAP_SETFCAP
-
-LXC is being very clever and sometimes maps the caller's uid into the
-child userns. This means that the caller can technically write fscaps
-that are valid in the ancestor userns (which can be a security issue in
-some scenarios) so newer kernels require CAP_SETFCAP to do this. Until
-newuidmap/newgidmap are updated to account for this simply write the
-mapping directly in this case.
-
-Cc: stable-4.0
-Signed-off-by: Christian Brauner 

- src/lxc/conf.c | 25 -
- 1 file changed, 20 insertions(+), 5 deletions(-)
-
-diff --git a/src/lxc/conf.c b/src/lxc/conf.c
-index 72e21b5300..f388946970 100644
 a/src/lxc/conf.c
-+++ b/src/lxc/conf.c
-@@ -2978,6 +2978,9 @@ static int lxc_map_ids_exec_wrapper(void *args)
-   return -1;
- }
- 
-+static struct id_map *find_mapped_hostid_entry(const struct lxc_list *idmap,
-+ unsigned id, enum idtype idtype);
-+
- int lxc_map_ids(struct lxc_list *idmap, pid_t pid)
- {
-   int fill, left;
-@@ -2991,12 +2994,22 @@ int lxc_map_ids(struct lxc_list *idmap, pid_t pid)
-   char mapbuf[STRLITERALLEN("new@idmap") + STRLITERALLEN(" ") +
-   INTTYPE_TO_STRLEN(pid_t) + STRLITERALLEN(" ") +
-   LXC_IDMAPLEN] = {0};
--  bool had_entry = false, use_shadow = false;
-+  bool had_entry = false, maps_host_root = false, use_shadow = false;
-   int hostuid, hostgid;
- 
-   hostuid = geteuid();
-   hostgid = getegid();
- 
-+  /*
-+   * Check whether caller wants to map host root.
-+   * Due to a security fix newer kernels require CAP_SETFCAP when mapping
-+   * host root into the child userns as you would be able to write fscaps
-+   * that would be valid in the ancestor userns. Mapping host root should
-+   * rarely be the case but LXC is being clever in a bunch of cases.
-+   */
-+  if (find_mapped_hostid_entry(idmap, 0, ID_TYPE_UID))
-+  maps_host_root = true;
-+
-   /* If new{g,u}idmap exists, that is, if shadow is handing out subuid
-* ranges, then insist that root also reserve ranges in subuid. This
-* will protected it by preventing another user from being handed the
-@@ -3014,7 +3027,9 @@ int lxc_map_ids(struct lxc_list *idmap, pid_t pid)
-   else if (!gidmap)
-   WARN("newgidmap is lacking necessary privileges");
- 
--  if (uidmap > 0 && gidmap > 0) {
-+

[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/

2020-06-26 Thread Joonas Niilola 
commit: 6c40eb984e49764b0684e1823d2805adaea69c52
Author: Joonas Niilola  gentoo  org>
AuthorDate: Fri Jun 26 07:54:21 2020 +
Commit: Joonas Niilola  gentoo  org>
CommitDate: Fri Jun 26 08:13:01 2020 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6c40eb98

app-emulation/lxc: remove old 3.0.3

Signed-off-by: Joonas Niilola  gentoo.org>

 app-emulation/lxc/Manifest   |   1 -
 app-emulation/lxc/files/lxc.initd.7  | 124 ---
 app-emulation/lxc/files/lxc_at.service.4 |  14 ---
 app-emulation/lxc/lxc-3.0.3.ebuild   | 163 ---
 4 files changed, 302 deletions(-)

diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest
index 768faa21194..f8760f06bb4 100644
--- a/app-emulation/lxc/Manifest
+++ b/app-emulation/lxc/Manifest
@@ -1,2 +1 @@
-DIST lxc-3.0.3.tar.gz 1263371 BLAKE2B 
77d0f593119654f570ae748d305e86c27117fd4e9ec7bdab1110f5356afb4a00d81c105ae9757d9da5827f6883a4a5d8ddc43b5b6e56a2927ed990e757f7c7b6
 SHA512 
cdc411364153d7ed494bab604260f5cbdfd5bd7734a59af970b3198c7b3cb340b6736856a2189d5989e169945a817ac8b531bc3ab62217a4285dd63a851f9c8a
 DIST lxc-4.0.2.tar.gz 1352667 BLAKE2B 
2ecc076bacb9bb1c2a808422f7b2e0cbfc74bf3bec6ca89ea58eb6ef4a414353c2e58163bff17b3304beb39f4980d10f54365f739645c1581bfca9f6079bf57c
 SHA512 
0de6c1f9649d161579b45fc28a735f703c4498eff9c588462b838220aeab73f91921db628f77bc461eff38c7583cac10a38951263181956e2d33412a406f3ef3

diff --git a/app-emulation/lxc/files/lxc.initd.7 
b/app-emulation/lxc/files/lxc.initd.7
deleted file mode 100644
index 6a42b6aac52..000
--- a/app-emulation/lxc/files/lxc.initd.7
+++ /dev/null
@@ -1,124 +0,0 @@
-#!/sbin/openrc-run
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-CONTAINER=${SVCNAME#*.}
-
-LXC_PATH=`lxc-config lxc.lxcpath`
-
-lxc_get_configfile() {
-   if [ -f "${LXC_PATH}/${CONTAINER}.conf" ]; then
-   echo "${LXC_PATH}/${CONTAINER}.conf"
-   elif [ -f "${LXC_PATH}/${CONTAINER}/config" ]; then
-   echo "${LXC_PATH}/${CONTAINER}/config"
-   else
-   eerror "Unable to find a suitable configuration file."
-   eerror "If you set up the container in a non-standard"
-   eerror "location, please set the CONFIGFILE variable."
-   return 1
-   fi
-}
-
-[ $CONTAINER != $SVCNAME ] && CONFIGFILE=${CONFIGFILE:-$(lxc_get_configfile)}
-
-lxc_get_var() {
-   awk 'BEGIN { FS="[ \t]*=[ \t]*" } $1 == "'$1'" { print $2; exit }' 
${CONFIGFILE}
-}
-
-lxc_get_net_link_type() {
-   awk 'BEGIN { FS="[ \t]*=[ \t]*"; _link=""; _type="" }
-   $1 == "lxc.network.type" {_type=$2;}
-   $1 == "lxc.network.link" {_link=$2;}
-   match($1, /lxc\.net\.[[:digit:]]+\.type/) {_type=$2;}
-   match($1, /lxc\.net\.[[:digit:]]+\.link/) {_link=$2;}
-   {if(_link != "" && _type != ""){
-   printf("%s:%s\n", _link, _type );
-   _link=""; _type="";
-   }; }' <${CONFIGFILE}
-}
-
-checkconfig() {
-   if [ ${CONTAINER} = ${SVCNAME} ]; then
-   eerror "You have to create an init script for each container:"
-   eerror " ln -s lxc /etc/init.d/lxc.container"
-   return 1
-   fi
-
-   # no need to output anything, the function takes care of that.
-   [ -z "${CONFIGFILE}" ] && return 1
-
-   utsname=$(lxc_get_var lxc.uts.name)
-   if [ -z "$utsname" ] ; then
-   utsname=$(lxc_get_var lxc.utsname)
-   fi
-
-   if [ "${CONTAINER}" != "${utsname}" ]; then
-   eerror "You should use the same name for the service and the"
-   eerror "container. Right now the container is called ${utsname}"
-   return 1
-   fi
-}
-
-depend() {
-   # be quiet, since we have to run depend() also for the
-   # non-muxed init script, unfortunately.
-   checkconfig 2>/dev/null || return 0
-
-   config ${CONFIGFILE}
-   need localmount
-   use lxcfs
-
-   local _x _if
-   for _x in $(lxc_get_net_link_type); do
-   _if=${_x%:*}
-   case "${_x##*:}" in
-   # when the network type is set to phys, we can make use 
of a
-   # network service (for instance to set it up before we 
disable
-   # the net_admin capability), but we might also not set 
it up
-   # at all on the host and leave the net_admin capable 
service
-   # to take care of it.
-   phys)   use net.${_if} ;;
-   *)  need net.${_if} ;;
-   esac
-   done
-}
-
-start() {
-   checkconfig || return 1
-   rm -f /var/log/lxc/${CONTAINER}.log
-
-   rootpath=$(lxc_get_var lxc.rootfs)
-
-   # Check the format of our init and the chroot's init, to see
-   # if we have to use

[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/

2018-10-06 Thread Virgil Dupras 
commit: 8d9eb3429c0bf701bde2eb67c43d9147c225dfdd
Author: Virgil Dupras  gentoo  org>
AuthorDate: Sun Oct  7 02:24:34 2018 +
Commit: Virgil Dupras  gentoo  org>
CommitDate: Sun Oct  7 02:24:34 2018 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8d9eb342

app-emulation/lxc: remove old

Signed-off-by: Virgil Dupras  gentoo.org>
Package-Manager: Portage-2.3.50, Repoman-2.3.11

 app-emulation/lxc/Manifest |   1 -
 .../lxc/files/lxc-3.0.1-cve-2018-6556.patch| 110 --
 app-emulation/lxc/lxc-3.0.1-r1.ebuild  | 163 -
 3 files changed, 274 deletions(-)

diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest
index 8682903f737..06d28c40ad9 100644
--- a/app-emulation/lxc/Manifest
+++ b/app-emulation/lxc/Manifest
@@ -1,3 +1,2 @@
 DIST lxc-2.1.1.tar.gz 1378640 BLAKE2B 
5fca516540a886729434579ff99acf3baa06977fa0e0b6f24dbf15094626335fc073597d308276e3dd20e27ceabf1477cc8e99d1fd24cf50b9aed2720b887b69
 SHA512 
2989d57acddfe091adcf8031721c3c9a2f8eff5476bd6155366b76ea7511e0f6120e669276e056e3963863e0f0acf3b095d44c36fa6652e67c197671f28cbdd4
-DIST lxc-3.0.1.tar.gz 1239920 BLAKE2B 
7be668c11d7211540fe7e2fb6318d38eac0d8d493914f4705d097fca4c004a8d2191609d02bd9e1d9204c3c0b9ea937084d3f9050fc841f6d68067af3d19
 SHA512 
f51b0844f61f64d4efc530454eae1fa499f7f1b908bd3b40d7031e7f311a402893a7504bddbc53f2ef9da2b3154d1b047fc4d876b99f0d487d7c79de64eea505
 DIST lxc-3.0.2.tar.gz 1236975 BLAKE2B 
68047f6374b9081fb308586726797ed94fa66b5e94eb3fc12ad1a0aedc15ac1ee518ca5a341db79a715015e34ad38659200ad6aaf21f74639ebb55e7e1360645
 SHA512 
d7f5e3f91e5c8800e3e092ab209158a4d3e3c2816623249aeaaf2e0950428484ac5d1432d71298787721e1419cd962c0798ba14979e62161299fa15a299efde8

diff --git a/app-emulation/lxc/files/lxc-3.0.1-cve-2018-6556.patch 
b/app-emulation/lxc/files/lxc-3.0.1-cve-2018-6556.patch
deleted file mode 100644
index 198e835e6c5..000
--- a/app-emulation/lxc/files/lxc-3.0.1-cve-2018-6556.patch
+++ /dev/null
@@ -1,110 +0,0 @@
-From f2314625c5702cfd25974929599fa439bdac8bdf Mon Sep 17 00:00:00 2001
-From: Christian Brauner 
-Date: Wed, 25 Jul 2018 19:56:54 +0200
-Subject: [PATCH] CVE 2018-6556: verify netns fd in lxc-user-nic
-
-Signed-off-by: Christian Brauner 

- src/lxc/cmd/lxc_user_nic.c | 35 ---
- src/lxc/utils.c| 12 
- src/lxc/utils.h|  5 +
- 3 files changed, 49 insertions(+), 3 deletions(-)
-
-diff --git a/src/lxc/cmd/lxc_user_nic.c b/src/lxc/cmd/lxc_user_nic.c
-index ec9cd97e..c5beb6c8 100644
 a/src/lxc/cmd/lxc_user_nic.c
-+++ b/src/lxc/cmd/lxc_user_nic.c
-@@ -1179,12 +1179,41 @@ int main(int argc, char *argv[])
-   exit(EXIT_FAILURE);
-   }
-   } else if (request == LXC_USERNIC_DELETE) {
--  netns_fd = open(args.pid, O_RDONLY);
-+  char opath[LXC_PROC_PID_FD_LEN];
-+
-+  /* Open the path with O_PATH which will not trigger an actual
-+   * open(). Don't report an errno to the caller to not leak
-+   * information whether the path exists or not.
-+   * When stracing setuid is stripped so this is not a concern
-+   * either.
-+   */
-+  netns_fd = open(args.pid, O_PATH | O_CLOEXEC);
-   if (netns_fd < 0) {
--  usernic_error("Could not open \"%s\": %s\n", args.pid,
--strerror(errno));
-+  usernic_error("Failed to open \"%s\"\n", args.pid);
-+  exit(EXIT_FAILURE);
-+  }
-+
-+  if (!fhas_fs_type(netns_fd, NSFS_MAGIC)) {
-+  usernic_error("Path \"%s\" does not refer to a network 
namespace path\n", args.pid);
-+  close(netns_fd);
-+  exit(EXIT_FAILURE);
-+  }
-+
-+  ret = snprintf(opath, sizeof(opath), "/proc/self/fd/%d", 
netns_fd);
-+  if (ret < 0 || (size_t)ret >= sizeof(opath)) {
-+  close(netns_fd);
-+  exit(EXIT_FAILURE);
-+  }
-+
-+  /* Now get an fd that we can use in setns() calls. */
-+  ret = open(opath, O_RDONLY | O_CLOEXEC);
-+  if (ret < 0) {
-+  usernic_error("Failed to open \"%s\": %s\n", args.pid, 
strerror(errno));
-+  close(netns_fd);
-   exit(EXIT_FAILURE);
-   }
-+  close(netns_fd);
-+  netns_fd = ret;
-   }
- 
-   if (!create_db_dir(LXC_USERNIC_DB)) {
-diff --git a/src/lxc/utils.c b/src/lxc/utils.c
-index 26f1b058..69d362dc 100644
 a/src/lxc/utils.c
-+++ b/src/lxc/utils.c
-@@ -2548,6 +2548,18 @@ bool has_fs_type(const char *path, fs_type_magic 
magic_val)
-   return has_type;
- }
- 
-+bool fhas_fs_type(int fd, fs_type_magic magic_val)
-+{
-+  int ret;
-+

[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/

2018-08-06 Thread Virgil Dupras 
commit: 29dedb39a6a6587a6d71b11444de28f24a98b0bb
Author: Virgil Dupras  gentoo  org>
AuthorDate: Sun Aug  5 15:11:40 2018 +
Commit: Virgil Dupras  gentoo  org>
CommitDate: Mon Aug  6 16:08:11 2018 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=29dedb39

app-emulation/lxc: fix CVE-2018-6556

Apply patches from upstream. In the case of the 2.1.1 patch, I had to
modify it to make the code compile. See ADDENDUM in patch.

Bug: https://bugs.gentoo.org/662780
Package-Manager: Portage-2.3.44, Repoman-2.3.10

 .../lxc/files/lxc-2.1.1-cve-2018-6556.patch| 118 +++
 .../lxc/files/lxc-3.0.1-cve-2018-6556.patch| 110 +++
 app-emulation/lxc/lxc-2.1.1-r1.ebuild  | 215 +
 app-emulation/lxc/lxc-3.0.1-r1.ebuild  | 163 
 4 files changed, 606 insertions(+)

diff --git a/app-emulation/lxc/files/lxc-2.1.1-cve-2018-6556.patch 
b/app-emulation/lxc/files/lxc-2.1.1-cve-2018-6556.patch
new file mode 100644
index 000..bad1e274527
--- /dev/null
+++ b/app-emulation/lxc/files/lxc-2.1.1-cve-2018-6556.patch
@@ -0,0 +1,118 @@
+From d183654ec1a2cd1149bdb92601ccb7246bddb14e Mon Sep 17 00:00:00 2001
+From: Christian Brauner 
+Date: Wed, 25 Jul 2018 19:56:54 +0200
+Subject: [PATCH] CVE 2018-6556: verify netns fd in lxc-user-nic
+
+Signed-off-by: Christian Brauner 
+---
+ src/lxc/lxc_user_nic.c | 35 ---
+ src/lxc/utils.c| 12 
+ src/lxc/utils.h|  5 +
+ 3 files changed, 49 insertions(+), 3 deletions(-)
+
+ADDENDUM from vdup...@gentoo.org: Original patch from Christian didn't
+include LXC_PROC_PID_FD_LEN define, but referenced it. This resulted in
+code that doesn't compile. I fetched the definition from the stable-3.0
+branch and included it to this patch. Also, this diff is regenerated
+from lxc-2.1.1 tag instead of stable-2.0 branch.
+
+diff --git a/src/lxc/lxc_user_nic.c b/src/lxc/lxc_user_nic.c
+index 6f550f0d..09a342ac 100644
+--- a/src/lxc/lxc_user_nic.c
 b/src/lxc/lxc_user_nic.c
+@@ -1124,12 +1124,41 @@ int main(int argc, char *argv[])
+   exit(EXIT_FAILURE);
+   }
+   } else if (request == LXC_USERNIC_DELETE) {
+-  netns_fd = open(args.pid, O_RDONLY);
++  char opath[LXC_PROC_PID_FD_LEN];
++
++  /* Open the path with O_PATH which will not trigger an actual
++   * open(). Don't report an errno to the caller to not leak
++   * information whether the path exists or not.
++   * When stracing setuid is stripped so this is not a concern
++   * either.
++   */
++  netns_fd = open(args.pid, O_PATH | O_CLOEXEC);
+   if (netns_fd < 0) {
+-  usernic_error("Could not open \"%s\": %s\n", args.pid,
+-strerror(errno));
++  usernic_error("Failed to open \"%s\"\n", args.pid);
+   exit(EXIT_FAILURE);
+   }
++
++  if (!fhas_fs_type(netns_fd, NSFS_MAGIC)) {
++  usernic_error("Path \"%s\" does not refer to a network 
namespace path\n", args.pid);
++  close(netns_fd);
++  exit(EXIT_FAILURE);
++  }
++
++  ret = snprintf(opath, sizeof(opath), "/proc/self/fd/%d", 
netns_fd);
++  if (ret < 0 || (size_t)ret >= sizeof(opath)) {
++  close(netns_fd);
++  exit(EXIT_FAILURE);
++  }
++
++  /* Now get an fd that we can use in setns() calls. */
++  ret = open(opath, O_RDONLY | O_CLOEXEC);
++  if (ret < 0) {
++  usernic_error("Failed to open \"%s\": %s\n", args.pid, 
strerror(errno));
++  close(netns_fd);
++  exit(EXIT_FAILURE);
++  }
++  close(netns_fd);
++  netns_fd = ret;
+   }
+ 
+   if (!create_db_dir(LXC_USERNIC_DB)) {
+diff --git a/src/lxc/utils.c b/src/lxc/utils.c
+index e6a44a51..c2a08a9d 100644
+--- a/src/lxc/utils.c
 b/src/lxc/utils.c
+@@ -2380,6 +2380,18 @@ bool has_fs_type(const char *path, fs_type_magic 
magic_val)
+   return has_type;
+ }
+ 
++bool fhas_fs_type(int fd, fs_type_magic magic_val)
++{
++  int ret;
++  struct statfs sb;
++
++  ret = fstatfs(fd, );
++  if (ret < 0)
++  return false;
++
++  return is_fs_type(, magic_val);
++}
++
+ bool lxc_nic_exists(char *nic)
+ {
+ #define __LXC_SYS_CLASS_NET_LEN 15 + IFNAMSIZ + 1
+diff --git a/src/lxc/utils.h b/src/lxc/utils.h
+index e83ed49e..06ec74d7 100644
+--- a/src/lxc/utils.h
 b/src/lxc/utils.h
+@@ -46,11 +46,16 @@
+ #define __S_ISTYPE(mode, mask) (((mode)_IFMT) == (mask))
+ #endif
+ 
++#ifndef NSFS_MAGIC
++#define NSFS_MAGIC 0x6e736673
++#endif
++
+ /* Useful macros */
+ /* Maximum number for 64 bit

[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/

2018-04-25 Thread Matthias Maier 
commit: ba77a0dedea123401b3015213dbcf6e1b9d44471
Author: Virgil Dupras  hardcoded  net>
AuthorDate: Wed Apr 11 01:14:59 2018 +
Commit: Matthias Maier  gentoo  org>
CommitDate: Thu Apr 26 01:35:49 2018 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ba77a0de

app-emulation/lxc: Bump to v3.0.0

Many notable changes:

1. Drop python and lua. Bindings are no longer bundled with LXC and live
in separate packages.

2. Drop cgmanager USE flag. cgmanager isn't supported anymore by
upstream.

3. Remove versionator inherit. It wasn't used.

4. Remove two patches which were simple cherry pick from upstreams.
They're applied upstream now.

5. Remove notice about path change in v1.1. It's been a while, it lost
relevance.

6. Remove start-ephemeral bash completion. Upstream finally removed it
from its own completions.

7. Add "pam" USE flag for the compilation and installation of the new
builtin "pam_cgfs.so" module.

Closes: https://bugs.gentoo.org/652582
Closes: https://github.com/gentoo/gentoo/pull/7934

Package-Manager: Portage-2.3.24, Repoman-2.3.6
Signed-off-by: Matthias Maier  gentoo.org>

 app-emulation/lxc/Manifest |   1 +
 .../lxc/files/lxc-3.0.0-bash-completion.patch  |  27 
 app-emulation/lxc/lxc-3.0.0.ebuild | 169 +
 3 files changed, 197 insertions(+)

diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest
index 5c6a4ead6f8..b6edf39a003 100644
--- a/app-emulation/lxc/Manifest
+++ b/app-emulation/lxc/Manifest
@@ -3,3 +3,4 @@ DIST lxc-1.0.8.tar.gz 575127 BLAKE2B 
246ac7a2b4306c52a741b2f763bcc81dfb27942
 DIST lxc-2.0.7.tar.gz 792557 BLAKE2B 
e5f1e6d8961938200e116527fab8ce341cf285826afdccac88f4bae65ffd649a406dac7555024557f38c4b415a59cd3b5fb255f1dbf015ce01d4975bed3b1c80
 SHA512 
eb48dc800ce43d2f4d46e0cecc4d0a714b3e22c6a4975776b54d17d1d20d5a1411e6b605215282f1f77286ddf22b61c80b86b83752191fc18023894ef7a1c44d
 DIST lxc-2.0.9.tar.gz 1333044 BLAKE2B 
44d405bf933923a020a6aadca9d84cfce04db72ac0ef1a727c83eca8121683419a2e74849f08fb4773010002928b424840fa9ec19ab619e420b1dfb5156de5c6
 SHA512 
c7c595fbc6163e500700b756ae30c96b70d41b9bf297a609622b5d5b8431171ed8db70fa8368c3b9650c86452820e9da7f329f9186ae75c24a7adb15d5826102
 DIST lxc-2.1.1.tar.gz 1378640 BLAKE2B 
5fca516540a886729434579ff99acf3baa06977fa0e0b6f24dbf15094626335fc073597d308276e3dd20e27ceabf1477cc8e99d1fd24cf50b9aed2720b887b69
 SHA512 
2989d57acddfe091adcf8031721c3c9a2f8eff5476bd6155366b76ea7511e0f6120e669276e056e3963863e0f0acf3b095d44c36fa6652e67c197671f28cbdd4
+DIST lxc-3.0.0.tar.gz 1233316 BLAKE2B 
ba726a07f48b1d32366012c8d885a853e33f88d8c45c910b061d9deecf472d940f7d45a1e742c8194517ba3231e1875a49bbf303b2c3fd2c9ece33b941670bb7
 SHA512 
21372e6fe4d38e2cf54707fab4133137793deff1dd500ed7ed02c03bbaa809de56c7490971594cddbdcb2b96f0c03ab5dfb43a8582a584598a12c5943b7ca490

diff --git a/app-emulation/lxc/files/lxc-3.0.0-bash-completion.patch 
b/app-emulation/lxc/files/lxc-3.0.0-bash-completion.patch
new file mode 100644
index 000..2a08eedb1c2
--- /dev/null
+++ b/app-emulation/lxc/files/lxc-3.0.0-bash-completion.patch
@@ -0,0 +1,27 @@
+diff --git a/config/bash/lxc.in b/config/bash/lxc.in
+index 43056882..0a22d4ad 100644
+--- a/config/bash/lxc.in
 b/config/bash/lxc.in
+@@ -1,4 +1,3 @@
+-_have lxc-start && {
+ _lxc_names() {
+ COMPREPLY=( $( compgen -W "$( lxc-ls )" "$cur" ) )
+ }
+@@ -108,4 +107,3 @@ _have lxc-start && {
+ complete -o default -F _lxc_generic_t lxc-create
+ 
+ complete -o default -F _lxc_generic_o lxc-copy
+-}
+diff --git a/configure.ac b/configure.ac
+index 50c99836..0569caec 100644
+--- a/configure.ac
 b/configure.ac
+@@ -395,7 +395,7 @@ AM_CONDITIONAL([ENABLE_BASH], [test "x$enable_bash" = 
"xyes"])
+ AM_COND_IF([ENABLE_BASH],
+   [AC_MSG_CHECKING([bash completion directory])
+   PKG_CHECK_VAR(bashcompdir, [bash-completion], [completionsdir], ,
+-  bashcompdir="${sysconfdir}/bash_completion.d")
++  bashcompdir="$datadir/bash-completion/completions")
+   AC_MSG_RESULT([$bashcompdir])
+   AC_SUBST(bashcompdir)
+   ])

diff --git a/app-emulation/lxc/lxc-3.0.0.ebuild 
b/app-emulation/lxc/lxc-3.0.0.ebuild
new file mode 100644
index 000..2b427710f98
--- /dev/null
+++ b/app-emulation/lxc/lxc-3.0.0.ebuild
@@ -0,0 +1,169 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit autotools bash-completion-r1 linux-info flag-o-matic systemd 
readme.gentoo-r1 pam
+
+DESCRIPTION="LinuX Containers userspace utilities"
+HOMEPAGE="https://linuxcontainers.org/;
+SRC_URI="https://linuxcontainers.org/downloads/lxc/${P}.tar.gz;
+
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86"
+
+LICENSE="LGPL-3"
+SLOT="0"
+IUSE="examples pam seccomp selinux"
+
+RDEPEND="
+   net-libs/gnutls
+   sys-libs/libcap
+   pam? ( virtual/pam )
+   seccomp? ( sys-libs/libseccomp )
+   selinux? (

[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/

2018-01-30 Thread Matthias Maier 
commit: dd450253467dd8d704a398d794d1a704cac81ecc
Author: i.Dark_Templar  dark-templar-archives  net>
AuthorDate: Sun Nov  5 08:50:03 2017 +
Commit: Matthias Maier  gentoo  org>
CommitDate: Tue Jan 30 17:00:12 2018 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dd450253

app-emulation/lxc: bump to version 2.1.1.

[tamiko: regenerate metadata to make remote hook happy]

Closes: https://bugs.gentoo.org/636572
Closes: https://github.com/gentoo/gentoo/pull/6128
Signed-off-by: Matthias Maier  gentoo.org>

 app-emulation/lxc/Manifest |   1 +
 ...ps-enable-container-without-CAP_SYS_ADMIN.patch | 164 +
 .../files/lxc-2.1.1-fix-cgroup2-detection.patch|  26 +++
 app-emulation/lxc/files/lxc.initd.7| 124 +
 app-emulation/lxc/lxc-2.1.1.ebuild | 201 +
 5 files changed, 516 insertions(+)

diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest
index c9008c2d3c8..5c6a4ead6f8 100644
--- a/app-emulation/lxc/Manifest
+++ b/app-emulation/lxc/Manifest
@@ -2,3 +2,4 @@ DIST lxc-1.0.11.tar.gz 850645 BLAKE2B 
1a8eff91d970d3160d5ca7338f4e4d68c722a277a8
 DIST lxc-1.0.8.tar.gz 575127 BLAKE2B 
246ac7a2b4306c52a741b2f763bcc81dfb27942ef93d6a786ed2ea010c646f5a2388407d26425387b8a819cacae927c8512995bf19b11d610e1887ea6470
 SHA512 
f552a4f48bb47d26c6b9ddaf8221a439c0848e3f54ec41b77d54717c21bddd56193941046cc96c699790e8265e762a926469c25ee687adcf7795f2906b1c260a
 DIST lxc-2.0.7.tar.gz 792557 BLAKE2B 
e5f1e6d8961938200e116527fab8ce341cf285826afdccac88f4bae65ffd649a406dac7555024557f38c4b415a59cd3b5fb255f1dbf015ce01d4975bed3b1c80
 SHA512 
eb48dc800ce43d2f4d46e0cecc4d0a714b3e22c6a4975776b54d17d1d20d5a1411e6b605215282f1f77286ddf22b61c80b86b83752191fc18023894ef7a1c44d
 DIST lxc-2.0.9.tar.gz 1333044 BLAKE2B 
44d405bf933923a020a6aadca9d84cfce04db72ac0ef1a727c83eca8121683419a2e74849f08fb4773010002928b424840fa9ec19ab619e420b1dfb5156de5c6
 SHA512 
c7c595fbc6163e500700b756ae30c96b70d41b9bf297a609622b5d5b8431171ed8db70fa8368c3b9650c86452820e9da7f329f9186ae75c24a7adb15d5826102
+DIST lxc-2.1.1.tar.gz 1378640 BLAKE2B 
5fca516540a886729434579ff99acf3baa06977fa0e0b6f24dbf15094626335fc073597d308276e3dd20e27ceabf1477cc8e99d1fd24cf50b9aed2720b887b69
 SHA512 
2989d57acddfe091adcf8031721c3c9a2f8eff5476bd6155366b76ea7511e0f6120e669276e056e3963863e0f0acf3b095d44c36fa6652e67c197671f28cbdd4

diff --git 
a/app-emulation/lxc/files/lxc-2.1.1-cgroups-enable-container-without-CAP_SYS_ADMIN.patch
 
b/app-emulation/lxc/files/lxc-2.1.1-cgroups-enable-container-without-CAP_SYS_ADMIN.patch
new file mode 100644
index 000..8493491d0d6
--- /dev/null
+++ 
b/app-emulation/lxc/files/lxc-2.1.1-cgroups-enable-container-without-CAP_SYS_ADMIN.patch
@@ -0,0 +1,164 @@
+From b635e92d21d2a4d71a553388f18cfa08f44bf1ba Mon Sep 17 00:00:00 2001
+From: Christian Brauner 
+Date: Mon, 30 Oct 2017 14:16:46 +0100
+Subject: [PATCH] cgroups: enable container without CAP_SYS_ADMIN
+
+In case cgroup namespaces are supported but we do not have CAP_SYS_ADMIN we
+need to mount cgroups for the container. This patch enables both privileged and
+unprivileged containers without CAP_SYS_ADMIN.
+
+Closes #1737.
+
+Signed-off-by: Christian Brauner 
+---
+ src/lxc/cgroups/cgfs.c   |  3 ++-
+ src/lxc/cgroups/cgfsng.c | 52 +---
+ src/lxc/cgroups/cgroup.c |  2 +-
+ src/lxc/conf.c   |  3 ---
+ src/lxc/conf.h   |  1 +
+ 5 files changed, 53 insertions(+), 8 deletions(-)
+
+diff --git a/src/lxc/cgroups/cgfs.c b/src/lxc/cgroups/cgfs.c
+index bcbd6613..efd627f0 100644
+--- a/src/lxc/cgroups/cgfs.c
 b/src/lxc/cgroups/cgfs.c
+@@ -1418,11 +1418,12 @@ static bool cgroupfs_mount_cgroup(void *hdata, const 
char *root, int type)
+   struct cgfs_data *cgfs_d;
+   struct cgroup_process_info *info, *base_info;
+   int r, saved_errno = 0;
++  struct lxc_handler *handler = hdata;
+ 
+   if (cgns_supported())
+   return true;
+ 
+-  cgfs_d = hdata;
++  cgfs_d = handler->cgroup_data;
+   if (!cgfs_d)
+   return false;
+   base_info = cgfs_d->info;
+diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c
+index e43edd7d..ec6440c1 100644
+--- a/src/lxc/cgroups/cgfsng.c
 b/src/lxc/cgroups/cgfsng.c
+@@ -50,6 +50,7 @@
+ #include 
+ #include 
+ 
++#include "caps.h"
+ #include "cgroup.h"
+ #include "cgroup_utils.h"
+ #include "commands.h"
+@@ -1616,17 +1617,49 @@ do_secondstage_mounts_if_needed(int type, struct 
hierarchy *h,
+   return 0;
+ }
+ 
++static int mount_cgroup_cgns_supported(struct hierarchy *h, const char 
*controllerpath)
++{
++   int ret;
++   char *controllers = NULL;
++   char *type = "cgroup2";
++
++  if (!h->is_cgroup_v2) {
++  controllers = lxc_string_join(",", (const char 
**)h->controllers, false);
++  if (!controllers)

[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/

2017-12-14 Thread Matthias Maier 
commit: 5bde8835894effb1efaa093dea785343dfcd6a1d
Author: Matthias Maier  gentoo  org>
AuthorDate: Fri Dec 15 01:52:25 2017 +
Commit: Matthias Maier  gentoo  org>
CommitDate: Fri Dec 15 01:55:04 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5bde8835

app-emulation/lxc: major cleanup

 - leave an old 1.0.x (1.0.11) version around for compatibility.
 - remove all unstable, obsolete 2.0.x versions
 - clean up patches

Package-Manager: Portage-2.3.18, Repoman-2.3.6
Signed-off-by: Virgil Dupras  hardcoded.net>

 app-emulation/lxc/Manifest |   5 -
 .../lxc/files/lxc-1.0.8-bash-completion.patch  |  35 
 .../lxc/files/lxc-2.0.3-bash-completion.patch  |  31 
 .../lxc/files/lxc-2.0.3-omit-sysconfig.patch   |   5 -
 .../lxc/files/lxc-2.0.4-bash-completion.patch  |  31 
 .../lxc/files/lxc-2.0.4-omit-sysconfig.patch   |   5 -
 .../lxc/files/lxc-2.0.5-bash-completion.patch  |  31 
 app-emulation/lxc/lxc-1.0.8.ebuild | 188 ---
 app-emulation/lxc/lxc-2.0.3-r1.ebuild  | 196 
 app-emulation/lxc/lxc-2.0.4.ebuild | 200 
 app-emulation/lxc/lxc-2.0.5.ebuild | 200 
 app-emulation/lxc/lxc-2.0.6-r1.ebuild  | 201 -
 12 files changed, 1128 deletions(-)

diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest
index b425522f07c..265bac0824f 100644
--- a/app-emulation/lxc/Manifest
+++ b/app-emulation/lxc/Manifest
@@ -1,8 +1,3 @@
 DIST lxc-1.0.11.tar.gz 850645 BLAKE2B 
1a8eff91d970d3160d5ca7338f4e4d68c722a277a804396e7c30b34dbf4aeccc0609982940bb660992880078167cdf3382a55af404b3e52ebe8cd8af104b1efc
 SHA512 
5537e61a286cfce3c763b81eec625538c796ea1e8f5e94c5a28fc8964762c8c0efa7983a188d521bf3420a42569d7124e6587950bc90b79583fa42cc8e2f8f74
-DIST lxc-1.0.8.tar.gz 575127 BLAKE2B 
246ac7a2b4306c52a741b2f763bcc81dfb27942ef93d6a786ed2ea010c646f5a2388407d26425387b8a819cacae927c8512995bf19b11d610e1887ea6470
 SHA512 
f552a4f48bb47d26c6b9ddaf8221a439c0848e3f54ec41b77d54717c21bddd56193941046cc96c699790e8265e762a926469c25ee687adcf7795f2906b1c260a
-DIST lxc-2.0.3.tar.gz 772448 BLAKE2B 
2336edea328a0ac033f2183386a2907ee8a088032b089c073ae8bbce6f54c55788288be85fe35a0b547976d5868abc31b27ffe5a5049e8769350c2b48dd9310c
 SHA512 
df714f189ec7aa681710fbd58405b8958740102032c0130d8a0eaaae0341a9bc91a215136203c404ad79773800f620bf6f71f811b3effe559aed66efa4f34fef
-DIST lxc-2.0.4.tar.gz 775634 BLAKE2B 
9699ae598c3dfddf458f62ca154a4ec75c3510d8dc0be98ebb6b10a30b21ec5e56ff9ec20615c0104a92124c4833e9439f88d04e0312a7c82f79ed7b6f802bbd
 SHA512 
3f985bba5aaa8a70f0329316ea4f42ab135d58c47611154c62e103718212a4b2c5e4f25fd45c372424db1fbf40afdc8269ae98655fb3bc8e31085a5d948f702b
-DIST lxc-2.0.5.tar.gz 778842 BLAKE2B 
02015ece79c2d0f3d0028b004c56042e12d40993ac0fff3c56c747de542debb33c32256d66d266fa99b4263fecaa8bb77c5cc48dbf6e9ca322f87613c2099821
 SHA512 
8e14036597fa3407c87fb92d13b40bbca9a646d27d817e0a9d20fe626625d6cf04a1df65b1a723391d41a311b9f4f3432b3213004892d64355fe0edc7858cb9f
-DIST lxc-2.0.6.tar.gz 788483 BLAKE2B 
2b147f1699ad8cef9f7cae6e674af072fd92b017e94567dc8d50fad00a6ba75562dfd984b85d1b648aec059533a378b2212fef4be70941dfa3bd69ec1f53fb13
 SHA512 
f44c0498876462d78e57d19816eab666e90470badc2bbd38fed9f504e8b21c3e68e4d0f63a8676fa8716be60481befb3db44098228fd71b480972af2b5dcf1e3
 DIST lxc-2.0.7.tar.gz 792557 BLAKE2B 
e5f1e6d8961938200e116527fab8ce341cf285826afdccac88f4bae65ffd649a406dac7555024557f38c4b415a59cd3b5fb255f1dbf015ce01d4975bed3b1c80
 SHA512 
eb48dc800ce43d2f4d46e0cecc4d0a714b3e22c6a4975776b54d17d1d20d5a1411e6b605215282f1f77286ddf22b61c80b86b83752191fc18023894ef7a1c44d
 DIST lxc-2.0.8.tar.gz 1308705 BLAKE2B 
044e82e182f4ca325da237b888ff16b0469eb11ecdab2ed55f5e9372e84d816ec30edee28ef1473aaa7211a9d9aee0d26f45f169320551e45098da9de7a74104
 SHA512 
ed9fd47e92007f433695cffea659180866a5ac2778712f4eb13b6629bb18292589f5b674b734853ca196ba1f6d38bdbf3cc8a2bb28e25d3540b06b945fcf9096

diff --git a/app-emulation/lxc/files/lxc-1.0.8-bash-completion.patch 
b/app-emulation/lxc/files/lxc-1.0.8-bash-completion.patch
deleted file mode 100644
index e9e0e6c98df..000
--- a/app-emulation/lxc/files/lxc-1.0.8-bash-completion.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-Index: lxc-lxc-1.0.8/config/bash/Makefile.am
-===
 lxc-lxc-1.0.8.orig/config/bash/Makefile.am
-+++ lxc-lxc-1.0.8/config/bash/Makefile.am
-@@ -2,12 +2,12 @@ EXTRA_DIST = lxc
- 
- if ENABLE_BASH
- install-bash:
--  $(MKDIR_P) $(DESTDIR)$(sysconfdir)/bash_completion.d/
--  $(INSTALL_DATA) lxc $(DESTDIR)$(sysconfdir)/bash_completion.d/
-+  $(MKDIR_P) $(DESTDIR)$(datarootdir)/bash-completion/completions/
-+  $(INSTALL_DATA) lxc 
$(DESTDIR)$(datarootdir)/bash-completion/completions/
- 
- uninstall-bash:
--  rm -f $(DESTDIR)$(sysconfdir)/bash_completion.d/lxc
--

[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/

2016-12-03 Thread Yixun Lan 
commit: 2891603788e6f92f8c58ea74d26a48e62c3c21ab
Author: Yixun Lan  gentoo  org>
AuthorDate: Sat Dec  3 13:30:30 2016 +
Commit: Yixun Lan  gentoo  org>
CommitDate: Sat Dec  3 13:38:51 2016 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=28916037

app-emulation/lxc: version bump

rework bashcomp patch to make 2.0.6 happy

Package-Manager: portage-2.3.2

 app-emulation/lxc/Manifest |   1 +
 .../lxc/files/lxc-2.0.6-bash-completion.patch  |  27 +++
 app-emulation/lxc/lxc-2.0.6.ebuild | 200 +
 3 files changed, 228 insertions(+)

diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest
index 155b6f9..075d3bf 100644
--- a/app-emulation/lxc/Manifest
+++ b/app-emulation/lxc/Manifest
@@ -3,3 +3,4 @@ DIST lxc-1.0.8.tar.gz 575127 SHA256 
399ac3eb4e0a89d657fb2e2a57f686ed061d3f1ea473
 DIST lxc-2.0.3.tar.gz 772448 SHA256 
635afa330088fea57883018da326fc72f85460b5a6c7802ad68044381aff14f3 SHA512 
df714f189ec7aa681710fbd58405b8958740102032c0130d8a0eaaae0341a9bc91a215136203c404ad79773800f620bf6f71f811b3effe559aed66efa4f34fef
 WHIRLPOOL 
89ce2f6762c7279e24658c1154b5c2960d3db32e0ec3724b338f5d30da77cc0b33a2376e5eebe6d9c356bdd34c2aa9da1e2434aecd7e428fa4b729389e35b862
 DIST lxc-2.0.4.tar.gz 775634 SHA256 
57d40234aeecf5b60fb29d563e5a09d6a04c89e1267eb22a6704388ac8573e7b SHA512 
3f985bba5aaa8a70f0329316ea4f42ab135d58c47611154c62e103718212a4b2c5e4f25fd45c372424db1fbf40afdc8269ae98655fb3bc8e31085a5d948f702b
 WHIRLPOOL 
b001c75d67d676e75b203d789cf2c0643ba9a47aa31965441340b66f28e18371415b9d44ce752e35102bc8677688eec6e586d800a33a2a965c8a046c091ebc06
 DIST lxc-2.0.5.tar.gz 778842 SHA256 
1f1c491b2ad5e74a85b8eb791ccac8128e6eaf5ddcc1323e9360997c030f7072 SHA512 
8e14036597fa3407c87fb92d13b40bbca9a646d27d817e0a9d20fe626625d6cf04a1df65b1a723391d41a311b9f4f3432b3213004892d64355fe0edc7858cb9f
 WHIRLPOOL 
fa6ac86d67fe563f92411cbd09a0d66d729a0a15fe48076b42f4b3996e6b786826990bd51382c14606fd1b5240d413bc8d217fac37becd9baccd89de15d30b22
+DIST lxc-2.0.6.tar.gz 788483 SHA256 
8723ef5973a47e7b2c439002c28590d74689e871d36f03089965503c0c0d50b2 SHA512 
f44c0498876462d78e57d19816eab666e90470badc2bbd38fed9f504e8b21c3e68e4d0f63a8676fa8716be60481befb3db44098228fd71b480972af2b5dcf1e3
 WHIRLPOOL 
5bb2648637a46e3547edeba2ad46eb131b2ae194f5efe52a688157cfa3f361f51a832554a94bcd47074e65cbf8d1e1119d23548bdf83ca62c131400c40aff34a

diff --git a/app-emulation/lxc/files/lxc-2.0.6-bash-completion.patch 
b/app-emulation/lxc/files/lxc-2.0.6-bash-completion.patch
new file mode 100644
index ..6033e36
--- /dev/null
+++ b/app-emulation/lxc/files/lxc-2.0.6-bash-completion.patch
@@ -0,0 +1,27 @@
+diff --git a/config/bash/lxc.in b/config/bash/lxc.in
+index 7dcf302..5927fe2 100644
+--- a/config/bash/lxc.in
 b/config/bash/lxc.in
+@@ -1,4 +1,3 @@
+-_have lxc-start && {
+ _lxc_names() {
+ COMPREPLY=( $( compgen -W "$( lxc-ls )" "$cur" ) )
+ }
+@@ -100,4 +99,3 @@ _have lxc-start && {
+ 
+ complete -o default -F _lxc_generic_o lxc-copy
+ complete -o default -F _lxc_generic_o lxc-start-ephemeral
+-}
+diff --git a/configure.ac b/configure.ac
+index 4640c0d..14ccdd3 100644
+--- a/configure.ac
 b/configure.ac
+@@ -478,7 +478,7 @@ AM_CONDITIONAL([ENABLE_BASH], [test "x$enable_bash" = 
"xyes"])
+ AM_COND_IF([ENABLE_BASH],
+   [AC_MSG_CHECKING([bash completion directory])
+   PKG_CHECK_VAR(bashcompdir, [bash-completion], [completionsdir], ,
+-  bashcompdir="${sysconfdir}/bash_completion.d")
++  bashcompdir="$datadir/bash-completion/completions")
+   AC_MSG_RESULT([$bashcompdir])
+   AC_SUBST(bashcompdir)
+   ])

diff --git a/app-emulation/lxc/lxc-2.0.6.ebuild 
b/app-emulation/lxc/lxc-2.0.6.ebuild
new file mode 100644
index ..11e2839
--- /dev/null
+++ b/app-emulation/lxc/lxc-2.0.6.ebuild
@@ -0,0 +1,200 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="6"
+
+MY_P="${P/_/-}"
+PYTHON_COMPAT=( python{3_4,3_5} )
+DISTUTILS_OPTIONAL=1
+
+inherit autotools bash-completion-r1 distutils-r1 linux-info versionator 
flag-o-matic systemd
+
+DESCRIPTION="LinuX Containers userspace utilities"
+HOMEPAGE="https://linuxcontainers.org/;
+SRC_URI="https://github.com/lxc/lxc/archive/${MY_P}.tar.gz;
+
+KEYWORDS="~amd64 ~arm ~arm64"
+
+LICENSE="LGPL-3"
+SLOT="0"
+IUSE="cgmanager doc examples lua python seccomp"
+
+RDEPEND="net-libs/gnutls
+   sys-libs/libcap
+   cgmanager? ( app-admin/cgmanager )
+   lua? ( >=dev-lang/lua-5.1:= )
+   python? ( ${PYTHON_DEPS} )
+   seccomp? ( sys-libs/libseccomp )"
+
+DEPEND="${RDEPEND}
+   doc? ( app-text/docbook-sgml-utils )
+   >=sys-kernel/linux-headers-3.2"
+
+RDEPEND="${RDEPEND}
+   sys-process/criu
+   sys-apps/util-linux
+   app-misc/pax-utils
+   virtual/awk"
+
+CONFIG_CHECK="~CGROUPS ~CGROUP_DEVICE
+   ~CPUSETS ~CGROUP_CPUACCT
+   ~CGROUP_SCHED
+

[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/

2016-09-04 Thread Erik Mackdanz 
commit: 7ff4458b663f7af03854c75f020e4fb60b68ab09
Author: Erik Mackdanz  gentoo  org>
AuthorDate: Sun Sep  4 15:28:43 2016 +
Commit: Erik Mackdanz  gentoo  org>
CommitDate: Sun Sep  4 15:29:40 2016 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7ff4458b

app-emulation/lxc: bump to 2.0.4

EAPI=6.  Also add a condition around a removed kernel
config option.

Package-Manager: portage-2.3.0

 app-emulation/lxc/Manifest |   1 +
 .../lxc/files/lxc-2.0.4-bash-completion.patch  |  31 
 .../lxc/files/lxc-2.0.4-omit-sysconfig.patch   |   5 +
 app-emulation/lxc/lxc-2.0.4.ebuild | 201 +
 4 files changed, 238 insertions(+)

diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest
index 3260e04..fe865f9 100644
--- a/app-emulation/lxc/Manifest
+++ b/app-emulation/lxc/Manifest
@@ -1,3 +1,4 @@
 DIST lxc-1.0.7.tar.gz 564985 SHA256 
a0b1b09592e076e270dcb3ba004616d9ac3147f9de0b78ca39a30f8956b0a8f2 SHA512 
e6ff42a7b41177e1be0d2cd47d4c554565c7fc35355f3aa8aeba00d4adc7a0f364ecd060ddb6c97b2fe5968329c4e4c4b3cb022bffd2da145f30880f077264a8
 WHIRLPOOL 
f07e5e9efb8ff394aa9cdd6c3e725b453c8137ec221399cbf910d57dbc9268fc84e7227273567792821415dc14e774942b76a58a1a478de57d5c82e545702000
 DIST lxc-1.0.8.tar.gz 575127 SHA256 
399ac3eb4e0a89d657fb2e2a57f686ed061d3f1ea4733e7521b1539e9906c7ee SHA512 
f552a4f48bb47d26c6b9ddaf8221a439c0848e3f54ec41b77d54717c21bddd56193941046cc96c699790e8265e762a926469c25ee687adcf7795f2906b1c260a
 WHIRLPOOL 
72cd0b8b0345692dd9a3ed8785ee27f5e575794a96c515db1f1d073c29be4c06ae8c1ee24fa375a5ede2bba2494704916710b2e8814ed991d43330a40dff3d56
 DIST lxc-2.0.3.tar.gz 772448 SHA256 
635afa330088fea57883018da326fc72f85460b5a6c7802ad68044381aff14f3 SHA512 
df714f189ec7aa681710fbd58405b8958740102032c0130d8a0eaaae0341a9bc91a215136203c404ad79773800f620bf6f71f811b3effe559aed66efa4f34fef
 WHIRLPOOL 
89ce2f6762c7279e24658c1154b5c2960d3db32e0ec3724b338f5d30da77cc0b33a2376e5eebe6d9c356bdd34c2aa9da1e2434aecd7e428fa4b729389e35b862
+DIST lxc-2.0.4.tar.gz 775634 SHA256 
57d40234aeecf5b60fb29d563e5a09d6a04c89e1267eb22a6704388ac8573e7b SHA512 
3f985bba5aaa8a70f0329316ea4f42ab135d58c47611154c62e103718212a4b2c5e4f25fd45c372424db1fbf40afdc8269ae98655fb3bc8e31085a5d948f702b
 WHIRLPOOL 
b001c75d67d676e75b203d789cf2c0643ba9a47aa31965441340b66f28e18371415b9d44ce752e35102bc8677688eec6e586d800a33a2a965c8a046c091ebc06

diff --git a/app-emulation/lxc/files/lxc-2.0.4-bash-completion.patch 
b/app-emulation/lxc/files/lxc-2.0.4-bash-completion.patch
new file mode 100644
index ..6feb4c2
--- /dev/null
+++ b/app-emulation/lxc/files/lxc-2.0.4-bash-completion.patch
@@ -0,0 +1,31 @@
+--- /config/bash/Makefile.am.orig  2016-05-18 20:40:42.238487678 +
 /config/bash/Makefile.am   2016-05-18 20:43:02.163497779 +
+@@ -2,12 +2,12 @@
+ 
+ if ENABLE_BASH
+ install-bash:
+-  $(MKDIR_P) $(DESTDIR)$(sysconfdir)/bash_completion.d/
+-  $(INSTALL_DATA) lxc $(DESTDIR)$(sysconfdir)/bash_completion.d/
++  $(MKDIR_P) $(DESTDIR)$(datarootdir)/bash-completion/completions/
++  $(INSTALL_DATA) lxc 
$(DESTDIR)$(datarootdir)/bash-completion/completions/
+ 
+ uninstall-bash:
+-  rm -f $(DESTDIR)$(sysconfdir)/bash_completion.d/lxc
+-  rmdir $(DESTDIR)$(sysconfdir)/bash_completion.d/ || :
++  rm -f $(DESTDIR)$(datarootdir)/bash-completion/completions/lxc
++  rmdir $(DESTDIR)$(datarootdir)/bash-completion/completions/ || :
+ 
+ install-data-local: install-bash
+ uninstall-local: uninstall-bash
+--- /config/bash/lxc.in.orig   2016-05-18 20:40:51.079488316 +
 /config/bash/lxc.in2016-05-18 20:45:03.506506538 +
+@@ -1,4 +1,3 @@
+-_have lxc-start && {
+ _lxc_names() {
+ COMPREPLY=( $( compgen -W "$( lxc-ls )" "$cur" ) )
+ }
+@@ -100,4 +99,3 @@
+ 
+ complete -o default -F _lxc_generic_o lxc-copy
+ complete -o default -F _lxc_generic_o lxc-start-ephemeral
+-}

diff --git a/app-emulation/lxc/files/lxc-2.0.4-omit-sysconfig.patch 
b/app-emulation/lxc/files/lxc-2.0.4-omit-sysconfig.patch
new file mode 100644
index ..3ec8135
--- /dev/null
+++ b/app-emulation/lxc/files/lxc-2.0.4-omit-sysconfig.patch
@@ -0,0 +1,5 @@
+--- /config/Makefile.am.orig   2016-05-19 02:56:11.891113982 +
 /config/Makefile.am2016-05-19 02:56:32.596115476 +
+@@ -1 +1 @@
+-SUBDIRS = apparmor bash etc init selinux templates yum sysconfig
++SUBDIRS = apparmor bash etc init selinux templates yum

diff --git a/app-emulation/lxc/lxc-2.0.4.ebuild 
b/app-emulation/lxc/lxc-2.0.4.ebuild
new file mode 100644
index ..452f249
--- /dev/null
+++ b/app-emulation/lxc/lxc-2.0.4.ebuild
@@ -0,0 +1,201 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="6"
+
+MY_P="${P/_/-}"
+PYTHON_COMPAT=( python{3_3,3_4,3_5} )
+DISTUTILS_OPTIONAL=1
+
+inherit autotools bash-completion-r1 distutils-r1 linux-info versionator 
flag-o-matic

[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/

2016-07-13 Thread Erik Mackdanz 
commit: 181fa35d157157f02add732e0b338c6127b51338
Author: Erik Mackdanz  gentoo  org>
AuthorDate: Thu Jul 14 02:31:33 2016 +
Commit: Erik Mackdanz  gentoo  org>
CommitDate: Thu Jul 14 02:31:33 2016 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=181fa35d

app-emulation/lxc: Revbump to repair unit file

Gentoo-bug: 588740

Package-Manager: portage-2.3.0

 app-emulation/lxc/files/lxc.initd.5  | 119 +++
 app-emulation/lxc/files/lxc_at.service.4 |  14 +++
 app-emulation/lxc/lxc-2.0.3-r1.ebuild| 197 +++
 3 files changed, 330 insertions(+)

diff --git a/app-emulation/lxc/files/lxc.initd.5 
b/app-emulation/lxc/files/lxc.initd.5
new file mode 100644
index 000..e5a5236
--- /dev/null
+++ b/app-emulation/lxc/files/lxc.initd.5
@@ -0,0 +1,119 @@
+#!/sbin/openrc-run
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+CONTAINER=${SVCNAME#*.}
+
+LXC_PATH=`lxc-config lxc.lxcpath`
+
+lxc_get_configfile() {
+   if [ -f "${LXC_PATH}/${CONTAINER}.conf" ]; then
+   echo "${LXC_PATH}/${CONTAINER}.conf"
+   elif [ -f "${LXC_PATH}/${CONTAINER}/config" ]; then
+   echo "${LXC_PATH}/${CONTAINER}/config"
+   else
+   eerror "Unable to find a suitable configuration file."
+   eerror "If you set up the container in a non-standard"
+   eerror "location, please set the CONFIGFILE variable."
+   return 1
+   fi
+}
+
+[ $CONTAINER != $SVCNAME ] && CONFIGFILE=${CONFIGFILE:-$(lxc_get_configfile)}
+
+lxc_get_var() {
+   awk 'BEGIN { FS="[ \t]*=[ \t]*" } $1 == "'$1'" { print $2; exit }' 
${CONFIGFILE}
+}
+
+lxc_get_net_link_type() {
+   awk 'BEGIN { FS="[ \t]*=[ \t]*"; _link=""; _type="" }
+   $1 == "lxc.network.type" {_type=$2;}
+   $1 == "lxc.network.link" {_link=$2;}
+   {if(_link != "" && _type != ""){
+   printf("%s:%s\n", _link, _type );
+   _link=""; _type="";
+   }; }' <${CONFIGFILE}
+}
+
+checkconfig() {
+   if [ ${CONTAINER} = ${SVCNAME} ]; then
+   eerror "You have to create an init script for each container:"
+   eerror " ln -s lxc /etc/init.d/lxc.container"
+   return 1
+   fi
+
+   # no need to output anything, the function takes care of that.
+   [ -z "${CONFIGFILE}" ] && return 1
+
+   utsname=$(lxc_get_var lxc.utsname)
+   if [ ${CONTAINER} != ${utsname} ]; then
+   eerror "You should use the same name for the service and the"
+   eerror "container. Right now the container is called ${utsname}"
+   return 1
+   fi
+}
+
+depend() {
+   # be quiet, since we have to run depend() also for the
+   # non-muxed init script, unfortunately.
+   checkconfig 2>/dev/null || return 0
+
+   config ${CONFIGFILE}
+   need localmount
+   use lxcfs
+
+   local _x _if
+   for _x in $(lxc_get_net_link_type); do
+   _if=${_x%:*}
+   case "${_x##*:}" in
+   # when the network type is set to phys, we can make use 
of a
+   # network service (for instance to set it up before we 
disable
+   # the net_admin capability), but we might also not set 
it up
+   # at all on the host and leave the net_admin capable 
service
+   # to take care of it.
+   phys)   use net.${_if} ;;
+   *)  need net.${_if} ;;
+   esac
+   done
+}
+
+start() {
+   checkconfig || return 1
+   rm -f /var/log/lxc/${CONTAINER}.log
+
+   rootpath=$(lxc_get_var lxc.rootfs)
+
+   # Check the format of our init and the chroot's init, to see
+   # if we have to use linux32 or linux64; always use setarch
+   # when required, as that makes it easier to deal with
+   # x32-based containers.
+   case $(scanelf -BF '%a#f' ${rootpath}/sbin/init) in
+   EM_X86_64)  setarch=linux64;;
+   EM_386) setarch=linux32;;
+   esac
+
+   ebegin "Starting ${CONTAINER}"
+   env -i ${setarch} $(which lxc-start) -l WARN -n ${CONTAINER} -f 
${CONFIGFILE} -d -o /var/log/lxc/${CONTAINER}.log
+   sleep 0.5
+
+   # lxc-start -d will _always_ report a correct startup, even if it
+   # failed, so rather than trust that, check that the cgroup exists.
+   [ -d /sys/fs/cgroup/cpuset/lxc/${CONTAINER} ]
+   eend $?
+}
+
+stop() {
+   checkconfig || return 1
+
+
+   if ! [ -d /sys/fs/cgroup/cpuset/lxc/${CONTAINER} ]; then
+   ewarn "${CONTAINER} doesn't seem to be started."
+   return 0
+   fi
+
+   # 10s should be enough to shut everything down
+   ebegin "Stopping ${CONTAINER}"
+   lxc-stop -t 10 -n ${CONTAINER}
+   eend $?
+}

diff --git

[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/

2016-05-18 Thread Erik Mackdanz 
commit: b67a58f568f1f4077c7d9a12cc7b9e70b287e9c0
Author: Erik Mackdanz  gentoo  org>
AuthorDate: Thu May 19 04:24:59 2016 +
Commit: Erik Mackdanz  gentoo  org>
CommitDate: Thu May 19 04:24:59 2016 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b67a58f5

app-emulation/lxc: version bump to 2.0.1

Gentoo-bug: 558854, 575352, 580864, 582018

Package-Manager: portage-2.2.28

 app-emulation/lxc/Manifest |   1 +
 .../lxc/files/lxc-2.0.1-bash-completion.patch  |  31 
 .../lxc/files/lxc-2.0.1-omit-sysconfig.patch   |   5 +
 app-emulation/lxc/files/lxc.initd.4| 119 
 app-emulation/lxc/files/lxc_at.service.3   |  15 ++
 app-emulation/lxc/lxc-2.0.1.ebuild | 200 +
 6 files changed, 371 insertions(+)

diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest
index 4e61c43..ef86569 100644
--- a/app-emulation/lxc/Manifest
+++ b/app-emulation/lxc/Manifest
@@ -7,3 +7,4 @@ DIST lxc-1.1.2.tar.gz 597158 SHA256 
f22fcf2659ca98dfe864e632374de98c42cdf465d0c6
 DIST lxc-1.1.3.tar.gz 599889 SHA256 
b75fb8e376d3313e152f31fb7372b68f33a953a12191a39de4cded04fff94300 SHA512 
cafa4fbe4fe23b8c0b98007a79f20899c4a3b98c51d797b9c16e38dfec1eee5a513b58621308fe6551707d38028d9e5bd78ade8822691ffe4a7a369b10a48dda
 WHIRLPOOL 
04ad57d8b189ab089b27adad8e511dcc2e5c563505f8134323ac9d738283bd5d0d929ebadeb69cd49ea68ea3e182f22c72590505cbf6f9d8438112e46909e1b5
 DIST lxc-1.1.4.tar.gz 604167 SHA256 
b087baf5ac4b94618388e6e759d9cdafcf5c98ed67bf9012ee9660076f9fb0d1 SHA512 
b239c285b68ddb25c165e998307d69b368bb802e89c1e26de9daab956ffc05cb8e80bf7c796233552b08a57d1cc37c22777bb7a7469db111582184ee13272c93
 WHIRLPOOL 
2d69d0540c15274627cdbd0f1944a119b601e1298b9328ba336beae0aa6bffd62dfdf85af82f54c3926489e19b4cee7eaa6c35bcfb72e4b3904f85102055ae85
 DIST lxc-1.1.5.tar.gz 607219 SHA256 
eefce4cc679656cb8636bf0849f3ba6981c48167884e13dbcb377820a717c09c SHA512 
e48ab549f1317afcb5f7768ab988ba27a3e9f1458504e1d70b2e27c502233e7b3538b8ce0b79940140a59a37681bcd8e459416e814f9e4814a4ed86b89e8df1c
 WHIRLPOOL 
0d65ec400913b3298517ba0cb50e064b894d8b26cbd331662e11caee285a37aa1e0d1e4623b69e75585c4369544ca02ff97db90d5127c697cd53fde87d2bc968
+DIST lxc-2.0.1.tar.gz 772083 SHA256 
543b927e0be6df256562afe05281552645c78c4a9c0881bf313e31ae13679a29 SHA512 
f64cc7167bfed1cc74689bf7d9a5b1ad5b957d5791529c8319c55d2cc671dbd00df9c08fb8f10f73c0d77465a54eb4c98c980e66dd888f52c7670640c6bbf78f
 WHIRLPOOL 
a4d25a6733200fcc488b90c34715af8d5d9cd53632f8c82085e5dfe0216500c4714414b616bddda82f4ee014525fd222604d9d46d385658147e411060632f748

diff --git a/app-emulation/lxc/files/lxc-2.0.1-bash-completion.patch 
b/app-emulation/lxc/files/lxc-2.0.1-bash-completion.patch
new file mode 100644
index 000..9ef6013
--- /dev/null
+++ b/app-emulation/lxc/files/lxc-2.0.1-bash-completion.patch
@@ -0,0 +1,31 @@
+--- lxc-lxc-2.0.1/config/bash/Makefile.am.orig 2016-05-18 20:40:42.238487678 
+
 lxc-lxc-2.0.1/config/bash/Makefile.am  2016-05-18 20:43:02.163497779 
+
+@@ -2,12 +2,12 @@
+ 
+ if ENABLE_BASH
+ install-bash:
+-  $(MKDIR_P) $(DESTDIR)$(sysconfdir)/bash_completion.d/
+-  $(INSTALL_DATA) lxc $(DESTDIR)$(sysconfdir)/bash_completion.d/
++  $(MKDIR_P) $(DESTDIR)$(datarootdir)/bash-completion/completions/
++  $(INSTALL_DATA) lxc 
$(DESTDIR)$(datarootdir)/bash-completion/completions/
+ 
+ uninstall-bash:
+-  rm -f $(DESTDIR)$(sysconfdir)/bash_completion.d/lxc
+-  rmdir $(DESTDIR)$(sysconfdir)/bash_completion.d/ || :
++  rm -f $(DESTDIR)$(datarootdir)/bash-completion/completions/lxc
++  rmdir $(DESTDIR)$(datarootdir)/bash-completion/completions/ || :
+ 
+ install-data-local: install-bash
+ uninstall-local: uninstall-bash
+--- lxc-lxc-2.0.1/config/bash/lxc.in.orig  2016-05-18 20:40:51.079488316 
+
 lxc-lxc-2.0.1/config/bash/lxc.in   2016-05-18 20:45:03.506506538 +
+@@ -1,4 +1,3 @@
+-_have lxc-start && {
+ _lxc_names() {
+ COMPREPLY=( $( compgen -W "$( lxc-ls )" "$cur" ) )
+ }
+@@ -100,4 +99,3 @@
+ 
+ complete -o default -F _lxc_generic_o lxc-copy
+ complete -o default -F _lxc_generic_o lxc-start-ephemeral
+-}

diff --git a/app-emulation/lxc/files/lxc-2.0.1-omit-sysconfig.patch 
b/app-emulation/lxc/files/lxc-2.0.1-omit-sysconfig.patch
new file mode 100644
index 000..9b83a3b
--- /dev/null
+++ b/app-emulation/lxc/files/lxc-2.0.1-omit-sysconfig.patch
@@ -0,0 +1,5 @@
+--- lxc-lxc-2.0.1/config/Makefile.am.orig  2016-05-19 02:56:11.891113982 
+
 lxc-lxc-2.0.1/config/Makefile.am   2016-05-19 02:56:32.596115476 +
+@@ -1 +1 @@
+-SUBDIRS = apparmor bash etc init selinux templates yum sysconfig
++SUBDIRS = apparmor bash etc init selinux templates yum

diff --git a/app-emulation/lxc/files/lxc.initd.4 
b/app-emulation/lxc/files/lxc.initd.4
new file mode 100644
index 000..c8325bc
--- /dev/null
+++ b/app-emulation/lxc/files/lxc.initd.4
@@ -0,0 +1,119 @@
+#!/sbin/runscript
+#

[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/

2015-12-06 Thread Markos Chandras 
commit: e5087471168deb08473cbbd2d1b62d4758e99110
Author: Markos Chandras  gentoo  org>
AuthorDate: Sun Dec  6 16:49:09 2015 +
Commit: Markos Chandras  gentoo  org>
CommitDate: Sun Dec  6 18:54:07 2015 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e5087471

app-emulation/lxc: Version bump. Bug #565688

Package-Manager: portage-2.2.26

 app-emulation/lxc/Manifest |   2 +
 .../lxc/files/lxc-1.0.8-bash-completion.patch  |  35 
 app-emulation/lxc/lxc-1.0.8.ebuild | 189 
 app-emulation/lxc/lxc-1.1.5.ebuild | 198 +
 4 files changed, 424 insertions(+)

diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest
index 59c2136..4e61c43 100644
--- a/app-emulation/lxc/Manifest
+++ b/app-emulation/lxc/Manifest
@@ -1,7 +1,9 @@
 DIST lxc-1.0.6.tar.gz 561249 SHA256 
2aea199a89e2cd946f93406af6c3f62844f36954b79a6991b36d2c33022cb11c SHA512 
fe85ccb57865d86704df6b4b79d60f31892785b07dc9dd2580cc6c384c89c29c23516e906b7a16bc03c6582c1fb2432bb8ff11bd17c09efa8f6a035fb41f46b1
 WHIRLPOOL 
9e77453fbe31523a2e8f39cfaba6f09fef68d00b54549167a0cde56c00934f827f5b4190b9fb64242f36782a9fcda63e6796c35fd47420870c2cee7b9bc0a1c8
 DIST lxc-1.0.7.tar.gz 564985 SHA256 
a0b1b09592e076e270dcb3ba004616d9ac3147f9de0b78ca39a30f8956b0a8f2 SHA512 
e6ff42a7b41177e1be0d2cd47d4c554565c7fc35355f3aa8aeba00d4adc7a0f364ecd060ddb6c97b2fe5968329c4e4c4b3cb022bffd2da145f30880f077264a8
 WHIRLPOOL 
f07e5e9efb8ff394aa9cdd6c3e725b453c8137ec221399cbf910d57dbc9268fc84e7227273567792821415dc14e774942b76a58a1a478de57d5c82e545702000
+DIST lxc-1.0.8.tar.gz 575127 SHA256 
399ac3eb4e0a89d657fb2e2a57f686ed061d3f1ea4733e7521b1539e9906c7ee SHA512 
f552a4f48bb47d26c6b9ddaf8221a439c0848e3f54ec41b77d54717c21bddd56193941046cc96c699790e8265e762a926469c25ee687adcf7795f2906b1c260a
 WHIRLPOOL 
72cd0b8b0345692dd9a3ed8785ee27f5e575794a96c515db1f1d073c29be4c06ae8c1ee24fa375a5ede2bba2494704916710b2e8814ed991d43330a40dff3d56
 DIST lxc-1.1.0.tar.gz 592543 SHA256 
216e806f7e18e5bfbc782493a9e44fc255f24a587d6faee94cda848a0b949155 SHA512 
160da88d6dc96cd9f0679f948bfed057c024adcd459fa4b79e872d12284fa3774ac33a13923c6e150072886a371ccfcdf7ab2c4587efa7f6175fc91a67525c4a
 WHIRLPOOL 
2caf81418850ea8b1ecf25b25e799895563ecf1819f32310fcbb4efe88f711eafe2bcb16a0d3b8ee59072c770a5520b4df90a5962215b932e68a4705c4a56d61
 DIST lxc-1.1.1.tar.gz 594112 SHA256 
64951fdd39df2bea083bb5a8ac35a7390daf2dc7753d8fce33138129892ef672 SHA512 
8af3fb43127b57de4e252baf5cb387270955062ff3838e4807a93d04520ca23f0457913bc8274da51b20961fb08650f9b976a84d395785aca2b2d300b285d549
 WHIRLPOOL 
4f28b976dd6710705d6361b9a45fef9a1265dffef0cedd0fb304f2820585ece3e2bb64d4c5289d444b3ab55bac265850943c63cdf258c40c45c99176a788ca2a
 DIST lxc-1.1.2.tar.gz 597158 SHA256 
f22fcf2659ca98dfe864e632374de98c42cdf465d0c694834b6f6098a3cb8519 SHA512 
7c4c9b5418321eedcd37a3f5c2c99ff227de48f672cabd1722a74722077d33badb038675ec95fc3e338eaf2b06972c4ffb2e11f36347587ef71a95fad5b66daa
 WHIRLPOOL 
2b657a9195b6357a367f6aa7609952d9162aae7d7be3f2c5e4cda4b2e81f2c7411835e75af5740cca053d445a3cf7dc7457f9e76ca866de7265e99ed42c744e9
 DIST lxc-1.1.3.tar.gz 599889 SHA256 
b75fb8e376d3313e152f31fb7372b68f33a953a12191a39de4cded04fff94300 SHA512 
cafa4fbe4fe23b8c0b98007a79f20899c4a3b98c51d797b9c16e38dfec1eee5a513b58621308fe6551707d38028d9e5bd78ade8822691ffe4a7a369b10a48dda
 WHIRLPOOL 
04ad57d8b189ab089b27adad8e511dcc2e5c563505f8134323ac9d738283bd5d0d929ebadeb69cd49ea68ea3e182f22c72590505cbf6f9d8438112e46909e1b5
 DIST lxc-1.1.4.tar.gz 604167 SHA256 
b087baf5ac4b94618388e6e759d9cdafcf5c98ed67bf9012ee9660076f9fb0d1 SHA512 
b239c285b68ddb25c165e998307d69b368bb802e89c1e26de9daab956ffc05cb8e80bf7c796233552b08a57d1cc37c22777bb7a7469db111582184ee13272c93
 WHIRLPOOL 
2d69d0540c15274627cdbd0f1944a119b601e1298b9328ba336beae0aa6bffd62dfdf85af82f54c3926489e19b4cee7eaa6c35bcfb72e4b3904f85102055ae85
+DIST lxc-1.1.5.tar.gz 607219 SHA256 
eefce4cc679656cb8636bf0849f3ba6981c48167884e13dbcb377820a717c09c SHA512 
e48ab549f1317afcb5f7768ab988ba27a3e9f1458504e1d70b2e27c502233e7b3538b8ce0b79940140a59a37681bcd8e459416e814f9e4814a4ed86b89e8df1c
 WHIRLPOOL 
0d65ec400913b3298517ba0cb50e064b894d8b26cbd331662e11caee285a37aa1e0d1e4623b69e75585c4369544ca02ff97db90d5127c697cd53fde87d2bc968

diff --git a/app-emulation/lxc/files/lxc-1.0.8-bash-completion.patch 
b/app-emulation/lxc/files/lxc-1.0.8-bash-completion.patch
new file mode 100644
index 000..e9e0e6c
--- /dev/null
+++ b/app-emulation/lxc/files/lxc-1.0.8-bash-completion.patch
@@ -0,0 +1,35 @@
+Index: lxc-lxc-1.0.8/config/bash/Makefile.am
+===
+--- lxc-lxc-1.0.8.orig/config/bash/Makefile.am
 lxc-lxc-1.0.8/config/bash/Makefile.am
+@@ -2,12 +2,12 @@ EXTRA_DIST = lxc
+ 
+ if ENABLE_BASH
+ install-bash:
+-  $(MKDIR_P) $(DESTDIR)$(sysconfdir)/bash_completion.d/
+-  $(INSTALL_DATA) lxc $(DESTDIR)$(sysconfdir)/bash_completion.d/
++

[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/

2015-09-05 Thread Markos Chandras 
commit: ded368f9a246102c62a83377408b4b8ba489129f
Author: Markos Chandras  gentoo  org>
AuthorDate: Sat Sep  5 08:06:36 2015 +
Commit: Markos Chandras  gentoo  org>
CommitDate: Sat Sep  5 08:08:23 2015 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ded368f9

app-emulation/lxc: Version bump

Package-Manager: portage-2.2.20.1

 app-emulation/lxc/Manifest |   1 +
 .../lxc/files/lxc-1.1.3-bash-completion.patch  |  35 
 app-emulation/lxc/lxc-1.1.3.ebuild | 194 +
 3 files changed, 230 insertions(+)

diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest
index cc4a565..fe67c91 100644
--- a/app-emulation/lxc/Manifest
+++ b/app-emulation/lxc/Manifest
@@ -3,3 +3,4 @@ DIST lxc-1.0.7.tar.gz 564985 SHA256 
a0b1b09592e076e270dcb3ba004616d9ac3147f9de0b
 DIST lxc-1.1.0.tar.gz 592543 SHA256 
216e806f7e18e5bfbc782493a9e44fc255f24a587d6faee94cda848a0b949155 SHA512 
160da88d6dc96cd9f0679f948bfed057c024adcd459fa4b79e872d12284fa3774ac33a13923c6e150072886a371ccfcdf7ab2c4587efa7f6175fc91a67525c4a
 WHIRLPOOL 
2caf81418850ea8b1ecf25b25e799895563ecf1819f32310fcbb4efe88f711eafe2bcb16a0d3b8ee59072c770a5520b4df90a5962215b932e68a4705c4a56d61
 DIST lxc-1.1.1.tar.gz 594112 SHA256 
64951fdd39df2bea083bb5a8ac35a7390daf2dc7753d8fce33138129892ef672 SHA512 
8af3fb43127b57de4e252baf5cb387270955062ff3838e4807a93d04520ca23f0457913bc8274da51b20961fb08650f9b976a84d395785aca2b2d300b285d549
 WHIRLPOOL 
4f28b976dd6710705d6361b9a45fef9a1265dffef0cedd0fb304f2820585ece3e2bb64d4c5289d444b3ab55bac265850943c63cdf258c40c45c99176a788ca2a
 DIST lxc-1.1.2.tar.gz 597158 SHA256 
f22fcf2659ca98dfe864e632374de98c42cdf465d0c694834b6f6098a3cb8519 SHA512 
7c4c9b5418321eedcd37a3f5c2c99ff227de48f672cabd1722a74722077d33badb038675ec95fc3e338eaf2b06972c4ffb2e11f36347587ef71a95fad5b66daa
 WHIRLPOOL 
2b657a9195b6357a367f6aa7609952d9162aae7d7be3f2c5e4cda4b2e81f2c7411835e75af5740cca053d445a3cf7dc7457f9e76ca866de7265e99ed42c744e9
+DIST lxc-1.1.3.tar.gz 599889 SHA256 
b75fb8e376d3313e152f31fb7372b68f33a953a12191a39de4cded04fff94300 SHA512 
cafa4fbe4fe23b8c0b98007a79f20899c4a3b98c51d797b9c16e38dfec1eee5a513b58621308fe6551707d38028d9e5bd78ade8822691ffe4a7a369b10a48dda
 WHIRLPOOL 
04ad57d8b189ab089b27adad8e511dcc2e5c563505f8134323ac9d738283bd5d0d929ebadeb69cd49ea68ea3e182f22c72590505cbf6f9d8438112e46909e1b5

diff --git a/app-emulation/lxc/files/lxc-1.1.3-bash-completion.patch 
b/app-emulation/lxc/files/lxc-1.1.3-bash-completion.patch
new file mode 100644
index 000..3bcb40c
--- /dev/null
+++ b/app-emulation/lxc/files/lxc-1.1.3-bash-completion.patch
@@ -0,0 +1,35 @@
+Index: lxc-lxc-1.1.3/config/bash/Makefile.am
+===
+--- lxc-lxc-1.1.3.orig/config/bash/Makefile.am
 lxc-lxc-1.1.3/config/bash/Makefile.am
+@@ -2,12 +2,12 @@ EXTRA_DIST = lxc
+ 
+ if ENABLE_BASH
+ install-bash:
+-  $(MKDIR_P) $(DESTDIR)$(sysconfdir)/bash_completion.d/
+-  $(INSTALL_DATA) lxc $(DESTDIR)$(sysconfdir)/bash_completion.d/
++  $(MKDIR_P) $(DESTDIR)$(datarootdir)/bash-completion/completions//
++  $(INSTALL_DATA) lxc 
$(DESTDIR)$(datarootdir)/bash-completion/completions/
+ 
+ uninstall-bash:
+-  rm -f $(DESTDIR)$(sysconfdir)/bash_completion.d/lxc
+-  rmdir $(DESTDIR)$(sysconfdir)/bash_completion.d/ || :
++  rm -f $(DESTDIR)$(datarootdir)/bash-completion/completions/lxc
++  rmdir $(DESTDIR)$(datarootdir)/bash-completion/ || :
+ 
+ install-data-local: install-bash
+ uninstall-local: uninstall-bash
+Index: lxc-lxc-1.1.3/config/bash/lxc.in
+===
+--- lxc-lxc-1.1.3.orig/config/bash/lxc.in
 lxc-lxc-1.1.3/config/bash/lxc.in
+@@ -1,4 +1,3 @@
+-have lxc-start && {
+ _lxc_names() {
+ COMPREPLY=( $( compgen -W "$( lxc-ls )" "$cur" ) )
+ }
+@@ -100,4 +99,3 @@ have lxc-start && {
+ 
+ complete -o default -F _lxc_generic_o lxc-clone
+ complete -o default -F _lxc_generic_o lxc-start-ephemeral
+-}

diff --git a/app-emulation/lxc/lxc-1.1.3.ebuild 
b/app-emulation/lxc/lxc-1.1.3.ebuild
new file mode 100644
index 000..4a336ef
--- /dev/null
+++ b/app-emulation/lxc/lxc-1.1.3.ebuild
@@ -0,0 +1,194 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="5"
+
+MY_P="${P/_/-}"
+PYTHON_COMPAT=( python{3_3,3_4} )
+DISTUTILS_OPTIONAL=1
+
+inherit autotools bash-completion-r1 distutils-r1 eutils linux-info 
versionator flag-o-matic systemd
+
+DESCRIPTION="LinuX Containers userspace utilities"
+HOMEPAGE="https://linuxcontainers.org/;
+SRC_URI="https://github.com/lxc/lxc/archive/${MY_P}.tar.gz;
+
+KEYWORDS="~amd64 ~arm ~arm64"
+
+LICENSE="LGPL-3"
+SLOT="0"
+IUSE="cgmanager doc examples lua python seccomp"
+
+RDEPEND="net-libs/gnutls
+   sys-libs/libcap
+   cgmanager? ( app-admin/cgmanager )
+   lua? ( >=dev-lang/lua-5.1:= )
+   python? (