| 1 |
commit: 10087423e3d0467e699f775c0e6e1ac7e116de58 |
| 2 |
Author: Justin Lecher <jlec <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Sun Nov 12 21:08:35 2017 +0000 |
| 4 |
Commit: Justin Lecher <jlec <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Sun Nov 12 21:08:51 2017 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=10087423 |
| 7 |
|
| 8 |
app-emulation/lxc: Handle automagic dep in selinux |
| 9 |
|
| 10 |
Signed-off-by: Justin Lecher <jlec <AT> gentoo.org> |
| 11 |
Package-Manager: Portage-2.3.13, Repoman-2.3.4 |
| 12 |
|
| 13 |
app-emulation/lxc/files/lxc.initd.6 | 118 ------------------------------------ |
| 14 |
app-emulation/lxc/lxc-2.0.8.ebuild | 17 +++--- |
| 15 |
2 files changed, 10 insertions(+), 125 deletions(-) |
| 16 |
|
| 17 |
diff --git a/app-emulation/lxc/files/lxc.initd.6 b/app-emulation/lxc/files/lxc.initd.6 |
| 18 |
deleted file mode 100644 |
| 19 |
index a66dfdd22b4..00000000000 |
| 20 |
--- a/app-emulation/lxc/files/lxc.initd.6 |
| 21 |
+++ /dev/null |
| 22 |
@@ -1,118 +0,0 @@ |
| 23 |
-#!/sbin/openrc-run |
| 24 |
-# Copyright 1999-2017 Gentoo Foundation |
| 25 |
-# Distributed under the terms of the GNU General Public License v2 |
| 26 |
- |
| 27 |
-CONTAINER=${SVCNAME#*.} |
| 28 |
- |
| 29 |
-LXC_PATH=`lxc-config lxc.lxcpath` |
| 30 |
- |
| 31 |
-lxc_get_configfile() { |
| 32 |
- if [ -f "${LXC_PATH}/${CONTAINER}.conf" ]; then |
| 33 |
- echo "${LXC_PATH}/${CONTAINER}.conf" |
| 34 |
- elif [ -f "${LXC_PATH}/${CONTAINER}/config" ]; then |
| 35 |
- echo "${LXC_PATH}/${CONTAINER}/config" |
| 36 |
- else |
| 37 |
- eerror "Unable to find a suitable configuration file." |
| 38 |
- eerror "If you set up the container in a non-standard" |
| 39 |
- eerror "location, please set the CONFIGFILE variable." |
| 40 |
- return 1 |
| 41 |
- fi |
| 42 |
-} |
| 43 |
- |
| 44 |
-[ $CONTAINER != $SVCNAME ] && CONFIGFILE=${CONFIGFILE:-$(lxc_get_configfile)} |
| 45 |
- |
| 46 |
-lxc_get_var() { |
| 47 |
- awk 'BEGIN { FS="[ \t]*=[ \t]*" } $1 == "'$1'" { print $2; exit }' ${CONFIGFILE} |
| 48 |
-} |
| 49 |
- |
| 50 |
-lxc_get_net_link_type() { |
| 51 |
- awk 'BEGIN { FS="[ \t]*=[ \t]*"; _link=""; _type="" } |
| 52 |
- $1 == "lxc.network.type" {_type=$2;} |
| 53 |
- $1 == "lxc.network.link" {_link=$2;} |
| 54 |
- {if(_link != "" && _type != ""){ |
| 55 |
- printf("%s:%s\n", _link, _type ); |
| 56 |
- _link=""; _type=""; |
| 57 |
- }; }' <${CONFIGFILE} |
| 58 |
-} |
| 59 |
- |
| 60 |
-checkconfig() { |
| 61 |
- if [ ${CONTAINER} = ${SVCNAME} ]; then |
| 62 |
- eerror "You have to create an init script for each container:" |
| 63 |
- eerror " ln -s lxc /etc/init.d/lxc.container" |
| 64 |
- return 1 |
| 65 |
- fi |
| 66 |
- |
| 67 |
- # no need to output anything, the function takes care of that. |
| 68 |
- [ -z "${CONFIGFILE}" ] && return 1 |
| 69 |
- |
| 70 |
- utsname=$(lxc_get_var lxc.utsname) |
| 71 |
- if [ ${CONTAINER} != ${utsname} ]; then |
| 72 |
- eerror "You should use the same name for the service and the" |
| 73 |
- eerror "container. Right now the container is called ${utsname}" |
| 74 |
- return 1 |
| 75 |
- fi |
| 76 |
-} |
| 77 |
- |
| 78 |
-depend() { |
| 79 |
- # be quiet, since we have to run depend() also for the |
| 80 |
- # non-muxed init script, unfortunately. |
| 81 |
- checkconfig 2>/dev/null || return 0 |
| 82 |
- |
| 83 |
- config ${CONFIGFILE} |
| 84 |
- need localmount |
| 85 |
- use lxcfs |
| 86 |
- |
| 87 |
- local _x _if |
| 88 |
- for _x in $(lxc_get_net_link_type); do |
| 89 |
- _if=${_x%:*} |
| 90 |
- case "${_x##*:}" in |
| 91 |
- # when the network type is set to phys, we can make use of a |
| 92 |
- # network service (for instance to set it up before we disable |
| 93 |
- # the net_admin capability), but we might also not set it up |
| 94 |
- # at all on the host and leave the net_admin capable service |
| 95 |
- # to take care of it. |
| 96 |
- phys) use net.${_if} ;; |
| 97 |
- *) need net.${_if} ;; |
| 98 |
- esac |
| 99 |
- done |
| 100 |
-} |
| 101 |
- |
| 102 |
-start() { |
| 103 |
- checkconfig || return 1 |
| 104 |
- rm -f /var/log/lxc/${CONTAINER}.log |
| 105 |
- |
| 106 |
- rootpath=$(lxc_get_var lxc.rootfs) |
| 107 |
- |
| 108 |
- # Check the format of our init and the chroot's init, to see |
| 109 |
- # if we have to use linux32 or linux64; always use setarch |
| 110 |
- # when required, as that makes it easier to deal with |
| 111 |
- # x32-based containers. |
| 112 |
- case $(scanelf -BF '%a#f' ${rootpath}/sbin/init) in |
| 113 |
- EM_X86_64) setarch=linux64;; |
| 114 |
- EM_386) setarch=linux32;; |
| 115 |
- esac |
| 116 |
- |
| 117 |
- ebegin "Starting ${CONTAINER}" |
| 118 |
- env -i ${setarch} $(which lxc-start) -l WARN -n ${CONTAINER} -f ${CONFIGFILE} -d -o /var/log/lxc/${CONTAINER}.log |
| 119 |
- sleep 1 |
| 120 |
- |
| 121 |
- # lxc-start -d will _always_ report a correct startup, even if it |
| 122 |
- # failed, so rather than trust that, check that the cgroup exists. |
| 123 |
- [ -d /sys/fs/cgroup/cpuset/lxc/${CONTAINER} ] |
| 124 |
- eend $? |
| 125 |
-} |
| 126 |
- |
| 127 |
-stop() { |
| 128 |
- checkconfig || return 1 |
| 129 |
- |
| 130 |
- |
| 131 |
- if ! [ -d /sys/fs/cgroup/cpuset/lxc/${CONTAINER} ]; then |
| 132 |
- ewarn "${CONTAINER} doesn't seem to be started." |
| 133 |
- return 0 |
| 134 |
- fi |
| 135 |
- |
| 136 |
- # 10s should be enough to shut everything down |
| 137 |
- ebegin "Stopping ${CONTAINER}" |
| 138 |
- lxc-stop -t 10 -n ${CONTAINER} |
| 139 |
- eend $? |
| 140 |
-} |
| 141 |
|
| 142 |
diff --git a/app-emulation/lxc/lxc-2.0.8.ebuild b/app-emulation/lxc/lxc-2.0.8.ebuild |
| 143 |
index ae0977801e1..d22f583a5a4 100644 |
| 144 |
--- a/app-emulation/lxc/lxc-2.0.8.ebuild |
| 145 |
+++ b/app-emulation/lxc/lxc-2.0.8.ebuild |
| 146 |
@@ -1,9 +1,9 @@ |
| 147 |
# Copyright 1999-2017 Gentoo Foundation |
| 148 |
# Distributed under the terms of the GNU General Public License v2 |
| 149 |
|
| 150 |
-EAPI="6" |
| 151 |
+EAPI=6 |
| 152 |
|
| 153 |
-PYTHON_COMPAT=( python{3_4,3_5} ) |
| 154 |
+PYTHON_COMPAT=( python3_{4,5,6} ) |
| 155 |
DISTUTILS_OPTIONAL=1 |
| 156 |
|
| 157 |
inherit autotools bash-completion-r1 distutils-r1 linux-info versionator flag-o-matic systemd |
| 158 |
@@ -16,21 +16,23 @@ KEYWORDS="~amd64 ~arm ~arm64" |
| 159 |
|
| 160 |
LICENSE="LGPL-3" |
| 161 |
SLOT="0" |
| 162 |
-IUSE="cgmanager doc examples lua python seccomp" |
| 163 |
+IUSE="cgmanager doc examples lua python seccomp selinux" |
| 164 |
|
| 165 |
-RDEPEND="net-libs/gnutls |
| 166 |
+RDEPEND=" |
| 167 |
+ net-libs/gnutls |
| 168 |
sys-libs/libcap |
| 169 |
cgmanager? ( app-admin/cgmanager ) |
| 170 |
lua? ( >=dev-lang/lua-5.1:= ) |
| 171 |
python? ( ${PYTHON_DEPS} ) |
| 172 |
- seccomp? ( sys-libs/libseccomp )" |
| 173 |
+ seccomp? ( sys-libs/libseccomp ) |
| 174 |
+ selinux? ( sys-libs/libselinux )" |
| 175 |
|
| 176 |
DEPEND="${RDEPEND} |
| 177 |
doc? ( app-text/docbook-sgml-utils ) |
| 178 |
>=sys-kernel/linux-headers-3.2" |
| 179 |
|
| 180 |
RDEPEND="${RDEPEND} |
| 181 |
- sys-process/criu |
| 182 |
+ sys-process/criu[selinux=] |
| 183 |
sys-apps/util-linux |
| 184 |
app-misc/pax-utils |
| 185 |
virtual/awk" |
| 186 |
@@ -136,7 +138,8 @@ src_configure() { |
| 187 |
$(use_enable examples) \ |
| 188 |
$(use_enable lua) \ |
| 189 |
$(use_enable python) \ |
| 190 |
- $(use_enable seccomp) |
| 191 |
+ $(use_enable seccomp) \ |
| 192 |
+ $(use_enable selinux) |
| 193 |
} |
| 194 |
|
| 195 |
python_compile() { |
Archives