[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/ - gentoo-commits

From:	Erik Mackdanz <stasibear@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/, app-emulation/lxc/files/
Date:	Thu, 14 Jul 2016 02:32:11
Message-Id:	`1468463493.181fa35d157157f02add732e0b338c6127b51338.stasibear@gentoo`

1

commit:     181fa35d157157f02add732e0b338c6127b51338

2

Author:     Erik Mackdanz <stasibear <AT> gentoo <DOT> org>

3

AuthorDate: Thu Jul 14 02:31:33 2016 +0000

4

Commit:     Erik Mackdanz <stasibear <AT> gentoo <DOT> org>

5

CommitDate: Thu Jul 14 02:31:33 2016 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=181fa35d

7

8

app-emulation/lxc: Revbump to repair unit file

9

10

Gentoo-bug: 588740

11

12

Package-Manager: portage-2.3.0

13

14

 app-emulation/lxc/files/lxc.initd.5      | 119 +++++++++++++++++++

15

 app-emulation/lxc/files/lxc_at.service.4 |  14 +++

16

 app-emulation/lxc/lxc-2.0.3-r1.ebuild    | 197 +++++++++++++++++++++++++++++++

17

 3 files changed, 330 insertions(+)

18

19

diff --git a/app-emulation/lxc/files/lxc.initd.5 b/app-emulation/lxc/files/lxc.initd.5

20

new file mode 100644

21

index 0000000..e5a5236

22

--- /dev/null

23

+++ b/app-emulation/lxc/files/lxc.initd.5

24

@@ -0,0 +1,119 @@

25

+#!/sbin/openrc-run

26

+# Copyright 1999-2016 Gentoo Foundation

27

+# Distributed under the terms of the GNU General Public License v2

28

+# $Id$

29

+

30

+CONTAINER=${SVCNAME#*.}

31

+

32

+LXC_PATH=`lxc-config lxc.lxcpath`

33

+

34

+lxc_get_configfile() {

35

+	if [ -f "${LXC_PATH}/${CONTAINER}.conf" ]; then

36

+		echo "${LXC_PATH}/${CONTAINER}.conf"

37

+	elif [ -f "${LXC_PATH}/${CONTAINER}/config" ]; then

38

+		echo "${LXC_PATH}/${CONTAINER}/config"

39

+	else

40

+		eerror "Unable to find a suitable configuration file."

41

+		eerror "If you set up the container in a non-standard"

42

+		eerror "location, please set the CONFIGFILE variable."

43

+		return 1

44

+	fi

45

+}

46

+

47

+[ $CONTAINER != $SVCNAME ] && CONFIGFILE=${CONFIGFILE:-$(lxc_get_configfile)}

48

+

49

+lxc_get_var() {

50

+	awk 'BEGIN { FS="[ \t]*=[ \t]*" } $1 == "'$1'" { print $2; exit }' ${CONFIGFILE}

51

+}

52

+

53

+lxc_get_net_link_type() {

54

+	awk 'BEGIN { FS="[ \t]*=[ \t]*"; _link=""; _type="" }

55

+		$1 == "lxc.network.type" {_type=$2;}

56

+		$1 == "lxc.network.link" {_link=$2;}

57

+		{if(_link != "" && _type != ""){

58

+			printf("%s:%s\n", _link, _type );

59

+			_link=""; _type="";

60

+		}; }' <${CONFIGFILE}

61

+}

62

+

63

+checkconfig() {

64

+	if [ ${CONTAINER} = ${SVCNAME} ]; then

65

+		eerror "You have to create an init script for each container:"

66

+		eerror " ln -s lxc /etc/init.d/lxc.container"

67

+		return 1

68

+	fi

69

+

70

+	# no need to output anything, the function takes care of that.

71

+	[ -z "${CONFIGFILE}" ] && return 1

72

+

73

+	utsname=$(lxc_get_var lxc.utsname)

74

+	if [ ${CONTAINER} != ${utsname} ]; then

75

+	    eerror "You should use the same name for the service and the"

76

+	    eerror "container. Right now the container is called ${utsname}"

77

+	    return 1

78

+	fi

79

+}

80

+

81

+depend() {

82

+	# be quiet, since we have to run depend() also for the

83

+	# non-muxed init script, unfortunately.

84

+	checkconfig 2>/dev/null || return 0

85

+

86

+	config ${CONFIGFILE}

87

+	need localmount

88

+	use lxcfs

89

+

90

+	local _x _if

91

+	for _x in $(lxc_get_net_link_type); do

92

+		_if=${_x%:*}

93

+		case "${_x##*:}" in

94

+			# when the network type is set to phys, we can make use of a

95

+			# network service (for instance to set it up before we disable

96

+			# the net_admin capability), but we might also not set it up

97

+			# at all on the host and leave the net_admin capable service

98

+			# to take care of it.

99

+			phys)	use net.${_if} ;;

100

+			*)	need net.${_if} ;;

101

+		esac

102

+	done

103

+}

104

+

105

+start() {

106

+	checkconfig || return 1

107

+	rm -f /var/log/lxc/${CONTAINER}.log

108

+

109

+	rootpath=$(lxc_get_var lxc.rootfs)

110

+

111

+	# Check the format of our init and the chroot's init, to see

112

+	# if we have to use linux32 or linux64; always use setarch

113

+	# when required, as that makes it easier to deal with

114

+	# x32-based containers.

115

+	case $(scanelf -BF '%a#f' ${rootpath}/sbin/init) in

116

+		EM_X86_64)	setarch=linux64;;

117

+		EM_386)		setarch=linux32;;

118

+	esac

119

+

120

+	ebegin "Starting ${CONTAINER}"

121

+	env -i ${setarch} $(which lxc-start) -l WARN -n ${CONTAINER} -f ${CONFIGFILE} -d -o /var/log/lxc/${CONTAINER}.log

122

+	sleep 0.5

123

+

124

+	# lxc-start -d will _always_ report a correct startup, even if it

125

+	# failed, so rather than trust that, check that the cgroup exists.

126

+	[ -d /sys/fs/cgroup/cpuset/lxc/${CONTAINER} ]

127

+	eend $?

128

+}

129

+

130

+stop() {

131

+	checkconfig || return 1

132

+

133

+

134

+	if ! [ -d /sys/fs/cgroup/cpuset/lxc/${CONTAINER} ]; then

135

+	    ewarn "${CONTAINER} doesn't seem to be started."

136

+	    return 0

137

+	fi

138

+

139

+	# 10s should be enough to shut everything down

140

+	ebegin "Stopping ${CONTAINER}"

141

+	lxc-stop -t 10 -n ${CONTAINER}

142

+	eend $?

143

+}

144

145

diff --git a/app-emulation/lxc/files/lxc_at.service.4 b/app-emulation/lxc/files/lxc_at.service.4

146

new file mode 100644

147

index 0000000..64ae745

148

--- /dev/null

149

+++ b/app-emulation/lxc/files/lxc_at.service.4

150

@@ -0,0 +1,14 @@

151

+[Unit]

152

+Description=Linux Container %I

153

+After=network.target

154

+Wants=lxcfs.service

155

+

156

+[Service]

157

+Restart=always

158

+ExecStart=/usr/bin/lxc-start -n %i -F

159

+ExecReload=/usr/bin/lxc-restart -n %i

160

+ExecStop=/usr/bin/lxc-stop -n %i

161

+Delegate=yes

162

+

163

+[Install]

164

+WantedBy=multi-user.target

165

166

diff --git a/app-emulation/lxc/lxc-2.0.3-r1.ebuild b/app-emulation/lxc/lxc-2.0.3-r1.ebuild

167

new file mode 100644

168

index 0000000..17805be

169

--- /dev/null

170

+++ b/app-emulation/lxc/lxc-2.0.3-r1.ebuild

171

@@ -0,0 +1,197 @@

172

+# Copyright 1999-2016 Gentoo Foundation

173

+# Distributed under the terms of the GNU General Public License v2

174

+# $Id$

175

+

176

+EAPI="5"

177

+

178

+MY_P="${P/_/-}"

179

+PYTHON_COMPAT=( python{3_3,3_4,3_5} )

180

+DISTUTILS_OPTIONAL=1

181

+

182

+inherit autotools bash-completion-r1 distutils-r1 eutils linux-info versionator flag-o-matic systemd

183

+

184

+DESCRIPTION="LinuX Containers userspace utilities"

185

+HOMEPAGE="https://linuxcontainers.org/"

186

+SRC_URI="https://github.com/lxc/lxc/archive/${MY_P}.tar.gz"

187

+

188

+KEYWORDS="~amd64 ~arm ~arm64"

189

+

190

+LICENSE="LGPL-3"

191

+SLOT="0"

192

+IUSE="cgmanager doc examples lua python seccomp"

193

+

194

+RDEPEND="net-libs/gnutls

195

+	sys-libs/libcap

196

+	cgmanager? ( app-admin/cgmanager )

197

+	lua? ( >=dev-lang/lua-5.1:= )

198

+	python? ( ${PYTHON_DEPS} )

199

+	seccomp? ( sys-libs/libseccomp )"

200

+

201

+DEPEND="${RDEPEND}

202

+	doc? ( app-text/docbook-sgml-utils )

203

+	>=sys-kernel/linux-headers-3.2"

204

+

205

+RDEPEND="${RDEPEND}

206

+	sys-process/criu

207

+	sys-apps/util-linux

208

+	app-misc/pax-utils

209

+	virtual/awk"

210

+

211

+CONFIG_CHECK="~CGROUPS ~CGROUP_DEVICE

212

+	~CPUSETS ~CGROUP_CPUACCT

213

+	~CGROUP_SCHED

214

+

215

+	~NAMESPACES

216

+	~IPC_NS ~USER_NS ~PID_NS

217

+

218

+	~NETLINK_DIAG ~PACKET_DIAG

219

+	~INET_UDP_DIAG ~INET_TCP_DIAG

220

+	~UNIX_DIAG ~CHECKPOINT_RESTORE

221

+

222

+	~DEVPTS_MULTIPLE_INSTANCES

223

+	~CGROUP_FREEZER

224

+	~UTS_NS ~NET_NS

225

+	~VETH ~MACVLAN

226

+

227

+	~POSIX_MQUEUE

228

+	~!NETPRIO_CGROUP

229

+

230

+	~!GRKERNSEC_CHROOT_MOUNT

231

+	~!GRKERNSEC_CHROOT_DOUBLE

232

+	~!GRKERNSEC_CHROOT_PIVOT

233

+	~!GRKERNSEC_CHROOT_CHMOD

234

+	~!GRKERNSEC_CHROOT_CAPS

235

+	~!GRKERNSEC_PROC

236

+	~!GRKERNSEC_SYSFS_RESTRICT

237

+"

238

+

239

+ERROR_DEVPTS_MULTIPLE_INSTANCES="CONFIG_DEVPTS_MULTIPLE_INSTANCES:  needed for pts inside container"

240

+

241

+ERROR_CGROUP_FREEZER="CONFIG_CGROUP_FREEZER:  needed to freeze containers"

242

+

243

+ERROR_UTS_NS="CONFIG_UTS_NS:  needed to unshare hostnames and uname info"

244

+ERROR_NET_NS="CONFIG_NET_NS:  needed for unshared network"

245

+

246

+ERROR_VETH="CONFIG_VETH:  needed for internal (host-to-container) networking"

247

+ERROR_MACVLAN="CONFIG_MACVLAN:  needed for internal (inter-container) networking"

248

+

249

+ERROR_NETLINK_DIAG="CONFIG_NETLINK_DIAG:  needed for lxc-checkpoint"

250

+ERROR_PACKET_DIAG="CONFIG_PACKET_DIAG:  needed for lxc-checkpoint"

251

+ERROR_INET_UDP_DIAG="CONFIG_INET_UDP_DIAG:  needed for lxc-checkpoint"

252

+ERROR_INET_TCP_DIAG="CONFIG_INET_TCP_DIAG:  needed for lxc-checkpoint"

253

+ERROR_UNIX_DIAG="CONFIG_UNIX_DIAG:  needed for lxc-checkpoint"

254

+ERROR_CHECKPOINT_RESTORE="CONFIG_CHECKPOINT_RESTORE:  needed for lxc-checkpoint"

255

+

256

+ERROR_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE:  needed for lxc-execute command"

257

+

258

+ERROR_NETPRIO_CGROUP="CONFIG_NETPRIO_CGROUP:  as of kernel 3.3 and lxc 0.8.0_rc1 this causes LXCs to fail booting."

259

+

260

+ERROR_GRKERNSEC_CHROOT_MOUNT="CONFIG_GRKERNSEC_CHROOT_MOUNT:  some GRSEC features make LXC unusable see postinst notes"

261

+ERROR_GRKERNSEC_CHROOT_DOUBLE="CONFIG_GRKERNSEC_CHROOT_DOUBLE:  some GRSEC features make LXC unusable see postinst notes"

262

+ERROR_GRKERNSEC_CHROOT_PIVOT="CONFIG_GRKERNSEC_CHROOT_PIVOT:  some GRSEC features make LXC unusable see postinst notes"

263

+ERROR_GRKERNSEC_CHROOT_CHMOD="CONFIG_GRKERNSEC_CHROOT_CHMOD:  some GRSEC features make LXC unusable see postinst notes"

264

+ERROR_GRKERNSEC_CHROOT_CAPS="CONFIG_GRKERNSEC_CHROOT_CAPS:  some GRSEC features make LXC unusable see postinst notes"

265

+ERROR_GRKERNSEC_PROC="CONFIG_GRKERNSEC_PROC:  this GRSEC feature is incompatible with unprivileged containers"

266

+ERROR_GRKERNSEC_SYSFS_RESTRICT="CONFIG_GRKERNSEC_SYSFS_RESTRICT:  this GRSEC feature is incompatible with unprivileged containers"

267

+

268

+DOCS=(AUTHORS CONTRIBUTING MAINTAINERS NEWS README doc/FAQ.txt)

269

+

270

+S="${WORKDIR}/${PN}-${MY_P}"

271

+

272

+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"

273

+

274

+src_prepare() {

275

+	epatch "${FILESDIR}"/${P}-bash-completion.patch

276

+	#558854

277

+	epatch "${FILESDIR}"/${P}-omit-sysconfig.patch

278

+	eautoreconf

279

+}

280

+

281

+src_configure() {

282

+	append-flags -fno-strict-aliasing

283

+

284

+	if use python; then

285

+		#541932

286

+		python_setup "python3*"

287

+		export PKG_CONFIG_PATH="${T}/${EPYTHON}/pkgconfig:${PKG_CONFIG_PATH}"

288

+	fi

289

+

290

+	# I am not sure about the --with-rootfs-path

291

+	# /var/lib/lxc is probably more appropriate than

292

+	# /usr/lib/lxc.

293

+	econf \

294

+		--localstatedir=/var \

295

+		--bindir=/usr/bin \

296

+		--sbindir=/usr/bin \

297

+		--docdir=/usr/share/doc/${PF} \

298

+		--with-config-path=/var/lib/lxc	\

299

+		--with-rootfs-path=/var/lib/lxc/rootfs \

300

+		--with-distro=gentoo \

301

+		--with-runtime-path=/run \

302

+		--disable-apparmor \

303

+		$(use_enable cgmanager) \

304

+		$(use_enable doc) \

305

+		$(use_enable examples) \

306

+		$(use_enable lua) \

307

+		$(use_enable python) \

308

+		$(use_enable seccomp)

309

+}

310

+

311

+python_compile() {

312

+	distutils-r1_python_compile build_ext -I ../ -L ../${PN}

313

+}

314

+

315

+src_compile() {

316

+	default

317

+

318

+	if use python; then

319

+		pushd "${S}/src/python-${PN}" > /dev/null

320

+		distutils-r1_src_compile

321

+		popd > /dev/null

322

+	fi

323

+}

324

+

325

+src_install() {

326

+	default

327

+

328

+	mv "${ED}"/usr/share/bash-completion/completions/${PN} "${ED}"/$(get_bashcompdir)/${PN}-start || die

329

+	# start-ephemeral is no longer a command but removing it here

330

+	# generates QA warnings (still in upstream completion script)

331

+	bashcomp_alias ${PN}-start \

332

+		${PN}-{attach,cgroup,copy,console,create,destroy,device,execute,freeze,info,monitor,snapshot,start-ephemeral,stop,unfreeze,wait}

333

+

334

+	if use python; then

335

+		pushd "${S}/src/python-lxc" > /dev/null

336

+		# Unset DOCS. This has been handled by the default target

337

+		unset DOCS

338

+		distutils-r1_src_install

339

+		popd > /dev/null

340

+	fi

341

+

342

+	keepdir /etc/lxc /var/lib/lxc/rootfs /var/log/lxc

343

+

344

+	find "${D}" -name '*.la' -delete

345

+

346

+	# Gentoo-specific additions!

347

+	newinitd "${FILESDIR}/${PN}.initd.5" ${PN}

348

+

349

+	# Remember to compare our systemd unit file with the upstream one

350

+	# config/init/systemd/lxc.service.in

351

+	systemd_newunit "${FILESDIR}"/${PN}_at.service.4 "lxc@.service"

352

+}

353

+

354

+pkg_postinst() {

355

+	elog ""

356

+	elog "Starting from version ${PN}-1.1.0-r3, the default lxc path has been"

357

+	elog "moved from /etc/lxc to /var/lib/lxc. If you still want to use /etc/lxc"

358

+	elog "please add the following to your /etc/lxc/default.conf"

359

+	elog "lxc.lxcpath = /etc/lxc"

360

+	elog ""

361

+	elog "There is an init script provided with the package now; no documentation"

362

+	elog "is currently available though, so please check out /etc/init.d/lxc ."

363

+	elog "You _should_ only need to symlink it to /etc/init.d/lxc.configname"

364

+	elog "to start the container defined into /etc/lxc/configname.conf ."

365

+	elog "For further information about LXC development see"

366

+	elog "http://blog.flameeyes.eu/tag/lxc" # remove once proper doc is available

367

+	elog ""

368

+}

1	commit: 181fa35d157157f02add732e0b338c6127b51338
2	Author: Erik Mackdanz <stasibear <AT> gentoo <DOT> org>
3	AuthorDate: Thu Jul 14 02:31:33 2016 +0000
4	Commit: Erik Mackdanz <stasibear <AT> gentoo <DOT> org>
5	CommitDate: Thu Jul 14 02:31:33 2016 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=181fa35d
7
8	app-emulation/lxc: Revbump to repair unit file
9
10	Gentoo-bug: 588740
11
12	Package-Manager: portage-2.3.0
13
14	app-emulation/lxc/files/lxc.initd.5 \| 119 +++++++++++++++++++
15	app-emulation/lxc/files/lxc_at.service.4 \| 14 +++
16	app-emulation/lxc/lxc-2.0.3-r1.ebuild \| 197 +++++++++++++++++++++++++++++++
17	3 files changed, 330 insertions(+)
18
19	diff --git a/app-emulation/lxc/files/lxc.initd.5 b/app-emulation/lxc/files/lxc.initd.5
20	new file mode 100644
21	index 0000000..e5a5236
22	--- /dev/null
23	+++ b/app-emulation/lxc/files/lxc.initd.5
24	@@ -0,0 +1,119 @@
25	+#!/sbin/openrc-run
26	+# Copyright 1999-2016 Gentoo Foundation
27	+# Distributed under the terms of the GNU General Public License v2
28	+# $Id$
29	+
30	+CONTAINER=${SVCNAME#*.}
31	+
32	+LXC_PATH=`lxc-config lxc.lxcpath`
33	+
34	+lxc_get_configfile() {
35	+ if [ -f "${LXC_PATH}/${CONTAINER}.conf" ]; then
36	+ echo "${LXC_PATH}/${CONTAINER}.conf"
37	+ elif [ -f "${LXC_PATH}/${CONTAINER}/config" ]; then
38	+ echo "${LXC_PATH}/${CONTAINER}/config"
39	+ else
40	+ eerror "Unable to find a suitable configuration file."
41	+ eerror "If you set up the container in a non-standard"
42	+ eerror "location, please set the CONFIGFILE variable."
43	+ return 1
44	+ fi
45	+}
46	+
47	+[ $CONTAINER != $SVCNAME ] && CONFIGFILE=${CONFIGFILE:-$(lxc_get_configfile)}
48	+
49	+lxc_get_var() {
50	+ awk 'BEGIN { FS="[ \t]=[ \t]" } $1 == "'$1'" { print $2; exit }' ${CONFIGFILE}
51	+}
52	+
53	+lxc_get_net_link_type() {
54	+ awk 'BEGIN { FS="[ \t]=[ \t]"; _link=""; _type="" }
55	+ $1 == "lxc.network.type" {_type=$2;}
56	+ $1 == "lxc.network.link" {_link=$2;}
57	+ {if(_link != "" && _type != ""){
58	+ printf("%s:%s\n", _link, _type );
59	+ _link=""; _type="";
60	+ }; }' <${CONFIGFILE}
61	+}
62	+
63	+checkconfig() {
64	+ if [ ${CONTAINER} = ${SVCNAME} ]; then
65	+ eerror "You have to create an init script for each container:"
66	+ eerror " ln -s lxc /etc/init.d/lxc.container"
67	+ return 1
68	+ fi
69	+
70	+ # no need to output anything, the function takes care of that.
71	+ [ -z "${CONFIGFILE}" ] && return 1
72	+
73	+ utsname=$(lxc_get_var lxc.utsname)
74	+ if [ ${CONTAINER} != ${utsname} ]; then
75	+ eerror "You should use the same name for the service and the"
76	+ eerror "container. Right now the container is called ${utsname}"
77	+ return 1
78	+ fi
79	+}
80	+
81	+depend() {
82	+ # be quiet, since we have to run depend() also for the
83	+ # non-muxed init script, unfortunately.
84	+ checkconfig 2>/dev/null \|\| return 0
85	+
86	+ config ${CONFIGFILE}
87	+ need localmount
88	+ use lxcfs
89	+
90	+ local _x _if
91	+ for _x in $(lxc_get_net_link_type); do
92	+ _if=${_x%:*}
93	+ case "${_x##*:}" in
94	+ # when the network type is set to phys, we can make use of a
95	+ # network service (for instance to set it up before we disable
96	+ # the net_admin capability), but we might also not set it up
97	+ # at all on the host and leave the net_admin capable service
98	+ # to take care of it.
99	+ phys) use net.${_if} ;;
100	+ *) need net.${_if} ;;
101	+ esac
102	+ done
103	+}
104	+
105	+start() {
106	+ checkconfig \|\| return 1
107	+ rm -f /var/log/lxc/${CONTAINER}.log
108	+
109	+ rootpath=$(lxc_get_var lxc.rootfs)
110	+
111	+ # Check the format of our init and the chroot's init, to see
112	+ # if we have to use linux32 or linux64; always use setarch
113	+ # when required, as that makes it easier to deal with
114	+ # x32-based containers.
115	+ case $(scanelf -BF '%a#f' ${rootpath}/sbin/init) in
116	+ EM_X86_64) setarch=linux64;;
117	+ EM_386) setarch=linux32;;
118	+ esac
119	+
120	+ ebegin "Starting ${CONTAINER}"
121	+ env -i ${setarch} $(which lxc-start) -l WARN -n ${CONTAINER} -f ${CONFIGFILE} -d -o /var/log/lxc/${CONTAINER}.log
122	+ sleep 0.5
123	+
124	+ # lxc-start -d will _always_ report a correct startup, even if it
125	+ # failed, so rather than trust that, check that the cgroup exists.
126	+ [ -d /sys/fs/cgroup/cpuset/lxc/${CONTAINER} ]
127	+ eend $?
128	+}
129	+
130	+stop() {
131	+ checkconfig \|\| return 1
132	+
133	+
134	+ if ! [ -d /sys/fs/cgroup/cpuset/lxc/${CONTAINER} ]; then
135	+ ewarn "${CONTAINER} doesn't seem to be started."
136	+ return 0
137	+ fi
138	+
139	+ # 10s should be enough to shut everything down
140	+ ebegin "Stopping ${CONTAINER}"
141	+ lxc-stop -t 10 -n ${CONTAINER}
142	+ eend $?
143	+}
144
145	diff --git a/app-emulation/lxc/files/lxc_at.service.4 b/app-emulation/lxc/files/lxc_at.service.4
146	new file mode 100644
147	index 0000000..64ae745
148	--- /dev/null
149	+++ b/app-emulation/lxc/files/lxc_at.service.4
150	@@ -0,0 +1,14 @@
151	+[Unit]
152	+Description=Linux Container %I
153	+After=network.target
154	+Wants=lxcfs.service
155	+
156	+[Service]
157	+Restart=always
158	+ExecStart=/usr/bin/lxc-start -n %i -F
159	+ExecReload=/usr/bin/lxc-restart -n %i
160	+ExecStop=/usr/bin/lxc-stop -n %i
161	+Delegate=yes
162	+
163	+[Install]
164	+WantedBy=multi-user.target
165
166	diff --git a/app-emulation/lxc/lxc-2.0.3-r1.ebuild b/app-emulation/lxc/lxc-2.0.3-r1.ebuild
167	new file mode 100644
168	index 0000000..17805be
169	--- /dev/null
170	+++ b/app-emulation/lxc/lxc-2.0.3-r1.ebuild
171	@@ -0,0 +1,197 @@
172	+# Copyright 1999-2016 Gentoo Foundation
173	+# Distributed under the terms of the GNU General Public License v2
174	+# $Id$
175	+
176	+EAPI="5"
177	+
178	+MY_P="${P/_/-}"
179	+PYTHON_COMPAT=( python{3_3,3_4,3_5} )
180	+DISTUTILS_OPTIONAL=1
181	+
182	+inherit autotools bash-completion-r1 distutils-r1 eutils linux-info versionator flag-o-matic systemd
183	+
184	+DESCRIPTION="LinuX Containers userspace utilities"
185	+HOMEPAGE="https://linuxcontainers.org/"
186	+SRC_URI="https://github.com/lxc/lxc/archive/${MY_P}.tar.gz"
187	+
188	+KEYWORDS="~amd64 ~arm ~arm64"
189	+
190	+LICENSE="LGPL-3"
191	+SLOT="0"
192	+IUSE="cgmanager doc examples lua python seccomp"
193	+
194	+RDEPEND="net-libs/gnutls
195	+ sys-libs/libcap
196	+ cgmanager? ( app-admin/cgmanager )
197	+ lua? ( >=dev-lang/lua-5.1:= )
198	+ python? ( ${PYTHON_DEPS} )
199	+ seccomp? ( sys-libs/libseccomp )"
200	+
201	+DEPEND="${RDEPEND}
202	+ doc? ( app-text/docbook-sgml-utils )
203	+ >=sys-kernel/linux-headers-3.2"
204	+
205	+RDEPEND="${RDEPEND}
206	+ sys-process/criu
207	+ sys-apps/util-linux
208	+ app-misc/pax-utils
209	+ virtual/awk"
210	+
211	+CONFIG_CHECK="~CGROUPS ~CGROUP_DEVICE
212	+ ~CPUSETS ~CGROUP_CPUACCT
213	+ ~CGROUP_SCHED
214	+
215	+ ~NAMESPACES
216	+ ~IPC_NS ~USER_NS ~PID_NS
217	+
218	+ ~NETLINK_DIAG ~PACKET_DIAG
219	+ ~INET_UDP_DIAG ~INET_TCP_DIAG
220	+ ~UNIX_DIAG ~CHECKPOINT_RESTORE
221	+
222	+ ~DEVPTS_MULTIPLE_INSTANCES
223	+ ~CGROUP_FREEZER
224	+ ~UTS_NS ~NET_NS
225	+ ~VETH ~MACVLAN
226	+
227	+ ~POSIX_MQUEUE
228	+ ~!NETPRIO_CGROUP
229	+
230	+ ~!GRKERNSEC_CHROOT_MOUNT
231	+ ~!GRKERNSEC_CHROOT_DOUBLE
232	+ ~!GRKERNSEC_CHROOT_PIVOT
233	+ ~!GRKERNSEC_CHROOT_CHMOD
234	+ ~!GRKERNSEC_CHROOT_CAPS
235	+ ~!GRKERNSEC_PROC
236	+ ~!GRKERNSEC_SYSFS_RESTRICT
237	+"
238	+
239	+ERROR_DEVPTS_MULTIPLE_INSTANCES="CONFIG_DEVPTS_MULTIPLE_INSTANCES: needed for pts inside container"
240	+
241	+ERROR_CGROUP_FREEZER="CONFIG_CGROUP_FREEZER: needed to freeze containers"
242	+
243	+ERROR_UTS_NS="CONFIG_UTS_NS: needed to unshare hostnames and uname info"
244	+ERROR_NET_NS="CONFIG_NET_NS: needed for unshared network"
245	+
246	+ERROR_VETH="CONFIG_VETH: needed for internal (host-to-container) networking"
247	+ERROR_MACVLAN="CONFIG_MACVLAN: needed for internal (inter-container) networking"
248	+
249	+ERROR_NETLINK_DIAG="CONFIG_NETLINK_DIAG: needed for lxc-checkpoint"
250	+ERROR_PACKET_DIAG="CONFIG_PACKET_DIAG: needed for lxc-checkpoint"
251	+ERROR_INET_UDP_DIAG="CONFIG_INET_UDP_DIAG: needed for lxc-checkpoint"
252	+ERROR_INET_TCP_DIAG="CONFIG_INET_TCP_DIAG: needed for lxc-checkpoint"
253	+ERROR_UNIX_DIAG="CONFIG_UNIX_DIAG: needed for lxc-checkpoint"
254	+ERROR_CHECKPOINT_RESTORE="CONFIG_CHECKPOINT_RESTORE: needed for lxc-checkpoint"
255	+
256	+ERROR_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE: needed for lxc-execute command"
257	+
258	+ERROR_NETPRIO_CGROUP="CONFIG_NETPRIO_CGROUP: as of kernel 3.3 and lxc 0.8.0_rc1 this causes LXCs to fail booting."
259	+
260	+ERROR_GRKERNSEC_CHROOT_MOUNT="CONFIG_GRKERNSEC_CHROOT_MOUNT: some GRSEC features make LXC unusable see postinst notes"
261	+ERROR_GRKERNSEC_CHROOT_DOUBLE="CONFIG_GRKERNSEC_CHROOT_DOUBLE: some GRSEC features make LXC unusable see postinst notes"
262	+ERROR_GRKERNSEC_CHROOT_PIVOT="CONFIG_GRKERNSEC_CHROOT_PIVOT: some GRSEC features make LXC unusable see postinst notes"
263	+ERROR_GRKERNSEC_CHROOT_CHMOD="CONFIG_GRKERNSEC_CHROOT_CHMOD: some GRSEC features make LXC unusable see postinst notes"
264	+ERROR_GRKERNSEC_CHROOT_CAPS="CONFIG_GRKERNSEC_CHROOT_CAPS: some GRSEC features make LXC unusable see postinst notes"
265	+ERROR_GRKERNSEC_PROC="CONFIG_GRKERNSEC_PROC: this GRSEC feature is incompatible with unprivileged containers"
266	+ERROR_GRKERNSEC_SYSFS_RESTRICT="CONFIG_GRKERNSEC_SYSFS_RESTRICT: this GRSEC feature is incompatible with unprivileged containers"
267	+
268	+DOCS=(AUTHORS CONTRIBUTING MAINTAINERS NEWS README doc/FAQ.txt)
269	+
270	+S="${WORKDIR}/${PN}-${MY_P}"
271	+
272	+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
273	+
274	+src_prepare() {
275	+ epatch "${FILESDIR}"/${P}-bash-completion.patch
276	+ #558854
277	+ epatch "${FILESDIR}"/${P}-omit-sysconfig.patch
278	+ eautoreconf
279	+}
280	+
281	+src_configure() {
282	+ append-flags -fno-strict-aliasing
283	+
284	+ if use python; then
285	+ #541932
286	+ python_setup "python3*"
287	+ export PKG_CONFIG_PATH="${T}/${EPYTHON}/pkgconfig:${PKG_CONFIG_PATH}"
288	+ fi
289	+
290	+ # I am not sure about the --with-rootfs-path
291	+ # /var/lib/lxc is probably more appropriate than
292	+ # /usr/lib/lxc.
293	+ econf \
294	+ --localstatedir=/var \
295	+ --bindir=/usr/bin \
296	+ --sbindir=/usr/bin \
297	+ --docdir=/usr/share/doc/${PF} \
298	+ --with-config-path=/var/lib/lxc \
299	+ --with-rootfs-path=/var/lib/lxc/rootfs \
300	+ --with-distro=gentoo \
301	+ --with-runtime-path=/run \
302	+ --disable-apparmor \
303	+ $(use_enable cgmanager) \
304	+ $(use_enable doc) \
305	+ $(use_enable examples) \
306	+ $(use_enable lua) \
307	+ $(use_enable python) \
308	+ $(use_enable seccomp)
309	+}
310	+
311	+python_compile() {
312	+ distutils-r1_python_compile build_ext -I ../ -L ../${PN}
313	+}
314	+
315	+src_compile() {
316	+ default
317	+
318	+ if use python; then
319	+ pushd "${S}/src/python-${PN}" > /dev/null
320	+ distutils-r1_src_compile
321	+ popd > /dev/null
322	+ fi
323	+}
324	+
325	+src_install() {
326	+ default
327	+
328	+ mv "${ED}"/usr/share/bash-completion/completions/${PN} "${ED}"/$(get_bashcompdir)/${PN}-start \|\| die
329	+ # start-ephemeral is no longer a command but removing it here
330	+ # generates QA warnings (still in upstream completion script)
331	+ bashcomp_alias ${PN}-start \
332	+ ${PN}-{attach,cgroup,copy,console,create,destroy,device,execute,freeze,info,monitor,snapshot,start-ephemeral,stop,unfreeze,wait}
333	+
334	+ if use python; then
335	+ pushd "${S}/src/python-lxc" > /dev/null
336	+ # Unset DOCS. This has been handled by the default target
337	+ unset DOCS
338	+ distutils-r1_src_install
339	+ popd > /dev/null
340	+ fi
341	+
342	+ keepdir /etc/lxc /var/lib/lxc/rootfs /var/log/lxc
343	+
344	+ find "${D}" -name '*.la' -delete
345	+
346	+ # Gentoo-specific additions!
347	+ newinitd "${FILESDIR}/${PN}.initd.5" ${PN}
348	+
349	+ # Remember to compare our systemd unit file with the upstream one
350	+ # config/init/systemd/lxc.service.in
351	+ systemd_newunit "${FILESDIR}"/${PN}_at.service.4 "lxc@.service"
352	+}
353	+
354	+pkg_postinst() {
355	+ elog ""
356	+ elog "Starting from version ${PN}-1.1.0-r3, the default lxc path has been"
357	+ elog "moved from /etc/lxc to /var/lib/lxc. If you still want to use /etc/lxc"
358	+ elog "please add the following to your /etc/lxc/default.conf"
359	+ elog "lxc.lxcpath = /etc/lxc"
360	+ elog ""
361	+ elog "There is an init script provided with the package now; no documentation"
362	+ elog "is currently available though, so please check out /etc/init.d/lxc ."
363	+ elog "You _should_ only need to symlink it to /etc/init.d/lxc.configname"
364	+ elog "to start the container defined into /etc/lxc/configname.conf ."
365	+ elog "For further information about LXC development see"
366	+ elog "http://blog.flameeyes.eu/tag/lxc" # remove once proper doc is available
367	+ elog ""
368	+}

Gentoo Archives: gentoo-commits