From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-843327-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id 17B4113888F
	for <garchives@archives.gentoo.org>; Sat, 31 Oct 2015 11:11:59 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 7F9B0E0818;
	Sat, 31 Oct 2015 11:11:53 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 0DB60E0818
	for <gentoo-commits@lists.gentoo.org>; Sat, 31 Oct 2015 11:11:51 +0000 (UTC)
Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 88200340C20
	for <gentoo-commits@lists.gentoo.org>; Sat, 31 Oct 2015 11:11:49 +0000 (UTC)
Received: from localhost.localdomain (localhost [127.0.0.1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id 71CAA1BFF
	for <gentoo-commits@lists.gentoo.org>; Sat, 31 Oct 2015 11:11:42 +0000 (UTC)
From: "Michał Górny" <mgorny@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Michał Górny" <mgorny@gentoo.org>
Message-ID: <1446253585.c2c88ec4ea7cba331b6486cab9041cb909b49b6a.mgorny@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/
X-VCS-Repository: repo/gentoo
X-VCS-Files: app-emulation/lxc/lxc-1.1.3.ebuild app-emulation/lxc/lxc-1.1.4.ebuild
X-VCS-Directories: app-emulation/lxc/
X-VCS-Committer: mgorny
X-VCS-Committer-Name: Michał Górny
X-VCS-Revision: c2c88ec4ea7cba331b6486cab9041cb909b49b6a
X-VCS-Branch: master
Date: Sat, 31 Oct 2015 11:11:42 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Archives-Salt: 86194bcb-dd6e-470a-9f66-e68548ac08ad
X-Archives-Hash: a86f02fad1446afcc910df331a6ee430

commit:     c2c88ec4ea7cba331b6486cab9041cb909b49b6a
Author:     Jakub Jirutka <jakub <AT> jirutka <DOT> cz>
AuthorDate: Thu Oct 15 12:21:15 2015 +0000
Commit:     Michał Górny <mgorny <AT> gentoo <DOT> org>
CommitDate: Sat Oct 31 01:06:25 2015 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c2c88ec4

app-emulation/lxc: Forward-port !GRKERNSEC* checks to 1.1.3+

See 78ef1b565ae26608f11a81f2b60e4a8e404ef9c3
and a226893bb48e8979b054b1b8cb463402a8d58e27.

 app-emulation/lxc/lxc-1.1.3.ebuild | 4 ++++
 app-emulation/lxc/lxc-1.1.4.ebuild | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/app-emulation/lxc/lxc-1.1.3.ebuild b/app-emulation/lxc/lxc-1.1.3.ebuild
index 4a336ef..b41c685 100644
--- a/app-emulation/lxc/lxc-1.1.3.ebuild
+++ b/app-emulation/lxc/lxc-1.1.3.ebuild
@@ -61,6 +61,8 @@ CONFIG_CHECK="~CGROUPS ~CGROUP_DEVICE
 	~!GRKERNSEC_CHROOT_PIVOT
 	~!GRKERNSEC_CHROOT_CHMOD
 	~!GRKERNSEC_CHROOT_CAPS
+	~!GRKERNSEC_PROC
+	~!GRKERNSEC_SYSFS_RESTRICT
 "
 
 ERROR_DEVPTS_MULTIPLE_INSTANCES="CONFIG_DEVPTS_MULTIPLE_INSTANCES:  needed for pts inside container"
@@ -89,6 +91,8 @@ ERROR_GRKERNSEC_CHROOT_DOUBLE="CONFIG_GRKERNSEC_CHROOT_DOUBLE:  some GRSEC featu
 ERROR_GRKERNSEC_CHROOT_PIVOT="CONFIG_GRKERNSEC_CHROOT_PIVOT:  some GRSEC features make LXC unusable see postinst notes"
 ERROR_GRKERNSEC_CHROOT_CHMOD="CONFIG_GRKERNSEC_CHROOT_CHMOD:  some GRSEC features make LXC unusable see postinst notes"
 ERROR_GRKERNSEC_CHROOT_CAPS="CONFIG_GRKERNSEC_CHROOT_CAPS:  some GRSEC features make LXC unusable see postinst notes"
+ERROR_GRKERNSEC_PROC="CONFIG_GRKERNSEC_PROC:  this GRSEC feature is incompatible with unprivileged containers"
+ERROR_GRKERNSEC_SYSFS_RESTRICT="CONFIG_GRKERNSEC_SYSFS_RESTRICT:  this GRSEC feature is incompatible with unprivileged containers"
 
 DOCS=(AUTHORS CONTRIBUTING MAINTAINERS NEWS README doc/FAQ.txt)
 

diff --git a/app-emulation/lxc/lxc-1.1.4.ebuild b/app-emulation/lxc/lxc-1.1.4.ebuild
index 7344904..12c1751 100644
--- a/app-emulation/lxc/lxc-1.1.4.ebuild
+++ b/app-emulation/lxc/lxc-1.1.4.ebuild
@@ -61,6 +61,8 @@ CONFIG_CHECK="~CGROUPS ~CGROUP_DEVICE
 	~!GRKERNSEC_CHROOT_PIVOT
 	~!GRKERNSEC_CHROOT_CHMOD
 	~!GRKERNSEC_CHROOT_CAPS
+	~!GRKERNSEC_PROC
+	~!GRKERNSEC_SYSFS_RESTRICT
 "
 
 ERROR_DEVPTS_MULTIPLE_INSTANCES="CONFIG_DEVPTS_MULTIPLE_INSTANCES:  needed for pts inside container"
@@ -89,6 +91,8 @@ ERROR_GRKERNSEC_CHROOT_DOUBLE="CONFIG_GRKERNSEC_CHROOT_DOUBLE:  some GRSEC featu
 ERROR_GRKERNSEC_CHROOT_PIVOT="CONFIG_GRKERNSEC_CHROOT_PIVOT:  some GRSEC features make LXC unusable see postinst notes"
 ERROR_GRKERNSEC_CHROOT_CHMOD="CONFIG_GRKERNSEC_CHROOT_CHMOD:  some GRSEC features make LXC unusable see postinst notes"
 ERROR_GRKERNSEC_CHROOT_CAPS="CONFIG_GRKERNSEC_CHROOT_CAPS:  some GRSEC features make LXC unusable see postinst notes"
+ERROR_GRKERNSEC_PROC="CONFIG_GRKERNSEC_PROC:  this GRSEC feature is incompatible with unprivileged containers"
+ERROR_GRKERNSEC_SYSFS_RESTRICT="CONFIG_GRKERNSEC_SYSFS_RESTRICT:  this GRSEC feature is incompatible with unprivileged containers"
 
 DOCS=(AUTHORS CONTRIBUTING MAINTAINERS NEWS README doc/FAQ.txt)