[gentoo-commits] repo/gentoo:master commit in: app-emulation/lxc/

["Virgil Dupras" <vdupras@gentoo.org>]

commit:     f63fbe792e3f4db205f04df2376a5aa0f92de494
Author:     Nils Freydank <holgersson <AT> posteo <DOT> de>
AuthorDate: Tue Aug 21 21:45:23 2018 +0000
Commit:     Virgil Dupras <vdupras <AT> gentoo <DOT> org>
CommitDate: Wed Aug 22 12:24:57 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f63fbe79

app-emulation/lxc: Bump to 3.0.2.

Closes: https://bugs.gentoo.org/583886
Closes: https://bugs.gentoo.org/657816
Closes: https://bugs.gentoo.org/663780
Package-Manager: Portage-2.3.48, Repoman-2.3.10
Closes: https://github.com/gentoo/gentoo/pull/9651

 app-emulation/lxc/Manifest         |   1 +
 app-emulation/lxc/lxc-3.0.2.ebuild | 158 +++++++++++++++++++++++++++++++++++++
 app-emulation/lxc/metadata.xml     |   1 +
 3 files changed, 160 insertions(+)

diff --git a/app-emulation/lxc/Manifest b/app-emulation/lxc/Manifest
index e8d8e7473f5..8682903f737 100644
--- a/app-emulation/lxc/Manifest
+++ b/app-emulation/lxc/Manifest
@@ -1,2 +1,3 @@
 DIST lxc-2.1.1.tar.gz 1378640 BLAKE2B 5fca516540a886729434579ff99acf3baa06977fa0e0b6f24dbf15094626335fc073597d308276e3dd20e27ceabf1477cc8e99d1fd24cf50b9aed2720b887b69 SHA512 2989d57acddfe091adcf8031721c3c9a2f8eff5476bd6155366b76ea7511e0f6120e669276e056e3963863e0f0acf3b095d44c36fa6652e67c197671f28cbdd4
 DIST lxc-3.0.1.tar.gz 1239920 BLAKE2B 7be668c11d7211540fe7e2fb6318d38eac0d8d493914f4705d097fca4c004a8d2191609d02bd9e1d9204c3c0b9ea937084d3f9050fc841f6d777768067af3d19 SHA512 f51b0844f61f64d4efc530454eae1fa499f7f1b908bd3b40d7031e7f311a402893a7504bddbc53f2ef9da2b3154d1b047fc4d876b99f0d487d7c79de64eea505
+DIST lxc-3.0.2.tar.gz 1236975 BLAKE2B 68047f6374b9081fb308586726797ed94fa66b5e94eb3fc12ad1a0aedc15ac1ee518ca5a341db79a715015e34ad38659200ad6aaf21f74639ebb55e7e1360645 SHA512 d7f5e3f91e5c8800e3e092ab209158a4d3e3c2816623249aeaaf2e0950428484ac5d1432d71298787721e1419cd962c0798ba14979e62161299fa15a299efde8

diff --git a/app-emulation/lxc/lxc-3.0.2.ebuild b/app-emulation/lxc/lxc-3.0.2.ebuild
new file mode 100644
index 00000000000..37cf503a5c8
--- /dev/null
+++ b/app-emulation/lxc/lxc-3.0.2.ebuild
@@ -0,0 +1,158 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools bash-completion-r1 linux-info flag-o-matic systemd readme.gentoo-r1 pam
+
+DESCRIPTION="LinuX Containers userspace utilities"
+HOMEPAGE="https://linuxcontainers.org/"
+SRC_URI="https://linuxcontainers.org/downloads/lxc/${P}.tar.gz"
+
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86"
+
+LICENSE="LGPL-3"
+SLOT="0"
+IUSE="apparmor examples pam python seccomp selinux +templates"
+
+RDEPEND="
+	net-libs/gnutls
+	sys-libs/libcap
+	pam? ( virtual/pam )
+	seccomp? ( sys-libs/libseccomp )
+	selinux? ( sys-libs/libselinux )"
+
+DEPEND="${RDEPEND}
+	>=app-text/docbook-sgml-utils-0.6.14-r2
+	>=sys-kernel/linux-headers-3.2"
+
+RDEPEND="${RDEPEND}
+	sys-apps/util-linux
+	app-misc/pax-utils
+	virtual/awk"
+
+PDEPEND="templates? ( app-emulation/lxc-templates )
+	python? ( dev-python/python3-lxc )"
+
+CONFIG_CHECK="~CGROUPS ~CGROUP_DEVICE
+	~CPUSETS ~CGROUP_CPUACCT
+	~CGROUP_SCHED
+
+	~NAMESPACES
+	~IPC_NS ~USER_NS ~PID_NS
+
+	~CGROUP_FREEZER
+	~UTS_NS ~NET_NS
+	~VETH ~MACVLAN
+
+	~POSIX_MQUEUE
+	~!NETPRIO_CGROUP
+
+	~!GRKERNSEC_CHROOT_MOUNT
+	~!GRKERNSEC_CHROOT_DOUBLE
+	~!GRKERNSEC_CHROOT_PIVOT
+	~!GRKERNSEC_CHROOT_CHMOD
+	~!GRKERNSEC_CHROOT_CAPS
+	~!GRKERNSEC_PROC
+	~!GRKERNSEC_SYSFS_RESTRICT
+	~!GRKERNSEC_CHROOT_FINDTASK
+"
+
+ERROR_DEVPTS_MULTIPLE_INSTANCES="CONFIG_DEVPTS_MULTIPLE_INSTANCES:  needed for pts inside container"
+
+ERROR_CGROUP_FREEZER="CONFIG_CGROUP_FREEZER:  needed to freeze containers"
+
+ERROR_UTS_NS="CONFIG_UTS_NS:  needed to unshare hostnames and uname info"
+ERROR_NET_NS="CONFIG_NET_NS:  needed for unshared network"
+
+ERROR_VETH="CONFIG_VETH:  needed for internal (host-to-container) networking"
+ERROR_MACVLAN="CONFIG_MACVLAN:  needed for internal (inter-container) networking"
+
+ERROR_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE:  needed for lxc-execute command"
+
+ERROR_NETPRIO_CGROUP="CONFIG_NETPRIO_CGROUP:  as of kernel 3.3 and lxc 0.8.0_rc1 this causes LXCs to fail booting."
+
+ERROR_GRKERNSEC_CHROOT_MOUNT="CONFIG_GRKERNSEC_CHROOT_MOUNT:  some GRSEC features make LXC unusable see postinst notes"
+ERROR_GRKERNSEC_CHROOT_DOUBLE="CONFIG_GRKERNSEC_CHROOT_DOUBLE:  some GRSEC features make LXC unusable see postinst notes"
+ERROR_GRKERNSEC_CHROOT_PIVOT="CONFIG_GRKERNSEC_CHROOT_PIVOT:  some GRSEC features make LXC unusable see postinst notes"
+ERROR_GRKERNSEC_CHROOT_CHMOD="CONFIG_GRKERNSEC_CHROOT_CHMOD:  some GRSEC features make LXC unusable see postinst notes"
+ERROR_GRKERNSEC_CHROOT_CAPS="CONFIG_GRKERNSEC_CHROOT_CAPS:  some GRSEC features make LXC unusable see postinst notes"
+ERROR_GRKERNSEC_PROC="CONFIG_GRKERNSEC_PROC:  this GRSEC feature is incompatible with unprivileged containers"
+ERROR_GRKERNSEC_SYSFS_RESTRICT="CONFIG_GRKERNSEC_SYSFS_RESTRICT:  this GRSEC feature is incompatible with unprivileged containers"
+
+DOCS=(AUTHORS CONTRIBUTING MAINTAINERS NEWS README doc/FAQ.txt)
+
+pkg_setup() {
+	kernel_is -lt 4 7 && CONFIG_CHECK="${CONFIG_CHECK} ~DEVPTS_MULTIPLE_INSTANCES"
+	linux-info_pkg_setup
+}
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-3.0.0-bash-completion.patch
+	"${FILESDIR}"/${PN}-2.0.5-omit-sysconfig.patch # bug 558854
+)
+
+src_configure() {
+	append-flags -fno-strict-aliasing
+
+	# --enable-doc is for manpages which is why we don't link it to a "doc"
+	# USE flag. We always want man pages.
+	local myeconfargs=(
+		--localstatedir=/var
+		--bindir=/usr/bin
+		--sbindir=/usr/bin
+		--with-config-path=/var/lib/lxc
+		--with-rootfs-path=/var/lib/lxc/rootfs
+		--with-distro=gentoo
+		--with-runtime-path=/run
+		--disable-apparmor
+		--disable-werror
+		--enable-doc
+		$(use_enable apparmor)
+		$(use_enable examples)
+		$(use_enable pam)
+		$(use_with pam pamdir $(getpam_mod_dir))
+		$(use_enable seccomp)
+		$(use_enable selinux)
+	)
+	econf "${myeconfargs[@]}"
+}
+
+src_install() {
+	default
+
+	mv "${ED}"/usr/share/bash-completion/completions/${PN} "${ED}"/$(get_bashcompdir)/${PN}-start || die
+	bashcomp_alias ${PN}-start \
+		${PN}-{attach,cgroup,copy,console,create,destroy,device,execute,freeze,info,monitor,snapshot,stop,unfreeze,wait}
+
+	keepdir /etc/lxc /var/lib/lxc/rootfs /var/log/lxc
+	rmdir "${D}"/var/cache/lxc "${D}"/var/cache || die "rmdir failed"
+
+	find "${D}" -name '*.la' -delete
+
+	# Gentoo-specific additions!
+	newinitd "${FILESDIR}/${PN}.initd.7" ${PN}
+
+	# Remember to compare our systemd unit file with the upstream one
+	# config/init/systemd/lxc.service.in
+	systemd_newunit "${FILESDIR}"/${PN}_at.service.4 "lxc@.service"
+
+	DOC_CONTENTS="
+	For openrc, there is an init script provided with the package.
+	You _should_ only need to symlink /etc/init.d/lxc to
+	/etc/init.d/lxc.configname to start the container defined in
+	/etc/lxc/configname.conf.
+
+	Correspondingly, for systemd a service file lxc@.service is installed.
+	Enable and start lxc@configname in order to start the container defined
+	in /etc/lxc/configname.conf.
+
+	If you want checkpoint/restore functionality, please install criu
+	(sys-process/criu)."
+	DISABLE_AUTOFORMATTING=true
+	readme.gentoo_create_doc
+}
+
+pkg_postinst() {
+	readme.gentoo_print_elog
+}

diff --git a/app-emulation/lxc/metadata.xml b/app-emulation/lxc/metadata.xml
index 8ec672d923c..7381f9b1768 100644
--- a/app-emulation/lxc/metadata.xml
+++ b/app-emulation/lxc/metadata.xml
@@ -9,6 +9,7 @@
     <name>Gentoo Virtualization Project</name>
   </maintainer>
   <use>
+    <flag name="apparmor">Enable AppArmor support</flag>
     <flag name="cgmanager">Enable support for cgroup management using <pkg>app-admin/cgmanager</pkg></flag>
     <flag name="templates">Install old style templates through <pkg>app-emulation/lxc-templates</pkg></flag>
   </use>