From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1414501-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 66FE0158093
	for <garchives@archives.gentoo.org>; Sat,  2 Jul 2022 20:24:51 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 7BF95E0BD3;
	Sat,  2 Jul 2022 20:24:50 +0000 (UTC)
Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 4CBEFE0BD3
	for <gentoo-commits@lists.gentoo.org>; Sat,  2 Jul 2022 20:24:50 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 07D30341C2E
	for <gentoo-commits@lists.gentoo.org>; Sat,  2 Jul 2022 20:24:49 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id 42E1F4FB
	for <gentoo-commits@lists.gentoo.org>; Sat,  2 Jul 2022 20:24:47 +0000 (UTC)
From: "Piotr Karbowski" <slashbeast@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Piotr Karbowski" <slashbeast@gentoo.org>
Message-ID: <1656793485.d7035f4e5e6e57a83296e714e2e17771d0e8a886.slashbeast@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: sys-apps/bubblewrap/
X-VCS-Repository: repo/gentoo
X-VCS-Files: sys-apps/bubblewrap/bubblewrap-0.6.2-r1.ebuild
X-VCS-Directories: sys-apps/bubblewrap/
X-VCS-Committer: slashbeast
X-VCS-Committer-Name: Piotr Karbowski
X-VCS-Revision: d7035f4e5e6e57a83296e714e2e17771d0e8a886
X-VCS-Branch: master
Date: Sat,  2 Jul 2022 20:24:47 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: d3f9ae0c-4970-42da-a3e6-97250085d451
X-Archives-Hash: d21a6ef5c10058a475178bdfb7109849

commit:     d7035f4e5e6e57a83296e714e2e17771d0e8a886
Author:     Piotr Karbowski <slashbeast <AT> gentoo <DOT> org>
AuthorDate: Sat Jul  2 20:23:58 2022 +0000
Commit:     Piotr Karbowski <slashbeast <AT> gentoo <DOT> org>
CommitDate: Sat Jul  2 20:24:45 2022 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d7035f4e

sys-apps/bubblewrap: 0.8.2-r1: default to no suid.

Closes: https://github.com/gentoo/gentoo/pull/26063
Signed-off-by: Piotr Karbowski <slashbeast <AT> gentoo.org>

 sys-apps/bubblewrap/bubblewrap-0.6.2-r1.ebuild | 58 ++++++++++++++++++++++++++
 1 file changed, 58 insertions(+)

diff --git a/sys-apps/bubblewrap/bubblewrap-0.6.2-r1.ebuild b/sys-apps/bubblewrap/bubblewrap-0.6.2-r1.ebuild
new file mode 100644
index 000000000000..fa95d51552b8
--- /dev/null
+++ b/sys-apps/bubblewrap/bubblewrap-0.6.2-r1.ebuild
@@ -0,0 +1,58 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit linux-info meson
+
+DESCRIPTION="Unprivileged sandboxing tool, namespaces-powered chroot-like solution"
+HOMEPAGE="https://github.com/containers/bubblewrap/"
+SRC_URI="https://github.com/containers/${PN}/releases/download/v${PV}/${P}.tar.xz"
+
+LICENSE="LGPL-2+"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc ~ppc64 ~riscv ~x86"
+IUSE="selinux suid"
+
+RDEPEND="
+	sys-libs/libseccomp
+	sys-libs/libcap
+	selinux? ( >=sys-libs/libselinux-2.1.9 )
+"
+DEPEND="${RDEPEND}"
+BDEPEND="
+	app-text/docbook-xml-dtd:4.3
+	app-text/docbook-xsl-stylesheets
+	dev-libs/libxslt
+	virtual/pkgconfig
+"
+
+# tests require root privileges
+RESTRICT="test"
+
+pkg_setup() {
+	if [[ ${MERGE_TYPE} != buildonly ]]; then
+		CONFIG_CHECK="~UTS_NS ~IPC_NS ~USER_NS ~PID_NS ~NET_NS"
+		linux-info_pkg_setup
+	fi
+}
+
+src_configure() {
+	local emesonargs=(
+		-Dbash_completion=enabled
+		-Dman=enabled
+		-Dtests=false
+		-Dzsh_completion=enabled
+		$(meson_feature selinux)
+	)
+
+	meson_src_configure
+}
+
+src_install() {
+	meson_src_install
+
+	if use suid; then
+		chmod u+s "${ED}"/usr/bin/bwrap
+	fi
+}