From c6926871a2be0639eb8c043a15b2d365ece1a332 Mon Sep 17 00:00:00 2001 From: Jendrik Weise Date: Mon, 29 Apr 2024 14:20:22 +0200 Subject: [PATCH] sysext: Add podman sysext Enabled user session dbus in base image to support podman rootless mode. Extension images can now be created from multiple packages by seperating them with a comma. The podman sysext includes app-containers/podman and net-misc/passt. It can be enabled by adding podman to /etc/flatcar/enabled-sysext.conf. Potential TODO: gpgme had to be added as BDEPEND to podman ebuild. --- .../workflows/portage-stable-packages-list | 2 + build_library/extra_sysexts.sh | 1 + build_library/prod_image_util.sh | 5 +- build_library/sysext_mangle_flatcar-podman | 20 ++ build_packages | 6 + changelog/changes/2024-05-03-podman.md | 1 + .../board-packages-0.0.1.ebuild | 2 + .../sys-apps/dbus/dbus-1.14.4-r2.ebuild | 4 +- .../app-containers/aardvark-dns/Manifest | 2 + .../aardvark-dns/aardvark-dns-1.10.0.ebuild | 47 ++++ .../app-containers/aardvark-dns/metadata.xml | 25 ++ .../app-containers/catatonit/Manifest | 1 + .../catatonit/catatonit-0.2.0.ebuild | 31 +++ .../app-containers/catatonit/metadata.xml | 20 ++ .../app-containers/conmon/Manifest | 1 + .../conmon/conmon-2.1.10.ebuild | 49 ++++ .../conmon/files/conmon-2.1.8-Makefile.patch | 60 +++++ .../app-containers/conmon/metadata.xml | 21 ++ .../app-containers/containers-common/Manifest | 1 + .../containers-common-0.58.0-r1.ebuild | 75 ++++++ .../containers-common-0.58.0.ebuild | 60 +++++ .../containers-common/files/default.yaml | 28 +++ .../files/examplify-mounts-conf.patch | 7 + .../containers-common/files/policy.json | 14 ++ .../containers-common/metadata.xml | 21 ++ .../app-containers/containers-image/Manifest | 1 + .../containers-image-5.30.0.ebuild | 37 +++ .../containers-image/files/fix-warnings.patch | 14 ++ .../moving-policy-json-default-yaml.patch | 100 ++++++++ .../prevent-downloading-mods-5.29.2.patch | 10 + .../containers-image/metadata.xml | 21 ++ .../containers-shortnames/Manifest | 1 + .../containers-shortnames-2023.02.20.ebuild | 36 +++ .../containers-shortnames/metadata.xml | 21 ++ .../containers-storage/Manifest | 1 + .../containers-storage-1.53.0.ebuild | 32 +++ .../files/system-md2man-path.patch | 7 + .../containers-storage/metadata.xml | 21 ++ .../app-containers/crun/Manifest | 1 + .../app-containers/crun/crun-1.14.3.ebuild | 65 +++++ .../crun/files/crun-1.11.2-caps.patch | 32 +++ .../app-containers/crun/metadata.xml | 31 +++ .../app-containers/netavark/Manifest | 2 + .../app-containers/netavark/metadata.xml | 26 ++ .../netavark/netavark-1.10.3.ebuild | 59 +++++ .../app-containers/podman/Manifest | 1 + .../podman/files/podman-5.0.0_rc4.confd | 11 + .../podman/files/podman-5.0.0_rc4.initd | 21 ++ .../files/podman-auto-update-5.0.0.cron | 5 + .../podman-clean-transient-5.0.0_rc6.confd | 8 + .../podman-clean-transient-5.0.0_rc6.initd | 17 ++ .../files/podman-restart-5.0.0_rc4.confd | 9 + .../files/podman-restart-5.0.0_rc4.initd | 22 ++ .../podman/files/podman.logrotated | 7 + .../podman/files/seccomp-toggle-4.7.0.patch | 15 ++ .../app-containers/podman/metadata.xml | 51 ++++ .../app-containers/podman/podman-5.0.2.ebuild | 129 ++++++++++ .../portage-stable/app-crypt/gpgme/Manifest | 2 + ...tests-start-stop-agent-use-command-v.patch | 27 +++ .../gpgme-1.23.1-tests-gnupg-no-tofu.patch | 26 ++ .../app-crypt/gpgme/gpgme-1.23.2.ebuild | 227 ++++++++++++++++++ .../app-crypt/gpgme/metadata.xml | 11 + .../portage-stable/dev-go/go-md2man/Manifest | 2 +- ...an-2.0.2.ebuild => go-md2man-2.0.3.ebuild} | 2 +- .../portage-stable/dev-libs/yajl/Manifest | 2 + .../yajl/files/yajl-2.1.0-memory-leak.patch | 23 ++ .../yajl/files/yajl-2.1.0-pkg-config.patch | 50 ++++ .../yajl/files/yajl-2.1.0-uclibc.patch | 14 ++ .../portage-stable/dev-libs/yajl/metadata.xml | 11 + .../dev-libs/yajl/yajl-2.1.0-r5.ebuild | 36 +++ .../portage-stable/net-misc/passt/Manifest | 1 + .../passt/files/Makefile-2024.03.20.patch | 13 + .../net-misc/passt/metadata.xml | 27 +++ .../net-misc/passt/passt-2024.03.26.ebuild | 40 +++ .../sys-fs/fuse-overlayfs/Manifest | 1 + .../fuse-overlayfs/fuse-overlayfs-1.13.ebuild | 27 +++ .../sys-fs/fuse-overlayfs/metadata.xml | 19 ++ 77 files changed, 1872 insertions(+), 7 deletions(-) create mode 100755 build_library/sysext_mangle_flatcar-podman create mode 100644 changelog/changes/2024-05-03-podman.md create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/aardvark-dns/Manifest create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/aardvark-dns/aardvark-dns-1.10.0.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/aardvark-dns/metadata.xml create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/catatonit/Manifest create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/catatonit/catatonit-0.2.0.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/catatonit/metadata.xml create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/conmon/Manifest create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/conmon/conmon-2.1.10.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/conmon/files/conmon-2.1.8-Makefile.patch create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/conmon/metadata.xml create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/containers-common/Manifest create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/containers-common/containers-common-0.58.0-r1.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/containers-common/containers-common-0.58.0.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/containers-common/files/default.yaml create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/containers-common/files/examplify-mounts-conf.patch create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/containers-common/files/policy.json create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/containers-common/metadata.xml create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/containers-image/Manifest create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/containers-image/containers-image-5.30.0.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/containers-image/files/fix-warnings.patch create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/containers-image/files/moving-policy-json-default-yaml.patch create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/containers-image/files/prevent-downloading-mods-5.29.2.patch create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/containers-image/metadata.xml create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/containers-shortnames/Manifest create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/containers-shortnames/containers-shortnames-2023.02.20.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/containers-shortnames/metadata.xml create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/containers-storage/Manifest create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/containers-storage/containers-storage-1.53.0.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/containers-storage/files/system-md2man-path.patch create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/containers-storage/metadata.xml create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/crun/Manifest create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/crun/crun-1.14.3.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/crun/files/crun-1.11.2-caps.patch create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/crun/metadata.xml create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/netavark/Manifest create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/netavark/metadata.xml create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/netavark/netavark-1.10.3.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/podman/Manifest create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-5.0.0_rc4.confd create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-5.0.0_rc4.initd create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-auto-update-5.0.0.cron create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.confd create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.initd create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-restart-5.0.0_rc4.confd create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-restart-5.0.0_rc4.initd create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman.logrotated create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/podman/files/seccomp-toggle-4.7.0.patch create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/podman/metadata.xml create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/podman/podman-5.0.2.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/app-crypt/gpgme/Manifest create mode 100644 sdk_container/src/third_party/portage-stable/app-crypt/gpgme/files/gpgme-1.18.0-tests-start-stop-agent-use-command-v.patch create mode 100644 sdk_container/src/third_party/portage-stable/app-crypt/gpgme/files/gpgme-1.23.1-tests-gnupg-no-tofu.patch create mode 100644 sdk_container/src/third_party/portage-stable/app-crypt/gpgme/gpgme-1.23.2.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/app-crypt/gpgme/metadata.xml rename sdk_container/src/third_party/portage-stable/dev-go/go-md2man/{go-md2man-2.0.2.ebuild => go-md2man-2.0.3.ebuild} (95%) create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/yajl/Manifest create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/yajl/files/yajl-2.1.0-memory-leak.patch create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/yajl/files/yajl-2.1.0-pkg-config.patch create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/yajl/files/yajl-2.1.0-uclibc.patch create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/yajl/metadata.xml create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/yajl/yajl-2.1.0-r5.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/net-misc/passt/Manifest create mode 100644 sdk_container/src/third_party/portage-stable/net-misc/passt/files/Makefile-2024.03.20.patch create mode 100644 sdk_container/src/third_party/portage-stable/net-misc/passt/metadata.xml create mode 100644 sdk_container/src/third_party/portage-stable/net-misc/passt/passt-2024.03.26.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/sys-fs/fuse-overlayfs/Manifest create mode 100644 sdk_container/src/third_party/portage-stable/sys-fs/fuse-overlayfs/fuse-overlayfs-1.13.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/sys-fs/fuse-overlayfs/metadata.xml diff --git a/.github/workflows/portage-stable-packages-list b/.github/workflows/portage-stable-packages-list index 0b39efdb828..845cc86fd38 100644 --- a/.github/workflows/portage-stable-packages-list +++ b/.github/workflows/portage-stable-packages-list @@ -553,6 +553,8 @@ sys-fs/udisks sys-fs/xfsprogs sys-fs/zfs sys-fs/zfs-kmod +app-containers/podman +net-misc/passt sys-kernel/linux-headers diff --git a/build_library/extra_sysexts.sh b/build_library/extra_sysexts.sh index d2ace255366..5e0f8be448f 100644 --- a/build_library/extra_sysexts.sh +++ b/build_library/extra_sysexts.sh @@ -1,3 +1,4 @@ EXTRA_SYSEXTS=( zfs:sys-fs/zfs + podman:app-containers/podman,net-misc/passt ) diff --git a/build_library/prod_image_util.sh b/build_library/prod_image_util.sh index 34a42810894..49bc6b0c914 100755 --- a/build_library/prod_image_util.sh +++ b/build_library/prod_image_util.sh @@ -255,7 +255,8 @@ create_prod_sysexts() { local to_upload=() for sysext in "${EXTRA_SYSEXTS[@]}"; do local name="flatcar-${sysext%:*}" - local pkg="${sysext#*:}" + local pkgs="${sysext#*:}" + local pkg_array=(${pkgs//,/ }) local mangle_script="${BUILD_LIBRARY_DIR}/sysext_mangle_${name}" if [[ ! -x "${mangle_script}" ]]; then mangle_script= @@ -267,7 +268,7 @@ create_prod_sysexts() { --squashfs_base="${BUILD_DIR}/${image_sysext_base}" \ --image_builddir="${BUILD_DIR}" \ ${mangle_script:+--manglefs_script=${mangle_script}} \ - "${name}" "${pkg}" + "${name}" "${pkg_array[@]}" delta_generator \ -private_key "/usr/share/update_engine/update-payload-key.key.pem" \ -new_image "${BUILD_DIR}/${name}.raw" \ diff --git a/build_library/sysext_mangle_flatcar-podman b/build_library/sysext_mangle_flatcar-podman new file mode 100755 index 00000000000..5a5d24c4812 --- /dev/null +++ b/build_library/sysext_mangle_flatcar-podman @@ -0,0 +1,20 @@ +#!/bin/bash + +set -euo pipefail +rootfs="${1}" + +pushd "${rootfs}" + +rm -rf ./usr/{lib/debug/,lib64/cmake/,lib64/pkgconfig,include/,share/fish,share/aclocal,share/SLSA} + +mkdir -p ./usr/share/podman/etc +cp -a ./etc/{fuse.conf,containers} ./usr/share/podman/etc/ + +cat <>./usr/lib/tmpfiles.d/podman.conf +C /etc/containers - - - - /usr/share/podman/etc/containers +C /etc/fuse.conf - - - - /usr/share/podman/etc/fuse.conf +w /etc/subuid - - - - core:1065536:65536 +w /etc/subgid - - - - core:1065536:65536 +EOF + +popd diff --git a/build_packages b/build_packages index e23c2c0ff37..a5d6d52f10c 100755 --- a/build_packages +++ b/build_packages @@ -38,6 +38,8 @@ DEFINE_boolean skip_chroot_upgrade "${FLAGS_FALSE}" \ "Don't run the chroot upgrade automatically; use with care." DEFINE_boolean only_resolve_circular_deps "${FLAGS_FALSE}" \ "Don't build all packages; only resolve circular dependencies, then stop." +DEFINE_boolean debug_emerge "${FLAGS_FALSE}" \ + "Enable debug output for emerge." # include upload options . "${BUILD_LIBRARY_DIR}/release_util.sh" || exit 1 @@ -163,6 +165,10 @@ if [[ "${FLAGS_rebuild}" -eq "${FLAGS_TRUE}" ]]; then EMERGE_FLAGS+=( --rebuild-if-unbuilt ) fi +if [[ "${FLAGS_debug_emerge}" -eq "${FLAGS_TRUE}" ]]; then + EMERGE_FLAGS+=( --debug ) +fi + # Build cros_workon packages when they are changed. CROS_WORKON_PKGS=() if [ "${FLAGS_workon}" -eq "${FLAGS_TRUE}" ]; then diff --git a/changelog/changes/2024-05-03-podman.md b/changelog/changes/2024-05-03-podman.md new file mode 100644 index 00000000000..be176d65d50 --- /dev/null +++ b/changelog/changes/2024-05-03-podman.md @@ -0,0 +1 @@ +- Provided a Podman Flatcar extension as optional systemd-sysext image with the release. Write 'podman' to `/etc/flatcar/enabled-sysext.conf` through Ignition and the sysext will be installed during provisioning ([scripts#1964](https://github.com/flatcar/scripts/pull/1964)) \ No newline at end of file diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-devel/board-packages/board-packages-0.0.1.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-devel/board-packages/board-packages-0.0.1.ebuild index 5e24ad96daf..9c09ff12f9b 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos-devel/board-packages/board-packages-0.0.1.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/coreos-devel/board-packages/board-packages-0.0.1.ebuild @@ -36,4 +36,6 @@ RDEPEND=" coreos-base/flatcar-eks net-misc/chrony sys-fs/zfs + app-containers/podman + net-misc/passt " diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/dbus-1.14.4-r2.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/dbus-1.14.4-r2.ebuild index 6be19d79136..d901a80896c 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/dbus-1.14.4-r2.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/dbus/dbus-1.14.4-r2.ebuild @@ -137,9 +137,7 @@ multilib_src_configure() { --disable-kqueue $(use_enable elogind) $(use_enable systemd) - # Flatcar: disable user sessions - # $(use_enable systemd user-session) - --disable-user-session + $(use_enable systemd user-session) --disable-embedded-tests --disable-modular-tests $(use_enable debug stats) diff --git a/sdk_container/src/third_party/portage-stable/app-containers/aardvark-dns/Manifest b/sdk_container/src/third_party/portage-stable/app-containers/aardvark-dns/Manifest new file mode 100644 index 00000000000..68a2265a90c --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/aardvark-dns/Manifest @@ -0,0 +1,2 @@ +DIST aardvark-dns-v1.10.0-vendor.tar.gz 6283889 BLAKE2B cb69144eabf876e418667782171273541bbc416b456193780b4d7f1d22ad03e18f06ec0d6b1e51e21eab912317bd61dd73266d717fa97a81b4314a3c7d14776a SHA512 68d0106b71f42ba789810020d62911d880debf90a35a086aabfd614403985025dc0c5934087a98943b53f6dfd8ede4add99465cec1ae9a098ff1de1082e1ef9c +DIST aardvark-dns-1.10.0.crate 51028 BLAKE2B 81cdc4eb7eaff7359a1a12657b2bc42603383cf0f80a3a599ce9ce277e15ad83e9d5b36c3de3bef15b3201a1e60d86286ad61469d1d58ba2252b4c0174506ea2 SHA512 3d67f1b3c66aeaf4878c09e5e8fc34717cea6c348e0295bc0521c0c4144433656a3306731c24bb362a0e340e652b036b7544e544cca99b61590547bd7a6ce629 diff --git a/sdk_container/src/third_party/portage-stable/app-containers/aardvark-dns/aardvark-dns-1.10.0.ebuild b/sdk_container/src/third_party/portage-stable/app-containers/aardvark-dns/aardvark-dns-1.10.0.ebuild new file mode 100644 index 00000000000..e4edd4d987c --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/aardvark-dns/aardvark-dns-1.10.0.ebuild @@ -0,0 +1,47 @@ +# Copyright 2023-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +[[ ${PV} == 9999* ]] || CRATES="${PN}@${PV}" +inherit cargo + +DESCRIPTION="A container-focused DNS server" +HOMEPAGE="https://github.com/containers/aardvark-dns" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/aardvark-dns.git" +else + SRC_URI="${CARGO_CRATE_URIS}" + SRC_URI+="https://github.com/containers/aardvark-dns/releases/download/v${PV}/${PN}-v${PV}-vendor.tar.gz" + KEYWORDS="amd64 arm64 ~ppc64 ~riscv" +fi + +# main +LICENSE="Apache-2.0" +# deps +LICENSE+=" 0BSD Apache-2.0-with-LLVM-exceptions MIT Unlicense Unicode-DFS-2016 ZLIB" +SLOT="0" +QA_FLAGS_IGNORED="usr/libexec/podman/${PN}" +QA_PRESTRIPPED="usr/libexec/podman/${PN}" +ECARGO_VENDOR="${WORKDIR}/vendor" + +src_unpack() { + if [[ ${PV} == 9999* ]]; then + git-r3_src_unpack + cargo_live_src_unpack + else + cargo_src_unpack + fi +} + +src_prepare() { + default + sed -i -e "s|m0755 bin|m0755 target/$(usex debug debug release)|g;" Makefile || die +} + +src_install() { + export PREFIX="${EPREFIX}"/usr + default +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/aardvark-dns/metadata.xml b/sdk_container/src/third_party/portage-stable/app-containers/aardvark-dns/metadata.xml new file mode 100644 index 00000000000..5a843697929 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/aardvark-dns/metadata.xml @@ -0,0 +1,25 @@ + + + + + zmedico@gentoo.org + Zac Medico + + + me@rahil.rocks + Rahil Bhimjiani + + + proxy-maint@gentoo.org + Proxy Maintainers + + + Aardvark-dns is an authoritative dns server for A/AAAA container + records. It can forward other requests to configured resolvers. + + + containers/aardvark-dns + https://github.com/containers/aardvark-dns/issues + https://github.com/containers/aardvark-dns/blob/main/README.md + + diff --git a/sdk_container/src/third_party/portage-stable/app-containers/catatonit/Manifest b/sdk_container/src/third_party/portage-stable/app-containers/catatonit/Manifest new file mode 100644 index 00000000000..2d8bb7fdb1a --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/catatonit/Manifest @@ -0,0 +1 @@ +DIST catatonit-0.2.0.tar.gz 16608 BLAKE2B 27b6ed1148aaef963140c42e2cb6a7a8c9c25f01eef62cf519c3b1c230c8f30838f5b9cb54bf0b37b1194084f3f0c750e20316738a330d6a01c830b71b45623c SHA512 115e72002e35bb2a03919f9422a9cb2d9a0e4f087862d4ffd20e9508af6d67efc359a577ec059574f2f6c98966a1f080b65dffc8dfb83b3c2ed48e63e2aeac3b diff --git a/sdk_container/src/third_party/portage-stable/app-containers/catatonit/catatonit-0.2.0.ebuild b/sdk_container/src/third_party/portage-stable/app-containers/catatonit/catatonit-0.2.0.ebuild new file mode 100644 index 00000000000..d456e883998 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/catatonit/catatonit-0.2.0.ebuild @@ -0,0 +1,31 @@ +# Copyright 2022-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit autotools + +DESCRIPTION="A container init that is so simple it's effectively brain-dead" +HOMEPAGE="https://github.com/openSUSE/catatonit" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/openSUSE/catatonit.git" +else + SRC_URI="https://github.com/openSUSE/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="amd64 arm64 ~ppc64 ~riscv" +fi + +LICENSE="GPL-2+" +SLOT="0" + +src_prepare() { + default + eautoreconf +} + +src_install() { + default + dodir /usr/libexec/podman + dosym -r /usr/bin/"${PN}" /usr/libexec/podman/"${PN}" +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/catatonit/metadata.xml b/sdk_container/src/third_party/portage-stable/app-containers/catatonit/metadata.xml new file mode 100644 index 00000000000..45e2d07428b --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/catatonit/metadata.xml @@ -0,0 +1,20 @@ + + + + + zmedico@gentoo.org + + + me@rahil.rocks + Rahil Bhimjiani + + + proxy-maint@gentoo.org + Proxy Maintainers + + + openSUSE/catatonit + https://github.com/openSUSE/catatonit/issues + https://github.com/openSUSE/catatonit/blob/main/README.md + + diff --git a/sdk_container/src/third_party/portage-stable/app-containers/conmon/Manifest b/sdk_container/src/third_party/portage-stable/app-containers/conmon/Manifest new file mode 100644 index 00000000000..93eb5c5fb9a --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/conmon/Manifest @@ -0,0 +1 @@ +DIST conmon-2.1.10.tar.gz 121047 BLAKE2B 14b4c2d541607eac0af6b335f35bd506c9a6c3d2b4e4e3ad79f32550385e90b6f7533f505565f90fb4bb1f42d528c41e9ddc7ec275c16ee982a6d0afe1c65bff SHA512 ecf1a961f431b005b54faa68b5c1bcf31d448f994ca66a56f13002216074dba79b53b52a377d4f8dab08141d6c6cf44467352fbff37175135d3da84081b27a18 diff --git a/sdk_container/src/third_party/portage-stable/app-containers/conmon/conmon-2.1.10.ebuild b/sdk_container/src/third_party/portage-stable/app-containers/conmon/conmon-2.1.10.ebuild new file mode 100644 index 00000000000..3f6d359193d --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/conmon/conmon-2.1.10.ebuild @@ -0,0 +1,49 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit toolchain-funcs + +DESCRIPTION="An OCI container runtime monitor" +HOMEPAGE="https://github.com/containers/conmon" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/conmon.git" +else + SRC_URI="https://github.com/containers/conmon/archive/v${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="amd64 arm64 ~ppc64 ~riscv" +fi + +LICENSE="Apache-2.0" +SLOT="0" +IUSE="+seccomp systemd" +RESTRICT="test" + +RDEPEND="dev-libs/glib:= + seccomp? ( sys-libs/libseccomp ) + systemd? ( sys-apps/systemd:= )" +DEPEND="${RDEPEND}" +BDEPEND="dev-go/go-md2man" +PATCHES=( + "${FILESDIR}/conmon-2.1.8-Makefile.patch" +) + +src_prepare() { + default + sed -i -e "s|shell.*--exists libsystemd.* && echo \"0\"|shell echo $(usex systemd 0 1)|g;" Makefile || die + echo -e "#!/usr/bin/env bash\necho $(usex seccomp 0 1)" > hack/seccomp-notify.sh || die +} + +src_compile() { + tc-export CC PKG_CONFIG + export PREFIX="${EPREFIX}/usr" GOMD2MAN=go-md2man + default +} + +src_install() { + default + dodir /usr/libexec/podman + dosym ../../bin/"${PN}" /usr/libexec/podman/"${PN}" +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/conmon/files/conmon-2.1.8-Makefile.patch b/sdk_container/src/third_party/portage-stable/app-containers/conmon/files/conmon-2.1.8-Makefile.patch new file mode 100644 index 00000000000..8730f4cde59 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/conmon/files/conmon-2.1.8-Makefile.patch @@ -0,0 +1,60 @@ +# https://github.com/containers/conmon/pull/482 +# https://github.com/containers/conmon/pull/456 +From 26f8263a2e5c7bff1e2d5985a8a3d5f07ab3b0b0 Mon Sep 17 00:00:00 2001 +From: Rahil Bhimjiani +Date: Tue, 26 Sep 2023 03:21:49 +0530 +Subject: [PATCH] Remove checks for (long)deprecated libsystemd-journal in + favor of libsystemd + +https://bugzilla.redhat.com/show_bug.cgi?id=1350301#c2 + +Signed-off-by: Rahil Bhimjiani +--- + Makefile | 5 +---- + meson.build | 5 +---- + 2 files changed, 2 insertions(+), 8 deletions(-) + +diff --git a/Makefile b/Makefile +index 5e6c0d39..40df8e3d 100644 +--- a/Makefile ++++ b/Makefile +@@ -38,10 +38,7 @@ override CFLAGS += $(shell $(PKG_CONFIG) --cflags glib-2.0) -DVERSION=\"$(VERSIO + # "pkg-config --exists" will error if the package doesn't exist. Make can only compare + # output of commands, so the echo commands are to allow pkg-config to error out, make to catch it, + # and allow the compilation to complete. +-ifeq ($(shell $(PKG_CONFIG) --exists libsystemd-journal && echo "0"), 0) +- override LIBS += $(shell $(PKG_CONFIG) --libs libsystemd-journal) +- override CFLAGS += $(shell $(PKG_CONFIG) --cflags libsystemd-journal) -D USE_JOURNALD=1 +-else ifeq ($(shell $(PKG_CONFIG) --exists libsystemd && echo "0"), 0) ++ifeq ($(shell $(PKG_CONFIG) --exists libsystemd && echo "0"), 0) + override LIBS += $(shell $(PKG_CONFIG) --libs libsystemd) + override CFLAGS += $(shell $(PKG_CONFIG) --cflags libsystemd) -D USE_JOURNALD=1 + endif +diff --git a/meson.build b/meson.build +index 336e48f3..b454e349 100644 +--- a/meson.build ++++ b/meson.build +@@ -47,10 +47,7 @@ else + libdl = cc.find_library('dl') + endif + +-sd_journal = dependency('libsystemd-journal', required : false) +-if not sd_journal.found() +- sd_journal = dependency('libsystemd', required : false) +-endif ++sd_journal = dependency('libsystemd', required : false) + if sd_journal.found() + add_project_arguments('-DUSE_JOURNALD=1', language : 'c') + endif +diff --git a/docs/Makefile b/docs/Makefile +index af20d2b8..25987664 100644 +--- a/docs/Makefile ++++ b/docs/Makefile +@@ -1,6 +1,6 @@ + PREFIX ?= /usr/local + DATADIR := ${PREFIX}/share + MANDIR := $(DATADIR)/man +-GOMD2MAN = ../tools/build/go-md2man ++GOMD2MAN ?= ../tools/build/go-md2man + + docs: $(patsubst %.md,%,$(wildcard *.8.md)) diff --git a/sdk_container/src/third_party/portage-stable/app-containers/conmon/metadata.xml b/sdk_container/src/third_party/portage-stable/app-containers/conmon/metadata.xml new file mode 100644 index 00000000000..a50753a5eb2 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/conmon/metadata.xml @@ -0,0 +1,21 @@ + + + + + zmedico@gentoo.org + Zac Medico + + + me@rahil.rocks + Rahil Bhimjiani + + + proxy-maint@gentoo.org + Proxy Maintainers + + + containers/conmon + https://github.com/containers/conmon/issues + https://github.com/containers/conmon/blob/main/README.md + + diff --git a/sdk_container/src/third_party/portage-stable/app-containers/containers-common/Manifest b/sdk_container/src/third_party/portage-stable/app-containers/containers-common/Manifest new file mode 100644 index 00000000000..8eb921d5d66 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/containers-common/Manifest @@ -0,0 +1 @@ +DIST containers-common-0.58.0.tar.gz 13164567 BLAKE2B 17795eec2d38b4d8b9d6afeb20e249208c5ae2ac767a365ef7313d1e7c36eadb9a9eb284a657dfe3f4fcb0577448d4883fabbad76e0318425fdc03809e27cd7c SHA512 6f569d68d3b0e5ead304c7f23341808d66a47b6352c772d353d50c5f4777cd8a5a5b85d6faaf2887f828c17ec49b9c5f929177a67294b5bbb69baa80656982a8 diff --git a/sdk_container/src/third_party/portage-stable/app-containers/containers-common/containers-common-0.58.0-r1.ebuild b/sdk_container/src/third_party/portage-stable/app-containers/containers-common/containers-common-0.58.0-r1.ebuild new file mode 100644 index 00000000000..c5755460275 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/containers-common/containers-common-0.58.0-r1.ebuild @@ -0,0 +1,75 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit readme.gentoo-r1 + +DESCRIPTION="Common config files and docs for Containers stack" +HOMEPAGE="https://github.com/containers/common" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/common.git" +else + SRC_URI="https://github.com/containers/common/archive/v${PV}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P#containers-}" + KEYWORDS="amd64 arm64 ~riscv" +fi + +LICENSE="Apache-2.0" +SLOT="0" +RESTRICT="test" +RDEPEND=" + >=app-containers/aardvark-dns-1.10.0 + >=app-containers/crun-1.14.3 + >=app-containers/containers-image-5.30.0 + >=app-containers/containers-storage-1.53.0 + app-containers/containers-shortnames + >=app-containers/netavark-1.10.3 + net-firewall/nftables + net-firewall/iptables[nftables] + >=net-misc/passt-2024.03.20 + >=sys-fs/fuse-overlayfs-1.13 +" + +BDEPEND=" + >=dev-go/go-md2man-2.0.3 +" + +PATCHES=( + "${FILESDIR}/examplify-mounts-conf.patch" +) + +DOC_CONTENTS="\n +For rootless operations, one needs to configure subuid(5) and subgid(5)\n +See /etc/sub{uid,gid} to check whether rootless user is already configured\n +If not, quickly configure it with:\n +usermod --add-subuids 1065536-1131071 \n +usermod --add-subgids 1065536-1131071 \n +" + +src_prepare() { + default + + [[ -f docs/Makefile && -f Makefile ]] || die + sed -i -e 's|/usr/local|/usr|g;' docs/Makefile Makefile || die +} + +src_compile() { + emake docs +} + +src_install() { + emake DESTDIR="${ED}" install + readme.gentoo_create_doc + + insinto /usr/share/containers + doins pkg/seccomp/seccomp.json pkg/subscriptions/mounts.conf + + keepdir /etc/containers/certs.d /etc/containers/oci/hooks.d /etc/containers/systemd /var/lib/containers/sigstore +} + +pkg_postinst() { + readme.gentoo_print_elog +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/containers-common/containers-common-0.58.0.ebuild b/sdk_container/src/third_party/portage-stable/app-containers/containers-common/containers-common-0.58.0.ebuild new file mode 100644 index 00000000000..c4d53773f1d --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/containers-common/containers-common-0.58.0.ebuild @@ -0,0 +1,60 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="Common config files and docs for Containers stack" +HOMEPAGE="https://github.com/containers/common" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/common.git" +else + SRC_URI="https://github.com/containers/common/archive/v${PV}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P#containers-}" + KEYWORDS="~amd64 ~arm64 ~riscv" +fi + +LICENSE="Apache-2.0" +SLOT="0" +RESTRICT="test" +RDEPEND=" + app-containers/containers-image + app-containers/containers-storage + app-containers/containers-shortnames + net-firewall/nftables + net-firewall/iptables[nftables] + || ( app-containers/crun app-containers/runc ) + || ( + ( >=app-containers/netavark-1.6.0 >=app-containers/aardvark-dns-1.6.0 ) + >=app-containers/cni-plugins-0.9.1 + ) +" + +BDEPEND=" + >=dev-go/go-md2man-2.0.3 +" + +PATCHES=( + "${FILESDIR}/examplify-mounts-conf.patch" +) + +src_prepare() { + default + + [[ -f docs/Makefile && -f Makefile ]] || die + sed -i -e 's|/usr/local|/usr|g;' docs/Makefile Makefile || die +} + +src_compile() { + emake docs +} + +src_install() { + emake DESTDIR="${ED}" install + + insinto /usr/share/containers + doins pkg/seccomp/seccomp.json pkg/subscriptions/mounts.conf + + keepdir /etc/containers/certs.d /etc/containers/oci/hooks.d /etc/containers/systemd /var/lib/containers/sigstore +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/containers-common/files/default.yaml b/sdk_container/src/third_party/portage-stable/app-containers/containers-common/files/default.yaml new file mode 100644 index 00000000000..a7f3d282313 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/containers-common/files/default.yaml @@ -0,0 +1,28 @@ +# This is a default registries.d configuration file. You may +# add to this file or create additional files in registries.d/. +# +# lookaside: for reading/writing simple signing signatures +# lookaside-staging: for writing simple signing signatures, preferred over lookaside +# +# lookaside and lookaside-staging take a value of the following: +# lookaside: {schema}://location +# +# For reading signatures, schema may be http, https, or file. +# For writing signatures, schema may only be file. + +# The default locations are built-in, for both reading and writing: +# /var/lib/containers/sigstore for root, or +# ~/.local/share/containers/sigstore for non-root users. +default-docker: +# lookaside: https://… +# lookaside-staging: file:///… + +# The 'docker' indicator here is the start of the configuration +# for docker registries. +# +# docker: +# +# privateregistry.com: +# lookaside: https://privateregistry.com/sigstore/ +# lookaside-staging: /mnt/nfs/privateregistry/sigstore + diff --git a/sdk_container/src/third_party/portage-stable/app-containers/containers-common/files/examplify-mounts-conf.patch b/sdk_container/src/third_party/portage-stable/app-containers/containers-common/files/examplify-mounts-conf.patch new file mode 100644 index 00000000000..eeaca09d5f1 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/containers-common/files/examplify-mounts-conf.patch @@ -0,0 +1,7 @@ +--- a/pkg/subscriptions/mounts.conf ++++ a/pkg/subscriptions/mounts.conf +@@ -1 +1,3 @@ +-/usr/share/rhel/secrets:/run/secrets ++# Refer to containers-mounts.conf(5) ++# Example: ++# /usr/share/rhel/secrets:/run/secrets diff --git a/sdk_container/src/third_party/portage-stable/app-containers/containers-common/files/policy.json b/sdk_container/src/third_party/portage-stable/app-containers/containers-common/files/policy.json new file mode 100644 index 00000000000..dffc54a6264 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/containers-common/files/policy.json @@ -0,0 +1,14 @@ +{ + "default": [ + { + "type": "insecureAcceptAnything" + } + ], + "transports": + { + "docker-daemon": + { + "": [{"type":"insecureAcceptAnything"}] + } + } +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/containers-common/metadata.xml b/sdk_container/src/third_party/portage-stable/app-containers/containers-common/metadata.xml new file mode 100644 index 00000000000..21378d94d99 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/containers-common/metadata.xml @@ -0,0 +1,21 @@ + + + + + me@rahil.rocks + Rahil Bhimjiani + + + zmedico@gentoo.org + Zac Medico + + + proxy-maint@gentoo.org + Proxy Maintainers + + + containers/common + https://github.com/containers/common/issues + https://github.com/containers/common/blob/main/README.md + + diff --git a/sdk_container/src/third_party/portage-stable/app-containers/containers-image/Manifest b/sdk_container/src/third_party/portage-stable/app-containers/containers-image/Manifest new file mode 100644 index 00000000000..9bde6f4631e --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/containers-image/Manifest @@ -0,0 +1 @@ +DIST containers-image-5.30.0.tar.gz 719070 BLAKE2B 5952ab703b6df793f326dd4fc82f50c5f672e2b9d142e0bc706014092420e3563599d9f1c1f65f743e1a8144b91f92b2326d7bf4c3024b5efb466d777a8ad613 SHA512 89cd0d482bb5d70037ff51413b7abca01d36bc7f39e9dc130c78462e501dae32193137a367d81532afd216a7432e127728147e6e839d5d99eeb6b6680f31d4dc diff --git a/sdk_container/src/third_party/portage-stable/app-containers/containers-image/containers-image-5.30.0.ebuild b/sdk_container/src/third_party/portage-stable/app-containers/containers-image/containers-image-5.30.0.ebuild new file mode 100644 index 00000000000..9cc63590ece --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/containers-image/containers-image-5.30.0.ebuild @@ -0,0 +1,37 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="Default config and docs related to Containers' images" +HOMEPAGE="https://github.com/containers/image" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/image.git" +else + SRC_URI="https://github.com/containers/image/archive/v${PV}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P#containers-}" + KEYWORDS="amd64 arm64 ~riscv" +fi + +LICENSE="Apache-2.0" +SLOT="0" + +# https://github.com/gentoo/gentoo/pull/35012#discussion_r1473740969 +RESTRICT='test' +BDEPEND=">=dev-go/go-md2man-2.0.3" +PATCHES=( + "${FILESDIR}"/fix-warnings.patch +) + +src_compile() { + emake docs +} + +src_install() { + emake DESTDIR="${ED}" install + + insinto /etc/containers + doins registries.conf +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/containers-image/files/fix-warnings.patch b/sdk_container/src/third_party/portage-stable/app-containers/containers-image/files/fix-warnings.patch new file mode 100644 index 00000000000..c68cffa8584 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/containers-image/files/fix-warnings.patch @@ -0,0 +1,14 @@ +--- a/Makefile ++++ b/Makefile +@@ -5,7 +5,2 @@ + +-GOBIN := $(shell go env GOBIN) +-ifeq ($(GOBIN),) +-GOBIN := $(shell go env GOPATH)/bin +-endif +- + # when cross compiling _for_ a Darwin or windows host, then we must use openpgp +@@ -17,3 +12,2 @@ + +-PACKAGES := $(shell GO111MODULE=on go list $(BUILDFLAGS) ./...) + SOURCE_DIRS = $(shell echo $(PACKAGES) | awk 'BEGIN{FS="/"; RS=" "}{print $$4}' | uniq) diff --git a/sdk_container/src/third_party/portage-stable/app-containers/containers-image/files/moving-policy-json-default-yaml.patch b/sdk_container/src/third_party/portage-stable/app-containers/containers-image/files/moving-policy-json-default-yaml.patch new file mode 100644 index 00000000000..1713839371a --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/containers-image/files/moving-policy-json-default-yaml.patch @@ -0,0 +1,100 @@ +From 45441676e34e6410ae8af6dbb46b6161c5c81a7c Mon Sep 17 00:00:00 2001 +From: Rahil Bhimjiani +Date: Thu, 7 Dec 2023 14:12:26 +0530 +Subject: [PATCH] Moving policy.json and default.yaml from containers/skopeo + +It makes more sense to keep these 2 files along with their man +pages...in c/image +https://github.com/containers/common/pull/1757 + +Signed-off-by: Rahil Bhimjiani +--- + Makefile | 11 +++++++++++ + default-policy.json | 14 ++++++++++++++ + default.yaml | 27 +++++++++++++++++++++++++++ + 3 files changed, 52 insertions(+) + create mode 100644 default-policy.json + create mode 100644 default.yaml + +diff --git a/Makefile b/Makefile +index f329ef083..5e9799b19 100644 +--- a/Makefile ++++ b/Makefile +@@ -24,6 +24,13 @@ GOMD2MAN ?= $(shell command -v go-md2man || echo '$(GOBIN)/go-md2man') + MANPAGES_MD = $(wildcard docs/*.5.md) + MANPAGES ?= $(MANPAGES_MD:%.md=%) + ++ifeq ($(shell uname -s),FreeBSD) ++CONTAINERSCONFDIR ?= /usr/local/etc/containers ++else ++CONTAINERSCONFDIR ?= /etc/containers ++endif ++REGISTRIESDDIR ?= ${CONTAINERSCONFDIR}/registries.d ++ + # N/B: This value is managed by Renovate, manual changes are + # possible, as long as they don't disturb the formatting + # (i.e. DO NOT ADD A 'v' prefix!) +@@ -46,6 +53,10 @@ install-docs: docs + install -m 644 docs/*.5 ${MANINSTALLDIR}/man5/ + + install: install-docs ++ install -d -m 755 ${DESTDIR}${CONTAINERSCONFDIR} ++ install -m 644 default-policy.json ${DESTDIR}${CONTAINERSCONFDIR}/policy.json ++ install -d -m 755 ${DESTDIR}${REGISTRIESDDIR} ++ install -m 644 default.yaml ${DESTDIR}${REGISTRIESDDIR}/default.yaml + + cross: + GOOS=windows $(MAKE) build BUILDTAGS="$(BUILDTAGS) $(BUILD_TAGS_WINDOWS_CROSS)" +diff --git a/default-policy.json b/default-policy.json +new file mode 100644 +index 000000000..dffc54a62 +--- /dev/null ++++ b/default-policy.json +@@ -0,0 +1,14 @@ ++{ ++ "default": [ ++ { ++ "type": "insecureAcceptAnything" ++ } ++ ], ++ "transports": ++ { ++ "docker-daemon": ++ { ++ "": [{"type":"insecureAcceptAnything"}] ++ } ++ } ++} +diff --git a/default.yaml b/default.yaml +new file mode 100644 +index 000000000..9e892d760 +--- /dev/null ++++ b/default.yaml +@@ -0,0 +1,27 @@ ++# This is a default registries.d configuration file. You may ++# add to this file or create additional files in registries.d/. ++# ++# lookaside: for reading/writing simple signing signatures ++# lookaside-staging: for writing simple signing signatures, preferred over lookaside ++# ++# lookaside and lookaside-staging take a value of the following: ++# lookaside: {schema}://location ++# ++# For reading signatures, schema may be http, https, or file. ++# For writing signatures, schema may only be file. ++ ++# The default locations are built-in, for both reading and writing: ++# /var/lib/containers/sigstore for root, or ++# ~/.local/share/containers/sigstore for non-root users. ++default-docker: ++# lookaside: https://… ++# lookaside-staging: file:///… ++ ++# The 'docker' indicator here is the start of the configuration ++# for docker registries. ++# ++# docker: ++# ++# privateregistry.com: ++# lookaside: https://privateregistry.com/sigstore/ ++# lookaside-staging: /mnt/nfs/privateregistry/sigstore diff --git a/sdk_container/src/third_party/portage-stable/app-containers/containers-image/files/prevent-downloading-mods-5.29.2.patch b/sdk_container/src/third_party/portage-stable/app-containers/containers-image/files/prevent-downloading-mods-5.29.2.patch new file mode 100644 index 00000000000..8d70156bfb6 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/containers-image/files/prevent-downloading-mods-5.29.2.patch @@ -0,0 +1,10 @@ +--- a/Makefile ++++ b/Makefile +@@ -15,7 +15,6 @@ + BUILDTAGS = btrfs_noversion libdm_no_deferred_remove + BUILDFLAGS := -tags "$(BUILDTAGS)" + +-PACKAGES := $(shell GO111MODULE=on go list $(BUILDFLAGS) ./...) + SOURCE_DIRS = $(shell echo $(PACKAGES) | awk 'BEGIN{FS="/"; RS=" "}{print $$4}' | uniq) + + PREFIX ?= ${DESTDIR}/usr diff --git a/sdk_container/src/third_party/portage-stable/app-containers/containers-image/metadata.xml b/sdk_container/src/third_party/portage-stable/app-containers/containers-image/metadata.xml new file mode 100644 index 00000000000..86025dfe250 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/containers-image/metadata.xml @@ -0,0 +1,21 @@ + + + + + me@rahil.rocks + Rahil Bhimjiani + + + zmedico@gentoo.org + Zac Medico + + + proxy-maint@gentoo.org + Proxy Maintainers + + + containers/image + https://github.com/containers/image/issues + https://github.com/containers/image/blob/main/README.md + + diff --git a/sdk_container/src/third_party/portage-stable/app-containers/containers-shortnames/Manifest b/sdk_container/src/third_party/portage-stable/app-containers/containers-shortnames/Manifest new file mode 100644 index 00000000000..af3f5371bc0 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/containers-shortnames/Manifest @@ -0,0 +1 @@ +DIST containers-shortnames-2023.02.20.tar.gz 13527 BLAKE2B 165a4c51bd284078990c94059145bb6b4bd5de4d8595eb2ccd2acc6fe8561e7edc300b7edadc684675ee281d7ada1c3a6d5aa0117c640ec22c2d2ef7e46486b5 SHA512 856dbbeb2acda276e9605bd1ecec0f8d65952c597ee2af61dd8909d7d3c04e5ef06c40b69ec4a98f79e623c536850f614c1b0af3a19637e300e7d3a285933193 diff --git a/sdk_container/src/third_party/portage-stable/app-containers/containers-shortnames/containers-shortnames-2023.02.20.ebuild b/sdk_container/src/third_party/portage-stable/app-containers/containers-shortnames/containers-shortnames-2023.02.20.ebuild new file mode 100644 index 00000000000..bf48bb1f16f --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/containers-shortnames/containers-shortnames-2023.02.20.ebuild @@ -0,0 +1,36 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="Configures default shortnames (aliases) for Containers" +HOMEPAGE="https://github.com/containers/shortnames" + +if [[ ${PV} == *9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/shortnames.git" +else + SRC_URI="https://github.com/containers/shortnames/archive/v${PV}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P#containers-}" + KEYWORDS="amd64 arm64 ~riscv" +fi + +LICENSE="Apache-2.0" +SLOT="0" + +src_configure() { + return +} + +src_compile() { + return +} + +src_test() { + return +} + +src_install() { + insinto /etc/containers/registries.conf.d + newins shortnames.conf 000-shortnames.conf +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/containers-shortnames/metadata.xml b/sdk_container/src/third_party/portage-stable/app-containers/containers-shortnames/metadata.xml new file mode 100644 index 00000000000..6fbce4b1e2e --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/containers-shortnames/metadata.xml @@ -0,0 +1,21 @@ + + + + + me@rahil.rocks + Rahil Bhimjiani + + + zmedico@gentoo.org + Zac Medico + + + proxy-maint@gentoo.org + Proxy Maintainers + + + containers/shortnames + https://github.com/containers/shortnames/issues + https://github.com/containers/shortnames/blob/main/README.md + + diff --git a/sdk_container/src/third_party/portage-stable/app-containers/containers-storage/Manifest b/sdk_container/src/third_party/portage-stable/app-containers/containers-storage/Manifest new file mode 100644 index 00000000000..d6c0aa6b069 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/containers-storage/Manifest @@ -0,0 +1 @@ +DIST containers-storage-1.53.0.tar.gz 4291738 BLAKE2B 939ecca8a948165c42453d5461429d46249d73582869793969f9d4ae52d0a9fec25e6c39cd13190dad0730d9a17de7af1f237b3cf5434fd30f442c78e57ee7b3 SHA512 ea4a1d1899208eb8861e36beba206724b1f55cfd6007bc5a90c3a6a5e02835b4a2985814dc9363c31dcdc81a3fb331b29f51f5523628edb8d9c64c465d6dcaa3 diff --git a/sdk_container/src/third_party/portage-stable/app-containers/containers-storage/containers-storage-1.53.0.ebuild b/sdk_container/src/third_party/portage-stable/app-containers/containers-storage/containers-storage-1.53.0.ebuild new file mode 100644 index 00000000000..2b2cde252bc --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/containers-storage/containers-storage-1.53.0.ebuild @@ -0,0 +1,32 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="Default config and docs related to Containers' storage" +HOMEPAGE="https://github.com/containers/storage" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/storage.git" +else + SRC_URI="https://github.com/containers/storage/archive/v${PV}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P#containers-}" + KEYWORDS="amd64 arm64 ~riscv" +fi + +LICENSE="Apache-2.0" +SLOT="0" + +BDEPEND=">=dev-go/go-md2man-2.0.2" + +src_compile() { + emake -C docs GOMD2MAN=go-md2man containers-storage.conf.5 +} + +src_install() { + emake DESTDIR="${ED}" -C docs install + + insinto /etc/containers + doins storage.conf +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/containers-storage/files/system-md2man-path.patch b/sdk_container/src/third_party/portage-stable/app-containers/containers-storage/files/system-md2man-path.patch new file mode 100644 index 00000000000..f7d8d58aeb8 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/containers-storage/files/system-md2man-path.patch @@ -0,0 +1,7 @@ +--- a/docs/Makefile ++++ b/docs/Makefile +@@ -1,2 +1,3 @@ +-GOMD2MAN = ../tests/tools/build/go-md2man ++GOMD2MAN = $(shell command -v go-md2man) ++ + PREFIX ?= ${DESTDIR}/usr diff --git a/sdk_container/src/third_party/portage-stable/app-containers/containers-storage/metadata.xml b/sdk_container/src/third_party/portage-stable/app-containers/containers-storage/metadata.xml new file mode 100644 index 00000000000..64acdad60d5 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/containers-storage/metadata.xml @@ -0,0 +1,21 @@ + + + + + zmedico@gentoo.org + Zac Medico + + + me@rahil.rocks + Rahil Bhimjiani + + + proxy-maint@gentoo.org + Proxy Maintainers + + + containers/storage + https://github.com/containers/storage/issues + https://github.com/containers/storage/blob/main/README.md + + diff --git a/sdk_container/src/third_party/portage-stable/app-containers/crun/Manifest b/sdk_container/src/third_party/portage-stable/app-containers/crun/Manifest new file mode 100644 index 00000000000..6112ec5cf77 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/crun/Manifest @@ -0,0 +1 @@ +DIST crun-1.14.3.tar.xz 750456 BLAKE2B 5a63b5da2f85ff1a83d4589be224c5b7a1123b6d7714b90a63c1907b78d42392aff25ffe5d9a4127173ac47026d57e9c93a39f5ba4b07de7f9f3722c14e6d203 SHA512 d6645c519ff00dda5def6d58240600d15e76969489918d51c0def2fee7dbad6374f83e5afc14a998d176aa2944765df5cd84c3031b265a1931ab23f2fc965fc1 diff --git a/sdk_container/src/third_party/portage-stable/app-containers/crun/crun-1.14.3.ebuild b/sdk_container/src/third_party/portage-stable/app-containers/crun/crun-1.14.3.ebuild new file mode 100644 index 00000000000..3658cb1ba63 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/crun/crun-1.14.3.ebuild @@ -0,0 +1,65 @@ +# Copyright 2019-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{10..12} ) + +inherit python-any-r1 + +DESCRIPTION="A fast and low-memory footprint OCI Container Runtime fully written in C" +HOMEPAGE="https://github.com/containers/crun" + +if [[ "$PV" == *9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/${PN}.git" +else + SRC_URI="https://github.com/containers/${PN}/releases/download/${PV}/${P}.tar.xz" + KEYWORDS="amd64 ~arm arm64 ~ppc64 ~riscv" +fi + +LICENSE="GPL-2+ LGPL-2.1+" +SLOT="0" +IUSE="+bpf +caps criu +seccomp selinux systemd static-libs" + +DEPEND=" + dev-libs/yajl:= + sys-kernel/linux-headers + caps? ( sys-libs/libcap ) + criu? ( >=sys-process/criu-3.15 ) + seccomp? ( sys-libs/libseccomp ) + systemd? ( sys-apps/systemd:= ) +" +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-container )" +BDEPEND=" + ${PYTHON_DEPS} + virtual/pkgconfig +" + +# the crun test suite is comprehensive to the extent that tests will fail +# within a sandbox environment, due to the nature of the privileges +# required to create linux "containers". +RESTRICT="test" + +src_configure() { + local myeconfargs=( + $(use_enable bpf) + $(use_enable caps) + $(use_enable criu) + $(use_enable seccomp) + $(use_enable systemd) + $(usex static-libs '--enable-shared --enable-static' '--enable-shared --disable-static' '' '') + ) + + econf "${myeconfargs[@]}" +} + +src_install() { + emake "DESTDIR=${D}" install-exec + doman crun.1 + einstalldocs + + einfo "Cleaning up .la files" + find "${ED}" -name '*.la' -delete || die +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/crun/files/crun-1.11.2-caps.patch b/sdk_container/src/third_party/portage-stable/app-containers/crun/files/crun-1.11.2-caps.patch new file mode 100644 index 00000000000..d32a4dd1a8f --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/crun/files/crun-1.11.2-caps.patch @@ -0,0 +1,32 @@ +From 767ba88ef363115e80e077ce312f89f20488da01 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Robert=20G=C3=BCnzler?= +Date: Thu, 9 Nov 2023 14:16:08 +0100 +Subject: [PATCH] Fix build without libcap +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The work to support features introduced another point of dependency on +libcap that previously wasn't guarded by ifdefs + +Refs: https://github.com/containers/crun/pull/1237 +Signed-off-by: Robert Günzler +--- + src/libcrun/container.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/libcrun/container.c b/src/libcrun/container.c +index ed0fa29bb..7be1713ab 100644 +--- a/src/libcrun/container.c ++++ b/src/libcrun/container.c +@@ -3925,8 +3925,10 @@ libcrun_container_get_features (libcrun_context_t *context, struct features_info + // Populate namespaces + populate_array_field (&((*info)->linux.namespaces), namespaces, num_namspaces); + ++#ifdef HAVE_CAP + // Populate capabilities + populate_capabilities (*info, &capabilities, &num_capabilities); ++#endif + + // Hardcode the values for cgroup + (*info)->linux.cgroup.v1 = true; diff --git a/sdk_container/src/third_party/portage-stable/app-containers/crun/metadata.xml b/sdk_container/src/third_party/portage-stable/app-containers/crun/metadata.xml new file mode 100644 index 00000000000..c87b3b38a78 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/crun/metadata.xml @@ -0,0 +1,31 @@ + + + + + robert@gnzler.io + + + proxy-maint@gentoo.org + Proxy Maintainers + + + While most of the tools used in the Linux containers ecosystem are written in + Go, crun authors believe C is a better fit for a lower level tool like a + container runtime. runc; the most used implementation of the OCI runtime specs + written in Go, re-execs itself and use a module written in C for setting up + the environment before the container process starts. + + crun aims to be also usable as a library that can be easily included in + programs without requiring an external process for managing OCI containers. + + + https://github.com/containers/crun/releases + containers/crun + + + Enable in Kernel, eBPF (enhanced Berkley Packet Filter) + support for managing device controllers. + + Enable CRIU based checkpoint/restore support + + diff --git a/sdk_container/src/third_party/portage-stable/app-containers/netavark/Manifest b/sdk_container/src/third_party/portage-stable/app-containers/netavark/Manifest new file mode 100644 index 00000000000..ee3ad3d2e89 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/netavark/Manifest @@ -0,0 +1,2 @@ +DIST netavark-1.10.3.crate 154416 BLAKE2B a7750304484ae820eb3bb1bc4de8c2ad22d95494fe10471014e0eb999fb7578c5e9c2ab352fe357d964d701206ee7016f87134a62afe0a03cd1b574cae1264ca SHA512 6ed9cd5a69a6eacc4ad839a82680c7b98d453564aadee41eb6ea632223fba7fbdb20f11e4146dc74b6c6d3695ac50624424b3260dbb7769a4100a918e4328dbf +DIST netavark-v1.10.3-vendor.tar.gz 16135507 BLAKE2B 114519b76d932c5918fd91cea73e8bc9f5aa3a63275f9218e667e400c3e2512e5db29ce806b5e5b509b043c04a3436344a27cf170e203d4360d00247e48b5ca9 SHA512 b8a99f45ba4ebb20414fe052ff08b1e7a7a86994c7dfa2f36d0500d52bcbd2d279aeff19fb0844a65e2375e86da33af735851f038f598771d2dac96ff7e032a5 diff --git a/sdk_container/src/third_party/portage-stable/app-containers/netavark/metadata.xml b/sdk_container/src/third_party/portage-stable/app-containers/netavark/metadata.xml new file mode 100644 index 00000000000..d4dd8b9ce30 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/netavark/metadata.xml @@ -0,0 +1,26 @@ + + + + + zmedico@gentoo.org + Zac Medico + + + me@rahil.rocks + Rahil Bhimjiani + + + proxy-maint@gentoo.org + Proxy Maintainers + + + Netavark is a rust based network stack for containers. It is + being designed to work with Podman but is also applicable for + other OCI container management applications. + + + containers/netavark + https://github.com/containers/netavark/issues + https://github.com/containers/netavark/blob/main/README.md + + diff --git a/sdk_container/src/third_party/portage-stable/app-containers/netavark/netavark-1.10.3.ebuild b/sdk_container/src/third_party/portage-stable/app-containers/netavark/netavark-1.10.3.ebuild new file mode 100644 index 00000000000..d157e0604af --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/netavark/netavark-1.10.3.ebuild @@ -0,0 +1,59 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +[[ ${PV} == 9999* ]] || CRATES="${PN}@${PV}" + +inherit cargo systemd + +DESCRIPTION="A container network stack" +HOMEPAGE="https://github.com/containers/netavark" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/netavark.git" +else + SRC_URI="${CARGO_CRATE_URIS} https://github.com/containers/netavark/releases/download/v${PV}/${PN}-v${PV}-vendor.tar.gz" + KEYWORDS="amd64 arm64 ~ppc64 ~riscv" +fi + +# main +LICENSE="Apache-2.0" +# deps +LICENSE+=" Apache-2.0-with-LLVM-exceptions BSD BSD-2 Boost-1.0 MIT Unicode-DFS-2016 Unlicense ZLIB" +SLOT="0" +BDEPEND="dev-go/go-md2man + dev-libs/protobuf" + +QA_FLAGS_IGNORED=" + usr/libexec/podman/${PN}" +QA_PRESTRIPPED=" + usr/libexec/podman/${PN}" + +ECARGO_VENDOR="${WORKDIR}/vendor" + +src_unpack() { + if [[ ${PV} == 9999* ]]; then + git-r3_src_unpack + cargo_live_src_unpack + else + cargo_src_unpack + fi +} + +src_prepare() { + default + sed -i -e "s|m0755 bin|m0755 target/$(usex debug debug release)|g;" Makefile || die +} + +src_compile() { + cargo_src_compile + export PREFIX="${EPREFIX}"/usr SYSTEMDDIR="$(systemd_get_systemunitdir)" + emake docs +} + +# Following is needed because we want to use `make install` instead of `cargo install` (exported by cargo.eclass) +src_install() { + default +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/podman/Manifest b/sdk_container/src/third_party/portage-stable/app-containers/podman/Manifest new file mode 100644 index 00000000000..294ad94d178 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/podman/Manifest @@ -0,0 +1 @@ +DIST podman-5.0.2.tar.gz 23811875 BLAKE2B e943eb36eb0b80332223afc5d971c0886f6eaffeb7133c634d28c0a38e9aae6a54266691067dbca7684882f8b6dad72c3d5de2287ec5a7e8fb4b1cfd96df0b4d SHA512 70dbac9fc81d66eb9b0a5174f5776b805397005cacca917674d2b001591fadd05a776c956e693bad932e9eefe591c35da5c566e8e9e01db8be42bc454cd03104 diff --git a/sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-5.0.0_rc4.confd b/sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-5.0.0_rc4.confd new file mode 100644 index 00000000000..eafaee7fdde --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-5.0.0_rc4.confd @@ -0,0 +1,11 @@ +# Config file for /etc/init.d/podman + +# Sets the API service daemon log level +# valid levels: debug, info, warn, error, fatal or panic +#LOG_LEVEL="error" + +# Sets the API service daemon socket +#SOCKET="unix:///run/podman/podman.sock" + +# Configure the user[:group] the API service daemon will run as +#RUN_AS_USER="root:root" diff --git a/sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-5.0.0_rc4.initd b/sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-5.0.0_rc4.initd new file mode 100644 index 00000000000..53026a54176 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-5.0.0_rc4.initd @@ -0,0 +1,21 @@ +#!/sbin/openrc-run +# Copyright 2015-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +description="Podman API Service" + +LOG_PATH="/var/log/${RC_SVCNAME}" +output_log="${LOG_PATH}/${RC_SVCNAME}.log" +error_log="${LOG_PATH}/${RC_SVCNAME}.log" +RUN_PATH="/run/${RC_SVCNAME}" +pidfile="${RUN_PATH}/${RC_SVCNAME}.pid" + +command_user="${RUN_AS_USER:=root:root}" +command="/usr/bin/podman" +command_args="--log-level ${LOG_LEVEL:-error} system service --time 0 ${SOCKET:-unix://${RUN_PATH}/${RC_SVCNAME}.sock}" +command_background="true" + +start() { + checkpath -o "${RUN_AS_USER}" -d "${RUN_PATH}" "${LOG_PATH}" + default_start +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-auto-update-5.0.0.cron b/sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-auto-update-5.0.0.cron new file mode 100644 index 00000000000..509146e0aa5 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-auto-update-5.0.0.cron @@ -0,0 +1,5 @@ +#!/bin/sh + +# podman-auto-update(1) +# uncomment following to auto update containers according to their auto-update policy +# /usr/bin/podman auto-update && /usr/bin/podman image prune -f diff --git a/sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.confd b/sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.confd new file mode 100644 index 00000000000..e85d8d51ff8 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.confd @@ -0,0 +1,8 @@ +# Config file for /etc/init.d/podman-clean-transient + +# Sets the podman log level +# valid levels: debug, info, warn, error, fatal or panic +#LOG_LEVEL="info" + +# Configure the user[:group] the podman will run as +#RUN_AS_USER="root:root" diff --git a/sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.initd b/sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.initd new file mode 100644 index 00000000000..cd759c7eafc --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.initd @@ -0,0 +1,17 @@ +#!/sbin/openrc-run +# Copyright 2015-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +# This service runs once each boot to remove potential leftover +# container state from previous boots. + +# This is needed when using transient storage mode in podman where the +# database and other configs are stored in tmpfs, but some other files +# are not. If we don't run this after an unclean boot then there may +# be some leftover files that grow over time. + +description="Clean up podman transient data" + +command_user="${RUN_AS_USER:-root:root}" +command="/usr/bin/podman" +command_args="--log-level ${LOG_LEVEL:-info} system prune --external" diff --git a/sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-restart-5.0.0_rc4.confd b/sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-restart-5.0.0_rc4.confd new file mode 100644 index 00000000000..4d63848cb16 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-restart-5.0.0_rc4.confd @@ -0,0 +1,9 @@ +# Config file for /etc/init.d/podman-restart + +# Sets the podman log level +# valid levels: debug, info, warn, error, fatal or panic +#LOG_LEVEL="info" + +# Configure the user[:group] the podman will run as +# Can be useful to manage rootful or rootless containers +#RUN_AS_USER="root:root" diff --git a/sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-restart-5.0.0_rc4.initd b/sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-restart-5.0.0_rc4.initd new file mode 100644 index 00000000000..d02bd64c627 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman-restart-5.0.0_rc4.initd @@ -0,0 +1,22 @@ +#!/sbin/openrc-run +# Copyright 2015-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +description="Start all containers with restart-policy set to always" + +command_user="${RUN_AS_USER:=root:root}" +command="/usr/bin/podman" +command_args="--log-level ${LOG_LEVEL:=info} start --all --filter restart-policy=always" + +depend() { + after net +} + +stop() { + ebegin "Stopping all containers with restart-policy set to always" + ${command} \ + --log-level ${LOG_LEVEL} \ + stop \ + $(${command} container ls --filter restart-policy=always -q) + eend $? "Failed to stop containers with restart-policy set to always" +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman.logrotated b/sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman.logrotated new file mode 100644 index 00000000000..b9d723451b0 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/podman/files/podman.logrotated @@ -0,0 +1,7 @@ +/var/log/podman/podman.log { + missingok + size 5M + rotate 3 + compress + copytruncate +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/podman/files/seccomp-toggle-4.7.0.patch b/sdk_container/src/third_party/portage-stable/app-containers/podman/files/seccomp-toggle-4.7.0.patch new file mode 100644 index 00000000000..17a09b60136 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/podman/files/seccomp-toggle-4.7.0.patch @@ -0,0 +1,15 @@ +--- a/Makefile ++++ b/Makefile +@@ -57,7 +57,11 @@ + $(shell hack/systemd_tag.sh) \ + $(shell hack/libsubid_tag.sh) \ + exclude_graphdriver_devicemapper \ +- seccomp ++ ++BUILD_SECCOMP ?= yes ++ifeq ($(BUILD_SECCOMP),yes) ++BUILDTAGS += seccomp ++endif + # N/B: This value is managed by Renovate, manual changes are + # possible, as long as they don't disturb the formatting + # (i.e. DO NOT ADD A 'v' prefix!) diff --git a/sdk_container/src/third_party/portage-stable/app-containers/podman/metadata.xml b/sdk_container/src/third_party/portage-stable/app-containers/podman/metadata.xml new file mode 100644 index 00000000000..59ab2d3ffda --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/podman/metadata.xml @@ -0,0 +1,51 @@ + + + + + zmedico@gentoo.org + Zac Medico + + + me@rahil.rocks + Rahil Bhimjiani + + + proxy-maint@gentoo.org + Proxy Maintainers + + + Podman (the POD MANager) is a tool for managing containers + and images, volumes mounted into those containers, and pods + made from groups of containers. Podman is based on libpod, + a library for container lifecycle management that is also + contained in this repository. The libpod library provides + APIs for managing containers, pods, container images, + and volumes. + + + + Enables btrfs support (graph driver) in Podman + + + Use legacy (hybrid) cgroups instead of modern (unified) cgroups + + + Enables fuse dependencies (fuse-overlayfs is especially useful + for rootless mode). + + + Enables catatonit dependency required for podman run --init. + + + Enables dependencies for running in rootless mode. + + + Install wrapper which lets use podman for command `docker` + + + + containers/podman + https://github.com/containers/podman/issues + https://podman.io/docs + + diff --git a/sdk_container/src/third_party/portage-stable/app-containers/podman/podman-5.0.2.ebuild b/sdk_container/src/third_party/portage-stable/app-containers/podman/podman-5.0.2.ebuild new file mode 100644 index 00000000000..57d1ada19a7 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/podman/podman-5.0.2.ebuild @@ -0,0 +1,129 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{11,12} ) + +inherit go-module python-any-r1 tmpfiles linux-info + +DESCRIPTION="A tool for managing OCI containers and pods with Docker-compatible CLI" +HOMEPAGE="https://github.com/containers/podman/ https://podman.io/" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/podman.git" +else + SRC_URI="https://github.com/containers/podman/archive/v${PV/_rc/-rc}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P/_rc/-rc}" + [[ ${PV} != *rc* ]] && \ + KEYWORDS="amd64 arm64 ~riscv" +fi + +# main pkg +LICENSE="Apache-2.0" +# deps +LICENSE+=" BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0" +SLOT="0" +IUSE="apparmor btrfs +seccomp selinux systemd wrapper" +RESTRICT="test" + +RDEPEND=" + app-containers/catatonit + >=app-containers/conmon-2.1.10 + >=app-containers/containers-common-0.58.0-r1 + app-crypt/gpgme:= + dev-libs/libassuan:= + dev-libs/libgpg-error:= + sys-apps/shadow:= + + apparmor? ( sys-libs/libapparmor ) + btrfs? ( sys-fs/btrfs-progs ) + wrapper? ( !app-containers/docker-cli ) + seccomp? ( sys-libs/libseccomp:= ) + selinux? ( sec-policy/selinux-podman sys-libs/libselinux:= ) + systemd? ( sys-apps/systemd:= ) +" +DEPEND="${RDEPEND}" +BDEPEND=" + ${PYTHON_DEPS} + dev-go/go-md2man + app-crypt/gpgme:= +" + +PATCHES=( + "${FILESDIR}/seccomp-toggle-4.7.0.patch" +) + +CONFIG_CHECK=" + ~USER_NS +" + +pkg_setup() { + use btrfs && CONFIG_CHECK+=" ~BTRFS_FS" + linux-info_pkg_setup + python-any-r1_pkg_setup +} + +src_prepare() { + default + + # assure necessary files are present + local file + for file in apparmor_tag btrfs_installed_tag btrfs_tag systemd_tag; do + [[ -f hack/"${file}".sh ]] || die + done + + local feature + for feature in apparmor systemd; do + cat <<-EOF > hack/"${feature}"_tag.sh || die + #!/usr/bin/env bash + $(usex ${feature} "echo ${feature}" echo) + EOF + done + + echo -e "#!/usr/bin/env bash\n echo" > hack/btrfs_installed_tag.sh || die + cat <<-EOF > hack/btrfs_tag.sh || die + #!/usr/bin/env bash + $(usex btrfs echo 'echo exclude_graphdriver_btrfs btrfs_noversion') + EOF +} + +src_compile() { + export PREFIX="${EPREFIX}/usr" + + # For non-live versions, prevent git operations which causes sandbox violations + # https://github.com/gentoo/gentoo/pull/33531#issuecomment-1786107493 + [[ ${PV} != 9999* ]] && export COMMIT_NO="" GIT_COMMIT="" EPOCH_TEST_COMMIT="" + + # BUILD_SECCOMP is used in the patch to toggle seccomp + emake BUILDFLAGS="-v -work -x" GOMD2MAN="go-md2man" BUILD_SECCOMP="$(usex seccomp)" \ + all $(usev wrapper docker-docs) +} + +src_install() { + emake DESTDIR="${D}" install install.completions $(usev wrapper install.docker-full) + + if use !systemd; then + newconfd "${FILESDIR}"/podman-5.0.0_rc4.confd podman + newinitd "${FILESDIR}"/podman-5.0.0_rc4.initd podman + + newinitd "${FILESDIR}"/podman-restart-5.0.0_rc4.initd podman-restart + newconfd "${FILESDIR}"/podman-restart-5.0.0_rc4.confd podman-restart + + newinitd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.initd podman-clean-transient + newconfd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.confd podman-clean-transient + + exeinto /etc/cron.daily + newexe "${FILESDIR}"/podman-auto-update-5.0.0.cron podman-auto-update + + insinto /etc/logrotate.d + newins "${FILESDIR}/podman.logrotated" podman + fi + + keepdir /var/lib/containers +} + +pkg_postinst() { + tmpfiles_process podman.conf $(usev wrapper podman-docker.conf) +} diff --git a/sdk_container/src/third_party/portage-stable/app-crypt/gpgme/Manifest b/sdk_container/src/third_party/portage-stable/app-crypt/gpgme/Manifest new file mode 100644 index 00000000000..dc87e8b9a1d --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-crypt/gpgme/Manifest @@ -0,0 +1,2 @@ +DIST gpgme-1.23.2.tar.bz2 1836904 BLAKE2B 563e470e861c7cc64ecb3e8dd0a0ed8436bc0867105093abcec09f4d1e1dd95cbf64c8161cf8500b9842583b57f6583efff63e5111234e36fda1e6fbedce2f78 SHA512 6cfcd07e81a93de240582de5a46545420cee93d1f27fe20ea2c983780fdd3036b69fdba073cf549d68a20791e189bf4b3cdde14a43f912d2ab9ef3414c83ac75 +DIST gpgme-1.23.2.tar.bz2.sig 238 BLAKE2B fafba6e2f1f34c53fa3f7e05953298132f7b046048660b9f2df5bc11ccb9694b581117ca78883a8f4ca9af060397a39f3132a3711be1cd28183b7c2f8f93a8b7 SHA512 65b7cdd4ce06bb0b15b13033d226423380338efdcb47ffc3f33780a92973453053f8f59b12a3f37e392e773bdd207a7420c25aa3a210c15eec45b7bfef6e891e diff --git a/sdk_container/src/third_party/portage-stable/app-crypt/gpgme/files/gpgme-1.18.0-tests-start-stop-agent-use-command-v.patch b/sdk_container/src/third_party/portage-stable/app-crypt/gpgme/files/gpgme-1.18.0-tests-start-stop-agent-use-command-v.patch new file mode 100644 index 00000000000..aeae35f4563 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-crypt/gpgme/files/gpgme-1.18.0-tests-start-stop-agent-use-command-v.patch @@ -0,0 +1,27 @@ +Sent upstream to gnupg-devel@ but not yet in archive. + +From: Sam James +Date: Mon, 15 Aug 2022 19:29:06 +0100 +Subject: [PATCH] tests/start-stop-agent: use 'command -v' instead of 'which' + +`which` is an external command which isn't required by POSIX. + +Debian and other distributions (like Gentoo!) are looking +to drop it from their base set of packages. + +Switch to `command -v` which should always work instead. + +Note we already use `command -v` at the start of this test anyway. + +Signed-off-by: Sam James +--- a/tests/start-stop-agent ++++ b/tests/start-stop-agent +@@ -15,7 +15,7 @@ fi + + GPG_AGENT_INFO= + export GPG_AGENT_INFO +-GPG_AGENT=$(which gpg-agent) ++GPG_AGENT=$(command -v gpg-agent) + + token=$(echo "gpgme-$(pwd)" | tr ' ' '_') + diff --git a/sdk_container/src/third_party/portage-stable/app-crypt/gpgme/files/gpgme-1.23.1-tests-gnupg-no-tofu.patch b/sdk_container/src/third_party/portage-stable/app-crypt/gpgme/files/gpgme-1.23.1-tests-gnupg-no-tofu.patch new file mode 100644 index 00000000000..831f68c8ea1 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-crypt/gpgme/files/gpgme-1.23.1-tests-gnupg-no-tofu.patch @@ -0,0 +1,26 @@ +https://dev.gnupg.org/T6778 +--- a/lang/python/tests/support.py ++++ b/lang/python/tests/support.py +@@ -46,13 +46,15 @@ def is_gpg_version(version): + + + def have_tofu_support(ctx, some_uid): +- keys = list( +- ctx.keylist( +- some_uid, +- mode=(gpg.constants.keylist.mode.LOCAL | +- gpg.constants.keylist.mode.WITH_TOFU))) +- return len(keys) > 0 +- ++ try: ++ keys = list( ++ ctx.keylist( ++ some_uid, ++ mode=(gpg.constants.keylist.mode.LOCAL | ++ gpg.constants.keylist.mode.WITH_TOFU))) ++ return len(keys) > 0 ++ except gpg.errors.GPGMEError: ++ return False + + # Skip the Python tests for GnuPG < 2.1.12. Prior versions do not + # understand the command line flags that we assume exist. C.f. issue diff --git a/sdk_container/src/third_party/portage-stable/app-crypt/gpgme/gpgme-1.23.2.ebuild b/sdk_container/src/third_party/portage-stable/app-crypt/gpgme/gpgme-1.23.2.ebuild new file mode 100644 index 00000000000..933a0672a75 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-crypt/gpgme/gpgme-1.23.2.ebuild @@ -0,0 +1,227 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +# Maintainers should: +# 1. Join the "Gentoo" project at https://dev.gnupg.org/project/view/27/ +# 2. Subscribe to release tasks like https://dev.gnupg.org/T6159 +# (find the one for the current release then subscribe to it + +# any subsequent ones linked within so you're covered for a while.) + +DISTUTILS_EXT=1 +DISTUTILS_OPTIONAL=1 +PYTHON_COMPAT=( python3_{10..12} ) +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc + +# in-source builds are not supported: +# * https://dev.gnupg.org/T6313#166339 +# * https://dev.gnupg.org/T6673#174545 +inherit distutils-r1 libtool flag-o-matic multibuild qmake-utils toolchain-funcs verify-sig + +DESCRIPTION="GnuPG Made Easy is a library for making GnuPG easier to use" +HOMEPAGE="https://www.gnupg.org/related_software/gpgme" +SRC_URI=" + mirror://gnupg/gpgme/${P}.tar.bz2 + verify-sig? ( mirror://gnupg/gpgme/${P}.tar.bz2.sig ) +" + +LICENSE="GPL-2 LGPL-2.1" +# Please check ABI on each bump, even if SONAMEs didn't change: bug #833355 +# Use e.g. app-portage/iwdevtools integration with dev-libs/libabigail's abidiff. +# Subslot: SONAME of each: +# Bump FUDGE if a release is made which breaks ABI without changing SONAME. +# (Reset to 0 if FUDGE != 0 if libgpgme/libgpgmepp/libqpggme change.) +SLOT="1/11.6.15.2" +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +IUSE="common-lisp static-libs +cxx python qt5 qt6 test" +RESTRICT="!test? ( test )" +REQUIRED_USE=" + qt5? ( cxx ) + qt6? ( cxx ) + python? ( ${PYTHON_REQUIRED_USE} ) +" + +# - On each bump, update dep bounds on each version from configure.ac! +RDEPEND=" + >=app-crypt/gnupg-2 + >=dev-libs/libassuan-2.5.3:= + >=dev-libs/libgpg-error-1.46-r1:= + python? ( ${PYTHON_DEPS} ) + qt5? ( dev-qt/qtcore:5 ) + qt6? ( dev-qt/qtbase:6 ) +" +DEPEND=" + ${RDEPEND} + test? ( + qt5? ( dev-qt/qttest:5 ) + ) +" +#doc? ( app-text/doxygen[dot] ) +BDEPEND=" + $(python_gen_cond_dep ' + dev-python/setuptools[${PYTHON_USEDEP}] + ' python3_12) + python? ( dev-lang/swig ) + verify-sig? ( sec-keys/openpgp-keys-gnupg ) +" + +PATCHES=( + "${FILESDIR}"/${PN}-1.18.0-tests-start-stop-agent-use-command-v.patch + "${FILESDIR}"/${PN}-1.23.1-tests-gnupg-no-tofu.patch +) + +src_prepare() { + default + + elibtoolize + + # bug #697456 + addpredict /run/user/$(id -u)/gnupg + + local MAX_WORKDIR=66 + if use test && [[ "${#WORKDIR}" -gt "${MAX_WORKDIR}" ]]; then + eerror "Unable to run tests as WORKDIR='${WORKDIR}' is longer than ${MAX_WORKDIR} which causes failure!" + die "Could not run tests as requested with too-long WORKDIR." + fi + + # Make best effort to allow longer PORTAGE_TMPDIR + # as usock limitation fails build/tests + ln -s "${P}" "${WORKDIR}/b" || die + S="${WORKDIR}/b" + + # Qt 5 and Qt 6 are mutually exclusive in the gpgme build. We don't have + # to do three builds (normal, qt5, qt6), and we can instead just + # do normal+qt5 or normal+qt6. For now, we pessimise qt6 by making it + # be a separate build, but in time, we can swap it so qt5 has to be + # the separate one so some build time gets saved in the common case. + MULTIBUILD_VARIANTS=( + base + $(usev qt6 qt6) + ) + + gpgme_create_builddir() { + mkdir -p "${BUILD_DIR}" || die + } + + multibuild_foreach_variant gpgme_create_builddir +} + +src_configure() { + multibuild_foreach_variant gpgme_src_configure +} + +gpgme_src_configure() { + # bug #847955 + append-lfs-flags + + cd "${BUILD_DIR}" || die + + local languages=() + + case ${MULTIBUILD_VARIANT} in + base) + languages=( + $(usev common-lisp 'cl') + $(usev cxx 'cpp') + $(usev qt5 'qt5') + ) + + if use qt5; then + #use doc || + export DOXYGEN=true + export MOC="$(qt5_get_bindir)/moc" + fi + + ;; + *) + # Sanity check for refactoring, the non-base variant is only for Qt 6 + use qt6 || die "Non-base variant shouldn't be built without Qt 6! Please report at bugs.gentoo.org." + + languages=( + cpp + qt6 + ) + + export MOC="$(qt6_get_libdir)/qt6/libexec/moc" + + ;; + esac + + local myeconfargs=( + $(use test || echo "--disable-gpgconf-test --disable-gpg-test --disable-gpgsm-test --disable-g13-test") + --enable-languages="${languages[*]}" + $(use_enable static-libs static) + ) + + ECONF_SOURCE="${S}" econf "${myeconfargs[@]}" + + if [[ ${MULTIBUILD_VARIANT} == base ]] && use python ; then + emake -C lang/python prepare + + pushd lang/python > /dev/null || die + top_builddir="../.." srcdir="${S}/lang/python" CPP="$(tc-getCPP)" distutils-r1_src_configure + popd > /dev/null || die + fi +} + +src_compile() { + multibuild_foreach_variant gpgme_src_compile +} + +gpgme_src_compile() { + cd "${BUILD_DIR}" || die + + emake + + if [[ ${MULTIBUILD_VARIANT} == base ]] && use python ; then + pushd lang/python > /dev/null || die + top_builddir="../.." srcdir="${S}/lang/python" CPP="$(tc-getCPP)" distutils-r1_src_compile + popd > /dev/null || die + fi +} + +src_test() { + multibuild_foreach_variant gpgme_src_test +} + +gpgme_src_test() { + cd "${BUILD_DIR}" || die + + emake check + + if [[ ${MULTIBUILD_VARIANT} == base ]] && use python ; then + distutils-r1_src_test + fi +} + +python_test() { + emake -C lang/python/tests check \ + PYTHON=${EPYTHON} \ + PYTHONS=${EPYTHON} \ + TESTFLAGS="--python-libdir=${BUILD_DIR}/lib" +} + +src_install() { + einstalldocs + multibuild_foreach_variant gpgme_src_install +} + +gpgme_src_install() { + cd "${BUILD_DIR}" || die + + emake DESTDIR="${D}" install + + if [[ ${MULTIBUILD_VARIANT} == base ]] && use python ; then + pushd lang/python > /dev/null || die + top_builddir="../.." srcdir="${S}/lang/python" CPP="$(tc-getCPP)" distutils-r1_src_install + popd > /dev/null || die + fi + + find "${ED}" -type f -name '*.la' -delete || die + + # Backward compatibility for gentoo + # (in the past, we had slots) + dodir /usr/include/gpgme + dosym -r /usr/include/gpgme.h /usr/include/gpgme/gpgme.h +} diff --git a/sdk_container/src/third_party/portage-stable/app-crypt/gpgme/metadata.xml b/sdk_container/src/third_party/portage-stable/app-crypt/gpgme/metadata.xml new file mode 100644 index 00000000000..12645d415e4 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-crypt/gpgme/metadata.xml @@ -0,0 +1,11 @@ + + + + + base-system@gentoo.org + Gentoo Base System + + + Install common-lisp files + + diff --git a/sdk_container/src/third_party/portage-stable/dev-go/go-md2man/Manifest b/sdk_container/src/third_party/portage-stable/dev-go/go-md2man/Manifest index ac3ef5d418e..e99a29d3b0d 100644 --- a/sdk_container/src/third_party/portage-stable/dev-go/go-md2man/Manifest +++ b/sdk_container/src/third_party/portage-stable/dev-go/go-md2man/Manifest @@ -1 +1 @@ -DIST go-md2man-2.0.2.tar.gz 64353 BLAKE2B cc9ce9d14b61e600cf5179b72e08bc7e6ae5fcf31d3e00d6e5f7e5e77a26dd2b2b8a938e168e0053b2a9f9aab734d9beb02f7d95549fbf073125ad42b03cf478 SHA512 c81edfdc0b6647ef699cc908a1a7038d98da34df6d48b223b83a0699de91a7e322e70d67645acf1fc848918f4c1ea310160c7ccb75e6f97b53af7103c7aa18b3 +DIST go-md2man-2.0.3.tar.gz 64961 BLAKE2B 790fe7c247e0f934a397d7389be589c6e4d75be3cd533da13ae4e46c927604c3249e3a2f0c975320bac0f21f3040059202434f6fd4b2ea6dd50d6b772fa01842 SHA512 237e8039beea11b4efb7d0c75fb5826c17dea50057b0149b9533e72e2a5198811f9a3a5b264ea3788922d2f03b07cb57914448b2d4325d54d0f946fb42c42f40 diff --git a/sdk_container/src/third_party/portage-stable/dev-go/go-md2man/go-md2man-2.0.2.ebuild b/sdk_container/src/third_party/portage-stable/dev-go/go-md2man/go-md2man-2.0.3.ebuild similarity index 95% rename from sdk_container/src/third_party/portage-stable/dev-go/go-md2man/go-md2man-2.0.2.ebuild rename to sdk_container/src/third_party/portage-stable/dev-go/go-md2man/go-md2man-2.0.3.ebuild index 8d9a92730d2..de6a9433af8 100644 --- a/sdk_container/src/third_party/portage-stable/dev-go/go-md2man/go-md2man-2.0.2.ebuild +++ b/sdk_container/src/third_party/portage-stable/dev-go/go-md2man/go-md2man-2.0.3.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2023 Gentoo Authors +# Copyright 1999-2024 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=8 diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/yajl/Manifest b/sdk_container/src/third_party/portage-stable/dev-libs/yajl/Manifest new file mode 100644 index 00000000000..881c0c51533 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/yajl/Manifest @@ -0,0 +1,2 @@ +DIST yajl-2.1.0-r5.tar.gz 83997 BLAKE2B 755ee1d9f8c59b730393468722dae9148cd63443a0c91f0e1894f5998b699303920b8f0748541bd280d132ee1c9dedd40ebc2a7e020a8fe65beb186f25af5402 SHA512 9e786d080803df80ec03a9c2f447501e6e8e433a6baf636824bc1d50ecf4f5f80d7dfb1d47958aeb0a30fe459bd0ef033d41bc6a79e1dc6e6b5eade930b19b02 +DIST yajl-2.1.0.tar.gz 84039 BLAKE2B 53cfa60994a478050ef1ab35ecfe60cc51f166bc101ee81f42122b134cc30afd1277c3c2661f5c03dc8c8117fcfdaab8ec7c6d735a6810ea4700f1afaea60e1a SHA512 671c06081e01584d170b614dc0685f49c6d7448b673d8ed99749ce4e0ca73875af9f62df7787b919ceaecab213668ac1d2a5800b6831731ec146353552f36985 diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/yajl/files/yajl-2.1.0-memory-leak.patch b/sdk_container/src/third_party/portage-stable/dev-libs/yajl/files/yajl-2.1.0-memory-leak.patch new file mode 100644 index 00000000000..da059c40539 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/yajl/files/yajl-2.1.0-memory-leak.patch @@ -0,0 +1,23 @@ +From 23a122eddaa28165a6c219000adcc31ff9a8a698 Mon Sep 17 00:00:00 2001 +From: "zhang.jiujiu" <282627424@qq.com> +Date: Tue, 7 Dec 2021 22:37:02 +0800 +Subject: [PATCH] fix memory leaks + +--- + src/yajl_tree.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/yajl_tree.c b/src/yajl_tree.c +index b9e66043..0e7bde98 100644 +--- a/src/yajl_tree.c ++++ b/src/yajl_tree.c +@@ -456,6 +456,9 @@ yajl_val yajl_tree_parse (const char *input, + yajl_tree_free(v); + } + yajl_free (handle); ++ //If the requested memory is not released in time, it will cause memory leakage ++ if(ctx.root) ++ yajl_tree_free(ctx.root); + return NULL; + } + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/yajl/files/yajl-2.1.0-pkg-config.patch b/sdk_container/src/third_party/portage-stable/dev-libs/yajl/files/yajl-2.1.0-pkg-config.patch new file mode 100644 index 00000000000..fc31ef0cf5d --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/yajl/files/yajl-2.1.0-pkg-config.patch @@ -0,0 +1,50 @@ +From 63703fd039fce33ac36e94b9ace4b7c12ef042b9 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Micha=C5=82=20G=C3=B3rny?= +Date: Sun, 24 Feb 2019 10:49:44 +0100 +Subject: [PATCH] cmake: Fix installing pkg-config file into libdir + +Fix the CMake rules to install pkg-config file into lib/pkgconfig +rather than share/pkgconfig. The former location is correct +for ABI-dependent files such as libraries, while the latter should be +used only for ABI-agnostic resources (data files, executables). + +This fixes using yajl on multilib systems where 32-bit and 64-bit +versions of the library are installed separately. This requires two +separate pkg-config files to be installed along with the libraries +into appropriate libdirs. When the file was installed into /usr/share, +only one variant was permitted and effectively using the other multilib +variant was broken, breaking other packages. + +Original bug report: https://bugs.gentoo.org/677870 +--- + src/CMakeLists.txt | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt +index 99cf9e9..81369e4 100644 +--- a/src/CMakeLists.txt ++++ b/src/CMakeLists.txt +@@ -30,7 +30,7 @@ ADD_DEFINITIONS(-DYAJL_BUILD) + # set up some paths + SET (libDir ${CMAKE_CURRENT_BINARY_DIR}/../${YAJL_DIST_NAME}/lib) + SET (incDir ${CMAKE_CURRENT_BINARY_DIR}/../${YAJL_DIST_NAME}/include/yajl) +-SET (shareDir ${CMAKE_CURRENT_BINARY_DIR}/../${YAJL_DIST_NAME}/share/pkgconfig) ++SET (pcDir ${CMAKE_CURRENT_BINARY_DIR}/../${YAJL_DIST_NAME}/lib/pkgconfig) + + # set the output path for libraries + SET(LIBRARY_OUTPUT_PATH ${libDir}) +@@ -61,7 +61,7 @@ FILE(MAKE_DIRECTORY ${incDir}) + # generate build-time source + SET(dollar $) + CONFIGURE_FILE(api/yajl_version.h.cmake ${incDir}/yajl_version.h) +-CONFIGURE_FILE(yajl.pc.cmake ${shareDir}/yajl.pc) ++CONFIGURE_FILE(yajl.pc.cmake ${pcDir}/yajl.pc) + + # copy public headers to output directory + FOREACH (header ${PUB_HDRS}) +@@ -84,4 +84,4 @@ INSTALL(TARGETS yajl + INSTALL(TARGETS yajl_s ARCHIVE DESTINATION lib${LIB_SUFFIX}) + INSTALL(FILES ${PUB_HDRS} DESTINATION include/yajl) + INSTALL(FILES ${incDir}/yajl_version.h DESTINATION include/yajl) +-INSTALL(FILES ${shareDir}/yajl.pc DESTINATION share/pkgconfig) ++INSTALL(FILES ${pcDir}/yajl.pc DESTINATION lib${LIB_SUFFIX}/pkgconfig) diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/yajl/files/yajl-2.1.0-uclibc.patch b/sdk_container/src/third_party/portage-stable/dev-libs/yajl/files/yajl-2.1.0-uclibc.patch new file mode 100644 index 00000000000..2e6f176de64 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/yajl/files/yajl-2.1.0-uclibc.patch @@ -0,0 +1,14 @@ +diff --git a/reformatter/CMakeLists.txt b/reformatter/CMakeLists.txt +index da4032b..d48e218 100644 +--- a/reformatter/CMakeLists.txt ++++ b/reformatter/CMakeLists.txt +@@ -26,7 +26,7 @@ LINK_DIRECTORIES(${CMAKE_CURRENT_BINARY_DIR}/../${YAJL_DIST_NAME}/lib) + + ADD_EXECUTABLE(json_reformat ${SRCS}) + +-TARGET_LINK_LIBRARIES(json_reformat yajl_s) ++TARGET_LINK_LIBRARIES(json_reformat yajl_s m) + + # copy the binary into the output directory + GET_TARGET_PROPERTY(binPath json_reformat LOCATION) + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/yajl/metadata.xml b/sdk_container/src/third_party/portage-stable/dev-libs/yajl/metadata.xml new file mode 100644 index 00000000000..7d75a91c8c3 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/yajl/metadata.xml @@ -0,0 +1,11 @@ + + + + + ruby@gentoo.org + Gentoo Ruby Project + + + lloyd/yajl + + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/yajl/yajl-2.1.0-r5.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/yajl/yajl-2.1.0-r5.ebuild new file mode 100644 index 00000000000..79252d2297f --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/yajl/yajl-2.1.0-r5.ebuild @@ -0,0 +1,36 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit cmake-multilib multibuild + +DESCRIPTION="Small event-driven (SAX-style) JSON parser" +HOMEPAGE="https://lloyd.github.io/yajl/" +SRC_URI="https://github.com/lloyd/yajl/archive/refs/tags/${PV}.tar.gz -> ${P}-r5.tar.gz" + +LICENSE="ISC" +SLOT="0/2" +KEYWORDS="~alpha amd64 ~arm arm64 ~hppa ~ia64 ~loong ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x64-solaris" +IUSE="" + +PATCHES=( + "${FILESDIR}"/${P}-uclibc.patch # git master 5d4bf525 + "${FILESDIR}"/${P}-pkg-config.patch # downstream + "${FILESDIR}"/${P}-memory-leak.patch # Bug 908036 +) + +src_prepare() { + cmake_src_prepare + multilib_copy_sources +} + +multilib_src_test() { + cd "${S}"/test/parsing || die + ./run_tests.sh "${BUILD_DIR}"/test/parsing/yajl_test || die +} + +src_install() { + cmake-multilib_src_install + find "${D}" -name libyajl_s.a -delete || die +} diff --git a/sdk_container/src/third_party/portage-stable/net-misc/passt/Manifest b/sdk_container/src/third_party/portage-stable/net-misc/passt/Manifest new file mode 100644 index 00000000000..0442ab1eb71 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/net-misc/passt/Manifest @@ -0,0 +1 @@ +DIST passt-2024.03.26.tar.xz 195348 BLAKE2B d91e6ac1d50aae04ceb53a34341b545ff644ceccdfcfab461907050612d9d871f61591aac02ebddef9a607a9b39ce5017a2fc47c9189f85b9b9a70a30d010e4c SHA512 da771f8f334862f81702b22688c9d3552aefc2883b5a44c39156ff7a69f301cabf52fa0fb13f8695240db5411c498806d28d847fca8caff2bedb69d1a4b4e5a7 diff --git a/sdk_container/src/third_party/portage-stable/net-misc/passt/files/Makefile-2024.03.20.patch b/sdk_container/src/third_party/portage-stable/net-misc/passt/files/Makefile-2024.03.20.patch new file mode 100644 index 00000000000..30f36d1f084 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/net-misc/passt/files/Makefile-2024.03.20.patch @@ -0,0 +1,13 @@ +Addressing following bugs: +https://bugs.gentoo.org/924494 +--- a/Makefile ++++ b/Makefile +@@ -35,7 +35,7 @@ + + FLAGS := -Wall -Wextra -Wno-format-zero-length + FLAGS += -pedantic -std=c11 -D_XOPEN_SOURCE=700 -D_GNU_SOURCE +-FLAGS += -D_FORTIFY_SOURCE=2 -O2 -pie -fPIE ++FLAGS += -O2 -pie -fPIE + FLAGS += -DPAGE_SIZE=$(shell getconf PAGE_SIZE) + FLAGS += -DNETNS_RUN_DIR=\"/run/netns\" + FLAGS += -DPASST_AUDIT_ARCH=AUDIT_ARCH_$(AUDIT_ARCH) diff --git a/sdk_container/src/third_party/portage-stable/net-misc/passt/metadata.xml b/sdk_container/src/third_party/portage-stable/net-misc/passt/metadata.xml new file mode 100644 index 00000000000..35350e9c2be --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/net-misc/passt/metadata.xml @@ -0,0 +1,27 @@ + + + + + me@rahil.rocks + Rahil Bhimjiani + + + zmedico@gentoo.org + Zac Medico + + + proxy-maint@gentoo.org + Proxy Maintainers + + + passt implements a translation layer between a Layer-2 network interface and native Layer-4 sockets (TCP, UDP, ICMP/ICMPv6 echo) on a host. It doesn't require any capabilities or privileges, and it can be used as a simple replacement for Slirp. + + pasta (same binary as passt, different command) offers equivalent functionality, for network namespaces: traffic is forwarded using a tap interface inside the namespace, without the need to create further interfaces on the host, hence not requiring any capabilities or privileges. + + qrap is a wrapper, designed specifically for usage with qemu(1) and passt(1), connecting a UNIX domain socket to a file descriptor, and running qemu(1) with given arguments. + + + https://passt.top/passt/bugs + https://passt.top/passt/about/ + + diff --git a/sdk_container/src/third_party/portage-stable/net-misc/passt/passt-2024.03.26.ebuild b/sdk_container/src/third_party/portage-stable/net-misc/passt/passt-2024.03.26.ebuild new file mode 100644 index 00000000000..3c05b805c0a --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/net-misc/passt/passt-2024.03.26.ebuild @@ -0,0 +1,40 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit toolchain-funcs + +DESCRIPTION="User-mode networking daemons for VMs and namespaces, replacement for Slirp" +HOMEPAGE="https://passt.top/" + +RELEASE_COMMIT="4988e2b" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="git://passt.top/passt" +else + SRC_URI="https://passt.top/passt/snapshot/passt-${RELEASE_COMMIT}.tar.xz -> ${P}.tar.xz" + S="${WORKDIR}/${PN}-${RELEASE_COMMIT}" + KEYWORDS="amd64 arm64 ~riscv" +fi + +LICENSE="BSD GPL-2+" +SLOT="0" +IUSE="static" + +PATCHES=( + "${FILESDIR}"/Makefile-2024.03.20.patch +) + +src_prepare() { + default + tc-export CC +} + +src_compile() { + [[ ${PV} != 9999* ]] && export VERSION="${PV}" + export prefix="${EPREFIX}/usr" docdir="${EPREFIX}/usr/share/doc/${P}" + + emake $(usev static) +} diff --git a/sdk_container/src/third_party/portage-stable/sys-fs/fuse-overlayfs/Manifest b/sdk_container/src/third_party/portage-stable/sys-fs/fuse-overlayfs/Manifest new file mode 100644 index 00000000000..b8ebf674a48 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/sys-fs/fuse-overlayfs/Manifest @@ -0,0 +1 @@ +DIST fuse-overlayfs-1.13.tar.gz 99775 BLAKE2B 7a0643a5ef029db7f3d1009e9dd4e7a647bf936205723fc3656dfd6d14d622e98f9df15590783492f056ab3f151fd658b6fe65f7177f9499532d02411138ac7c SHA512 2f005b7eb4f0cc31dd75a6c453d81fbbf1c77cb6c1e8f991a53465c1e8c0109c999063a3b2088978abeea2272677985cd79ecbbbcd7aaaac0088dcdd34981f4b diff --git a/sdk_container/src/third_party/portage-stable/sys-fs/fuse-overlayfs/fuse-overlayfs-1.13.ebuild b/sdk_container/src/third_party/portage-stable/sys-fs/fuse-overlayfs/fuse-overlayfs-1.13.ebuild new file mode 100644 index 00000000000..4bbe7b857e5 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/sys-fs/fuse-overlayfs/fuse-overlayfs-1.13.ebuild @@ -0,0 +1,27 @@ +# Copyright 2019-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit autotools linux-info + +DESCRIPTION="FUSE implementation for overlayfs" +HOMEPAGE="https://github.com/containers/fuse-overlayfs" +SRC_URI="https://github.com/containers/fuse-overlayfs/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="amd64 arm64 ~ppc64 ~riscv" + +DEPEND="sys-fs/fuse:3" +RDEPEND="${DEPEND}" +BDEPEND="virtual/pkgconfig" + +pkg_pretend() { + kernel_is -lt 4 18 && eerror "Linux Kernel > v4.18.0 is required" && die +} + +src_prepare() { + default + eautoreconf +} diff --git a/sdk_container/src/third_party/portage-stable/sys-fs/fuse-overlayfs/metadata.xml b/sdk_container/src/third_party/portage-stable/sys-fs/fuse-overlayfs/metadata.xml new file mode 100644 index 00000000000..f802fb94fd0 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/sys-fs/fuse-overlayfs/metadata.xml @@ -0,0 +1,19 @@ + + + + + containers/fuse-overlayfs + + + zmedico@gentoo.org + Zac Medico + + + me@rahil.rocks + Rahil Bhimjiani + + + proxy-maint@gentoo.org + Proxy Maintainers + +