From 5668af04ad3d67f518f03f47325b561c0f40a88b Mon Sep 17 00:00:00 2001 From: Mathieu Tortuyaux Date: Tue, 13 Feb 2024 13:08:16 +0100 Subject: [PATCH 1/7] portage-stable: add incus & friends Signed-off-by: Mathieu Tortuyaux --- .../incus-admin/incus-admin-0.ebuild | 9 + .../acct-group/incus-admin/metadata.xml | 8 + .../acct-group/incus/incus-0.ebuild | 9 + .../acct-group/incus/metadata.xml | 8 + .../acct-group/lxc/lxc-0-r2.ebuild | 9 + .../acct-group/lxc/metadata.xml | 8 + .../acct-user/lxc/lxc-0-r2.ebuild | 12 + .../portage-stable/acct-user/lxc/metadata.xml | 8 + .../app-containers/incus/Manifest | 8 + .../incus/files/incus-0.4.confd | 26 +++ .../incus/files/incus-0.4.initd | 59 +++++ .../incus/files/incus-0.4.service | 22 ++ .../incus/files/incus-0.4.socket | 11 + .../incus/files/incus-6.0.confd | 27 +++ .../incus/files/incus-6.0.initd | 63 +++++ .../incus/files/incus-startup-0.4.service | 15 ++ .../incus/files/incus-startup-0.4.sh | 21 ++ .../incus/files/incus-user-0.4.initd | 37 +++ .../incus/files/incus-user-0.4.service | 12 + .../incus/files/incus-user-0.4.socket | 11 + .../incus/incus-6.0.0-r1.ebuild | 219 +++++++++++++++++ .../incus/incus-6.0.1-r1.ebuild | 219 +++++++++++++++++ .../app-containers/incus/incus-6.2.ebuild | 219 +++++++++++++++++ .../app-containers/incus/incus-6.3-r1.ebuild | 219 +++++++++++++++++ .../app-containers/incus/metadata.xml | 34 +++ .../app-containers/lxc/Manifest | 6 + .../lxc/files/lxc-monitord.service.5.0.0 | 11 + .../lxc/files/lxc-net.service.5.0.0 | 15 ++ .../app-containers/lxc/files/lxc.initd.9 | 132 +++++++++++ .../lxc/files/lxc.service-5.0.0 | 19 ++ .../lxc/files/lxc_at.service.5.0.0 | 19 ++ .../app-containers/lxc/lxc-5.0.3.ebuild | 169 ++++++++++++++ .../app-containers/lxc/lxc-6.0.0-r2.ebuild | 172 ++++++++++++++ .../app-containers/lxc/lxc-6.0.1.ebuild | 172 ++++++++++++++ .../app-containers/lxc/metadata.xml | 20 ++ .../portage-stable/dev-libs/cowsql/Manifest | 1 + .../dev-libs/cowsql/cowsql-1.15.6.ebuild | 53 +++++ .../files/dqlite-1.12.0-disable-werror.patch | 20 ++ .../dev-libs/cowsql/metadata.xml | 25 ++ .../portage-stable/dev-libs/raft/Manifest | 1 + .../raft/files/raft-0.10.0-toggle-zfs.patch | 21 ++ .../portage-stable/dev-libs/raft/metadata.xml | 25 ++ .../dev-libs/raft/raft-0.22.1.ebuild | 60 +++++ .../portage-stable/dev-util/xdelta/Manifest | 2 + .../xdelta/files/xdelta-1.1.4-glib2.patch | 221 ++++++++++++++++++ .../xdelta/files/xdelta-1.1.4-gzip.patch | 59 +++++ .../xdelta/files/xdelta-1.1.4-m4.patch | 11 + .../xdelta/files/xdelta-1.1.4-pkgconfig.patch | 113 +++++++++ .../dev-util/xdelta/metadata.xml | 12 + .../dev-util/xdelta/xdelta-1.1.4-r4.ebuild | 43 ++++ .../dev-util/xdelta/xdelta-3.0.11-r1.ebuild | 39 ++++ .../portage-stable/sys-fs/lxcfs/Manifest | 6 + .../sys-fs/lxcfs/files/lxcfs-5.0.2.confd | 8 + .../sys-fs/lxcfs/files/lxcfs-5.0.2.initd | 27 +++ .../sys-fs/lxcfs/files/lxcfs-5.0.2.service | 18 ++ ...-fix-incompatible-pointer-conversion.patch | 19 ++ .../sys-fs/lxcfs/lxcfs-5.0.4-r1.ebuild | 84 +++++++ .../sys-fs/lxcfs/lxcfs-6.0.0.ebuild | 80 +++++++ .../sys-fs/lxcfs/lxcfs-6.0.1.ebuild | 80 +++++++ .../portage-stable/sys-fs/lxcfs/metadata.xml | 22 ++ 60 files changed, 3078 insertions(+) create mode 100644 sdk_container/src/third_party/portage-stable/acct-group/incus-admin/incus-admin-0.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/acct-group/incus-admin/metadata.xml create mode 100644 sdk_container/src/third_party/portage-stable/acct-group/incus/incus-0.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/acct-group/incus/metadata.xml create mode 100644 sdk_container/src/third_party/portage-stable/acct-group/lxc/lxc-0-r2.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/acct-group/lxc/metadata.xml create mode 100644 sdk_container/src/third_party/portage-stable/acct-user/lxc/lxc-0-r2.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/acct-user/lxc/metadata.xml create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/incus/Manifest create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-0.4.confd create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-0.4.initd create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-0.4.service create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-0.4.socket create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-6.0.confd create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-6.0.initd create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-startup-0.4.service create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-startup-0.4.sh create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-user-0.4.initd create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-user-0.4.service create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-user-0.4.socket create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/incus/incus-6.0.0-r1.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/incus/incus-6.0.1-r1.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/incus/incus-6.2.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/incus/incus-6.3-r1.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/incus/metadata.xml create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/lxc/Manifest create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/lxc/files/lxc-monitord.service.5.0.0 create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/lxc/files/lxc-net.service.5.0.0 create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/lxc/files/lxc.initd.9 create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/lxc/files/lxc.service-5.0.0 create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/lxc/files/lxc_at.service.5.0.0 create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/lxc/lxc-5.0.3.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/lxc/lxc-6.0.0-r2.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/lxc/lxc-6.0.1.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/lxc/metadata.xml create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/cowsql/Manifest create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/cowsql/cowsql-1.15.6.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/cowsql/files/dqlite-1.12.0-disable-werror.patch create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/cowsql/metadata.xml create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/raft/Manifest create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/raft/files/raft-0.10.0-toggle-zfs.patch create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/raft/metadata.xml create mode 100644 sdk_container/src/third_party/portage-stable/dev-libs/raft/raft-0.22.1.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/dev-util/xdelta/Manifest create mode 100644 sdk_container/src/third_party/portage-stable/dev-util/xdelta/files/xdelta-1.1.4-glib2.patch create mode 100644 sdk_container/src/third_party/portage-stable/dev-util/xdelta/files/xdelta-1.1.4-gzip.patch create mode 100644 sdk_container/src/third_party/portage-stable/dev-util/xdelta/files/xdelta-1.1.4-m4.patch create mode 100644 sdk_container/src/third_party/portage-stable/dev-util/xdelta/files/xdelta-1.1.4-pkgconfig.patch create mode 100644 sdk_container/src/third_party/portage-stable/dev-util/xdelta/metadata.xml create mode 100644 sdk_container/src/third_party/portage-stable/dev-util/xdelta/xdelta-1.1.4-r4.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/dev-util/xdelta/xdelta-3.0.11-r1.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/Manifest create mode 100644 sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/files/lxcfs-5.0.2.confd create mode 100644 sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/files/lxcfs-5.0.2.initd create mode 100644 sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/files/lxcfs-5.0.2.service create mode 100644 sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/files/lxcfs-5.0.4-fix-incompatible-pointer-conversion.patch create mode 100644 sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/lxcfs-5.0.4-r1.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/lxcfs-6.0.0.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/lxcfs-6.0.1.ebuild create mode 100644 sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/metadata.xml diff --git a/sdk_container/src/third_party/portage-stable/acct-group/incus-admin/incus-admin-0.ebuild b/sdk_container/src/third_party/portage-stable/acct-group/incus-admin/incus-admin-0.ebuild new file mode 100644 index 00000000000..ee18e2282ca --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/acct-group/incus-admin/incus-admin-0.ebuild @@ -0,0 +1,9 @@ +# Copyright 2020-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit acct-group + +ACCT_GROUP_ID=533 +DESCRIPTION="Group for app-containers/incus" diff --git a/sdk_container/src/third_party/portage-stable/acct-group/incus-admin/metadata.xml b/sdk_container/src/third_party/portage-stable/acct-group/incus-admin/metadata.xml new file mode 100644 index 00000000000..5d32dd6c55b --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/acct-group/incus-admin/metadata.xml @@ -0,0 +1,8 @@ + + + + + virtualization@gentoo.org + Gentoo Virtualization Project + + diff --git a/sdk_container/src/third_party/portage-stable/acct-group/incus/incus-0.ebuild b/sdk_container/src/third_party/portage-stable/acct-group/incus/incus-0.ebuild new file mode 100644 index 00000000000..e5f45afcdc9 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/acct-group/incus/incus-0.ebuild @@ -0,0 +1,9 @@ +# Copyright 2020-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit acct-group + +ACCT_GROUP_ID=532 +DESCRIPTION="Group for app-containers/incus" diff --git a/sdk_container/src/third_party/portage-stable/acct-group/incus/metadata.xml b/sdk_container/src/third_party/portage-stable/acct-group/incus/metadata.xml new file mode 100644 index 00000000000..5d32dd6c55b --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/acct-group/incus/metadata.xml @@ -0,0 +1,8 @@ + + + + + virtualization@gentoo.org + Gentoo Virtualization Project + + diff --git a/sdk_container/src/third_party/portage-stable/acct-group/lxc/lxc-0-r2.ebuild b/sdk_container/src/third_party/portage-stable/acct-group/lxc/lxc-0-r2.ebuild new file mode 100644 index 00000000000..c2f7cd728e6 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/acct-group/lxc/lxc-0-r2.ebuild @@ -0,0 +1,9 @@ +# Copyright 2021-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit acct-group + +ACCT_GROUP_ID=358 +DESCRIPTION="Group for app-containers/lxc" diff --git a/sdk_container/src/third_party/portage-stable/acct-group/lxc/metadata.xml b/sdk_container/src/third_party/portage-stable/acct-group/lxc/metadata.xml new file mode 100644 index 00000000000..5d32dd6c55b --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/acct-group/lxc/metadata.xml @@ -0,0 +1,8 @@ + + + + + virtualization@gentoo.org + Gentoo Virtualization Project + + diff --git a/sdk_container/src/third_party/portage-stable/acct-user/lxc/lxc-0-r2.ebuild b/sdk_container/src/third_party/portage-stable/acct-user/lxc/lxc-0-r2.ebuild new file mode 100644 index 00000000000..7449e8ee379 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/acct-user/lxc/lxc-0-r2.ebuild @@ -0,0 +1,12 @@ +# Copyright 2021-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit acct-user + +DESCRIPTION="User for app-containers/lxc" +ACCT_USER_ID=358 +ACCT_USER_GROUPS=( lxc ) + +acct-user_add_deps diff --git a/sdk_container/src/third_party/portage-stable/acct-user/lxc/metadata.xml b/sdk_container/src/third_party/portage-stable/acct-user/lxc/metadata.xml new file mode 100644 index 00000000000..5d32dd6c55b --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/acct-user/lxc/metadata.xml @@ -0,0 +1,8 @@ + + + + + virtualization@gentoo.org + Gentoo Virtualization Project + + diff --git a/sdk_container/src/third_party/portage-stable/app-containers/incus/Manifest b/sdk_container/src/third_party/portage-stable/app-containers/incus/Manifest new file mode 100644 index 00000000000..7748f8acb3f --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/incus/Manifest @@ -0,0 +1,8 @@ +DIST incus-6.0.0.tar.xz 11839792 BLAKE2B 135574e6f19262992bb068a3c0a0045c192699503e417eb861e00a974e631fd869485eb96238d1dbe4712e789367d31afae1c62bade2a8b75f7e9a7620547e74 SHA512 eb6d784a535d487bd85b3e8272d7cddc23f2ed98ca2b3e2f19c038b4a6f910d4030822424154489adef7a688757905927309d25f6d1ff621d99d678fe6aeae2b +DIST incus-6.0.0.tar.xz.asc 833 BLAKE2B f35c38f886290ff08e017cd54e8019c43bfbf1f9c84b26ede2cfa78acbe4047af4314465e77d6e900f296552d5ac8f8c07d26a11920bff937fbb8a0a910efb0d SHA512 0360520752fad3e95807d09e4fd6d60c96a202d0dbb61621925abd75aa801b6d573abbece3179a8906bdc47e96ddec4a746607ce2d10dcc1a76d0afd459cbf81 +DIST incus-6.0.1.tar.xz 11653056 BLAKE2B d026f9fb99d7393d286006cfe759681b58b980b7a2432a98ba8a6862e17099ef6ee8d1ec1766d00fac1a6d1e748a7d10d3d5ad14b31c542618044f77a27fe255 SHA512 8218c121cf1afd307f748c0f1c0b1ba34a05fa0c43a515aab03d9f92c66becaa6bff245e93842e7b0746ce6019d66f1a5e4c317ec05e0ab088b539e5378d78dc +DIST incus-6.0.1.tar.xz.asc 833 BLAKE2B c5c9d3d4796e97ef745102c13e52d691e7f087a5a0cc8e0a069ec7c94686e6e8de04d3dd247157e16eb3deea2b877453e3462ec829ced2ba9cb1928af9a3aa1b SHA512 c47df95afa7c9ef7041fb29497567ab3b1ed30c3c175b4be84bc75a6a2c47072cc291e43fa738a5a58d753b04aef87334780f9d45184a9543a49fad263859aa0 +DIST incus-6.2.tar.xz 11060268 BLAKE2B ac276e9192bd309d41762e1756ed8276835d597f92fef554f74d8dd11f1d6685f95815c89a1770a7e3fd3c8c08dea65e5dffeac942e97052e7bdb1337d2d3817 SHA512 a5a41199b5ec21a6b2abb7ae33d245032db67ec8aedec3eb1cd18236ce39106c25c4a71524d363103c4a6fbe4420368e0fe8763a2eb84afdbf7f069e53312fa7 +DIST incus-6.2.tar.xz.asc 833 BLAKE2B 68e967083b715716f5eedeeb4e81c5d90e45af1c9bd3ce373d8edab9d872598585e3ee9ae738292a7cc66f52907908627d5dd62ef963f62b37ed74620d59ef90 SHA512 77a82dd92438815c0f02a4399f2cda465692589eef12dba4482bdcb0cf1bd1e71dd3a6ccedfa0d9c4a11891b0883764adae3db994f21bb46655372988941ae2a +DIST incus-6.3.tar.xz 11717996 BLAKE2B 25a4f13e860c4d60e24b32f8ce1db0c4cf81f2595169c105d2e1a3b38563232b141f08039c243d903c5b81ddde0eb1a8008ae24cef955ed9d001241edc1336f2 SHA512 e9da3e2c3ef9c7e8b0ae77bef7fe674e427d63cc97a397c61eca3eb3f31e5e4ee8670543d7cf05b7efcfc08645ee7339c44aab87c5a4aa4578566dec3a512048 +DIST incus-6.3.tar.xz.asc 833 BLAKE2B 1b204199cda642dbe2b89167a4ac210ab43c1798ecf5079d24f585dc9e559e9216ba8dce8c39ae2de8ec298cb157d8926dd8a545c4a21464e88babe54e585c9c SHA512 e3318a8037f488b5ce0b551a485c568cba7137c70ad170f963d4cad3bb1fc8b12a9da564b03d754f82f354b1a59c37fd3857d3804e75d14428e52ee6121411a4 diff --git a/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-0.4.confd b/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-0.4.confd new file mode 100644 index 00000000000..b0f7e0e212a --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-0.4.confd @@ -0,0 +1,26 @@ +# Group which owns the shared socket +INCUS_OPTIONS+=" --group incus-admin" + +# Enable cpu profiling into the specified file +#INCUS_OPTIONS+=" --cpuprofile /tmp/lxc_cpu_profile" + +# Enable memory profiling into the specified file +#INCUS_OPTIONS+=" --memprofile /tmp/lxc_mem_profile" + +# Enable debug mode +#INCUS_OPTIONS+=" --debug" + +# For debugging, print a complete stack trace every n seconds +#INCUS_OPTIONS+=" --print-goroutines-every 5" + +# Enable verbose mode +#INCUS_OPTIONS+=" -v" + +# Logfile to log to +#INCUS_OPTIONS+=" --logfile /var/log/incus/incus.log" + +# Enable syslog logging +#INCUS_OPTIONS+=" --syslog" + +# Increase ulimits to allow more open files on OpenRC. +rc_ulimit="-n 1048576 -l unlimited" diff --git a/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-0.4.initd b/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-0.4.initd new file mode 100644 index 00000000000..34e1f07a892 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-0.4.initd @@ -0,0 +1,59 @@ +#!/sbin/openrc-run +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +DAEMON=/usr/sbin/incusd +PIDFILE=/run/incus.pid + +depend() { + need net + need lxcfs +} + +start() { + ebegin "Starting incus daemon service" + + modprobe -f loop > /dev/null 2>&1 + + # Fix permissions on /var/lib/incus and make sure it exists. + # Create a log directory for incus with correct permissions. + install -d /var/lib/incus --group incus-admin --owner root --mode 0775 + install -d /var/log/incus --group incus-admin --owner root + + start-stop-daemon --start \ + --pidfile ${PIDFILE} \ + --exec ${DAEMON} \ + --background \ + --make-pidfile \ + -- \ + ${INCUS_OPTIONS} + eend ${?} + + # Create necessary systemd paths in order for systemd containers to work on openrc host. + # /etc/rc.conf should have following values: + # rc_cgroup_mode="hybrid" + if [ -d /sys/fs/cgroup/unified ] && + [ ! -d /sys/fs/cgroup/systemd ]; then + install -d /sys/fs/cgroup/systemd --group incus-admin --owner root + mount -t cgroup -o none,name=systemd systemd /sys/fs/cgroup/systemd + fi +} + +stop() { + if [ "${RC_CMD}" = restart ]; then + ebegin "Stopping incus daemon service (but not containers)" + # start-stop-daemon sends SIGTERM with a timeout of 5s by default. + # SIGTERM indicates to INCUS that it will be stopped temporarily. + # Instances will keep running. + start-stop-daemon --stop --quiet -p "${PIDFILE}" + eend ${?} + else + ebegin "Stopping incus daemon service and containers, waiting 40s" + # SIGPWR indicates to INCUS that the host is going down. + # LXD will do a clean shutdown of all instances. + # After 30s all remaining instances will be killed. + # We wait up to 40s for INCUS. + start-stop-daemon --stop --quiet -R SIGPWR/40 -p "${PIDFILE}" + eend ${?} + fi +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-0.4.service b/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-0.4.service new file mode 100644 index 00000000000..17aea1de12b --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-0.4.service @@ -0,0 +1,22 @@ +[Unit] +Description=Incus - main daemon +After=network-online.target lxcfs.service incus.socket +Requires=network-online.target lxcfs.service incus.socket + +[Service] +EnvironmentFile=-/etc/environment +ExecStart=/usr/sbin/incusd --group incus-admin --syslog +ExecStartPost=/usr/sbin/incusd waitready --timeout=600 +ExecStartPre=/bin/mkdir -p /var/log/incus +ExecStartPre=/bin/chown -R root:incus-admin /var/log/incus +KillMode=process +PermissionsStartOnly=true +TimeoutStartSec=600s +TimeoutStopSec=30s +Restart=on-failure +LimitNOFILE=1048576 +LimitNPROC=infinity +TasksMax=infinity + +[Install] +Also=incus-startup.service incus.socket diff --git a/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-0.4.socket b/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-0.4.socket new file mode 100644 index 00000000000..741fadd0309 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-0.4.socket @@ -0,0 +1,11 @@ +[Unit] +Description=Incus - Daemon (unix socket) + +[Socket] +ListenStream=/var/lib/incus/unix.socket +SocketGroup=incus-admin +SocketMode=0660 +Service=incus.service + +[Install] +WantedBy=sockets.target diff --git a/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-6.0.confd b/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-6.0.confd new file mode 100644 index 00000000000..d75a9071aca --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-6.0.confd @@ -0,0 +1,27 @@ +## "INCUS_OPTIONS+=" is not POSIX-compliant, so we use +## "INCUS_OPTIONS="${INCUS_OPTIONS}"" to not rely on bashmisms. +## bgo#929138 + +# Group which owns the shared socket +INCUS_OPTIONS="${INCUS_OPTIONS} --group incus-admin" + +# Enable cpu profiling into the specified file +#INCUS_OPTIONS="${INCUS_OPTIONS} --cpuprofile /tmp/lxc_cpu_profile" + +# Enable memory profiling into the specified file +#INCUS_OPTIONS="${INCUS_OPTIONS} --memprofile /tmp/lxc_mem_profile" + +# Enable debug mode +#INCUS_OPTIONS="${INCUS_OPTIONS} --debug" + +# For debugging, print a complete stack trace every n seconds +#INCUS_OPTIONS="${INCUS_OPTIONS} --print-goroutines-every 5" + +# Enable verbose mode +#INCUS_OPTIONS="${INCUS_OPTIONS} -v" + +# Logfile to log to +#INCUS_OPTIONS="${INCUS_OPTIONS} --logfile /var/log/incus/incus.log" + +# Enable syslog logging +#INCUS_OPTIONS="${INCUS_OPTIONS} --syslog" diff --git a/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-6.0.initd b/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-6.0.initd new file mode 100644 index 00000000000..fb0d80ee798 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-6.0.initd @@ -0,0 +1,63 @@ +#!/sbin/openrc-run +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +DAEMON=/usr/sbin/incusd +PIDFILE=/run/incus.pid + +depend() { + need net + need lxcfs +} + +start() { + ebegin "Starting incus daemon service" + + modprobe -f loop > /dev/null 2>&1 + + # Call prlimit from the init.d file instead of ulimit through rc_ulimit, + # bgo#929138 + prlimit --nofile=1048576 --memlock=unlimited --pid=$$ + + # Fix permissions on /var/lib/incus and make sure it exists. + # Create a log directory for incus with correct permissions. + install -d /var/lib/incus --group incus-admin --owner root --mode 0775 + install -d /var/log/incus --group incus-admin --owner root + + start-stop-daemon --start \ + --pidfile ${PIDFILE} \ + --exec ${DAEMON} \ + --background \ + --make-pidfile \ + -- \ + ${INCUS_OPTIONS} + eend ${?} + + # Create necessary systemd paths in order for systemd containers to work on openrc host. + # /etc/rc.conf should have following values: + # rc_cgroup_mode="hybrid" + if [ -d /sys/fs/cgroup/unified ] && + [ ! -d /sys/fs/cgroup/systemd ]; then + install -d /sys/fs/cgroup/systemd --group incus-admin --owner root + mount -t cgroup -o none,name=systemd systemd /sys/fs/cgroup/systemd + fi +} + +stop() { + if [ "${RC_CMD}" = restart ]; then + ebegin "Stopping incus daemon service (but not containers)" + # start-stop-daemon sends SIGTERM with a timeout of 5s by default. + # SIGTERM indicates to INCUS that it will be stopped temporarily. + # Instances will keep running. + start-stop-daemon --stop --quiet -p "${PIDFILE}" + eend ${?} + else + ebegin "Stopping incus daemon service and containers, waiting 40s" + # SIGPWR indicates to INCUS that the host is going down. + # LXD will do a clean shutdown of all instances. + # After 30s all remaining instances will be killed. + # We wait up to 40s for INCUS. + start-stop-daemon --stop --quiet -R SIGPWR/40 -p "${PIDFILE}" + eend ${?} + fi +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-startup-0.4.service b/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-startup-0.4.service new file mode 100644 index 00000000000..8838bdc4949 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-startup-0.4.service @@ -0,0 +1,15 @@ +[Unit] +Description=Incus - Startup check +After=incus.socket incus.service +Requires=incus.socket + +[Service] +Type=oneshot +ExecStart=/usr/sbin/incus-startup start +ExecStop=/usr/sbin/incus-startup stop +TimeoutStartSec=600s +TimeoutStopSec=600s +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target diff --git a/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-startup-0.4.sh b/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-startup-0.4.sh new file mode 100644 index 00000000000..6b19f22e4cb --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-startup-0.4.sh @@ -0,0 +1,21 @@ +#!/bin/sh +set -e + +case "$1" in + start) + systemctl is-active incus -q && exit 0 + exec incusd activateifneeded + ;; + + stop) + systemctl is-active incus -q || exit 0 + exec incusd shutdown + ;; + + *) + echo "unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +exit 0 diff --git a/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-user-0.4.initd b/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-user-0.4.initd new file mode 100644 index 00000000000..7d81d298f58 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-user-0.4.initd @@ -0,0 +1,37 @@ +#!/sbin/openrc-run +# Copyright 2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +name="incus-user socket daemon" +description="incus-user socket daemon" + +DAEMON=/usr/sbin/incus-user +PIDFILE=/run/incus-user.pid + +depend() { + need incus + need net +} + +start() { + ebegin "Starting incus-user socket daemon" + + start-stop-daemon --start \ + --pidfile ${PIDFILE} \ + --exec ${DAEMON} \ + --background \ + --make-pidfile \ + -- \ + --group incus + eend ${?} +} + +stop() { + if [ "${RC_CMD}" = restart ]; then + start-stop-daemon --stop --quiet -p "${PIDFILE}" + eend ${?} + else + start-stop-daemon --stop --quiet -p "${PIDFILE}" + eend ${?} + fi +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-user-0.4.service b/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-user-0.4.service new file mode 100644 index 00000000000..4cb4d44263c --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-user-0.4.service @@ -0,0 +1,12 @@ +[Unit] +Description=Incus - User daemon +After=incus-user.socket incus.service +Requires=incus-user.socket + +[Service] +EnvironmentFile=-/etc/environment +ExecStart=/usr/sbin/incus-user --group incus +Restart=on-failure + +[Install] +Also=incus-user.socket diff --git a/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-user-0.4.socket b/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-user-0.4.socket new file mode 100644 index 00000000000..5c14276fc6c --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/incus/files/incus-user-0.4.socket @@ -0,0 +1,11 @@ +[Unit] +Description=Incus - Daemon (user unix socket) + +[Socket] +ListenStream=/var/lib/incus/unix.socket.user +SocketGroup=incus +SocketMode=0660 +Service=incus-user.service + +[Install] +WantedBy=sockets.target diff --git a/sdk_container/src/third_party/portage-stable/app-containers/incus/incus-6.0.0-r1.ebuild b/sdk_container/src/third_party/portage-stable/app-containers/incus/incus-6.0.0-r1.ebuild new file mode 100644 index 00000000000..1cea3ec2fae --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/incus/incus-6.0.0-r1.ebuild @@ -0,0 +1,219 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module linux-info optfeature systemd toolchain-funcs verify-sig + +DESCRIPTION="Modern, secure and powerful system container and virtual machine manager" +HOMEPAGE="https://linuxcontainers.org/incus/introduction/ https://github.com/lxc/incus" +SRC_URI="https://linuxcontainers.org/downloads/incus/${P}.tar.xz + verify-sig? ( https://linuxcontainers.org/downloads/incus/${P}.tar.xz.asc )" + +LICENSE="Apache-2.0 BSD LGPL-3 MIT" +SLOT="0" +KEYWORDS="amd64 ~arm64" +IUSE="apparmor fuidshift nls" + +DEPEND="acct-group/incus + acct-group/incus-admin + app-arch/xz-utils + >=app-containers/lxc-5.0.0:=[apparmor?,seccomp(+)] + dev-db/sqlite:3 + >=dev-libs/cowsql-1.15.6 + dev-libs/lzo + >=dev-libs/raft-0.22.1:=[lz4] + >=dev-util/xdelta-3.0[lzma(+)] + net-dns/dnsmasq[dhcp] + sys-libs/libcap + virtual/udev" +RDEPEND="${DEPEND} + fuidshift? ( !app-containers/lxd ) + net-firewall/ebtables + net-firewall/iptables + sys-apps/iproute2 + sys-fs/fuse:* + >=sys-fs/lxcfs-5.0.0 + sys-fs/squashfs-tools[lzma] + virtual/acl" +BDEPEND=">=dev-lang/go-1.21 + nls? ( sys-devel/gettext ) + verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" + +CONFIG_CHECK=" + ~CGROUPS + ~IPC_NS + ~NET_NS + ~PID_NS + + ~SECCOMP + ~USER_NS + ~UTS_NS + + ~KVM + ~MACVTAP + ~VHOST_VSOCK +" + +ERROR_IPC_NS="CONFIG_IPC_NS is required." +ERROR_NET_NS="CONFIG_NET_NS is required." +ERROR_PID_NS="CONFIG_PID_NS is required." +ERROR_SECCOMP="CONFIG_SECCOMP is required." +ERROR_UTS_NS="CONFIG_UTS_NS is required." + +WARNING_KVM="CONFIG_KVM and CONFIG_KVM_AMD/-INTEL is required for virtual machines." +WARNING_MACVTAP="CONFIG_MACVTAP is required for virtual machines." +WARNING_VHOST_VSOCK="CONFIG_VHOST_VSOCK is required for virtual machines." + +# Go magic. +QA_PREBUILT="/usr/bin/incus + /usr/bin/lxc-to-incus + /usr/bin/incus-agent + /usr/bin/incus-benchmark + /usr/bin/incus-migrate + /usr/sbin/fuidshift + /usr/sbin/lxd-to-incus + /usr/sbin/incusd" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/linuxcontainers.asc + +# The testsuite must be run as root. +# make: *** [Makefile:156: check] Error 1 +RESTRICT="test" + +GOPATH="${S}/_dist" + +src_unpack() { + verify-sig_src_unpack + go-module_src_unpack +} + +src_prepare() { + export GOPATH="${S}/_dist" + + default + + sed -i \ + -e "s:\./configure:./configure --prefix=/usr --libdir=${EPREFIX}/usr/lib/incus:g" \ + -e "s:make:make ${MAKEOPTS}:g" \ + Makefile || die + + # Fix hardcoded ovmf file path, see bug 763180 + sed -i \ + -e "s:/usr/share/OVMF:/usr/share/edk2-ovmf:g" \ + -e "s:OVMF_VARS.ms.fd:OVMF_VARS.fd:g" \ + doc/environment.md \ + internal/server/apparmor/instance.go \ + internal/server/apparmor/instance_qemu.go \ + internal/server/instance/drivers/driver_qemu.go || die "Failed to fix hardcoded ovmf paths." + + # Fix hardcoded virtfs-proxy-helper file path, see bug 798924 + sed -i \ + -e "s:/usr/lib/qemu/virtfs-proxy-helper:/usr/libexec/virtfs-proxy-helper:g" \ + internal/server/device/device_utils_disk.go || die "Failed to fix virtfs-proxy-helper path." + + cp "${FILESDIR}"/incus-0.4.service "${T}"/incus.service || die + if use apparmor; then + sed -i \ + '/^EnvironmentFile=.*/a ExecStartPre=\/usr\/libexec\/lxc\/lxc-apparmor-load' \ + "${T}"/incus.service || die + fi + + # Disable -Werror's from go modules. + find "${S}" -name "cgo.go" -exec sed -i "s/ -Werror / /g" {} + || die +} + +src_configure() { :; } + +src_compile() { + export GOPATH="${S}/_dist" + export CGO_LDFLAGS_ALLOW="-Wl,-z,now" + + for k in incus-benchmark incus-simplestreams incus-user incus lxc-to-incus lxd-to-incus ; do + ego install -v -x "${S}/cmd/${k}" + done + + if use fuidshift ; then + ego install -v -x "${S}/cmd/fuidshift" + fi + + ego install -v -x -tags libsqlite3 "${S}"/cmd/incusd + + # Needs to be built statically + CGO_ENABLED=0 go install -v -tags netgo "${S}"/cmd/incus-migrate + CGO_ENABLED=0 go install -v -tags agent,netgo "${S}"/cmd/incus-agent + + use nls && emake build-mo +} + +src_test() { + emake check +} + +src_install() { + export GOPATH="${S}/_dist" + + if tc-is-cross-compiler ; then + local bindir="_dist/bin/linux_${GOARCH}" + else + local bindir="_dist/bin" + fi + + newsbin "${FILESDIR}"/incus-startup-0.4.sh incus-startup + + # Admin tools + for l in incusd incus-user lxd-to-incus ; do + dosbin ${bindir}/${l} + done + + # User tools + for m in incus-agent incus-benchmark incus-migrate incus-simplestreams incus lxc-to-incus ; do + dobin ${bindir}/${m} + done + + # fuidshift, should be moved under admin tools at some point + if use fuidshift ; then + dosbin ${bindir}/fuidshift + fi + + newconfd "${FILESDIR}"/incus-0.4.confd incus + newinitd "${FILESDIR}"/incus-0.4.initd incus + newinitd "${FILESDIR}"/incus-user-0.4.initd incus-user + + systemd_dounit "${T}"/incus.service + systemd_newunit "${FILESDIR}"/incus-0.4.socket incus.socket + systemd_newunit "${FILESDIR}"/incus-startup-0.4.service incus-startup.service + systemd_newunit "${FILESDIR}"/incus-user-0.4.service incus-user.service + systemd_newunit "${FILESDIR}"/incus-user-0.4.socket incus-user.socket + + if ! tc-is-cross-compiler; then + # Generate and install shell completion files. + mkdir -p "${D}"/usr/share/{bash-completion/completions/,fish/vendor_completions.d/,zsh/site-functions/} || die + "${bindir}"/incus completion bash > "${D}"/usr/share/bash-completion/completions/incus || die + "${bindir}"/incus completion fish > "${D}"/usr/share/fish/vendor_completions.d/incus.fish || die + "${bindir}"/incus completion zsh > "${D}"/usr/share/zsh/site-functions/_incus || die + else + ewarn "Shell completion files not installed! Install them manually with incus completion --help" + fi + + dodoc AUTHORS + dodoc -r doc/* + use nls && domo po/*.mo +} + +pkg_postinst() { + elog + elog "Please see" + elog " https://wiki.gentoo.org/wiki/Incus" + elog " https://wiki.gentoo.org/wiki/Incus#Migrating_from_LXD" + elog + optfeature "virtual machine support" app-cdr/cdrtools app-emulation/qemu[spice,usbredir,virtfs] + optfeature "btrfs storage backend" sys-fs/btrfs-progs + optfeature "ipv6 support" net-dns/dnsmasq[ipv6] + optfeature "full incus-migrate support" net-misc/rsync + optfeature "lvm2 storage backend" sys-fs/lvm2 + optfeature "zfs storage backend" sys-fs/zfs + elog + elog "Be sure to add your local user to the incus group." + elog +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/incus/incus-6.0.1-r1.ebuild b/sdk_container/src/third_party/portage-stable/app-containers/incus/incus-6.0.1-r1.ebuild new file mode 100644 index 00000000000..6a00a3b589a --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/incus/incus-6.0.1-r1.ebuild @@ -0,0 +1,219 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module linux-info optfeature systemd toolchain-funcs verify-sig + +DESCRIPTION="Modern, secure and powerful system container and virtual machine manager" +HOMEPAGE="https://linuxcontainers.org/incus/introduction/ https://github.com/lxc/incus" +SRC_URI="https://linuxcontainers.org/downloads/incus/${P}.tar.xz + verify-sig? ( https://linuxcontainers.org/downloads/incus/${P}.tar.xz.asc )" + +LICENSE="Apache-2.0 BSD LGPL-3 MIT" +SLOT="0/lts" +KEYWORDS="amd64 ~arm64" +IUSE="apparmor fuidshift nls" + +DEPEND="acct-group/incus + acct-group/incus-admin + app-arch/xz-utils + >=app-containers/lxc-5.0.0:=[apparmor?,seccomp(+)] + dev-db/sqlite:3 + >=dev-libs/cowsql-1.15.6 + dev-libs/lzo + >=dev-libs/raft-0.22.1:=[lz4] + >=dev-util/xdelta-3.0[lzma(+)] + net-dns/dnsmasq[dhcp] + sys-libs/libcap + virtual/udev" +RDEPEND="${DEPEND} + fuidshift? ( !app-containers/lxd ) + net-firewall/ebtables + net-firewall/iptables + sys-apps/iproute2 + sys-fs/fuse:* + >=sys-fs/lxcfs-5.0.0 + sys-fs/squashfs-tools[lzma] + virtual/acl" +BDEPEND=">=dev-lang/go-1.21 + nls? ( sys-devel/gettext ) + verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" + +CONFIG_CHECK=" + ~CGROUPS + ~IPC_NS + ~NET_NS + ~PID_NS + + ~SECCOMP + ~USER_NS + ~UTS_NS + + ~KVM + ~MACVTAP + ~VHOST_VSOCK +" + +ERROR_IPC_NS="CONFIG_IPC_NS is required." +ERROR_NET_NS="CONFIG_NET_NS is required." +ERROR_PID_NS="CONFIG_PID_NS is required." +ERROR_SECCOMP="CONFIG_SECCOMP is required." +ERROR_UTS_NS="CONFIG_UTS_NS is required." + +WARNING_KVM="CONFIG_KVM and CONFIG_KVM_AMD/-INTEL is required for virtual machines." +WARNING_MACVTAP="CONFIG_MACVTAP is required for virtual machines." +WARNING_VHOST_VSOCK="CONFIG_VHOST_VSOCK is required for virtual machines." + +# Go magic. +QA_PREBUILT="/usr/bin/incus + /usr/bin/lxc-to-incus + /usr/bin/incus-agent + /usr/bin/incus-benchmark + /usr/bin/incus-migrate + /usr/sbin/fuidshift + /usr/sbin/lxd-to-incus + /usr/sbin/incusd" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/linuxcontainers.asc + +# The testsuite must be run as root. +# make: *** [Makefile:156: check] Error 1 +RESTRICT="test" + +GOPATH="${S}/_dist" + +src_unpack() { + verify-sig_src_unpack + go-module_src_unpack +} + +src_prepare() { + export GOPATH="${S}/_dist" + + default + + sed -i \ + -e "s:\./configure:./configure --prefix=/usr --libdir=${EPREFIX}/usr/lib/incus:g" \ + -e "s:make:make ${MAKEOPTS}:g" \ + Makefile || die + + # Fix hardcoded ovmf file path, see bug 763180 + sed -i \ + -e "s:/usr/share/OVMF:/usr/share/edk2-ovmf:g" \ + -e "s:OVMF_VARS.ms.fd:OVMF_VARS.fd:g" \ + doc/environment.md \ + internal/server/apparmor/instance.go \ + internal/server/apparmor/instance_qemu.go \ + internal/server/instance/drivers/driver_qemu.go || die "Failed to fix hardcoded ovmf paths." + + # Fix hardcoded virtfs-proxy-helper file path, see bug 798924 + sed -i \ + -e "s:/usr/lib/qemu/virtfs-proxy-helper:/usr/libexec/virtfs-proxy-helper:g" \ + internal/server/device/device_utils_disk.go || die "Failed to fix virtfs-proxy-helper path." + + cp "${FILESDIR}"/incus-0.4.service "${T}"/incus.service || die + if use apparmor; then + sed -i \ + '/^EnvironmentFile=.*/a ExecStartPre=\/usr\/libexec\/lxc\/lxc-apparmor-load' \ + "${T}"/incus.service || die + fi + + # Disable -Werror's from go modules. + find "${S}" -name "cgo.go" -exec sed -i "s/ -Werror / /g" {} + || die +} + +src_configure() { :; } + +src_compile() { + export GOPATH="${S}/_dist" + export CGO_LDFLAGS_ALLOW="-Wl,-z,now" + + for k in incus-benchmark incus-simplestreams incus-user incus lxc-to-incus lxd-to-incus ; do + ego install -v -x "${S}/cmd/${k}" + done + + if use fuidshift ; then + ego install -v -x "${S}/cmd/fuidshift" + fi + + ego install -v -x -tags libsqlite3 "${S}"/cmd/incusd + + # Needs to be built statically + CGO_ENABLED=0 go install -v -tags netgo "${S}"/cmd/incus-migrate + CGO_ENABLED=0 go install -v -tags agent,netgo "${S}"/cmd/incus-agent + + use nls && emake build-mo +} + +src_test() { + emake check +} + +src_install() { + export GOPATH="${S}/_dist" + + if tc-is-cross-compiler ; then + local bindir="_dist/bin/linux_${GOARCH}" + else + local bindir="_dist/bin" + fi + + newsbin "${FILESDIR}"/incus-startup-0.4.sh incus-startup + + # Admin tools + for l in incusd incus-user lxd-to-incus ; do + dosbin ${bindir}/${l} + done + + # User tools + for m in incus-agent incus-benchmark incus-migrate incus-simplestreams incus lxc-to-incus ; do + dobin ${bindir}/${m} + done + + # fuidshift, should be moved under admin tools at some point + if use fuidshift ; then + dosbin ${bindir}/fuidshift + fi + + newconfd "${FILESDIR}"/incus-0.4.confd incus + newinitd "${FILESDIR}"/incus-0.4.initd incus + newinitd "${FILESDIR}"/incus-user-0.4.initd incus-user + + systemd_dounit "${T}"/incus.service + systemd_newunit "${FILESDIR}"/incus-0.4.socket incus.socket + systemd_newunit "${FILESDIR}"/incus-startup-0.4.service incus-startup.service + systemd_newunit "${FILESDIR}"/incus-user-0.4.service incus-user.service + systemd_newunit "${FILESDIR}"/incus-user-0.4.socket incus-user.socket + + if ! tc-is-cross-compiler; then + # Generate and install shell completion files. + mkdir -p "${D}"/usr/share/{bash-completion/completions/,fish/vendor_completions.d/,zsh/site-functions/} || die + "${bindir}"/incus completion bash > "${D}"/usr/share/bash-completion/completions/incus || die + "${bindir}"/incus completion fish > "${D}"/usr/share/fish/vendor_completions.d/incus.fish || die + "${bindir}"/incus completion zsh > "${D}"/usr/share/zsh/site-functions/_incus || die + else + ewarn "Shell completion files not installed! Install them manually with incus completion --help" + fi + + dodoc AUTHORS + dodoc -r doc/* + use nls && domo po/*.mo +} + +pkg_postinst() { + elog + elog "Please see" + elog " https://wiki.gentoo.org/wiki/Incus" + elog " https://wiki.gentoo.org/wiki/Incus#Migrating_from_LXD" + elog + optfeature "virtual machine support" app-cdr/cdrtools app-emulation/qemu[spice,usbredir,virtfs] + optfeature "btrfs storage backend" sys-fs/btrfs-progs + optfeature "ipv6 support" net-dns/dnsmasq[ipv6] + optfeature "full incus-migrate support" net-misc/rsync + optfeature "lvm2 storage backend" sys-fs/lvm2 + optfeature "zfs storage backend" sys-fs/zfs + elog + elog "Be sure to add your local user to the incus group." + elog +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/incus/incus-6.2.ebuild b/sdk_container/src/third_party/portage-stable/app-containers/incus/incus-6.2.ebuild new file mode 100644 index 00000000000..be229336f52 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/incus/incus-6.2.ebuild @@ -0,0 +1,219 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module linux-info optfeature systemd toolchain-funcs verify-sig + +DESCRIPTION="Modern, secure and powerful system container and virtual machine manager" +HOMEPAGE="https://linuxcontainers.org/incus/introduction/ https://github.com/lxc/incus" +SRC_URI="https://linuxcontainers.org/downloads/incus/${P}.tar.xz + verify-sig? ( https://linuxcontainers.org/downloads/incus/${P}.tar.xz.asc )" + +LICENSE="Apache-2.0 BSD LGPL-3 MIT" +SLOT="0" +KEYWORDS="~amd64 ~arm64" +IUSE="apparmor fuidshift nls" + +DEPEND="acct-group/incus + acct-group/incus-admin + app-arch/xz-utils + >=app-containers/lxc-5.0.0:=[apparmor?,seccomp(+)] + dev-db/sqlite:3 + >=dev-libs/cowsql-1.15.6 + dev-libs/lzo + >=dev-libs/raft-0.22.1:=[lz4] + >=dev-util/xdelta-3.0[lzma(+)] + net-dns/dnsmasq[dhcp] + sys-libs/libcap + virtual/udev" +RDEPEND="${DEPEND} + fuidshift? ( !app-containers/lxd ) + net-firewall/ebtables + net-firewall/iptables + sys-apps/iproute2 + sys-fs/fuse:* + >=sys-fs/lxcfs-5.0.0 + sys-fs/squashfs-tools[lzma] + virtual/acl" +BDEPEND=">=dev-lang/go-1.21 + nls? ( sys-devel/gettext ) + verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" + +CONFIG_CHECK=" + ~CGROUPS + ~IPC_NS + ~NET_NS + ~PID_NS + + ~SECCOMP + ~USER_NS + ~UTS_NS + + ~KVM + ~MACVTAP + ~VHOST_VSOCK +" + +ERROR_IPC_NS="CONFIG_IPC_NS is required." +ERROR_NET_NS="CONFIG_NET_NS is required." +ERROR_PID_NS="CONFIG_PID_NS is required." +ERROR_SECCOMP="CONFIG_SECCOMP is required." +ERROR_UTS_NS="CONFIG_UTS_NS is required." + +WARNING_KVM="CONFIG_KVM and CONFIG_KVM_AMD/-INTEL is required for virtual machines." +WARNING_MACVTAP="CONFIG_MACVTAP is required for virtual machines." +WARNING_VHOST_VSOCK="CONFIG_VHOST_VSOCK is required for virtual machines." + +# Go magic. +QA_PREBUILT="/usr/bin/incus + /usr/bin/incus-agent + /usr/bin/incus-benchmark + /usr/bin/incus-migrate + /usr/bin/lxc-to-incus + /usr/sbin/fuidshift + /usr/sbin/incusd + /usr/sbin/lxd-to-incus" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/linuxcontainers.asc + +# The testsuite must be run as root. +# make: *** [Makefile:156: check] Error 1 +RESTRICT="test" + +GOPATH="${S}/_dist" + +src_unpack() { + verify-sig_src_unpack + go-module_src_unpack +} + +src_prepare() { + export GOPATH="${S}/_dist" + + default + + sed -i \ + -e "s:\./configure:./configure --prefix=/usr --libdir=${EPREFIX}/usr/lib/incus:g" \ + -e "s:make:make ${MAKEOPTS}:g" \ + Makefile || die + + # Fix hardcoded ovmf file path, see bug 763180 + sed -i \ + -e "s:/usr/share/OVMF:/usr/share/edk2-ovmf:g" \ + -e "s:OVMF_VARS.ms.fd:OVMF_VARS.fd:g" \ + doc/environment.md \ + internal/server/apparmor/instance.go \ + internal/server/apparmor/instance_qemu.go \ + internal/server/instance/drivers/driver_qemu.go || die "Failed to fix hardcoded ovmf paths." + + # Fix hardcoded virtfs-proxy-helper file path, see bug 798924 + sed -i \ + -e "s:/usr/lib/qemu/virtfs-proxy-helper:/usr/libexec/virtfs-proxy-helper:g" \ + internal/server/device/device_utils_disk.go || die "Failed to fix virtfs-proxy-helper path." + + cp "${FILESDIR}"/incus-0.4.service "${T}"/incus.service || die + if use apparmor; then + sed -i \ + '/^EnvironmentFile=.*/a ExecStartPre=\/usr\/libexec\/lxc\/lxc-apparmor-load' \ + "${T}"/incus.service || die + fi + + # Disable -Werror's from go modules. + find "${S}" -name "cgo.go" -exec sed -i "s/ -Werror / /g" {} + || die +} + +src_configure() { :; } + +src_compile() { + export GOPATH="${S}/_dist" + export CGO_LDFLAGS_ALLOW="-Wl,-z,now" + + for k in incus-benchmark incus-simplestreams incus-user incus lxc-to-incus lxd-to-incus ; do + ego install -v -x "${S}/cmd/${k}" + done + + if use fuidshift ; then + ego install -v -x "${S}/cmd/fuidshift" + fi + + ego install -v -x -tags libsqlite3 "${S}"/cmd/incusd + + # Needs to be built statically + CGO_ENABLED=0 go install -v -tags netgo "${S}"/cmd/incus-migrate + CGO_ENABLED=0 go install -v -tags agent,netgo "${S}"/cmd/incus-agent + + use nls && emake build-mo +} + +src_test() { + emake check +} + +src_install() { + export GOPATH="${S}/_dist" + + if tc-is-cross-compiler ; then + local bindir="_dist/bin/linux_${GOARCH}" + else + local bindir="_dist/bin" + fi + + newsbin "${FILESDIR}"/incus-startup-0.4.sh incus-startup + + # Admin tools + for l in incusd incus-user lxd-to-incus ; do + dosbin ${bindir}/${l} + done + + # User tools + for m in incus-agent incus-benchmark incus-migrate incus-simplestreams incus lxc-to-incus ; do + dobin ${bindir}/${m} + done + + # fuidshift, should be moved under admin tools at some point + if use fuidshift ; then + dosbin ${bindir}/fuidshift + fi + + newconfd "${FILESDIR}"/incus-0.4.confd incus + newinitd "${FILESDIR}"/incus-0.4.initd incus + newinitd "${FILESDIR}"/incus-user-0.4.initd incus-user + + systemd_dounit "${T}"/incus.service + systemd_newunit "${FILESDIR}"/incus-0.4.socket incus.socket + systemd_newunit "${FILESDIR}"/incus-startup-0.4.service incus-startup.service + systemd_newunit "${FILESDIR}"/incus-user-0.4.service incus-user.service + systemd_newunit "${FILESDIR}"/incus-user-0.4.socket incus-user.socket + + if ! tc-is-cross-compiler; then + # Generate and install shell completion files. + mkdir -p "${D}"/usr/share/{bash-completion/completions/,fish/vendor_completions.d/,zsh/site-functions/} || die + "${bindir}"/incus completion bash > "${D}"/usr/share/bash-completion/completions/incus || die + "${bindir}"/incus completion fish > "${D}"/usr/share/fish/vendor_completions.d/incus.fish || die + "${bindir}"/incus completion zsh > "${D}"/usr/share/zsh/site-functions/_incus || die + else + ewarn "Shell completion files not installed! Install them manually with incus completion --help" + fi + + dodoc AUTHORS + dodoc -r doc/* + use nls && domo po/*.mo +} + +pkg_postinst() { + elog + elog "Please see" + elog " https://wiki.gentoo.org/wiki/Incus" + elog " https://wiki.gentoo.org/wiki/Incus#Migrating_from_LXD" + elog + optfeature "virtual machine support" app-cdr/cdrtools app-emulation/qemu[spice,usbredir,virtfs] + optfeature "btrfs storage backend" sys-fs/btrfs-progs + optfeature "ipv6 support" net-dns/dnsmasq[ipv6] + optfeature "full incus-migrate support" net-misc/rsync + optfeature "lvm2 storage backend" sys-fs/lvm2 + optfeature "zfs storage backend" sys-fs/zfs + elog + elog "Be sure to add your local user to the incus group." + elog +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/incus/incus-6.3-r1.ebuild b/sdk_container/src/third_party/portage-stable/app-containers/incus/incus-6.3-r1.ebuild new file mode 100644 index 00000000000..78cdff9ea0e --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/incus/incus-6.3-r1.ebuild @@ -0,0 +1,219 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module linux-info optfeature systemd toolchain-funcs verify-sig + +DESCRIPTION="Modern, secure and powerful system container and virtual machine manager" +HOMEPAGE="https://linuxcontainers.org/incus/introduction/ https://github.com/lxc/incus" +SRC_URI="https://linuxcontainers.org/downloads/incus/${P}.tar.xz + verify-sig? ( https://linuxcontainers.org/downloads/incus/${P}.tar.xz.asc )" + +LICENSE="Apache-2.0 BSD LGPL-3 MIT" +SLOT="0/stable" +KEYWORDS="~amd64 ~arm64" +IUSE="apparmor fuidshift nls" + +DEPEND="acct-group/incus + acct-group/incus-admin + app-arch/xz-utils + >=app-containers/lxc-5.0.0:=[apparmor?,seccomp(+)] + dev-db/sqlite:3 + >=dev-libs/cowsql-1.15.6 + dev-libs/lzo + >=dev-libs/raft-0.22.1:=[lz4] + >=dev-util/xdelta-3.0[lzma(+)] + net-dns/dnsmasq[dhcp] + sys-libs/libcap + virtual/udev" +RDEPEND="${DEPEND} + fuidshift? ( !app-containers/lxd ) + net-firewall/ebtables + net-firewall/iptables + sys-apps/iproute2 + sys-fs/fuse:* + >=sys-fs/lxcfs-5.0.0 + sys-fs/squashfs-tools[lzma] + virtual/acl" +BDEPEND=">=dev-lang/go-1.21 + nls? ( sys-devel/gettext ) + verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" + +CONFIG_CHECK=" + ~CGROUPS + ~IPC_NS + ~NET_NS + ~PID_NS + + ~SECCOMP + ~USER_NS + ~UTS_NS + + ~KVM + ~MACVTAP + ~VHOST_VSOCK +" + +ERROR_IPC_NS="CONFIG_IPC_NS is required." +ERROR_NET_NS="CONFIG_NET_NS is required." +ERROR_PID_NS="CONFIG_PID_NS is required." +ERROR_SECCOMP="CONFIG_SECCOMP is required." +ERROR_UTS_NS="CONFIG_UTS_NS is required." + +WARNING_KVM="CONFIG_KVM and CONFIG_KVM_AMD/-INTEL is required for virtual machines." +WARNING_MACVTAP="CONFIG_MACVTAP is required for virtual machines." +WARNING_VHOST_VSOCK="CONFIG_VHOST_VSOCK is required for virtual machines." + +# Go magic. +QA_PREBUILT="/usr/bin/incus + /usr/bin/incus-agent + /usr/bin/incus-benchmark + /usr/bin/incus-migrate + /usr/bin/lxc-to-incus + /usr/sbin/fuidshift + /usr/sbin/incusd + /usr/sbin/lxd-to-incus" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/linuxcontainers.asc + +# The testsuite must be run as root. +# make: *** [Makefile:156: check] Error 1 +RESTRICT="test" + +GOPATH="${S}/_dist" + +src_unpack() { + verify-sig_src_unpack + go-module_src_unpack +} + +src_prepare() { + export GOPATH="${S}/_dist" + + default + + sed -i \ + -e "s:\./configure:./configure --prefix=/usr --libdir=${EPREFIX}/usr/lib/incus:g" \ + -e "s:make:make ${MAKEOPTS}:g" \ + Makefile || die + + # Fix hardcoded ovmf file path, see bug 763180 + sed -i \ + -e "s:/usr/share/OVMF:/usr/share/edk2-ovmf:g" \ + -e "s:OVMF_VARS.ms.fd:OVMF_VARS.fd:g" \ + doc/environment.md \ + internal/server/apparmor/instance.go \ + internal/server/apparmor/instance_qemu.go \ + internal/server/instance/drivers/driver_qemu.go || die "Failed to fix hardcoded ovmf paths." + + # Fix hardcoded virtfs-proxy-helper file path, see bug 798924 + sed -i \ + -e "s:/usr/lib/qemu/virtfs-proxy-helper:/usr/libexec/virtfs-proxy-helper:g" \ + internal/server/device/device_utils_disk.go || die "Failed to fix virtfs-proxy-helper path." + + cp "${FILESDIR}"/incus-0.4.service "${T}"/incus.service || die + if use apparmor; then + sed -i \ + '/^EnvironmentFile=.*/a ExecStartPre=\/usr\/libexec\/lxc\/lxc-apparmor-load' \ + "${T}"/incus.service || die + fi + + # Disable -Werror's from go modules. + find "${S}" -name "cgo.go" -exec sed -i "s/ -Werror / /g" {} + || die +} + +src_configure() { :; } + +src_compile() { + export GOPATH="${S}/_dist" + export CGO_LDFLAGS_ALLOW="-Wl,-z,now" + + for k in incus-benchmark incus-simplestreams incus-user incus lxc-to-incus lxd-to-incus ; do + ego install -v -x "${S}/cmd/${k}" + done + + if use fuidshift ; then + ego install -v -x "${S}/cmd/fuidshift" + fi + + ego install -v -x -tags libsqlite3 "${S}"/cmd/incusd + + # Needs to be built statically + CGO_ENABLED=0 go install -v -tags netgo "${S}"/cmd/incus-migrate + CGO_ENABLED=0 go install -v -tags agent,netgo "${S}"/cmd/incus-agent + + use nls && emake build-mo +} + +src_test() { + emake check +} + +src_install() { + export GOPATH="${S}/_dist" + + if tc-is-cross-compiler ; then + local bindir="_dist/bin/linux_${GOARCH}" + else + local bindir="_dist/bin" + fi + + newsbin "${FILESDIR}"/incus-startup-0.4.sh incus-startup + + # Admin tools + for l in incusd incus-user lxd-to-incus ; do + dosbin ${bindir}/${l} + done + + # User tools + for m in incus-agent incus-benchmark incus-migrate incus-simplestreams incus lxc-to-incus ; do + dobin ${bindir}/${m} + done + + # fuidshift, should be moved under admin tools at some point + if use fuidshift ; then + dosbin ${bindir}/fuidshift + fi + + newconfd "${FILESDIR}"/incus-6.0.confd incus + newinitd "${FILESDIR}"/incus-6.0.initd incus + newinitd "${FILESDIR}"/incus-user-0.4.initd incus-user + + systemd_dounit "${T}"/incus.service + systemd_newunit "${FILESDIR}"/incus-0.4.socket incus.socket + systemd_newunit "${FILESDIR}"/incus-startup-0.4.service incus-startup.service + systemd_newunit "${FILESDIR}"/incus-user-0.4.service incus-user.service + systemd_newunit "${FILESDIR}"/incus-user-0.4.socket incus-user.socket + + if ! tc-is-cross-compiler; then + # Generate and install shell completion files. + mkdir -p "${D}"/usr/share/{bash-completion/completions/,fish/vendor_completions.d/,zsh/site-functions/} || die + "${bindir}"/incus completion bash > "${D}"/usr/share/bash-completion/completions/incus || die + "${bindir}"/incus completion fish > "${D}"/usr/share/fish/vendor_completions.d/incus.fish || die + "${bindir}"/incus completion zsh > "${D}"/usr/share/zsh/site-functions/_incus || die + else + ewarn "Shell completion files not installed! Install them manually with incus completion --help" + fi + + dodoc AUTHORS + dodoc -r doc/* + use nls && domo po/*.mo +} + +pkg_postinst() { + elog + elog "Please see" + elog " https://wiki.gentoo.org/wiki/Incus" + elog " https://wiki.gentoo.org/wiki/Incus#Migrating_from_LXD" + elog + optfeature "virtual machine support" app-cdr/cdrtools app-emulation/qemu[spice,usbredir,virtfs] + optfeature "btrfs storage backend" sys-fs/btrfs-progs + optfeature "ipv6 support" net-dns/dnsmasq[ipv6] + optfeature "full incus-migrate support" net-misc/rsync + optfeature "lvm2 storage backend" sys-fs/lvm2 + optfeature "zfs storage backend" sys-fs/zfs + elog + elog "Be sure to add your local user to the incus group." + elog +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/incus/metadata.xml b/sdk_container/src/third_party/portage-stable/app-containers/incus/metadata.xml new file mode 100644 index 00000000000..ca40c46198b --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/incus/metadata.xml @@ -0,0 +1,34 @@ + + + + + juippis@gentoo.org + Joonas Niilola + + + virtualization@gentoo.org + Gentoo Virtualization Project + + + Install the fuidshift binary - currently conflicts with app-containers/lxd + + + Incus is a modern, secure and powerful system container and virtual machine manager. + Incus is a community fork from Canonical's LXD. + + It provides a unified experience for running and managing full Linux systems inside containers + or virtual machines. Incus supplies images for a wide number of Linux distributions and is built + around a very powerful, yet pretty simple, REST API. Incus scales from one instance on a single + machine to a cluster in a full data center rack, making it suitable for running workloads both + for development and in production. + + Incus allows you to easily set up a system that feels like a small private cloud. You can run any + type of workload in an efficient way while keeping your resources optimized. + + You should consider using Incus if you want to containerize different environments or run virtual + machines, or in general run and manage your infrastructure in a cost-effective way. + + + lxc/incus + + diff --git a/sdk_container/src/third_party/portage-stable/app-containers/lxc/Manifest b/sdk_container/src/third_party/portage-stable/app-containers/lxc/Manifest new file mode 100644 index 00000000000..54133898f2b --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/lxc/Manifest @@ -0,0 +1,6 @@ +DIST lxc-5.0.3.tar.gz 975269 BLAKE2B 533d97fe4d986acbf5d562bb2c295a63df2a9a8bfc27aeff5056e4235f667102500debc586c5698482ec048c1b222a0fdc234db6fd6648c4b649f87a85de18f8 SHA512 0553be317431ab7ec0c450c0f85724a53de1f251c39c9716168e17cda6a8daec70b8221228c4be64027df28a327e0f1fd508e6bb48348ab540bbfeaf2b9ac974 +DIST lxc-5.0.3.tar.gz.asc 833 BLAKE2B c35278ed17cad76d2ea94b3985e0110731efea751fb5f1c2d1c9db71486e4844285f372a94c8611dcfe91fdb16459694843b9e0a8273cfc68a56f549c7162cfb SHA512 a5ce5769d49abdf35d94de8273fd3e9c2a8ba4fafea71cf33ee6bce1d83531c8b550d972f7080409a4cc5a92e9d04ece50ed108f92c6aec4868d150e58d7d11a +DIST lxc-6.0.0.tar.gz 964053 BLAKE2B d41bcab4e225c139d4d41df5291717e4d196fe3b48d978a993811b74a08e7a75e1528f4bf44f694a624537632bdec642cd80cf51a528dea848baa11c10471afa SHA512 acff2fc70cf2c65af37b70a21239482c3d845c408f7132558b54980e4400c23670c63178a3a3dfb239f047f529004df93cd829d728852a8c8647ce6babf7857f +DIST lxc-6.0.0.tar.gz.asc 833 BLAKE2B d2cda07e605d64dbb650506cf536c545e2c5746973c834f4d4f409064e2ba8265040b13a60e124e30e154bbc5a51c704bad0fa2ff5530effddfa449618aa60a7 SHA512 4e56ffa7395877714f993d9c54cf8b9df91cdced96c5a609b63f5e3896a0a51db8ba6f99bf2360d60af202df79123deea72215bf854d8798d3af361a4888445e +DIST lxc-6.0.1.tar.gz 964526 BLAKE2B 6fb6442e0a9a356433351f412c9a1e4f18155146e49f40ebe6e132ea770a8737793df0c7ca13ca70ce631a2308ff525fca2fd2d127b98edbd00e0af7efce6879 SHA512 7e8b9740178ae46a2ad3ba3f1e509f69f978d0a2a1f7e1938213ae9cb9a80f496d01be64958cad4aa6f01a73f1d8c3759c3e9df9df4f67c77e603ea0809d79c2 +DIST lxc-6.0.1.tar.gz.asc 833 BLAKE2B 8469ff5603c48205c6451630ec8f03617c648e3d13f73ebd7d908017422b75613e5489b42ad0f598fcf5cf9e241fccaeb4b0ec3ac186a670ed56a252e282b16e SHA512 e0ebd29c3e793e1159e350854e2ac7adacd918b76dfa2de1e0227fd45034ac9308d02b7da1c0c80eae471ebba44a0804a7a0bf17cbf1c18de45bc63974e017e0 diff --git a/sdk_container/src/third_party/portage-stable/app-containers/lxc/files/lxc-monitord.service.5.0.0 b/sdk_container/src/third_party/portage-stable/app-containers/lxc/files/lxc-monitord.service.5.0.0 new file mode 100644 index 00000000000..ff4a201152c --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/lxc/files/lxc-monitord.service.5.0.0 @@ -0,0 +1,11 @@ +[Unit] +Description=LXC Container Monitoring Daemon +After=syslog.service network.target +Documentation=man:lxc + +[Service] +Type=simple +ExecStart=/usr/libexec/lxc/lxc-monitord --daemon + +[Install] +WantedBy=multi-user.target diff --git a/sdk_container/src/third_party/portage-stable/app-containers/lxc/files/lxc-net.service.5.0.0 b/sdk_container/src/third_party/portage-stable/app-containers/lxc/files/lxc-net.service.5.0.0 new file mode 100644 index 00000000000..8a037fcb761 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/lxc/files/lxc-net.service.5.0.0 @@ -0,0 +1,15 @@ +[Unit] +Description=LXC network bridge setup +After=network-online.target +Before=lxc.service +Documentation=man:lxc +ConditionVirtualization=!lxc + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/libexec/lxc/lxc-net start +ExecStop=/usr/libexec/lxc/lxc-net stop + +[Install] +WantedBy=multi-user.target diff --git a/sdk_container/src/third_party/portage-stable/app-containers/lxc/files/lxc.initd.9 b/sdk_container/src/third_party/portage-stable/app-containers/lxc/files/lxc.initd.9 new file mode 100644 index 00000000000..4958fbcbbc7 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/lxc/files/lxc.initd.9 @@ -0,0 +1,132 @@ +#!/sbin/openrc-run +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +CONTAINER=${SVCNAME#*.} + +LXC_PATH=`lxc-config lxc.lxcpath` + +lxc_get_configfile() { + if [ -f "${LXC_PATH}/${CONTAINER}.conf" ]; then + echo "${LXC_PATH}/${CONTAINER}.conf" + elif [ -f "${LXC_PATH}/${CONTAINER}/config" ]; then + echo "${LXC_PATH}/${CONTAINER}/config" + else + eerror "Unable to find a suitable configuration file." + eerror "If you set up the container in a non-standard" + eerror "location, please set the CONFIGFILE variable." + return 1 + fi +} + +[ $CONTAINER != $SVCNAME ] && CONFIGFILE=${CONFIGFILE:-$(lxc_get_configfile)} + +lxc_get_var() { + awk 'BEGIN { FS="[ \t]*=[ \t]*" } $1 == "'$1'" { print $2; exit }' ${CONFIGFILE} +} + +lxc_get_net_link_type() { + # gentoo bugfix 909640, drop commented lines before awk + grep -v '^#' ${CONFIGFILE} | awk 'BEGIN { FS="[ \t]*=[ \t]*"; _link=""; _type="" } + $1 == "lxc.network.type" {_type=$2;} + $1 == "lxc.network.link" {_link=$2;} + match($1, /lxc\.net\.[[:digit:]]+\.type/) {_type=$2;} + match($1, /lxc\.net\.[[:digit:]]+\.link/) {_link=$2;} + {if(_link != "" && _type != ""){ + printf("%s:%s\n", _link, _type ); + _link=""; _type=""; + }; }' +} + +checkconfig() { + if [ ${CONTAINER} = ${SVCNAME} ]; then + eerror "You have to create an init script for each container:" + eerror " ln -s lxc /etc/init.d/lxc.container" + return 1 + fi + + # no need to output anything, the function takes care of that. + [ -z "${CONFIGFILE}" ] && return 1 + + utsname=$(lxc_get_var lxc.uts.name) + if [ -z "$utsname" ] ; then + utsname=$(lxc_get_var lxc.utsname) + fi + + if [ "${CONTAINER}" != "${utsname}" ]; then + eerror "You should use the same name for the service and the" + eerror "container. Right now the container is called ${utsname}" + return 1 + fi +} + +depend() { + # be quiet, since we have to run depend() also for the + # non-muxed init script, unfortunately. + checkconfig 2>/dev/null || return 0 + + config ${CONFIGFILE} + need localmount + use lxcfs + + local _x _if + for _x in $(lxc_get_net_link_type); do + _if=${_x%:*} + case "${_x##*:}" in + # when the network type is set to phys, we can make use of a + # network service (for instance to set it up before we disable + # the net_admin capability), but we might also not set it up + # at all on the host and leave the net_admin capable service + # to take care of it. + phys) use net.${_if} ;; + *) need net.${_if} ;; + esac + done +} + +start() { + checkconfig || return 1 + rm -f /var/log/lxc/${CONTAINER}.log + + rootpath=$(lxc_get_var lxc.rootfs) + + # Check the format of our init and the chroot's init, to see + # if we have to use linux32 or linux64; always use setarch + # when required, as that makes it easier to deal with + # x32-based containers. + case $(scanelf -BF '%a#f' ${rootpath}/sbin/init) in + EM_X86_64) setarch=linux64;; + EM_386) setarch=linux32;; + esac + + ebegin "Starting LXC container ${CONTAINER}" + env -i ${setarch} $(which lxc-start) -n ${CONTAINER} -f ${CONFIGFILE} -d -o /var/log/lxc/${CONTAINER}.log + sleep 1 + + # lxc-start -d will _always_ report a correct startup, even if it + # failed, so rather than trust that, check that the cgroup exists. + # fix for LXC 3.1 + + STATE="$(lxc-info -s -H ${CONTAINER})" + [ "$STATE" = "RUNNING" ] + + eend $? +} + +stop() { + checkconfig || return 1 + + STATE="$(lxc-info -s -H ${CONTAINER})" + + if ! [ "$STATE" = "RUNNING" ]; then + ewarn "${CONTAINER} doesn't seem to be started." + return 0 + fi + + # 30s should be enough to shut everything down + # lxc-stop will return back anyway as soon as successful shutdown + # after 30s, lxc-stop sends SIGKILL (dirty shotdown) + ebegin "Stopping LXC container ${CONTAINER}" + lxc-stop -t 30 -n ${CONTAINER} + eend $? +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/lxc/files/lxc.service-5.0.0 b/sdk_container/src/third_party/portage-stable/app-containers/lxc/files/lxc.service-5.0.0 new file mode 100644 index 00000000000..35d0dff241d --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/lxc/files/lxc.service-5.0.0 @@ -0,0 +1,19 @@ +[Unit] +Description=LXC Container Initialization and Autoboot Code +After=network.target lxc-net.service remote-fs.target +Wants=lxc-net.service +Documentation=man:lxc-autostart man:lxc + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStartPre=/usr/libexec/lxc/lxc-apparmor-load +ExecStart=/usr/libexec//lxc/lxc-containers start +ExecStop=/usr/libexec/lxc/lxc-containers stop +ExecReload=/usr/libexec/lxc/lxc-apparmor-load +# Environment=BOOTUP=serial +# Environment=CONSOLETYPE=serial +Delegate=yes + +[Install] +WantedBy=multi-user.target diff --git a/sdk_container/src/third_party/portage-stable/app-containers/lxc/files/lxc_at.service.5.0.0 b/sdk_container/src/third_party/portage-stable/app-containers/lxc/files/lxc_at.service.5.0.0 new file mode 100644 index 00000000000..447b6c87ec5 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/lxc/files/lxc_at.service.5.0.0 @@ -0,0 +1,19 @@ +[Unit] +Description=LXC Container: %i +# This pulls in apparmor, dev-setup, lxc-net +After=lxc.service +Wants=lxc.service +Documentation=man:lxc-start man:lxc + +[Service] +Type=simple +KillMode=mixed +TimeoutStopSec=120s +ExecStart=/usr/bin/lxc-start -F -n %i +ExecStop=/usr/bin/lxc-stop -n %i +# Environment=BOOTUP=serial +# Environment=CONSOLETYPE=serial +Delegate=yes + +[Install] +WantedBy=multi-user.target diff --git a/sdk_container/src/third_party/portage-stable/app-containers/lxc/lxc-5.0.3.ebuild b/sdk_container/src/third_party/portage-stable/app-containers/lxc/lxc-5.0.3.ebuild new file mode 100644 index 00000000000..4fdedaf083a --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/lxc/lxc-5.0.3.ebuild @@ -0,0 +1,169 @@ +# Copyright 2022-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit bash-completion-r1 linux-info meson optfeature systemd toolchain-funcs verify-sig + +DESCRIPTION="A userspace interface for the Linux kernel containment features" +HOMEPAGE="https://linuxcontainers.org/ https://github.com/lxc/lxc" +SRC_URI="https://linuxcontainers.org/downloads/lxc/${P}.tar.gz + verify-sig? ( https://linuxcontainers.org/downloads/lxc/${P}.tar.gz.asc )" + +LICENSE="GPL-2 LGPL-2.1 LGPL-3" +SLOT="0/1.502" # SONAME liblxc.so.1 + ${PV//./} _if_ breaking ABI change while bumping. +KEYWORDS="amd64 ~arm ~arm64 ~ppc64 ~riscv x86" +IUSE="apparmor +caps examples io-uring lto man pam seccomp selinux ssl systemd test +tools" + +RDEPEND="acct-group/lxc + acct-user/lxc + apparmor? ( sys-libs/libapparmor ) + caps? ( sys-libs/libcap[static-libs] ) + io-uring? ( >=sys-libs/liburing-2:= ) + pam? ( sys-libs/pam ) + seccomp? ( sys-libs/libseccomp ) + selinux? ( sys-libs/libselinux ) + ssl? ( dev-libs/openssl:0= ) + systemd? ( sys-apps/systemd:= ) + tools? ( sys-libs/libcap[static-libs] )" +DEPEND="${RDEPEND} + sys-kernel/linux-headers" +BDEPEND="virtual/pkgconfig + man? ( app-text/docbook2X ) + verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" + +RESTRICT="!test? ( test )" + +CONFIG_CHECK="~!NETPRIO_CGROUP + ~CGROUPS + ~CGROUP_CPUACCT + ~CGROUP_DEVICE + ~CGROUP_FREEZER + + ~CGROUP_SCHED + ~CPUSETS + ~IPC_NS + ~MACVLAN + + ~MEMCG + ~NAMESPACES + ~NET_NS + ~PID_NS + + ~POSIX_MQUEUE + ~USER_NS + ~UTS_NS + ~VETH" + +ERROR_CGROUP_FREEZER="CONFIG_CGROUP_FREEZER: needed to freeze containers" +ERROR_MACVLAN="CONFIG_MACVLAN: needed for internal (inter-container) networking" +ERROR_MEMCG="CONFIG_MEMCG: needed for memory resource control in containers" +ERROR_NET_NS="CONFIG_NET_NS: needed for unshared network" +ERROR_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE: needed for lxc-execute command" +ERROR_UTS_NS="CONFIG_UTS_NS: needed to unshare hostnames and uname info" +ERROR_VETH="CONFIG_VETH: needed for internal (host-to-container) networking" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/linuxcontainers.asc + +DOCS=( AUTHORS CONTRIBUTING MAINTAINERS README.md doc/FAQ.txt ) + +pkg_setup() { + linux-info_pkg_setup +} + +src_configure() { + local emesonargs=( + --localstatedir "${EPREFIX}/var" + + -Dcoverity-build=false + -Doss-fuzz=false + + -Dcommands=true + -Dmemfd-rexec=true + -Dthread-safety=true + + $(meson_use apparmor) + $(meson_use caps capabilities) + $(meson_use examples) + $(meson_use io-uring io-uring-event-loop) + $(meson_use lto b_lto) + $(meson_use man) + $(meson_use pam pam-cgroup) + $(meson_use seccomp) + $(meson_use selinux) + $(meson_use ssl openssl) + $(meson_use test tests) + $(meson_use tools) + + -Ddata-path=/var/lib/lxc + -Ddoc-path=/usr/share/doc/${PF} + -Dlog-path=/var/log/lxc + -Drootfs-mount-path=/var/lib/lxc/rootfs + -Druntime-path=/run + ) + + if use systemd; then + local emesonargs+=( -Dinit-script="systemd" ) + local emesonargs+=( -Dsd-bus=enabled ) + else + local emesonargs+=( -Dinit-script="sysvinit" ) + local emesonargs+=( -Dsd-bus=disabled ) + fi + + use tools && local emesonargs+=( -Dcapabilities=true ) + + if $(tc-ld-is-gold) || $(tc-ld-is-lld); then + local emesonargs+=( -Db_lto_mode=thin ) + else + local emesonargs+=( -Db_lto_mode=default ) + fi + + meson_src_configure +} + +src_install() { + meson_src_install + + # The main bash-completion file will collide with lxd, need to relocate and update symlinks. + mkdir -p "${ED}"/$(get_bashcompdir) || die "Failed to create bashcompdir." + + if use tools; then + bashcomp_alias lxc-start lxc-{attach,autostart,cgroup,checkpoint,config,console,copy,create,destroy,device,execute,freeze,info,ls,monitor,snapshot,stop,top,unfreeze,unshare,usernsexec,wait} + else + bashcomp_alias lxc-start lxc-usernsexec + fi + + keepdir /var/lib/cache/lxc /var/lib/lib/lxc + + find "${ED}" -name '*.la' -delete -o -name '*.a' -delete || die + + # Replace upstream sysvinit/systemd files. + if use systemd; then + rm -r "${D}$(systemd_get_systemunitdir)" || die "Failed to remove systemd lib dir" + else + rm "${ED}"/etc/init.d/lxc-{containers,net} || die "Failed to remove sysvinit scripts" + fi + + newinitd "${FILESDIR}/${PN}.initd.9" ${PN} + systemd_newunit "${FILESDIR}"/lxc-monitord.service.5.0.0 lxc-monitord.service + systemd_newunit "${FILESDIR}"/lxc-net.service.5.0.0 lxc-net.service + systemd_newunit "${FILESDIR}"/lxc.service-5.0.0 lxc.service + systemd_newunit "${FILESDIR}"/lxc_at.service.5.0.0 "lxc@.service" + + if ! use apparmor; then + sed -i '/lxc-apparmor-load/d' "${D}$(systemd_get_systemunitdir)/lxc.service" || + die "Failed to remove apparmor references from lxc.service systemd unit." + fi +} + +pkg_postinst() { + elog "Please refer to " + elog "https://wiki.gentoo.org/wiki/LXC for introduction and usage guide." + elog + elog "Run 'lxc-checkconfig' to see optional kernel features." + elog + + optfeature "automatic template scripts" app-containers/lxc-templates + optfeature "Debian-based distribution container image support" dev-util/debootstrap + optfeature "snapshot & restore functionality" sys-process/criu +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/lxc/lxc-6.0.0-r2.ebuild b/sdk_container/src/third_party/portage-stable/app-containers/lxc/lxc-6.0.0-r2.ebuild new file mode 100644 index 00000000000..fe1eca7f897 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/lxc/lxc-6.0.0-r2.ebuild @@ -0,0 +1,172 @@ +# Copyright 2022-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit bash-completion-r1 linux-info meson optfeature systemd toolchain-funcs verify-sig + +DESCRIPTION="A userspace interface for the Linux kernel containment features" +HOMEPAGE="https://linuxcontainers.org/ https://github.com/lxc/lxc" +SRC_URI="https://linuxcontainers.org/downloads/lxc/${P}.tar.gz + verify-sig? ( https://linuxcontainers.org/downloads/lxc/${P}.tar.gz.asc )" + +LICENSE="GPL-2 LGPL-2.1 LGPL-3" +SLOT="0/1.8" # SONAME liblxc.so.1 + ${PV//./} _if_ breaking ABI change while bumping. +KEYWORDS="amd64 ~arm ~arm64 ~ppc64 ~riscv x86" +IUSE="apparmor +caps examples io-uring lto man pam seccomp selinux ssl systemd test +tools" + +RDEPEND="acct-group/lxc + acct-user/lxc + apparmor? ( sys-libs/libapparmor ) + caps? ( sys-libs/libcap[static-libs] ) + io-uring? ( >=sys-libs/liburing-2:= ) + pam? ( sys-libs/pam ) + seccomp? ( sys-libs/libseccomp ) + selinux? ( sys-libs/libselinux ) + ssl? ( dev-libs/openssl:0= ) + systemd? ( + sys-apps/dbus + sys-apps/systemd:= + ) + tools? ( sys-libs/libcap[static-libs] )" +DEPEND="${RDEPEND} + sys-kernel/linux-headers" +BDEPEND="virtual/pkgconfig + man? ( app-text/docbook2X ) + verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" + +RESTRICT="!test? ( test )" + +CONFIG_CHECK="~!NETPRIO_CGROUP + ~CGROUPS + ~CGROUP_CPUACCT + ~CGROUP_DEVICE + ~CGROUP_FREEZER + + ~CGROUP_SCHED + ~CPUSETS + ~IPC_NS + ~MACVLAN + + ~MEMCG + ~NAMESPACES + ~NET_NS + ~PID_NS + + ~POSIX_MQUEUE + ~USER_NS + ~UTS_NS + ~VETH" + +ERROR_CGROUP_FREEZER="CONFIG_CGROUP_FREEZER: needed to freeze containers" +ERROR_MACVLAN="CONFIG_MACVLAN: needed for internal (inter-container) networking" +ERROR_MEMCG="CONFIG_MEMCG: needed for memory resource control in containers" +ERROR_NET_NS="CONFIG_NET_NS: needed for unshared network" +ERROR_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE: needed for lxc-execute command" +ERROR_UTS_NS="CONFIG_UTS_NS: needed to unshare hostnames and uname info" +ERROR_VETH="CONFIG_VETH: needed for internal (host-to-container) networking" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/linuxcontainers.asc + +DOCS=( AUTHORS CONTRIBUTING MAINTAINERS README.md doc/FAQ.txt ) + +pkg_setup() { + linux-info_pkg_setup +} + +src_configure() { + + # -Dtools-multicall=false: will create a single binary called 'lxc' that conflicts with LXD. + local emesonargs=( + --localstatedir "${EPREFIX}/var" + + -Dcoverity-build=false + -Dinstall-state-dirs=false + -Doss-fuzz=false + -Dspecfile=false + -Dtools-multicall=false + + -Dcommands=true + -Dinstall-init-files=true + -Dmemfd-rexec=true + -Dthread-safety=true + + $(meson_use apparmor) + $(meson_use caps capabilities) + $(meson_use examples) + $(meson_use io-uring io-uring-event-loop) + $(meson_use lto b_lto) + $(meson_use man) + $(meson_use pam pam-cgroup) + $(meson_use seccomp) + $(meson_use selinux) + $(meson_use ssl openssl) + $(meson_use test tests) + $(meson_use tools) + + $(usex systemd -Ddbus=true -Ddbus=false) + $(usex systemd -Dinit-script="systemd" -Dinit-script="sysvinit") + + -Ddata-path=/var/lib/lxc + -Ddoc-path=/usr/share/doc/${PF} + -Dlog-path=/var/log/lxc + -Drootfs-mount-path=/var/lib/lxc/rootfs + -Druntime-path=/run + ) + + use tools && local emesonargs+=( -Dcapabilities=true ) + + if $(tc-ld-is-gold) || $(tc-ld-is-lld); then + local emesonargs+=( -Db_lto_mode=thin ) + else + local emesonargs+=( -Db_lto_mode=default ) + fi + + meson_src_configure +} + +src_install() { + meson_src_install + + # The main bash-completion file will collide with lxd, need to relocate and update symlinks. + mkdir -p "${ED}"/$(get_bashcompdir) || die "Failed to create bashcompdir." + + if use tools; then + bashcomp_alias lxc-start lxc-{attach,autostart,cgroup,checkpoint,config,console,copy,create,destroy,device,execute,freeze,info,ls,monitor,snapshot,stop,top,unfreeze,unshare,usernsexec,wait} + else + bashcomp_alias lxc-start lxc-usernsexec + fi + + find "${ED}" -name '*.la' -delete -o -name '*.a' -delete || die + + # Replace upstream sysvinit/systemd files. + if use systemd; then + rm -r "${D}$(systemd_get_systemunitdir)" || die "Failed to remove systemd lib dir" + else + rm "${ED}"/etc/init.d/lxc-{containers,net} || die "Failed to remove sysvinit scripts" + fi + + newinitd "${FILESDIR}/${PN}.initd.9" ${PN} + systemd_newunit "${FILESDIR}"/lxc-monitord.service.5.0.0 lxc-monitord.service + systemd_newunit "${FILESDIR}"/lxc-net.service.5.0.0 lxc-net.service + systemd_newunit "${FILESDIR}"/lxc.service-5.0.0 lxc.service + systemd_newunit "${FILESDIR}"/lxc_at.service.5.0.0 "lxc@.service" + + if ! use apparmor; then + sed -i '/lxc-apparmor-load/d' "${D}$(systemd_get_systemunitdir)/lxc.service" || + die "Failed to remove apparmor references from lxc.service systemd unit." + fi +} + +pkg_postinst() { + elog "Please refer to " + elog "https://wiki.gentoo.org/wiki/LXC for introduction and usage guide." + elog + elog "Run 'lxc-checkconfig' to see optional kernel features." + elog + + optfeature "creating your own LXC containers" app-containers/distrobuilder + optfeature "automatic template scripts" app-containers/lxc-templates + optfeature "Debian-based distribution container image support" dev-util/debootstrap + optfeature "snapshot & restore functionality" sys-process/criu +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/lxc/lxc-6.0.1.ebuild b/sdk_container/src/third_party/portage-stable/app-containers/lxc/lxc-6.0.1.ebuild new file mode 100644 index 00000000000..dcbf0d98541 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/lxc/lxc-6.0.1.ebuild @@ -0,0 +1,172 @@ +# Copyright 2022-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit bash-completion-r1 linux-info meson optfeature systemd toolchain-funcs verify-sig + +DESCRIPTION="A userspace interface for the Linux kernel containment features" +HOMEPAGE="https://linuxcontainers.org/ https://github.com/lxc/lxc" +SRC_URI="https://linuxcontainers.org/downloads/lxc/${P}.tar.gz + verify-sig? ( https://linuxcontainers.org/downloads/lxc/${P}.tar.gz.asc )" + +LICENSE="GPL-2 LGPL-2.1 LGPL-3" +SLOT="0/1.8" # SONAME liblxc.so.1 + ${PV//./} _if_ breaking ABI change while bumping. +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" +IUSE="apparmor +caps examples io-uring lto man pam seccomp selinux ssl systemd test +tools" + +RDEPEND="acct-group/lxc + acct-user/lxc + apparmor? ( sys-libs/libapparmor ) + caps? ( sys-libs/libcap[static-libs] ) + io-uring? ( >=sys-libs/liburing-2:= ) + pam? ( sys-libs/pam ) + seccomp? ( sys-libs/libseccomp ) + selinux? ( sys-libs/libselinux ) + ssl? ( dev-libs/openssl:0= ) + systemd? ( + sys-apps/dbus + sys-apps/systemd:= + ) + tools? ( sys-libs/libcap[static-libs] )" +DEPEND="${RDEPEND} + sys-kernel/linux-headers" +BDEPEND="virtual/pkgconfig + man? ( app-text/docbook2X ) + verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" + +RESTRICT="!test? ( test )" + +CONFIG_CHECK="~!NETPRIO_CGROUP + ~CGROUPS + ~CGROUP_CPUACCT + ~CGROUP_DEVICE + ~CGROUP_FREEZER + + ~CGROUP_SCHED + ~CPUSETS + ~IPC_NS + ~MACVLAN + + ~MEMCG + ~NAMESPACES + ~NET_NS + ~PID_NS + + ~POSIX_MQUEUE + ~USER_NS + ~UTS_NS + ~VETH" + +ERROR_CGROUP_FREEZER="CONFIG_CGROUP_FREEZER: needed to freeze containers" +ERROR_MACVLAN="CONFIG_MACVLAN: needed for internal (inter-container) networking" +ERROR_MEMCG="CONFIG_MEMCG: needed for memory resource control in containers" +ERROR_NET_NS="CONFIG_NET_NS: needed for unshared network" +ERROR_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE: needed for lxc-execute command" +ERROR_UTS_NS="CONFIG_UTS_NS: needed to unshare hostnames and uname info" +ERROR_VETH="CONFIG_VETH: needed for internal (host-to-container) networking" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/linuxcontainers.asc + +DOCS=( AUTHORS CONTRIBUTING MAINTAINERS README.md doc/FAQ.txt ) + +pkg_setup() { + linux-info_pkg_setup +} + +src_configure() { + + # -Dtools-multicall=false: will create a single binary called 'lxc' that conflicts with LXD. + local emesonargs=( + --localstatedir "${EPREFIX}/var" + + -Dcoverity-build=false + -Dinstall-state-dirs=false + -Doss-fuzz=false + -Dspecfile=false + -Dtools-multicall=false + + -Dcommands=true + -Dinstall-init-files=true + -Dmemfd-rexec=true + -Dthread-safety=true + + $(meson_use apparmor) + $(meson_use caps capabilities) + $(meson_use examples) + $(meson_use io-uring io-uring-event-loop) + $(meson_use lto b_lto) + $(meson_use man) + $(meson_use pam pam-cgroup) + $(meson_use seccomp) + $(meson_use selinux) + $(meson_use ssl openssl) + $(meson_use test tests) + $(meson_use tools) + + $(usex systemd -Ddbus=true -Ddbus=false) + $(usex systemd -Dinit-script="systemd" -Dinit-script="sysvinit") + + -Ddata-path=/var/lib/lxc + -Ddoc-path=/usr/share/doc/${PF} + -Dlog-path=/var/log/lxc + -Drootfs-mount-path=/var/lib/lxc/rootfs + -Druntime-path=/run + ) + + use tools && local emesonargs+=( -Dcapabilities=true ) + + if $(tc-ld-is-gold) || $(tc-ld-is-lld); then + local emesonargs+=( -Db_lto_mode=thin ) + else + local emesonargs+=( -Db_lto_mode=default ) + fi + + meson_src_configure +} + +src_install() { + meson_src_install + + # The main bash-completion file will collide with lxd, need to relocate and update symlinks. + mkdir -p "${ED}"/$(get_bashcompdir) || die "Failed to create bashcompdir." + + if use tools; then + bashcomp_alias lxc-start lxc-{attach,autostart,cgroup,checkpoint,config,console,copy,create,destroy,device,execute,freeze,info,ls,monitor,snapshot,stop,top,unfreeze,unshare,usernsexec,wait} + else + bashcomp_alias lxc-start lxc-usernsexec + fi + + find "${ED}" -name '*.la' -delete -o -name '*.a' -delete || die + + # Replace upstream sysvinit/systemd files. + if use systemd; then + rm -r "${D}$(systemd_get_systemunitdir)" || die "Failed to remove systemd lib dir" + else + rm "${ED}"/etc/init.d/lxc-{containers,net} || die "Failed to remove sysvinit scripts" + fi + + newinitd "${FILESDIR}/${PN}.initd.9" ${PN} + systemd_newunit "${FILESDIR}"/lxc-monitord.service.5.0.0 lxc-monitord.service + systemd_newunit "${FILESDIR}"/lxc-net.service.5.0.0 lxc-net.service + systemd_newunit "${FILESDIR}"/lxc.service-5.0.0 lxc.service + systemd_newunit "${FILESDIR}"/lxc_at.service.5.0.0 "lxc@.service" + + if ! use apparmor; then + sed -i '/lxc-apparmor-load/d' "${D}$(systemd_get_systemunitdir)/lxc.service" || + die "Failed to remove apparmor references from lxc.service systemd unit." + fi +} + +pkg_postinst() { + elog "Please refer to " + elog "https://wiki.gentoo.org/wiki/LXC for introduction and usage guide." + elog + elog "Run 'lxc-checkconfig' to see optional kernel features." + elog + + optfeature "creating your own LXC containers" app-containers/distrobuilder + optfeature "automatic template scripts" app-containers/lxc-templates + optfeature "Debian-based distribution container image support" dev-util/debootstrap + optfeature "snapshot & restore functionality" sys-process/criu +} diff --git a/sdk_container/src/third_party/portage-stable/app-containers/lxc/metadata.xml b/sdk_container/src/third_party/portage-stable/app-containers/lxc/metadata.xml new file mode 100644 index 00000000000..7c423aeaca6 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/app-containers/lxc/metadata.xml @@ -0,0 +1,20 @@ + + + + + juippis@gentoo.org + Joonas Niilola + + + virtualization@gentoo.org + Gentoo Virtualization Project + + + Enable io_uring support, and use io_uring instead of epoll + Build and install additional command line tools + + + lxc/lxc + cpe:/a:linuxcontainers:lxc + + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/cowsql/Manifest b/sdk_container/src/third_party/portage-stable/dev-libs/cowsql/Manifest new file mode 100644 index 00000000000..4479e419757 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/cowsql/Manifest @@ -0,0 +1 @@ +DIST cowsql-1.15.6.tar.gz 364548 BLAKE2B 67ccb0cc1481c4d542c2a145c76875b514f4920fe2d3647d1871afa67e6cb7a41c729946c89768b1c522ed22357fb0323d58885ca60141db154da54e3a5a5a0a SHA512 78436fc35ab22fed1aef1d1048e41fbd6ec75a7b8fc95f09bc7468cde0ea8d8851e4ef5ee738699810abf3054826ab7cfd21dc06964603acea240b0fc7943c4d diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/cowsql/cowsql-1.15.6.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/cowsql/cowsql-1.15.6.ebuild new file mode 100644 index 00000000000..de783d5bd04 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/cowsql/cowsql-1.15.6.ebuild @@ -0,0 +1,53 @@ +# Copyright 2020-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit autotools + +DESCRIPTION="Embeddable, replicated and fault tolerant SQL engine (fork of dqlite)" +HOMEPAGE="https://cowsql.dev/ https://github.com/cowsql/cowsql" +SRC_URI="https://github.com/cowsql/cowsql/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="LGPL-3-with-linking-exception" +SLOT="0" +KEYWORDS="amd64 ~arm64 ~x86" +IUSE="test" +RESTRICT="!test? ( test )" + +RDEPEND="dev-db/sqlite:3 + dev-libs/libuv:= + >=dev-libs/raft-0.18.1:=" +DEPEND="${RDEPEND} + test? ( dev-libs/raft[lz4,test] )" +BDEPEND="virtual/pkgconfig" + +PATCHES=( "${FILESDIR}"/dqlite-1.12.0-disable-werror.patch ) + +src_prepare() { + default + eautoreconf +} + +src_configure() { + local myeconfargs=( + --disable-backtrace + --disable-debug + --disable-sanitize + --disable-static + + # Will build a bundled libsqlite3.so. + --enable-build-sqlite=no + ) + + econf "${myeconfargs[@]}" +} + +src_test() { + default +} + +src_install() { + default + find "${ED}" -name '*.la' -delete || die +} diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/cowsql/files/dqlite-1.12.0-disable-werror.patch b/sdk_container/src/third_party/portage-stable/dev-libs/cowsql/files/dqlite-1.12.0-disable-werror.patch new file mode 100644 index 00000000000..9c92324688d --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/cowsql/files/dqlite-1.12.0-disable-werror.patch @@ -0,0 +1,20 @@ +diff -Naur a/configure.ac b/configure.ac +--- a/configure.ac 2022-11-18 16:44:34.000000000 +0200 ++++ b/configure.ac 2022-11-19 09:21:24.157589426 +0200 +@@ -3,7 +3,7 @@ + AC_CONFIG_MACRO_DIR([m4]) + AC_CONFIG_AUX_DIR([ac]) + +-AM_INIT_AUTOMAKE([subdir-objects -Wall -Werror -Wno-portability foreign]) ++AM_INIT_AUTOMAKE([subdir-objects -Wall -Wno-portability foreign]) + AM_SILENT_RULES([yes]) + + AC_PROG_CC_STDC +@@ -82,7 +82,6 @@ + -Wdate-time \ + -Wnested-externs \ + -Wconversion \ +- -Werror \ + ]) + # To enable: + # diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/cowsql/metadata.xml b/sdk_container/src/third_party/portage-stable/dev-libs/cowsql/metadata.xml new file mode 100644 index 00000000000..25c078695e9 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/cowsql/metadata.xml @@ -0,0 +1,25 @@ + + + + + juippis@gentoo.org + Joonas Niilola + + + virtualization@gentoo.org + Gentoo Virtualization Project + + + cowsql is a C library that implements an embeddable and replicated SQL + database engine with high-availability and automatic failover. + + Cowsql is a fork from dqlite. + The acronym "dqlite" stands for "distributed SQLite", meaning that dqlite + extends SQLite with a network protocol that can connect together various + instances of your application and have them act as a highly-available + cluster, with no dependency on external databases. + + + cowsql/cowsql + + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/raft/Manifest b/sdk_container/src/third_party/portage-stable/dev-libs/raft/Manifest new file mode 100644 index 00000000000..c390ca568bf --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/raft/Manifest @@ -0,0 +1 @@ +DIST raft-0.22.1.tar.gz 362393 BLAKE2B b6fc8f8e9dc6801ac8ad1b9d94f984b249b83def00a08776292500b079bb777330e8a83cf40153bfb1baae921105788d758c9f61a021d5519d5c27048b6be8b9 SHA512 fb4ea98321336daaa605e1c3cd55f672860fc8894d479fdff4e1862a4eb5622dbaf7a943e030dd2bcdaa14cc639e7e11ac43d71f00bdbd27f12c6b67653b70e4 diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/raft/files/raft-0.10.0-toggle-zfs.patch b/sdk_container/src/third_party/portage-stable/dev-libs/raft/files/raft-0.10.0-toggle-zfs.patch new file mode 100644 index 00000000000..f31b599b610 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/raft/files/raft-0.10.0-toggle-zfs.patch @@ -0,0 +1,21 @@ +diff -Naur a/configure.ac b/configure.ac +--- a/configure.ac 2021-03-16 14:45:58.000000000 +0200 ++++ b/configure.ac 2021-03-23 07:45:06.875557286 +0200 +@@ -47,13 +47,10 @@ + # Checks for header files. + AC_CHECK_HEADERS([stdlib.h string.h stdio.h assert.h unistd.h linux/io_uring.h linux/aio_abi.h]) + +-# Check if zfs >= 0.8.0 is available (for direct I/O support). +-AC_CHECK_PROG(have_zfs, zfs, yes) +-AS_IF([test x"$have_zfs" = x"yes"], +- [AX_COMPARE_VERSION($(cat /sys/module/zfs/version | cut -f 1 -d -), [ge], [0.8.0], +- [AC_DEFINE(RAFT_HAVE_ZFS_WITH_DIRECT_IO)], []) +- ], +- []) ++# zfs support. We have 0.8.6 as stable in Gentoo, which is plenty above the required minimum. ++AC_ARG_WITH([zfs], AS_HELP_STRING([--with-zfs], [Build with zfs support (default: disabled)])) ++AS_IF([test "x$with_zfs" = "xyes"], ++ [AC_DEFINE(RAFT_HAVE_ZFS_WITH_DIRECT_IO)], []) + + # Checks for typedefs, structures, and compiler characteristics. + AC_TYPE_SIZE_T diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/raft/metadata.xml b/sdk_container/src/third_party/portage-stable/dev-libs/raft/metadata.xml new file mode 100644 index 00000000000..94076382bb1 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/raft/metadata.xml @@ -0,0 +1,25 @@ + + + + + juippis@gentoo.org + Joonas Niilola + + + virtualization@gentoo.org + Gentoo Virtualization Project + + + ZFS support + + + The library has modular design: its core part implements only the core + Raft algorithm logic, in a fully platform independent way. On top of that, + a pluggable interface defines the I/O implementation for networking + (send/receive RPC messages) and disk persistence (store log entries and + snapshots). + + + cowsql/raft + + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/raft/raft-0.22.1.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/raft/raft-0.22.1.ebuild new file mode 100644 index 00000000000..39daa1268be --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/raft/raft-0.22.1.ebuild @@ -0,0 +1,60 @@ +# Copyright 2020-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit autotools + +DESCRIPTION="C implementation of the Raft consensus protocol" +HOMEPAGE="https://github.com/cowsql/raft" +SRC_URI="https://github.com/cowsql/raft/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="LGPL-3-with-linking-exception" + +# Upstream change from canonical to cowsql resetted SONAME, 3 -> 0. bgo#915960 +SLOT="0/0" +KEYWORDS="amd64 ~arm64 ~x86" +IUSE="lz4 test zfs" +RESTRICT="!test? ( test )" + +DEPEND="dev-libs/libuv:= + lz4? ( app-arch/lz4:= )" +RDEPEND="${DEPEND}" +BDEPEND="virtual/pkgconfig" + +PATCHES=( + "${FILESDIR}"/raft-0.10.0-toggle-zfs.patch +) + +src_prepare() { + default + eautoreconf +} + +src_configure() { + # --disable-hardening: most of these are covered on non-hardened Gentoo already. + local myeconfargs=( + --enable-uv + --enable-v0 + + --disable-backtrace + --disable-benchmark + --disable-debug + --disable-example + --disable-hardening + --disable-sanitize + --disable-static + + $(use_enable test fixture) + + $(use_with lz4) + $(use_with zfs) + ) + + econf "${myeconfargs[@]}" +} + +src_install() { + default + find "${ED}" -name '*.la' -delete || die +} diff --git a/sdk_container/src/third_party/portage-stable/dev-util/xdelta/Manifest b/sdk_container/src/third_party/portage-stable/dev-util/xdelta/Manifest new file mode 100644 index 00000000000..5ad02861c73 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-util/xdelta/Manifest @@ -0,0 +1,2 @@ +DIST xdelta-1.1.4.tar.gz 423529 BLAKE2B b565f82ba0504118b74127096939e5699ea312be5c6c8a345abfcf0fb01b45e759abe595b33619b2714671e2f0307d603366a1f7a6b1fb5a786378716a51df6b SHA512 eef45f7977e9a7f490b881f33ab8a948cc5eff9300ea850cc30062905c8e883c104961f075f56f7ce8e385142c35de168aef1e0b8169bda66786ea4bee33168b +DIST xdelta3-3.0.11.tar.gz 683605 BLAKE2B bc33c9d6a3bb21bc52d72bba54f5e2b1058ea8d7cd7474aaf6dbdc27e165e0fbea644c584402f5bbc8ace7cd6a3aefae18588a659418f93eb041168545363bf4 SHA512 41c48e28f92ad50a737cf0acac150fe17d1132e9a652c482d751c8c4e745c6922d576a183eeabae343a1a238ed8c53353e537977628c86eb599ab3d1c01e7c52 diff --git a/sdk_container/src/third_party/portage-stable/dev-util/xdelta/files/xdelta-1.1.4-glib2.patch b/sdk_container/src/third_party/portage-stable/dev-util/xdelta/files/xdelta-1.1.4-glib2.patch new file mode 100644 index 00000000000..916b3ee2c00 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-util/xdelta/files/xdelta-1.1.4-glib2.patch @@ -0,0 +1,221 @@ +Nicked from http://cvs.fedoraproject.org/viewvc/devel/xdelta/xdelta-1.1.4-glib2.patch + + +--- xdelta-1.1.4pre1/libedsio/edsio.c.glib2 2007-01-29 14:55:10.000000000 +0100 ++++ xdelta-1.1.4pre1/libedsio/edsio.c 2007-01-29 14:56:52.000000000 +0100 +@@ -179,9 +179,9 @@ + } + } + +- while (g_queue_get_size (queued) > 0) ++ while (g_queue_get_length (queued) > 0) + { +- DelayedEvent* de = g_queue_pop (queued); ++ DelayedEvent* de = g_queue_pop_head (queued); + + for (i = 0; i < all_event_watchers->len; i += 1) + { +@@ -211,7 +211,7 @@ + de->def = def; + de->msg = out->str; + +- g_queue_push (queued, de); ++ g_queue_push_tail (queued, de); + + g_ptr_array_add (free_strings, out); + } +@@ -1482,129 +1482,3 @@ + g_free (source); + } + +-/* Missing glib stuff +- */ +- +-GQueue * +-g_queue_new (void) +-{ +- GQueue *q = g_new (GQueue, 1); +- +- q->list = q->list_end = NULL; +- q->list_size = 0; +- +- return q; +-} +- +- +-void +-g_queue_free (GQueue *q) +-{ +- if (q) +- { +- if (q->list) +- g_list_free (q->list); +- g_free (q); +- } +-} +- +- +-guint +-g_queue_get_size (GQueue *q) +-{ +- return (q == NULL) ? 0 : q->list_size; +-} +- +- +-void +-g_queue_push_front (GQueue *q, gpointer data) +-{ +- if (q) +- { +- q->list = g_list_prepend (q->list, data); +- +- if (q->list_end == NULL) +- q->list_end = q->list; +- +- q->list_size++; +- } +-} +- +- +-void +-g_queue_push_back (GQueue *q, gpointer data) +-{ +- if (q) +- { +- q->list_end = g_list_append (q->list_end, data); +- +- if (! q->list) +- q->list = q->list_end; +- else +- q->list_end = q->list_end->next; +- +- q->list_size++; +- } +-} +- +- +-gpointer +-g_queue_pop_front (GQueue *q) +-{ +- gpointer data = NULL; +- +- if ((q) && (q->list)) +- { +- GList *node; +- +- node = q->list; +- data = node->data; +- +- if (! node->next) +- { +- q->list = q->list_end = NULL; +- q->list_size = 0; +- } +- else +- { +- q->list = node->next; +- q->list->prev = NULL; +- q->list_size--; +- } +- +- g_list_free_1 (node); +- } +- +- return data; +-} +- +- +-gpointer +-g_queue_pop_back (GQueue *q) +-{ +- gpointer data = NULL; +- +- if ((q) && (q->list)) +- { +- GList *node; +- +- node = q->list_end; +- data = node->data; +- +- if (! node->prev) +- { +- q->list = q->list_end = NULL; +- q->list_size = 0; +- } +- else +- { +- q->list_end = node->prev; +- q->list_end->next = NULL; +- q->list_size--; +- } +- +- g_list_free_1 (node); +- } +- +- return data; +-} +--- xdelta-1.1.4pre1/libedsio/edsio.h.glib2 2007-01-29 14:54:38.000000000 +0100 ++++ xdelta-1.1.4pre1/libedsio/edsio.h 2007-01-29 14:55:00.000000000 +0100 +@@ -481,49 +481,6 @@ + + #endif + +-/* Missing glib stuff +- */ +- +-typedef struct _GQueue GQueue; +- +-struct _GQueue +-{ +- GList *list; +- GList *list_end; +- guint list_size; +-}; +- +-/* Queues +- */ +- +-GQueue * g_queue_new (void); +-void g_queue_free (GQueue *q); +-guint g_queue_get_size (GQueue *q); +-void g_queue_push_front (GQueue *q, gpointer data); +-void g_queue_push_back (GQueue *q, gpointer data); +-gpointer g_queue_pop_front (GQueue *q); +-gpointer g_queue_pop_back (GQueue *q); +- +-#define g_queue_empty(queue) \ +- ((((GQueue *)(queue)) && ((GQueue *)(queue))->list) ? FALSE : TRUE) +- +-#define g_queue_peek_front(queue) \ +- ((((GQueue *)(queue)) && ((GQueue *)(queue))->list) ? \ +- ((GQueue *)(queue))->list->data : NULL) +- +-#define g_queue_peek_back(queue) \ +- ((((GQueue *)(queue)) && ((GQueue *)(queue))->list_end) ? \ +- ((GQueue *)(queue))->list_end->data : NULL) +- +-#define g_queue_index(queue,ptr) \ +- ((((GQueue *)(queue)) && ((GQueue *)(queue))->list) ? \ +- g_list_index (((GQueue *)(queue))->list, (ptr)) : -1) +- +-#define g_queue_push g_queue_push_back +-#define g_queue_pop g_queue_pop_front +-#define g_queue_peek g_queue_peek_front +- +- + #ifdef __cplusplus + } + #endif +--- xdelta-1.1.4pre1/configure.in.glib2 2007-01-29 14:58:06.000000000 +0100 ++++ xdelta-1.1.4pre1/configure.in 2007-01-29 14:59:18.000000000 +0100 +@@ -71,8 +71,8 @@ + top_srcdir_absolute=`cd $srcdir; pwd` + AC_SUBST(top_srcdir_absolute) + +-AM_PATH_GLIB(1.2.8,, +- AC_MSG_ERROR(Test for GLIB failed. Download it from ftp://ftp.gtk.org/pub/gtk/v1.2/)) ++AM_PATH_GLIB_2_0(2.10.0,, ++ AC_MSG_ERROR(Test for GLIB2.0 failed. Download it from ftp://ftp.gtk.org/pub/gtk/v2.10/)) + + dnl AC_CHECK_LIB(z, gzsetparams, */ + dnl AC_CHECK_HEADER(zlib.h,, */ diff --git a/sdk_container/src/third_party/portage-stable/dev-util/xdelta/files/xdelta-1.1.4-gzip.patch b/sdk_container/src/third_party/portage-stable/dev-util/xdelta/files/xdelta-1.1.4-gzip.patch new file mode 100644 index 00000000000..67696da730c --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-util/xdelta/files/xdelta-1.1.4-gzip.patch @@ -0,0 +1,59 @@ +https://bugs.gentoo.org/919228 + +--- a/test/xdeltatest.c ++++ b/test/xdeltatest.c +@@ -512,7 +512,7 @@ run_command (TestProfile *tp, int zlevel, int slevel, File* from, File* to, File + if (zlevel > 0 && starts_with (tp->name, "diff")) + { + Patch *patch = read_patch (out, & sbuf); +- gzFile *rewrite = gzopen (out->name, diff_gzargs); ++ gzFile rewrite = gzopen (out->name, diff_gzargs); + + if (! rewrite) fail (); + +diff --git a/xdelta-1.1.4/xdmain.c b/../../xdelta-1.1.4.new/xdmain.c +index b1abc74..9c27195 100755 +--- a/xdmain.c ++++ b/xdmain.c +@@ -179,6 +179,7 @@ struct _XdFileHandle + guint narrow_high; + guint current_pos; + FILE* in; ++ gzFile zin; + gboolean (* in_read) (XdFileHandle* handle, void* buf, gint nbyte); + gboolean (* in_close) (XdFileHandle* handle); + gboolean in_compressed; +@@ -520,7 +521,7 @@ xd_gzwrite (XdFileHandle* fh, const void* buf, gint nbyte) + static gboolean + xd_gzread (XdFileHandle* fh, void* buf, gint nbyte) + { +- return gzread (fh->in, buf, nbyte) == nbyte; ++ return gzread (fh->zin, buf, nbyte) == nbyte; + } + + static gboolean +@@ -532,7 +533,7 @@ xd_gzclose (XdFileHandle* fh) + static gboolean + xd_gzrclose (XdFileHandle* fh) + { +- return gzclose (fh->in) == Z_OK; ++ return gzclose (fh->zin) == Z_OK; + } + + static void +@@ -1022,13 +1023,13 @@ xd_handle_narrow (XdFileHandle* fh, guint low, guint high, gboolean compressed) + } + + g_assert (fh->fd >= 0); +- fh->in = gzdopen (dup (fh->fd), "rb"); ++ fh->zin = gzdopen (dup (fh->fd), "rb"); + fh->in_read = &xd_gzread; + fh->in_close = &xd_gzrclose; + fh->in_compressed = TRUE; + fh->current_pos = 0; + +- if (! fh->in) ++ if (! fh->zin) + { + xd_error ("gzdopen failed: %s\n", g_strerror (errno)); + return -1; diff --git a/sdk_container/src/third_party/portage-stable/dev-util/xdelta/files/xdelta-1.1.4-m4.patch b/sdk_container/src/third_party/portage-stable/dev-util/xdelta/files/xdelta-1.1.4-m4.patch new file mode 100644 index 00000000000..ad8c99de597 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-util/xdelta/files/xdelta-1.1.4-m4.patch @@ -0,0 +1,11 @@ +--- xdelta-1.1.3/xdelta.m4.aclocal 2004-10-20 00:20:47.875648144 +0200 ++++ xdelta-1.1.3/xdelta.m4 2004-10-20 00:21:47.205628616 +0200 +@@ -4,7 +4,7 @@ + dnl AM_PATH_XDELTA([MINIMUM-VERSION, [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND [, MODULES]]]]) + dnl Test for XDELTA, and define XDELTA_CFLAGS and XDELTA_LIBS, if "gmodule" or + dnl +-AC_DEFUN(AM_PATH_XDELTA, ++AC_DEFUN([AM_PATH_XDELTA], + [dnl + dnl Get the cflags and libraries from the xdelta-config script + dnl diff --git a/sdk_container/src/third_party/portage-stable/dev-util/xdelta/files/xdelta-1.1.4-pkgconfig.patch b/sdk_container/src/third_party/portage-stable/dev-util/xdelta/files/xdelta-1.1.4-pkgconfig.patch new file mode 100644 index 00000000000..bb509b8d435 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-util/xdelta/files/xdelta-1.1.4-pkgconfig.patch @@ -0,0 +1,113 @@ +Nicked from http://cvs.fedoraproject.org/viewvc/devel/xdelta/xdelta-1.1.3-pkgconfig.patch + +--- /dev/null 2006-05-17 14:47:01.398050000 +0200 ++++ xdelta-1.1.3/xdelta.pc.in 2006-05-30 16:00:55.000000000 +0200 +@@ -0,0 +1,13 @@ ++prefix=@prefix@ ++exec_prefix=@exec_prefix@ ++libdir=@libdir@ ++includedir=@includedir@ ++pkgdatadir=@pkgdatadir@ ++ ++Name: xdelta ++Description: A binary file delta generator and an RCS replacement library. ++Version: @VERSION@ ++Requires: glib-2.0 ++Libs: -L${libdir} -lxdelta -ledsio ++Cflags: -I${includedir} ++ +--- /dev/null 2006-05-17 14:47:01.398050000 +0200 ++++ xdelta-1.1.3/xdelta-config 2006-05-30 16:04:22.000000000 +0200 +@@ -0,0 +1,60 @@ ++#!/bin/bash ++# ++# Simple wrapper around pkg-config to replace /usr/bin/-config scripts ++# ++# Copyright 2006 Red Hat, Inc. ++# Jeremy Katz ++ ++CFGPATH=$(basename $0) ++MODULE=${CFGPATH%-config} ++ ++usage() { ++ pkg-config --help ++ exit 1 ++} ++ ++if [ $# -lt 1 ]; then ++ usage 1>&2 ++fi ++ ++ARGS="" ++ ++while test $# -gt 0; do ++ case $1 in ++ --version) ++ ARGS="$ARGS --modversion" ++ ;; ++ --cflags) ++ ARGS="$ARGS --cflags" ++ ;; ++ --libs) ++ ARGS="$ARGS --libs" ++ ;; ++ --libdir*) ++ ARGS="$ARGS --libs-only-L" ++ ;; ++ --includedir*) ++ ARGS="$ARGS --cflags-only-I" ++ ;; ++ --prefix*) ++ ARGS="$ARGS --variable=prefix" ++ ;; ++ --exec-prefix*) ++ ARGS="$ARGS --variable=exec_prefix" ++ ;; ++ --module*) ++ if echo $1 | grep -q '=' ; then ++ MODULE=`echo $1 | sed 's/^--module=//'` ++ else ++ MODULE=$2 ++ shift ++ fi ++ ;; ++ *) ++ usage 1>&2 ++ ;; ++ esac ++ shift ++done ++ ++pkg-config $ARGS $MODULE +--- xdelta-1.1.3/Makefile.am.pkgconfig 2006-05-30 16:00:55.000000000 +0200 ++++ xdelta-1.1.3/Makefile.am 2006-05-30 16:00:55.000000000 +0200 +@@ -27,6 +27,9 @@ + m4datadir = $(datadir)/aclocal + m4data_DATA = xdelta.m4 + ++pkgconfigdir = $(libdir)/pkgconfig ++pkgconfig_DATA = xdelta.pc ++ + ## $Format: "libxdelta_la_LDFLAGS = -version-info $LibCurrent$:$LibRevision$:$LibAge$" $ + libxdelta_la_LDFLAGS = -version-info 2:0:0 + +--- xdelta-1.1.3/configure.in.pkgconfig 2006-05-30 16:00:55.000000000 +0200 ++++ xdelta-1.1.3/configure.in 2006-05-30 16:00:55.000000000 +0200 +@@ -63,6 +63,8 @@ + AC_HEADER_STDC + AC_PROG_MAKE_SET + ++PKG_PROG_PKG_CONFIG ++ + AC_CHECK_FUNCS(gettimeofday) + AC_HEADER_TIME + +@@ -83,7 +85,7 @@ + doc/Makefile + test/Makefile + djgpp/Makefile +- xdelta-config ++ xdelta.pc + libedsio/Makefile + libedsio/edsio-comp, + diff --git a/sdk_container/src/third_party/portage-stable/dev-util/xdelta/metadata.xml b/sdk_container/src/third_party/portage-stable/dev-util/xdelta/metadata.xml new file mode 100644 index 00000000000..f01eaf45088 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-util/xdelta/metadata.xml @@ -0,0 +1,12 @@ + + + + + mgorny@gentoo.org + Michał Górny + + + xdelta + jmacd/xdelta-devel + + diff --git a/sdk_container/src/third_party/portage-stable/dev-util/xdelta/xdelta-1.1.4-r4.ebuild b/sdk_container/src/third_party/portage-stable/dev-util/xdelta/xdelta-1.1.4-r4.ebuild new file mode 100644 index 00000000000..40e4d59a4bc --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-util/xdelta/xdelta-1.1.4-r4.ebuild @@ -0,0 +1,43 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit autotools toolchain-funcs + +DESCRIPTION="Computes changes between binary or text files and creates deltas" +HOMEPAGE="https://xdelta.googlecode.com/" +SRC_URI="https://${PN}.googlecode.com/files/${P}.tar.gz" + +LICENSE="GPL-2+" +SLOT="0" +KEYWORDS="~alpha amd64 ~arm64 ~hppa ~ia64 ppc ppc64 sparc x86" + +RDEPEND=">=dev-libs/glib-2 + >=sys-libs/zlib-1.1.4:=" +DEPEND="${RDEPEND}" +BDEPEND="virtual/pkgconfig" + +PATCHES=( + "${FILESDIR}/${P}-m4.patch" + "${FILESDIR}/${P}-glib2.patch" + "${FILESDIR}/${P}-pkgconfig.patch" + "${FILESDIR}/${P}-gzip.patch" +) + +src_prepare() { + default + eautoreconf +} + +src_configure() { + tc-export CC + econf --disable-static +} + +src_install() { + default + + # no static archives + find "${ED}" -name '*.la' -delete || die +} diff --git a/sdk_container/src/third_party/portage-stable/dev-util/xdelta/xdelta-3.0.11-r1.ebuild b/sdk_container/src/third_party/portage-stable/dev-util/xdelta/xdelta-3.0.11-r1.ebuild new file mode 100644 index 00000000000..512f33a4faf --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-util/xdelta/xdelta-3.0.11-r1.ebuild @@ -0,0 +1,39 @@ +# Copyright 2002-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +MY_P=xdelta3-${PV} + +DESCRIPTION="Computes changes between binary or text files and creates deltas" +HOMEPAGE="http://xdelta.org/" +SRC_URI="https://github.com/jmacd/xdelta-gpl/releases/download/v${PV}/${MY_P}.tar.gz" +S="${WORKDIR}/${MY_P}" + +LICENSE="GPL-2" +SLOT="3" +KEYWORDS="~alpha amd64 ~arm64 ~hppa ~ia64 ~loong ppc ppc64 ~riscv sparc x86" +IUSE="examples lzma" + +RDEPEND="lzma? ( app-arch/xz-utils:= )" +DEPEND="${RDEPEND}" + +src_configure() { + econf $(use_with lzma liblzma) +} + +src_compile() { + # avoid building tests + emake xdelta3 +} + +src_test() { + emake xdelta3regtest + ./xdelta3regtest || die +} + +src_install() { + emake DESTDIR="${D}" install-binPROGRAMS install-man1 + dodoc draft-korn-vcdiff.txt README.md + use examples && dodoc -r examples +} diff --git a/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/Manifest b/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/Manifest new file mode 100644 index 00000000000..94edd76b41c --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/Manifest @@ -0,0 +1,6 @@ +DIST lxcfs-5.0.4.tar.gz 104249 BLAKE2B 83a7b861136c34da8a24dd525fd0767193f2bbd92b40e3b9fd5e42d7645465411792e65e95797ab13b33330299d12b19bdd5786352875ed88ac0097b72b711a9 SHA512 b404045dbabe23e1d1f1d74c1648d2596bb70aaa9f9e46f9f5635b0a02d0c451f68b2559920bbefc5b889e908cf1da0a33c148b26bdce3e45c3d0cbdff710604 +DIST lxcfs-5.0.4.tar.gz.asc 833 BLAKE2B aff883d24b374b296ea3678670e5e82c723fd0e35cfd7fed555aabbd811a104becc0b741331b4aa4a5129c9fff4dc88c6a86e7d64a89fe86aea81718f5d432dd SHA512 56b639597dbaf3008fe030147ea37192bd465c467a79e11ce139bcaa6bca1625b4bb9c4eda6ea1877446769f0fad9b4c5a3513d4f4415b841db96d5da8325ddc +DIST lxcfs-6.0.0.tar.gz 103369 BLAKE2B 9261ab7d932d315117361a548372930c37129d3c1b3d5aa00bbce6bac923a94e69b0fa223632b1ef22938b047e6ebec7416cf187e76c72680e4d86db173d199a SHA512 fab5569da66a742a51c9f249c3f0256d1ea17dc0a1e7c2d5563d993cd0d236ae664a53809e65fbec2467f5d255dfd867327a28d9465ffe180d240ca131331c59 +DIST lxcfs-6.0.0.tar.gz.asc 833 BLAKE2B cfc6a8e574aeb1c9e3fec322df5254c431878f0109ea43ee1069e8213467ed16fedbe137befa47a2557d8c055591a9f00c99f221d482f715d5cdc678d79c5fa5 SHA512 019178b37045c3c2c4d8be7c417abb4ed8b7ce011bce805b220f6213d7940f164c45632a5ce02ea29451c8148f782d6b7ece7699da7f3ef7306bd437d40fe537 +DIST lxcfs-6.0.1.tar.gz 105761 BLAKE2B 87255711eccc9833cd321c5d606920edcbf87a2a380cb2993efeb08040e22ab6bda408429fe02b731e60b293da946c1c44f6aad6f82db871e49b2bfeb2c34172 SHA512 3e5ab8af0fd81b1b0ac83ce781b20a55c1c1277a01edbca07106534043a0070291331775b7fa4e1c005b54d24d690ad9abe9b208de749a70dcff853741d02fd4 +DIST lxcfs-6.0.1.tar.gz.asc 833 BLAKE2B b9a6655650f5720fce4bb2e9dcace2b1c3ec7f0b14b2b23014142a1fce2cd55b3ae7361e7ead9385893068ca9f18cef4151bfb223d005a4c810c5efc40b8fb7a SHA512 d795a18170027d33f94c2bf88d5ad4c6162e066f9a51d7eab79699cc3b04c058e8f1bf00a8242a233727dfae8888050b17cd96a3abb05d02e0da05298b6eb4c4 diff --git a/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/files/lxcfs-5.0.2.confd b/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/files/lxcfs-5.0.2.confd new file mode 100644 index 00000000000..bc853aa681b --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/files/lxcfs-5.0.2.confd @@ -0,0 +1,8 @@ +# /etc/conf.d/lxcfs: config file for /etc/init.d/lxcfs + +# lxcfs options: +# -l == calculate container load average instead of displaying host load average +# -u == don't display swap usage to containers + +LXCFS_OPTS="-l -u" +LXCFS_PATH="/var/lib/lxcfs" diff --git a/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/files/lxcfs-5.0.2.initd b/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/files/lxcfs-5.0.2.initd new file mode 100644 index 00000000000..f3119f2e8e8 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/files/lxcfs-5.0.2.initd @@ -0,0 +1,27 @@ +#!/sbin/openrc-run +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +DAEMON=/usr/bin/lxcfs +PIDFILE=/run/lxcfs.pid + +start() { + ebegin "Starting lxcfs." + /sbin/modprobe -q fuse + install -d "${LXCFS_PATH}" + start-stop-daemon --start \ + --pidfile ${PIDFILE} \ + --exec ${DAEMON} \ + --background \ + --make-pidfile \ + -- ${LXCFS_OPTS} \ + "${LXCFS_PATH}" + eend ${?} +} + +stop() { + ebegin "Stopping lxcfs." + /usr/bin/fusermount3 -u "${LXCFS_PATH}" + start-stop-daemon --stop --quiet -R TERM/45 -p ${PIDFILE} + eend ${?} +} diff --git a/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/files/lxcfs-5.0.2.service b/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/files/lxcfs-5.0.2.service new file mode 100644 index 00000000000..dc3dc9f18f6 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/files/lxcfs-5.0.2.service @@ -0,0 +1,18 @@ +[Unit] +Description=FUSE filesystem for LXC +ConditionVirtualization=!container +Before=lxc.service +Documentation=man:lxcfs(1) + +[Service] +ExecStartPre=/sbin/modprobe -q fuse +ExecStartPre=install -d /var/lib/lxcfs +ExecStart=/usr/bin/lxcfs /var/lib/lxcfs +KillMode=process +Restart=on-failure +ExecStopPost=-/usr/bin/fusermount3 -u /var/lib/lxcfs +Delegate=yes +ExecReload=/bin/kill -USR1 ${MAINPID} + +[Install] +WantedBy=multi-user.target diff --git a/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/files/lxcfs-5.0.4-fix-incompatible-pointer-conversion.patch b/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/files/lxcfs-5.0.4-fix-incompatible-pointer-conversion.patch new file mode 100644 index 00000000000..bead63bd52d --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/files/lxcfs-5.0.4-fix-incompatible-pointer-conversion.patch @@ -0,0 +1,19 @@ +Bug: https://bugs.gentoo.org/894348 +Upstream PR: https://github.com/lxc/lxcfs/pull/610 +--- a/src/proc_loadavg.c ++++ b/src/proc_loadavg.c +@@ -603,12 +603,12 @@ pthread_t load_daemon(int load_use) + + ret = init_load(); + if (ret == -1) +- return log_error(0, "Initialize hash_table fails in load_daemon!"); ++ return (pthread_t) log_error(0, "Initialize hash_table fails in load_daemon!"); + + ret = pthread_create(&pid, NULL, load_begin, NULL); + if (ret != 0) { + load_free(); +- return log_error(0, "Create pthread fails in load_daemon!"); ++ return (pthread_t) log_error(0, "Create pthread fails in load_daemon!"); + } + + /* use loadavg, here loadavg = 1*/ diff --git a/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/lxcfs-5.0.4-r1.ebuild b/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/lxcfs-5.0.4-r1.ebuild new file mode 100644 index 00000000000..a0a8549be29 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/lxcfs-5.0.4-r1.ebuild @@ -0,0 +1,84 @@ +# Copyright 2022-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{10..12} ) + +inherit cmake meson python-any-r1 systemd verify-sig + +DESCRIPTION="FUSE filesystem for LXC" +HOMEPAGE="https://linuxcontainers.org/lxcfs/introduction/ https://github.com/lxc/lxcfs/" +SRC_URI="https://linuxcontainers.org/downloads/lxcfs/${P}.tar.gz + verify-sig? ( https://linuxcontainers.org/downloads/lxcfs/${P}.tar.gz.asc )" + +LICENSE="Apache-2.0 LGPL-2+" +SLOT="0" +KEYWORDS="amd64 ~arm64 ~riscv ~x86" +IUSE="doc test" + +DEPEND="sys-fs/fuse:3" +RDEPEND="${DEPEND}" +BDEPEND="${PYTHON_DEPS} + virtual/pkgconfig + $(python_gen_any_dep ' + dev-python/jinja[${PYTHON_USEDEP}] + ') + doc? ( sys-apps/help2man ) + verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" + +# Needs some black magic to work inside container/chroot. +RESTRICT="test" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/linuxcontainers.asc + +PATCHES=( + "${FILESDIR}"/${PN}-5.0.4-fix-incompatible-pointer-conversion.patch +) + +python_check_deps() { + python_has_version -b "dev-python/jinja[${PYTHON_USEDEP}]" +} + +pkg_setup() { + python-any-r1_pkg_setup +} + +src_prepare() { + default + + # Fix python shebangs for python-exec[-native-symlinks], #851480 + local shebangs=($(grep -rl "#!/usr/bin/env python3" || die)) + python_fix_shebang -q ${shebangs[*]} +} + +src_configure() { + local emesonargs=( + --localstatedir "${EPREFIX}/var" + + $(meson_use doc docs) + $(meson_use test tests) + + -Dfuse-version=3 + -Dinit-script="" + -Dwith-init-script="" + ) + + meson_src_configure +} + +src_test() { + cd "${BUILD_DIR}"/tests || die "failed to change into tests/ directory." + ./main.sh || die +} + +src_install() { + meson_src_install + + newconfd "${FILESDIR}"/lxcfs-5.0.2.confd lxcfs + newinitd "${FILESDIR}"/lxcfs-5.0.2.initd lxcfs + + # Provide our own service file (copy of upstream) due to paths being different from upstream, + # #728470 + systemd_newunit "${FILESDIR}"/lxcfs-5.0.2.service lxcfs.service +} diff --git a/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/lxcfs-6.0.0.ebuild b/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/lxcfs-6.0.0.ebuild new file mode 100644 index 00000000000..2cdd634fb32 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/lxcfs-6.0.0.ebuild @@ -0,0 +1,80 @@ +# Copyright 2022-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{10..12} ) + +inherit cmake meson python-any-r1 systemd verify-sig + +DESCRIPTION="FUSE filesystem for LXC" +HOMEPAGE="https://linuxcontainers.org/lxcfs/introduction/ https://github.com/lxc/lxcfs/" +SRC_URI="https://linuxcontainers.org/downloads/lxcfs/${P}.tar.gz + verify-sig? ( https://linuxcontainers.org/downloads/lxcfs/${P}.tar.gz.asc )" + +LICENSE="Apache-2.0 LGPL-2+" +SLOT="0" +KEYWORDS="amd64 ~arm64 ~riscv ~x86" +IUSE="doc test" + +DEPEND="sys-fs/fuse:3" +RDEPEND="${DEPEND}" +BDEPEND="${PYTHON_DEPS} + virtual/pkgconfig + $(python_gen_any_dep ' + dev-python/jinja[${PYTHON_USEDEP}] + ') + doc? ( sys-apps/help2man ) + verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" + +# Needs some black magic to work inside container/chroot. +RESTRICT="test" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/linuxcontainers.asc + +python_check_deps() { + python_has_version -b "dev-python/jinja[${PYTHON_USEDEP}]" +} + +pkg_setup() { + python-any-r1_pkg_setup +} + +src_prepare() { + default + + # Fix python shebangs for python-exec[-native-symlinks], #851480 + local shebangs=($(grep -rl "#!/usr/bin/env python3" || die)) + python_fix_shebang -q ${shebangs[*]} +} + +src_configure() { + local emesonargs=( + --localstatedir "${EPREFIX}/var" + + $(meson_use doc docs) + $(meson_use test tests) + + -Dfuse-version=3 + -Dinit-script="" + -Dwith-init-script="" + ) + + meson_src_configure +} + +src_test() { + cd "${BUILD_DIR}"/tests || die "failed to change into tests/ directory." + ./main.sh || die +} + +src_install() { + meson_src_install + + newconfd "${FILESDIR}"/lxcfs-5.0.2.confd lxcfs + newinitd "${FILESDIR}"/lxcfs-5.0.2.initd lxcfs + + # Provide our own service file (copy of upstream) due to paths being different from upstream, + # #728470 + systemd_newunit "${FILESDIR}"/lxcfs-5.0.2.service lxcfs.service +} diff --git a/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/lxcfs-6.0.1.ebuild b/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/lxcfs-6.0.1.ebuild new file mode 100644 index 00000000000..3325c391425 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/lxcfs-6.0.1.ebuild @@ -0,0 +1,80 @@ +# Copyright 2022-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{10..13} ) + +inherit cmake meson python-any-r1 systemd verify-sig + +DESCRIPTION="FUSE filesystem for LXC" +HOMEPAGE="https://linuxcontainers.org/lxcfs/introduction/ https://github.com/lxc/lxcfs/" +SRC_URI="https://linuxcontainers.org/downloads/lxcfs/${P}.tar.gz + verify-sig? ( https://linuxcontainers.org/downloads/lxcfs/${P}.tar.gz.asc )" + +LICENSE="Apache-2.0 LGPL-2+" +SLOT="0" +KEYWORDS="~amd64 ~arm64 ~riscv ~x86" +IUSE="doc test" + +DEPEND="sys-fs/fuse:3" +RDEPEND="${DEPEND}" +BDEPEND="${PYTHON_DEPS} + virtual/pkgconfig + $(python_gen_any_dep ' + dev-python/jinja[${PYTHON_USEDEP}] + ') + doc? ( sys-apps/help2man ) + verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" + +# Needs some black magic to work inside container/chroot. +RESTRICT="test" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/linuxcontainers.asc + +python_check_deps() { + python_has_version -b "dev-python/jinja[${PYTHON_USEDEP}]" +} + +pkg_setup() { + python-any-r1_pkg_setup +} + +src_prepare() { + default + + # Fix python shebangs for python-exec[-native-symlinks], #851480 + local shebangs=($(grep -rl "#!/usr/bin/env python3" || die)) + python_fix_shebang -q ${shebangs[*]} +} + +src_configure() { + local emesonargs=( + --localstatedir "${EPREFIX}/var" + + $(meson_use doc docs) + $(meson_use test tests) + + -Dfuse-version=3 + -Dinit-script="" + -Dwith-init-script="" + ) + + meson_src_configure +} + +src_test() { + cd "${BUILD_DIR}"/tests || die "failed to change into tests/ directory." + ./main.sh || die +} + +src_install() { + meson_src_install + + newconfd "${FILESDIR}"/lxcfs-5.0.2.confd lxcfs + newinitd "${FILESDIR}"/lxcfs-5.0.2.initd lxcfs + + # Provide our own service file (copy of upstream) due to paths being different from upstream, + # #728470 + systemd_newunit "${FILESDIR}"/lxcfs-5.0.2.service lxcfs.service +} diff --git a/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/metadata.xml b/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/metadata.xml new file mode 100644 index 00000000000..358bde78668 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/sys-fs/lxcfs/metadata.xml @@ -0,0 +1,22 @@ + + + + + juippis@gentoo.org + Joonas Niilola + + + virtualization@gentoo.org + Gentoo Virtualization Project + + + LXCFS is a simple userspace filesystem designed to + provide a cgroupfs-like tree which is container aware + and a set of files which can be bind-mounted over + their /proc originals to provide cgroup-aware values. + + + lxc/lxfs + cpe:/a:canonical:lxcfs + + From f37d0677c28559e25e40fe08da443eedeade57f2 Mon Sep 17 00:00:00 2001 From: Mathieu Tortuyaux Date: Tue, 13 Feb 2024 15:04:33 +0100 Subject: [PATCH 2/7] board: add incus Signed-off-by: Mathieu Tortuyaux --- .../coreos-devel/board-packages/board-packages-0.0.1.ebuild | 1 + 1 file changed, 1 insertion(+) diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-devel/board-packages/board-packages-0.0.1.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-devel/board-packages/board-packages-0.0.1.ebuild index 00b13c433ed..359f178e4e3 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos-devel/board-packages/board-packages-0.0.1.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/coreos-devel/board-packages/board-packages-0.0.1.ebuild @@ -29,6 +29,7 @@ RDEPEND=" app-containers/containerd app-containers/docker app-containers/docker-cli + app-containers/incus app-emulation/amazon-ssm-agent app-emulation/wa-linux-agent coreos-base/coreos From 9b8116d03e0ef79da2d473a223a9c8d99be6cef5 Mon Sep 17 00:00:00 2001 From: Jeremi Piotrowski Date: Wed, 6 Mar 2024 13:10:17 +0000 Subject: [PATCH 3/7] coreos/config: Export PKG_CONFIG for incus Incus build uses pkg-config support in Go to link against some library. This needs the correct sysroot version of PKG_CONFIG to be exported. Signed-off-by: Jeremi Piotrowski Co-Authored-By: Mathieu Tortuyaux --- .../coreos-overlay/coreos/config/env/app-containers/incus | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 sdk_container/src/third_party/coreos-overlay/coreos/config/env/app-containers/incus diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/config/env/app-containers/incus b/sdk_container/src/third_party/coreos-overlay/coreos/config/env/app-containers/incus new file mode 100644 index 00000000000..667637407e6 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/coreos/config/env/app-containers/incus @@ -0,0 +1,3 @@ +cros_pre_src_compile_pkgconfig() { + export PKG_CONFIG="$(tc-getPKG_CONFIG)" +} From 6a8e05aee1457a4101195713f077299935cd5cae Mon Sep 17 00:00:00 2001 From: Mathieu Tortuyaux Date: Thu, 14 Mar 2024 11:37:18 +0100 Subject: [PATCH 4/7] sysext: add incus Signed-off-by: Mathieu Tortuyaux --- build_library/extra_sysexts.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/build_library/extra_sysexts.sh b/build_library/extra_sysexts.sh index c52a2f5c4a6..9e855679a36 100644 --- a/build_library/extra_sysexts.sh +++ b/build_library/extra_sysexts.sh @@ -2,4 +2,5 @@ EXTRA_SYSEXTS=( zfs:sys-fs/zfs podman:app-containers/podman,net-misc/passt python:dev-lang/python,dev-python/pip + incus:app-containers/incus ) From ea4a8924b41b78b37fa89941d11e579e78e35712 Mon Sep 17 00:00:00 2001 From: Mathieu Tortuyaux Date: Wed, 27 Mar 2024 17:48:21 +0100 Subject: [PATCH 5/7] config/acct-group: provide userdb group record this is required when loading the sysext image to dynamically load / unload the groups provided by the image. Signed-off-by: Mathieu Tortuyaux --- .../coreos-overlay/coreos/config/env/acct-group/incus | 8 ++++++++ .../coreos/config/env/acct-group/incus-admin | 8 ++++++++ .../coreos-overlay/coreos/config/env/acct-group/lxc | 8 ++++++++ 3 files changed, 24 insertions(+) create mode 100644 sdk_container/src/third_party/coreos-overlay/coreos/config/env/acct-group/incus create mode 100644 sdk_container/src/third_party/coreos-overlay/coreos/config/env/acct-group/incus-admin create mode 100644 sdk_container/src/third_party/coreos-overlay/coreos/config/env/acct-group/lxc diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/config/env/acct-group/incus b/sdk_container/src/third_party/coreos-overlay/coreos/config/env/acct-group/incus new file mode 100644 index 00000000000..68f924cf375 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/coreos/config/env/acct-group/incus @@ -0,0 +1,8 @@ +cros_post_src_install_add_userdb_record(){ + insinto /usr/lib/userdb + newins - ${ACCT_GROUP_NAME}.group < <( + printf '{"groupName":"%q","gid":%q}\n' \ + "${ACCT_GROUP_NAME}" \ + "${_ACCT_GROUP_ID/#-*/-}" + ) +} diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/config/env/acct-group/incus-admin b/sdk_container/src/third_party/coreos-overlay/coreos/config/env/acct-group/incus-admin new file mode 100644 index 00000000000..68f924cf375 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/coreos/config/env/acct-group/incus-admin @@ -0,0 +1,8 @@ +cros_post_src_install_add_userdb_record(){ + insinto /usr/lib/userdb + newins - ${ACCT_GROUP_NAME}.group < <( + printf '{"groupName":"%q","gid":%q}\n' \ + "${ACCT_GROUP_NAME}" \ + "${_ACCT_GROUP_ID/#-*/-}" + ) +} diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/config/env/acct-group/lxc b/sdk_container/src/third_party/coreos-overlay/coreos/config/env/acct-group/lxc new file mode 100644 index 00000000000..68f924cf375 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/coreos/config/env/acct-group/lxc @@ -0,0 +1,8 @@ +cros_post_src_install_add_userdb_record(){ + insinto /usr/lib/userdb + newins - ${ACCT_GROUP_NAME}.group < <( + printf '{"groupName":"%q","gid":%q}\n' \ + "${ACCT_GROUP_NAME}" \ + "${_ACCT_GROUP_ID/#-*/-}" + ) +} From bb8fcc9a2c1680ca8c1b056ce4c3a9f4cb67119f Mon Sep 17 00:00:00 2001 From: Mathieu Tortuyaux Date: Wed, 27 Mar 2024 17:54:08 +0100 Subject: [PATCH 6/7] build_library: Add mangle script for incus sysext This requests the `incus.service` for the multi-user.target Signed-off-by: Mathieu Tortuyaux --- build_library/sysext_mangle_flatcar-incus | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100755 build_library/sysext_mangle_flatcar-incus diff --git a/build_library/sysext_mangle_flatcar-incus b/build_library/sysext_mangle_flatcar-incus new file mode 100755 index 00000000000..650e5e07b1f --- /dev/null +++ b/build_library/sysext_mangle_flatcar-incus @@ -0,0 +1,20 @@ +#!/bin/bash + +set -euo pipefail +rootfs="${1}" + +pushd "${rootfs}" + +pushd ./usr/lib/systemd/system +mkdir -p "multi-user.target.d" +{ echo "[Unit]"; echo "Upholds=incus.service"; } > "multi-user.target.d/10-incus.conf" +popd + +mkdir -p ./usr/lib/tmpfiles.d +pushd ./usr/lib/tmpfiles.d +cat <./10-incus.conf +d /var/lib/lxc/rootfs 0755 root root - - +EOF +popd + +popd From dc948210e1985fd56e84a196cc35a4eff639a265 Mon Sep 17 00:00:00 2001 From: Mathieu Tortuyaux Date: Thu, 1 Aug 2024 12:34:45 +0200 Subject: [PATCH 7/7] profiles: set use flags for lxc Signed-off-by: Mathieu Tortuyaux --- .../coreos-overlay/profiles/coreos/base/package.use | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use index 281718f3fc7..d33b8f0dba3 100644 --- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use +++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use @@ -165,3 +165,16 @@ dev-util/bpftool -llvm # Do not tinker with /boot partition at installation time. sys-firmware/intel-microcode -initramfs + +app-containers/lxc selinux + +# required by app-containers/incus-6.0.1-r1::portage-stable +# required by app-containers/incus (argument) +>=dev-libs/raft-0.22.1 lz4 +# required by app-containers/incus-6.0.1-r1::portage-stable +# required by app-containers/incus (argument) +>=dev-util/xdelta-3.0.11-r1 lzma +# required by app-containers/lxc-6.0.0-r2::portage-stable[caps,tools] +# required by app-containers/incus-6.0.1-r1::portage-stable +# required by app-containers/incus (argument) +>=sys-libs/libcap-2.70 static-libs