diff options
author | Justin Lecher <jlec@gentoo.org> | 2017-11-12 21:08:35 +0000 |
---|---|---|
committer | Justin Lecher <jlec@gentoo.org> | 2017-11-12 21:08:51 +0000 |
commit | 10087423e3d0467e699f775c0e6e1ac7e116de58 (patch) | |
tree | 8af361985bbc948a4386f00a00a8311df8f94413 | |
parent | sys-process/criu: Version Bump (diff) | |
download | gentoo-10087423e3d0467e699f775c0e6e1ac7e116de58.tar.gz gentoo-10087423e3d0467e699f775c0e6e1ac7e116de58.tar.bz2 gentoo-10087423e3d0467e699f775c0e6e1ac7e116de58.zip |
app-emulation/lxc: Handle automagic dep in selinux
Signed-off-by: Justin Lecher <jlec@gentoo.org>
Package-Manager: Portage-2.3.13, Repoman-2.3.4
-rw-r--r-- | app-emulation/lxc/files/lxc.initd.6 | 118 | ||||
-rw-r--r-- | app-emulation/lxc/lxc-2.0.8.ebuild | 17 |
2 files changed, 10 insertions, 125 deletions
diff --git a/app-emulation/lxc/files/lxc.initd.6 b/app-emulation/lxc/files/lxc.initd.6 deleted file mode 100644 index a66dfdd22b41..000000000000 --- a/app-emulation/lxc/files/lxc.initd.6 +++ /dev/null @@ -1,118 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -CONTAINER=${SVCNAME#*.} - -LXC_PATH=`lxc-config lxc.lxcpath` - -lxc_get_configfile() { - if [ -f "${LXC_PATH}/${CONTAINER}.conf" ]; then - echo "${LXC_PATH}/${CONTAINER}.conf" - elif [ -f "${LXC_PATH}/${CONTAINER}/config" ]; then - echo "${LXC_PATH}/${CONTAINER}/config" - else - eerror "Unable to find a suitable configuration file." - eerror "If you set up the container in a non-standard" - eerror "location, please set the CONFIGFILE variable." - return 1 - fi -} - -[ $CONTAINER != $SVCNAME ] && CONFIGFILE=${CONFIGFILE:-$(lxc_get_configfile)} - -lxc_get_var() { - awk 'BEGIN { FS="[ \t]*=[ \t]*" } $1 == "'$1'" { print $2; exit }' ${CONFIGFILE} -} - -lxc_get_net_link_type() { - awk 'BEGIN { FS="[ \t]*=[ \t]*"; _link=""; _type="" } - $1 == "lxc.network.type" {_type=$2;} - $1 == "lxc.network.link" {_link=$2;} - {if(_link != "" && _type != ""){ - printf("%s:%s\n", _link, _type ); - _link=""; _type=""; - }; }' <${CONFIGFILE} -} - -checkconfig() { - if [ ${CONTAINER} = ${SVCNAME} ]; then - eerror "You have to create an init script for each container:" - eerror " ln -s lxc /etc/init.d/lxc.container" - return 1 - fi - - # no need to output anything, the function takes care of that. - [ -z "${CONFIGFILE}" ] && return 1 - - utsname=$(lxc_get_var lxc.utsname) - if [ ${CONTAINER} != ${utsname} ]; then - eerror "You should use the same name for the service and the" - eerror "container. Right now the container is called ${utsname}" - return 1 - fi -} - -depend() { - # be quiet, since we have to run depend() also for the - # non-muxed init script, unfortunately. - checkconfig 2>/dev/null || return 0 - - config ${CONFIGFILE} - need localmount - use lxcfs - - local _x _if - for _x in $(lxc_get_net_link_type); do - _if=${_x%:*} - case "${_x##*:}" in - # when the network type is set to phys, we can make use of a - # network service (for instance to set it up before we disable - # the net_admin capability), but we might also not set it up - # at all on the host and leave the net_admin capable service - # to take care of it. - phys) use net.${_if} ;; - *) need net.${_if} ;; - esac - done -} - -start() { - checkconfig || return 1 - rm -f /var/log/lxc/${CONTAINER}.log - - rootpath=$(lxc_get_var lxc.rootfs) - - # Check the format of our init and the chroot's init, to see - # if we have to use linux32 or linux64; always use setarch - # when required, as that makes it easier to deal with - # x32-based containers. - case $(scanelf -BF '%a#f' ${rootpath}/sbin/init) in - EM_X86_64) setarch=linux64;; - EM_386) setarch=linux32;; - esac - - ebegin "Starting ${CONTAINER}" - env -i ${setarch} $(which lxc-start) -l WARN -n ${CONTAINER} -f ${CONFIGFILE} -d -o /var/log/lxc/${CONTAINER}.log - sleep 1 - - # lxc-start -d will _always_ report a correct startup, even if it - # failed, so rather than trust that, check that the cgroup exists. - [ -d /sys/fs/cgroup/cpuset/lxc/${CONTAINER} ] - eend $? -} - -stop() { - checkconfig || return 1 - - - if ! [ -d /sys/fs/cgroup/cpuset/lxc/${CONTAINER} ]; then - ewarn "${CONTAINER} doesn't seem to be started." - return 0 - fi - - # 10s should be enough to shut everything down - ebegin "Stopping ${CONTAINER}" - lxc-stop -t 10 -n ${CONTAINER} - eend $? -} diff --git a/app-emulation/lxc/lxc-2.0.8.ebuild b/app-emulation/lxc/lxc-2.0.8.ebuild index ae0977801e10..d22f583a5a46 100644 --- a/app-emulation/lxc/lxc-2.0.8.ebuild +++ b/app-emulation/lxc/lxc-2.0.8.ebuild @@ -1,9 +1,9 @@ # Copyright 1999-2017 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -EAPI="6" +EAPI=6 -PYTHON_COMPAT=( python{3_4,3_5} ) +PYTHON_COMPAT=( python3_{4,5,6} ) DISTUTILS_OPTIONAL=1 inherit autotools bash-completion-r1 distutils-r1 linux-info versionator flag-o-matic systemd @@ -16,21 +16,23 @@ KEYWORDS="~amd64 ~arm ~arm64" LICENSE="LGPL-3" SLOT="0" -IUSE="cgmanager doc examples lua python seccomp" +IUSE="cgmanager doc examples lua python seccomp selinux" -RDEPEND="net-libs/gnutls +RDEPEND=" + net-libs/gnutls sys-libs/libcap cgmanager? ( app-admin/cgmanager ) lua? ( >=dev-lang/lua-5.1:= ) python? ( ${PYTHON_DEPS} ) - seccomp? ( sys-libs/libseccomp )" + seccomp? ( sys-libs/libseccomp ) + selinux? ( sys-libs/libselinux )" DEPEND="${RDEPEND} doc? ( app-text/docbook-sgml-utils ) >=sys-kernel/linux-headers-3.2" RDEPEND="${RDEPEND} - sys-process/criu + sys-process/criu[selinux=] sys-apps/util-linux app-misc/pax-utils virtual/awk" @@ -136,7 +138,8 @@ src_configure() { $(use_enable examples) \ $(use_enable lua) \ $(use_enable python) \ - $(use_enable seccomp) + $(use_enable seccomp) \ + $(use_enable selinux) } python_compile() { |