mirror of
https://gitlab.alpinelinux.org/alpine/aports.git
synced 2025-08-05 05:17:07 +02:00
63f5e7d295
This commit updates $license variable in all APKBUILDs to comply with short names specified by SPDX version 3.0 [1] where possible. It was done using find-and-replace method on substrings inside $license variables. Only license names were updated, not "expressions" specifying relation between the licenses (e.g. "X and Y", "X or Y", "X and (Y or Z)") or exceptions (e.g. "X with exceptions"). Many licenses have a version or multiple variants, e.g. MPL-2.0, BSD-2-Clause, BSD-3-Clause. However, $license in many aports do not contain license version or variant. Since there's no way how to infer this information just from abuild, it were left without the variant suffix or version, i.e. non SPDX compliant. GNU licenses (AGPL, GFDL, GPL, LGPL) are especially complicated. They exist in two variants: -only (formerly e.g. GPL-2.0) and -or-later (formerly e.g. GPL-2.0+). We did not systematically noted distinguish between these variants, so GPL-2.0, GPL2, GPLv2 etc. may mean GPL-2.0-only or GPL-2.0-or-later. Thus GNU licenses without "+" (e.g. GPL2+) were left without the variant suffix, i.e. non SPDX compliant. Note: This commit just fixes format of the license names, no verification has been done if the specified license information is actually correct! [1]: https://spdx.org/licenses/ |
||
|---|---|---|
| .. | ||
| APKBUILD | ||
| lxcfs-subdir.patch | ||
| lxcfs.confd | ||
| lxcfs.initd | ||
| README.alpine | ||
Alpine Linux unprivileged LXC containers ======================================== At the moment unprivileged containers are only working with linux-vanilla. They may work with grsecurity in the future with the following disabled: echo 0 > /proc/sys/kernel/grsecurity/chroot_deny_mount echo 0 > /proc/sys/kernel/grsecurity/chroot_deny_pivot echo 0 > /proc/sys/kernel/grsecurity/chroot_caps see also: https://en.wikibooks.org/wiki/Grsecurity/Runtime_Configuration ------------------------------------------------------------------------------- Instructions: ------------- (a) add the name(s) of the containers to run unprivileged to /etc/conf.d/lxcfs (b) rc-service lxcfs setup => converts privileged => unprivileged containers => creates /etc/subuid & /etc/subgid (c) rc-service lxcfs start (d) rc-update add lxcfs (e) rc-service lxcfs info => print & add config file settings to the containers ------------------------------------------------------------------------------- Start the container & verify processes are running unprivileged: ps aux | grep 100000