From 3f6f4397e6937de5c8869b5d2bd73add35b8b281 Mon Sep 17 00:00:00 2001
From: Flatcar Buildbot <buildbot@flatcar-linux.org>
Date: Mon, 17 Nov 2025 07:06:27 +0000
Subject: [PATCH] app-containers/podman: Sync with Gentoo

It's from Gentoo commit 888f6ef711a37ba3df89451098be8d1115ef6d95.

Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
---
 .../app-containers/podman/Manifest            |   1 +
 .../app-containers/podman/podman-5.7.0.ebuild | 138 ++++++++++++++++++
 2 files changed, 139 insertions(+)
 create mode 100644 sdk_container/src/third_party/portage-stable/app-containers/podman/podman-5.7.0.ebuild

diff --git a/sdk_container/src/third_party/portage-stable/app-containers/podman/Manifest b/sdk_container/src/third_party/portage-stable/app-containers/podman/Manifest
index eb1836b399..4500d50f79 100644
--- a/sdk_container/src/third_party/portage-stable/app-containers/podman/Manifest
+++ b/sdk_container/src/third_party/portage-stable/app-containers/podman/Manifest
@@ -1,3 +1,4 @@
 DIST podman-5.3.2.tar.gz 24207488 BLAKE2B 68f618b74be41bf489de97b009d335f3033634c5c065b1089cc9a6132e38e3a7f707b959d29d955ab0bd805721c14cda90c77fa60f6ba09327f38d4a8bc19112 SHA512 b7007278dd3f493bd0d0185ed4328570d5af527d4864c4435e7b330543d60ba87f04f36c94407d4e11e622a4af8b6467f66474e9b66cbeacb8eecb3088b4439e
 DIST podman-5.4.2.tar.gz 25465417 BLAKE2B f4f586bc99af625a5fa9a6915f101738d8c2abb505de96db6a41fde026baf5832047498b8bf1af6d80a84525a113a21680032886eee49458f92bd7321107bf47 SHA512 482fde529766ca1b509a08bab4beb59a5935ebc6b27bc886c33597183258631e8c8db03ebb521baefd7989305aa76fad14c1359e211a0fe75c855c14bbaca960
 DIST podman-5.5.2.tar.gz 21334872 BLAKE2B a3b458afe1dc17699b7a75517727bba0b989e4b605c51a867f5d076fc5bb2bbfe8a914d78c659670bb73ebf3905926259320f6159ad850a7b335fa920ebfe6d4 SHA512 c647e74c22053b95d09f81d9c594203492283bdb881245941fa2d7253946cbb4953d705313a0e57a0d6737cc07697381e8ba5ed388a74d440b74b5fe045821ec
+DIST podman-5.7.0.tar.gz 21261077 BLAKE2B ac67654b0a5d0e0acdfb94701409aecfaaee27ce36bd5329491ab03e28abcca93f76ec22627e9213f9c776b628695845eb0bce20abd682273a8dfa556c55de09 SHA512 e53e3f6d441de7865733e085017ce1c3e0af5cb0ad0cf605f5d15e9813d38e1af22691d59498960ed7bd18e32ef003db4c151a4f4bd5bd0dbac69f4011851ff1
diff --git a/sdk_container/src/third_party/portage-stable/app-containers/podman/podman-5.7.0.ebuild b/sdk_container/src/third_party/portage-stable/app-containers/podman/podman-5.7.0.ebuild
new file mode 100644
index 0000000000..ff14e90ac3
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/app-containers/podman/podman-5.7.0.ebuild
@@ -0,0 +1,138 @@
+# Copyright 1999-2025 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PYTHON_COMPAT=( python3_{11..14} )
+
+inherit go-module python-any-r1 tmpfiles toolchain-funcs linux-info
+
+DESCRIPTION="A tool for managing OCI containers and pods with Docker-compatible CLI"
+HOMEPAGE="https://github.com/containers/podman/ https://podman.io/"
+
+if [[ ${PV} == 9999* ]]; then
+	inherit git-r3
+	EGIT_REPO_URI="https://github.com/containers/podman.git"
+else
+	SRC_URI="https://github.com/containers/podman/archive/v${PV/_rc/-rc}.tar.gz -> ${P}.tar.gz"
+	S="${WORKDIR}/${P/_rc/-rc}"
+	[[ ${PV} != *rc* ]] && \
+		KEYWORDS="~amd64 ~arm64 ~loong ~riscv"
+fi
+
+# main pkg
+LICENSE="Apache-2.0"
+# deps
+LICENSE+=" BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0"
+SLOT="0"
+IUSE="apparmor btrfs +seccomp selinux systemd wrapper"
+RESTRICT="test"
+
+RDEPEND="
+	app-containers/catatonit
+	>=app-containers/conmon-2.1.10
+	>=app-containers/containers-common-0.58.0-r1
+	app-crypt/gpgme:=
+	dev-libs/libassuan:=
+	dev-libs/libgpg-error:=
+	sys-apps/shadow:=
+
+	apparmor? ( sys-libs/libapparmor )
+	btrfs? ( sys-fs/btrfs-progs )
+	wrapper? ( !app-containers/docker-cli )
+	seccomp? ( sys-libs/libseccomp:= )
+	selinux? ( sec-policy/selinux-podman sys-libs/libselinux:= )
+	systemd? ( sys-apps/systemd:= )
+"
+DEPEND="${RDEPEND}"
+BDEPEND="
+	${PYTHON_DEPS}
+	dev-go/go-md2man
+"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-5.5.2-togglable-seccomp.patch
+)
+
+CONFIG_CHECK="
+	~USER_NS
+"
+
+pkg_setup() {
+	use btrfs && CONFIG_CHECK+=" ~BTRFS_FS"
+	linux-info_pkg_setup
+	python-any-r1_pkg_setup
+}
+
+src_prepare() {
+	default
+
+	# assure necessary files are present
+	local file
+	for file in apparmor_tag btrfs_installed_tag systemd_tag; do
+		[[ -f hack/"${file}".sh ]] || die
+	done
+
+	local feature
+	for feature in apparmor systemd; do
+		cat <<-EOF > hack/"${feature}"_tag.sh || die
+		#!/usr/bin/env bash
+		$(usex ${feature} "echo ${feature}" echo)
+		EOF
+	done
+
+	cat <<-EOF > hack/btrfs_installed_tag.sh || die
+	#!/usr/bin/env bash
+	$(usex btrfs echo 'echo exclude_graphdriver_btrfs')
+	EOF
+}
+
+src_compile() {
+	export PREFIX="${EPREFIX}/usr" BUILD_ORIGIN="Gentoo Portage"
+
+	# For non-live versions, prevent git operations which causes sandbox violations
+	# https://github.com/gentoo/gentoo/pull/33531#issuecomment-1786107493
+	[[ ${PV} != 9999* ]] && export COMMIT_NO="" GIT_COMMIT="" EPOCH_TEST_COMMIT=""
+
+	# Use proper pkg-config to get gpgme cflags and ldflags when
+	# cross-compiling, bug 930982.
+	if tc-is-cross-compiler; then
+		tc-export PKG_CONFIG
+	fi
+
+	emake BUILDFLAGS="-v -work -x" GOMD2MAN="go-md2man" EXTRA_BUILDTAGS="$(usev seccomp)" SELINUXOPT= \
+		  all $(usev wrapper docker-docs)
+}
+
+src_install() {
+	emake DESTDIR="${D}" SELINUXOPT= install install.completions $(usev wrapper install.docker-full)
+
+	if use !systemd; then
+		newconfd "${FILESDIR}"/podman-5.0.0_rc4.confd podman
+		newinitd "${FILESDIR}"/podman-5.0.0_rc4.initd podman
+
+		newinitd "${FILESDIR}"/podman-restart-5.0.0_rc4.initd podman-restart
+		newconfd "${FILESDIR}"/podman-restart-5.0.0_rc4.confd podman-restart
+
+		newinitd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.initd podman-clean-transient
+		newconfd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.confd podman-clean-transient
+
+		exeinto /etc/cron.daily
+		newexe "${FILESDIR}"/podman-auto-update-5.0.0.cron podman-auto-update
+
+		insinto /etc/logrotate.d
+		newins "${FILESDIR}/podman.logrotated" podman
+
+		exeinto /etc/user/init.d
+		newexe "${FILESDIR}/podman-5.0.0_rc4.user.initd" podman
+
+		insinto /etc/user/conf.d
+		newins "${FILESDIR}/podman-5.0.0_rc4.user.confd" podman
+	fi
+
+	keepdir /var/lib/containers
+}
+
+pkg_postinst() {
+	tmpfiles_process podman.conf $(usev wrapper podman-docker.conf)
+}