app-arch/torcx: enable Docker in the vendor profile

This also adds placeholder wrapper scripts so previous commands still work. The dockerd wrapper was taken from the Docker package to account for users that edited docker.service instead of using dropins to configure it.
2025-08-22 06:51:26 +02:00 · 2017-06-13 12:20:31 -07:00 · 2017-06-13 12:20:31 -07:00 · 8a2241f45a
commit 8a2241f45a
parent 4c0f8a4a9f
4 changed files with 93 additions and 0 deletions
--- a/sdk_container/src/third_party/coreos-overlay/app-arch/torcx/files/compat-wrapper.sh
+++ b/sdk_container/src/third_party/coreos-overlay/app-arch/torcx/files/compat-wrapper.sh
@ -0,0 +1,33 @@
+#!/bin/bash
+set -e
+
+bin=${0##*/}
+seal=/run/metadata/torcx
+
+if [ -z "${bin}" ]
+then
+        echo 'Failed to determine the executed program name.' 1>&2
+        exit 1
+fi
+
+if [ -s "${seal}" ]
+then
+        . "${seal}"
+else
+        echo "The program ${bin} is managed by torcx, which did not run." 1>&2
+        exit 1
+fi
+
+if [ -z "${TORCX_BINDIR-}" ]
+then
+        echo "The torcx seal file ${seal} is invalid." 1>&2
+        exit 1
+fi
+
+if [ ! -x "${TORCX_BINDIR}/${bin}" ]
+then
+        echo "The current torcx profile did not install a ${bin} program." 1>&2
+        exit 1
+fi
+
+PATH="${TORCX_BINDIR}${PATH:+:${PATH}}" exec "${TORCX_BINDIR}/${bin}" "$@"
--- a/sdk_container/src/third_party/coreos-overlay/app-arch/torcx/files/dockerd-wrapper.sh
+++ b/sdk_container/src/third_party/coreos-overlay/app-arch/torcx/files/dockerd-wrapper.sh
@ -0,0 +1,41 @@
+#!/bin/bash
+# Wrapper for launching docker daemons with selinux default on
+# This wrapper script has been deprecated (euank: 2017-05-09) and is retained
+# for backwards compatibility.
+
+set -e
+
+parse_docker_args() {
+    local flag
+    while [[ $# -gt 0 ]]; do
+        flag="$1"
+        shift
+
+        # treat --flag=foo and --flag foo identically
+        if [[ "${flag}" == *=* ]]; then
+            set -- "${flag#*=}" "$@"
+            flag="${flag%=*}"
+        fi
+
+        case "${flag}" in
+            --selinux-enabled)
+                ARG_SELINUX="$1"
+                shift
+                ;;
+            *)
+                # ignore everything else
+                ;;
+        esac
+    done
+}
+
+parse_docker_args "$@"
+
+USE_SELINUX=""
+# Do not override selinux if it is already explicitly configured.
+if [[ -z "${ARG_SELINUX}" ]]; then
+        # If unspecified, default on
+        USE_SELINUX="--selinux-enabled"
+fi
+
+exec dockerd "$@" ${USE_SELINUX}
--- a/sdk_container/src/third_party/coreos-overlay/app-arch/torcx/files/vendor.json
+++ b/sdk_container/src/third_party/coreos-overlay/app-arch/torcx/files/vendor.json
@ -0,0 +1,11 @@
+{
+    "kind": "profile-manifest-v0",
+    "value": {
+        "images": [
+            {
+                "name": "docker",
+                "reference": "com.coreos.cl"
+            }
+        ]
+    }
+}
--- a/sdk_container/src/third_party/coreos-overlay/app-arch/torcx/torcx-9999.ebuild
+++ b/sdk_container/src/third_party/coreos-overlay/app-arch/torcx/torcx-9999.ebuild
@ -46,4 +46,12 @@ src_install() {
 	insinto "${vendordir}/profiles"
 	doins "${FILESDIR}/vendor.json"
 	dodir "${vendordir}/store"
+
+	# Preserve program paths for torcx packages.
+	newbin "${FILESDIR}/compat-wrapper.sh" docker
+	for link in {docker-,}{containerd{,-shim},runc} ctr docker-{init,proxy} dockerd tini
+	do ln -fns docker "${ED}/usr/bin/${link}"
+	done
+	exeinto /usr/lib/coreos
+	newexe "${FILESDIR}/dockerd-wrapper.sh" dockerd
 }