From 8a2241f45a847a3f8f92f661f18a687a8e088fab Mon Sep 17 00:00:00 2001
From: David Michael <david.michael@coreos.com>
Date: Tue, 13 Jun 2017 12:20:31 -0700
Subject: [PATCH] app-arch/torcx: enable Docker in the vendor profile

This also adds placeholder wrapper scripts so previous commands
still work.  The dockerd wrapper was taken from the Docker package
to account for users that edited docker.service instead of using
dropins to configure it.
---
 .../app-arch/torcx/files/compat-wrapper.sh    | 33 +++++++++++++++
 .../app-arch/torcx/files/dockerd-wrapper.sh   | 41 +++++++++++++++++++
 .../app-arch/torcx/files/vendor.json          | 11 +++++
 .../app-arch/torcx/torcx-9999.ebuild          |  8 ++++
 4 files changed, 93 insertions(+)
 create mode 100644 sdk_container/src/third_party/coreos-overlay/app-arch/torcx/files/compat-wrapper.sh
 create mode 100644 sdk_container/src/third_party/coreos-overlay/app-arch/torcx/files/dockerd-wrapper.sh

diff --git a/sdk_container/src/third_party/coreos-overlay/app-arch/torcx/files/compat-wrapper.sh b/sdk_container/src/third_party/coreos-overlay/app-arch/torcx/files/compat-wrapper.sh
new file mode 100644
index 0000000000..122162deca
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/app-arch/torcx/files/compat-wrapper.sh
@@ -0,0 +1,33 @@
+#!/bin/bash
+set -e
+
+bin=${0##*/}
+seal=/run/metadata/torcx
+
+if [ -z "${bin}" ]
+then
+        echo 'Failed to determine the executed program name.' 1>&2
+        exit 1
+fi
+
+if [ -s "${seal}" ]
+then
+        . "${seal}"
+else
+        echo "The program ${bin} is managed by torcx, which did not run." 1>&2
+        exit 1
+fi
+
+if [ -z "${TORCX_BINDIR-}" ]
+then
+        echo "The torcx seal file ${seal} is invalid." 1>&2
+        exit 1
+fi
+
+if [ ! -x "${TORCX_BINDIR}/${bin}" ]
+then
+        echo "The current torcx profile did not install a ${bin} program." 1>&2
+        exit 1
+fi
+
+PATH="${TORCX_BINDIR}${PATH:+:${PATH}}" exec "${TORCX_BINDIR}/${bin}" "$@"
diff --git a/sdk_container/src/third_party/coreos-overlay/app-arch/torcx/files/dockerd-wrapper.sh b/sdk_container/src/third_party/coreos-overlay/app-arch/torcx/files/dockerd-wrapper.sh
new file mode 100644
index 0000000000..2a94d06561
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/app-arch/torcx/files/dockerd-wrapper.sh
@@ -0,0 +1,41 @@
+#!/bin/bash
+# Wrapper for launching docker daemons with selinux default on
+# This wrapper script has been deprecated (euank: 2017-05-09) and is retained
+# for backwards compatibility.
+
+set -e
+
+parse_docker_args() {
+    local flag
+    while [[ $# -gt 0 ]]; do
+        flag="$1"
+        shift
+
+        # treat --flag=foo and --flag foo identically
+        if [[ "${flag}" == *=* ]]; then
+            set -- "${flag#*=}" "$@"
+            flag="${flag%=*}"
+        fi
+
+        case "${flag}" in
+            --selinux-enabled)
+                ARG_SELINUX="$1"
+                shift
+                ;;
+            *)
+                # ignore everything else
+                ;;
+        esac
+    done
+}
+
+parse_docker_args "$@"
+
+USE_SELINUX=""
+# Do not override selinux if it is already explicitly configured.
+if [[ -z "${ARG_SELINUX}" ]]; then
+        # If unspecified, default on
+        USE_SELINUX="--selinux-enabled"
+fi
+
+exec dockerd "$@" ${USE_SELINUX}
diff --git a/sdk_container/src/third_party/coreos-overlay/app-arch/torcx/files/vendor.json b/sdk_container/src/third_party/coreos-overlay/app-arch/torcx/files/vendor.json
index e69de29bb2..4480c4e767 100644
--- a/sdk_container/src/third_party/coreos-overlay/app-arch/torcx/files/vendor.json
+++ b/sdk_container/src/third_party/coreos-overlay/app-arch/torcx/files/vendor.json
@@ -0,0 +1,11 @@
+{
+    "kind": "profile-manifest-v0",
+    "value": {
+        "images": [
+            {
+                "name": "docker",
+                "reference": "com.coreos.cl"
+            }
+        ]
+    }
+}
diff --git a/sdk_container/src/third_party/coreos-overlay/app-arch/torcx/torcx-9999.ebuild b/sdk_container/src/third_party/coreos-overlay/app-arch/torcx/torcx-9999.ebuild
index 228da33af2..f603802656 100644
--- a/sdk_container/src/third_party/coreos-overlay/app-arch/torcx/torcx-9999.ebuild
+++ b/sdk_container/src/third_party/coreos-overlay/app-arch/torcx/torcx-9999.ebuild
@@ -46,4 +46,12 @@ src_install() {
 	insinto "${vendordir}/profiles"
 	doins "${FILESDIR}/vendor.json"
 	dodir "${vendordir}/store"
+
+	# Preserve program paths for torcx packages.
+	newbin "${FILESDIR}/compat-wrapper.sh" docker
+	for link in {docker-,}{containerd{,-shim},runc} ctr docker-{init,proxy} dockerd tini
+	do ln -fns docker "${ED}/usr/bin/${link}"
+	done
+	exeinto /usr/lib/coreos
+	newexe "${FILESDIR}/dockerd-wrapper.sh" dockerd
 }