coreos-base/coreos-oem-gce: new meta-package ebuild

This meta-package uses runtime dependencies to collect all packages
needed to build a CoreOS environment.  In this case, it only has a
dependency on the GCE agent Python package, since that ebuild lists
all packages required to function properly.

sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-oem-gce/coreos-oem-gce-0.0.1.ebuild

@@ -0,0 +1,16 @@
+# Copyright (c) 2016 CoreOS, Inc.. All rights reserved.
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=2
+
+DESCRIPTION="CoreOS OEM suite for Google Compute Engine (meta package)"
+HOMEPAGE=""
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64"
+IUSE=""
+
+RDEPEND="
+	app-emulation/google-compute-engine
+"

sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-oem-gce/files/manglefs.sh

@@ -0,0 +1,46 @@
+#!/bin/sh
+set -e
+
+# GCE can work with our normal file system, but it needs an "init system".
+# Here is a better place to install this script so it doesn't get put in real
+# images built from the GCE Python package.
+cat << 'EOF' > init.sh && chmod 755 init.sh
+#!/bin/bash -ex
+
+# Run the initialization scripts.
+/usr/bin/google_instance_setup
+/usr/bin/google_network_setup
+/usr/bin/google_metadata_script_runner --script-type startup
+
+# Handle the signal to shut down this service.
+trap 'stopping=1 ; kill "${daemon_pids[@]}" || :' SIGTERM
+
+# Fork the daemon processes.
+daemon_pids=()
+for d in accounts clock_skew ip_forwarding
+do
+        /usr/bin/google_${d}_daemon & daemon_pids+=($!)
+done
+
+# Pause while the daemons are running, and stop them all when one dies.
+wait -n "${daemon_pids[@]}" || :
+kill "${daemon_pids[@]}" || :
+
+# If a daemon died while we're not shutting down, fail.
+test -n "$stopping" || exit 1
+
+# Otherwise, run the shutdown script before quitting.
+exec /usr/bin/google_metadata_script_runner --script-type shutdown
+EOF
+
+# Disable PAM checks in the container.
+rm -f usr/lib/pam.d/*
+cat << 'EOF' > usr/lib/pam.d/other
+account optional pam_permit.so
+auth optional pam_permit.so
+password optional pam_permit.so
+session optional pam_permit.so
+EOF
+
+# Don't bundle these paths, since they are useless to us.
+rm -fr boot etc/* usr/lib64/systemd var/db/pkg

sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-oem-gce/files/manifest.in

@@ -0,0 +1,38 @@
+{
+  "acKind": "ImageManifest",
+  "acVersion": "0.8.6",
+  "name": "@ACI_NAME@",
+  "labels": [
+    {"name": "arch", "value": "@ACI_ARCH@"},
+    {"name": "os", "value": "linux"},
+    {"name": "version", "value": "@ACI_VERSION@"}
+  ],
+  "app": {
+    "exec": [ "/init.sh" ],
+    "user": "0",
+    "group": "0",
+
+    "mountPoints": [
+      {
+        "name": "baselayout",
+        "path": "/usr/share/baselayout",
+        "readOnly": true
+      },
+      {
+        "name": "cacertificates",
+        "path": "/usr/share/ca-certificates",
+        "readOnly": true
+      },
+      {
+        "name": "etc",
+        "path": "/etc",
+        "readOnly": false
+      },
+      {
+        "name": "runsystemd",
+        "path": "/run/systemd",
+        "readOnly": false
+      }
+    ]
+  }
+}

sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-oem-gce/metadata.xml

@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+</pkgmetadata>