From fba15a002b61692efdc54fa5f262a9fcdf3ef7f9 Mon Sep 17 00:00:00 2001 From: Nick Owens Date: Wed, 29 Jun 2016 14:15:49 -0700 Subject: [PATCH 1/3] app-emulation/containerd: bump to 0.2.2 --- .../app-emulation/containerd/Manifest | 6 +- ...d-0.2.0.ebuild => containerd-0.2.2.ebuild} | 12 +- ...01-Use-flag-for-aarch64-EpollCreate1.patch | 45 ----- ...utils-epoll_aarch64-fix-C-formatting.patch | 80 -------- .../0003-archutils-fix-build-on-aarch64.patch | 39 ---- .../0004-Correct-build-flag-for-arm64.patch | 183 ------------------ 6 files changed, 2 insertions(+), 363 deletions(-) rename sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/{containerd-0.2.0.ebuild => containerd-0.2.2.ebuild} (77%) delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/0001-Use-flag-for-aarch64-EpollCreate1.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/0002-archutils-epoll_aarch64-fix-C-formatting.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/0003-archutils-fix-build-on-aarch64.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/0004-Correct-build-flag-for-arm64.patch diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/Manifest b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/Manifest index 0fdcbd9802..32ec50c7d1 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/Manifest +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/Manifest @@ -1,5 +1 @@ -DIST containerd-0.2.0.tar.gz 635248 SHA256 1462e0c233763800b91ac2a670d82994ba1988560928e153f751fb1c0a6608c0 SHA512 381c0a21733fb79e90364649b46cbdadbc32d07245bd7a320465f6619ee5895e9552b7cc4393cb8d409295a7b867b7e461c079715cf1938e6313d4b888d81518 WHIRLPOOL d4e70a8be832227be671c13b77242a790cdf8645ff294c31d72e8cf01de2b30b9d78c691a156624adb004de42af6f133cb88b46aff37a33bc94d72bf87a0ee8a -EBUILD containerd-0.2.0.ebuild 872 SHA256 3489ed392df85fb20d79c7642b5d8ffc4e27bee998bbff94924cd096b45b4ff8 SHA512 2be6d72181de2b17a63f193215a55ae7e4641428ed701720e1eeb4f52d77d3fcc709660c3bdf0315ac3cf29b5bdd39c4eb8d90e3672167dcd28ce9947c0a8462 WHIRLPOOL af8a90feff38580e190f24659d52f85da2f3d77589a82cf771a8aed91e2c9600d05311e1f30badadc1561884256f7465ba201b3613d510a2cb888909289b2558 -EBUILD containerd-9999.ebuild 873 SHA256 37689bdf98b0c26caf73768b628fb5b247c99ac936fc71b9515518fbeaec0ee8 SHA512 a9dcb7eeb0929717572f181143135f35c316b9a2111d2e84c1b0e3de58fb3cdb5be4b1d838a4496c6baa00bcf0d11e55848d6c6faf3c3e4b5d22762423c582d2 WHIRLPOOL 4ce7ccf1c2beee6f489012fa5bfcbf9f0700a680d964be2561438b2a7dd5c506dd020507c7ab3b8728e92f0e40afd044f8838b41111585f32f7c8f8745bfc41c -MISC ChangeLog 907 SHA256 e4c5c82016826389ac30d0f6c6abbd21d68ee4305bf5081c4042c935128d077a SHA512 5fa4260862c25b7e89050f0f89e4a4cdbce7e633c7ec99fa68ef7cd9c87d3f1bf9627da0bf2217a42b3e9d36009093db7e037b45d136c128915b3d11e13b5ff6 WHIRLPOOL 3a3cbf24e9ffe67575d95b9113ffbec4208eaa9a0f274d6adc87c92b6b278ea167f7139b49406b4b66e5c4e0e2d600f1d23ae9fe0a388d40c29ffeaa0e2d0d6e -MISC metadata.xml 806 SHA256 0e405066fe37fcb61860b427329725ad643f44ca8c51ce3155155f9804364e9e SHA512 2fdec9a5625e9c7339988704a60f1e4dc337d05cd510199a3228402f8e4b67b685afee44c87b035895791312e269d84e1821f7b1b2ebcc2f011d036bf7eeb9de WHIRLPOOL 8dc5aea92a5fcc73dd4f6bfcd2d4ece9ee27770000c66ad0fadfe3c78dac0c8261fb9016b8a0abf76a58c8236cd7a25c117356df86e38a8ec09dffdb6eeb64d1 +DIST containerd-0.2.2.tar.gz 635882 SHA256 a21efc7ea4bb97306ae9807caadca6782358679f38d3afd606cb599b6853bc52 SHA512 db6111984ccce01e928d46f0a22aaeed8d0eb50c2578df4e0cd5f56f43f8bdea43aad3203c2afb743ccf82908bd5961792681eafe07818a4057ca5f5f31c5396 WHIRLPOOL ce80bf79970faeacc3329cb4e365973a88539508904003da3d0f32afce9966e89bdf13a8894657e1fd983392cf2ab88b053393cbbc2018f509d9cbc57ab835cc diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-0.2.0.ebuild b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-0.2.2.ebuild similarity index 77% rename from sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-0.2.0.ebuild rename to sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-0.2.2.ebuild index d04d9e3d56..0888986770 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-0.2.0.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-0.2.2.ebuild @@ -31,17 +31,6 @@ RDEPEND="app-emulation/runc S=${WORKDIR}/${P}/src/${EGO_PN} -PATCHES=( - "${FILESDIR}"/0001-Use-flag-for-aarch64-EpollCreate1.patch - "${FILESDIR}"/0002-archutils-epoll_aarch64-fix-C-formatting.patch - "${FILESDIR}"/0003-archutils-fix-build-on-aarch64.patch - "${FILESDIR}"/0004-Correct-build-flag-for-arm64.patch -) - -src_prepare() { - epatch "${PATCHES[@]}" -} - src_compile() { export GOARCH=$(go_get_arch) export CGO_ENABLED=1 @@ -56,3 +45,4 @@ src_compile() { src_install() { dobin bin/containerd* bin/ctr } + diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/0001-Use-flag-for-aarch64-EpollCreate1.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/0001-Use-flag-for-aarch64-EpollCreate1.patch deleted file mode 100644 index 00aab87015..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/0001-Use-flag-for-aarch64-EpollCreate1.patch +++ /dev/null @@ -1,45 +0,0 @@ -From e419be223f415008f313e95d6d19f20398bdec9b Mon Sep 17 00:00:00 2001 -From: Qiang Huang -Date: Mon, 11 Apr 2016 15:01:36 +0800 -Subject: [PATCH] Use flag for aarch64 EpollCreate1 - -Signed-off-by: Qiang Huang ---- - archutils/epoll_aarch64.go | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/archutils/epoll_aarch64.go b/archutils/epoll_aarch64.go -index b0ea48c..3984ac4 100644 ---- a/archutils/epoll_aarch64.go -+++ b/archutils/epoll_aarch64.go -@@ -5,15 +5,15 @@ package archutils - // #include - /* - int EpollCreate1(int flag) { -- return epoll_create1(0); -+ return epoll_create1(flag); - } - --int EpollCtl(int efd, int op,int sfd, int Events, int Fd) { -+int EpollCtl(int efd, int op, int sfd, int Events, int Fd) { - struct epoll_event event; - event.events = Events; - event.data.fd = Fd; - -- return epoll_ctl(efd,op,sfd,&event); -+ return epoll_ctl(efd, op, sfd, &event); - } - - typedef struct Event{ -@@ -41,7 +41,7 @@ import ( - ) - - func EpollCreate1(flag int) (int, error) { -- fd := int(C.EpollCreate1(0)) -+ fd := int(C.EpollCreate1(C.int(flag))) - if fd < 0 { - return fd, fmt.Errorf("failed to create epoll, errno is %d", fd) - } --- -2.8.3 - diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/0002-archutils-epoll_aarch64-fix-C-formatting.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/0002-archutils-epoll_aarch64-fix-C-formatting.patch deleted file mode 100644 index 1f58214f4e..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/0002-archutils-epoll_aarch64-fix-C-formatting.patch +++ /dev/null @@ -1,80 +0,0 @@ -From 1e617aaab4942faf8a354c7239f061300637e5b8 Mon Sep 17 00:00:00 2001 -From: Aleksa Sarai -Date: Wed, 13 Apr 2016 16:08:28 +1000 -Subject: [PATCH 2/2] archutils: epoll_aarch64: fix C formatting - -Use proper C formatting to make the cgo code much easier to read. Also -remove the pointless typedef. - -Signed-off-by: Aleksa Sarai ---- - archutils/epoll_aarch64.go | 38 +++++++++++++++++++------------------- - 1 file changed, 19 insertions(+), 19 deletions(-) - -diff --git a/archutils/epoll_aarch64.go b/archutils/epoll_aarch64.go -index 3984ac4..73cd8ed 100644 ---- a/archutils/epoll_aarch64.go -+++ b/archutils/epoll_aarch64.go -@@ -5,31 +5,31 @@ package archutils - // #include - /* - int EpollCreate1(int flag) { -- return epoll_create1(flag); -+ return epoll_create1(flag); - } - --int EpollCtl(int efd, int op, int sfd, int Events, int Fd) { -- struct epoll_event event; -- event.events = Events; -- event.data.fd = Fd; -+int EpollCtl(int efd, int op,int sfd, int events, int fd) { -+ struct epoll_event event; -+ event.events = events; -+ event.data.fd = fd; - -- return epoll_ctl(efd, op, sfd, &event); -+ return epoll_ctl(efd, op, sfd, &event); - } - --typedef struct Event{ -- uint32_t events; -- int fd; -+struct event_t { -+ uint32_t events; -+ int fd; - }; - - struct epoll_event events[128]; --int run_epoll_wait(int fd, struct Event *event) { -- int n, i; -- n = epoll_wait(fd, events, 128, -1); -- for (i = 0; i < n; i++) { -- event[i].events = events[i].events; -- event[i].fd = events[i].data.fd; -- } -- return n; -+int run_epoll_wait(int fd, struct event_t *event) { -+ int n, i; -+ n = epoll_wait(fd, events, 128, -1); -+ for (i = 0; i < n; i++) { -+ event[i].events = events[i].events; -+ event[i].fd = events[i].data.fd; -+ } -+ return n; - } - */ - import "C" -@@ -57,8 +57,8 @@ func EpollCtl(epfd int, op int, fd int, event *syscall.EpollEvent) error { - } - - func EpollWait(epfd int, events []syscall.EpollEvent, msec int) (int, error) { -- var c_events [128]C.struct_Event -- n := int(C.run_epoll_wait(C.int(epfd), (*C.struct_Event)(unsafe.Pointer(&c_events)))) -+ var c_events [128]C.struct_event_t -+ n := int(C.run_epoll_wait(C.int(epfd), (*C.struct_event_t)(unsafe.Pointer(&c_events)))) - if n < 0 { - return int(n), fmt.Errorf("Failed to wait epoll") - } --- -2.8.3 - diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/0003-archutils-fix-build-on-aarch64.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/0003-archutils-fix-build-on-aarch64.patch deleted file mode 100644 index 72f90c9127..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/0003-archutils-fix-build-on-aarch64.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 7c572f16734b69134b17c5f6c563d6d6a595e606 Mon Sep 17 00:00:00 2001 -From: Aleksa Sarai -Date: Wed, 13 Apr 2016 19:29:20 +1000 -Subject: [PATCH 3/3] archutils: fix build on aarch64 - -Due to an invalid architecture name (arm64), containerd could not build -on aarch64 machines. Fix this by using the correct name of the -architecture for conditional building. - -Signed-off-by: Aleksa Sarai ---- - archutils/epoll.go | 3 ++- - archutils/epoll_aarch64.go | 2 +- - 2 files changed, 3 insertions(+), 2 deletions(-) - -diff --git a/archutils/epoll.go b/archutils/epoll.go -index 6922b52..6bb6047 100644 ---- a/archutils/epoll.go -+++ b/archutils/epoll.go -@@ -1,4 +1,5 @@ --//+build !arm64,linux -+// +build linux,!aarch64 -+ - package archutils - - import ( -diff --git a/archutils/epoll_aarch64.go b/archutils/epoll_aarch64.go -index 73cd8ed..3d63147 100644 ---- a/archutils/epoll_aarch64.go -+++ b/archutils/epoll_aarch64.go -@@ -1,4 +1,4 @@ --// +build arm64,linux -+// +build linux,aarch64 - - package archutils - --- -2.8.3 - diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/0004-Correct-build-flag-for-arm64.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/0004-Correct-build-flag-for-arm64.patch deleted file mode 100644 index 7d8527c047..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/0004-Correct-build-flag-for-arm64.patch +++ /dev/null @@ -1,183 +0,0 @@ -From 313db3df26b12293e7d99eab0647f5222f195648 Mon Sep 17 00:00:00 2001 -From: Qiang Huang -Date: Fri, 29 Apr 2016 11:42:41 +0000 -Subject: [PATCH 4/4] Correct build flag for arm64 - -On arm64, the default build flag is the same as the one from -`go env` which is arm64. So we should use arm64 instead of -aarch64 for both build flag and file name. - -Signed-off-by: Qiang Huang ---- - archutils/epoll.go | 2 +- - archutils/epoll_aarch64.go | 70 ---------------------------------------------- - archutils/epoll_arm64.go | 70 ++++++++++++++++++++++++++++++++++++++++++++++ - 3 files changed, 71 insertions(+), 71 deletions(-) - delete mode 100644 archutils/epoll_aarch64.go - create mode 100644 archutils/epoll_arm64.go - -diff --git a/archutils/epoll.go b/archutils/epoll.go -index 6bb6047..c8ade64 100644 ---- a/archutils/epoll.go -+++ b/archutils/epoll.go -@@ -1,4 +1,4 @@ --// +build linux,!aarch64 -+// +build linux,!arm64 - - package archutils - -diff --git a/archutils/epoll_aarch64.go b/archutils/epoll_aarch64.go -deleted file mode 100644 -index 3d63147..0000000 ---- a/archutils/epoll_aarch64.go -+++ /dev/null -@@ -1,70 +0,0 @@ --// +build linux,aarch64 -- --package archutils -- --// #include --/* --int EpollCreate1(int flag) { -- return epoll_create1(flag); --} -- --int EpollCtl(int efd, int op,int sfd, int events, int fd) { -- struct epoll_event event; -- event.events = events; -- event.data.fd = fd; -- -- return epoll_ctl(efd, op, sfd, &event); --} -- --struct event_t { -- uint32_t events; -- int fd; --}; -- --struct epoll_event events[128]; --int run_epoll_wait(int fd, struct event_t *event) { -- int n, i; -- n = epoll_wait(fd, events, 128, -1); -- for (i = 0; i < n; i++) { -- event[i].events = events[i].events; -- event[i].fd = events[i].data.fd; -- } -- return n; --} --*/ --import "C" -- --import ( -- "fmt" -- "syscall" -- "unsafe" --) -- --func EpollCreate1(flag int) (int, error) { -- fd := int(C.EpollCreate1(C.int(flag))) -- if fd < 0 { -- return fd, fmt.Errorf("failed to create epoll, errno is %d", fd) -- } -- return fd, nil --} -- --func EpollCtl(epfd int, op int, fd int, event *syscall.EpollEvent) error { -- errno := C.EpollCtl(C.int(epfd), C.int(syscall.EPOLL_CTL_ADD), C.int(fd), C.int(event.Events), C.int(event.Fd)) -- if errno < 0 { -- return fmt.Errorf("Failed to ctl epoll") -- } -- return nil --} -- --func EpollWait(epfd int, events []syscall.EpollEvent, msec int) (int, error) { -- var c_events [128]C.struct_event_t -- n := int(C.run_epoll_wait(C.int(epfd), (*C.struct_event_t)(unsafe.Pointer(&c_events)))) -- if n < 0 { -- return int(n), fmt.Errorf("Failed to wait epoll") -- } -- for i := 0; i < n; i++ { -- events[i].Fd = int32(c_events[i].fd) -- events[i].Events = uint32(c_events[i].events) -- } -- return int(n), nil --} -diff --git a/archutils/epoll_arm64.go b/archutils/epoll_arm64.go -new file mode 100644 -index 0000000..00abc68 ---- /dev/null -+++ b/archutils/epoll_arm64.go -@@ -0,0 +1,70 @@ -+// +build linux,arm64 -+ -+package archutils -+ -+// #include -+/* -+int EpollCreate1(int flag) { -+ return epoll_create1(flag); -+} -+ -+int EpollCtl(int efd, int op,int sfd, int events, int fd) { -+ struct epoll_event event; -+ event.events = events; -+ event.data.fd = fd; -+ -+ return epoll_ctl(efd, op, sfd, &event); -+} -+ -+struct event_t { -+ uint32_t events; -+ int fd; -+}; -+ -+struct epoll_event events[128]; -+int run_epoll_wait(int fd, struct event_t *event) { -+ int n, i; -+ n = epoll_wait(fd, events, 128, -1); -+ for (i = 0; i < n; i++) { -+ event[i].events = events[i].events; -+ event[i].fd = events[i].data.fd; -+ } -+ return n; -+} -+*/ -+import "C" -+ -+import ( -+ "fmt" -+ "syscall" -+ "unsafe" -+) -+ -+func EpollCreate1(flag int) (int, error) { -+ fd := int(C.EpollCreate1(C.int(flag))) -+ if fd < 0 { -+ return fd, fmt.Errorf("failed to create epoll, errno is %d", fd) -+ } -+ return fd, nil -+} -+ -+func EpollCtl(epfd int, op int, fd int, event *syscall.EpollEvent) error { -+ errno := C.EpollCtl(C.int(epfd), C.int(syscall.EPOLL_CTL_ADD), C.int(fd), C.int(event.Events), C.int(event.Fd)) -+ if errno < 0 { -+ return fmt.Errorf("Failed to ctl epoll") -+ } -+ return nil -+} -+ -+func EpollWait(epfd int, events []syscall.EpollEvent, msec int) (int, error) { -+ var c_events [128]C.struct_event_t -+ n := int(C.run_epoll_wait(C.int(epfd), (*C.struct_event_t)(unsafe.Pointer(&c_events)))) -+ if n < 0 { -+ return int(n), fmt.Errorf("Failed to wait epoll") -+ } -+ for i := 0; i < n; i++ { -+ events[i].Fd = int32(c_events[i].fd) -+ events[i].Events = uint32(c_events[i].events) -+ } -+ return int(n), nil -+} --- -2.8.3 - From b1826073c6ba7211574471edb1655ea999089a26 Mon Sep 17 00:00:00 2001 From: Nick Owens Date: Wed, 29 Jun 2016 14:17:47 -0700 Subject: [PATCH 2/3] app-emulation/containerd: drop default seccomp, causes build failures for amd64 --- .../{containerd-0.2.2.ebuild => containerd-0.2.2-r1.ebuild} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/{containerd-0.2.2.ebuild => containerd-0.2.2-r1.ebuild} (98%) diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-0.2.2.ebuild b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-0.2.2-r1.ebuild similarity index 98% rename from sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-0.2.2.ebuild rename to sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-0.2.2-r1.ebuild index 0888986770..9e685da1b4 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-0.2.2.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-0.2.2-r1.ebuild @@ -23,7 +23,7 @@ HOMEPAGE="https://containerd.tools" LICENSE="Apache-2.0" SLOT="0" -IUSE="+seccomp" +IUSE="seccomp" DEPEND="" RDEPEND="app-emulation/runc From 5b6f4d338f6bf27fe60d1221278474bf001854c8 Mon Sep 17 00:00:00 2001 From: Nick Owens Date: Tue, 21 Jun 2016 16:19:42 -0700 Subject: [PATCH 3/3] app-emulation/docker: bump to coreos-1.11.2 --- .../docker/docker-1.10.3-r5.ebuild | 1 - ...-1.10.3-r4.ebuild => docker-1.11.2.ebuild} | 0 .../app-emulation/docker/docker-9999.ebuild | 40 +++++++------------ .../docker/files/early-docker.service | 2 +- 4 files changed, 16 insertions(+), 27 deletions(-) delete mode 120000 sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-1.10.3-r5.ebuild rename sdk_container/src/third_party/coreos-overlay/app-emulation/docker/{docker-1.10.3-r4.ebuild => docker-1.11.2.ebuild} (100%) diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-1.10.3-r5.ebuild b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-1.10.3-r5.ebuild deleted file mode 120000 index 5316ba320c..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-1.10.3-r5.ebuild +++ /dev/null @@ -1 +0,0 @@ -docker-9999.ebuild \ No newline at end of file diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-1.10.3-r4.ebuild b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-1.11.2.ebuild similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-1.10.3-r4.ebuild rename to sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-1.11.2.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-9999.ebuild b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-9999.ebuild index 477d777f61..3a68f46ae0 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-9999.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-9999.ebuild @@ -12,7 +12,7 @@ if [[ ${PV} == *9999 ]]; then DOCKER_GITCOMMIT="unknown" KEYWORDS="~amd64 ~arm64" else - CROS_WORKON_COMMIT="1f8f5456c13bb31423776e886073bf44c33e2db5" # coreos-1.10.3 + CROS_WORKON_COMMIT="4a6e2b1e56ecd816ca066f71e7632f8a0171cada" # coreos-1.11.2 DOCKER_GITCOMMIT="${CROS_WORKON_COMMIT:0:7}" KEYWORDS="amd64 arm64" fi @@ -40,7 +40,6 @@ CDEPEND=" ) " -#dev-go/go-md2man DEPEND=" ${CDEPEND} @@ -67,6 +66,9 @@ RDEPEND=" >=dev-vcs/git-1.7 >=app-arch/xz-utils-4.9 + >=app-emulation/containerd-0.2.0 + >=app-emulation/runc-0.1.0 + apparmor? ( sys-libs/libapparmor[static-libs] ) @@ -79,7 +81,7 @@ CONFIG_CHECK=" ~NAMESPACES ~NET_NS ~PID_NS ~IPC_NS ~UTS_NS ~DEVPTS_MULTIPLE_INSTANCES ~CGROUPS ~CGROUP_CPUACCT ~CGROUP_DEVICE ~CGROUP_FREEZER ~CGROUP_SCHED ~CPUSETS ~MEMCG - ~MACVLAN ~VETH ~BRIDGE ~BRIDGE_NETFILTER + ~KEYS ~MACVLAN ~VETH ~BRIDGE ~BRIDGE_NETFILTER ~NF_NAT_IPV4 ~IP_NF_FILTER ~IP_NF_TARGET_MASQUERADE ~NETFILTER_XT_MATCH_ADDRTYPE ~NETFILTER_XT_MATCH_CONNTRACK ~NF_NAT ~NF_NAT_NEEDED @@ -88,14 +90,14 @@ CONFIG_CHECK=" ~MEMCG_KMEM ~MEMCG_SWAP ~MEMCG_SWAP_ENABLED - ~BLK_CGROUP ~IOSCHED_CFQ ~BLK_DEV_THROTTLING + ~BLK_CGROUP ~IOSCHED_CFQ ~CGROUP_PERF ~CGROUP_HUGETLB ~NET_CLS_CGROUP ~CFS_BANDWIDTH ~FAIR_GROUP_SCHED ~RT_GROUP_SCHED " -ERROR_USER_NS="CONFIG_USER_NS: is optional" +ERROR_KEYS="CONFIG_KEYS: is mandatory, see bug 581348" ERROR_MEMCG_KMEM="CONFIG_MEMCG_KMEM: is optional" ERROR_MEMCG_SWAP="CONFIG_MEMCG_SWAP: is required if you wish to limit swap usage of containers" ERROR_RESOURCE_COUNTERS="CONFIG_RESOURCE_COUNTERS: is optional for container statistics gathering" @@ -208,10 +210,11 @@ src_compile() { [ "$DOCKER_GITCOMMIT" ] && export DOCKER_GITCOMMIT if gcc-specs-pie; then - sed -i "s/EXTLDFLAGS_STATIC='/EXTLDFLAGS_STATIC='-fno-PIC /" hack/make.sh || die + sed -i "s/EXTLDFLAGS_STATIC='/&-fno-PIC /" hack/make.sh || die grep -q -- '-fno-PIC' hack/make.sh || die 'hardened sed failed' - sed -i "s/LDFLAGS_STATIC_DOCKER='/LDFLAGS_STATIC_DOCKER='-extldflags -fno-PIC /" hack/make/dynbinary || die + sed "s/LDFLAGS_STATIC_DOCKER='/&-extldflags -fno-PIC /" \ + -i hack/make/dynbinary || die grep -q -- '-fno-PIC' hack/make/dynbinary || die 'hardened sed failed' fi @@ -223,18 +226,11 @@ src_compile() { fi done - if use seccomp; then - DOCKER_BUILDTAGS+=" seccomp" - fi - if use selinux; then - DOCKER_BUILDTAGS+=" selinux" - fi - if use apparmor; then - DOCKER_BUILDTAGS+=' apparmor' - fi - if use journald; then - DOCKER_BUILDTAGS+=' journald' - fi + for tag in apparmor seccomp selinux journald; do + if use $tag; then + DOCKER_BUILDTAGS+=" $tag" + fi + done if has_version '