diff options
| author |   Rahil Bhimjiani <me@rahil.rocks> | 2024-03-15 11:23:47 +0530 |
|---|---|---|
| committer |   Zac Medico <zmedico@gentoo.org> | 2024-03-16 16:35:07 -0700 |
| commit | 4df282fe5773697ab69a86d413675d608dc36b38 (patch) | |
| tree | 40ad669dba838ab38c47ead42e0bf6ae69437106 /app-containers/podman | |
| parent | net-misc/freerdp: Require libXrandr if X and gstreamer (diff) | |
| download | gentoo-4df282fe5773697ab69a86d413675d608dc36b38.tar.gz gentoo-4df282fe5773697ab69a86d413675d608dc36b38.tar.bz2 gentoo-4df282fe5773697ab69a86d413675d608dc36b38.zip | |
app-containers/podman: add 5.0.0_rc7 with new openrc service
podman-cleanup-transient:
This service runs once each boot to remove potential leftover
container state from previous boots.
This is needed when using transient storage mode in podman where the
database and other configs are stored in tmpfs, but some other files
are not. If we don't run this after an unclean boot then there may
be some leftover files that grow over time.
Signed-off-by: Rahil Bhimjiani <me@rahil.rocks>
From: https://github.com/gentoo/gentoo/pull/35766
Signed-off-by: Zac Medico <zmedico@gentoo.org>
Diffstat (limited to 'app-containers/podman')
| -rw-r--r-- | app-containers/podman/Manifest | 1 | ||||
| -rw-r--r-- | app-containers/podman/files/podman-clean-transient-5.0.0_rc6.confd | 8 | ||||
| -rw-r--r-- | app-containers/podman/files/podman-clean-transient-5.0.0_rc6.initd | 17 | ||||
| -rw-r--r-- | app-containers/podman/podman-5.0.0_rc7.ebuild | 151 | ||||
| -rw-r--r-- | app-containers/podman/podman-9999.ebuild | 3 |
5 files changed, 180 insertions, 0 deletions
diff --git a/app-containers/podman/Manifest b/app-containers/podman/Manifest index 9ad7bc642451..80f9c38e4c6e 100644 --- a/app-containers/podman/Manifest +++ b/app-containers/podman/Manifest @@ -2,3 +2,4 @@ DIST podman-4.8.3.tar.gz 21565162 BLAKE2B 13d2e5800dce96ba8c1671f251c2809dc01661 DIST podman-4.9.3.tar.gz 21727849 BLAKE2B 9a67ba4266a8a0e20d165ba2bae00dcf146724ee976838d5e3310b094155ffa89bff526e8ae72864dc100d1e6878d5519d53581dc7e034982a4f2b364e4c8feb SHA512 395014bbe70923f1444d2f33440013a16e9c339b70be5e6a9c7026617a40795a1c0e410c08a52fba46b9f5e853d853ce4133db36167a3c5ace7d325f8b3a3327 DIST podman-5.0.0_rc4.tar.gz 21846225 BLAKE2B c0e5a032af624401e1a61309194417a47144ccc5fa10ae827b80ff06b5034c78c4a01c5b44de587c357ef1aa1bbe848ee517edde1f90396bc675a35f4c9cf8e7 SHA512 034b411dfde2e3219b9bbdf5c966f474c9ed1a48a83793494abd0f74d164617f1321c2723384eb43827813faaf5737b378893c1555816badcbd1c81904349944 DIST podman-5.0.0_rc5.tar.gz 21856941 BLAKE2B 7800ad4d928bcc19c223a4dc6a84c32b32f8655753a8a77cca57d78b351bac911c7cf72d5425242ad93d165b620b7060e852a9b8816196136767bc500b5881f9 SHA512 a3ccd6eb53d66297be30ec66efa0a5fa5f5050a647c6bc5cdb2fd4cd9dd5638c42328bf1429a2fa3f8dcc84bb7d1ffbdd9c6bf06862993277f5b60d740d91c1b +DIST podman-5.0.0_rc7.tar.gz 21865293 BLAKE2B 36462bab50a322942053d301e9bc8d75f4b7ef9776d73c1fbf30f37eb538e98c85ddae42d8ab3cd3183b85985716d1c42b94dacf9881a74046c75e45697c0c24 SHA512 ce66a6a061511bcb1e2e0044dbae50a421719974bc1126cc54c725d2d72282718e7cea8a5e0013b5e10b6d3ea9efb3d84716b4906312ed0190d6e5036dcd4f97 diff --git a/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.confd b/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.confd new file mode 100644 index 000000000000..e85d8d51ff8e --- /dev/null +++ b/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.confd @@ -0,0 +1,8 @@ +# Config file for /etc/init.d/podman-clean-transient + +# Sets the podman log level +# valid levels: debug, info, warn, error, fatal or panic +#LOG_LEVEL="info" + +# Configure the user[:group] the podman will run as +#RUN_AS_USER="root:root" diff --git a/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.initd b/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.initd new file mode 100644 index 000000000000..cd759c7eafc0 --- /dev/null +++ b/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.initd @@ -0,0 +1,17 @@ +#!/sbin/openrc-run +# Copyright 2015-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +# This service runs once each boot to remove potential leftover +# container state from previous boots. + +# This is needed when using transient storage mode in podman where the +# database and other configs are stored in tmpfs, but some other files +# are not. If we don't run this after an unclean boot then there may +# be some leftover files that grow over time. + +description="Clean up podman transient data" + +command_user="${RUN_AS_USER:-root:root}" +command="/usr/bin/podman" +command_args="--log-level ${LOG_LEVEL:-info} system prune --external" diff --git a/app-containers/podman/podman-5.0.0_rc7.ebuild b/app-containers/podman/podman-5.0.0_rc7.ebuild new file mode 100644 index 000000000000..2027b142f82f --- /dev/null +++ b/app-containers/podman/podman-5.0.0_rc7.ebuild @@ -0,0 +1,151 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module tmpfiles linux-info + +DESCRIPTION="A tool for managing OCI containers and pods with Docker-compatible CLI" +HOMEPAGE="https://github.com/containers/podman/ https://podman.io/" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/podman.git" +else + SRC_URI="https://github.com/containers/podman/archive/v${PV/_rc/-rc}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P/_rc/-rc}" + if [[ ${PV} != *rc* ]] ; then + KEYWORDS="~amd64 ~arm64 ~riscv" + fi +fi + +# main pkg +LICENSE="Apache-2.0" +# deps +LICENSE+=" BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0" +SLOT="0" +IUSE="apparmor btrfs cgroup-hybrid cron wrapper +fuse +init +rootless +seccomp selinux systemd" +RESTRICT="test" + +RDEPEND=" + app-crypt/gpgme:= + >=app-containers/conmon-2.0.0 + >=app-containers/containers-common-0.56.0 + dev-libs/libassuan:= + dev-libs/libgpg-error:= + sys-apps/shadow:= + + apparmor? ( sys-libs/libapparmor ) + btrfs? ( sys-fs/btrfs-progs ) + cgroup-hybrid? ( >=app-containers/runc-1.0.0_rc6 ) + !cgroup-hybrid? ( app-containers/crun ) + cron? ( virtual/cron ) + wrapper? ( !app-containers/docker-cli ) + fuse? ( sys-fs/fuse-overlayfs ) + init? ( app-containers/catatonit ) + rootless? ( app-containers/slirp4netns ) + seccomp? ( sys-libs/libseccomp:= ) + selinux? ( sec-policy/selinux-podman sys-libs/libselinux:= ) + systemd? ( sys-apps/systemd:= ) +" +DEPEND="${RDEPEND}" +BDEPEND=" + dev-go/go-md2man +" + +PATCHES=( + "${FILESDIR}/seccomp-toggle-4.7.0.patch" +) + +CONFIG_CHECK=" + ~USER_NS +" + +pkg_setup() { + use btrfs && CONFIG_CHECK+=" ~BTRFS_FS" + linux-info_pkg_setup +} + +src_prepare() { + default + + # assure necessary files are present + local file + for file in apparmor_tag btrfs_installed_tag btrfs_tag systemd_tag; do + [[ -f hack/"${file}".sh ]] || die + done + + local feature + for feature in apparmor systemd; do + cat <<-EOF > hack/"${feature}"_tag.sh || die + #!/usr/bin/env bash + $(usex ${feature} "echo ${feature}" echo) + EOF + done + + echo -e "#!/usr/bin/env bash\n echo" > hack/btrfs_installed_tag.sh || die + cat <<-EOF > hack/btrfs_tag.sh || die + #!/usr/bin/env bash + $(usex btrfs echo 'echo exclude_graphdriver_btrfs btrfs_noversion') + EOF +} + +src_compile() { + export PREFIX="${EPREFIX}/usr" + + # bug 906073 + use elibc_musl && export CGO_CFLAGS="-D_LARGEFILE64_SOURCE" + + # For non-live versions, prevent git operations which causes sandbox violations + # https://github.com/gentoo/gentoo/pull/33531#issuecomment-1786107493 + [[ ${PV} != 9999* ]] && export COMMIT_NO="" GIT_COMMIT="" + + # BUILD_SECCOMP is used in the patch to toggle seccomp + emake BUILDFLAGS="-v -work -x" GOMD2MAN="go-md2man" BUILD_SECCOMP="$(usex seccomp)" all $(usev wrapper docker-docs) +} + +src_install() { + emake DESTDIR="${D}" install install.completions $(usev wrapper install.docker-full) + + insinto /etc/cni/net.d + doins cni/87-podman-bridge.conflist + + newconfd "${FILESDIR}"/podman-5.0.0_rc4.confd podman + newinitd "${FILESDIR}"/podman-5.0.0_rc4.initd podman + + newinitd "${FILESDIR}"/podman-restart-5.0.0_rc4.initd podman-restart + newconfd "${FILESDIR}"/podman-restart-5.0.0_rc4.confd podman-restart + + newinitd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.initd podman-clean-transient + newconfd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.confd podman-clean-transient + + use cron && \ + { exeinto /etc/cron.daily && newexe "${FILESDIR}"/podman-auto-update-5.0.0_rc4.cron podman-auto-update; } + + insinto /etc/logrotate.d + newins "${FILESDIR}/podman.logrotated" podman + + keepdir /var/lib/containers +} + +pkg_preinst() { + PODMAN_ROOTLESS_UPGRADE=false + if use rootless; then + has_version 'app-containers/podman[rootless]' || PODMAN_ROOTLESS_UPGRADE=true + fi +} + +pkg_postinst() { + tmpfiles_process podman.conf $(usev wrapper podman-docker.conf) + + local want_newline=false + if [[ ${PODMAN_ROOTLESS_UPGRADE} == true ]] ; then + ${want_newline} && elog "" + elog "For rootless operation, you need to configure subuid/subgid" + elog "for user running podman. In case subuid/subgid has only been" + elog "configured for root, run:" + elog "usermod --add-subuids 1065536-1131071 <user>" + elog "usermod --add-subgids 1065536-1131071 <user>" + want_newline=true + fi +} diff --git a/app-containers/podman/podman-9999.ebuild b/app-containers/podman/podman-9999.ebuild index 031861e35e9e..2027b142f82f 100644 --- a/app-containers/podman/podman-9999.ebuild +++ b/app-containers/podman/podman-9999.ebuild @@ -116,6 +116,9 @@ src_install() { newinitd "${FILESDIR}"/podman-restart-5.0.0_rc4.initd podman-restart newconfd "${FILESDIR}"/podman-restart-5.0.0_rc4.confd podman-restart + newinitd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.initd podman-clean-transient + newconfd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.confd podman-clean-transient + use cron && \ { exeinto /etc/cron.daily && newexe "${FILESDIR}"/podman-auto-update-5.0.0_rc4.cron podman-auto-update; } |