diff options
Diffstat (limited to 'app-containers/podman')
16 files changed, 685 insertions, 191 deletions
diff --git a/app-containers/podman/Manifest b/app-containers/podman/Manifest index 5bf028d648a1..8b245d7b6949 100644 --- a/app-containers/podman/Manifest +++ b/app-containers/podman/Manifest @@ -1 +1,3 @@ -DIST podman-3.4.4.tar.gz 10945990 BLAKE2B 3de69c9bc3bd1334837d21cb2817a9e9757fbb561a0b047658c7401608ecf1fbe09d5cd0c65497a82150a67a3775c77705d0dbd314a54f7b3a1953733cfb2906 SHA512 cfd295bf50ce86ea70741c3e663b409ed47b1e560c962bc579f319151a0fe2b24cdd3045667660083cce89449a9c5de1508c94a9a02375165a72ce7c16166666 +DIST podman-4.9.4.tar.gz 21733620 BLAKE2B 17d099c0a13fbbb77556742313c39995127fc97b4086ef3c2d74a92cc0a4f825a6c729dd099c6d4f4cd3d2ebfd470494babdeaa85a5653b327ea1a16fb5ea993 SHA512 7b52555789a1c214fcf26b0826bdda6cf0ccca588f87c0f15ac5e8358ddac625e17cafbe6a43de07cad964e1418b5ee0d2e38a5cb5dc6f6d4e638399749a7f7b +DIST podman-5.0.2.tar.gz 23811875 BLAKE2B e943eb36eb0b80332223afc5d971c0886f6eaffeb7133c634d28c0a38e9aae6a54266691067dbca7684882f8b6dad72c3d5de2287ec5a7e8fb4b1cfd96df0b4d SHA512 70dbac9fc81d66eb9b0a5174f5776b805397005cacca917674d2b001591fadd05a776c956e693bad932e9eefe591c35da5c566e8e9e01db8be42bc454cd03104 +DIST podman-5.0.3.tar.gz 23814179 BLAKE2B 46385710e4d24f8eca3a7c98c18a97b96ecd4691b3c965c5a5e7bc690d40d892a6d5fb71c1dd8ec56cc907a2167ab5ee795b4d2c2279c58cef3a5a1cece8b678 SHA512 c605a52cc5aba43d485796c4986f2d1be704e5c931473bf5ba1cf77f703cdb3d16f41d33da0b25287e8d001077f77caf117d3ea5dbd7c56a744274025d9ab07d diff --git a/app-containers/podman/files/podman.confd b/app-containers/podman/files/podman-5.0.0_rc4.confd index e997d3b4000e..eafaee7fddef 100644 --- a/app-containers/podman/files/podman.confd +++ b/app-containers/podman/files/podman-5.0.0_rc4.confd @@ -5,7 +5,7 @@ #LOG_LEVEL="error" # Sets the API service daemon socket -#SOCKET="unix:/run/${RC_SVCNAME}/podman.sock" +#SOCKET="unix:///run/podman/podman.sock" # Configure the user[:group] the API service daemon will run as #RUN_AS_USER="root:root" diff --git a/app-containers/podman/files/podman-5.0.0_rc4.initd b/app-containers/podman/files/podman-5.0.0_rc4.initd new file mode 100644 index 000000000000..53026a54176d --- /dev/null +++ b/app-containers/podman/files/podman-5.0.0_rc4.initd @@ -0,0 +1,21 @@ +#!/sbin/openrc-run +# Copyright 2015-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +description="Podman API Service" + +LOG_PATH="/var/log/${RC_SVCNAME}" +output_log="${LOG_PATH}/${RC_SVCNAME}.log" +error_log="${LOG_PATH}/${RC_SVCNAME}.log" +RUN_PATH="/run/${RC_SVCNAME}" +pidfile="${RUN_PATH}/${RC_SVCNAME}.pid" + +command_user="${RUN_AS_USER:=root:root}" +command="/usr/bin/podman" +command_args="--log-level ${LOG_LEVEL:-error} system service --time 0 ${SOCKET:-unix://${RUN_PATH}/${RC_SVCNAME}.sock}" +command_background="true" + +start() { + checkpath -o "${RUN_AS_USER}" -d "${RUN_PATH}" "${LOG_PATH}" + default_start +} diff --git a/app-containers/podman/files/podman-auto-update-5.0.0.cron b/app-containers/podman/files/podman-auto-update-5.0.0.cron new file mode 100644 index 000000000000..509146e0aa56 --- /dev/null +++ b/app-containers/podman/files/podman-auto-update-5.0.0.cron @@ -0,0 +1,5 @@ +#!/bin/sh + +# podman-auto-update(1) +# uncomment following to auto update containers according to their auto-update policy +# /usr/bin/podman auto-update && /usr/bin/podman image prune -f diff --git a/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.confd b/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.confd new file mode 100644 index 000000000000..e85d8d51ff8e --- /dev/null +++ b/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.confd @@ -0,0 +1,8 @@ +# Config file for /etc/init.d/podman-clean-transient + +# Sets the podman log level +# valid levels: debug, info, warn, error, fatal or panic +#LOG_LEVEL="info" + +# Configure the user[:group] the podman will run as +#RUN_AS_USER="root:root" diff --git a/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.initd b/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.initd new file mode 100644 index 000000000000..cd759c7eafc0 --- /dev/null +++ b/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.initd @@ -0,0 +1,17 @@ +#!/sbin/openrc-run +# Copyright 2015-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +# This service runs once each boot to remove potential leftover +# container state from previous boots. + +# This is needed when using transient storage mode in podman where the +# database and other configs are stored in tmpfs, but some other files +# are not. If we don't run this after an unclean boot then there may +# be some leftover files that grow over time. + +description="Clean up podman transient data" + +command_user="${RUN_AS_USER:-root:root}" +command="/usr/bin/podman" +command_args="--log-level ${LOG_LEVEL:-info} system prune --external" diff --git a/app-containers/podman/files/podman-restart-5.0.0_rc4.confd b/app-containers/podman/files/podman-restart-5.0.0_rc4.confd new file mode 100644 index 000000000000..4d63848cb16f --- /dev/null +++ b/app-containers/podman/files/podman-restart-5.0.0_rc4.confd @@ -0,0 +1,9 @@ +# Config file for /etc/init.d/podman-restart + +# Sets the podman log level +# valid levels: debug, info, warn, error, fatal or panic +#LOG_LEVEL="info" + +# Configure the user[:group] the podman will run as +# Can be useful to manage rootful or rootless containers +#RUN_AS_USER="root:root" diff --git a/app-containers/podman/files/podman-restart-5.0.0_rc4.initd b/app-containers/podman/files/podman-restart-5.0.0_rc4.initd new file mode 100644 index 000000000000..d02bd64c6279 --- /dev/null +++ b/app-containers/podman/files/podman-restart-5.0.0_rc4.initd @@ -0,0 +1,22 @@ +#!/sbin/openrc-run +# Copyright 2015-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +description="Start all containers with restart-policy set to always" + +command_user="${RUN_AS_USER:=root:root}" +command="/usr/bin/podman" +command_args="--log-level ${LOG_LEVEL:=info} start --all --filter restart-policy=always" + +depend() { + after net +} + +stop() { + ebegin "Stopping all containers with restart-policy set to always" + ${command} \ + --log-level ${LOG_LEVEL} \ + stop \ + $(${command} container ls --filter restart-policy=always -q) + eend $? "Failed to stop containers with restart-policy set to always" +} diff --git a/app-containers/podman/files/podman.initd b/app-containers/podman/files/podman.initd deleted file mode 100644 index 7adcdab40ea3..000000000000 --- a/app-containers/podman/files/podman.initd +++ /dev/null @@ -1,20 +0,0 @@ -#!/sbin/openrc-run -# Copyright 2015-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -description="Podman Remote API Service" -LOG_PATH="/var/log/${RC_SVCNAME}" -RUN_PATH="/run/${RC_SVCNAME}" -: ${LOG_LEVEL:=error} -: ${RUN_AS_USER:=root:root} -: ${SOCKET:=unix:/run/${RC_SVCNAME}/podman.sock} -pidfile="${RUN_PATH}/${RC_SVCNAME}.pid" -command="/usr/bin/podman" -command_args="--log-level ${LOG_LEVEL} system service -t 0 ${SOCKET}" -command_background="true" -start_stop_daemon_args="--stdout ${LOG_PATH}/${RC_SVCNAME}.log --stderr ${LOG_PATH}/${RC_SVCNAME}.log --user ${RUN_AS_USER}" - -start() { - checkpath -o "${RUN_AS_USER}" -d "${RUN_PATH}" "${LOG_PATH}" - default_start -} diff --git a/app-containers/podman/files/seccomp-toggle-4.7.0.patch b/app-containers/podman/files/seccomp-toggle-4.7.0.patch new file mode 100644 index 000000000000..17a09b601369 --- /dev/null +++ b/app-containers/podman/files/seccomp-toggle-4.7.0.patch @@ -0,0 +1,15 @@ +--- a/Makefile ++++ b/Makefile +@@ -57,7 +57,11 @@ + $(shell hack/systemd_tag.sh) \ + $(shell hack/libsubid_tag.sh) \ + exclude_graphdriver_devicemapper \ +- seccomp ++ ++BUILD_SECCOMP ?= yes ++ifeq ($(BUILD_SECCOMP),yes) ++BUILDTAGS += seccomp ++endif + # N/B: This value is managed by Renovate, manual changes are + # possible, as long as they don't disturb the formatting + # (i.e. DO NOT ADD A 'v' prefix!) diff --git a/app-containers/podman/metadata.xml b/app-containers/podman/metadata.xml index e40d2f78f983..59ab2d3ffda0 100644 --- a/app-containers/podman/metadata.xml +++ b/app-containers/podman/metadata.xml @@ -5,6 +5,14 @@ <email>zmedico@gentoo.org</email> <name>Zac Medico</name> </maintainer> + <maintainer type="person" proxied="yes"> + <email>me@rahil.rocks</email> + <name>Rahil Bhimjiani</name> + </maintainer> + <maintainer type="project" proxied="proxy"> + <email>proxy-maint@gentoo.org</email> + <name>Proxy Maintainers</name> + </maintainer> <longdescription lang="en"> Podman (the POD MANager) is a tool for managing containers and images, volumes mounted into those containers, and pods @@ -15,22 +23,29 @@ and volumes. </longdescription> <use> - <flag name="apparmor"> - Enable AppArmor support. - </flag> <flag name="btrfs"> - Enables dependencies for the "btrfs" graph driver, including - necessary kernel flags. + Enables btrfs support (graph driver) in Podman + </flag> + <flag name="cgroup-hybrid"> + Use legacy (hybrid) cgroups instead of modern (unified) cgroups </flag> <flag name="fuse"> Enables fuse dependencies (fuse-overlayfs is especially useful for rootless mode). </flag> + <flag name="init"> + Enables catatonit dependency required for podman run --init. + </flag> <flag name="rootless"> Enables dependencies for running in rootless mode. </flag> + <flag name="wrapper"> + Install wrapper which lets use podman for command `docker` + </flag> </use> <upstream> <remote-id type="github">containers/podman</remote-id> + <bugs-to>https://github.com/containers/podman/issues</bugs-to> + <doc>https://podman.io/docs</doc> </upstream> </pkgmetadata> diff --git a/app-containers/podman/podman-3.4.4.ebuild b/app-containers/podman/podman-3.4.4.ebuild deleted file mode 100644 index d6e34cf02490..000000000000 --- a/app-containers/podman/podman-3.4.4.ebuild +++ /dev/null @@ -1,164 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 -EGIT_COMMIT="3450a60d2196cc0bee8a3fc28a7c93a7370d4515" - -inherit bash-completion-r1 flag-o-matic go-module tmpfiles - -DESCRIPTION="Library and podman tool for running OCI-based containers in Pods" -HOMEPAGE="https://github.com/containers/podman/" -MY_PN=podman -MY_P=${MY_PN}-${PV} -SRC_URI="https://github.com/containers/podman/archive/v${PV}.tar.gz -> ${MY_P}.tar.gz" -LICENSE="Apache-2.0 BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0" -SLOT="0" - -KEYWORDS="amd64 arm64 ~ppc64" -IUSE="apparmor btrfs +fuse +rootless selinux" -RESTRICT+=" test" - -COMMON_DEPEND=" - app-crypt/gpgme:= - >=app-containers/conmon-2.0.0 - || ( >=app-containers/runc-1.0.0_rc6 app-containers/crun ) - dev-libs/libassuan:= - dev-libs/libgpg-error:= - >=net-misc/cni-plugins-0.8.6 - sys-fs/lvm2 - sys-libs/libseccomp:= - - apparmor? ( sys-libs/libapparmor ) - btrfs? ( sys-fs/btrfs-progs ) - rootless? ( app-containers/slirp4netns ) - selinux? ( sys-libs/libselinux:= ) -" -DEPEND=" - ${COMMON_DEPEND} - dev-go/go-md2man" -RDEPEND="${COMMON_DEPEND} - fuse? ( sys-fs/fuse-overlayfs )" - -S=${WORKDIR}/${MY_P} - -src_prepare() { - default - - # Disable installation of python modules here, since those are - # installed by separate ebuilds. - local makefile_sed_args=( - -e '/^GIT_.*/d' - -e 's/$(GO) build/$(GO) build -v -work -x/' - -e 's/^\(install:.*\) install\.python$/\1/' - -e 's|^pkg/varlink/iopodman.go: .gopathok pkg/varlink/io.podman.varlink$|pkg/varlink/iopodman.go: pkg/varlink/io.podman.varlink|' - ) - - has_version -b '>=dev-lang/go-1.13.9' || makefile_sed_args+=(-e 's:GO111MODULE=off:GO111MODULE=on:') - - sed "${makefile_sed_args[@]}" -i Makefile || die - - sed -e 's|OUTPUT="${CIRRUS_TAG:.*|OUTPUT='v${PV}'|' \ - -i hack/get_release_info.sh || die -} - -src_compile() { - local git_commiT=${EGIT_COMMIT} - - # Filter unsupported linker flags - filter-flags '-Wl,*' - - [[ -f hack/apparmor_tag.sh ]] || die - if use apparmor; then - echo -e "#!/bin/sh\necho apparmor" > hack/apparmor_tag.sh || die - else - echo -e "#!/bin/sh\ntrue" > hack/apparmor_tag.sh || die - fi - - [[ -f hack/btrfs_installed_tag.sh ]] || die - if use btrfs; then - echo -e "#!/bin/sh\ntrue" > hack/btrfs_installed_tag.sh || die - else - echo -e "#!/bin/sh\necho exclude_graphdriver_btrfs" > \ - hack/btrfs_installed_tag.sh || die - fi - - [[ -f hack/selinux_tag.sh ]] || die - if use selinux; then - echo -e "#!/bin/sh\necho selinux" > hack/selinux_tag.sh || die - else - echo -e "#!/bin/sh\ntrue" > hack/selinux_tag.sh || die - fi - - # Avoid this error when generating pkg/varlink/iopodman.go: - # cannot find package "github.com/varlink/go/varlink/idl" - mkdir -p _output || die - ln -snf ../vendor _output/src || die - GO111MODULE=off GOPATH=${PWD}/_output go generate ./pkg/varlink/... || die - rm _output/src || die - - export -n GOCACHE GOPATH XDG_CACHE_HOME - GOBIN="${S}/bin" \ - emake all \ - GIT_BRANCH=master \ - GIT_BRANCH_CLEAN=master \ - COMMIT_NO="${git_commit}" \ - GIT_COMMIT="${git_commit}" -} - -src_install() { - emake DESTDIR="${D}" PREFIX="${EPREFIX}/usr" install - - insinto /etc/containers - newins test/registries.conf registries.conf.example - newins test/policy.json policy.json.example - - insinto /usr/share/containers - doins vendor/github.com/containers/common/pkg/seccomp/seccomp.json - - newconfd "${FILESDIR}"/podman.confd podman - newinitd "${FILESDIR}"/podman.initd podman - - insinto /etc/logrotate.d - newins "${FILESDIR}/podman.logrotated" podman - - dobashcomp completions/bash/* - - insinto /usr/share/zsh/site-functions - doins completions/zsh/* - - insinto /usr/share/fish/vendor_completions.d - doins completions/fish/* - - keepdir /var/lib/containers -} - -pkg_preinst() { - PODMAN_ROOTLESS_UPGRADE=false - if use rootless; then - has_version 'app-containers/podman[rootless]' || PODMAN_ROOTLESS_UPGRADE=true - fi -} - -pkg_postinst() { - tmpfiles_process podman.conf - - local want_newline=false - if [[ ! ( -e ${EROOT%/*}/etc/containers/policy.json && -e ${EROOT%/*}/etc/containers/registries.conf ) ]]; then - elog "You need to create the following config files:" - elog "/etc/containers/registries.conf" - elog "/etc/containers/policy.json" - elog "To copy over default examples, use:" - elog "cp /etc/containers/registries.conf{.example,}" - elog "cp /etc/containers/policy.json{.example,}" - want_newline=true - fi - if [[ ${PODMAN_ROOTLESS_UPGRADE} == true ]] ; then - ${want_newline} && elog "" - elog "For rootless operation, you need to configure subuid/subgid" - elog "for user running podman. In case subuid/subgid has only been" - elog "configured for root, run:" - elog "usermod --add-subuids 1065536-1131071 <user>" - elog "usermod --add-subgids 1065536-1131071 <user>" - want_newline=true - fi -} diff --git a/app-containers/podman/podman-4.9.4.ebuild b/app-containers/podman/podman-4.9.4.ebuild new file mode 100644 index 000000000000..ea2bd34e2507 --- /dev/null +++ b/app-containers/podman/podman-4.9.4.ebuild @@ -0,0 +1,162 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{11,12} ) + +inherit go-module python-any-r1 tmpfiles toolchain-funcs linux-info + +DESCRIPTION="A tool for managing OCI containers and pods with Docker-compatible CLI" +HOMEPAGE="https://github.com/containers/podman/ https://podman.io/" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/podman.git" +else + SRC_URI="https://github.com/containers/podman/archive/v${PV/_rc/-rc}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P/_rc/-rc}" + if [[ ${PV} != *rc* ]] ; then + KEYWORDS="amd64 arm64 ~riscv" + fi +fi + +# main pkg +LICENSE="Apache-2.0" +# deps +LICENSE+=" BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0" +SLOT="0" +IUSE="apparmor btrfs cgroup-hybrid wrapper +fuse +init +rootless +seccomp selinux systemd" +RESTRICT="test" + +RDEPEND=" + app-crypt/gpgme:= + >=app-containers/conmon-2.0.0 + >=app-containers/containers-common-0.56.0 + dev-libs/libassuan:= + dev-libs/libgpg-error:= + sys-apps/shadow:= + + apparmor? ( sys-libs/libapparmor ) + btrfs? ( sys-fs/btrfs-progs ) + cgroup-hybrid? ( >=app-containers/runc-1.0.0_rc6 ) + !cgroup-hybrid? ( app-containers/crun ) + wrapper? ( !app-containers/docker-cli ) + fuse? ( sys-fs/fuse-overlayfs ) + init? ( app-containers/catatonit ) + rootless? ( app-containers/slirp4netns ) + seccomp? ( sys-libs/libseccomp:= ) + selinux? ( sec-policy/selinux-podman sys-libs/libselinux:= ) + systemd? ( sys-apps/systemd:= ) +" +DEPEND="${RDEPEND}" +BDEPEND=" + ${PYTHON_DEPS} + dev-go/go-md2man +" + +PATCHES=( + "${FILESDIR}/seccomp-toggle-4.7.0.patch" +) + +CONFIG_CHECK=" + ~USER_NS +" + +pkg_setup() { + use btrfs && CONFIG_CHECK+=" ~BTRFS_FS" + linux-info_pkg_setup + python-any-r1_pkg_setup +} + +src_prepare() { + default + + # assure necessary files are present + local file + for file in apparmor_tag btrfs_installed_tag btrfs_tag systemd_tag; do + [[ -f hack/"${file}".sh ]] || die + done + + local feature + for feature in apparmor systemd; do + cat <<-EOF > hack/"${feature}"_tag.sh || die + #!/usr/bin/env bash + $(usex ${feature} "echo ${feature}" echo) + EOF + done + + echo -e "#!/usr/bin/env bash\n echo" > hack/btrfs_installed_tag.sh || die + cat <<-EOF > hack/btrfs_tag.sh || die + #!/usr/bin/env bash + $(usex btrfs echo 'echo exclude_graphdriver_btrfs btrfs_noversion') + EOF +} + +src_compile() { + export PREFIX="${EPREFIX}/usr" + + # bug 906073 + use elibc_musl && export CGO_CFLAGS="-D_LARGEFILE64_SOURCE" + + # For non-live versions, prevent git operations which causes sandbox violations + # https://github.com/gentoo/gentoo/pull/33531#issuecomment-1786107493 + [[ ${PV} != 9999* ]] && export COMMIT_NO="" GIT_COMMIT="" EPOCH_TEST_COMMIT="" + + # Use proper pkg-config to get gpgme cflags and ldflags when + # cross-compiling, bug 930982. + if tc-is-cross-compiler; then + tc-export PKG_CONFIG + fi + + # BUILD_SECCOMP is used in the patch to toggle seccomp + emake BUILDFLAGS="-v -work -x" GOMD2MAN="go-md2man" BUILD_SECCOMP="$(usex seccomp)" all $(usev wrapper docker-docs) +} + +src_install() { + emake DESTDIR="${D}" install install.completions $(usev wrapper install.docker-full) + + insinto /etc/cni/net.d + doins cni/87-podman-bridge.conflist + + if use !systemd; then + newconfd "${FILESDIR}"/podman-5.0.0_rc4.confd podman + newinitd "${FILESDIR}"/podman-5.0.0_rc4.initd podman + + newinitd "${FILESDIR}"/podman-restart-5.0.0_rc4.initd podman-restart + newconfd "${FILESDIR}"/podman-restart-5.0.0_rc4.confd podman-restart + + newinitd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.initd podman-clean-transient + newconfd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.confd podman-clean-transient + + exeinto /etc/cron.daily + newexe "${FILESDIR}"/podman-auto-update-5.0.0.cron podman-auto-update + + insinto /etc/logrotate.d + newins "${FILESDIR}/podman.logrotated" podman + fi + + keepdir /var/lib/containers +} + +pkg_preinst() { + PODMAN_ROOTLESS_UPGRADE=false + if use rootless; then + has_version 'app-containers/podman[rootless]' || PODMAN_ROOTLESS_UPGRADE=true + fi +} + +pkg_postinst() { + tmpfiles_process podman.conf $(usev wrapper podman-docker.conf) + + local want_newline=false + if [[ ${PODMAN_ROOTLESS_UPGRADE} == true ]] ; then + ${want_newline} && elog "" + elog "For rootless operation, you need to configure subuid/subgid" + elog "for user running podman. In case subuid/subgid has only been" + elog "configured for root, run:" + elog "usermod --add-subuids 1065536-1131071 <user>" + elog "usermod --add-subgids 1065536-1131071 <user>" + want_newline=true + fi +} diff --git a/app-containers/podman/podman-5.0.2.ebuild b/app-containers/podman/podman-5.0.2.ebuild new file mode 100644 index 000000000000..738613b007dc --- /dev/null +++ b/app-containers/podman/podman-5.0.2.ebuild @@ -0,0 +1,134 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{11,12} ) + +inherit go-module python-any-r1 tmpfiles toolchain-funcs linux-info + +DESCRIPTION="A tool for managing OCI containers and pods with Docker-compatible CLI" +HOMEPAGE="https://github.com/containers/podman/ https://podman.io/" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/podman.git" +else + SRC_URI="https://github.com/containers/podman/archive/v${PV/_rc/-rc}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P/_rc/-rc}" + [[ ${PV} != *rc* ]] && \ + KEYWORDS="~amd64 ~arm64 ~riscv" +fi + +# main pkg +LICENSE="Apache-2.0" +# deps +LICENSE+=" BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0" +SLOT="0" +IUSE="apparmor btrfs +seccomp selinux systemd wrapper" +RESTRICT="test" + +RDEPEND=" + app-containers/catatonit + >=app-containers/conmon-2.1.10 + >=app-containers/containers-common-0.58.0-r1 + app-crypt/gpgme:= + dev-libs/libassuan:= + dev-libs/libgpg-error:= + sys-apps/shadow:= + + apparmor? ( sys-libs/libapparmor ) + btrfs? ( sys-fs/btrfs-progs ) + wrapper? ( !app-containers/docker-cli ) + seccomp? ( sys-libs/libseccomp:= ) + selinux? ( sec-policy/selinux-podman sys-libs/libselinux:= ) + systemd? ( sys-apps/systemd:= ) +" +DEPEND="${RDEPEND}" +BDEPEND=" + ${PYTHON_DEPS} + dev-go/go-md2man +" + +PATCHES=( + "${FILESDIR}/seccomp-toggle-4.7.0.patch" +) + +CONFIG_CHECK=" + ~USER_NS +" + +pkg_setup() { + use btrfs && CONFIG_CHECK+=" ~BTRFS_FS" + linux-info_pkg_setup + python-any-r1_pkg_setup +} + +src_prepare() { + default + + # assure necessary files are present + local file + for file in apparmor_tag btrfs_installed_tag btrfs_tag systemd_tag; do + [[ -f hack/"${file}".sh ]] || die + done + + local feature + for feature in apparmor systemd; do + cat <<-EOF > hack/"${feature}"_tag.sh || die + #!/usr/bin/env bash + $(usex ${feature} "echo ${feature}" echo) + EOF + done + + echo -e "#!/usr/bin/env bash\n echo" > hack/btrfs_installed_tag.sh || die + cat <<-EOF > hack/btrfs_tag.sh || die + #!/usr/bin/env bash + $(usex btrfs echo 'echo exclude_graphdriver_btrfs btrfs_noversion') + EOF +} + +src_compile() { + export PREFIX="${EPREFIX}/usr" + + # For non-live versions, prevent git operations which causes sandbox violations + # https://github.com/gentoo/gentoo/pull/33531#issuecomment-1786107493 + [[ ${PV} != 9999* ]] && export COMMIT_NO="" GIT_COMMIT="" EPOCH_TEST_COMMIT="" + + # Use proper pkg-config to get gpgme cflags and ldflags when + # cross-compiling, bug 930982. + if tc-is-cross-compiler; then + tc-export PKG_CONFIG + fi + + # BUILD_SECCOMP is used in the patch to toggle seccomp + emake BUILDFLAGS="-v -work -x" GOMD2MAN="go-md2man" BUILD_SECCOMP="$(usex seccomp)" \ + all $(usev wrapper docker-docs) +} + +src_install() { + emake DESTDIR="${D}" install install.completions $(usev wrapper install.docker-full) + + if use !systemd; then + newconfd "${FILESDIR}"/podman-5.0.0_rc4.confd podman + newinitd "${FILESDIR}"/podman-5.0.0_rc4.initd podman + + newinitd "${FILESDIR}"/podman-restart-5.0.0_rc4.initd podman-restart + newconfd "${FILESDIR}"/podman-restart-5.0.0_rc4.confd podman-restart + + newinitd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.initd podman-clean-transient + newconfd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.confd podman-clean-transient + + exeinto /etc/cron.daily + newexe "${FILESDIR}"/podman-auto-update-5.0.0.cron podman-auto-update + + insinto /etc/logrotate.d + newins "${FILESDIR}/podman.logrotated" podman + fi + + keepdir /var/lib/containers +} + +pkg_postinst() { + tmpfiles_process podman.conf $(usev wrapper podman-docker.conf) +} diff --git a/app-containers/podman/podman-5.0.3.ebuild b/app-containers/podman/podman-5.0.3.ebuild new file mode 100644 index 000000000000..738613b007dc --- /dev/null +++ b/app-containers/podman/podman-5.0.3.ebuild @@ -0,0 +1,134 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{11,12} ) + +inherit go-module python-any-r1 tmpfiles toolchain-funcs linux-info + +DESCRIPTION="A tool for managing OCI containers and pods with Docker-compatible CLI" +HOMEPAGE="https://github.com/containers/podman/ https://podman.io/" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/podman.git" +else + SRC_URI="https://github.com/containers/podman/archive/v${PV/_rc/-rc}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P/_rc/-rc}" + [[ ${PV} != *rc* ]] && \ + KEYWORDS="~amd64 ~arm64 ~riscv" +fi + +# main pkg +LICENSE="Apache-2.0" +# deps +LICENSE+=" BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0" +SLOT="0" +IUSE="apparmor btrfs +seccomp selinux systemd wrapper" +RESTRICT="test" + +RDEPEND=" + app-containers/catatonit + >=app-containers/conmon-2.1.10 + >=app-containers/containers-common-0.58.0-r1 + app-crypt/gpgme:= + dev-libs/libassuan:= + dev-libs/libgpg-error:= + sys-apps/shadow:= + + apparmor? ( sys-libs/libapparmor ) + btrfs? ( sys-fs/btrfs-progs ) + wrapper? ( !app-containers/docker-cli ) + seccomp? ( sys-libs/libseccomp:= ) + selinux? ( sec-policy/selinux-podman sys-libs/libselinux:= ) + systemd? ( sys-apps/systemd:= ) +" +DEPEND="${RDEPEND}" +BDEPEND=" + ${PYTHON_DEPS} + dev-go/go-md2man +" + +PATCHES=( + "${FILESDIR}/seccomp-toggle-4.7.0.patch" +) + +CONFIG_CHECK=" + ~USER_NS +" + +pkg_setup() { + use btrfs && CONFIG_CHECK+=" ~BTRFS_FS" + linux-info_pkg_setup + python-any-r1_pkg_setup +} + +src_prepare() { + default + + # assure necessary files are present + local file + for file in apparmor_tag btrfs_installed_tag btrfs_tag systemd_tag; do + [[ -f hack/"${file}".sh ]] || die + done + + local feature + for feature in apparmor systemd; do + cat <<-EOF > hack/"${feature}"_tag.sh || die + #!/usr/bin/env bash + $(usex ${feature} "echo ${feature}" echo) + EOF + done + + echo -e "#!/usr/bin/env bash\n echo" > hack/btrfs_installed_tag.sh || die + cat <<-EOF > hack/btrfs_tag.sh || die + #!/usr/bin/env bash + $(usex btrfs echo 'echo exclude_graphdriver_btrfs btrfs_noversion') + EOF +} + +src_compile() { + export PREFIX="${EPREFIX}/usr" + + # For non-live versions, prevent git operations which causes sandbox violations + # https://github.com/gentoo/gentoo/pull/33531#issuecomment-1786107493 + [[ ${PV} != 9999* ]] && export COMMIT_NO="" GIT_COMMIT="" EPOCH_TEST_COMMIT="" + + # Use proper pkg-config to get gpgme cflags and ldflags when + # cross-compiling, bug 930982. + if tc-is-cross-compiler; then + tc-export PKG_CONFIG + fi + + # BUILD_SECCOMP is used in the patch to toggle seccomp + emake BUILDFLAGS="-v -work -x" GOMD2MAN="go-md2man" BUILD_SECCOMP="$(usex seccomp)" \ + all $(usev wrapper docker-docs) +} + +src_install() { + emake DESTDIR="${D}" install install.completions $(usev wrapper install.docker-full) + + if use !systemd; then + newconfd "${FILESDIR}"/podman-5.0.0_rc4.confd podman + newinitd "${FILESDIR}"/podman-5.0.0_rc4.initd podman + + newinitd "${FILESDIR}"/podman-restart-5.0.0_rc4.initd podman-restart + newconfd "${FILESDIR}"/podman-restart-5.0.0_rc4.confd podman-restart + + newinitd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.initd podman-clean-transient + newconfd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.confd podman-clean-transient + + exeinto /etc/cron.daily + newexe "${FILESDIR}"/podman-auto-update-5.0.0.cron podman-auto-update + + insinto /etc/logrotate.d + newins "${FILESDIR}/podman.logrotated" podman + fi + + keepdir /var/lib/containers +} + +pkg_postinst() { + tmpfiles_process podman.conf $(usev wrapper podman-docker.conf) +} diff --git a/app-containers/podman/podman-9999.ebuild b/app-containers/podman/podman-9999.ebuild new file mode 100644 index 000000000000..738613b007dc --- /dev/null +++ b/app-containers/podman/podman-9999.ebuild @@ -0,0 +1,134 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{11,12} ) + +inherit go-module python-any-r1 tmpfiles toolchain-funcs linux-info + +DESCRIPTION="A tool for managing OCI containers and pods with Docker-compatible CLI" +HOMEPAGE="https://github.com/containers/podman/ https://podman.io/" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/podman.git" +else + SRC_URI="https://github.com/containers/podman/archive/v${PV/_rc/-rc}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P/_rc/-rc}" + [[ ${PV} != *rc* ]] && \ + KEYWORDS="~amd64 ~arm64 ~riscv" +fi + +# main pkg +LICENSE="Apache-2.0" +# deps +LICENSE+=" BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0" +SLOT="0" +IUSE="apparmor btrfs +seccomp selinux systemd wrapper" +RESTRICT="test" + +RDEPEND=" + app-containers/catatonit + >=app-containers/conmon-2.1.10 + >=app-containers/containers-common-0.58.0-r1 + app-crypt/gpgme:= + dev-libs/libassuan:= + dev-libs/libgpg-error:= + sys-apps/shadow:= + + apparmor? ( sys-libs/libapparmor ) + btrfs? ( sys-fs/btrfs-progs ) + wrapper? ( !app-containers/docker-cli ) + seccomp? ( sys-libs/libseccomp:= ) + selinux? ( sec-policy/selinux-podman sys-libs/libselinux:= ) + systemd? ( sys-apps/systemd:= ) +" +DEPEND="${RDEPEND}" +BDEPEND=" + ${PYTHON_DEPS} + dev-go/go-md2man +" + +PATCHES=( + "${FILESDIR}/seccomp-toggle-4.7.0.patch" +) + +CONFIG_CHECK=" + ~USER_NS +" + +pkg_setup() { + use btrfs && CONFIG_CHECK+=" ~BTRFS_FS" + linux-info_pkg_setup + python-any-r1_pkg_setup +} + +src_prepare() { + default + + # assure necessary files are present + local file + for file in apparmor_tag btrfs_installed_tag btrfs_tag systemd_tag; do + [[ -f hack/"${file}".sh ]] || die + done + + local feature + for feature in apparmor systemd; do + cat <<-EOF > hack/"${feature}"_tag.sh || die + #!/usr/bin/env bash + $(usex ${feature} "echo ${feature}" echo) + EOF + done + + echo -e "#!/usr/bin/env bash\n echo" > hack/btrfs_installed_tag.sh || die + cat <<-EOF > hack/btrfs_tag.sh || die + #!/usr/bin/env bash + $(usex btrfs echo 'echo exclude_graphdriver_btrfs btrfs_noversion') + EOF +} + +src_compile() { + export PREFIX="${EPREFIX}/usr" + + # For non-live versions, prevent git operations which causes sandbox violations + # https://github.com/gentoo/gentoo/pull/33531#issuecomment-1786107493 + [[ ${PV} != 9999* ]] && export COMMIT_NO="" GIT_COMMIT="" EPOCH_TEST_COMMIT="" + + # Use proper pkg-config to get gpgme cflags and ldflags when + # cross-compiling, bug 930982. + if tc-is-cross-compiler; then + tc-export PKG_CONFIG + fi + + # BUILD_SECCOMP is used in the patch to toggle seccomp + emake BUILDFLAGS="-v -work -x" GOMD2MAN="go-md2man" BUILD_SECCOMP="$(usex seccomp)" \ + all $(usev wrapper docker-docs) +} + +src_install() { + emake DESTDIR="${D}" install install.completions $(usev wrapper install.docker-full) + + if use !systemd; then + newconfd "${FILESDIR}"/podman-5.0.0_rc4.confd podman + newinitd "${FILESDIR}"/podman-5.0.0_rc4.initd podman + + newinitd "${FILESDIR}"/podman-restart-5.0.0_rc4.initd podman-restart + newconfd "${FILESDIR}"/podman-restart-5.0.0_rc4.confd podman-restart + + newinitd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.initd podman-clean-transient + newconfd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.confd podman-clean-transient + + exeinto /etc/cron.daily + newexe "${FILESDIR}"/podman-auto-update-5.0.0.cron podman-auto-update + + insinto /etc/logrotate.d + newins "${FILESDIR}/podman.logrotated" podman + fi + + keepdir /var/lib/containers +} + +pkg_postinst() { + tmpfiles_process podman.conf $(usev wrapper podman-docker.conf) +} |