Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/app-containers/apptainer
diff options
context:
space:
mode:
Diffstat (limited to 'app-containers/apptainer')
-rw-r--r--app-containers/apptainer/Manifest4
-rw-r--r--app-containers/apptainer/apptainer-1.3.0.ebuild (renamed from app-containers/apptainer/apptainer-1.0.1.ebuild)39
-rw-r--r--app-containers/apptainer/apptainer-1.3.1.ebuild (renamed from app-containers/apptainer/apptainer-1.0.2.ebuild)41
-rw-r--r--app-containers/apptainer/files/apptainer-1.0.2-trim_upstream_cflags.patch24
4 files changed, 95 insertions, 13 deletions
diff --git a/app-containers/apptainer/Manifest b/app-containers/apptainer/Manifest
index 4ee78ec0af5d..7ba5b9344783 100644
--- a/app-containers/apptainer/Manifest
+++ b/app-containers/apptainer/Manifest
@@ -1,2 +1,2 @@
-DIST apptainer-1.0.1.tar.gz 11977965 BLAKE2B ba0187c82321583825210f418744add120b682af3f14ee6d8071b927cd884b7e58f67f891ccc53c0d7d98bd786a27abcc26b2bafe79ed723a2f4f38a8e1a344b SHA512 273e94a348be2eaf83cf14b4c72a571670a9fa5cd185a90a0f557ba58ea7eb90d3a0f4bdb749673b0009e2291dd994dc715223c38ce82f9fcd6bf142e7692363
-DIST apptainer-1.0.2.tar.gz 11984629 BLAKE2B 56ed18bf86fe51e3bb27605f2c87a2c20fd9f3457594f1e0628b00d8616befa275b76bc4aba2a4306c854217e03662aab7eb7022c6ca5db418537df011b2398b SHA512 c29d04eff3a2ee7126c9bbb65664540a446fe695efc9c4662a6da151b2e809d55c1f5a7b5bddb82ba4fdd41a49ceb538c00a72778a4ed1d0306ff5f49d2f4d53
+DIST apptainer-1.3.0.tar.gz 17103544 BLAKE2B ed42b763a20b2b71cce6081b903697dc506073f91f9d928d49801165289d15c1416044af8fcedddcbd2a260c17a2e6488ed3d06b1edb4fb5f5ca5e9d14a14312 SHA512 a72afcac8e783f43732517314a94ffe039ab8f29027bcc398295fed97b123e6777039c016b6655a3cefbcba7e69832f62f3418b11e1bbd0452edc702ecaef69e
+DIST apptainer-1.3.1.tar.gz 17131707 BLAKE2B 08b25f188c8c0b3b72dd692ce9bb21ee5b40ad599170c12ec18b485a05a9b7309215ad17d2b2d15086f35864bf1d09dfd0834b7e2c8c54c5b175bb5989328022 SHA512 da24d7aac8b4a66c665f5d01a293a6de6ea214011a4f1b728c10fff03ee1e94beb648f3be04df072011dbac920624927ddbe2cf7c13a9aba424b463c51d2df64
diff --git a/app-containers/apptainer/apptainer-1.0.1.ebuild b/app-containers/apptainer/apptainer-1.3.0.ebuild
index 3dce15725ab8..5f69289300ad 100644
--- a/app-containers/apptainer/apptainer-1.0.1.ebuild
+++ b/app-containers/apptainer/apptainer-1.3.0.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2022 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
@@ -12,24 +12,32 @@ SRC_URI="https://github.com/apptainer/${PN}/releases/download/v${PV}/${P}.tar.gz
SLOT="0"
LICENSE="BSD"
KEYWORDS="amd64 ~riscv ~x86 ~amd64-linux ~x86-linux"
-IUSE="examples +network +suid"
+IUSE="examples +network suid systemd"
# Do not complain about CFLAGS etc. since go projects do not use them.
QA_FLAGS_IGNORED='.*'
DEPEND="app-crypt/gpgme
- >=dev-lang/go-1.17.6
+ >=dev-lang/go-1.20.0
dev-libs/openssl
sys-apps/util-linux
sys-fs/cryptsetup
sys-fs/squashfs-tools
- sys-libs/libseccomp"
+ sys-libs/libseccomp
+ !suid? (
+ sys-fs/e2fsprogs[fuse]
+ sys-fs/squashfuse
+ )"
RDEPEND="${DEPEND}
!sys-cluster/singularity"
BDEPEND="virtual/pkgconfig"
CONFIG_CHECK="~SQUASHFS"
+PATCHES=(
+ "${FILESDIR}"/${PN}-1.0.2-trim_upstream_cflags.patch
+)
+
DOCS=( README.md CONTRIBUTORS.md CONTRIBUTING.md )
src_configure() {
@@ -43,7 +51,7 @@ src_configure() {
--runstatedir="${EPREFIX}"/run \
--localstatedir="${EPREFIX}"/var \
$(usex network "" "--without-network") \
- $(usex suid "" "--without-suid")
+ $(use_with suid)
)
./mconfig -v ${myconfargs[@]} || die "Error invoking mconfig"
}
@@ -56,8 +64,29 @@ src_install() {
emake DESTDIR="${D}" -C builddir install
keepdir /var/${PN}/mnt/session
+ if use systemd; then
+ sed -i -e '/systemd cgroups/ s/no/yes/' "${ED}"/etc/${PN}/${PN}.conf \
+ || die "Failed to enable systemd use in configuration"
+ else
+ sed -i -e '/systemd cgroups/ s/yes/no/' "${ED}"/etc/${PN}/${PN}.conf \
+ || die "Failed to disable systemd use in configuration"
+ fi
+
einstalldocs
if use examples; then
dodoc -r examples
fi
}
+
+pkg_postinst() {
+ if ! use suid; then
+ local oldver
+ for oldver in ${REPLACING_VERSIONS}; do
+ if ver_test "${oldver}" -lt 1.1.0; then
+ ewarn "Since version 1.1.0 ${PN} no longer installs setuid-root components by default, relying on unprivileged user namespaces instead. For details, see https://apptainer.org/docs/admin/main/user_namespace.html"
+ ewarn "Make sure user namespaces (possibly except network ones for improved security) are enabled on your system, or re-enable installation of setuid root components by passing USE=suid to ${CATEGORY}/${PN}"
+ break
+ fi
+ done
+ fi
+}
diff --git a/app-containers/apptainer/apptainer-1.0.2.ebuild b/app-containers/apptainer/apptainer-1.3.1.ebuild
index 9f711a070ada..144ecd780c6e 100644
--- a/app-containers/apptainer/apptainer-1.0.2.ebuild
+++ b/app-containers/apptainer/apptainer-1.3.1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2022 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
@@ -9,27 +9,35 @@ DESCRIPTION="The container system for secure high-performance computing"
HOMEPAGE="https://apptainer.org/"
SRC_URI="https://github.com/apptainer/${PN}/releases/download/v${PV}/${P}.tar.gz"
-SLOT="0"
LICENSE="BSD"
+SLOT="0"
KEYWORDS="~amd64 ~riscv ~x86 ~amd64-linux ~x86-linux"
-IUSE="examples +network +suid"
+IUSE="examples +network suid systemd"
# Do not complain about CFLAGS etc. since go projects do not use them.
QA_FLAGS_IGNORED='.*'
DEPEND="app-crypt/gpgme
- >=dev-lang/go-1.17.6
+ >=dev-lang/go-1.20.0
dev-libs/openssl
sys-apps/util-linux
sys-fs/cryptsetup
sys-fs/squashfs-tools
- sys-libs/libseccomp"
+ sys-libs/libseccomp
+ !suid? (
+ sys-fs/e2fsprogs[fuse]
+ sys-fs/squashfuse
+ )"
RDEPEND="${DEPEND}
!sys-cluster/singularity"
BDEPEND="virtual/pkgconfig"
CONFIG_CHECK="~SQUASHFS"
+PATCHES=(
+ "${FILESDIR}"/${PN}-1.0.2-trim_upstream_cflags.patch
+)
+
DOCS=( README.md CONTRIBUTORS.md CONTRIBUTING.md )
src_configure() {
@@ -43,7 +51,7 @@ src_configure() {
--runstatedir="${EPREFIX}"/run \
--localstatedir="${EPREFIX}"/var \
$(usex network "" "--without-network") \
- $(usex suid "" "--without-suid")
+ $(use_with suid)
)
./mconfig -v ${myconfargs[@]} || die "Error invoking mconfig"
}
@@ -56,8 +64,29 @@ src_install() {
emake DESTDIR="${D}" -C builddir install
keepdir /var/${PN}/mnt/session
+ if use systemd; then
+ sed -i -e '/systemd cgroups/ s/no/yes/' "${ED}"/etc/${PN}/${PN}.conf \
+ || die "Failed to enable systemd use in configuration"
+ else
+ sed -i -e '/systemd cgroups/ s/yes/no/' "${ED}"/etc/${PN}/${PN}.conf \
+ || die "Failed to disable systemd use in configuration"
+ fi
+
einstalldocs
if use examples; then
dodoc -r examples
fi
}
+
+pkg_postinst() {
+ if ! use suid; then
+ local oldver
+ for oldver in ${REPLACING_VERSIONS}; do
+ if ver_test "${oldver}" -lt 1.1.0; then
+ ewarn "Since version 1.1.0 ${PN} no longer installs setuid-root components by default, relying on unprivileged user namespaces instead. For details, see https://apptainer.org/docs/admin/main/user_namespace.html"
+ ewarn "Make sure user namespaces (possibly except network ones for improved security) are enabled on your system, or re-enable installation of setuid root components by passing USE=suid to ${CATEGORY}/${PN}"
+ break
+ fi
+ done
+ fi
+}
diff --git a/app-containers/apptainer/files/apptainer-1.0.2-trim_upstream_cflags.patch b/app-containers/apptainer/files/apptainer-1.0.2-trim_upstream_cflags.patch
new file mode 100644
index 000000000000..b1329b5d9d3e
--- /dev/null
+++ b/app-containers/apptainer/files/apptainer-1.0.2-trim_upstream_cflags.patch
@@ -0,0 +1,24 @@
+--- a/mconfig
++++ b/mconfig
+@@ -42,14 +42,14 @@
+
+ # user_cflags - user-defined CFLAGS without all the cflags_opts
+ user_cflags="$CFLAGS"
+-cflags_opts="-Wall -Werror -Wfatal-errors -Wno-unknown-warning-option \
++cflags_opts="-Wall -Wfatal-errors -Wno-unknown-warning-option \
+ -Wstrict-prototypes -Wpointer-arith -Wbad-function-cast \
+ -Woverlength-strings -Wframe-larger-than=2047 \
+ -Wno-sign-compare -Wclobbered -Wempty-body -Wmissing-parameter-type \
+ -Wtype-limits -Wunused-parameter -Wunused-but-set-parameter \
+ -Wno-discarded-qualifiers -Wno-incompatible-pointer-types \
+ -pipe -fmessage-length=0 -fPIC"
+-cflags="$CFLAGS -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -fstack-protector --param ssp-buffer-size=4"
++cflags="$CFLAGS -Wformat -Wformat-security -fstack-protector --param ssp-buffer-size=4"
+ ldflags=$LDFLAGS
+
+ package_name=apptainer
+--- a/mlocal/frags/go_runtime_opts.mk
++++ b/mlocal/frags/go_runtime_opts.mk
+@@ -1 +1 @@
+-CGO_CFLAGS += -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -fstack-protector --param ssp-buffer-size=4
++CGO_CFLAGS += -O2 -Wformat -Wformat-security -fstack-protector --param ssp-buffer-size=4