Add containers-common and passt updates required to podman

Signed-off-by: Samuel Bernardo <samuelbernardo.mail@gmail.com>

12 files changed, 352 insertions, 0 deletions

diff --git a/app-containers/containers-common/Manifest b/app-containers/containers-common/Manifest
new file mode 100644
index 0000000..799f4ad
--- /dev/null
+++ b/app-containers/containers-common/Manifest
@@ -0,0 +1,7 @@
+AUX default.yaml 978 BLAKE2B ab316e77c296f0ea9e51788bd62cf3abbbc0fb5b3f630acfd8d138f61802477f3d1bc75bd538200bebadd11637baf88e5ecc602db459bfa335d77704bae437e2 SHA512 84c9e1dab4d071d74a6dc8e1f02dae948e81a7e7af1810860a320c8857cf69e354e3d8c87ead2e4c15f80a1ca144116c08b0715bdd97ffc5ae2bfea3883d73e5
+AUX examplify-mounts-conf.patch 214 BLAKE2B 3e72e91ce65190acb437a1ec5e0cbbb27b46b8581a062729bd90792bea8ea3a9549c4cc4d445198eda05ef4673391aa8bff6616918fab427fb2c9973e81484e1 SHA512 2f1aaadca8644c6e7062ac7d79864297b3bcd34c4c84a6d2651ac24e159fae8773cc240d0916f27354e394ab701a4339c15d5dde6957d61f5b153677a5bebca1
+AUX policy.json 256 BLAKE2B 78693988b98b88c35807db755bea923203ab289435d2c4ffd914ec52904dadded467ff131d90b337bf7534d533e478420a0c81599858a9012668bc4d1815144f SHA512 120f43f579f48758af6b8292fc2cfbcb5ecc46564d2d16afb74dbd1c043de44daec6633ff585b0046c55fd48aed6dbc2901623c753ec13670d3fdcecb19a42c5
+DIST containers-common-0.59.1.tar.gz 13131960 BLAKE2B 5b3b947789f889955716816fa15a84eb2f398d6cfb59c85bd969442fb8f55715f2c17c78d963ae913d96e6a109f69da745cfc7db8d23e2ed6516f992b982dda0 SHA512 452c9b84f7631afdf39b7b1fcaf2f721bede312d8fb55b89a953f16ca3546c0df11bb23c99588a592b6375275516d1364570261fbc15301ca3ad486ee66eae32
+EBUILD containers-common-0.59.1.ebuild 1831 BLAKE2B 5d4f98e52111ff64943128235fed05377c04d2a5e2b8d7610c23f1be32551e56327e7e78bbb8bca243beefa843b33cea4584fa6436738534be2065110ed04217 SHA512 a91a4d3d2e4375bf93a5a733c358b3da601b088933746b7bb683390d0da20a9218eb98c938944741c5357c887c19e9417b02a0660eebe57d12e38070151d6560
+EBUILD containers-common-9999.ebuild 1831 BLAKE2B 5d4f98e52111ff64943128235fed05377c04d2a5e2b8d7610c23f1be32551e56327e7e78bbb8bca243beefa843b33cea4584fa6436738534be2065110ed04217 SHA512 a91a4d3d2e4375bf93a5a733c358b3da601b088933746b7bb683390d0da20a9218eb98c938944741c5357c887c19e9417b02a0660eebe57d12e38070151d6560
+MISC metadata.xml 741 BLAKE2B 727dfc3215f6fb9155105aad6b83e4cff72d8f484e2abaf267a299c07777490abb657a6d0eb349587bae53ad614a6137bd6a205252c835d8141925698cdc2464 SHA512 d014e28716c2b2fd1926a5d7612437cf7553a62fcd26ede88dd180eeb8cfa52f0bfc0c61f539b05dcc7a7faf7c1f17a99e20cbf3743044c1aad1478fbfb11316
diff --git a/app-containers/containers-common/containers-common-0.59.1.ebuild b/app-containers/containers-common/containers-common-0.59.1.ebuild
new file mode 100644
index 0000000..4a0427e
--- /dev/null
+++ b/app-containers/containers-common/containers-common-0.59.1.ebuild
@@ -0,0 +1,75 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit readme.gentoo-r1
+
+DESCRIPTION="Common config files and docs for Containers stack"
+HOMEPAGE="https://github.com/containers/common"
+
+if [[ ${PV} == 9999* ]]; then
+	inherit git-r3
+	EGIT_REPO_URI="https://github.com/containers/common.git"
+else
+	SRC_URI="https://github.com/containers/common/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+	S="${WORKDIR}/${P#containers-}"
+	KEYWORDS="~amd64 ~arm64 ~riscv"
+fi
+
+LICENSE="Apache-2.0"
+SLOT="0"
+RESTRICT="test"
+RDEPEND="
+	>=app-containers/aardvark-dns-1.10.0
+	>=app-containers/crun-1.14.3
+	>=app-containers/containers-image-5.30.0
+	>=app-containers/containers-storage-1.53.0
+	app-containers/containers-shortnames
+	>=app-containers/netavark-1.10.3
+	net-firewall/nftables
+	net-firewall/iptables[nftables]
+	>=net-misc/passt-2024.03.20
+	>=sys-fs/fuse-overlayfs-1.13
+"
+
+BDEPEND="
+	>=dev-go/go-md2man-2.0.3
+"
+
+PATCHES=(
+	"${FILESDIR}/examplify-mounts-conf.patch"
+)
+
+DOC_CONTENTS="\n
+For rootless operations, one needs to configure subuid(5) and subgid(5)\n
+See /etc/sub{uid,gid} to check whether rootless user is already configured\n
+If not, quickly configure it with:\n
+usermod --add-subuids 1065536-1131071 <rootless user>\n
+usermod --add-subgids 1065536-1131071 <rootless user>\n
+"
+
+src_prepare() {
+	default
+
+	[[ -f docs/Makefile && -f Makefile ]] || die
+	sed -i -e 's|/usr/local|/usr|g;' docs/Makefile Makefile || die
+}
+
+src_compile() {
+	emake docs
+}
+
+src_install() {
+	emake DESTDIR="${ED}" install
+	readme.gentoo_create_doc
+
+	insinto /usr/share/containers
+	doins pkg/seccomp/seccomp.json pkg/subscriptions/mounts.conf
+
+	keepdir /etc/containers/certs.d /etc/containers/oci/hooks.d /etc/containers/systemd /var/lib/containers/sigstore
+}
+
+pkg_postinst() {
+	readme.gentoo_print_elog
+}
diff --git a/app-containers/containers-common/containers-common-9999.ebuild b/app-containers/containers-common/containers-common-9999.ebuild
new file mode 100644
index 0000000..4a0427e
--- /dev/null
+++ b/app-containers/containers-common/containers-common-9999.ebuild
@@ -0,0 +1,75 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit readme.gentoo-r1
+
+DESCRIPTION="Common config files and docs for Containers stack"
+HOMEPAGE="https://github.com/containers/common"
+
+if [[ ${PV} == 9999* ]]; then
+	inherit git-r3
+	EGIT_REPO_URI="https://github.com/containers/common.git"
+else
+	SRC_URI="https://github.com/containers/common/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+	S="${WORKDIR}/${P#containers-}"
+	KEYWORDS="~amd64 ~arm64 ~riscv"
+fi
+
+LICENSE="Apache-2.0"
+SLOT="0"
+RESTRICT="test"
+RDEPEND="
+	>=app-containers/aardvark-dns-1.10.0
+	>=app-containers/crun-1.14.3
+	>=app-containers/containers-image-5.30.0
+	>=app-containers/containers-storage-1.53.0
+	app-containers/containers-shortnames
+	>=app-containers/netavark-1.10.3
+	net-firewall/nftables
+	net-firewall/iptables[nftables]
+	>=net-misc/passt-2024.03.20
+	>=sys-fs/fuse-overlayfs-1.13
+"
+
+BDEPEND="
+	>=dev-go/go-md2man-2.0.3
+"
+
+PATCHES=(
+	"${FILESDIR}/examplify-mounts-conf.patch"
+)
+
+DOC_CONTENTS="\n
+For rootless operations, one needs to configure subuid(5) and subgid(5)\n
+See /etc/sub{uid,gid} to check whether rootless user is already configured\n
+If not, quickly configure it with:\n
+usermod --add-subuids 1065536-1131071 <rootless user>\n
+usermod --add-subgids 1065536-1131071 <rootless user>\n
+"
+
+src_prepare() {
+	default
+
+	[[ -f docs/Makefile && -f Makefile ]] || die
+	sed -i -e 's|/usr/local|/usr|g;' docs/Makefile Makefile || die
+}
+
+src_compile() {
+	emake docs
+}
+
+src_install() {
+	emake DESTDIR="${ED}" install
+	readme.gentoo_create_doc
+
+	insinto /usr/share/containers
+	doins pkg/seccomp/seccomp.json pkg/subscriptions/mounts.conf
+
+	keepdir /etc/containers/certs.d /etc/containers/oci/hooks.d /etc/containers/systemd /var/lib/containers/sigstore
+}
+
+pkg_postinst() {
+	readme.gentoo_print_elog
+}
diff --git a/app-containers/containers-common/files/default.yaml b/app-containers/containers-common/files/default.yaml
new file mode 100644
index 0000000..a7f3d28
--- /dev/null
+++ b/app-containers/containers-common/files/default.yaml
@@ -0,0 +1,28 @@
+# This is a default registries.d configuration file.  You may
+# add to this file or create additional files in registries.d/.
+#
+# lookaside: for reading/writing simple signing signatures
+# lookaside-staging: for writing simple signing signatures, preferred over lookaside
+#
+# lookaside and lookaside-staging take a value of the following:
+#   lookaside:  {schema}://location
+#
+# For reading signatures, schema may be http, https, or file.
+# For writing signatures, schema may only be file.
+
+# The default locations are built-in, for both reading and writing:
+# /var/lib/containers/sigstore for root, or
+# ~/.local/share/containers/sigstore for non-root users.
+default-docker:
+#  lookaside: https://…
+#  lookaside-staging: file:///…
+
+# The 'docker' indicator here is the start of the configuration
+# for docker registries.
+#
+# docker:
+#
+#   privateregistry.com:
+#    lookaside: https://privateregistry.com/sigstore/
+#    lookaside-staging: /mnt/nfs/privateregistry/sigstore
+
diff --git a/app-containers/containers-common/files/examplify-mounts-conf.patch b/app-containers/containers-common/files/examplify-mounts-conf.patch
new file mode 100644
index 0000000..eeaca09
--- /dev/null
+++ b/app-containers/containers-common/files/examplify-mounts-conf.patch
@@ -0,0 +1,7 @@
+--- a/pkg/subscriptions/mounts.conf
++++ a/pkg/subscriptions/mounts.conf
+@@ -1 +1,3 @@
+-/usr/share/rhel/secrets:/run/secrets
++# Refer to containers-mounts.conf(5)
++# Example:
++# /usr/share/rhel/secrets:/run/secrets
diff --git a/app-containers/containers-common/files/policy.json b/app-containers/containers-common/files/policy.json
new file mode 100644
index 0000000..dffc54a
--- /dev/null
+++ b/app-containers/containers-common/files/policy.json
@@ -0,0 +1,14 @@
+{
+    "default": [
+        {
+            "type": "insecureAcceptAnything"
+        }
+    ],
+    "transports":
+        {
+            "docker-daemon":
+                {
+                    "": [{"type":"insecureAcceptAnything"}]
+                }
+        }
+}
diff --git a/app-containers/containers-common/metadata.xml b/app-containers/containers-common/metadata.xml
new file mode 100644
index 0000000..21378d9
--- /dev/null
+++ b/app-containers/containers-common/metadata.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+  <maintainer type="person" proxied="yes">
+    <email>me@rahil.rocks</email>
+    <name>Rahil Bhimjiani</name>
+  </maintainer>
+  <maintainer type="person">
+    <email>zmedico@gentoo.org</email>
+    <name>Zac Medico</name>
+  </maintainer>
+  <maintainer type="project" proxied="proxy">
+    <email>proxy-maint@gentoo.org</email>
+    <name>Proxy Maintainers</name>
+  </maintainer>
+  <upstream>
+    <remote-id type="github">containers/common</remote-id>
+    <bugs-to>https://github.com/containers/common/issues</bugs-to>
+    <doc>https://github.com/containers/common/blob/main/README.md</doc>
+  </upstream>
+</pkgmetadata>
diff --git a/net-misc/passt/Manifest b/net-misc/passt/Manifest
new file mode 100644
index 0000000..8e74289
--- /dev/null
+++ b/net-misc/passt/Manifest
@@ -0,0 +1,5 @@
+AUX Makefile-2024.03.20.patch 433 BLAKE2B 5e64a2a449806698bc812e38bfe46860e13a3bf64e1e6c7c96e3d43d8b30f1e6d6eedad8a89b500dced6ba81e8a8c0e7dfd74d889fed8dc1d7d7755d38e60156 SHA512 cbf5f29c96364438064ae65cc56501b1a5793530dedfeadf5184fa1a7df8c1b45786f39686e058178c2b7e58f0ae2aaa507fe986f01c4a6a6984276cd00c062e
+DIST passt-2024.06.07.tar.xz 195992 BLAKE2B 9f4b680daa8103c7de0c92c01824df74e1b221a48cf7724c2c09aae13a3575bdc529eeca01d5015095c51194045e1019bbdf38cc7ef2333d61eaa03b4e0249ae SHA512 04add1113ffbc98d61b7c63352899505d8f19bbdf937a0c025726813163ec7fc31abdb94c12ceefed9b49f18b388acc0687298bce8ba156bbb044d1b1bcdaee3
+EBUILD passt-2024.06.07.ebuild 842 BLAKE2B 94b37052fbc670b3f3d9a6aead0dee723bf7e2a44219ff1efd0dfa54caca078f935aa2c3371f8d13bac0add09e16d0fe97840ef07e9eeba735c3e75407bdb742 SHA512 7c62b8cea6099b8d743beecf6a0d70f6b5acd3f46a5d0d80eb3a58a74b233dd5e0446dcb704966fca3f701c852e54482ca7aae2ba15a5f174c2df7a38127ad5c
+EBUILD passt-9999.ebuild 842 BLAKE2B 94b37052fbc670b3f3d9a6aead0dee723bf7e2a44219ff1efd0dfa54caca078f935aa2c3371f8d13bac0add09e16d0fe97840ef07e9eeba735c3e75407bdb742 SHA512 7c62b8cea6099b8d743beecf6a0d70f6b5acd3f46a5d0d80eb3a58a74b233dd5e0446dcb704966fca3f701c852e54482ca7aae2ba15a5f174c2df7a38127ad5c
+MISC metadata.xml 1410 BLAKE2B 415cf4ab3e0d993066251ff9e136ea4a5ef13fc50b838b5dd057784600b5fb89fecb411cc0d61d08459e34da7fe34097d22b8908240f3e46e6ff50f503aa7089 SHA512 85d756f5b8077fb0838e1881f9ef48f08ca8da1ca540d8677632c81d34765d6fb1483b3fdd0eead64467aa7872b1ca133745610736d0afc5a2b8223abacc1cb6
diff --git a/net-misc/passt/files/Makefile-2024.03.20.patch b/net-misc/passt/files/Makefile-2024.03.20.patch
new file mode 100644
index 0000000..30f36d1
--- /dev/null
+++ b/net-misc/passt/files/Makefile-2024.03.20.patch
@@ -0,0 +1,13 @@
+Addressing following bugs:
+https://bugs.gentoo.org/924494
+--- a/Makefile
++++ b/Makefile
+@@ -35,7 +35,7 @@
+ 
+ FLAGS := -Wall -Wextra -Wno-format-zero-length
+ FLAGS += -pedantic -std=c11 -D_XOPEN_SOURCE=700 -D_GNU_SOURCE
+-FLAGS += -D_FORTIFY_SOURCE=2 -O2 -pie -fPIE
++FLAGS += -O2 -pie -fPIE
+ FLAGS += -DPAGE_SIZE=$(shell getconf PAGE_SIZE)
+ FLAGS += -DNETNS_RUN_DIR=\"/run/netns\"
+ FLAGS += -DPASST_AUDIT_ARCH=AUDIT_ARCH_$(AUDIT_ARCH)
diff --git a/net-misc/passt/metadata.xml b/net-misc/passt/metadata.xml
new file mode 100644
index 0000000..35350e9
--- /dev/null
+++ b/net-misc/passt/metadata.xml
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+  <maintainer type="person" proxied="yes">
+    <email>me@rahil.rocks</email>
+    <name>Rahil Bhimjiani</name>
+  </maintainer>
+  <maintainer type="person">
+    <email>zmedico@gentoo.org</email>
+    <name>Zac Medico</name>
+  </maintainer>
+  <maintainer type="project" proxied="proxy">
+    <email>proxy-maint@gentoo.org</email>
+    <name>Proxy Maintainers</name>
+  </maintainer>
+  <longdescription lang="en">
+    passt implements a translation layer between a Layer-2 network interface and native Layer-4 sockets (TCP, UDP, ICMP/ICMPv6 echo) on a host. It doesn't require any capabilities or privileges, and it can be used as a simple replacement for Slirp.
+
+    pasta (same binary as passt, different command) offers equivalent functionality, for network namespaces: traffic is forwarded using a tap interface inside the namespace, without the need to create further interfaces on the host, hence not requiring any capabilities or privileges.
+
+    qrap  is  a  wrapper,  designed specifically for usage with qemu(1) and passt(1), connecting a UNIX domain socket to a file descriptor, and running qemu(1) with given arguments.
+  </longdescription>
+  <upstream>
+    <bugs-to>https://passt.top/passt/bugs</bugs-to>
+    <doc>https://passt.top/passt/about/</doc>
+  </upstream>
+</pkgmetadata>
diff --git a/net-misc/passt/passt-2024.06.07.ebuild b/net-misc/passt/passt-2024.06.07.ebuild
new file mode 100644
index 0000000..9e4992f
--- /dev/null
+++ b/net-misc/passt/passt-2024.06.07.ebuild
@@ -0,0 +1,40 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit toolchain-funcs
+
+DESCRIPTION="User-mode networking daemons for VMs and namespaces, replacement for Slirp"
+HOMEPAGE="https://passt.top/"
+
+RELEASE_COMMIT="7288448"
+
+if [[ ${PV} == 9999* ]]; then
+	inherit git-r3
+	EGIT_REPO_URI="git://passt.top/passt"
+else
+	SRC_URI="https://passt.top/passt/snapshot/passt-${RELEASE_COMMIT}.tar.xz -> ${P}.tar.xz"
+	S="${WORKDIR}/${PN}-${RELEASE_COMMIT}"
+	KEYWORDS="~amd64 ~arm64 ~riscv"
+fi
+
+LICENSE="BSD GPL-2+"
+SLOT="0"
+IUSE="static"
+
+PATCHES=(
+	"${FILESDIR}"/Makefile-2024.03.20.patch
+)
+
+src_prepare() {
+	default
+	tc-export CC
+}
+
+src_compile() {
+	[[ ${PV} != 9999* ]] && export VERSION="${PV}"
+	export prefix="${EPREFIX}/usr" docdir="${EPREFIX}/usr/share/doc/${P}"
+
+	emake $(usev static)
+}
diff --git a/net-misc/passt/passt-9999.ebuild b/net-misc/passt/passt-9999.ebuild
new file mode 100644
index 0000000..9e4992f
--- /dev/null
+++ b/net-misc/passt/passt-9999.ebuild
@@ -0,0 +1,40 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit toolchain-funcs
+
+DESCRIPTION="User-mode networking daemons for VMs and namespaces, replacement for Slirp"
+HOMEPAGE="https://passt.top/"
+
+RELEASE_COMMIT="7288448"
+
+if [[ ${PV} == 9999* ]]; then
+	inherit git-r3
+	EGIT_REPO_URI="git://passt.top/passt"
+else
+	SRC_URI="https://passt.top/passt/snapshot/passt-${RELEASE_COMMIT}.tar.xz -> ${P}.tar.xz"
+	S="${WORKDIR}/${PN}-${RELEASE_COMMIT}"
+	KEYWORDS="~amd64 ~arm64 ~riscv"
+fi
+
+LICENSE="BSD GPL-2+"
+SLOT="0"
+IUSE="static"
+
+PATCHES=(
+	"${FILESDIR}"/Makefile-2024.03.20.patch
+)
+
+src_prepare() {
+	default
+	tc-export CC
+}
+
+src_compile() {
+	[[ ${PV} != 9999* ]] && export VERSION="${PV}"
+	export prefix="${EPREFIX}/usr" docdir="${EPREFIX}/usr/share/doc/${P}"
+
+	emake $(usev static)
+}