From 6251e70c21dc41a2cd91e41cf75138e24409bafe Mon Sep 17 00:00:00 2001 From: Samuel Bernardo Date: Tue, 11 Jun 2024 23:16:38 +0100 Subject: Add containers-common and passt updates required to podman Signed-off-by: Samuel Bernardo --- app-containers/containers-common/Manifest | 7 ++ .../containers-common-0.59.1.ebuild | 75 ++++++++++++++++++++++ .../containers-common-9999.ebuild | 75 ++++++++++++++++++++++ .../containers-common/files/default.yaml | 28 ++++++++ .../files/examplify-mounts-conf.patch | 7 ++ app-containers/containers-common/files/policy.json | 14 ++++ app-containers/containers-common/metadata.xml | 21 ++++++ net-misc/passt/Manifest | 5 ++ net-misc/passt/files/Makefile-2024.03.20.patch | 13 ++++ net-misc/passt/metadata.xml | 27 ++++++++ net-misc/passt/passt-2024.06.07.ebuild | 40 ++++++++++++ net-misc/passt/passt-9999.ebuild | 40 ++++++++++++ 12 files changed, 352 insertions(+) create mode 100644 app-containers/containers-common/Manifest create mode 100644 app-containers/containers-common/containers-common-0.59.1.ebuild create mode 100644 app-containers/containers-common/containers-common-9999.ebuild create mode 100644 app-containers/containers-common/files/default.yaml create mode 100644 app-containers/containers-common/files/examplify-mounts-conf.patch create mode 100644 app-containers/containers-common/files/policy.json create mode 100644 app-containers/containers-common/metadata.xml create mode 100644 net-misc/passt/Manifest create mode 100644 net-misc/passt/files/Makefile-2024.03.20.patch create mode 100644 net-misc/passt/metadata.xml create mode 100644 net-misc/passt/passt-2024.06.07.ebuild create mode 100644 net-misc/passt/passt-9999.ebuild diff --git a/app-containers/containers-common/Manifest b/app-containers/containers-common/Manifest new file mode 100644 index 0000000..799f4ad --- /dev/null +++ b/app-containers/containers-common/Manifest @@ -0,0 +1,7 @@ +AUX default.yaml 978 BLAKE2B ab316e77c296f0ea9e51788bd62cf3abbbc0fb5b3f630acfd8d138f61802477f3d1bc75bd538200bebadd11637baf88e5ecc602db459bfa335d77704bae437e2 SHA512 84c9e1dab4d071d74a6dc8e1f02dae948e81a7e7af1810860a320c8857cf69e354e3d8c87ead2e4c15f80a1ca144116c08b0715bdd97ffc5ae2bfea3883d73e5 +AUX examplify-mounts-conf.patch 214 BLAKE2B 3e72e91ce65190acb437a1ec5e0cbbb27b46b8581a062729bd90792bea8ea3a9549c4cc4d445198eda05ef4673391aa8bff6616918fab427fb2c9973e81484e1 SHA512 2f1aaadca8644c6e7062ac7d79864297b3bcd34c4c84a6d2651ac24e159fae8773cc240d0916f27354e394ab701a4339c15d5dde6957d61f5b153677a5bebca1 +AUX policy.json 256 BLAKE2B 78693988b98b88c35807db755bea923203ab289435d2c4ffd914ec52904dadded467ff131d90b337bf7534d533e478420a0c81599858a9012668bc4d1815144f SHA512 120f43f579f48758af6b8292fc2cfbcb5ecc46564d2d16afb74dbd1c043de44daec6633ff585b0046c55fd48aed6dbc2901623c753ec13670d3fdcecb19a42c5 +DIST containers-common-0.59.1.tar.gz 13131960 BLAKE2B 5b3b947789f889955716816fa15a84eb2f398d6cfb59c85bd969442fb8f55715f2c17c78d963ae913d96e6a109f69da745cfc7db8d23e2ed6516f992b982dda0 SHA512 452c9b84f7631afdf39b7b1fcaf2f721bede312d8fb55b89a953f16ca3546c0df11bb23c99588a592b6375275516d1364570261fbc15301ca3ad486ee66eae32 +EBUILD containers-common-0.59.1.ebuild 1831 BLAKE2B 5d4f98e52111ff64943128235fed05377c04d2a5e2b8d7610c23f1be32551e56327e7e78bbb8bca243beefa843b33cea4584fa6436738534be2065110ed04217 SHA512 a91a4d3d2e4375bf93a5a733c358b3da601b088933746b7bb683390d0da20a9218eb98c938944741c5357c887c19e9417b02a0660eebe57d12e38070151d6560 +EBUILD containers-common-9999.ebuild 1831 BLAKE2B 5d4f98e52111ff64943128235fed05377c04d2a5e2b8d7610c23f1be32551e56327e7e78bbb8bca243beefa843b33cea4584fa6436738534be2065110ed04217 SHA512 a91a4d3d2e4375bf93a5a733c358b3da601b088933746b7bb683390d0da20a9218eb98c938944741c5357c887c19e9417b02a0660eebe57d12e38070151d6560 +MISC metadata.xml 741 BLAKE2B 727dfc3215f6fb9155105aad6b83e4cff72d8f484e2abaf267a299c07777490abb657a6d0eb349587bae53ad614a6137bd6a205252c835d8141925698cdc2464 SHA512 d014e28716c2b2fd1926a5d7612437cf7553a62fcd26ede88dd180eeb8cfa52f0bfc0c61f539b05dcc7a7faf7c1f17a99e20cbf3743044c1aad1478fbfb11316 diff --git a/app-containers/containers-common/containers-common-0.59.1.ebuild b/app-containers/containers-common/containers-common-0.59.1.ebuild new file mode 100644 index 0000000..4a0427e --- /dev/null +++ b/app-containers/containers-common/containers-common-0.59.1.ebuild @@ -0,0 +1,75 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit readme.gentoo-r1 + +DESCRIPTION="Common config files and docs for Containers stack" +HOMEPAGE="https://github.com/containers/common" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/common.git" +else + SRC_URI="https://github.com/containers/common/archive/v${PV}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P#containers-}" + KEYWORDS="~amd64 ~arm64 ~riscv" +fi + +LICENSE="Apache-2.0" +SLOT="0" +RESTRICT="test" +RDEPEND=" + >=app-containers/aardvark-dns-1.10.0 + >=app-containers/crun-1.14.3 + >=app-containers/containers-image-5.30.0 + >=app-containers/containers-storage-1.53.0 + app-containers/containers-shortnames + >=app-containers/netavark-1.10.3 + net-firewall/nftables + net-firewall/iptables[nftables] + >=net-misc/passt-2024.03.20 + >=sys-fs/fuse-overlayfs-1.13 +" + +BDEPEND=" + >=dev-go/go-md2man-2.0.3 +" + +PATCHES=( + "${FILESDIR}/examplify-mounts-conf.patch" +) + +DOC_CONTENTS="\n +For rootless operations, one needs to configure subuid(5) and subgid(5)\n +See /etc/sub{uid,gid} to check whether rootless user is already configured\n +If not, quickly configure it with:\n +usermod --add-subuids 1065536-1131071 \n +usermod --add-subgids 1065536-1131071 \n +" + +src_prepare() { + default + + [[ -f docs/Makefile && -f Makefile ]] || die + sed -i -e 's|/usr/local|/usr|g;' docs/Makefile Makefile || die +} + +src_compile() { + emake docs +} + +src_install() { + emake DESTDIR="${ED}" install + readme.gentoo_create_doc + + insinto /usr/share/containers + doins pkg/seccomp/seccomp.json pkg/subscriptions/mounts.conf + + keepdir /etc/containers/certs.d /etc/containers/oci/hooks.d /etc/containers/systemd /var/lib/containers/sigstore +} + +pkg_postinst() { + readme.gentoo_print_elog +} diff --git a/app-containers/containers-common/containers-common-9999.ebuild b/app-containers/containers-common/containers-common-9999.ebuild new file mode 100644 index 0000000..4a0427e --- /dev/null +++ b/app-containers/containers-common/containers-common-9999.ebuild @@ -0,0 +1,75 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit readme.gentoo-r1 + +DESCRIPTION="Common config files and docs for Containers stack" +HOMEPAGE="https://github.com/containers/common" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/common.git" +else + SRC_URI="https://github.com/containers/common/archive/v${PV}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P#containers-}" + KEYWORDS="~amd64 ~arm64 ~riscv" +fi + +LICENSE="Apache-2.0" +SLOT="0" +RESTRICT="test" +RDEPEND=" + >=app-containers/aardvark-dns-1.10.0 + >=app-containers/crun-1.14.3 + >=app-containers/containers-image-5.30.0 + >=app-containers/containers-storage-1.53.0 + app-containers/containers-shortnames + >=app-containers/netavark-1.10.3 + net-firewall/nftables + net-firewall/iptables[nftables] + >=net-misc/passt-2024.03.20 + >=sys-fs/fuse-overlayfs-1.13 +" + +BDEPEND=" + >=dev-go/go-md2man-2.0.3 +" + +PATCHES=( + "${FILESDIR}/examplify-mounts-conf.patch" +) + +DOC_CONTENTS="\n +For rootless operations, one needs to configure subuid(5) and subgid(5)\n +See /etc/sub{uid,gid} to check whether rootless user is already configured\n +If not, quickly configure it with:\n +usermod --add-subuids 1065536-1131071 \n +usermod --add-subgids 1065536-1131071 \n +" + +src_prepare() { + default + + [[ -f docs/Makefile && -f Makefile ]] || die + sed -i -e 's|/usr/local|/usr|g;' docs/Makefile Makefile || die +} + +src_compile() { + emake docs +} + +src_install() { + emake DESTDIR="${ED}" install + readme.gentoo_create_doc + + insinto /usr/share/containers + doins pkg/seccomp/seccomp.json pkg/subscriptions/mounts.conf + + keepdir /etc/containers/certs.d /etc/containers/oci/hooks.d /etc/containers/systemd /var/lib/containers/sigstore +} + +pkg_postinst() { + readme.gentoo_print_elog +} diff --git a/app-containers/containers-common/files/default.yaml b/app-containers/containers-common/files/default.yaml new file mode 100644 index 0000000..a7f3d28 --- /dev/null +++ b/app-containers/containers-common/files/default.yaml @@ -0,0 +1,28 @@ +# This is a default registries.d configuration file. You may +# add to this file or create additional files in registries.d/. +# +# lookaside: for reading/writing simple signing signatures +# lookaside-staging: for writing simple signing signatures, preferred over lookaside +# +# lookaside and lookaside-staging take a value of the following: +# lookaside: {schema}://location +# +# For reading signatures, schema may be http, https, or file. +# For writing signatures, schema may only be file. + +# The default locations are built-in, for both reading and writing: +# /var/lib/containers/sigstore for root, or +# ~/.local/share/containers/sigstore for non-root users. +default-docker: +# lookaside: https://… +# lookaside-staging: file:///… + +# The 'docker' indicator here is the start of the configuration +# for docker registries. +# +# docker: +# +# privateregistry.com: +# lookaside: https://privateregistry.com/sigstore/ +# lookaside-staging: /mnt/nfs/privateregistry/sigstore + diff --git a/app-containers/containers-common/files/examplify-mounts-conf.patch b/app-containers/containers-common/files/examplify-mounts-conf.patch new file mode 100644 index 0000000..eeaca09 --- /dev/null +++ b/app-containers/containers-common/files/examplify-mounts-conf.patch @@ -0,0 +1,7 @@ +--- a/pkg/subscriptions/mounts.conf ++++ a/pkg/subscriptions/mounts.conf +@@ -1 +1,3 @@ +-/usr/share/rhel/secrets:/run/secrets ++# Refer to containers-mounts.conf(5) ++# Example: ++# /usr/share/rhel/secrets:/run/secrets diff --git a/app-containers/containers-common/files/policy.json b/app-containers/containers-common/files/policy.json new file mode 100644 index 0000000..dffc54a --- /dev/null +++ b/app-containers/containers-common/files/policy.json @@ -0,0 +1,14 @@ +{ + "default": [ + { + "type": "insecureAcceptAnything" + } + ], + "transports": + { + "docker-daemon": + { + "": [{"type":"insecureAcceptAnything"}] + } + } +} diff --git a/app-containers/containers-common/metadata.xml b/app-containers/containers-common/metadata.xml new file mode 100644 index 0000000..21378d9 --- /dev/null +++ b/app-containers/containers-common/metadata.xml @@ -0,0 +1,21 @@ + + + + + me@rahil.rocks + Rahil Bhimjiani + + + zmedico@gentoo.org + Zac Medico + + + proxy-maint@gentoo.org + Proxy Maintainers + + + containers/common + https://github.com/containers/common/issues + https://github.com/containers/common/blob/main/README.md + + diff --git a/net-misc/passt/Manifest b/net-misc/passt/Manifest new file mode 100644 index 0000000..8e74289 --- /dev/null +++ b/net-misc/passt/Manifest @@ -0,0 +1,5 @@ +AUX Makefile-2024.03.20.patch 433 BLAKE2B 5e64a2a449806698bc812e38bfe46860e13a3bf64e1e6c7c96e3d43d8b30f1e6d6eedad8a89b500dced6ba81e8a8c0e7dfd74d889fed8dc1d7d7755d38e60156 SHA512 cbf5f29c96364438064ae65cc56501b1a5793530dedfeadf5184fa1a7df8c1b45786f39686e058178c2b7e58f0ae2aaa507fe986f01c4a6a6984276cd00c062e +DIST passt-2024.06.07.tar.xz 195992 BLAKE2B 9f4b680daa8103c7de0c92c01824df74e1b221a48cf7724c2c09aae13a3575bdc529eeca01d5015095c51194045e1019bbdf38cc7ef2333d61eaa03b4e0249ae SHA512 04add1113ffbc98d61b7c63352899505d8f19bbdf937a0c025726813163ec7fc31abdb94c12ceefed9b49f18b388acc0687298bce8ba156bbb044d1b1bcdaee3 +EBUILD passt-2024.06.07.ebuild 842 BLAKE2B 94b37052fbc670b3f3d9a6aead0dee723bf7e2a44219ff1efd0dfa54caca078f935aa2c3371f8d13bac0add09e16d0fe97840ef07e9eeba735c3e75407bdb742 SHA512 7c62b8cea6099b8d743beecf6a0d70f6b5acd3f46a5d0d80eb3a58a74b233dd5e0446dcb704966fca3f701c852e54482ca7aae2ba15a5f174c2df7a38127ad5c +EBUILD passt-9999.ebuild 842 BLAKE2B 94b37052fbc670b3f3d9a6aead0dee723bf7e2a44219ff1efd0dfa54caca078f935aa2c3371f8d13bac0add09e16d0fe97840ef07e9eeba735c3e75407bdb742 SHA512 7c62b8cea6099b8d743beecf6a0d70f6b5acd3f46a5d0d80eb3a58a74b233dd5e0446dcb704966fca3f701c852e54482ca7aae2ba15a5f174c2df7a38127ad5c +MISC metadata.xml 1410 BLAKE2B 415cf4ab3e0d993066251ff9e136ea4a5ef13fc50b838b5dd057784600b5fb89fecb411cc0d61d08459e34da7fe34097d22b8908240f3e46e6ff50f503aa7089 SHA512 85d756f5b8077fb0838e1881f9ef48f08ca8da1ca540d8677632c81d34765d6fb1483b3fdd0eead64467aa7872b1ca133745610736d0afc5a2b8223abacc1cb6 diff --git a/net-misc/passt/files/Makefile-2024.03.20.patch b/net-misc/passt/files/Makefile-2024.03.20.patch new file mode 100644 index 0000000..30f36d1 --- /dev/null +++ b/net-misc/passt/files/Makefile-2024.03.20.patch @@ -0,0 +1,13 @@ +Addressing following bugs: +https://bugs.gentoo.org/924494 +--- a/Makefile ++++ b/Makefile +@@ -35,7 +35,7 @@ + + FLAGS := -Wall -Wextra -Wno-format-zero-length + FLAGS += -pedantic -std=c11 -D_XOPEN_SOURCE=700 -D_GNU_SOURCE +-FLAGS += -D_FORTIFY_SOURCE=2 -O2 -pie -fPIE ++FLAGS += -O2 -pie -fPIE + FLAGS += -DPAGE_SIZE=$(shell getconf PAGE_SIZE) + FLAGS += -DNETNS_RUN_DIR=\"/run/netns\" + FLAGS += -DPASST_AUDIT_ARCH=AUDIT_ARCH_$(AUDIT_ARCH) diff --git a/net-misc/passt/metadata.xml b/net-misc/passt/metadata.xml new file mode 100644 index 0000000..35350e9 --- /dev/null +++ b/net-misc/passt/metadata.xml @@ -0,0 +1,27 @@ + + + + + me@rahil.rocks + Rahil Bhimjiani + + + zmedico@gentoo.org + Zac Medico + + + proxy-maint@gentoo.org + Proxy Maintainers + + + passt implements a translation layer between a Layer-2 network interface and native Layer-4 sockets (TCP, UDP, ICMP/ICMPv6 echo) on a host. It doesn't require any capabilities or privileges, and it can be used as a simple replacement for Slirp. + + pasta (same binary as passt, different command) offers equivalent functionality, for network namespaces: traffic is forwarded using a tap interface inside the namespace, without the need to create further interfaces on the host, hence not requiring any capabilities or privileges. + + qrap is a wrapper, designed specifically for usage with qemu(1) and passt(1), connecting a UNIX domain socket to a file descriptor, and running qemu(1) with given arguments. + + + https://passt.top/passt/bugs + https://passt.top/passt/about/ + + diff --git a/net-misc/passt/passt-2024.06.07.ebuild b/net-misc/passt/passt-2024.06.07.ebuild new file mode 100644 index 0000000..9e4992f --- /dev/null +++ b/net-misc/passt/passt-2024.06.07.ebuild @@ -0,0 +1,40 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit toolchain-funcs + +DESCRIPTION="User-mode networking daemons for VMs and namespaces, replacement for Slirp" +HOMEPAGE="https://passt.top/" + +RELEASE_COMMIT="7288448" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="git://passt.top/passt" +else + SRC_URI="https://passt.top/passt/snapshot/passt-${RELEASE_COMMIT}.tar.xz -> ${P}.tar.xz" + S="${WORKDIR}/${PN}-${RELEASE_COMMIT}" + KEYWORDS="~amd64 ~arm64 ~riscv" +fi + +LICENSE="BSD GPL-2+" +SLOT="0" +IUSE="static" + +PATCHES=( + "${FILESDIR}"/Makefile-2024.03.20.patch +) + +src_prepare() { + default + tc-export CC +} + +src_compile() { + [[ ${PV} != 9999* ]] && export VERSION="${PV}" + export prefix="${EPREFIX}/usr" docdir="${EPREFIX}/usr/share/doc/${P}" + + emake $(usev static) +} diff --git a/net-misc/passt/passt-9999.ebuild b/net-misc/passt/passt-9999.ebuild new file mode 100644 index 0000000..9e4992f --- /dev/null +++ b/net-misc/passt/passt-9999.ebuild @@ -0,0 +1,40 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit toolchain-funcs + +DESCRIPTION="User-mode networking daemons for VMs and namespaces, replacement for Slirp" +HOMEPAGE="https://passt.top/" + +RELEASE_COMMIT="7288448" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="git://passt.top/passt" +else + SRC_URI="https://passt.top/passt/snapshot/passt-${RELEASE_COMMIT}.tar.xz -> ${P}.tar.xz" + S="${WORKDIR}/${PN}-${RELEASE_COMMIT}" + KEYWORDS="~amd64 ~arm64 ~riscv" +fi + +LICENSE="BSD GPL-2+" +SLOT="0" +IUSE="static" + +PATCHES=( + "${FILESDIR}"/Makefile-2024.03.20.patch +) + +src_prepare() { + default + tc-export CC +} + +src_compile() { + [[ ${PV} != 9999* ]] && export VERSION="${PV}" + export prefix="${EPREFIX}/usr" docdir="${EPREFIX}/usr/share/doc/${P}" + + emake $(usev static) +} -- cgit v1.2.3-65-gdbad