summaryrefslogtreecommitdiff
path: root/app-containers/crun
diff options
context:
space:
mode:
Diffstat (limited to 'app-containers/crun')
-rw-r--r--app-containers/crun/Manifest3
-rw-r--r--app-containers/crun/crun-1.11.2.ebuild75
-rw-r--r--app-containers/crun/files/crun-1.11.2-caps.patch32
3 files changed, 110 insertions, 0 deletions
diff --git a/app-containers/crun/Manifest b/app-containers/crun/Manifest
index ce7dca8dd1d7..50acda1edea0 100644
--- a/app-containers/crun/Manifest
+++ b/app-containers/crun/Manifest
@@ -1,5 +1,8 @@
+AUX crun-1.11.2-caps.patch 1149 BLAKE2B 241d7b26555d32d082e3c770a61b6c01285b4e3dcd9f54922c2fb38cc14581cf08c7b53f96d9e61b5a8f436725473df26008d04890c698cf23edbb60ae57d937 SHA512 73477342c4de8b28c02c7c2c57940e3800662a90d43849aeea90562582deccf06f2860cd41ba8ff9a45a0c68ce9aa751a9f19ad239b5d5f8009c0bf7e38b4d53
+DIST crun-1.11.2.tar.xz 738176 BLAKE2B ef13475089c87599159ce00dd26fbb19c7f2bb9564352c1f8040925e521bb924cf28a8d1f37cc95ce7d1b2797b8654740e9ad08352e357c8c9e2d176466101e0 SHA512 ae35ffb9bd1c7acebfd7f6236fa6a7ad524593d8f2cea1203f0e89023e9791d2d5bbc5c5cfc32ee5f18ad80662a1659076ab5f4d5ff74c6026842f2dd12be977
DIST crun-1.8.1.tar.xz 692152 BLAKE2B b5dce1a454641221c591f50ac8519d4e9e9d892ea56232fa3fc9916934c19eba5853019238b1837cd5fb61f0dec5e0e6a11c02f628bece3b69c9c4f5750addae SHA512 6230b378f4746aff1d53f3ed797229b2056ece76e8e5b22d6f5f7b42e6042c6aff5294298f3cfd1293b4a87371dfa58cc69e57455e20948abd7269059ad39042
DIST crun-1.8.4.tar.xz 729552 BLAKE2B 8169518a0ddd8deb3820f7030d03dec6941d5d34fb73a036b82f15b0d8f2f702e117de00b829a16cb9976e118f5a5ca732b1cd572708f664cfeafc564f883824 SHA512 2ed80db2e7ddd1438bbe33e99ec2cdbcc55c4869504f719ff9302e834929752af09a59cd905accb37ee5f6cae3b9b16fd4f4c3fdab31db5fc38b007c1505bfa0
+EBUILD crun-1.11.2.ebuild 1794 BLAKE2B 9b18b3e9ca3dc42ea29b390bd089db969b05ba51f4cd0fcf119164abf3a2a5fec0cde14de7fba55443be521fc5241af4055fa59a81816f7eeb5ae778ef531226 SHA512 3f61a05b70c0882b15a64b6972a68326b0ad8c795a289f3ad7c1012ae698a0acf7c9ed4c4480eaaf47160f340848f47a796abfd28a1ca4fdd7661efcffef9eb3
EBUILD crun-1.8.1.ebuild 1672 BLAKE2B 388b4daf7cc6fb32e33e9114253cab94281abff7a17d260dcfa255042ba57489e2dff0b95bfa6f5d700fac01066c9d2cb282becc8ac90458ed7c10d5f967aa90 SHA512 69077ea7f94586489abf3b16d0cef1f793569ab2db7a3334c89c7af7e2d4561479de456838da9f5aa1a9eaa5c3f51471436aa66a8595f643ed8a60eda7f8a0eb
EBUILD crun-1.8.4.ebuild 1672 BLAKE2B 388b4daf7cc6fb32e33e9114253cab94281abff7a17d260dcfa255042ba57489e2dff0b95bfa6f5d700fac01066c9d2cb282becc8ac90458ed7c10d5f967aa90 SHA512 69077ea7f94586489abf3b16d0cef1f793569ab2db7a3334c89c7af7e2d4561479de456838da9f5aa1a9eaa5c3f51471436aa66a8595f643ed8a60eda7f8a0eb
MISC metadata.xml 1300 BLAKE2B a0ae27420fca097e4e7b5e983de3b76fef43bf13887bd5fe903da14e20c2f0ebd2fc273dae74e32e28c2768b5f8d6e5e6c8b4c9f07ca6d47e41902621173a167 SHA512 1699a89a01de32b580bc74bc747430ef7b1a6284b2f459b4041b22de0efbebda45778803deb512a61806ed8e2998b141caefb7830acafc68d42ce4343b193dd6
diff --git a/app-containers/crun/crun-1.11.2.ebuild b/app-containers/crun/crun-1.11.2.ebuild
new file mode 100644
index 000000000000..91bb5534e6c3
--- /dev/null
+++ b/app-containers/crun/crun-1.11.2.ebuild
@@ -0,0 +1,75 @@
+# Copyright 2019-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PYTHON_COMPAT=( python3_{10..11} )
+
+inherit python-any-r1
+
+DESCRIPTION="A fast and low-memory footprint OCI Container Runtime fully written in C"
+HOMEPAGE="https://github.com/containers/crun"
+SRC_URI="https://github.com/containers/${PN}/releases/download/${PV}/${P}.tar.xz"
+
+LICENSE="GPL-2+ LGPL-2.1+"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv"
+IUSE="+bpf +caps criu +seccomp selinux systemd static-libs"
+
+DEPEND="
+ dev-libs/libgcrypt:=
+ dev-libs/yajl:=
+ sys-kernel/linux-headers
+ caps? ( sys-libs/libcap )
+ criu? ( >=sys-process/criu-3.15 )
+ seccomp? ( sys-libs/libseccomp )
+ systemd? ( sys-apps/systemd:= )
+"
+RDEPEND="${DEPEND}
+ selinux? ( sec-policy/selinux-container )"
+BDEPEND="
+ ${PYTHON_DEPS}
+ virtual/pkgconfig
+"
+
+PATCHES=(
+ # merged upstream: https://github.com/containers/crun/pull/1345
+ # drop when we get 1.11.3
+ "${FILESDIR}/${P}-caps.patch"
+)
+
+src_configure() {
+ local myeconfargs=(
+ $(use_enable bpf)
+ $(use_enable caps)
+ $(use_enable criu)
+ $(use_enable seccomp)
+ $(use_enable systemd)
+ $(usex static-libs '--enable-shared --enable-static' '--enable-shared --disable-static' '' '')
+ )
+
+ econf "${myeconfargs[@]}"
+}
+
+src_compile() {
+ emake git-version.h
+ emake -C libocispec
+ emake crun
+}
+
+src_install() {
+ emake "DESTDIR=${D}" install-exec
+ doman crun.1
+ einstalldocs
+
+ einfo "Cleaning up .la files"
+ find "${ED}" -name '*.la' -delete || die
+}
+
+# the crun test suite is comprehensive to the extent that tests will fail
+# within a sandbox environment, due to the nature of the privileges
+# required to create linux "containers".
+# due to this we disable most of the core test suite by unsetting PYTHON_TESTS
+src_test() {
+ emake check PYTHON_TESTS=
+}
diff --git a/app-containers/crun/files/crun-1.11.2-caps.patch b/app-containers/crun/files/crun-1.11.2-caps.patch
new file mode 100644
index 000000000000..d32a4dd1a8f8
--- /dev/null
+++ b/app-containers/crun/files/crun-1.11.2-caps.patch
@@ -0,0 +1,32 @@
+From 767ba88ef363115e80e077ce312f89f20488da01 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Robert=20G=C3=BCnzler?= <r@gnzler.io>
+Date: Thu, 9 Nov 2023 14:16:08 +0100
+Subject: [PATCH] Fix build without libcap
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The work to support features introduced another point of dependency on
+libcap that previously wasn't guarded by ifdefs
+
+Refs: https://github.com/containers/crun/pull/1237
+Signed-off-by: Robert Günzler <r@gnzler.io>
+---
+ src/libcrun/container.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/libcrun/container.c b/src/libcrun/container.c
+index ed0fa29bb..7be1713ab 100644
+--- a/src/libcrun/container.c
++++ b/src/libcrun/container.c
+@@ -3925,8 +3925,10 @@ libcrun_container_get_features (libcrun_context_t *context, struct features_info
+ // Populate namespaces
+ populate_array_field (&((*info)->linux.namespaces), namespaces, num_namspaces);
+
++#ifdef HAVE_CAP
+ // Populate capabilities
+ populate_capabilities (*info, &capabilities, &num_capabilities);
++#endif
+
+ // Hardcode the values for cgroup
+ (*info)->linux.cgroup.v1 = true;