From baa8c9cd62988121c39ae848cd967859fbbf5250 Mon Sep 17 00:00:00 2001 From: Bruce Ashfield Date: Mon, 12 Jul 2021 14:40:23 -0400 Subject: lxc: update to 4.0.9 Bumping lxc to a newer 4.0 -stable release. We drop two patches that have been integrated to the upstream repo, but otherwise, things are the same. Signed-off-by: Bruce Ashfield --- ...ands-fix-check-for-seccomp-notify-support.patch | 44 ----- ...e-skip-libseccomp-tests-if-it-is-disabled.patch | 53 ------ ...-no-validate-when-using-download-template.patch | 54 +++--- recipes-containers/lxc/lxc_4.0.6.bb | 202 --------------------- recipes-containers/lxc/lxc_4.0.9.bb | 200 ++++++++++++++++++++ 5 files changed, 227 insertions(+), 326 deletions(-) delete mode 100644 recipes-containers/lxc/files/commands-fix-check-for-seccomp-notify-support.patch delete mode 100644 recipes-containers/lxc/files/configure-skip-libseccomp-tests-if-it-is-disabled.patch delete mode 100644 recipes-containers/lxc/lxc_4.0.6.bb create mode 100644 recipes-containers/lxc/lxc_4.0.9.bb diff --git a/recipes-containers/lxc/files/commands-fix-check-for-seccomp-notify-support.patch b/recipes-containers/lxc/files/commands-fix-check-for-seccomp-notify-support.patch deleted file mode 100644 index 391af381..00000000 --- a/recipes-containers/lxc/files/commands-fix-check-for-seccomp-notify-support.patch +++ /dev/null @@ -1,44 +0,0 @@ -From a342b11fedb3010630de4909ca707ebdc0862060 Mon Sep 17 00:00:00 2001 -From: Eneas U de Queiroz -Date: Fri, 25 Dec 2020 13:54:14 -0300 -Subject: [PATCH] commands: fix check for seccomp notify support - -Use HAVE_SECCOMP_NOTIFY instead of HAVE_DECL_SECCOMP_NOTIFY_FD. -Currently the latter will be true if the declaration is found by -configure, even if 'configure --disable-seccomp' is used. - -HAVE_SECCOMP_NOTIFY is defined in lxcseccomp.h if both HAVE_SECCOMP and -HAVE_DECL_SECCOMP_NOTIFY_FD are true, which is the correct behavior. - -Upstream-status: submitted https://github.com/lxc/lxc/pull/3623 - -Signed-off-by: Eneas U de Queiroz ---- - src/lxc/commands.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/lxc/commands.c b/src/lxc/commands.c -index a9a03ca2c..37d1abcef 100644 ---- a/src/lxc/commands.c -+++ b/src/lxc/commands.c -@@ -501,7 +501,7 @@ static int lxc_cmd_get_devpts_fd_callback(int fd, struct lxc_cmd_req *req, - - int lxc_cmd_get_seccomp_notify_fd(const char *name, const char *lxcpath) - { --#if HAVE_DECL_SECCOMP_NOTIFY_FD -+#ifdef HAVE_SECCOMP_NOTIFY - int ret, stopped; - struct lxc_cmd_rr cmd = { - .req = { -@@ -526,7 +526,7 @@ static int lxc_cmd_get_seccomp_notify_fd_callback(int fd, struct lxc_cmd_req *re - struct lxc_handler *handler, - struct lxc_epoll_descr *descr) - { --#if HAVE_DECL_SECCOMP_NOTIFY_FD -+#ifdef HAVE_SECCOMP_NOTIFY - struct lxc_cmd_rsp rsp = { - .ret = 0, - }; --- -2.17.1 - diff --git a/recipes-containers/lxc/files/configure-skip-libseccomp-tests-if-it-is-disabled.patch b/recipes-containers/lxc/files/configure-skip-libseccomp-tests-if-it-is-disabled.patch deleted file mode 100644 index 43c91bab..00000000 --- a/recipes-containers/lxc/files/configure-skip-libseccomp-tests-if-it-is-disabled.patch +++ /dev/null @@ -1,53 +0,0 @@ -From 67cd8bde2d46983df8fa9f647e9fc0b96370ec29 Mon Sep 17 00:00:00 2001 -From: Eneas U de Queiroz -Date: Sat, 16 Jan 2021 13:54:07 -0300 -Subject: [PATCH] configure: skip libseccomp tests if it is disabled - -Move the block checking for libseccomp api compatibility inside -AM_COND_IF([ENABLE_SECCOMP] ... ). - -Upstream-Status: submitted [https://github.com/lxc/lxc/pull/3623] - -Signed-off-by: Eneas U de Queiroz ---- - configure.ac | 17 ++++++++--------- - 1 file changed, 8 insertions(+), 9 deletions(-) - -diff --git a/configure.ac b/configure.ac -index f58487f5d..ce6363136 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -312,6 +312,14 @@ AM_COND_IF([ENABLE_SECCOMP], - AC_CHECK_LIB([seccomp], [seccomp_init],[],[AC_MSG_ERROR([You must install the seccomp development package in order to compile lxc])]) - AC_SUBST([SECCOMP_LIBS], [-lseccomp]) - ]) -+ # HAVE_SCMP_FILTER_CTX=1 will tell us we have libseccomp api >= 1.0.0 -+ OLD_CFLAGS="$CFLAGS" -+ CFLAGS="$CFLAGS $SECCOMP_CFLAGS" -+ AC_CHECK_TYPES([scmp_filter_ctx], [], [], [[#include ]]) -+ AC_CHECK_DECLS([seccomp_notify_fd], [], [], [[#include ]]) -+ AC_CHECK_TYPES([struct seccomp_notif_sizes], [], [], [[#include ]]) -+ AC_CHECK_DECLS([seccomp_syscall_resolve_name_arch], [], [], [[#include ]]) -+ CFLAGS="$OLD_CFLAGS" - ]) - - AC_MSG_CHECKING(for static libcap) -@@ -359,15 +367,6 @@ AM_COND_IF([ENABLE_CAP], - AC_CHECK_LIB(cap,cap_get_file, AC_DEFINE(LIBCAP_SUPPORTS_FILE_CAPABILITIES,1,[Have cap_get_file]),[],[]) - AC_SUBST([CAP_LIBS], [-lcap])]) - --# HAVE_SCMP_FILTER_CTX=1 will tell us we have libseccomp api >= 1.0.0 --OLD_CFLAGS="$CFLAGS" --CFLAGS="$CFLAGS $SECCOMP_CFLAGS" --AC_CHECK_TYPES([scmp_filter_ctx], [], [], [[#include ]]) --AC_CHECK_DECLS([seccomp_notify_fd], [], [], [[#include ]]) --AC_CHECK_TYPES([struct seccomp_notif_sizes], [], [], [[#include ]]) --AC_CHECK_DECLS([seccomp_syscall_resolve_name_arch], [], [], [[#include ]]) --CFLAGS="$OLD_CFLAGS" -- - AC_CHECK_HEADERS([linux/bpf.h], [ - AC_CHECK_TYPES([struct bpf_cgroup_dev_ctx], [], [], [[#include ]]) - ], [], []) --- -2.17.1 - diff --git a/recipes-containers/lxc/files/tests-add-no-validate-when-using-download-template.patch b/recipes-containers/lxc/files/tests-add-no-validate-when-using-download-template.patch index 8caeb2ba..f335e796 100644 --- a/recipes-containers/lxc/files/tests-add-no-validate-when-using-download-template.patch +++ b/recipes-containers/lxc/files/tests-add-no-validate-when-using-download-template.patch @@ -18,11 +18,11 @@ Signed-off-by: Mark Asselstine src/tests/lxc-test-usernic.in | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) -diff --git a/src/tests/lxc-test-apparmor-mount b/src/tests/lxc-test-apparmor-mount -index d21c948..9e1969b 100755 ---- a/src/tests/lxc-test-apparmor-mount -+++ b/src/tests/lxc-test-apparmor-mount -@@ -169,7 +169,7 @@ if [ -f /etc/lsb-release ]; then +Index: lxc-4.0.9/src/tests/lxc-test-apparmor-mount +=================================================================== +--- lxc-4.0.9.orig/src/tests/lxc-test-apparmor-mount ++++ lxc-4.0.9/src/tests/lxc-test-apparmor-mount +@@ -170,7 +170,7 @@ done fi @@ -31,11 +31,11 @@ index d21c948..9e1969b 100755 echo "test default confined container" run_cmd lxc-start -n $cname -d -lDEBUG -o "$logfile" -diff --git a/src/tests/lxc-test-autostart b/src/tests/lxc-test-autostart -index e5b651b..d15b79b 100755 ---- a/src/tests/lxc-test-autostart -+++ b/src/tests/lxc-test-autostart -@@ -55,7 +55,7 @@ if [ -f /etc/lsb-release ]; then +Index: lxc-4.0.9/src/tests/lxc-test-autostart +=================================================================== +--- lxc-4.0.9.orig/src/tests/lxc-test-autostart ++++ lxc-4.0.9/src/tests/lxc-test-autostart +@@ -55,7 +55,7 @@ done fi @@ -44,11 +44,11 @@ index e5b651b..d15b79b 100755 CONTAINER_PATH=$(dirname $(lxc-info -n $CONTAINER_NAME -c lxc.rootfs.path -H) | sed -e 's/dir://') cp $CONTAINER_PATH/config $CONTAINER_PATH/config.bak -diff --git a/src/tests/lxc-test-no-new-privs b/src/tests/lxc-test-no-new-privs -index 8642992..e72bdf0 100755 ---- a/src/tests/lxc-test-no-new-privs -+++ b/src/tests/lxc-test-no-new-privs -@@ -47,7 +47,7 @@ if type dpkg >/dev/null 2>&1; then +Index: lxc-4.0.9/src/tests/lxc-test-no-new-privs +=================================================================== +--- lxc-4.0.9.orig/src/tests/lxc-test-no-new-privs ++++ lxc-4.0.9/src/tests/lxc-test-no-new-privs +@@ -49,7 +49,7 @@ ARCH=$(dpkg --print-architecture) fi @@ -57,24 +57,24 @@ index 8642992..e72bdf0 100755 echo "lxc.no_new_privs = 1" >> /var/lib/lxc/c1/config lxc-start -n c1 -diff --git a/src/tests/lxc-test-unpriv b/src/tests/lxc-test-unpriv -index 16ff12d..0958d48 100755 ---- a/src/tests/lxc-test-unpriv -+++ b/src/tests/lxc-test-unpriv -@@ -173,7 +173,7 @@ run_cmd mkdir -p $HDIR/.cache/lxc +Index: lxc-4.0.9/src/tests/lxc-test-unpriv +=================================================================== +--- lxc-4.0.9.orig/src/tests/lxc-test-unpriv ++++ lxc-4.0.9/src/tests/lxc-test-unpriv +@@ -178,7 +178,7 @@ cp -R /var/cache/lxc/download $HDIR/.cache/lxc && \ chown -R $TUSER: $HDIR/.cache/lxc --run_cmd lxc-create -t download -n c1 -- -d ubuntu -r $release -a $ARCH -+run_cmd lxc-create -t download -n c1 -- --no-validate -d ubuntu -r $release -a $ARCH +-run_cmd lxc-create -t download -n c1 -l trace -o "${UNPRIV_LOG}" -- -d ubuntu -r $release -a $ARCH ++run_cmd lxc-create -t download -n c1 -l trace -o "${UNPRIV_LOG}" -- --no-validate -d ubuntu -r $release -a $ARCH # Make sure we can start it - twice -diff --git a/src/tests/lxc-test-usernic.in b/src/tests/lxc-test-usernic.in -index 3e35008..f489286 100755 ---- a/src/tests/lxc-test-usernic.in -+++ b/src/tests/lxc-test-usernic.in -@@ -146,7 +146,7 @@ if [ -f /etc/lsb-release ]; then +Index: lxc-4.0.9/src/tests/lxc-test-usernic.in +=================================================================== +--- lxc-4.0.9.orig/src/tests/lxc-test-usernic.in ++++ lxc-4.0.9/src/tests/lxc-test-usernic.in +@@ -147,7 +147,7 @@ fi # Create three containers diff --git a/recipes-containers/lxc/lxc_4.0.6.bb b/recipes-containers/lxc/lxc_4.0.6.bb deleted file mode 100644 index c9bf3d09..00000000 --- a/recipes-containers/lxc/lxc_4.0.6.bb +++ /dev/null @@ -1,202 +0,0 @@ -DESCRIPTION = "lxc aims to use these new functionnalities to provide an userspace container object" -SECTION = "console/utils" -LICENSE = "LGPLv2.1 & GPLv2" -LIC_FILES_CHKSUM = "file://LICENSE.LGPL2.1;md5=4fbd65380cdd255951079008b364516c \ - file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe \ -" - -DEPENDS = "libxml2 libcap" -RDEPENDS_${PN} = " \ - rsync \ - curl \ - gzip \ - xz \ - tar \ - libcap-bin \ - bridge-utils \ - dnsmasq \ - perl-module-strict \ - perl-module-getopt-long \ - perl-module-vars \ - perl-module-exporter \ - perl-module-constant \ - perl-module-overload \ - perl-module-exporter-heavy \ - gmp \ - libidn \ - gnutls \ - nettle \ - util-linux-mountpoint \ - util-linux-getopt \ -" - -RDEPENDS_${PN}_append_libc-glibc = " glibc-utils" - -RDEPENDS_${PN}-ptest += "file make gmp nettle gnutls bash libgcc" - -RDEPENDS_${PN}-networking += "iptables" - -SRC_URI = "http://linuxcontainers.org/downloads/${BPN}/${BPN}-${PV}.tar.gz \ - file://lxc-1.0.0-disable-udhcp-from-busybox-template.patch \ - file://run-ptest \ - file://lxc-fix-B-S.patch \ - file://lxc-doc-upgrade-to-use-docbook-3.1-DTD.patch \ - file://logs-optionally-use-base-filenames-to-report-src-fil.patch \ - file://templates-actually-create-DOWNLOAD_TEMP-directory.patch \ - file://template-make-busybox-template-compatible-with-core-.patch \ - file://templates-use-curl-instead-of-wget.patch \ - file://tests-our-init-is-not-busybox.patch \ - file://tests-add-no-validate-when-using-download-template.patch \ - file://dnsmasq.conf \ - file://lxc-net \ - file://configure-skip-libseccomp-tests-if-it-is-disabled.patch \ - file://commands-fix-check-for-seccomp-notify-support.patch \ - " - -SRC_URI[md5sum] = "732571c7cb4ab845068afb227bf35256" -SRC_URI[sha256sum] = "9165dabc0bb6ef7f2fda2009aee90b20fbefe77ed8008347e9f06048eba1e463" - - - -S = "${WORKDIR}/${BPN}-${PV}" - -# Let's not configure for the host distro. -# -PTEST_CONF = "${@bb.utils.contains('DISTRO_FEATURES', 'ptest', '--enable-tests', '', d)}" -EXTRA_OECONF += "--with-distro=${DISTRO} ${PTEST_CONF}" - -EXTRA_OECONF += "--with-init-script=\ -${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'sysvinit,', '', d)}\ -${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)}" - -EXTRA_OECONF += "--enable-log-src-basename --disable-werror" - -PACKAGECONFIG ??= "templates \ - ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'selinux', '', d)} \ -" -PACKAGECONFIG[doc] = "--enable-doc --enable-api-docs,--disable-doc --disable-api-docs,," -PACKAGECONFIG[rpath] = "--enable-rpath,--disable-rpath,," -PACKAGECONFIG[apparmor] = "--enable-apparmor,--disable-apparmor,apparmor,apparmor" -PACKAGECONFIG[templates] = ",,, ${PN}-templates" -PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux,libselinux" -PACKAGECONFIG[seccomp] ="--enable-seccomp,--disable-seccomp,libseccomp,libseccomp" -PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_unitdir}/system/,--without-systemdsystemunitdir,systemd," - -# required by python3 to run setup.py -export BUILD_SYS -export HOST_SYS -export STAGING_INCDIR -export STAGING_LIBDIR - -inherit autotools pkgconfig ptest update-rc.d systemd python3native - -SYSTEMD_PACKAGES = "${PN} ${PN}-networking" -SYSTEMD_SERVICE_${PN} = "lxc.service" -SYSTEMD_AUTO_ENABLE_${PN} = "disable" -SYSTEMD_SERVICE_${PN}-networking = "lxc-net.service" -SYSTEMD_AUTO_ENABLE_${PN}-networking = "enable" - -INITSCRIPT_PACKAGES = "${PN} ${PN}-networking" -INITSCRIPT_NAME_${PN} = "lxc-containers" -INITSCRIPT_PARAMS_${PN} = "defaults" -INITSCRIPT_NAME_${PN}-networking = "lxc-net" -INITSCRIPT_PARAMS_${PN}-networking = "defaults" - -FILES_${PN}-doc = "${mandir} ${infodir}" -# For LXC the docdir only contains example configuration files and should be included in the lxc package -FILES_${PN} += "${docdir}" -FILES_${PN} += "${libdir}/python3*" -FILES_${PN} += "${datadir}/bash-completion" -FILES_${PN}-dbg += "${libexecdir}/lxc/.debug" -FILES_${PN}-dbg += "${libexecdir}/lxc/hooks/.debug" -PACKAGES =+ "${PN}-templates ${PN}-networking ${PN}-lua" -FILES_lua-${PN} = "${datadir}/lua ${libdir}/lua" -FILES_lua-${PN}-dbg += "${libdir}/lua/lxc/.debug" -FILES_${PN}-templates += "${datadir}/lxc/templates" -RDEPENDS_${PN}-templates += "bash" - -FILES_${PN}-networking += " \ - ${sysconfdir}/init.d/lxc-net \ - ${sysconfdir}/default/lxc-net \ -" - -CACHED_CONFIGUREVARS += " \ - ac_cv_path_PYTHON='${STAGING_BINDIR_NATIVE}/python3-native/python3' \ - am_cv_python_pyexecdir='${PYTHON_SITEPACKAGES_DIR}' \ - am_cv_python_pythondir='${PYTHON_SITEPACKAGES_DIR}' \ -" - -do_install_append() { - # The /var/cache/lxc directory created by the Makefile - # is wiped out in volatile, we need to create this at boot. - rm -rf ${D}${localstatedir}/cache - install -d ${D}${sysconfdir}/default/volatiles - echo "d root root 0755 ${localstatedir}/cache/lxc none" \ - > ${D}${sysconfdir}/default/volatiles/99_lxc - - for i in `grep -l "#! */bin/bash" ${D}${datadir}/lxc/hooks/*`; do \ - sed -e 's|#! */bin/bash|#!/bin/sh|' -i $i; done - - install -d ${D}${sysconfdir}/init.d - install -m 755 config/init/sysvinit/lxc* ${D}${sysconfdir}/init.d - - # since python3-native is used for install location this will not be - # suitable for the target and we will have to correct the package install - if ${@bb.utils.contains('PACKAGECONFIG', 'python', 'true', 'false', d)}; then - if [ -d ${D}${exec_prefix}/lib/python* ]; then mv ${D}${exec_prefix}/lib/python* ${D}${libdir}/; fi - rmdir --ignore-fail-on-non-empty ${D}${exec_prefix}/lib - fi - - # /etc/default/lxc sources lxc-net, this allows lxc bridge when lxc-networking - # is not installed this results in no lxcbr0, but when lxc-networking is installed - # lxcbr0 will be fully configured. - install -m 644 ${WORKDIR}/lxc-net ${D}${sysconfdir}/default/ - - # Force the main dnsmasq instance to bind only to specified interfaces and - # to not bind to virbr0. Libvirt will run its own instance on this interface. - install -d ${D}/${sysconfdir}/dnsmasq.d - install -m 644 ${WORKDIR}/dnsmasq.conf ${D}/${sysconfdir}/dnsmasq.d/lxc -} - -EXTRA_OEMAKE += "TEST_DIR=${D}${PTEST_PATH}/src/tests" - -do_install_ptest() { - # Move tests to the "ptest directory" - install -d ${D}/${PTEST_PATH}/tests - mv ${D}/usr/bin/lxc-test-* ${D}/${PTEST_PATH}/tests/. -} - -pkg_postinst_${PN}() { - if [ -z "$D" ] && [ -e /etc/init.d/populate-volatile.sh ] ; then - /etc/init.d/populate-volatile.sh update - fi -} - -pkg_postinst_${PN}-networking() { -if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then -cat >> $D/etc/network/interfaces << EOF - -auto lxcbr0 -iface lxcbr0 inet dhcp - bridge_ports eth0 - bridge_fd 0 - bridge_maxwait 0 -EOF - -cat<$D/etc/network/if-pre-up.d/lxcbr0 -#! /bin/sh - -if test "x\$IFACE" = xlxcbr0 ; then - brctl show |grep lxcbr0 > /dev/null 2>/dev/null - if [ \$? != 0 ] ; then - brctl addbr lxcbr0 - brctl addif lxcbr0 eth0 - ip addr flush eth0 - ifconfig eth0 up - fi -fi -EOF -chmod 755 $D/etc/network/if-pre-up.d/lxcbr0 -fi -} diff --git a/recipes-containers/lxc/lxc_4.0.9.bb b/recipes-containers/lxc/lxc_4.0.9.bb new file mode 100644 index 00000000..79072915 --- /dev/null +++ b/recipes-containers/lxc/lxc_4.0.9.bb @@ -0,0 +1,200 @@ +DESCRIPTION = "lxc aims to use these new functionnalities to provide an userspace container object" +SECTION = "console/utils" +LICENSE = "LGPLv2.1 & GPLv2" +LIC_FILES_CHKSUM = "file://LICENSE.LGPL2.1;md5=4fbd65380cdd255951079008b364516c \ + file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe \ +" + +DEPENDS = "libxml2 libcap" +RDEPENDS_${PN} = " \ + rsync \ + curl \ + gzip \ + xz \ + tar \ + libcap-bin \ + bridge-utils \ + dnsmasq \ + perl-module-strict \ + perl-module-getopt-long \ + perl-module-vars \ + perl-module-exporter \ + perl-module-constant \ + perl-module-overload \ + perl-module-exporter-heavy \ + gmp \ + libidn \ + gnutls \ + nettle \ + util-linux-mountpoint \ + util-linux-getopt \ +" + +RDEPENDS_${PN}_append_libc-glibc = " glibc-utils" + +RDEPENDS_${PN}-ptest += "file make gmp nettle gnutls bash libgcc" + +RDEPENDS_${PN}-networking += "iptables" + +SRC_URI = "http://linuxcontainers.org/downloads/${BPN}/${BPN}-${PV}.tar.gz \ + file://lxc-1.0.0-disable-udhcp-from-busybox-template.patch \ + file://run-ptest \ + file://lxc-fix-B-S.patch \ + file://lxc-doc-upgrade-to-use-docbook-3.1-DTD.patch \ + file://logs-optionally-use-base-filenames-to-report-src-fil.patch \ + file://templates-actually-create-DOWNLOAD_TEMP-directory.patch \ + file://template-make-busybox-template-compatible-with-core-.patch \ + file://templates-use-curl-instead-of-wget.patch \ + file://tests-our-init-is-not-busybox.patch \ + file://tests-add-no-validate-when-using-download-template.patch \ + file://dnsmasq.conf \ + file://lxc-net \ + " + +SRC_URI[md5sum] = "365fcca985038910e19a1e0fff15ed07" +SRC_URI[sha256sum] = "1fcf0610e9140eceb4be2334eb537bb9c5a213faea77c793ab3c62b86f37e52b" + + + +S = "${WORKDIR}/${BPN}-${PV}" + +# Let's not configure for the host distro. +# +PTEST_CONF = "${@bb.utils.contains('DISTRO_FEATURES', 'ptest', '--enable-tests', '', d)}" +EXTRA_OECONF += "--with-distro=${DISTRO} ${PTEST_CONF}" + +EXTRA_OECONF += "--with-init-script=\ +${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'sysvinit,', '', d)}\ +${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)}" + +EXTRA_OECONF += "--enable-log-src-basename --disable-werror" + +PACKAGECONFIG ??= "templates \ + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'selinux', '', d)} \ +" +PACKAGECONFIG[doc] = "--enable-doc --enable-api-docs,--disable-doc --disable-api-docs,," +PACKAGECONFIG[rpath] = "--enable-rpath,--disable-rpath,," +PACKAGECONFIG[apparmor] = "--enable-apparmor,--disable-apparmor,apparmor,apparmor" +PACKAGECONFIG[templates] = ",,, ${PN}-templates" +PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux,libselinux" +PACKAGECONFIG[seccomp] ="--enable-seccomp,--disable-seccomp,libseccomp,libseccomp" +PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_unitdir}/system/,--without-systemdsystemunitdir,systemd," + +# required by python3 to run setup.py +export BUILD_SYS +export HOST_SYS +export STAGING_INCDIR +export STAGING_LIBDIR + +inherit autotools pkgconfig ptest update-rc.d systemd python3native + +SYSTEMD_PACKAGES = "${PN} ${PN}-networking" +SYSTEMD_SERVICE_${PN} = "lxc.service" +SYSTEMD_AUTO_ENABLE_${PN} = "disable" +SYSTEMD_SERVICE_${PN}-networking = "lxc-net.service" +SYSTEMD_AUTO_ENABLE_${PN}-networking = "enable" + +INITSCRIPT_PACKAGES = "${PN} ${PN}-networking" +INITSCRIPT_NAME_${PN} = "lxc-containers" +INITSCRIPT_PARAMS_${PN} = "defaults" +INITSCRIPT_NAME_${PN}-networking = "lxc-net" +INITSCRIPT_PARAMS_${PN}-networking = "defaults" + +FILES_${PN}-doc = "${mandir} ${infodir}" +# For LXC the docdir only contains example configuration files and should be included in the lxc package +FILES_${PN} += "${docdir}" +FILES_${PN} += "${libdir}/python3*" +FILES_${PN} += "${datadir}/bash-completion" +FILES_${PN}-dbg += "${libexecdir}/lxc/.debug" +FILES_${PN}-dbg += "${libexecdir}/lxc/hooks/.debug" +PACKAGES =+ "${PN}-templates ${PN}-networking ${PN}-lua" +FILES_lua-${PN} = "${datadir}/lua ${libdir}/lua" +FILES_lua-${PN}-dbg += "${libdir}/lua/lxc/.debug" +FILES_${PN}-templates += "${datadir}/lxc/templates" +RDEPENDS_${PN}-templates += "bash" + +FILES_${PN}-networking += " \ + ${sysconfdir}/init.d/lxc-net \ + ${sysconfdir}/default/lxc-net \ +" + +CACHED_CONFIGUREVARS += " \ + ac_cv_path_PYTHON='${STAGING_BINDIR_NATIVE}/python3-native/python3' \ + am_cv_python_pyexecdir='${PYTHON_SITEPACKAGES_DIR}' \ + am_cv_python_pythondir='${PYTHON_SITEPACKAGES_DIR}' \ +" + +do_install_append() { + # The /var/cache/lxc directory created by the Makefile + # is wiped out in volatile, we need to create this at boot. + rm -rf ${D}${localstatedir}/cache + install -d ${D}${sysconfdir}/default/volatiles + echo "d root root 0755 ${localstatedir}/cache/lxc none" \ + > ${D}${sysconfdir}/default/volatiles/99_lxc + + for i in `grep -l "#! */bin/bash" ${D}${datadir}/lxc/hooks/*`; do \ + sed -e 's|#! */bin/bash|#!/bin/sh|' -i $i; done + + install -d ${D}${sysconfdir}/init.d + install -m 755 config/init/sysvinit/lxc* ${D}${sysconfdir}/init.d + + # since python3-native is used for install location this will not be + # suitable for the target and we will have to correct the package install + if ${@bb.utils.contains('PACKAGECONFIG', 'python', 'true', 'false', d)}; then + if [ -d ${D}${exec_prefix}/lib/python* ]; then mv ${D}${exec_prefix}/lib/python* ${D}${libdir}/; fi + rmdir --ignore-fail-on-non-empty ${D}${exec_prefix}/lib + fi + + # /etc/default/lxc sources lxc-net, this allows lxc bridge when lxc-networking + # is not installed this results in no lxcbr0, but when lxc-networking is installed + # lxcbr0 will be fully configured. + install -m 644 ${WORKDIR}/lxc-net ${D}${sysconfdir}/default/ + + # Force the main dnsmasq instance to bind only to specified interfaces and + # to not bind to virbr0. Libvirt will run its own instance on this interface. + install -d ${D}/${sysconfdir}/dnsmasq.d + install -m 644 ${WORKDIR}/dnsmasq.conf ${D}/${sysconfdir}/dnsmasq.d/lxc +} + +EXTRA_OEMAKE += "TEST_DIR=${D}${PTEST_PATH}/src/tests" + +do_install_ptest() { + # Move tests to the "ptest directory" + install -d ${D}/${PTEST_PATH}/tests + mv ${D}/usr/bin/lxc-test-* ${D}/${PTEST_PATH}/tests/. +} + +pkg_postinst_${PN}() { + if [ -z "$D" ] && [ -e /etc/init.d/populate-volatile.sh ] ; then + /etc/init.d/populate-volatile.sh update + fi +} + +pkg_postinst_${PN}-networking() { +if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then +cat >> $D/etc/network/interfaces << EOF + +auto lxcbr0 +iface lxcbr0 inet dhcp + bridge_ports eth0 + bridge_fd 0 + bridge_maxwait 0 +EOF + +cat<$D/etc/network/if-pre-up.d/lxcbr0 +#! /bin/sh + +if test "x\$IFACE" = xlxcbr0 ; then + brctl show |grep lxcbr0 > /dev/null 2>/dev/null + if [ \$? != 0 ] ; then + brctl addbr lxcbr0 + brctl addif lxcbr0 eth0 + ip addr flush eth0 + ifconfig eth0 up + fi +fi +EOF +chmod 755 $D/etc/network/if-pre-up.d/lxcbr0 +fi +} -- cgit v1.2.3-54-g00ecf