Move tools from sbin to bin so we can start supporting unprivileged containers

(Portage version: 2.2.18/cvs/Linux x86_64, signed Manifest commit with key 09BF4F54C2BA7F3C!)

2 files changed, 203 insertions, 1 deletions

diff --git a/app-emulation/lxc/ChangeLog b/app-emulation/lxc/ChangeLog
index 373cfed464cf..fa02555e3a11 100644
--- a/app-emulation/lxc/ChangeLog
+++ b/app-emulation/lxc/ChangeLog
@@ -1,6 +1,11 @@
 # ChangeLog for app-emulation/lxc
 # Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-emulation/lxc/ChangeLog,v 1.68 2015/03/13 08:54:55 dlan Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/lxc/ChangeLog,v 1.69 2015/03/14 09:21:31 hwoarang Exp $
+
+*lxc-1.1.0-r5 (14 Mar 2015)
+
+  14 Mar 2015; Markos Chandras <hwoarang@gentoo.org> +lxc-1.1.0-r5.ebuild:
+  Move tools from sbin to bin so we can start supporting unprivileged containers
 
   13 Mar 2015; Yixun Lan <dlan@gentoo.org> lxc-1.1.0-r4.ebuild:
   add ~arm keyword, test on cortex-a9 board
diff --git a/app-emulation/lxc/lxc-1.1.0-r5.ebuild b/app-emulation/lxc/lxc-1.1.0-r5.ebuild
new file mode 100644
index 000000000000..2e8d0ff94fe6
--- /dev/null
+++ b/app-emulation/lxc/lxc-1.1.0-r5.ebuild
@@ -0,0 +1,197 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/lxc/lxc-1.1.0-r5.ebuild,v 1.1 2015/03/14 09:21:31 hwoarang Exp $
+
+EAPI="5"
+
+MY_P="${P/_/-}"
+PYTHON_COMPAT=( python{3_2,3_3,3_4} )
+DISTUTILS_OPTIONAL=1
+
+inherit autotools bash-completion-r1 distutils-r1 eutils linux-info versionator flag-o-matic systemd
+
+DESCRIPTION="LinuX Containers userspace utilities"
+HOMEPAGE="https://linuxcontainers.org/"
+SRC_URI="https://github.com/lxc/lxc/archive/${MY_P}.tar.gz"
+
+KEYWORDS="~amd64 ~arm"
+
+LICENSE="LGPL-3"
+SLOT="0"
+IUSE="cgmanager doc examples lua python seccomp"
+
+RDEPEND="net-libs/gnutls
+	sys-libs/libcap
+	cgmanager? ( app-admin/cgmanager )
+	lua? ( >=dev-lang/lua-5.1:= )
+	python? ( ${PYTHON_DEPS} )
+	seccomp? ( sys-libs/libseccomp )"
+
+DEPEND="${RDEPEND}
+	doc? ( app-text/docbook-sgml-utils )
+	>=sys-kernel/linux-headers-3.2"
+
+RDEPEND="${RDEPEND}
+	sys-process/criu
+	sys-apps/util-linux
+	app-misc/pax-utils
+	virtual/awk"
+
+CONFIG_CHECK="~CGROUPS ~CGROUP_DEVICE
+	~CPUSETS ~CGROUP_CPUACCT
+	~RESOURCE_COUNTERS
+	~CGROUP_SCHED
+
+	~NAMESPACES
+	~IPC_NS ~USER_NS ~PID_NS
+
+	~NETLINK_DIAG ~PACKET_DIAG
+	~INET_UDP_DIAG ~INET_TCP_DIAG
+	~UNIX_DIAG ~CHECKPOINT_RESTORE
+
+	~DEVPTS_MULTIPLE_INSTANCES
+	~CGROUP_FREEZER
+	~UTS_NS ~NET_NS
+	~VETH ~MACVLAN
+
+	~POSIX_MQUEUE
+	~!NETPRIO_CGROUP
+
+	~!GRKERNSEC_CHROOT_MOUNT
+	~!GRKERNSEC_CHROOT_DOUBLE
+	~!GRKERNSEC_CHROOT_PIVOT
+	~!GRKERNSEC_CHROOT_CHMOD
+	~!GRKERNSEC_CHROOT_CAPS
+"
+
+ERROR_DEVPTS_MULTIPLE_INSTANCES="CONFIG_DEVPTS_MULTIPLE_INSTANCES:  needed for pts inside container"
+
+ERROR_CGROUP_FREEZER="CONFIG_CGROUP_FREEZER:  needed to freeze containers"
+
+ERROR_UTS_NS="CONFIG_UTS_NS:  needed to unshare hostnames and uname info"
+ERROR_NET_NS="CONFIG_NET_NS:  needed for unshared network"
+
+ERROR_VETH="CONFIG_VETH:  needed for internal (host-to-container) networking"
+ERROR_MACVLAN="CONFIG_MACVLAN:  needed for internal (inter-container) networking"
+
+ERROR_NETLINK_DIAG="CONFIG_NETLINK_DIAG:  needed for lxc-checkpoint"
+ERROR_PACKET_DIAG="CONFIG_PACKET_DIAG:  needed for lxc-checkpoint"
+ERROR_INET_UDP_DIAG="CONFIG_INET_UDP_DIAG:  needed for lxc-checkpoint"
+ERROR_INET_TCP_DIAG="CONFIG_INET_TCP_DIAG:  needed for lxc-checkpoint"
+ERROR_UNIX_DIAG="CONFIG_UNIX_DIAG:  needed for lxc-checkpoint"
+ERROR_CHECKPOINT_RESTORE="CONFIG_CHECKPOINT_RESTORE:  needed for lxc-checkpoint"
+
+ERROR_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE:  needed for lxc-execute command"
+
+ERROR_NETPRIO_CGROUP="CONFIG_NETPRIO_CGROUP:  as of kernel 3.3 and lxc 0.8.0_rc1 this causes LXCs to fail booting."
+
+ERROR_GRKERNSEC_CHROOT_MOUNT="CONFIG_GRKERNSEC_CHROOT_MOUNT:  some GRSEC features make LXC unusable see postinst notes"
+ERROR_GRKERNSEC_CHROOT_DOUBLE="CONFIG_GRKERNSEC_CHROOT_DOUBLE:  some GRSEC features make LXC unusable see postinst notes"
+ERROR_GRKERNSEC_CHROOT_PIVOT="CONFIG_GRKERNSEC_CHROOT_PIVOT:  some GRSEC features make LXC unusable see postinst notes"
+ERROR_GRKERNSEC_CHROOT_CHMOD="CONFIG_GRKERNSEC_CHROOT_CHMOD:  some GRSEC features make LXC unusable see postinst notes"
+ERROR_GRKERNSEC_CHROOT_CAPS="CONFIG_GRKERNSEC_CHROOT_CAPS:  some GRSEC features make LXC unusable see postinst notes"
+
+DOCS=(AUTHORS CONTRIBUTING MAINTAINERS NEWS README doc/FAQ.txt)
+
+S="${WORKDIR}/${PN}-${MY_P}"
+
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
+
+src_prepare() {
+
+	epatch "${FILESDIR}"/${PN}-1.0.6-bash-completion.patch
+	epatch "${FILESDIR}"/${P}-fix-gentoo-template.patch
+
+	eautoreconf
+}
+
+src_configure() {
+	append-flags -fno-strict-aliasing
+
+	if use python; then
+		#541932
+		python_setup "python3*"
+		export PKG_CONFIG_PATH="${T}/${EPYTHON}/pkgconfig:${PKG_CONFIG_PATH}"
+	fi
+
+	# I am not sure about the --with-rootfs-path
+	# /var/lib/lxc is probably more appropriate than
+	# /usr/lib/lxc.
+	econf \
+		--localstatedir=/var \
+		--bindir=/usr/bin \
+		--sbindir=/usr/bin \
+		--docdir=/usr/share/doc/${PF} \
+		--with-config-path=/var/lib/lxc	\
+		--with-rootfs-path=/var/lib/lxc/rootfs \
+		--with-distro=gentoo \
+		--with-runtime-path=/run \
+		--disable-apparmor \
+		$(use_enable cgmanager) \
+		$(use_enable doc) \
+		$(use_enable examples) \
+		$(use_enable lua) \
+		$(use_enable python) \
+		$(use_enable seccomp)
+}
+
+python_compile() {
+	distutils-r1_python_compile build_ext -I ../ -L ../${PN}
+}
+
+src_compile() {
+	default
+
+	if use python; then
+		pushd "${S}/src/python-${PN}" > /dev/null
+		distutils-r1_src_compile
+		popd > /dev/null
+	fi
+}
+
+src_install() {
+	default
+
+	mv "${ED}"/usr/share/bash-completion/completions/${PN} "${ED}"/$(get_bashcompdir)/${PN}-start || die
+	bashcomp_alias ${PN}-start \
+		${PN}-{attach,cgroup,clone,console,create,destroy,device,execute,freeze,info,monitor,snapshot,start-ephemeral,stop,unfreeze,wait}
+
+	if use python; then
+		pushd "${S}/src/python-lxc" > /dev/null
+		# Unset DOCS. This has been handled by the default target
+		unset DOCS
+		distutils-r1_src_install
+		popd > /dev/null
+	fi
+
+	keepdir /etc/lxc /var/lib/lxc/rootfs /var/log/lxc
+
+	find "${D}" -name '*.la' -delete
+
+	# Gentoo-specific additions!
+	# Use initd.3 per #517144
+	newinitd "${FILESDIR}/${PN}.initd.3" ${PN}
+
+	# lxc-devsetup script
+	exeinto /usr/libexec/${PN}
+	doexe config/init/systemd/${PN}-devsetup
+	# Remember to compare our systemd unit file with the upstream one
+	# config/init/systemd/lxc.service.in
+	systemd_newunit "${FILESDIR}"/${PN}_at.service.2 "lxc@.service"
+}
+
+pkg_postinst() {
+	elog ""
+	elog "Starting from version ${PN}-1.1.0-r3, the default lxc path has been"
+	elog "moved from /etc/lxc to /var/lib/lxc. If you still want to use /etc/lxc"
+	elog "please add the following to your /etc/lxc/default.conf"
+	elog "lxc.lxcpath = /etc/lxc"
+	elog ""
+	elog "There is an init script provided with the package now; no documentation"
+	elog "is currently available though, so please check out /etc/init.d/lxc ."
+	elog "You _should_ only need to symlink it to /etc/init.d/lxc.configname"
+	elog "to start the container defined into /etc/lxc/configname.conf ."
+	elog "For further information about LXC development see"
+	elog "http://blog.flameeyes.eu/tag/lxc" # remove once proper doc is available
+	elog ""
+}