diff options
author | Erik Mackdanz <stasibear@gentoo.org> | 2016-06-13 10:40:41 -0500 |
---|---|---|
committer | Erik Mackdanz <stasibear@gentoo.org> | 2016-06-13 10:41:40 -0500 |
commit | 1c437fe99eb4beb6b279b843587c5c559ce452ad (patch) | |
tree | b89f81f246d4825053fad346e0d3480fd9f8b81e /app-emulation | |
parent | dev-perl/Text-CSV-1.330.0-r0: add alpha keyword (diff) | |
download | gentoo-1c437fe99eb4beb6b279b843587c5c559ce452ad.tar.gz gentoo-1c437fe99eb4beb6b279b843587c5c559ce452ad.tar.bz2 gentoo-1c437fe99eb4beb6b279b843587c5c559ce452ad.zip |
app-emulation/lxd: bump to 2.0.2
Address CVE-2016-1581 and CVE-2016-1582
Package-Manager: portage-2.3.0_rc1
Diffstat (limited to 'app-emulation')
-rw-r--r-- | app-emulation/lxd/Manifest | 1 | ||||
-rw-r--r-- | app-emulation/lxd/files/lxd-2.0.2-dont-go-get.patch | 20 | ||||
-rw-r--r-- | app-emulation/lxd/files/lxd-2.0.2.confd | 27 | ||||
-rw-r--r-- | app-emulation/lxd/files/lxd-2.0.2.initd | 50 | ||||
-rw-r--r-- | app-emulation/lxd/lxd-2.0.2.ebuild | 149 |
5 files changed, 247 insertions, 0 deletions
diff --git a/app-emulation/lxd/Manifest b/app-emulation/lxd/Manifest index 8297025e9363..072650a8cae0 100644 --- a/app-emulation/lxd/Manifest +++ b/app-emulation/lxd/Manifest @@ -2,3 +2,4 @@ DIST lxd-2.0.0.tar.bz2 2305314 SHA256 da5bab198cff8bee4528f35537221a252b4b2a23d6 DIST lxd-2.0.0_beta4.tar.bz2 2291955 SHA256 6487750275e21ab3e862ea56807b9fcf28e9a646040e1f50f3967e9f76cf27e5 SHA512 ae67b9098946f037c1c938cc46f141fb8089ae33b980dd55cebc9cc3f14fbcd645e810e185fdc61dacbd6437569d079e4d9bd9763d12fefb65cfcecf13c10b28 WHIRLPOOL 6c781b47b80d044128647567b6de81352b174e2224e9ff91f2e1eacc5dfbb9141e53aa74e9bce479ebee1bb6c691282849897c34f815415623abcf3d666c7033 DIST lxd-2.0.0_rc2.tar.bz2 2306077 SHA256 d74babbd5c537430a574a13c0f70c7633affc9bbd0e21bf0039872bdfb801fe9 SHA512 6a21620e19277293a3b665d4061f5aa9443d1a9a5ab88fa885096ff77acf828b215e247136bb99ea1ba230f015181bc9a86a919664c9288577509a2146a5aa66 WHIRLPOOL f88e0f3b5ecd9803bc8baee864ffbdf33b39f331a5e5ceb170b2792d2e26b6f4faae3a8cc6aae090e81accd3835408f2956a117095bc790ca7c16cd7f21d205e DIST lxd-2.0.1.tar.bz2 2330217 SHA256 b9a315825bfc66469a442f3b3da73e2af97dba270ffe1bc18c871cd6c1c7ad69 SHA512 67b1c42a0957bd2f4963c860372211dbbc38cb8e9346e83c6319749efd9e1a188c00033865901d285650298531460b9f54cba0e88d0973179c0c17bcd30cc97d WHIRLPOOL 4ae640fc6410dff9d08816a6ac7ddb47a4cce9dfbbfaa65baf8456517aca25a501b0e680d9a6855a0fa3b9efe8cd1eddb0a9981d43de9ef573c16be936f5104a +DIST lxd-2.0.2.tar.bz2 2340565 SHA256 0054b0e79ba0bc1a1189eb63ca8ac2ca2bafd10c500ce53f67abbd5abc03b542 SHA512 c79f1c7f0aeb289ba7bea745917aaac0d339baf0e6b4fe62cbcb67b8da072ef135e971d4c17546e2e208aeae921ad2853073493f9e7a6e300876bd72b808e516 WHIRLPOOL a30bddfc79ad0c7d941db811f1942fff67afc79a217a251d55b1cf37d80cdb21f8f1f72df268382cbcd34d408005ef4185f5bd59f95369b51558938352f05c60 diff --git a/app-emulation/lxd/files/lxd-2.0.2-dont-go-get.patch b/app-emulation/lxd/files/lxd-2.0.2-dont-go-get.patch new file mode 100644 index 000000000000..d2e622ec73b7 --- /dev/null +++ b/app-emulation/lxd/files/lxd-2.0.2-dont-go-get.patch @@ -0,0 +1,20 @@ +--- Makefile.orig 2016-02-19 00:16:40.720102639 +0000 ++++ Makefile 2016-02-19 00:18:10.886096473 +0000 +@@ -12,17 +12,11 @@ + + .PHONY: default + default: +- # Must run twice due to go get race +- -go get -t -v -d ./... +- -go get -t -v -d ./... + go install -v $(DEBUG) ./... + @echo "LXD built successfully" + + .PHONY: client + client: +- # Must run twice due to go get race +- -go get -t -v -d ./... +- -go get -t -v -d ./... + go install -v $(DEBUG) ./lxc + @echo "LXD client built successfully" + diff --git a/app-emulation/lxd/files/lxd-2.0.2.confd b/app-emulation/lxd/files/lxd-2.0.2.confd new file mode 100644 index 000000000000..3d553276a5e3 --- /dev/null +++ b/app-emulation/lxd/files/lxd-2.0.2.confd @@ -0,0 +1,27 @@ +# Group which owns the shared socket +LXD_OPTIONS+=" --group lxd" + + + +# Enable cpu profiling into the specified file +#LXD_OPTIONS+=" --cpuprofile /tmp/lxc_cpu_profile" + +# Enable memory profiling into the specified file +#LXD_OPTIONS+=" --memprofile /tmp/lxc_mem_profile" + + + +# Enables debug mode +#LXD_OPTIONS+=" --debug" + +# For debugging, print a complete stack trace every n seconds +#LXD_OPTIONS+=" --print-goroutines-every 5" + +# Enables verbose mode +#LXD_OPTIONS+=" -v" + +# Logfile to log to +#LXD_OPTIONS+=" --logfile /var/log/lxd/lxd.log" + +# Enables syslog logging +#LXD_OPTIONS+=" --syslog" diff --git a/app-emulation/lxd/files/lxd-2.0.2.initd b/app-emulation/lxd/files/lxd-2.0.2.initd new file mode 100644 index 000000000000..c1aef377ab6f --- /dev/null +++ b/app-emulation/lxd/files/lxd-2.0.2.initd @@ -0,0 +1,50 @@ +#!/sbin/openrc-run +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +DAEMON=/usr/sbin/lxd +PIDFILE=/run/lxd.pid + +extra_commands="stopall" + +depend() { + need net + use lxcfs + + # remove with 2.0 release + need cgmanager +} + +start() { + ebegin "Starting lxd server" + + start-stop-daemon --start \ + --pidfile ${PIDFILE} \ + --exec ${DAEMON} \ + --background \ + --make-pidfile \ + -- \ + ${LXD_OPTIONS} + + eend $? +} + +stop() { + if [[ $RC_GOINGDOWN = YES ]] || [[ $RC_REBOOT = YES ]]; then + stopall + else + ebegin "Stopping lxd service (but not containers)" + start-stop-daemon --stop --quiet -R TERM/45 -p ${PIDFILE} + eend $? + fi +} + +stopall() { + ebegin "Stopping lxd service and containers" + if "${DAEMON}" shutdown; then + /etc/init.d/lxd zap + rm -f ${PIDFILE} + fi + eend $? +} diff --git a/app-emulation/lxd/lxd-2.0.2.ebuild b/app-emulation/lxd/lxd-2.0.2.ebuild new file mode 100644 index 000000000000..fdb143b9a384 --- /dev/null +++ b/app-emulation/lxd/lxd-2.0.2.ebuild @@ -0,0 +1,149 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +DESCRIPTION="Fast, dense and secure container management" +HOMEPAGE="https://linuxcontainers.org/lxd/introduction/" +EGO_PN_PARENT="github.com/lxc" +EGO_PN="${EGO_PN_PARENT}/lxd" +SRC_URI="https://dev.gentoo.org/~stasibear/distfiles/${P}.tar.bz2" +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64" + +PLOCALES="de fr ja" +IUSE="+daemon nls test" + +# IUSE and PLOCALES must be defined before l10n inherited +inherit bash-completion-r1 eutils golang-build l10n systemd user vcs-snapshot + +DEPEND=" + dev-go/go-crypto + dev-libs/protobuf + dev-vcs/git + nls? ( sys-devel/gettext ) + test? ( + app-misc/jq + dev-db/sqlite + net-misc/curl + sys-devel/gettext + ) +" + +RDEPEND=" + daemon? ( + app-admin/cgmanager + app-arch/xz-utils + app-emulation/lxc[cgmanager,seccomp] + net-misc/rsync[xattr] + sys-apps/iproute2 + virtual/acl + ) +" + +# KNOWN ISSUES: +# - Translations may not work. I've been unsuccessful in forcing +# localized output. Anyway, upstream (Canonical) doesn't install the +# message files. + +# TODO: +# - since 0.15 gccgo is a supported compiler ('make gccgo'). It would +# be preferable for that support to go into the golang-build eclass not +# this package directly. + +src_prepare() { + cd "${S}/src/${EGO_PN}" || die "Failed to change to deep src dir" + + epatch "${FILESDIR}/${P}-dont-go-get.patch" + + tmpgoroot="${T}/goroot" + mkdir -p "$tmpgoroot" || die "Failed to create temporary GOROOT" + cp -sR "$(get_golibdir_gopath)"/* "${tmpgoroot}" || die "Failed to copy files to temporary GOROOT" + + # Warn on unhandled locale changes + l10n_find_plocales_changes po "" .po +} + +src_compile() { + golang-build_src_compile + + cd "${S}/src/${EGO_PN}" || die "Failed to change to deep src dir" + + tmpgoroot="${T}/goroot" + if use daemon; then + # Build binaries + GOPATH="${S}:${tmpgoroot}" emake + else + # build client tool + GOPATH="${S}:${tmpgoroot}" emake client + fi + + use nls && emake build-mo +} + +src_test() { + if use daemon; then + # Go native tests should succeed + golang-build_src_test + fi +} + +src_install() { + # Installs all src,pkg to /usr/lib/go-gentoo + golang-build_src_install + + cd "${S}" + dobin bin/lxc + use daemon && dosbin bin/lxd + + cd "src/${EGO_PN}" + + if use nls; then + for lingua in ${PLOCALES}; do + if use linguas_${lingua}; then + domo po/${lingua}.mo + fi + done + fi + + if use daemon; then + newinitd "${FILESDIR}"/${P}.initd lxd + newconfd "${FILESDIR}"/${P}.confd lxd + + systemd_dounit "${FILESDIR}"/lxd.service + fi + + newbashcomp config/bash/lxd-client lxc + + dodoc AUTHORS CONTRIBUTING.md README.md doc/* +} + +pkg_postinst() { + einfo + einfo "Consult https://wiki.gentoo.org/wiki/LXD for more information," + einfo "including a Quick Start." + + # The messaging below only applies to daemon installs + use daemon || return 0 + + # The control socket will be owned by (and writeable by) this group. + enewgroup lxd + + # Ubuntu also defines an lxd user but it appears unused (the daemon + # must run as root) + + einfo + einfo "Though not strictly required, some features are enabled at run-time" + einfo "when the relevant helper programs are detected:" + einfo "- sys-apps/apparmor" + einfo "- sys-fs/btrfs-progs" + einfo "- sys-fs/lvm2" + einfo "- sys-fs/lxcfs" + einfo "- sys-fs/zfs" + einfo "- sys-process/criu" + einfo + einfo "Since these features can't be disabled at build-time they are" + einfo "not USE-conditional." +} |