lxc: update to 4.0.1.

2020-03-31 10:44:59 -07:00 · 2020-03-31 10:44:59 -07:00 · dc7fe3b99d
commit dc7fe3b99d
parent d229310e4c
7 changed files with 4 additions and 396 deletions
--- a/srcpkgs/lxc/patches/3dd7829433f63b2ec1323a1f237efa7d67ea6e2b.patch
+++ b/srcpkgs/lxc/patches/3dd7829433f63b2ec1323a1f237efa7d67ea6e2b.patch
@ -1,91 +0,0 @@
-From 3dd7829433f63b2ec1323a1f237efa7d67ea6e2b Mon Sep 17 00:00:00 2001
-From: Christian Brauner <christian.brauner@ubuntu.com>
-Date: Fri, 26 Jul 2019 08:20:02 +0200
-Subject: [PATCH] network: restore ability to move nl80211 devices
-
-Closes #3105.
-Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
- src/lxc/network.c | 31 +++++++++++++++++--------------
- 1 file changed, 17 insertions(+), 14 deletions(-)
-
-diff --git src/lxc/network.c src/lxc/network.c
-index 9755116ba1..7684f95918 100644
--- src/lxc/network.c
-+++ src/lxc/network.c
-@@ -1248,22 +1248,21 @@ static int lxc_netdev_rename_by_name_in_netns(pid_t pid, const char *old,
- static int lxc_netdev_move_wlan(char *physname, const char *ifname, pid_t pid,
- 				const char *newname)
- {
-	char *cmd;
-+	__do_free char *cmd = NULL;
- 	pid_t fpid;
-	int err = -1;
- 
- 	/* Move phyN into the container.  TODO - do this using netlink.
- 	 * However, IIUC this involves a bit more complicated work to talk to
- 	 * the 80211 module, so for now just call out to iw.
- 	 */
- 	cmd = on_path("iw", NULL);
-	if (!cmd)
-		goto out1;
-	free(cmd);
-+	if (!cmd) {
-+		return -1;
-+	}
- 
- 	fpid = fork();
- 	if (fpid < 0)
-		goto out1;
-+		return -1;
- 
- 	if (fpid == 0) {
- 		char pidstr[30];
-@@ -1274,21 +1273,18 @@ static int lxc_netdev_move_wlan(char *physname, const char *ifname, pid_t pid,
- 	}
- 
- 	if (wait_for_pid(fpid))
-		goto out1;
-+		return -1;
- 
-	err = 0;
- 	if (newname)
-		err = lxc_netdev_rename_by_name_in_netns(pid, ifname, newname);
-+		return lxc_netdev_rename_by_name_in_netns(pid, ifname, newname);
- 
-out1:
-	free(physname);
-	return err;
-+	return 0;
- }
- 
- int lxc_netdev_move_by_name(const char *ifname, pid_t pid, const char* newname)
- {
-+	__do_free char *physname = NULL;
- 	int index;
-	char *physname;
- 
- 	if (!ifname)
- 		return -EINVAL;
-@@ -3279,13 +3275,20 @@ int lxc_network_move_created_netdev_priv(struct lxc_handler *handler)
- 		return 0;
- 
- 	lxc_list_for_each(iterator, network) {
-+		__do_free char *physname = NULL;
- 		int ret;
- 		struct lxc_netdev *netdev = iterator->elem;
- 
- 		if (!netdev->ifindex)
- 			continue;
- 
-		ret = lxc_netdev_move_by_index(netdev->ifindex, pid, NULL);
-+		if (netdev->type == LXC_NET_PHYS)
-+			physname = is_wlan(netdev->link);
-+
-+		if (physname)
-+			ret = lxc_netdev_move_wlan(physname, netdev->link, pid, NULL);
-+		else
-+			ret = lxc_netdev_move_by_index(netdev->ifindex, pid, NULL);
- 		if (ret) {
- 			errno = -ret;
- 			SYSERROR("Failed to move network device \"%s\" with ifindex %d to network namespace %d",
--- a/srcpkgs/lxc/patches/6453ba565ed7e3be9b3c9fa74ac07cf8e06b9afc.patch
+++ b/srcpkgs/lxc/patches/6453ba565ed7e3be9b3c9fa74ac07cf8e06b9afc.patch
@ -1,42 +0,0 @@
-From 6453ba565ed7e3be9b3c9fa74ac07cf8e06b9afc Mon Sep 17 00:00:00 2001
-From: Christian Brauner <christian.brauner@ubuntu.com>
-Date: Tue, 23 Jul 2019 16:41:46 +0200
-Subject: [PATCH] tree-wide: initialize all auto-cleanup variables
-
-Closes: #3101.
-Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
- src/lxc/cgroups/cgfsng.c | 2 +-
- src/lxc/confile.c        | 6 +++---
- 2 files changed, 4 insertions(+), 4 deletions(-)
-
-diff --git src/lxc/cgroups/cgfsng.c src/lxc/cgroups/cgfsng.c
-index 87e12d2ddd..7b8fe6736f 100644
--- src/lxc/cgroups/cgfsng.c
-+++ src/lxc/cgroups/cgfsng.c
-@@ -1260,7 +1260,7 @@ static int mkdir_eexist_on_last(const char *dir, mode_t mode)
- 
- 	orig_len = strlen(dir);
- 	do {
-		__do_free char *makeme;
-+		__do_free char *makeme = NULL;
- 		int ret;
- 		size_t cur_len;
- 
-diff --git src/lxc/confile.c src/lxc/confile.c
-index 36d62cbcac..c0cba7c547 100644
--- src/lxc/confile.c
-+++ src/lxc/confile.c
-@@ -909,9 +909,9 @@ static int set_config_net_ipv6_gateway(const char *key, const char *value,
- static int set_config_net_veth_ipv6_route(const char *key, const char *value,
- 				       struct lxc_conf *lxc_conf, void *data)
- {
-	__do_free char *valdup;
-	__do_free struct lxc_inet6dev *inet6dev;
-	__do_free struct lxc_list *list;
-+	__do_free char *valdup = NULL;
-+	__do_free struct lxc_inet6dev *inet6dev = NULL;
-+	__do_free struct lxc_list *list = NULL;
- 	int ret;
- 	char *netmask, *slash;
- 	struct lxc_netdev *netdev = data;
--- a/srcpkgs/lxc/patches/7c3d3976fa4036fe5c260ca3a68376360e98e260.patch
+++ b/srcpkgs/lxc/patches/7c3d3976fa4036fe5c260ca3a68376360e98e260.patch
@ -1,74 +0,0 @@
-From 7c3d3976fa4036fe5c260ca3a68376360e98e260 Mon Sep 17 00:00:00 2001
-From: Julio Faracco <jcfaracco@gmail.com>
-Date: Sat, 3 Aug 2019 02:16:13 -0300
-Subject: [PATCH] utils: Fix wrong integer of a function parameter.
-
-If SSL is enabled, utils will include function `do_sha1_hash()` to
-generate a sha1 encrypted buffer. Last function argument of
-`EVP_DigestFinal_ex()` requires a `unsigned int` but the current
-parameter is an `integer` type.
-
-See error:
-utils.c:350:38: error: passing 'int *' to parameter of type 'unsigned int *' converts between pointers to integer types with different sign
-      [-Werror,-Wpointer-sign]
-        EVP_DigestFinal_ex(mdctx, md_value, md_len);
-                                            ^~~~~~
-/usr/include/openssl/evp.h:549:49: note: passing argument to parameter 's' here
-                                  unsigned int *s);
-
-Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
---
- src/lxc/lxccontainer.c | 3 ++-
- src/lxc/utils.c        | 4 ++--
- src/lxc/utils.h        | 2 +-
- 3 files changed, 5 insertions(+), 4 deletions(-)
-
-diff --git src/lxc/lxccontainer.c src/lxc/lxccontainer.c
-index 52c38fd330..09d427a491 100644
--- src/lxc/lxccontainer.c
-+++ src/lxc/lxccontainer.c
-@@ -1660,7 +1660,8 @@ static bool prepend_lxc_header(char *path, const char *t, char *const argv[])
- 	FILE *f;
- 	int ret = -1;
- #if HAVE_OPENSSL
-	int i, md_len = 0;
-+	int i;
-+	unsigned int md_len = 0;
- 	unsigned char md_value[EVP_MAX_MD_SIZE];
- 	char *tpath;
- #endif
-diff --git src/lxc/utils.c src/lxc/utils.c
-index bf4a9c2cbd..9ddbabfc85 100644
--- src/lxc/utils.c
-+++ src/lxc/utils.c
-@@ -333,7 +333,7 @@ int lxc_wait_for_pid_status(pid_t pid)
- #ifdef HAVE_OPENSSL
- #include <openssl/evp.h>
- 
-static int do_sha1_hash(const char *buf, int buflen, unsigned char *md_value, int *md_len)
-+static int do_sha1_hash(const char *buf, int buflen, unsigned char *md_value, unsigned int *md_len)
- {
- 	EVP_MD_CTX *mdctx;
- 	const EVP_MD *md;
-@@ -353,7 +353,7 @@ static int do_sha1_hash(const char *buf, int buflen, unsigned char *md_value, in
- 	return 0;
- }
- 
-int sha1sum_file(char *fnam, unsigned char *digest, int *md_len)
-+int sha1sum_file(char *fnam, unsigned char *digest, unsigned int *md_len)
- {
- 	char *buf;
- 	int ret;
-diff --git src/lxc/utils.h src/lxc/utils.h
-index dd6404f0b3..c1667e8c4c 100644
--- src/lxc/utils.h
-+++ src/lxc/utils.h
-@@ -99,7 +99,7 @@ extern int wait_for_pid(pid_t pid);
- extern int lxc_wait_for_pid_status(pid_t pid);
- 
- #if HAVE_OPENSSL
-extern int sha1sum_file(char *fnam, unsigned char *md_value, int *md_len);
-+extern int sha1sum_file(char *fnam, unsigned char *md_value, unsigned int *md_len);
- #endif
- 
- /* initialize rand with urandom */
--- a/srcpkgs/lxc/patches/9c579205669cce54944e2c4f115e69ef18475bbe.patch
+++ b/srcpkgs/lxc/patches/9c579205669cce54944e2c4f115e69ef18475bbe.patch
@ -1,30 +0,0 @@
-From 9c579205669cce54944e2c4f115e69ef18475bbe Mon Sep 17 00:00:00 2001
-From: Tycho Andersen <tycho@tycho.ws>
-Date: Tue, 23 Jul 2019 09:40:14 -0600
-Subject: [PATCH] pidfds: don't print a scary warning on ENOSYS
-
-Most kernels don't have this functionality yet, and so the warning is
-printed a lot. Our people are scared of warnings, so let's make it INFO
-instead in this case.
-
-Signed-off-by: Tycho Andersen <tycho@tycho.ws>
---
- src/lxc/start.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git src/lxc/start.c src/lxc/start.c
-index e3f32f4cb8..e6544ea19c 100644
--- src/lxc/start.c
-+++ src/lxc/start.c
-@@ -1641,7 +1641,10 @@ static int proc_pidfd_open(pid_t pid)
- 
- 	/* Test whether we can send signals. */
- 	if (lxc_raw_pidfd_send_signal(proc_pidfd, 0, NULL, 0)) {
-		SYSERROR("Failed to send signal through pidfd");
-+		if (errno != ENOSYS)
-+			SYSERROR("Failed to send signal through pidfd");
-+		else
-+			INFO("Sending signals through pidfds not supported on this kernel");
- 		return -1;
- 	}
- 
--- a/srcpkgs/lxc/patches/cpuset.patch
+++ b/srcpkgs/lxc/patches/cpuset.patch
@ -1,33 +0,0 @@
-From b31d62b847a3ee013613795094cce4acc12345ef Mon Sep 17 00:00:00 2001
-From: Christian Brauner <christian.brauner@ubuntu.com>
-Date: Sun, 28 Jul 2019 23:13:26 +0200
-Subject: [PATCH] cgroups: initialize cpuset properly
-
-Closes #3108.
-Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
- src/lxc/cgroups/cgfsng.c | 10 +++++-----
- 1 file changed, 5 insertions(+), 5 deletions(-)
-
-diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c
-index 7b8fe6736f..c29c0958e9 100644
--- src/lxc/cgroups/cgfsng.c
-+++ src/lxc/cgroups/cgfsng.c
-@@ -496,12 +496,12 @@ static bool cg_legacy_filter_and_set_cpus(char *path, bool am_initialized)
- 	}
- 
- 	if (!flipped_bit) {
-		DEBUG("No isolated or offline cpus present in cpuset");
-		return true;
-+		cpulist = lxc_cpumask_to_cpulist(possmask, maxposs);
-+		TRACE("No isolated or offline cpus present in cpuset");
-+	} else {
-+		cpulist = move_ptr(posscpus);
-+		TRACE("Removed isolated or offline cpus from cpuset");
- 	}
-	DEBUG("Removed isolated or offline cpus from cpuset");
-
-	cpulist = lxc_cpumask_to_cpulist(possmask, maxposs);
- 	if (!cpulist) {
- 		ERROR("Failed to create cpu list");
- 		return false;
--- a/srcpkgs/lxc/patches/e4103cf63f3e24667680544303e7c7230b3d508c.patch
+++ b/srcpkgs/lxc/patches/e4103cf63f3e24667680544303e7c7230b3d508c.patch
@ -1,122 +0,0 @@
-From e4103cf63f3e24667680544303e7c7230b3d508c Mon Sep 17 00:00:00 2001
-From: Thomas Parrott <thomas.parrott@canonical.com>
-Date: Fri, 26 Jul 2019 16:14:18 +0100
-Subject: [PATCH] lxccontainer: do_lxcapi_detach_interface to support detaching
- wlan devices
-
-Signed-off-by: Thomas Parrott <thomas.parrott@canonical.com>
---
- src/lxc/attach.c       |  2 +-
- src/lxc/attach.h       |  2 ++
- src/lxc/lxccontainer.c | 23 ++++++++++++++++++++++-
- src/lxc/network.c      |  4 ++--
- src/lxc/network.h      |  4 ++++
- 5 files changed, 31 insertions(+), 4 deletions(-)
-
-diff --git src/lxc/attach.c src/lxc/attach.c
-index 867aa91c0d..f63331edec 100644
--- src/lxc/attach.c
-+++ src/lxc/attach.c
-@@ -213,7 +213,7 @@ static int lxc_attach_to_ns(pid_t pid, struct lxc_proc_context_info *ctx)
- 	return 0;
- }
- 
-static int lxc_attach_remount_sys_proc(void)
-+int lxc_attach_remount_sys_proc(void)
- {
- 	int ret;
- 
-diff --git src/lxc/attach.h src/lxc/attach.h
-index c576aa9fca..ce7c461b33 100644
--- src/lxc/attach.h
-+++ src/lxc/attach.h
-@@ -45,4 +45,6 @@ extern int lxc_attach(struct lxc_container *container,
- 		      lxc_attach_exec_t exec_function, void *exec_payload,
- 		      lxc_attach_options_t *options, pid_t *attached_process);
- 
-+extern int lxc_attach_remount_sys_proc(void);
-+
- #endif /* __LXC_ATTACH_H */
-diff --git src/lxc/lxccontainer.c src/lxc/lxccontainer.c
-index d8efdc41c6..52c38fd330 100644
--- src/lxc/lxccontainer.c
-+++ src/lxc/lxccontainer.c
-@@ -4793,6 +4793,7 @@ static bool do_lxcapi_detach_interface(struct lxc_container *c,
- {
- 	int ret;
- 	pid_t pid, pid_outside;
-+	__do_free char *physname = NULL;
- 
- 	/*
- 	 * TODO - if this is a physical device, then we need am_host_unpriv.
-@@ -4828,6 +4829,19 @@ static bool do_lxcapi_detach_interface(struct lxc_container *c,
- 			_exit(EXIT_FAILURE);
- 		}
- 
-+		/* create new mount namespace for use with remounting /sys and is_wlan() below. */
-+		ret = unshare(CLONE_NEWNS);
-+		if (ret < 0) {
-+			ERROR("Failed to unshare mount namespace");
-+			_exit(EXIT_FAILURE);
-+		}
-+
-+		/* set / recursively as private so that mount propagation doesn't affect us.  */
-+		if (mount(NULL, "/", NULL, MS_REC | MS_PRIVATE, 0) < 0) {
-+			ERROR("Failed to recursively set / as private in mount namespace");
-+			_exit(EXIT_FAILURE);
-+		}
-+
- 		ret = lxc_netdev_isup(ifname);
- 		if (ret < 0) {
- 			ERROR("Failed to determine whether network device \"%s\" is up", ifname);
-@@ -4843,7 +4857,14 @@ static bool do_lxcapi_detach_interface(struct lxc_container *c,
- 			}
- 		}
- 
-		ret = lxc_netdev_move_by_name(ifname, pid_outside, dst_ifname);
-+		/* remount /sys so is_wlan() can check if this device is a wlan device. */
-+		lxc_attach_remount_sys_proc();
-+		physname = is_wlan(ifname);
-+		if (physname)
-+			ret = lxc_netdev_move_wlan(physname, ifname, pid_outside, dst_ifname);
-+		else
-+			ret = lxc_netdev_move_by_name(ifname, pid_outside, dst_ifname);
-+
- 		/* -EINVAL means there is no netdev named as ifname. */
- 		if (ret < 0) {
- 			if (ret == -EINVAL)
-diff --git src/lxc/network.c src/lxc/network.c
-index 7684f95918..65727f6b5a 100644
--- src/lxc/network.c
-+++ src/lxc/network.c
-@@ -1172,7 +1172,7 @@ int lxc_netdev_move_by_index(int ifindex, pid_t pid, const char *ifname)
-  * will be passed to lxc_netdev_move_wlan() which will free it when done.
-  */
- #define PHYSNAME "/sys/class/net/%s/phy80211/name"
-static char *is_wlan(const char *ifname)
-+char *is_wlan(const char *ifname)
- {
- 	__do_free char *path = NULL;
- 	int i, ret;
-@@ -1245,7 +1245,7 @@ static int lxc_netdev_rename_by_name_in_netns(pid_t pid, const char *old,
- 	_exit(lxc_netdev_rename_by_name(old, new));
- }
- 
-static int lxc_netdev_move_wlan(char *physname, const char *ifname, pid_t pid,
-+int lxc_netdev_move_wlan(char *physname, const char *ifname, pid_t pid,
- 				const char *newname)
- {
- 	__do_free char *cmd = NULL;
-diff --git src/lxc/network.h src/lxc/network.h
-index acfd8a0532..8a86768d9e 100644
--- src/lxc/network.h
-+++ src/lxc/network.h
-@@ -293,4 +293,8 @@ extern int lxc_netns_set_nsid(int netns_fd);
- extern int lxc_netns_get_nsid(__s32 fd);
- extern int lxc_create_network(struct lxc_handler *handler);
- 
-+extern char *is_wlan(const char *ifname);
-+extern int lxc_netdev_move_wlan(char *physname, const char *ifname, pid_t pid,
-+				const char *newname);
-+
- #endif /* __LXC_NETWORK_H */
--- a/srcpkgs/lxc/template
+++ b/srcpkgs/lxc/template
@ -2,8 +2,8 @@
 _desc="Linux Containers"

 pkgname=lxc
-version=3.2.1
-revision=3
+version=4.0.1
+revision=1
 build_style=gnu-configure
 configure_args="--enable-doc --enable-seccomp
 --enable-capabilities --enable-apparmor --with-distro=none
@ -12,11 +12,11 @@ hostmakedepends="automake libtool pkg-config docbook2x"
 makedepends="libcap-devel libseccomp-devel gnutls-devel libapparmor-devel"
 depends="xz wget gnupg"
 short_desc="${_desc} - utilities"
-maintainer="Orphaned <orphan@voidlinux.org>"
+maintainer="Cameron Nemo <cnemo@tutanota.com>"
 homepage="https://linuxcontainers.org"
 license="LGPL-2.1-or-later"
 distfiles="https://linuxcontainers.org/downloads/lxc-${version}.tar.gz"
-checksum=5f903986a4b17d607eea28c0aa56bf1e76e8707747b1aa07d31680338b1cc3d4
+checksum=70bbaac1df097f32ee5493a5e67a52365f7cdda28529f40197d6160bbec4139d

 conf_files="/etc/lxc/default.conf"
 make_dirs="