New package: buildah-1.5

2025-06-07 23:53:51 +02:00 · 2018-11-25 11:49:00 -08:00 · 2018-11-25 11:49:00 -08:00 · 2f39427255
commit 2f39427255
parent 5e51c23459
2 changed files with 176 additions and 0 deletions
--- a/srcpkgs/buildah/patches/ostree_remove_selinux.patch
+++ b/srcpkgs/buildah/patches/ostree_remove_selinux.patch
@ -0,0 +1,142 @@
 --- vendor/github.com/containers/image/ostree/ostree_dest.go	2018-05-20 11:56:16.000000000 +0300
 +++ vendor/github.com/containers/image/ostree/ostree_dest.go	2018-05-23 22:26:34.159967970 +0300
@@ -15,31 +15,25 @@
 	"os/exec"
 	"path/filepath"
 	"strconv"
 -	"strings"
 -	"syscall"
 	"time"
 -	"unsafe"
 	"github.com/containers/image/manifest"
 	"github.com/containers/image/types"
 	"github.com/containers/storage/pkg/archive"
 	"github.com/opencontainers/go-digest"
 -	selinux "github.com/opencontainers/selinux/go-selinux"
 	"github.com/ostreedev/ostree-go/pkg/otbuiltin"
 	"github.com/pkg/errors"
 	"github.com/vbatts/tar-split/tar/asm"
 	"github.com/vbatts/tar-split/tar/storage"
 )
 -// #cgo pkg-config: glib-2.0 gobject-2.0 ostree-1 libselinux
 +// #cgo pkg-config: glib-2.0 gobject-2.0 ostree-1
 // #include <glib.h>
 // #include <glib-object.h>
 // #include <gio/gio.h>
 // #include <stdlib.h>
 // #include <ostree.h>
 // #include <gio/ginputstream.h>
 -// #include <selinux/selinux.h>
 -// #include <selinux/label.h>
 import "C"
 type blobToImport struct {
@@ -158,7 +152,7 @@
 	return types.BlobInfo{Digest: computedDigest, Size: size}, nil
 }
 -func fixFiles(selinuxHnd *C.struct_selabel_handle, root string, dir string, usermode bool) error {
 +func fixFiles(dir string, usermode bool) error {
 	entries, err := ioutil.ReadDir(dir)
 	if err != nil {
 		return err
@@ -173,42 +167,13 @@
 			continue
 		}
 -		if selinuxHnd != nil {
 -			relPath, err := filepath.Rel(root, fullpath)
 -			if err != nil {
 -				return err
 -			}
 -			// Handle /exports/hostfs as a special case.  Files under this directory are copied to the host,
 -			// thus we benefit from maintaining the same SELinux label they would have on the host as we could
 -			// use hard links instead of copying the files.
 -			relPath = fmt.Sprintf("/%s", strings.TrimPrefix(relPath, "exports/hostfs/"))
 -
 -			relPathC := C.CString(relPath)
 -			defer C.free(unsafe.Pointer(relPathC))
 -			var context *C.char
 -
 -			res, err := C.selabel_lookup_raw(selinuxHnd, &context, relPathC, C.int(info.Mode()&os.ModePerm))
 -			if int(res) < 0 && err != syscall.ENOENT {
 -				return errors.Wrapf(err, "cannot selabel_lookup_raw %s", relPath)
 -			}
 -			if int(res) == 0 {
 -				defer C.freecon(context)
 -				fullpathC := C.CString(fullpath)
 -				defer C.free(unsafe.Pointer(fullpathC))
 -				res, err = C.lsetfilecon_raw(fullpathC, context)
 -				if int(res) < 0 {
 -					return errors.Wrapf(err, "cannot setfilecon_raw %s", fullpath)
 -				}
 -			}
 -		}
 -
 		if info.IsDir() {
 			if usermode {
 				if err := os.Chmod(fullpath, info.Mode()|0700); err != nil {
 					return err
 				}
 			}
 -			err = fixFiles(selinuxHnd, root, fullpath, usermode)
 +			err = fixFiles(fullpath, usermode)
 			if err != nil {
 				return err
 			}
@@ -264,7 +229,7 @@
 	return digester.Digest(), written, nil
 }
 -func (d *ostreeImageDestination) importBlob(selinuxHnd *C.struct_selabel_handle, repo *otbuiltin.Repo, blob *blobToImport) error {
 +func (d *ostreeImageDestination) importBlob(repo *otbuiltin.Repo, blob *blobToImport) error {
 	// TODO: This can take quite some time, and should ideally be cancellable using a context.Context.
 	ostreeBranch := fmt.Sprintf("ociimage/%s", blob.Digest.Hex())
@@ -287,7 +252,7 @@
 		if err := archive.UntarPath(blob.BlobPath, destinationPath); err != nil {
 			return err
 		}
 -		if err := fixFiles(selinuxHnd, destinationPath, destinationPath, false); err != nil {
 +		if err := fixFiles(destinationPath, false); err != nil {
 			return err
 		}
 	} else {
@@ -296,7 +261,7 @@
 			return err
 		}
 -		if err := fixFiles(selinuxHnd, destinationPath, destinationPath, true); err != nil {
 +		if err := fixFiles(destinationPath, true); err != nil {
 			return err
 		}
 	}
@@ -404,17 +369,6 @@
 		return err
 	}
 -	var selinuxHnd *C.struct_selabel_handle
 -
 -	if os.Getuid() == 0 && selinux.GetEnabled() {
 -		selinuxHnd, err = C.selabel_open(C.SELABEL_CTX_FILE, nil, 0)
 -		if selinuxHnd == nil {
 -			return errors.Wrapf(err, "cannot open the SELinux DB")
 -		}
 -
 -		defer C.selabel_close(selinuxHnd)
 -	}
 -
 	checkLayer := func(hash string) error {
 		blob := d.blobs[hash]
 		// if the blob is not present in d.blobs then it is already stored in OSTree,
@@ -422,7 +376,7 @@
 		if blob == nil {
 			return nil
 		}
 -		err := d.importBlob(selinuxHnd, repo, blob)
 +		err := d.importBlob(repo, blob)
 		if err != nil {
 			return err
 		}
--- a/srcpkgs/buildah/template
+++ b/srcpkgs/buildah/template
@ -0,0 +1,34 @@
 # Template file for 'buildah'
 pkgname=buildah
 version=1.5
 revision=1
 build_style=go
 go_import_path="github.com/containers/buildah"
 go_package="${go_import_path}/cmd/buildah"
 hostmakedepends="pkg-config go-md2man"
 makedepends="libostree-devel libbtrfs-devel device-mapper-devel gpgme-devel
 libassuan-devel libseccomp-devel"
 depends="runc skopeo"
 short_desc="A tool that facilitates building OCI images"
 maintainer="Cameron Nemo <camerontnorman@gmail.com>"
 license="Apache-2.0"
 homepage="https://github.com/containers/buildah"
 distfiles="${homepage}/archive/v${version}.tar.gz"
 checksum=7da4226c0e1d4d6a925bb0d1ee565530c560e955a479ba26f8d4fe87c8004f51
 case "$XBPS_TARGET_ARCH" in
 	*-musl) broken="/lib/libmount.so.1: undefined reference to getrandom" ;;
 esac
 post_build() {
 	make -C docs
 }
 post_install() {
 	vinstall contrib/completions/bash/buildah 644 /usr/share/bash-completion/completions
 	vinstall tests/registries.conf 644 /etc/containers
 	for _i in docs/*.1; do
 		vman $_i
 	done
 	vlicense LICENSE
 }