From 421ece5dfed0645cfcea9dec02664251d8498696 Mon Sep 17 00:00:00 2001
From: Frank Steinborn <steinex@nognu.de>
Date: Thu, 2 Aug 2018 15:31:16 +0200
Subject: [PATCH] New package: skopeo-0.1.31

---
 .../patches/ostree_remove_selinux.patch       | 142 ++++++++++++++++++
 srcpkgs/skopeo/template                       |  22 +++
 2 files changed, 164 insertions(+)
 create mode 100644 srcpkgs/skopeo/patches/ostree_remove_selinux.patch
 create mode 100644 srcpkgs/skopeo/template

diff --git a/srcpkgs/skopeo/patches/ostree_remove_selinux.patch b/srcpkgs/skopeo/patches/ostree_remove_selinux.patch
new file mode 100644
index 00000000000..fd1779d003b
--- /dev/null
+++ b/srcpkgs/skopeo/patches/ostree_remove_selinux.patch
@@ -0,0 +1,142 @@
+--- vendor/github.com/containers/image/ostree/ostree_dest.go
++++ vendor/github.com/containers/image/ostree/ostree_dest.go
+@@ -16,31 +16,25 @@ import (
+ 	"path/filepath"
+ 	"runtime"
+ 	"strconv"
+-	"strings"
+-	"syscall"
+ 	"time"
+-	"unsafe"
+ 
+ 	"github.com/containers/image/manifest"
+ 	"github.com/containers/image/types"
+ 	"github.com/containers/storage/pkg/archive"
+ 	"github.com/opencontainers/go-digest"
+-	selinux "github.com/opencontainers/selinux/go-selinux"
+ 	"github.com/ostreedev/ostree-go/pkg/otbuiltin"
+ 	"github.com/pkg/errors"
+ 	"github.com/vbatts/tar-split/tar/asm"
+ 	"github.com/vbatts/tar-split/tar/storage"
+ )
+ 
+-// #cgo pkg-config: glib-2.0 gobject-2.0 ostree-1 libselinux
++// #cgo pkg-config: glib-2.0 gobject-2.0 ostree-1
+ // #include <glib.h>
+ // #include <glib-object.h>
+ // #include <gio/gio.h>
+ // #include <stdlib.h>
+ // #include <ostree.h>
+ // #include <gio/ginputstream.h>
+-// #include <selinux/selinux.h>
+-// #include <selinux/label.h>
+ import "C"
+ 
+ type blobToImport struct {
+@@ -166,7 +160,7 @@ func (d *ostreeImageDestination) PutBlob(ctx context.Context, stream io.Reader,
+ 	return types.BlobInfo{Digest: computedDigest, Size: size}, nil
+ }
+ 
+-func fixFiles(selinuxHnd *C.struct_selabel_handle, root string, dir string, usermode bool) error {
++func fixFiles(dir string, usermode bool) error {
+ 	entries, err := ioutil.ReadDir(dir)
+ 	if err != nil {
+ 		return err
+@@ -181,42 +175,13 @@ func fixFiles(selinuxHnd *C.struct_selabel_handle, root string, dir string, user
+ 			continue
+ 		}
+ 
+-		if selinuxHnd != nil {
+-			relPath, err := filepath.Rel(root, fullpath)
+-			if err != nil {
+-				return err
+-			}
+-			// Handle /exports/hostfs as a special case.  Files under this directory are copied to the host,
+-			// thus we benefit from maintaining the same SELinux label they would have on the host as we could
+-			// use hard links instead of copying the files.
+-			relPath = fmt.Sprintf("/%s", strings.TrimPrefix(relPath, "exports/hostfs/"))
+-
+-			relPathC := C.CString(relPath)
+-			defer C.free(unsafe.Pointer(relPathC))
+-			var context *C.char
+-
+-			res, err := C.selabel_lookup_raw(selinuxHnd, &context, relPathC, C.int(info.Mode()&os.ModePerm))
+-			if int(res) < 0 && err != syscall.ENOENT {
+-				return errors.Wrapf(err, "cannot selabel_lookup_raw %s", relPath)
+-			}
+-			if int(res) == 0 {
+-				defer C.freecon(context)
+-				fullpathC := C.CString(fullpath)
+-				defer C.free(unsafe.Pointer(fullpathC))
+-				res, err = C.lsetfilecon_raw(fullpathC, context)
+-				if int(res) < 0 {
+-					return errors.Wrapf(err, "cannot setfilecon_raw %s", fullpath)
+-				}
+-			}
+-		}
+-
+ 		if info.IsDir() {
+ 			if usermode {
+ 				if err := os.Chmod(fullpath, info.Mode()|0700); err != nil {
+ 					return err
+ 				}
+ 			}
+-			err = fixFiles(selinuxHnd, root, fullpath, usermode)
++			err = fixFiles(fullpath, usermode)
+ 			if err != nil {
+ 				return err
+ 			}
+@@ -272,7 +237,7 @@ func generateTarSplitMetadata(output *bytes.Buffer, file string) (digest.Digest,
+ 	return digester.Digest(), written, nil
+ }
+ 
+-func (d *ostreeImageDestination) importBlob(selinuxHnd *C.struct_selabel_handle, repo *otbuiltin.Repo, blob *blobToImport) error {
++func (d *ostreeImageDestination) importBlob(repo *otbuiltin.Repo, blob *blobToImport) error {
+ 	// TODO: This can take quite some time, and should ideally be cancellable using a context.Context.
+ 
+ 	ostreeBranch := fmt.Sprintf("ociimage/%s", blob.Digest.Hex())
+@@ -295,7 +260,7 @@ func (d *ostreeImageDestination) importBlob(selinuxHnd *C.struct_selabel_handle,
+ 		if err := archive.UntarPath(blob.BlobPath, destinationPath); err != nil {
+ 			return err
+ 		}
+-		if err := fixFiles(selinuxHnd, destinationPath, destinationPath, false); err != nil {
++		if err := fixFiles(destinationPath, false); err != nil {
+ 			return err
+ 		}
+ 	} else {
+@@ -304,7 +269,7 @@ func (d *ostreeImageDestination) importBlob(selinuxHnd *C.struct_selabel_handle,
+ 			return err
+ 		}
+ 
+-		if err := fixFiles(selinuxHnd, destinationPath, destinationPath, true); err != nil {
++		if err := fixFiles(destinationPath, true); err != nil {
+ 			return err
+ 		}
+ 	}
+@@ -415,17 +380,6 @@ func (d *ostreeImageDestination) Commit(ctx context.Context) error {
+ 		return err
+ 	}
+ 
+-	var selinuxHnd *C.struct_selabel_handle
+-
+-	if os.Getuid() == 0 && selinux.GetEnabled() {
+-		selinuxHnd, err = C.selabel_open(C.SELABEL_CTX_FILE, nil, 0)
+-		if selinuxHnd == nil {
+-			return errors.Wrapf(err, "cannot open the SELinux DB")
+-		}
+-
+-		defer C.selabel_close(selinuxHnd)
+-	}
+-
+ 	checkLayer := func(hash string) error {
+ 		blob := d.blobs[hash]
+ 		// if the blob is not present in d.blobs then it is already stored in OSTree,
+@@ -433,7 +387,7 @@ func (d *ostreeImageDestination) Commit(ctx context.Context) error {
+ 		if blob == nil {
+ 			return nil
+ 		}
+-		err := d.importBlob(selinuxHnd, repo, blob)
++		err := d.importBlob(repo, blob)
+ 		if err != nil {
+ 			return err
+ 		}
diff --git a/srcpkgs/skopeo/template b/srcpkgs/skopeo/template
new file mode 100644
index 00000000000..02af525b45d
--- /dev/null
+++ b/srcpkgs/skopeo/template
@@ -0,0 +1,22 @@
+# Template file for 'skopeo'
+pkgname=skopeo
+version=0.1.31
+revision=1
+build_style=go
+go_import_path="github.com/projectatomic/${pkgname}"
+go_package="${go_import_path}/cmd/${pkgname}"
+hostmakedepends="go-md2man pkg-config"
+makedepends="device-mapper-devel gpgme-devel libbtrfs-devel libostree-devel"
+short_desc="Utility for operations on container images and image repositories"
+maintainer="Frank Steinborn <steinex@nognu.de>"
+license="Apache-2.0"
+homepage="https://github.com/containers/skopeo"
+distfiles="https://github.com/containers/${pkgname}/archive/v${version}.tar.gz"
+checksum=f41121044ddca07afa63788302caf3582a653269c9601f7528003693d9807726
+
+post_install() {
+	go-md2man -in docs/skopeo.1.md -out docs/skopeo.1
+	vman docs/skopeo.1
+
+	vinstall completions/bash/skopeo 644 usr/share/bash-completion/completions
+}