Re: [PATCH 1/3] podman: Add seccomp as REQUIRED_DISTRO_FEATURES


Martin Jansa
 

AB would use the new default DISTRO_FEATURES which already contain seccomp.


On Fri, Jun 25, 2021 at 2:46 PM Bruce Ashfield <bruce.ashfield@...> wrote:
On Fri, Jun 25, 2021 at 4:11 AM Diego Sueiro <Diego.Sueiro@...> wrote:
>
> >-----Original Message-----
> >From: Bruce Ashfield <bruce.ashfield@...>
> >Sent: 25 June 2021 03:49
> >To: Martin Jansa <martin.jansa@...>
> >Cc: Diego Sueiro <Diego.Sueiro@...>; meta-
> >virtualization@...; nd <nd@...>
> >Subject: Re: [meta-virtualization][PATCH 1/3] podman: Add seccomp as
> >REQUIRED_DISTRO_FEATURES
> >
> >On Thu, Jun 24, 2021 at 5:01 PM Martin Jansa <martin.jansa@...>
> >wrote:
> >>
> >> This change is correct, libseccomp still requires seccomp in
> >DISTRO_FEATURES, so anything depending on it should have the same
> >restriction.
> >>
> >
> >Right, I understand how/why it works like this .. but it is super clunky when we
> >can't just depend on something that is now in core, without needing to
> >sprinkle distro checks everywhere.
> >
> >As the list of recipes gets larger with that check, it really isn't an optional distro
> >feature for using meta virt at all, and it would be nice if we could just do the
> >check once and be done with it.
>
> Just a side note that these patches fix issues with yocto-check-layer.

I've disagreed with check-layer before (and we've changed how it works)

That being said, the layer is checked on the AB, and Richard hasn't
reported any issues. So clearly there's something wrong with the AB
test or with something else.

Bruce

>
> Diego
>
> >
> >Bruce
> >
> >> seccomp is now in default DISTRO_FEATURES, but not through BACKFILL
> >feature, so many existing DISTROs didn't get it automatically added and
> >requiring it is the right way to automatically skip such recipes.
> >>
> >> On Thu, Jun 24, 2021 at 12:45 PM Bruce Ashfield
> ><bruce.ashfield@...> wrote:
> >>>
> >>> What branch are you working with ?
> >>>
> >>> Now that seccomp is in core, we no longer have those restrictions, so
> >>> I assume this is on an older branch ?
> >>>
> >>> Bruce
> >>>
> >>> On Thu, Jun 24, 2021 at 3:00 PM Diego Sueiro <diego.sueiro@...>
> >wrote:
> >>> >
> >>> > The libseccomp package is only available if seccomp is in
> >DISTRO_FEATURES.
> >>> >
> >>> > Signed-off-by: Diego Sueiro <diego.sueiro@...>
> >>> > ---
> >>> >  recipes-containers/podman/podman_git.bb | 3 +++
> >>> >  1 file changed, 3 insertions(+)
> >>> >
> >>> > diff --git a/recipes-containers/podman/podman_git.bb
> >>> > b/recipes-containers/podman/podman_git.bb
> >>> > index 9dcb21c..351f38b 100644
> >>> > --- a/recipes-containers/podman/podman_git.bb
> >>> > +++ b/recipes-containers/podman/podman_git.bb
> >>> > @@ -6,6 +6,9 @@ DESCRIPTION = "Podman is a daemonless container
> >engine for developing, \
> >>> >      `alias docker=podman`. \
> >>> >      "
> >>> >
> >>> > +inherit features_check
> >>> > +REQUIRED_DISTRO_FEATURES ?= "seccomp"
> >>> > +
> >>> >  DEPENDS = " \
> >>> >      go-metalinter-native \
> >>> >      go-md2man-native \
> >>> > --
> >>> > 2.17.1
> >>> >
> >>> >
> >>> >
> >>> >
> >>>
> >>>
> >>> --
> >>> - Thou shalt not follow the NULL pointer, for chaos and madness await
> >>> thee at its end
> >>> - "Use the force Harry" - Gandalf, Star Trek II
> >>>
> >>>
> >>>
> >
> >
> >--
> >- Thou shalt not follow the NULL pointer, for chaos and madness await thee at
> >its end
> >- "Use the force Harry" - Gandalf, Star Trek II



--
- Thou shalt not follow the NULL pointer, for chaos and madness await
thee at its end
- "Use the force Harry" - Gandalf, Star Trek II

Join meta-virtualization@lists.yoctoproject.org to automatically receive all group messages.