Re: [PATCH] netavark: init at 1.1.0
Bruce Ashfield
On Thu, Aug 18, 2022 at 9:17 AM Bach, Pascal <pascal.bach@...> wrote:
likewise, that is what I was seeing as well. But I've been avoiding itBoth can be installed in parallel. And from what I have seen if both are installeds/is replaces/is a replacement/ (netavark) for CNI so far :) The backend can be mahually selected in the podman configI can run my multi-container, multi-runtime tests against it at some point (I put all the runtimes, all the frameworks and all the networking on a single image to see what breaks), and then document the results. Bruce
-- - Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end - "Use the force Harry" - Gandalf, Star Trek II
|
|
Re: [PATCH] netavark: init at 1.1.0
Pascal Bach
Both can be installed in parallel. And from what I have seen if both are installeds/is replaces/is a replacement/ podman seems to prefer netavark. The backend can be mahually selected in the podman config https://github.com/containers/common/blob/main/docs/containers.conf.5.md#network-table but only one can be used at a time. Pascal
|
|
Re: [PATCH] netavark: init at 1.1.0
Bruce Ashfield
On Thu, Aug 18, 2022 at 5:43 AM Pascal Bach <pascal.bach@...> wrote:
s/is replaces/is a replacement/ Since this can replace CNI, can they co-exist at the same time ? We should mention that in the commit message. If they both can't be active on the target at the same time, then we should have a RCONFLICTS in the recipe to make sure they aren't both installed. Bruce The recipe is generated via cargo-bitbake. Modifications are done -- - Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end - "Use the force Harry" - Gandalf, Star Trek II
|
|
[PATCH] netavark: init at 1.1.0
Pascal Bach
From: Pascal Bach <pascal.bach@...>
Netavark is replaces cni for podman. The recipe is generated via cargo-bitbake. Modifications are done in netavark.inc to allow re-genrating the recipe for future updates. Signed-off-by: Pascal Bach <pascal.bach@...> --- recipes-containers/netavark/netavark.inc | 6 + recipes-containers/netavark/netavark_1.1.0.bb | 203 ++++++++++++++++++ 2 files changed, 209 insertions(+) create mode 100644 recipes-containers/netavark/netavark.inc create mode 100644 recipes-containers/netavark/netavark_1.1.0.bb diff --git a/recipes-containers/netavark/netavark.inc b/recipes-containers/netavark/netavark.inc new file mode 100644 index 0000000..4123a2d --- /dev/null +++ b/recipes-containers/netavark/netavark.inc @@ -0,0 +1,6 @@ +# Cargo installs the binary to bin so move it to where podman expects it +do_install:append() { + install -d ${D}${libexecdir}/podman/ + mv ${D}${bindir}/* ${D}${libexecdir}/podman/ + rm -rf ${D}${bindir}/ +} diff --git a/recipes-containers/netavark/netavark_1.1.0.bb b/recipes-containers/netavark/netavark_1.1.0.bb new file mode 100644 index 0000000..3bbbad5 --- /dev/null +++ b/recipes-containers/netavark/netavark_1.1.0.bb @@ -0,0 +1,203 @@ +# Auto-Generated by cargo-bitbake 0.3.16-alpha.0 +# +inherit cargo + +# If this is git based prefer versioned ones if they exist +# DEFAULT_PREFERENCE = "-1" + +# how to get netavark could be as easy as but default to a git checkout: +# SRC_URI += "crate://crates.io/netavark/1.1.0" +SRC_URI += "git://github.com/containers/netavark.git;protocol=https;nobranch=1" +SRCREV = "5d2b799537d080a82ed46725705cfcbcb36417f1" +S = "${WORKDIR}/git" +CARGO_SRC_DIR = "" + + +# please note if you have entries that do not begin with crate:// +# you must change them to how that package can be fetched +SRC_URI += " \ + crate://crates.io/aho-corasick/0.7.18 \ + crate://crates.io/anyhow/1.0.58 \ + crate://crates.io/async-broadcast/0.4.0 \ + crate://crates.io/async-channel/1.6.1 \ + crate://crates.io/async-executor/1.4.1 \ + crate://crates.io/async-io/1.7.0 \ + crate://crates.io/async-lock/2.5.0 \ + crate://crates.io/async-recursion/0.3.2 \ + crate://crates.io/async-task/4.3.0 \ + crate://crates.io/async-trait/0.1.56 \ + crate://crates.io/atty/0.2.14 \ + crate://crates.io/autocfg/1.1.0 \ + crate://crates.io/bitflags/1.3.2 \ + crate://crates.io/block-buffer/0.10.2 \ + crate://crates.io/byteorder/1.4.3 \ + crate://crates.io/bytes/1.1.0 \ + crate://crates.io/cache-padded/1.2.0 \ + crate://crates.io/cc/1.0.73 \ + crate://crates.io/cfg-if/1.0.0 \ + crate://crates.io/chrono/0.4.19 \ + crate://crates.io/clap/3.2.8 \ + crate://crates.io/clap_derive/3.2.7 \ + crate://crates.io/clap_lex/0.2.4 \ + crate://crates.io/concurrent-queue/1.2.2 \ + crate://crates.io/cpufeatures/0.2.2 \ + crate://crates.io/crypto-common/0.1.5 \ + crate://crates.io/derivative/2.2.0 \ + crate://crates.io/digest/0.10.3 \ + crate://crates.io/dirs-sys/0.3.7 \ + crate://crates.io/dirs/4.0.0 \ + crate://crates.io/easy-parallel/3.2.0 \ + crate://crates.io/enumflags2/0.7.5 \ + crate://crates.io/enumflags2_derive/0.7.4 \ + crate://crates.io/env_logger/0.9.0 \ + crate://crates.io/event-listener/2.5.2 \ + crate://crates.io/fastrand/1.7.0 \ + crate://crates.io/form_urlencoded/1.0.1 \ + crate://crates.io/futures-channel/0.3.21 \ + crate://crates.io/futures-core/0.3.21 \ + crate://crates.io/futures-executor/0.3.21 \ + crate://crates.io/futures-io/0.3.21 \ + crate://crates.io/futures-lite/1.12.0 \ + crate://crates.io/futures-macro/0.3.21 \ + crate://crates.io/futures-sink/0.3.21 \ + crate://crates.io/futures-task/0.3.21 \ + crate://crates.io/futures-util/0.3.21 \ + crate://crates.io/futures/0.3.21 \ + crate://crates.io/generic-array/0.14.5 \ + crate://crates.io/getrandom/0.2.7 \ + crate://crates.io/hashbrown/0.12.2 \ + crate://crates.io/heck/0.4.0 \ + crate://crates.io/hermit-abi/0.1.19 \ + crate://crates.io/hex/0.4.3 \ + crate://crates.io/humantime/2.1.0 \ + crate://crates.io/idna/0.2.3 \ + crate://crates.io/indexmap/1.9.1 \ + crate://crates.io/instant/0.1.12 \ + crate://crates.io/ipnet/2.5.0 \ + crate://crates.io/iptables/0.5.0 \ + crate://crates.io/itoa/1.0.2 \ + crate://crates.io/lazy_static/1.4.0 \ + crate://crates.io/libc/0.2.126 \ + crate://crates.io/lock_api/0.4.7 \ + crate://crates.io/log/0.4.17 \ + crate://crates.io/matches/0.1.9 \ + crate://crates.io/memchr/2.5.0 \ + crate://crates.io/memoffset/0.6.5 \ + crate://crates.io/mio/0.8.4 \ + crate://crates.io/netlink-packet-core/0.4.2 \ + crate://crates.io/netlink-packet-route/0.13.0 \ + crate://crates.io/netlink-packet-utils/0.5.1 \ + crate://crates.io/netlink-proto/0.10.0 \ + crate://crates.io/netlink-sys/0.8.3 \ + crate://crates.io/nix/0.23.1 \ + crate://crates.io/nix/0.24.2 \ + crate://crates.io/num-integer/0.1.45 \ + crate://crates.io/num-traits/0.2.15 \ + crate://crates.io/num_cpus/1.13.1 \ + crate://crates.io/once_cell/1.13.0 \ + crate://crates.io/ordered-float/2.10.0 \ + crate://crates.io/ordered-stream/0.0.1 \ + crate://crates.io/os_str_bytes/6.1.0 \ + crate://crates.io/parking/2.0.0 \ + crate://crates.io/parking_lot/0.11.2 \ + crate://crates.io/parking_lot/0.12.1 \ + crate://crates.io/parking_lot_core/0.8.5 \ + crate://crates.io/parking_lot_core/0.9.3 \ + crate://crates.io/paste/1.0.7 \ + crate://crates.io/percent-encoding/2.1.0 \ + crate://crates.io/pin-project-lite/0.2.9 \ + crate://crates.io/pin-utils/0.1.0 \ + crate://crates.io/polling/2.2.0 \ + crate://crates.io/ppv-lite86/0.2.16 \ + crate://crates.io/proc-macro-crate/1.1.3 \ + crate://crates.io/proc-macro-error-attr/1.0.4 \ + crate://crates.io/proc-macro-error/1.0.4 \ + crate://crates.io/proc-macro2/1.0.40 \ + crate://crates.io/quote/1.0.20 \ + crate://crates.io/rand/0.8.5 \ + crate://crates.io/rand_chacha/0.3.1 \ + crate://crates.io/rand_core/0.6.3 \ + crate://crates.io/redox_syscall/0.2.13 \ + crate://crates.io/redox_users/0.4.3 \ + crate://crates.io/regex-syntax/0.6.27 \ + crate://crates.io/regex/1.6.0 \ + crate://crates.io/remove_dir_all/0.5.3 \ + crate://crates.io/rtnetlink/0.11.0 \ + crate://crates.io/ryu/1.0.10 \ + crate://crates.io/same-file/1.0.6 \ + crate://crates.io/scopeguard/1.1.0 \ + crate://crates.io/serde-value/0.7.0 \ + crate://crates.io/serde/1.0.140 \ + crate://crates.io/serde_derive/1.0.140 \ + crate://crates.io/serde_json/1.0.82 \ + crate://crates.io/serde_repr/0.1.8 \ + crate://crates.io/sha1/0.6.1 \ + crate://crates.io/sha1_smol/1.0.0 \ + crate://crates.io/sha2/0.10.2 \ + crate://crates.io/signal-hook-registry/1.4.0 \ + crate://crates.io/slab/0.4.6 \ + crate://crates.io/smallvec/1.9.0 \ + crate://crates.io/socket2/0.4.4 \ + crate://crates.io/static_assertions/1.1.0 \ + crate://crates.io/strsim/0.10.0 \ + crate://crates.io/syn/1.0.98 \ + crate://crates.io/sysctl/0.4.4 \ + crate://crates.io/tempfile/3.3.0 \ + crate://crates.io/termcolor/1.1.3 \ + crate://crates.io/textwrap/0.15.0 \ + crate://crates.io/thiserror-impl/1.0.31 \ + crate://crates.io/thiserror/1.0.31 \ + crate://crates.io/time/0.1.44 \ + crate://crates.io/tinyvec/1.6.0 \ + crate://crates.io/tinyvec_macros/0.1.0 \ + crate://crates.io/tokio-macros/1.8.0 \ + crate://crates.io/tokio/1.20.0 \ + crate://crates.io/toml/0.5.9 \ + crate://crates.io/tracing-attributes/0.1.22 \ + crate://crates.io/tracing-core/0.1.28 \ + crate://crates.io/tracing/0.1.35 \ + crate://crates.io/typenum/1.15.0 \ + crate://crates.io/uds_windows/1.0.2 \ + crate://crates.io/unicode-bidi/0.3.8 \ + crate://crates.io/unicode-ident/1.0.1 \ + crate://crates.io/unicode-normalization/0.1.21 \ + crate://crates.io/url/2.2.2 \ + crate://crates.io/version_check/0.9.4 \ + crate://crates.io/waker-fn/1.1.0 \ + crate://crates.io/walkdir/2.3.2 \ + crate://crates.io/wasi/0.10.0+wasi-snapshot-preview1 \ + crate://crates.io/wasi/0.11.0+wasi-snapshot-preview1 \ + crate://crates.io/wepoll-ffi/0.1.2 \ + crate://crates.io/winapi-i686-pc-windows-gnu/0.4.0 \ + crate://crates.io/winapi-util/0.1.5 \ + crate://crates.io/winapi-x86_64-pc-windows-gnu/0.4.0 \ + crate://crates.io/winapi/0.3.9 \ + crate://crates.io/windows-sys/0.36.1 \ + crate://crates.io/windows_aarch64_msvc/0.36.1 \ + crate://crates.io/windows_i686_gnu/0.36.1 \ + crate://crates.io/windows_i686_msvc/0.36.1 \ + crate://crates.io/windows_x86_64_gnu/0.36.1 \ + crate://crates.io/windows_x86_64_msvc/0.36.1 \ + crate://crates.io/zbus/2.3.2 \ + crate://crates.io/zbus_macros/2.3.2 \ + crate://crates.io/zbus_names/2.1.0 \ + crate://crates.io/zvariant/3.4.1 \ + crate://crates.io/zvariant_derive/3.4.1 \ +" + + + +# FIXME: update generateme with the real MD5 of the license file +LIC_FILES_CHKSUM = " \ + file://LICENSE;md5=86d3f3a95c324c9479bd8986968f4327 \ +" + +SUMMARY = "A container network stack" +HOMEPAGE = "https://github.com/containers/netavark" +LICENSE = "Apache-2.0" + +# includes this file if it exists but does not fail +# this is useful for anything you may want to override from +# what cargo-bitbake generates. +include netavark-${PV}.inc +include netavark.inc -- 2.37.2
|
|
[PATCH] podman: replace GOBUILDFLAGS patch
Pascal Bach
From: Pascal Bach <pascal.bach@...>
The GOBUILDFLAGS patch is replaced by explicitly setting BUILDFLAGS="${GOBUILDFLAGS}" in the recipe. Signed-off-by: Pascal Bach <pascal.bach@...> --- ...01-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch | 109 ------------------ recipes-containers/podman/podman_git.bb | 4 +- 2 files changed, 3 insertions(+), 110 deletions(-) delete mode 100644 recipes-containers/podman/podman/0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch diff --git a/recipes-containers/podman/podman/0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch b/recipes-containers/podman/podman/0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch deleted file mode 100644 index 14b2714..0000000 --- a/recipes-containers/podman/podman/0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch +++ /dev/null @@ -1,109 +0,0 @@ -From 3e18f3a4db638a3df48f49aa0a539f8bb048afc9 Mon Sep 17 00:00:00 2001 -From: Andrei Gherzan <andrei.gherzan@...> -Date: Tue, 5 Jul 2022 11:51:56 +0200 -Subject: [PATCH] Rename BUILDFLAGS to GOBUILDFLAGS - -Yocto uses GOBUILDFLAGS to pass the right build flags while the Makefile -uses BUILDFLAGS. Align them accordingly. - -See go.bbclass for more information. - -Upstream-Status: Inappropriate [OE specific] -Signed-off-by: Andrei Gherzan <andrei.gherzan@...> ---- - Makefile | 24 ++++++++++++------------ - 1 file changed, 12 insertions(+), 12 deletions(-) - -Index: import/Makefile -=================================================================== ---- import.orig/Makefile -+++ import/Makefile -@@ -242,7 +242,7 @@ - - .PHONY: test/checkseccomp/checkseccomp - test/checkseccomp/checkseccomp: $(wildcard test/checkseccomp/*.go) -- $(GOCMD) build $(BUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -tags "$(BUILDTAGS)" -o $@ ./test/checkseccomp -+ $(GOCMD) build $(GOBUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -tags "$(BUILDTAGS)" -o $@ ./test/checkseccomp - - .PHONY: test/testvol/testvol - test/testvol/testvol: $(wildcard test/testvol/*.go) -@@ -254,7 +254,7 @@ - - .PHONY: test/goecho/goecho - test/goecho/goecho: $(wildcard test/goecho/*.go) -- $(GOCMD) build $(BUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -o $@ ./test/goecho -+ $(GOCMD) build $(GOBUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -o $@ ./test/goecho - - test/version/version: version/version.go - $(GO) build -o $@ ./test/version/ -@@ -296,7 +296,7 @@ - distro for journald support." - endif - $(GOCMD) build \ -- $(BUILDFLAGS) \ -+ $(GOBUILDFLAGS) \ - $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' \ - -tags "$(BUILDTAGS)" \ - -o $@ ./cmd/podman -@@ -308,7 +308,7 @@ - # '|' is to ignore SRCBINDIR mtime; see: info make 'Types of Prerequisites' - $(SRCBINDIR)/podman$(BINSFX): $(SOURCES) go.mod go.sum | $(SRCBINDIR) - $(GOCMD) build \ -- $(BUILDFLAGS) \ -+ $(GOBUILDFLAGS) \ - $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' \ - -tags "${REMOTETAGS}" \ - -o $@ ./cmd/podman -@@ -318,7 +318,7 @@ - GOOS=linux \ - GOARCH=$(GOARCH) \ - $(GO) build \ -- $(BUILDFLAGS) \ -+ $(GOBUILDFLAGS) \ - $(GO_LDFLAGS) '$(LDFLAGS_PODMAN_STATIC)' \ - -tags "${REMOTETAGS}" \ - -o $@ ./cmd/podman -@@ -338,7 +338,7 @@ - CGO_ENABLED=0 \ - GOOS=windows \ - $(GO) build \ -- $(BUILDFLAGS) \ -+ $(GOBUILDFLAGS) \ - -ldflags -H=windowsgui \ - -o bin/windows/winpath.exe \ - ./cmd/winpath -@@ -349,14 +349,14 @@ - GOOS=darwin \ - GOARCH=$(GOARCH) \ - $(GO) build \ -- $(BUILDFLAGS) \ -+ $(GOBUILDFLAGS) \ - -o bin/darwin/podman-mac-helper \ - ./cmd/podman-mac-helper - - bin/rootlessport: $(SOURCES) go.mod go.sum - CGO_ENABLED=$(CGO_ENABLED) \ - $(GO) build \ -- $(BUILDFLAGS) \ -+ $(GOBUILDFLAGS) \ - -o $@ ./cmd/rootlessport - - .PHONY: rootlessport -@@ -379,7 +379,7 @@ - GOARCH="$${TARGET##*.}"; \ - CGO_ENABLED=0 \ - $(GO) build \ -- $(BUILDFLAGS) \ -+ $(GOBUILDFLAGS) \ - $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' \ - -tags '$(BUILDTAGS_CROSS)' \ - -o "$@" ./cmd/podman -@@ -830,7 +830,7 @@ - - .PHONY: .install.ginkgo - .install.ginkgo: -- $(GO) install $(BUILDFLAGS) ./vendor/github.com/onsi/ginkgo/ginkgo -+ $(GO) install $(GOBUILDFLAGS) ./vendor/github.com/onsi/ginkgo/ginkgo - - .PHONY: .install.golangci-lint - .install.golangci-lint: diff --git a/recipes-containers/podman/podman_git.bb b/recipes-containers/podman/podman_git.bb index 52ffa6c..f19d092 100644 --- a/recipes-containers/podman/podman_git.bb +++ b/recipes-containers/podman/podman_git.bb @@ -20,7 +20,6 @@ DEPENDS = " \ SRCREV = "754ec89a8a185d308ca5ed08afaf34d6cbda08da" SRC_URI = " \ git://github.com/containers/libpod.git;branch=v4.2;protocol=https \ - file://0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch;patchdir=src/import \ ${@bb.utils.contains('PACKAGECONFIG', 'rootless', 'file://00-podman-rootless.conf', '', d)} \ " @@ -46,6 +45,9 @@ export LDFLAGS="" # https://github.com/llvm/llvm-project/issues/53999 TOOLCHAIN = "gcc" +# podmans Makefile expects BUILDFLAGS to be set but go.bbclass defines them in GOBUILDFLAGS +export BUILDFLAGS="${GOBUILDFLAGS}" + inherit go goarch inherit systemd pkgconfig -- 2.37.2
|
|
Re: [PATCH] singularity: Skip recipe on musl builds
On Wed, Aug 17, 2022 at 9:38 AM Andrei Gherzan <andrei@...> wrote:
Well not orthogonal I would say but alternate solution to what this patch is trying to fix, if you remove glibc from the rdeps then this patch is not needed Andrei
|
|
Re: [PATCH] singularity: Skip recipe on musl builds
Andrei Gherzan
On Wed, 17 Aug 2022, at 15:59, Khem Raj wrote:
On Wed, Aug 17, 2022 at 7:15 AM Andrei Gherzan <andrei@...> wrote:It built alright but I didn't check any runtime behaviour. I do find this a bit orthogonal at this point but I've sent both patches so Bruce can pick any - both approaches are working for me.maybe that rdep on glibc is bogus. Its not normal to depends on glibc Andrei
|
|
[PATCH] singularity: Drop explicit runtime dep glibc
Andrei Gherzan
From: Andrei Gherzan <andrei.gherzan@...>
There is no need we can see for this dependency to be provided as such - especially forcing this to using glibc. Signed-off-by: Andrei Gherzan <andrei.gherzan@...> --- recipes-containers/singularity/singularity_git.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/recipes-containers/singularity/singularity_git.bb b/recipes-containers/singularity/singularity_git.bb index 321a9a6..e3903ec 100644 --- a/recipes-containers/singularity/singularity_git.bb +++ b/recipes-containers/singularity/singularity_git.bb @@ -2,7 +2,7 @@ # Singularity build / config: read up on the dev-so test for more info) INSANE_SKIP:${PN} += "dev-so" -RDEPENDS:${PN} += "glibc python3 ca-certificates openssl bash e2fsprogs-mke2fs" +RDEPENDS:${PN} += "python3 ca-certificates openssl bash e2fsprogs-mke2fs" LICENSE = "BSD-3-Clause | Apache-2.0" LIC_FILES_CHKSUM = "file://COPYRIGHT.md;md5=be78c34e483dd7d8439358b1e024b294 \ -- 2.25.1
|
|
[kirkstone][PATCH] singularity: Drop explicit runtime dep glibc
Andrei Gherzan
From: Andrei Gherzan <andrei.gherzan@...>
There is no need we can see for this dependency to be provided as such - especially forcing this to using glibc. Signed-off-by: Andrei Gherzan <andrei.gherzan@...> --- recipes-containers/singularity/singularity_git.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/recipes-containers/singularity/singularity_git.bb b/recipes-containers/singularity/singularity_git.bb index 321a9a6..e3903ec 100644 --- a/recipes-containers/singularity/singularity_git.bb +++ b/recipes-containers/singularity/singularity_git.bb @@ -2,7 +2,7 @@ # Singularity build / config: read up on the dev-so test for more info) INSANE_SKIP:${PN} += "dev-so" -RDEPENDS:${PN} += "glibc python3 ca-certificates openssl bash e2fsprogs-mke2fs" +RDEPENDS:${PN} += "python3 ca-certificates openssl bash e2fsprogs-mke2fs" LICENSE = "BSD-3-Clause | Apache-2.0" LIC_FILES_CHKSUM = "file://COPYRIGHT.md;md5=be78c34e483dd7d8439358b1e024b294 \ -- 2.25.1
|
|
Re: [kirkstone][meta-virtualization][PATCH] ceph: upgrade v15.2.15 -> v15.2.17
Bruce Ashfield
Thanks Joe!
Bruce On Wed, Aug 17, 2022 at 12:28 PM Slater, Joseph <joe.slater@...> wrote:
-- - Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end - "Use the force Harry" - Gandalf, Star Trek II
|
|
Re: [kirkstone][meta-virtualization][PATCH] ceph: upgrade v15.2.15 -> v15.2.17
Joe Slater
The CVE fix I sent you is in the upgraded version of ceph. Joe
toggle quoted messageShow quoted text
-----Original Message-----
|
|
Re: [PATCH] singularity: Skip recipe on musl builds
On Wed, Aug 17, 2022 at 7:15 AM Andrei Gherzan <andrei@...> wrote:
maybe that rdep on glibc is bogus. Its not normal to depends on glibc like that, in some cases e.g. locales etc it maybe that we need them but thats usually for ptests etc. can you try to remove the rdep and see if it builds ok with musl too ? Andrei
|
|
Re: [kirkstone][meta-virtualization][PATCH] ceph: upgrade v15.2.15 -> v15.2.17
Bruce Ashfield
I also have a pending patch from Joe Slater that addresses a different
toggle quoted messageShow quoted text
CVE on kirkstone. Can someone look and check if it is also covered by this uprev ? Ceph takes an incredibly long time to build on my servers, so I'd like to avoid as many builds as possible. Bruce
On Mon, Aug 15, 2022 at 5:03 PM <sakib.sajal@...> wrote:
--
- Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end - "Use the force Harry" - Gandalf, Star Trek II
|
|
Re: [PATCH] singularity: Skip recipe on musl builds
Andrei Gherzan
On Wed, 17 Aug 2022, at 15:09, Khem Raj wrote:
On Wed, Aug 17, 2022 at 4:51 AM Andrei Gherzan <andrei@...> wrote:I've tried to figure it out but I couldn't find anything obvious.do you know why is it marked as glibc only. https://git.yoctoproject.org/meta-virtualization/commit/recipes-containers/singularity/singularity_git.bb?id=06bc17d1f0650ad2cb134b09b25133bcd641d473 Andrei
|
|
Re: [PATCH] singularity: Skip recipe on musl builds
On Wed, Aug 17, 2022 at 4:51 AM Andrei Gherzan <andrei@...> wrote:
do you know why is it marked as glibc only. Signed-off-by: Andrei Gherzan <andrei.gherzan@...>
|
|
Re: [PATCH] podman: update to v4.2.0
Bruce Ashfield
On Wed, Aug 17, 2022 at 8:58 AM Bruce Ashfield via
lists.yoctoproject.org <bruce.ashfield=gmail.com@...> wrote: I just pushed part of my uprev's to master-next .. that being said, my podman uprev just refreshes the BUILDFLAGS patch, using the exported variable is simpler for future uprevs. Did you want to send just that part of the patch against master-next ? That way you'll get the credit for the simplification of the build. Cheers, Bruce
-- - Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end - "Use the force Harry" - Gandalf, Star Trek II
|
|
Re: [PATCH] podman: update to v4.2.0
Bruce Ashfield
I had just tested the podman (and related version bumps) last night,
toggle quoted messageShow quoted text
but thanks for the patch! Bruce
On Wed, Aug 17, 2022 at 5:50 AM Pascal Bach <pascal.bach@...> wrote:
--
- Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end - "Use the force Harry" - Gandalf, Star Trek II
|
|
[kirkstone][PATCH] singularity: Skip recipe on musl builds
Andrei Gherzan
From: Andrei Gherzan <andrei.gherzan@...>
This recipe explicitely rdepends on glibc so trying to build this with musl will break world builds. Signed-off-by: Andrei Gherzan <andrei.gherzan@...> --- recipes-containers/singularity/singularity_git.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/recipes-containers/singularity/singularity_git.bb b/recipes-containers/singularity/singularity_git.bb index 321a9a6..8e7ab76 100644 --- a/recipes-containers/singularity/singularity_git.bb +++ b/recipes-containers/singularity/singularity_git.bb @@ -28,3 +28,5 @@ pkg_postinst:${PN}() { rm -r $D${libdir}/ssl/certs ln -sr $D${sysconfdir}/ssl/certs $D${libdir}/ssl } + +COMPATIBLE_HOST:libc-musl:class-target = "null" -- 2.25.1
|
|
[PATCH] singularity: Skip recipe on musl builds
Andrei Gherzan
From: Andrei Gherzan <andrei.gherzan@...>
This recipe explicitely rdepends on glibc so trying to build this with musl will break world builds. Signed-off-by: Andrei Gherzan <andrei.gherzan@...> --- recipes-containers/singularity/singularity_git.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/recipes-containers/singularity/singularity_git.bb b/recipes-containers/singularity/singularity_git.bb index 321a9a6..8e7ab76 100644 --- a/recipes-containers/singularity/singularity_git.bb +++ b/recipes-containers/singularity/singularity_git.bb @@ -28,3 +28,5 @@ pkg_postinst:${PN}() { rm -r $D${libdir}/ssl/certs ln -sr $D${sysconfdir}/ssl/certs $D${libdir}/ssl } + +COMPATIBLE_HOST:libc-musl:class-target = "null" -- 2.25.1
|
|
[PATCH] podman: update to v4.2.0
Pascal Bach
From: Pascal Bach <pascal.bach@...>
The libseccomp patch was a backport and is included in the current release. The GOBUILDFLAGS patch is replaced by explicitly setting BUILDFLAGS="${GOBUILDFLAGS}" in the recipe. Signed-off-by: Pascal Bach <pascal.bach@...> --- ...01-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch | 123 ------------------ ...efine-ActKillThread-equal-to-ActKill.patch | 90 ------------- recipes-containers/podman/podman_git.bb | 11 +- 3 files changed, 6 insertions(+), 218 deletions(-) delete mode 100644 recipes-containers/podman/podman/0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch delete mode 100644 recipes-containers/podman/podman/0002-Define-ActKillThread-equal-to-ActKill.patch diff --git a/recipes-containers/podman/podman/0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch b/recipes-containers/podman/podman/0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch deleted file mode 100644 index e27e1fa..0000000 --- a/recipes-containers/podman/podman/0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch +++ /dev/null @@ -1,123 +0,0 @@ -From 3e18f3a4db638a3df48f49aa0a539f8bb048afc9 Mon Sep 17 00:00:00 2001 -From: Andrei Gherzan <andrei.gherzan@...> -Date: Tue, 5 Jul 2022 11:51:56 +0200 -Subject: [PATCH] Rename BUILDFLAGS to GOBUILDFLAGS - -Yocto uses GOBUILDFLAGS to pass the right build flags while the Makefile -uses BUILDFLAGS. Align them accordingly. - -See go.bbclass for more information. - -Upstream-Status: Inappropriate [OE specific] -Signed-off-by: Andrei Gherzan <andrei.gherzan@...> ---- - Makefile | 24 ++++++++++++------------ - 1 file changed, 12 insertions(+), 12 deletions(-) - -Index: import/Makefile -=================================================================== ---- import.orig/Makefile -+++ import/Makefile -@@ -69,7 +69,7 @@ - # triggered. - SOURCES = $(shell find . -path './.*' -prune -o \( \( -name '*.go' -o -name '*.c' \) -a ! -name '*_test.go' \) -print) - --BUILDFLAGS := -mod=vendor $(BUILDFLAGS) -+GOBUILDFLAGS := -mod=vendor $(GOBUILDFLAGS) - - BUILDTAGS_CROSS ?= containers_image_openpgp exclude_graphdriver_btrfs exclude_graphdriver_devicemapper exclude_graphdriver_overlay - CONTAINER_RUNTIME := $(shell command -v podman 2> /dev/null || echo docker) -@@ -264,11 +264,11 @@ - - .PHONY: test/checkseccomp/checkseccomp - test/checkseccomp/checkseccomp: .gopathok $(wildcard test/checkseccomp/*.go) -- $(GOCMD) build $(BUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -tags "$(BUILDTAGS)" -o $@ ./test/checkseccomp -+ $(GOCMD) build $(GOBUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -tags "$(BUILDTAGS)" -o $@ ./test/checkseccomp - - .PHONY: test/testvol/testvol - test/testvol/testvol: .gopathok $(wildcard test/testvol/*.go) -- $(GOCMD) build $(BUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -o $@ ./test/testvol -+ $(GOCMD) build $(GOBUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -o $@ ./test/testvol - - .PHONY: volume-plugin-test-image - volume-plugin-test-img: -@@ -276,7 +276,7 @@ - - .PHONY: test/goecho/goecho - test/goecho/goecho: .gopathok $(wildcard test/goecho/*.go) -- $(GOCMD) build $(BUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -o $@ ./test/goecho -+ $(GOCMD) build $(GOBUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -o $@ ./test/goecho - - test/version/version: .gopathok version/version.go - $(GO) build -o $@ ./test/version/ -@@ -318,7 +318,7 @@ - distro for journald support." - endif - $(GOCMD) build \ -- $(BUILDFLAGS) \ -+ $(GOBUILDFLAGS) \ - $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' \ - -tags "$(BUILDTAGS)" \ - -o $@ ./cmd/podman -@@ -329,7 +329,7 @@ - - $(SRCBINDIR)/podman$(BINSFX): $(SRCBINDIR) .gopathok $(SOURCES) go.mod go.sum - $(GOCMD) build \ -- $(BUILDFLAGS) \ -+ $(GOBUILDFLAGS) \ - $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' \ - -tags "${REMOTETAGS}" \ - -o $@ ./cmd/podman -@@ -339,7 +339,7 @@ - GOOS=$(GOOS) \ - GOARCH=$(GOARCH) \ - $(GO) build \ -- $(BUILDFLAGS) \ -+ $(GOBUILDFLAGS) \ - $(GO_LDFLAGS) '$(LDFLAGS_PODMAN_STATIC)' \ - -tags "${REMOTETAGS}" \ - -o $@ ./cmd/podman -@@ -374,7 +374,7 @@ - CGO_ENABLED=0 \ - GOOS=windows \ - $(GO) build \ -- $(BUILDFLAGS) \ -+ $(GOBUILDFLAGS) \ - -ldflags -H=windowsgui \ - -o bin/windows/winpath.exe \ - ./cmd/winpath -@@ -393,14 +393,14 @@ - GOOS=darwin \ - GOARCH=$(GOARCH) \ - $(GO) build \ -- $(BUILDFLAGS) \ -+ $(GOBUILDFLAGS) \ - -o bin/darwin/podman-mac-helper \ - ./cmd/podman-mac-helper - - bin/rootlessport: .gopathok $(SOURCES) go.mod go.sum - CGO_ENABLED=$(CGO_ENABLED) \ - $(GO) build \ -- $(BUILDFLAGS) \ -+ $(GOBUILDFLAGS) \ - -o $@ ./cmd/rootlessport - - .PHONY: rootlessport -@@ -423,7 +423,7 @@ - GOARCH="$${TARGET##*.}"; \ - CGO_ENABLED=0 \ - $(GO) build \ -- $(BUILDFLAGS) \ -+ $(GOBUILDFLAGS) \ - $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' \ - -tags '$(BUILDTAGS_CROSS)' \ - -o "$@" ./cmd/podman -@@ -871,7 +871,7 @@ - .PHONY: .install.ginkgo - .install.ginkgo: .gopathok - if [ ! -x "$(GOBIN)/ginkgo" ]; then \ -- $(GO) install $(BUILDFLAGS) ./vendor/github.com/onsi/ginkgo/ginkgo ; \ -+ $(GO) install $(GOBUILDFLAGS) ./vendor/github.com/onsi/ginkgo/ginkgo ; \ - fi - - .PHONY: .install.gitvalidation diff --git a/recipes-containers/podman/podman/0002-Define-ActKillThread-equal-to-ActKill.patch b/recipes-containers/podman/podman/0002-Define-ActKillThread-equal-to-ActKill.patch deleted file mode 100644 index ba51d4a..0000000 --- a/recipes-containers/podman/podman/0002-Define-ActKillThread-equal-to-ActKill.patch +++ /dev/null @@ -1,90 +0,0 @@ -From f2aa0359bcc776239bda8a4eb84957b97ef55c35 Mon Sep 17 00:00:00 2001 -From: Tonis Tiigi <tonistiigi@...> -Date: Fri, 28 Jan 2022 14:44:56 -0800 -Subject: [PATCH] Define ActKillThread equal to ActKill -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -These constants are equal in libseccomp but Go definitions -were defined separately. This resulted in dead code that -never executed due to identical case statements in switch. -Go can usually detect these error cases and refuses to build -but for some reason this detection doesn’t work with cgo+gcc. -Clang detects the equal constants correctly and therefore -libseccomp-golang builds with clang broke after ActKillThread -was added. - -In order to fix the clang build only removal of the -switch case is needed. But I assumed that the setter/getter -logic is supposed to work for ActKillThread as well -and only way to ensure that is to set them equal like they -are in C. - -Signed-off-by: Tonis Tiigi <tonistiigi@...> -Signed-off-by: Sebastiaan van Stijn <github@...> -Acked-by: Tom Hromatka <tom.hromatka@...> -Signed-off-by: Paul Moore <paul@...> -Signed-off-by: Andrei Gherzan <andrei.gherzan@...> -Upstream-status: Backport [https://github.com/seccomp/libseccomp-golang/commit/c35397d0ea8f285a0be78693bb2fd37b06952453] ---- - seccomp.go | 8 ++++---- - seccomp_internal.go | 4 ---- - 2 files changed, 4 insertions(+), 8 deletions(-) - -diff --git a/seccomp.go b/seccomp.go -index e9b92e2..32f6ab2 100644 ---- a/seccomp.go -+++ b/seccomp.go -@@ -214,14 +214,14 @@ const ( - // This action is only usable when libseccomp API level 3 or higher is - // supported. - ActLog ScmpAction = iota -- // ActKillThread kills the thread that violated the rule. It is the same as ActKill. -- // All other threads from the same thread group will continue to execute. -- ActKillThread ScmpAction = iota - // ActKillProcess kills the process that violated the rule. - // All threads in the thread group are also terminated. - // This action is only usable when libseccomp API level 3 or higher is - // supported. - ActKillProcess ScmpAction = iota -+ // ActKillThread kills the thread that violated the rule. It is the same as ActKill. -+ // All other threads from the same thread group will continue to execute. -+ ActKillThread = ActKill - ) - - const ( -@@ -394,7 +394,7 @@ func (a ScmpCompareOp) String() string { - // String returns a string representation of a seccomp match action - func (a ScmpAction) String() string { - switch a & 0xFFFF { -- case ActKill, ActKillThread: -+ case ActKillThread: - return "Action: Kill thread" - case ActKillProcess: - return "Action: Kill process" -diff --git a/seccomp_internal.go b/seccomp_internal.go -index 8dc7b29..8fc9914 100644 ---- a/seccomp_internal.go -+++ b/seccomp_internal.go -@@ -612,8 +612,6 @@ func (a ScmpCompareOp) toNative() C.int { - func actionFromNative(a C.uint32_t) (ScmpAction, error) { - aTmp := a & 0xFFFF - switch a & 0xFFFF0000 { -- case C.C_ACT_KILL: -- return ActKill, nil - case C.C_ACT_KILL_PROCESS: - return ActKillProcess, nil - case C.C_ACT_KILL_THREAD: -@@ -638,8 +636,6 @@ func actionFromNative(a C.uint32_t) (ScmpAction, error) { - // Only use with sanitized actions, no error handling - func (a ScmpAction) toNative() C.uint32_t { - switch a & 0xFFFF { -- case ActKill: -- return C.C_ACT_KILL - case ActKillProcess: - return C.C_ACT_KILL_PROCESS - case ActKillThread: --- -2.25.1 - diff --git a/recipes-containers/podman/podman_git.bb b/recipes-containers/podman/podman_git.bb index 9b92094..ea10f66 100644 --- a/recipes-containers/podman/podman_git.bb +++ b/recipes-containers/podman/podman_git.bb @@ -17,11 +17,9 @@ DEPENDS = " \ ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \ " -SRCREV = "cedbbfa543651a13055a1fe093a4d0a2a28ccdfd" +SRCREV = "7fe5a419cfd2880df2028ad3d7fd9378a88a04f4" SRC_URI = " \ - git://github.com/containers/libpod.git;branch=v4.1;protocol=https \ - file://0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch;patchdir=src/import \ - file://0002-Define-ActKillThread-equal-to-ActKill.patch;patchdir=src/import/vendor/github.com/seccomp/libseccomp-golang \ + git://github.com/containers/libpod.git;branch=v4.2;protocol=https \ ${@bb.utils.contains('PACKAGECONFIG', 'rootless', 'file://00-podman-rootless.conf', '', d)} \ " @@ -32,7 +30,7 @@ GO_IMPORT = "import" S = "${WORKDIR}/git" -PV = "4.1.0+git${SRCPV}" +PV = "4.2.0+git${SRCPV}" PACKAGES =+ "${PN}-contrib" @@ -47,6 +45,9 @@ export LDFLAGS="" # https://github.com/llvm/llvm-project/issues/53999 TOOLCHAIN = "gcc" +# podmans Makefile expects BUILDFLAGS to be set but go.bbclass defines them in GOBUILDFLAGS +export BUILDFLAGS="${GOBUILDFLAGS}" + inherit go goarch inherit systemd pkgconfig -- 2.37.2
|
|