[arch-commits] Commit in buildah/repos/community-x86_64 (4 files)
Bartłomiej Piotrowski
bpiotrowski at archlinux.org
Thu Sep 20 09:57:40 UTC 2018
Date: Thursday, September 20, 2018 @ 09:57:40
Author: bpiotrowski
Revision: 383512
archrelease: copy trunk to community-x86_64
Added:
buildah/repos/community-x86_64/0001-Revert-ostree-add-selinux-label-for-each-file.patch
(from rev 383511, buildah/trunk/0001-Revert-ostree-add-selinux-label-for-each-file.patch)
buildah/repos/community-x86_64/PKGBUILD
(from rev 383511, buildah/trunk/PKGBUILD)
Deleted:
buildah/repos/community-x86_64/0001-Revert-ostree-add-selinux-label-for-each-file.patch
buildah/repos/community-x86_64/PKGBUILD
----------------------------------------------------------+
0001-Revert-ostree-add-selinux-label-for-each-file.patch | 288 ++++++-------
PKGBUILD | 87 +--
2 files changed, 187 insertions(+), 188 deletions(-)
Deleted: 0001-Revert-ostree-add-selinux-label-for-each-file.patch
===================================================================
--- 0001-Revert-ostree-add-selinux-label-for-each-file.patch 2018-09-20 09:57:35 UTC (rev 383511)
+++ 0001-Revert-ostree-add-selinux-label-for-each-file.patch 2018-09-20 09:57:40 UTC (rev 383512)
@@ -1,144 +0,0 @@
-diff --git a/ostree/ostree_dest.go b/ostree/ostree_dest.go
-index 2e0d7fcf..a8e879ed 100644
---- a/ostree/ostree_dest.go
-+++ b/ostree/ostree_dest.go
-@@ -15,31 +15,25 @@ import (
- "os/exec"
- "path/filepath"
- "strconv"
-- "strings"
-- "syscall"
- "time"
-- "unsafe"
-
- "github.com/containers/image/manifest"
- "github.com/containers/image/types"
- "github.com/containers/storage/pkg/archive"
- "github.com/opencontainers/go-digest"
-- selinux "github.com/opencontainers/selinux/go-selinux"
- "github.com/ostreedev/ostree-go/pkg/otbuiltin"
- "github.com/pkg/errors"
- "github.com/vbatts/tar-split/tar/asm"
- "github.com/vbatts/tar-split/tar/storage"
- )
-
--// #cgo pkg-config: glib-2.0 gobject-2.0 ostree-1 libselinux
-+// #cgo pkg-config: glib-2.0 gobject-2.0 ostree-1
- // #include <glib.h>
- // #include <glib-object.h>
- // #include <gio/gio.h>
- // #include <stdlib.h>
- // #include <ostree.h>
- // #include <gio/ginputstream.h>
--// #include <selinux/selinux.h>
--// #include <selinux/label.h>
- import "C"
-
- type blobToImport struct {
-@@ -158,7 +152,7 @@ func (d *ostreeImageDestination) PutBlob(ctx context.Context, stream io.Reader,
- return types.BlobInfo{Digest: computedDigest, Size: size}, nil
- }
-
--func fixFiles(selinuxHnd *C.struct_selabel_handle, root string, dir string, usermode bool) error {
-+func fixFiles(dir string, usermode bool) error {
- entries, err := ioutil.ReadDir(dir)
- if err != nil {
- return err
-@@ -173,42 +167,13 @@ func fixFiles(selinuxHnd *C.struct_selabel_handle, root string, dir string, user
- continue
- }
-
-- if selinuxHnd != nil {
-- relPath, err := filepath.Rel(root, fullpath)
-- if err != nil {
-- return err
-- }
-- // Handle /exports/hostfs as a special case. Files under this directory are copied to the host,
-- // thus we benefit from maintaining the same SELinux label they would have on the host as we could
-- // use hard links instead of copying the files.
-- relPath = fmt.Sprintf("/%s", strings.TrimPrefix(relPath, "exports/hostfs/"))
--
-- relPathC := C.CString(relPath)
-- defer C.free(unsafe.Pointer(relPathC))
-- var context *C.char
--
-- res, err := C.selabel_lookup_raw(selinuxHnd, &context, relPathC, C.int(info.Mode()&os.ModePerm))
-- if int(res) < 0 && err != syscall.ENOENT {
-- return errors.Wrapf(err, "cannot selabel_lookup_raw %s", relPath)
-- }
-- if int(res) == 0 {
-- defer C.freecon(context)
-- fullpathC := C.CString(fullpath)
-- defer C.free(unsafe.Pointer(fullpathC))
-- res, err = C.lsetfilecon_raw(fullpathC, context)
-- if int(res) < 0 {
-- return errors.Wrapf(err, "cannot setfilecon_raw %s", fullpath)
-- }
-- }
-- }
--
- if info.IsDir() {
- if usermode {
- if err := os.Chmod(fullpath, info.Mode()|0700); err != nil {
- return err
- }
- }
-- err = fixFiles(selinuxHnd, root, fullpath, usermode)
-+ err = fixFiles(fullpath, usermode)
- if err != nil {
- return err
- }
-@@ -264,7 +229,7 @@ func generateTarSplitMetadata(output *bytes.Buffer, file string) (digest.Digest,
- return digester.Digest(), written, nil
- }
-
--func (d *ostreeImageDestination) importBlob(selinuxHnd *C.struct_selabel_handle, repo *otbuiltin.Repo, blob *blobToImport) error {
-+func (d *ostreeImageDestination) importBlob(repo *otbuiltin.Repo, blob *blobToImport) error {
- // TODO: This can take quite some time, and should ideally be cancellable using a context.Context.
-
- ostreeBranch := fmt.Sprintf("ociimage/%s", blob.Digest.Hex())
-@@ -287,7 +252,7 @@ func (d *ostreeImageDestination) importBlob(selinuxHnd *C.struct_selabel_handle,
- if err := archive.UntarPath(blob.BlobPath, destinationPath); err != nil {
- return err
- }
-- if err := fixFiles(selinuxHnd, destinationPath, destinationPath, false); err != nil {
-+ if err := fixFiles(destinationPath, false); err != nil {
- return err
- }
- } else {
-@@ -296,7 +261,7 @@ func (d *ostreeImageDestination) importBlob(selinuxHnd *C.struct_selabel_handle,
- return err
- }
-
-- if err := fixFiles(selinuxHnd, destinationPath, destinationPath, true); err != nil {
-+ if err := fixFiles(destinationPath, true); err != nil {
- return err
- }
- }
-@@ -404,17 +369,6 @@ func (d *ostreeImageDestination) Commit(ctx context.Context) error {
- return err
- }
-
-- var selinuxHnd *C.struct_selabel_handle
--
-- if os.Getuid() == 0 && selinux.GetEnabled() {
-- selinuxHnd, err = C.selabel_open(C.SELABEL_CTX_FILE, nil, 0)
-- if selinuxHnd == nil {
-- return errors.Wrapf(err, "cannot open the SELinux DB")
-- }
--
-- defer C.selabel_close(selinuxHnd)
-- }
--
- checkLayer := func(hash string) error {
- blob := d.blobs[hash]
- // if the blob is not present in d.blobs then it is already stored in OSTree,
-@@ -422,7 +376,7 @@ func (d *ostreeImageDestination) Commit(ctx context.Context) error {
- if blob == nil {
- return nil
- }
-- err := d.importBlob(selinuxHnd, repo, blob)
-+ err := d.importBlob(repo, blob)
- if err != nil {
- return err
- }
Copied: buildah/repos/community-x86_64/0001-Revert-ostree-add-selinux-label-for-each-file.patch (from rev 383511, buildah/trunk/0001-Revert-ostree-add-selinux-label-for-each-file.patch)
===================================================================
--- 0001-Revert-ostree-add-selinux-label-for-each-file.patch (rev 0)
+++ 0001-Revert-ostree-add-selinux-label-for-each-file.patch 2018-09-20 09:57:40 UTC (rev 383512)
@@ -0,0 +1,144 @@
+diff --git a/ostree/ostree_dest.go b/ostree/ostree_dest.go
+index 2e0d7fcf..a8e879ed 100644
+--- a/ostree/ostree_dest.go
++++ b/ostree/ostree_dest.go
+@@ -15,31 +15,25 @@ import (
+ "os/exec"
+ "path/filepath"
+ "strconv"
+- "strings"
+- "syscall"
+ "time"
+- "unsafe"
+
+ "github.com/containers/image/manifest"
+ "github.com/containers/image/types"
+ "github.com/containers/storage/pkg/archive"
+ "github.com/opencontainers/go-digest"
+- selinux "github.com/opencontainers/selinux/go-selinux"
+ "github.com/ostreedev/ostree-go/pkg/otbuiltin"
+ "github.com/pkg/errors"
+ "github.com/vbatts/tar-split/tar/asm"
+ "github.com/vbatts/tar-split/tar/storage"
+ )
+
+-// #cgo pkg-config: glib-2.0 gobject-2.0 ostree-1 libselinux
++// #cgo pkg-config: glib-2.0 gobject-2.0 ostree-1
+ // #include <glib.h>
+ // #include <glib-object.h>
+ // #include <gio/gio.h>
+ // #include <stdlib.h>
+ // #include <ostree.h>
+ // #include <gio/ginputstream.h>
+-// #include <selinux/selinux.h>
+-// #include <selinux/label.h>
+ import "C"
+
+ type blobToImport struct {
+@@ -158,7 +152,7 @@ func (d *ostreeImageDestination) PutBlob(ctx context.Context, stream io.Reader,
+ return types.BlobInfo{Digest: computedDigest, Size: size}, nil
+ }
+
+-func fixFiles(selinuxHnd *C.struct_selabel_handle, root string, dir string, usermode bool) error {
++func fixFiles(dir string, usermode bool) error {
+ entries, err := ioutil.ReadDir(dir)
+ if err != nil {
+ return err
+@@ -173,42 +167,13 @@ func fixFiles(selinuxHnd *C.struct_selabel_handle, root string, dir string, user
+ continue
+ }
+
+- if selinuxHnd != nil {
+- relPath, err := filepath.Rel(root, fullpath)
+- if err != nil {
+- return err
+- }
+- // Handle /exports/hostfs as a special case. Files under this directory are copied to the host,
+- // thus we benefit from maintaining the same SELinux label they would have on the host as we could
+- // use hard links instead of copying the files.
+- relPath = fmt.Sprintf("/%s", strings.TrimPrefix(relPath, "exports/hostfs/"))
+-
+- relPathC := C.CString(relPath)
+- defer C.free(unsafe.Pointer(relPathC))
+- var context *C.char
+-
+- res, err := C.selabel_lookup_raw(selinuxHnd, &context, relPathC, C.int(info.Mode()&os.ModePerm))
+- if int(res) < 0 && err != syscall.ENOENT {
+- return errors.Wrapf(err, "cannot selabel_lookup_raw %s", relPath)
+- }
+- if int(res) == 0 {
+- defer C.freecon(context)
+- fullpathC := C.CString(fullpath)
+- defer C.free(unsafe.Pointer(fullpathC))
+- res, err = C.lsetfilecon_raw(fullpathC, context)
+- if int(res) < 0 {
+- return errors.Wrapf(err, "cannot setfilecon_raw %s", fullpath)
+- }
+- }
+- }
+-
+ if info.IsDir() {
+ if usermode {
+ if err := os.Chmod(fullpath, info.Mode()|0700); err != nil {
+ return err
+ }
+ }
+- err = fixFiles(selinuxHnd, root, fullpath, usermode)
++ err = fixFiles(fullpath, usermode)
+ if err != nil {
+ return err
+ }
+@@ -264,7 +229,7 @@ func generateTarSplitMetadata(output *bytes.Buffer, file string) (digest.Digest,
+ return digester.Digest(), written, nil
+ }
+
+-func (d *ostreeImageDestination) importBlob(selinuxHnd *C.struct_selabel_handle, repo *otbuiltin.Repo, blob *blobToImport) error {
++func (d *ostreeImageDestination) importBlob(repo *otbuiltin.Repo, blob *blobToImport) error {
+ // TODO: This can take quite some time, and should ideally be cancellable using a context.Context.
+
+ ostreeBranch := fmt.Sprintf("ociimage/%s", blob.Digest.Hex())
+@@ -287,7 +252,7 @@ func (d *ostreeImageDestination) importBlob(selinuxHnd *C.struct_selabel_handle,
+ if err := archive.UntarPath(blob.BlobPath, destinationPath); err != nil {
+ return err
+ }
+- if err := fixFiles(selinuxHnd, destinationPath, destinationPath, false); err != nil {
++ if err := fixFiles(destinationPath, false); err != nil {
+ return err
+ }
+ } else {
+@@ -296,7 +261,7 @@ func (d *ostreeImageDestination) importBlob(selinuxHnd *C.struct_selabel_handle,
+ return err
+ }
+
+- if err := fixFiles(selinuxHnd, destinationPath, destinationPath, true); err != nil {
++ if err := fixFiles(destinationPath, true); err != nil {
+ return err
+ }
+ }
+@@ -404,17 +369,6 @@ func (d *ostreeImageDestination) Commit(ctx context.Context) error {
+ return err
+ }
+
+- var selinuxHnd *C.struct_selabel_handle
+-
+- if os.Getuid() == 0 && selinux.GetEnabled() {
+- selinuxHnd, err = C.selabel_open(C.SELABEL_CTX_FILE, nil, 0)
+- if selinuxHnd == nil {
+- return errors.Wrapf(err, "cannot open the SELinux DB")
+- }
+-
+- defer C.selabel_close(selinuxHnd)
+- }
+-
+ checkLayer := func(hash string) error {
+ blob := d.blobs[hash]
+ // if the blob is not present in d.blobs then it is already stored in OSTree,
+@@ -422,7 +376,7 @@ func (d *ostreeImageDestination) Commit(ctx context.Context) error {
+ if blob == nil {
+ return nil
+ }
+- err := d.importBlob(selinuxHnd, repo, blob)
++ err := d.importBlob(repo, blob)
+ if err != nil {
+ return err
+ }
Deleted: PKGBUILD
===================================================================
--- PKGBUILD 2018-09-20 09:57:35 UTC (rev 383511)
+++ PKGBUILD 2018-09-20 09:57:40 UTC (rev 383512)
@@ -1,44 +0,0 @@
-# $Id$
-# Maintainer: Bartłomiej Piotrowski <bpiotrowski at archlinux.org>
-
-pkgname=buildah
-pkgver=1.2
-pkgrel=1
-pkgdesc="A tool which facilitates building OCI images"
-arch=(x86_64)
-url="https://github.com/projectatomic/buildah"
-license=(Apache)
-depends=(ostree runc)
-makedepends=('go-pie' 'git' 'bash-bats' 'btrfs-progs' 'device-mapper' 'gpgme'
- 'libassuan' 'bzip2' 'go-md2man' 'runc' 'skopeo')
-_commit=be877622a3b0c7943b3b760ec43c12d177336e4c # tags/v1.2^0
-source=(git://github.com/projectatomic/buildah.git#commit=$_commit
- 0001-Revert-ostree-add-selinux-label-for-each-file.patch)
-md5sums=('SKIP'
- 'aed8c1169e73161220c49de34f1acfdf')
-
-pkgver() {
- cd buildah
- git describe --tags | sed 's/^[vV]//;s/-/+/g'
-}
-
-prepare() {
- pushd buildah/vendor/github.com/containers/image/
- patch -p1 -i "$srcdir/0001-Revert-ostree-add-selinux-label-for-each-file.patch"
- popd
-
- mkdir -p src/github.com/projectatomic
- cp -r $pkgname src/github.com/projectatomic
-}
-
-build() {
- export GOPATH="${srcdir}"
- cd src/github.com/projectatomic/buildah
- make PREFIX=/usr
-}
-
-package() {
- cd src/github.com/projectatomic/buildah
- make DESTDIR="$pkgdir" PREFIX=usr install
- install -Dm644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
-}
Copied: buildah/repos/community-x86_64/PKGBUILD (from rev 383511, buildah/trunk/PKGBUILD)
===================================================================
--- PKGBUILD (rev 0)
+++ PKGBUILD 2018-09-20 09:57:40 UTC (rev 383512)
@@ -0,0 +1,43 @@
+# Maintainer: Bartłomiej Piotrowski <bpiotrowski at archlinux.org>
+
+pkgname=buildah
+pkgver=1.3
+pkgrel=1
+pkgdesc="A tool which facilitates building OCI images"
+arch=(x86_64)
+url="https://github.com/projectatomic/buildah"
+license=(Apache)
+depends=(ostree runc)
+makedepends=('go-pie' 'git' 'bash-bats' 'btrfs-progs' 'device-mapper' 'gpgme'
+ 'libassuan' 'bzip2' 'go-md2man' 'runc' 'skopeo')
+_commit=4888163cf12b4e0c0d32ef7eb0ed941c2c81d4f7 # tags/v1.3
+source=(git://github.com/projectatomic/buildah.git#commit=$_commit
+ 0001-Revert-ostree-add-selinux-label-for-each-file.patch)
+md5sums=('SKIP'
+ 'aed8c1169e73161220c49de34f1acfdf')
+
+pkgver() {
+ cd buildah
+ git describe --tags | sed 's/^[vV]//;s/-/+/g'
+}
+
+prepare() {
+ pushd buildah/vendor/github.com/containers/image/
+ patch -p1 -i "$srcdir/0001-Revert-ostree-add-selinux-label-for-each-file.patch"
+ popd
+
+ mkdir -p src/github.com/projectatomic
+ cp -r $pkgname src/github.com/projectatomic
+}
+
+build() {
+ export GOPATH="${srcdir}"
+ cd src/github.com/projectatomic/buildah
+ make PREFIX=/usr
+}
+
+package() {
+ cd src/github.com/projectatomic/buildah
+ make DESTDIR="$pkgdir" PREFIX=usr install
+ install -Dm644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
+}
More information about the arch-commits
mailing list