[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
11/11: gnu: podman: Update to 4.9.3.
|
From: |
guix-commits |
|
Subject: |
11/11: gnu: podman: Update to 4.9.3. |
|
Date: |
Sat, 2 Mar 2024 11:27:17 -0500 (EST) |
civodul pushed a commit to branch master
in repository guix.
commit 6f5ea7ac1acb3d1c53baf7620cca66cc87fe5a73
Author: Tomas Volf <~@wolfsden.cz>
AuthorDate: Fri Feb 16 22:14:27 2024 +0100
gnu: podman: Update to 4.9.3.
* gnu/packages/containers.scm (podman): Update to 4.9.3.
* gnu/packages/patches/podman-program-lookup.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
Change-Id: If764e8456a697d16b76cd4ba1243cc5f633a6049
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
---
gnu/local.mk | 1 +
gnu/packages/containers.scm | 24 +++--
gnu/packages/patches/podman-program-lookup.patch | 120 +++++++++++++++++++++++
3 files changed, 137 insertions(+), 8 deletions(-)
diff --git a/gnu/local.mk b/gnu/local.mk
index f280b849df..cabd82f532 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1790,6 +1790,7 @@ dist_patch_DATA =
\
%D%/packages/patches/plasp-fix-normalization.patch \
%D%/packages/patches/plasp-include-iostream.patch \
%D%/packages/patches/pocketfft-cpp-prefer-preprocessor-if.patch
\
+ %D%/packages/patches/podman-program-lookup.patch \
%D%/packages/patches/pokerth-boost.patch \
%D%/packages/patches/ppsspp-disable-upgrade-and-gold.patch \
%D%/packages/patches/procps-strtod-test.patch \
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
index 5b79e8a446..aa270a25f3 100644
--- a/gnu/packages/containers.scm
+++ b/gnu/packages/containers.scm
@@ -342,7 +342,7 @@ configure network interfaces in Linux containers.")
(define-public podman
(package
(name "podman")
- (version "4.4.1")
+ (version "4.9.3")
(source
(origin
(method git-fetch)
@@ -353,8 +353,11 @@ configure network interfaces in Linux containers.")
;; FIXME: Btrfs libraries not detected by these scripts.
(snippet '(substitute* "Makefile"
((".*hack/btrfs.*") "")))
+ (patches
+ (search-patches
+ "podman-program-lookup.patch"))
(sha256
- (base32 "0qbr6rbyig3c2hvdvmd94jjkg820hpdz6j7dgyv62dl6wfwvj5jj"))
+ (base32 "17g7n09ndxhpjr39s9qwxdcv08wavjj0g5nmnrvrkz2wgdqigl1x"))
(file-name (git-file-name name version))))
(build-system gnu-build-system)
@@ -381,10 +384,11 @@ configure network interfaces in Linux containers.")
(invoke "make" "remotesystem"))))
(add-after 'unpack 'fix-hardcoded-paths
(lambda _
- (substitute* (find-files "libpod" "\\.go")
- (("exec.LookPath[(][\"]slirp4netns[\"][)]")
- (string-append "exec.LookPath(\""
- (which "slirp4netns") "\")")))
+ (substitute*
"vendor/github.com/containers/common/pkg/config/config.go"
+ (("@SLIRP4NETNS_DIR@")
+ (string-append #$slirp4netns "/bin"))
+ (("@PASST_DIR@")
+ (string-append #$passt "/bin")))
(substitute* "hack/install_catatonit.sh"
(("CATATONIT_PATH=\"[^\"]+\"")
(string-append "CATATONIT_PATH=" (which "true"))))
@@ -414,11 +418,12 @@ configure network interfaces in Linux containers.")
libassuan
libseccomp
libselinux
+ passt
slirp4netns))
(native-inputs
(list bats
git
- go-1.19
+ go-1.21
; strace ; XXX debug
pkg-config
python))
@@ -427,7 +432,10 @@ configure network interfaces in Linux containers.")
(description
"Podman (the POD MANager) is a tool for managing containers and images,
volumes mounted into those containers, and pods made from groups of
-containers.")
+containers.
+
+The @code{machine} subcommand is not supported due to gvproxy not being
+packaged.")
(license license:asl2.0)))
(define-public buildah
diff --git a/gnu/packages/patches/podman-program-lookup.patch
b/gnu/packages/patches/podman-program-lookup.patch
new file mode 100644
index 0000000000..27a9421285
--- /dev/null
+++ b/gnu/packages/patches/podman-program-lookup.patch
@@ -0,0 +1,120 @@
+From 914aed3e04f71453fbdc30f4287e13ca3ce63a36 Mon Sep 17 00:00:00 2001
+From: Tomas Volf <~@wolfsden.cz>
+Date: Wed, 14 Feb 2024 20:02:03 +0100
+Subject: [PATCH] Modify search for binaries to fit Guix model
+
+Podman basically looked into the $PATH and into its libexec. That does not fit
+Guix's model very well, to an additional option to specify additional
+directories during compilation was added.
+
+* pkg/rootless/rootless_linux.go
+(tryMappingTool): Also check /run/setuid-programs.
+* vendor/github.com/containers/common/pkg/config/config.go
+(extraGuixDir): New function.
+(FindHelperBinary): Use it.
+* vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go
+(guixLookupSetuidPath): New function.
+(Start): Use it.
+---
+ pkg/rootless/rootless_linux.go | 3 +++
+ .../containers/common/pkg/config/config.go | 23 +++++++++++++++++++
+ .../storage/pkg/unshare/unshare_linux.go | 14 +++++++++--
+ 3 files changed, 38 insertions(+), 2 deletions(-)
+
+diff --git a/pkg/rootless/rootless_linux.go b/pkg/rootless/rootless_linux.go
+index d303c8b..0191d90 100644
+--- a/pkg/rootless/rootless_linux.go
++++ b/pkg/rootless/rootless_linux.go
+@@ -102,6 +102,9 @@ func tryMappingTool(uid bool, pid int, hostID int,
mappings []idtools.IDMap) err
+ idtype = "setgid"
+ }
+ path, err := exec.LookPath(tool)
++ if err != nil {
++ path, err = exec.LookPath("/run/setuid-programs/" + tool)
++ }
+ if err != nil {
+ return fmt.Errorf("command required for rootless mode with
multiple IDs: %w", err)
+ }
+diff --git a/vendor/github.com/containers/common/pkg/config/config.go
b/vendor/github.com/containers/common/pkg/config/config.go
+index 75b917f..ed2f131 100644
+--- a/vendor/github.com/containers/common/pkg/config/config.go
++++ b/vendor/github.com/containers/common/pkg/config/config.go
+@@ -1102,6 +1102,24 @@ func findBindir() string {
+ return bindirCached
+ }
+
++func extraGuixDir(bin_name string) string {
++ if (bin_name == "slirp4netns") {
++ return "@SLIRP4NETNS_DIR@";
++ } else if (bin_name == "pasta") {
++ return "@PASST_DIR@";
++ } else if (strings.HasPrefix(bin_name, "qemu-")) {
++ return "@QEMU_DIR@";
++ } else if (bin_name == "gvproxy") {
++ return "@GVPROXY_DIR@";
++ } else if (bin_name == "netavark") {
++ return "@NETAVARK_DIR@";
++ } else if (bin_name == "aardvark-dns") {
++ return "@AARDVARK_DNS_DIR@";
++ } else {
++ return "";
++ }
++}
++
+ // FindHelperBinary will search the given binary name in the configured
directories.
+ // If searchPATH is set to true it will also search in $PATH.
+ func (c *Config) FindHelperBinary(name string, searchPATH bool) (string,
error) {
+@@ -1109,6 +1127,11 @@ func (c *Config) FindHelperBinary(name string,
searchPATH bool) (string, error)
+ bindirPath := ""
+ bindirSearched := false
+
++ if dir := extraGuixDir(name); dir != "" {
++ /* If there is a Guix dir, skip the PATH search. */
++ dirList = append([]string{dir}, dirList...)
++ }
++
+ // If set, search this directory first. This is used in testing.
+ if dir, found := os.LookupEnv("CONTAINERS_HELPER_BINARY_DIR"); found {
+ dirList = append([]string{dir}, dirList...)
+diff --git a/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go
b/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go
+index a8dc1ba..0b0d755 100644
+--- a/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go
++++ b/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go
+@@ -26,6 +26,16 @@ import (
+ "github.com/syndtr/gocapability/capability"
+ )
+
++func guixLookupSetuidPath(prog string) (string, error) {
++ path, err := exec.LookPath(prog)
++ if err != nil {
++ path, err = exec.LookPath("/run/setuid-programs/" + prog)
++ }
++ return path, err
++}
++
++
++
+ // Cmd wraps an exec.Cmd created by the reexec package in unshare(), and
+ // handles setting ID maps and other related settings by triggering
+ // initialization code in the child.
+@@ -237,7 +247,7 @@ func (c *Cmd) Start() error {
+ gidmapSet := false
+ // Set the GID map.
+ if c.UseNewgidmap {
+- path, err := exec.LookPath("newgidmap")
++ path, err := guixLookupSetuidPath("newgidmap")
+ if err != nil {
+ return fmt.Errorf("finding newgidmap:
%w", err)
+ }
+@@ -297,7 +307,7 @@ func (c *Cmd) Start() error {
+ uidmapSet := false
+ // Set the UID map.
+ if c.UseNewuidmap {
+- path, err := exec.LookPath("newuidmap")
++ path, err := guixLookupSetuidPath("newuidmap")
+ if err != nil {
+ return fmt.Errorf("finding newuidmap:
%w", err)
+ }
+--
+2.41.0
+
- 01/11: doc: Add “Getting Started with the System” section., (continued)
- 01/11: doc: Add “Getting Started with the System” section., guix-commits, 2024/03/02
- 04/11: build-system/guile: Fix typo in documentation string., guix-commits, 2024/03/02
- 05/11: build-system/guile: Fix indentation., guix-commits, 2024/03/02
- 06/11: build-system/guile: Install .scm files first., guix-commits, 2024/03/02
- 07/11: gnu: llama-cpp: Update to 03bf16., guix-commits, 2024/03/02
- 08/11: gnu: guile-irregex: Update to 0.9.11., guix-commits, 2024/03/02
- 03/11: gnu: Add python-mord., guix-commits, 2024/03/02
- 02/11: doc: Add “Inspecting Services” section., guix-commits, 2024/03/02
- 09/11: gnu: cgit: Update to 8905003cba637e5b18069e625cd4f4c05ac30251., guix-commits, 2024/03/02
- 10/11: gnu: Add passt., guix-commits, 2024/03/02
- 11/11: gnu: podman: Update to 4.9.3.,
guix-commits <=