Date: Friday, October 12, 2018 @ 05:17:39 Author: bpiotrowski Revision: 392839
archrelease: copy trunk to community-x86_64 Added: buildah/repos/community-x86_64/0001-Revert-ostree-add-selinux-label-for-each-file.patch (from rev 392838, buildah/trunk/0001-Revert-ostree-add-selinux-label-for-each-file.patch) buildah/repos/community-x86_64/PKGBUILD (from rev 392838, buildah/trunk/PKGBUILD) Deleted: buildah/repos/community-x86_64/0001-Revert-ostree-add-selinux-label-for-each-file.patch buildah/repos/community-x86_64/PKGBUILD ----------------------------------------------------------+ 0001-Revert-ostree-add-selinux-label-for-each-file.patch | 288 ++++++------- PKGBUILD | 86 +-- 2 files changed, 187 insertions(+), 187 deletions(-) Deleted: 0001-Revert-ostree-add-selinux-label-for-each-file.patch =================================================================== --- 0001-Revert-ostree-add-selinux-label-for-each-file.patch 2018-10-12 05:17:34 UTC (rev 392838) +++ 0001-Revert-ostree-add-selinux-label-for-each-file.patch 2018-10-12 05:17:39 UTC (rev 392839) @@ -1,144 +0,0 @@ -diff --git a/ostree/ostree_dest.go b/ostree/ostree_dest.go -index 2e0d7fcf..a8e879ed 100644 ---- a/ostree/ostree_dest.go -+++ b/ostree/ostree_dest.go -@@ -15,31 +15,25 @@ import ( - "os/exec" - "path/filepath" - "strconv" -- "strings" -- "syscall" - "time" -- "unsafe" - - "github.com/containers/image/manifest" - "github.com/containers/image/types" - "github.com/containers/storage/pkg/archive" - "github.com/opencontainers/go-digest" -- selinux "github.com/opencontainers/selinux/go-selinux" - "github.com/ostreedev/ostree-go/pkg/otbuiltin" - "github.com/pkg/errors" - "github.com/vbatts/tar-split/tar/asm" - "github.com/vbatts/tar-split/tar/storage" - ) - --// #cgo pkg-config: glib-2.0 gobject-2.0 ostree-1 libselinux -+// #cgo pkg-config: glib-2.0 gobject-2.0 ostree-1 - // #include <glib.h> - // #include <glib-object.h> - // #include <gio/gio.h> - // #include <stdlib.h> - // #include <ostree.h> - // #include <gio/ginputstream.h> --// #include <selinux/selinux.h> --// #include <selinux/label.h> - import "C" - - type blobToImport struct { -@@ -158,7 +152,7 @@ func (d *ostreeImageDestination) PutBlob(ctx context.Context, stream io.Reader, - return types.BlobInfo{Digest: computedDigest, Size: size}, nil - } - --func fixFiles(selinuxHnd *C.struct_selabel_handle, root string, dir string, usermode bool) error { -+func fixFiles(dir string, usermode bool) error { - entries, err := ioutil.ReadDir(dir) - if err != nil { - return err -@@ -173,42 +167,13 @@ func fixFiles(selinuxHnd *C.struct_selabel_handle, root string, dir string, user - continue - } - -- if selinuxHnd != nil { -- relPath, err := filepath.Rel(root, fullpath) -- if err != nil { -- return err -- } -- // Handle /exports/hostfs as a special case. Files under this directory are copied to the host, -- // thus we benefit from maintaining the same SELinux label they would have on the host as we could -- // use hard links instead of copying the files. -- relPath = fmt.Sprintf("/%s", strings.TrimPrefix(relPath, "exports/hostfs/")) -- -- relPathC := C.CString(relPath) -- defer C.free(unsafe.Pointer(relPathC)) -- var context *C.char -- -- res, err := C.selabel_lookup_raw(selinuxHnd, &context, relPathC, C.int(info.Mode()&os.ModePerm)) -- if int(res) < 0 && err != syscall.ENOENT { -- return errors.Wrapf(err, "cannot selabel_lookup_raw %s", relPath) -- } -- if int(res) == 0 { -- defer C.freecon(context) -- fullpathC := C.CString(fullpath) -- defer C.free(unsafe.Pointer(fullpathC)) -- res, err = C.lsetfilecon_raw(fullpathC, context) -- if int(res) < 0 { -- return errors.Wrapf(err, "cannot setfilecon_raw %s", fullpath) -- } -- } -- } -- - if info.IsDir() { - if usermode { - if err := os.Chmod(fullpath, info.Mode()|0700); err != nil { - return err - } - } -- err = fixFiles(selinuxHnd, root, fullpath, usermode) -+ err = fixFiles(fullpath, usermode) - if err != nil { - return err - } -@@ -264,7 +229,7 @@ func generateTarSplitMetadata(output *bytes.Buffer, file string) (digest.Digest, - return digester.Digest(), written, nil - } - --func (d *ostreeImageDestination) importBlob(selinuxHnd *C.struct_selabel_handle, repo *otbuiltin.Repo, blob *blobToImport) error { -+func (d *ostreeImageDestination) importBlob(repo *otbuiltin.Repo, blob *blobToImport) error { - // TODO: This can take quite some time, and should ideally be cancellable using a context.Context. - - ostreeBranch := fmt.Sprintf("ociimage/%s", blob.Digest.Hex()) -@@ -287,7 +252,7 @@ func (d *ostreeImageDestination) importBlob(selinuxHnd *C.struct_selabel_handle, - if err := archive.UntarPath(blob.BlobPath, destinationPath); err != nil { - return err - } -- if err := fixFiles(selinuxHnd, destinationPath, destinationPath, false); err != nil { -+ if err := fixFiles(destinationPath, false); err != nil { - return err - } - } else { -@@ -296,7 +261,7 @@ func (d *ostreeImageDestination) importBlob(selinuxHnd *C.struct_selabel_handle, - return err - } - -- if err := fixFiles(selinuxHnd, destinationPath, destinationPath, true); err != nil { -+ if err := fixFiles(destinationPath, true); err != nil { - return err - } - } -@@ -404,17 +369,6 @@ func (d *ostreeImageDestination) Commit(ctx context.Context) error { - return err - } - -- var selinuxHnd *C.struct_selabel_handle -- -- if os.Getuid() == 0 && selinux.GetEnabled() { -- selinuxHnd, err = C.selabel_open(C.SELABEL_CTX_FILE, nil, 0) -- if selinuxHnd == nil { -- return errors.Wrapf(err, "cannot open the SELinux DB") -- } -- -- defer C.selabel_close(selinuxHnd) -- } -- - checkLayer := func(hash string) error { - blob := d.blobs[hash] - // if the blob is not present in d.blobs then it is already stored in OSTree, -@@ -422,7 +376,7 @@ func (d *ostreeImageDestination) Commit(ctx context.Context) error { - if blob == nil { - return nil - } -- err := d.importBlob(selinuxHnd, repo, blob) -+ err := d.importBlob(repo, blob) - if err != nil { - return err - } Copied: buildah/repos/community-x86_64/0001-Revert-ostree-add-selinux-label-for-each-file.patch (from rev 392838, buildah/trunk/0001-Revert-ostree-add-selinux-label-for-each-file.patch) =================================================================== --- 0001-Revert-ostree-add-selinux-label-for-each-file.patch (rev 0) +++ 0001-Revert-ostree-add-selinux-label-for-each-file.patch 2018-10-12 05:17:39 UTC (rev 392839) @@ -0,0 +1,144 @@ +diff --git a/ostree/ostree_dest.go b/ostree/ostree_dest.go +index 2e0d7fcf..a8e879ed 100644 +--- a/ostree/ostree_dest.go ++++ b/ostree/ostree_dest.go +@@ -15,31 +15,25 @@ import ( + "os/exec" + "path/filepath" + "strconv" +- "strings" +- "syscall" + "time" +- "unsafe" + + "github.com/containers/image/manifest" + "github.com/containers/image/types" + "github.com/containers/storage/pkg/archive" + "github.com/opencontainers/go-digest" +- selinux "github.com/opencontainers/selinux/go-selinux" + "github.com/ostreedev/ostree-go/pkg/otbuiltin" + "github.com/pkg/errors" + "github.com/vbatts/tar-split/tar/asm" + "github.com/vbatts/tar-split/tar/storage" + ) + +-// #cgo pkg-config: glib-2.0 gobject-2.0 ostree-1 libselinux ++// #cgo pkg-config: glib-2.0 gobject-2.0 ostree-1 + // #include <glib.h> + // #include <glib-object.h> + // #include <gio/gio.h> + // #include <stdlib.h> + // #include <ostree.h> + // #include <gio/ginputstream.h> +-// #include <selinux/selinux.h> +-// #include <selinux/label.h> + import "C" + + type blobToImport struct { +@@ -158,7 +152,7 @@ func (d *ostreeImageDestination) PutBlob(ctx context.Context, stream io.Reader, + return types.BlobInfo{Digest: computedDigest, Size: size}, nil + } + +-func fixFiles(selinuxHnd *C.struct_selabel_handle, root string, dir string, usermode bool) error { ++func fixFiles(dir string, usermode bool) error { + entries, err := ioutil.ReadDir(dir) + if err != nil { + return err +@@ -173,42 +167,13 @@ func fixFiles(selinuxHnd *C.struct_selabel_handle, root string, dir string, user + continue + } + +- if selinuxHnd != nil { +- relPath, err := filepath.Rel(root, fullpath) +- if err != nil { +- return err +- } +- // Handle /exports/hostfs as a special case. Files under this directory are copied to the host, +- // thus we benefit from maintaining the same SELinux label they would have on the host as we could +- // use hard links instead of copying the files. +- relPath = fmt.Sprintf("/%s", strings.TrimPrefix(relPath, "exports/hostfs/")) +- +- relPathC := C.CString(relPath) +- defer C.free(unsafe.Pointer(relPathC)) +- var context *C.char +- +- res, err := C.selabel_lookup_raw(selinuxHnd, &context, relPathC, C.int(info.Mode()&os.ModePerm)) +- if int(res) < 0 && err != syscall.ENOENT { +- return errors.Wrapf(err, "cannot selabel_lookup_raw %s", relPath) +- } +- if int(res) == 0 { +- defer C.freecon(context) +- fullpathC := C.CString(fullpath) +- defer C.free(unsafe.Pointer(fullpathC)) +- res, err = C.lsetfilecon_raw(fullpathC, context) +- if int(res) < 0 { +- return errors.Wrapf(err, "cannot setfilecon_raw %s", fullpath) +- } +- } +- } +- + if info.IsDir() { + if usermode { + if err := os.Chmod(fullpath, info.Mode()|0700); err != nil { + return err + } + } +- err = fixFiles(selinuxHnd, root, fullpath, usermode) ++ err = fixFiles(fullpath, usermode) + if err != nil { + return err + } +@@ -264,7 +229,7 @@ func generateTarSplitMetadata(output *bytes.Buffer, file string) (digest.Digest, + return digester.Digest(), written, nil + } + +-func (d *ostreeImageDestination) importBlob(selinuxHnd *C.struct_selabel_handle, repo *otbuiltin.Repo, blob *blobToImport) error { ++func (d *ostreeImageDestination) importBlob(repo *otbuiltin.Repo, blob *blobToImport) error { + // TODO: This can take quite some time, and should ideally be cancellable using a context.Context. + + ostreeBranch := fmt.Sprintf("ociimage/%s", blob.Digest.Hex()) +@@ -287,7 +252,7 @@ func (d *ostreeImageDestination) importBlob(selinuxHnd *C.struct_selabel_handle, + if err := archive.UntarPath(blob.BlobPath, destinationPath); err != nil { + return err + } +- if err := fixFiles(selinuxHnd, destinationPath, destinationPath, false); err != nil { ++ if err := fixFiles(destinationPath, false); err != nil { + return err + } + } else { +@@ -296,7 +261,7 @@ func (d *ostreeImageDestination) importBlob(selinuxHnd *C.struct_selabel_handle, + return err + } + +- if err := fixFiles(selinuxHnd, destinationPath, destinationPath, true); err != nil { ++ if err := fixFiles(destinationPath, true); err != nil { + return err + } + } +@@ -404,17 +369,6 @@ func (d *ostreeImageDestination) Commit(ctx context.Context) error { + return err + } + +- var selinuxHnd *C.struct_selabel_handle +- +- if os.Getuid() == 0 && selinux.GetEnabled() { +- selinuxHnd, err = C.selabel_open(C.SELABEL_CTX_FILE, nil, 0) +- if selinuxHnd == nil { +- return errors.Wrapf(err, "cannot open the SELinux DB") +- } +- +- defer C.selabel_close(selinuxHnd) +- } +- + checkLayer := func(hash string) error { + blob := d.blobs[hash] + // if the blob is not present in d.blobs then it is already stored in OSTree, +@@ -422,7 +376,7 @@ func (d *ostreeImageDestination) Commit(ctx context.Context) error { + if blob == nil { + return nil + } +- err := d.importBlob(selinuxHnd, repo, blob) ++ err := d.importBlob(repo, blob) + if err != nil { + return err + } Deleted: PKGBUILD =================================================================== --- PKGBUILD 2018-10-12 05:17:34 UTC (rev 392838) +++ PKGBUILD 2018-10-12 05:17:39 UTC (rev 392839) @@ -1,43 +0,0 @@ -# Maintainer: Bartłomiej Piotrowski <bpiotrow...@archlinux.org> - -pkgname=buildah -pkgver=1.4 -pkgrel=1 -pkgdesc="A tool which facilitates building OCI images" -arch=(x86_64) -url="https://github.com/containers/buildah" -license=(Apache) -depends=(ostree runc) -makedepends=(go-pie git bash-bats btrfs-progs device-mapper gpgme libassuan - bzip2 go-md2man runc skopeo) -_commit=608fa843cce45e7ee58ccb71a90297b645a984d3 # tags/v1.4 -source=(git://github.com/containers/buildah.git#commit=$_commit - 0001-Revert-ostree-add-selinux-label-for-each-file.patch) -md5sums=('SKIP' - 'aed8c1169e73161220c49de34f1acfdf') - -pkgver() { - cd buildah - git describe --tags | sed 's/^[vV]//;s/-/+/g' -} - -prepare() { - pushd buildah/vendor/github.com/containers/image/ - patch -p1 -i "$srcdir/0001-Revert-ostree-add-selinux-label-for-each-file.patch" - popd - - mkdir -p src/github.com/containers - cp -r $pkgname src/github.com/containers -} - -build() { - export GOPATH="${srcdir}" - cd src/github.com/containers/buildah - make PREFIX=/usr -} - -package() { - cd src/github.com/containers/buildah - make DESTDIR="$pkgdir" PREFIX=usr install - install -Dm644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE" -} Copied: buildah/repos/community-x86_64/PKGBUILD (from rev 392838, buildah/trunk/PKGBUILD) =================================================================== --- PKGBUILD (rev 0) +++ PKGBUILD 2018-10-12 05:17:39 UTC (rev 392839) @@ -0,0 +1,43 @@ +# Maintainer: Bartłomiej Piotrowski <bpiotrow...@archlinux.org> + +pkgname=buildah +pkgver=1.4 +pkgrel=2 +pkgdesc="A tool which facilitates building OCI images" +arch=(x86_64) +url="https://github.com/containers/buildah" +license=(Apache) +depends=(ostree runc skopeo) +makedepends=(go-pie git bash-bats btrfs-progs device-mapper gpgme libassuan + bzip2 go-md2man runc skopeo) +_commit=608fa843cce45e7ee58ccb71a90297b645a984d3 # tags/v1.4 +source=(git://github.com/containers/buildah.git#commit=$_commit + 0001-Revert-ostree-add-selinux-label-for-each-file.patch) +md5sums=('SKIP' + 'aed8c1169e73161220c49de34f1acfdf') + +pkgver() { + cd buildah + git describe --tags | sed 's/^[vV]//;s/-/+/g' +} + +prepare() { + pushd buildah/vendor/github.com/containers/image/ + patch -p1 -i "$srcdir/0001-Revert-ostree-add-selinux-label-for-each-file.patch" + popd + + mkdir -p src/github.com/containers + cp -r $pkgname src/github.com/containers +} + +build() { + export GOPATH="${srcdir}" + cd src/github.com/containers/buildah + make PREFIX=/usr +} + +package() { + cd src/github.com/containers/buildah + make DESTDIR="$pkgdir" PREFIX=usr install + install -Dm644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE" +}