[gentoo-commits] repo/gentoo:master commit in: app-containers/podman/files/, app-containers/podman/

[Zac Medico]

commit: a42b6320136a42592a7e872ed8179c93769a2533
Author: Rahil Bhimjiani  rahil  rocks>
AuthorDate: Mon Jul  7 16:28:46 2025 +
Commit: Zac Medico  gentoo  org>
CommitDate: Tue Jul  8 04:00:00 2025 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a42b6320

app-containers/podman: update to 5.5.2

Signed-off-by: Rahil Bhimjiani  rahil.rocks>
Closes: https://github.com/gentoo/gentoo/pull/42919
Signed-off-by: Zac Medico  gentoo.org>

 app-containers/podman/Manifest|  1 +
 .../podman/files/podman-5.5.2-togglable-seccomp.patch | 11 +++
 .../podman/{podman-.ebuild => podman-5.5.2.ebuild}|  9 ++---
 app-containers/podman/podman-.ebuild  |  9 -
 4 files changed, 22 insertions(+), 8 deletions(-)

diff --git a/app-containers/podman/Manifest b/app-containers/podman/Manifest
index 333e5f0b9b6a..eb1836b3992a 100644
--- a/app-containers/podman/Manifest
+++ b/app-containers/podman/Manifest
@@ -1,2 +1,3 @@
 DIST podman-5.3.2.tar.gz 24207488 BLAKE2B 
68f618b74be41bf489de97b009d335f3033634c5c065b1089cc9a6132e38e3a7f707b959d29d955ab0bd805721c14cda90c77fa60f6ba09327f38d4a8bc19112
 SHA512 
b7007278dd3f493bd0d0185ed4328570d5af527d4864c4435e7b330543d60ba87f04f36c94407d4e11e622a4af8b6467f66474e9b66cbeacb8eecb3088b4439e
 DIST podman-5.4.2.tar.gz 25465417 BLAKE2B 
f4f586bc99af625a5fa9a6915f101738d8c2abb505de96db6a41fde026baf5832047498b8bf1af6d80a84525a113a21680032886eee49458f92bd7321107bf47
 SHA512 
482fde529766ca1b509a08bab4beb59a5935ebc6b27bc886c33597183258631e8c8db03ebb521baefd7989305aa76fad14c1359e211a0fe75c855c14bbaca960
+DIST podman-5.5.2.tar.gz 21334872 BLAKE2B 
a3b458afe1dc17699b7a75517727bba0b989e4b605c51a867f5d076fc5bb2bbfe8a914d78c659670bb73ebf3905926259320f6159ad850a7b335fa920ebfe6d4
 SHA512 
c647e74c22053b95d09f81d9c594203492283bdb881245941fa2d7253946cbb4953d705313a0e57a0d6737cc07697381e8ba5ed388a74d440b74b5fe045821ec

diff --git a/app-containers/podman/files/podman-5.5.2-togglable-seccomp.patch 
b/app-containers/podman/files/podman-5.5.2-togglable-seccomp.patch
new file mode 100644
index ..43abe10797e4
--- /dev/null
+++ b/app-containers/podman/files/podman-5.5.2-togglable-seccomp.patch
@@ -0,0 +1,11 @@
+don't add seccomp buildtag for all, instead only add it in ebuild if +seccomp
+--- a/Makefile
 b/Makefile
+@@ -64,7 +64,6 @@
+   $(shell hack/btrfs_tag.sh) \
+   $(shell hack/systemd_tag.sh) \
+   $(shell hack/libsubid_tag.sh) \
+-  $(if $(filter linux,$(GOOS)), seccomp,)
+ # allow downstreams to easily add build tags while keeping our defaults
+ BUILDTAGS += ${EXTRA_BUILDTAGS}
+ # N/B: This value is managed by Renovate, manual changes are

diff --git a/app-containers/podman/podman-.ebuild 
b/app-containers/podman/podman-5.5.2.ebuild
similarity index 94%
copy from app-containers/podman/podman-.ebuild
copy to app-containers/podman/podman-5.5.2.ebuild
index 63b7045fe612..15d342e831df 100644
--- a/app-containers/podman/podman-.ebuild
+++ b/app-containers/podman/podman-5.5.2.ebuild
@@ -51,7 +51,7 @@ BDEPEND="
 "
 
 PATCHES=(
-   "${FILESDIR}"/${PN}-5.2.5-togglable-seccomp.patch
+   "${FILESDIR}"/${PN}-5.5.2-togglable-seccomp.patch
 )
 
 CONFIG_CHECK="
@@ -81,10 +81,13 @@ src_prepare() {
EOF
done
 
-   echo -e "#!/usr/bin/env bash\n echo" > hack/btrfs_installed_tag.sh || 
die
cat <<-EOF > hack/btrfs_tag.sh || die
#!/usr/bin/env bash
-   $(usex btrfs echo 'echo exclude_graphdriver_btrfs btrfs_noversion')
+   $(usex btrfs echo 'echo btrfs_noversion')
+   EOF
+   cat <<-EOF > hack/btrfs_installed_tag.sh || die
+   #!/usr/bin/env bash
+   $(usex btrfs echo 'echo exclude_graphdriver_btrfs')
EOF
 }
 

diff --git a/app-containers/podman/podman-.ebuild 
b/app-containers/podman/podman-.ebuild
index 63b7045fe612..5cf064395ccc 100644
--- a/app-containers/podman/podman-.ebuild
+++ b/app-containers/podman/podman-.ebuild
@@ -51,7 +51,7 @@ BDEPEND="
 "
 
 PATCHES=(
-   "${FILESDIR}"/${PN}-5.2.5-togglable-seccomp.patch
+   "${FILESDIR}"/${PN}-5.5.2-togglable-seccomp.patch
 )
 
 CONFIG_CHECK="
@@ -69,7 +69,7 @@ src_prepare() {
 
# assure necessary files are present
local file
-   for file in apparmor_tag btrfs_installed_tag btrfs_tag systemd_tag; do
+   for file in apparmor_tag btrfs_installed_tag systemd_tag; do
[[ -f hack/"${file}".sh ]] || die
done
 
@@ -81,10 +81,9 @@ src_prepare() {
EOF
done
 
-   echo -e "#!/usr/bin/env bash\n echo" > hack/btrfs_installed_tag.sh || 
die
-   cat <<-EOF > hack/btrfs_tag.sh || die
+   cat <<-EOF > hack/btrfs_installed_tag.sh || die
#!/usr/bin/env bash
-   $(usex btrfs echo 'echo exclude_graphdriver_btrfs btrfs_noversion')
+   $(usex btrfs echo 'echo exclude_graphdriver_btrfs')
EOF
 }
 

[gentoo-commits] repo/gentoo:master commit in: app-containers/podman/files/, app-containers/podman/

[Zac Medico]

commit: a7c209f2ff5131dee2c788ef52132d7c4e147cd0
Author: Emanuel Valasiadis  valasiadis  space>
AuthorDate: Sat Apr 19 19:56:02 2025 +
Commit: Zac Medico  gentoo  org>
CommitDate: Sun Apr 20 17:29:09 2025 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a7c209f2

app-containers/podman: add OpenRC user service for podman

Signed-off-by: Emanuel Valasiadis  valasiadis.space>
From: https://github.com/gentoo/gentoo/pull/41672
Signed-off-by: Zac Medico  gentoo.org>

 .../podman/files/podman-5.0.0_rc4.user.initd   | 23 ++
 app-containers/podman/podman-5.4.2.ebuild  |  3 +++
 app-containers/podman/podman-.ebuild   |  3 +++
 3 files changed, 29 insertions(+)

diff --git a/app-containers/podman/files/podman-5.0.0_rc4.user.initd 
b/app-containers/podman/files/podman-5.0.0_rc4.user.initd
new file mode 100644
index ..5b47d68c7fd3
--- /dev/null
+++ b/app-containers/podman/files/podman-5.0.0_rc4.user.initd
@@ -0,0 +1,23 @@
+#!/sbin/openrc-run
+# Copyright 2015-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+supervisor=supervise-daemon
+description="Podman API Service"
+
+RUN_PATH="${XDG_RUNTIME_DIR}/podman"
+LOG_PATH="${RUN_PATH}/log"
+output_log="${LOG_PATH}/${RC_SVCNAME}.log"
+error_log="${LOG_PATH}/${RC_SVCNAME}.log"
+pidfile="${RUN_PATH}/${RC_SVCNAME}.pid"
+socket="unix://${RUN_PATH}/${RC_SVCNAME}.sock"
+
+# command_user="${RUN_AS_USER:=root:root}"
+command="/usr/bin/podman"
+command_args="--log-level ${LOG_LEVEL:-error} system service --time 0 
${socket}"
+command_background="true"
+
+start() {
+   checkpath -o $USER -d "${RUN_PATH}" "${LOG_PATH}"
+   default_start
+}

diff --git a/app-containers/podman/podman-5.4.2.ebuild 
b/app-containers/podman/podman-5.4.2.ebuild
index 1a2de83c6b4a..04adb613e4fe 100644
--- a/app-containers/podman/podman-5.4.2.ebuild
+++ b/app-containers/podman/podman-5.4.2.ebuild
@@ -123,6 +123,9 @@ src_install() {
 
insinto /etc/logrotate.d
newins "${FILESDIR}/podman.logrotated" podman
+
+   exeinto /etc/user/init.d
+   newexe "${FILESDIR}/podman-5.0.0_rc4.user.initd"
fi
 
keepdir /var/lib/containers

diff --git a/app-containers/podman/podman-.ebuild 
b/app-containers/podman/podman-.ebuild
index 1a2de83c6b4a..04adb613e4fe 100644
--- a/app-containers/podman/podman-.ebuild
+++ b/app-containers/podman/podman-.ebuild
@@ -123,6 +123,9 @@ src_install() {
 
insinto /etc/logrotate.d
newins "${FILESDIR}/podman.logrotated" podman
+
+   exeinto /etc/user/init.d
+   newexe "${FILESDIR}/podman-5.0.0_rc4.user.initd"
fi
 
keepdir /var/lib/containers

[gentoo-commits] repo/gentoo:master commit in: app-containers/podman/files/, app-containers/podman/

[Sam James]

commit: b86ea5f418a7dbe75847a8dc940edc114e3a17b8
Author: Rahil Bhimjiani  rahil  rocks>
AuthorDate: Wed Mar 20 11:50:37 2024 +
Commit: Sam James  gentoo  org>
CommitDate: Sat Mar 23 08:29:03 2024 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b86ea5f4

app-containers/podman: update to 5.0.0

1) Podman 5 drops old, slow & insecure stack in favour of shiny new one:
* slirp4netns -> passt/pasta
* runc -> crun
* cni-plugins -> netavark + aardvark-dns
* cgroupv1 -> cgroupv2

2) remove USE flags: cgroup-hybrid, init, rootless, fuse  because ...
* cgroupv1 support is deprecated.
* app-containers/catatonit, net-misc/passt, sys-fs/fuse-overlayfs are very 
minimal
dependencies, <1M of installed size in <30s of compile time (ofc it
varies).
* These flags didn't do much except pulling in dependencies. So suppose
someone goes from -init to +init they've to compile whole podman again,
instead of just emerging catatonit.
* Forcing fuse-overlayfs on users  makes sure to have a default graph driver in
rootless mode. containers-storage(5)

3) add python-any-r1.elcass to fix python-exec[-native-symlinks]

Closes: https://bugs.gentoo.org/877719
Closes: https://bugs.gentoo.org/906073
Bug: https://bugs.gentoo.org/show_bug.cgi?id=927501
Bug: https://bugs.gentoo.org/show_bug.cgi?id=927500
Signed-off-by: Rahil Bhimjiani  rahil.rocks>
Signed-off-by: Sam James  gentoo.org>

 app-containers/podman/Manifest |  1 +
 .../podman/files/podman-auto-update-5.0.0.cron |  5 ++
 .../podman/files/podman-auto-update-5.0.0_rc4.cron |  7 ---
 app-containers/podman/metadata.xml |  6 +-
 .../{podman-.ebuild => podman-5.0.0.ebuild}| 73 --
 app-containers/podman/podman-.ebuild   | 73 --
 6 files changed, 57 insertions(+), 108 deletions(-)

diff --git a/app-containers/podman/Manifest b/app-containers/podman/Manifest
index d21910b422e6..1f1960306d0d 100644
--- a/app-containers/podman/Manifest
+++ b/app-containers/podman/Manifest
@@ -1 +1,2 @@
 DIST podman-4.9.3.tar.gz 21727849 BLAKE2B 
9a67ba4266a8a0e20d165ba2bae00dcf146724ee976838d5e3310b094155ffa89bff526e8ae72864dc100d1e6878d5519d53581dc7e034982a4f2b364e4c8feb
 SHA512 
395014bbe70923f1444d2f33440013a16e9c339b70be5e6a9c7026617a40795a1c0e410c08a52fba46b9f5e853d853ce4133db36167a3c5ace7d325f8b3a3327
+DIST podman-5.0.0.tar.gz 21861935 BLAKE2B 
1ec7006f272f5da7f93929bc543cd8988d6f9596cb868e9561578ebef85d51cbd6baa4b66571872fc9748c639ca636ce27f6d90303707f04caa321c7b71db81a
 SHA512 
8800d96d668cbc7a7ff85a09c71b3307a280c124513fd02fe478f415cf8db43ee47dc7e9c3b75046c6bda9f916937a2cc59887c2c4b26766c2f770abb87fd7ce

diff --git a/app-containers/podman/files/podman-auto-update-5.0.0.cron 
b/app-containers/podman/files/podman-auto-update-5.0.0.cron
new file mode 100644
index ..509146e0aa56
--- /dev/null
+++ b/app-containers/podman/files/podman-auto-update-5.0.0.cron
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+# podman-auto-update(1)
+# uncomment following to auto update containers according to their auto-update 
policy
+# /usr/bin/podman auto-update && /usr/bin/podman image prune -f

diff --git a/app-containers/podman/files/podman-auto-update-5.0.0_rc4.cron 
b/app-containers/podman/files/podman-auto-update-5.0.0_rc4.cron
deleted file mode 100644
index d0a0fb54b106..
--- a/app-containers/podman/files/podman-auto-update-5.0.0_rc4.cron
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-set -e
-
-# mimicking behaviour of podman-auto-update.service
-if [ -x /usr/bin/podman ]; then
-   /usr/bin/podman auto-update && /usr/bin/podman image prune -f
-fi

diff --git a/app-containers/podman/metadata.xml 
b/app-containers/podman/metadata.xml
index 0ae6596fc7c4..59ab2d3ffda0 100644
--- a/app-containers/podman/metadata.xml
+++ b/app-containers/podman/metadata.xml
@@ -24,15 +24,11 @@



-   Enables dependencies for the "btrfs" graph driver, 
including
-   necessary kernel flags.
+   Enables btrfs support (graph driver) in Podman


Use legacy (hybrid) cgroups instead of modern (unified) 
cgroups

-   
-   Runs `podman auto-update` daily. See 
podman-auto-update(1)
-   

Enables fuse dependencies (fuse-overlayfs is especially 
useful
for rootless mode).

diff --git a/app-containers/podman/podman-.ebuild 
b/app-containers/podman/podman-5.0.0.ebuild
similarity index 55%
copy from app-containers/podman/podman-.ebuild
copy to app-containers/podman/podman-5.0.0.ebuild
index 2027b142f82f..b535f608f817 100644
--- a/app-containers/podman/podman-.ebuild
+++ b/app-containers/podman/podman-5.0.0.ebuild
@@ -3,7 +3,9 @@
 
 EAPI=8
 
-inherit go-module tmpfiles linux-info
+PYTHON_COMPAT=( python3_{11,12} )
+
+inherit go-module python