commit: 36ca43f7db3c9b0ce5476ebbbf67fa33071ea5b7 Author: Marcus Haukelid Larsen <mhl <AT> haukelid <DOT> dk> AuthorDate: Fri May 9 06:43:41 2025 +0000 Commit: Joonas Niilola <juippis <AT> gentoo <DOT> org> CommitDate: Fri May 9 07:25:37 2025 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=36ca43f7
app-containers/lxc: added patch lxc/lxc#4536 Signed-off-by: Marcus Haukelid Larsen <mhl <AT> haukelid.dk> Closes: https://github.com/gentoo/gentoo/pull/41999 Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org> ...tart-Re-introduce-first-SET_DUMPABLE-call.patch | 34 ++++++++++++++++++++++ app-containers/lxc/lxc-6.0.4.ebuild | 8 +++++ 2 files changed, 42 insertions(+) diff --git a/app-containers/lxc/files/lxc-6.0.4-start-Re-introduce-first-SET_DUMPABLE-call.patch b/app-containers/lxc/files/lxc-6.0.4-start-Re-introduce-first-SET_DUMPABLE-call.patch new file mode 100644 index 000000000000..59475cf71039 --- /dev/null +++ b/app-containers/lxc/files/lxc-6.0.4-start-Re-introduce-first-SET_DUMPABLE-call.patch @@ -0,0 +1,34 @@ +From 2663712e8fa8f37e0bb873185e2d4526dc644764 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?St=C3=A9phane=20Graber?= <[email protected]> +Date: Sat, 5 Apr 2025 01:11:18 -0400 +Subject: [PATCH] start: Re-introduce first SET_DUMPABLE call +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Without it, we're running into issues with complex hooks like nvidia. + +Signed-off-by: Stéphane Graber <[email protected]> +--- + src/lxc/start.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/src/lxc/start.c b/src/lxc/start.c +index f28bceaba..ee4bf4003 100644 +--- a/src/lxc/start.c ++++ b/src/lxc/start.c +@@ -1125,6 +1125,11 @@ static int do_start(void *data) + if (!lxc_switch_uid_gid(nsuid, nsgid)) + goto out_warn_father; + ++ ret = prctl(PR_SET_DUMPABLE, prctl_arg(1), prctl_arg(0), ++ prctl_arg(0), prctl_arg(0)); ++ if (ret < 0) ++ goto out_warn_father; ++ + /* set{g,u}id() clears deathsignal */ + ret = lxc_set_death_signal(SIGKILL, handler->monitor_pid, status_fd); + if (ret < 0) { +-- +2.48.1 + diff --git a/app-containers/lxc/lxc-6.0.4.ebuild b/app-containers/lxc/lxc-6.0.4.ebuild index d418449a7964..8231a76e66dc 100644 --- a/app-containers/lxc/lxc-6.0.4.ebuild +++ b/app-containers/lxc/lxc-6.0.4.ebuild @@ -37,6 +37,10 @@ BDEPEND="virtual/pkgconfig man? ( app-text/docbook2X ) verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" +PATCHES=( + "${FILESDIR}"/${P}-start-Re-introduce-first-SET_DUMPABLE-call.patch +) + RESTRICT="!test? ( test )" CONFIG_CHECK="~!NETPRIO_CGROUP @@ -76,6 +80,10 @@ pkg_setup() { linux-info_pkg_setup } +src_prepare() { + default +} + src_configure() { # -Dtools-multicall=false: will create a single binary called 'lxc' that conflicts with LXD.
