[gentoo-commits] repo/gentoo:master commit in: app-emulation/podman/

Mon, 26 Apr 2021 16:32:47 -0700 

commit:     6ba1707f2083f32c57825fbf2d418a7018b9bc09
Author:     Zac Medico <zmedico <AT> gentoo <DOT> org>
AuthorDate: Mon Apr 26 23:26:06 2021 +0000
Commit:     Zac Medico <zmedico <AT> gentoo <DOT> org>
CommitDate: Mon Apr 26 23:31:40 2021 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6ba1707f

app-emulation/podman: Remove vulnerable version

podman-3.0.1 is vulnerable because it uses
containers-storage v1.24.6 vendored in this commit:

https://github.com/containers/podman/commit/5a520cb4cae29e97085adfcf95b9d18e9e7a4c45

podman-3.1.2 is *not* vulnerable because it uses
containers-storage v1.30.0 vendored in this commit:

https://github.com/containers/podman/commit/5aef11026a850bb99d8394dba17810bf05d727bc

Bug: https://bugs.gentoo.org/785901
Package-Manager: Portage-3.0.18, Repoman-3.0.3
Signed-off-by: Zac Medico <zmedico <AT> gentoo.org>

 app-emulation/podman/Manifest            |   1 -
 app-emulation/podman/podman-3.0.1.ebuild | 165 -------------------------------
 2 files changed, 166 deletions(-)

diff --git a/app-emulation/podman/Manifest b/app-emulation/podman/Manifest
index 37d3b05f010..f297759d5ef 100644
--- a/app-emulation/podman/Manifest
+++ b/app-emulation/podman/Manifest
@@ -1,2 +1 @@
-DIST podman-3.0.1.tar.gz 10365348 BLAKE2B 
93a227bf1395145ebaec8e18aa8ad8101704e8e0f7344c8850ee9e1532b191aef96b1cbbba2e21bd716591d68969cfd16ee811621a383cb2d31e4105a44834bf
 SHA512 
4addc986ad94b512d90b675a5a1988eeef365fff02c3449fd310582245a91d4ee96ff9fd3c56ce333a972dca627aa28fbd468a4a363c5c8963524bb67bc26754
 DIST podman-3.1.2.tar.gz 10488539 BLAKE2B 
8536f6856e436467541f7714e75d5055545e1514604d6541671894117e752609a9e791355c162ef8fcdbc0cbd992823ecab8a3ab760bab3a469d9768b6b008e4
 SHA512 
fdc26368f3cce6a11fe9adeae34a2f04396a554bb5f245e07fc98d1ce21dff66faba5549e9e0b94793d67768ff03fea2990e7a2759dd41ed2b72778431f5dd9d

diff --git a/app-emulation/podman/podman-3.0.1.ebuild 
b/app-emulation/podman/podman-3.0.1.ebuild
deleted file mode 100644
index f82494e1737..00000000000
--- a/app-emulation/podman/podman-3.0.1.ebuild
+++ /dev/null
@@ -1,165 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit bash-completion-r1 flag-o-matic go-module
-
-DESCRIPTION="Library and podman tool for running OCI-based containers in Pods"
-HOMEPAGE="https://github.com/containers/podman/";
-MY_PN=podman
-MY_P=${MY_PN}-${PV}
-SRC_URI="https://github.com/containers/podman/archive/v${PV}.tar.gz -> 
${MY_P}.tar.gz"
-LICENSE="Apache-2.0 BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0"
-SLOT="0"
-
-KEYWORDS="~amd64 ~arm64"
-IUSE="apparmor btrfs +fuse +rootless selinux"
-RESTRICT="test"
-
-COMMON_DEPEND="
-       app-crypt/gpgme:=
-       >=app-emulation/conmon-2.0.0
-       || ( >=app-emulation/runc-1.0.0_rc6 app-emulation/crun )
-       dev-libs/libassuan:=
-       dev-libs/libgpg-error:=
-       >=net-misc/cni-plugins-0.8.6
-       sys-fs/lvm2
-       sys-libs/libseccomp:=
-
-       apparmor? ( sys-libs/libapparmor )
-       btrfs? ( sys-fs/btrfs-progs )
-       rootless? ( app-emulation/slirp4netns )
-       selinux? ( sys-libs/libselinux:= )
-"
-DEPEND="
-       ${COMMON_DEPEND}
-       dev-go/go-md2man"
-RDEPEND="${COMMON_DEPEND}
-       fuse? ( sys-fs/fuse-overlayfs )"
-
-S=${WORKDIR}/${MY_P}
-
-src_prepare() {
-       default
-
-       # Disable installation of python modules here, since those are
-       # installed by separate ebuilds.
-       local makefile_sed_args=(
-               -e '/^GIT_.*/d'
-               -e 's/$(GO) build/$(GO) build -v -work -x/'
-               -e 's/^\(install:.*\) install\.python$/\1/'
-               -e 's|^pkg/varlink/iopodman.go: .gopathok 
pkg/varlink/io.podman.varlink$|pkg/varlink/iopodman.go: 
pkg/varlink/io.podman.varlink|'
-       )
-
-       has_version -b '>=dev-lang/go-1.13.9' || makefile_sed_args+=(-e 
's:GO111MODULE=off:GO111MODULE=on:')
-
-       sed "${makefile_sed_args[@]}" -i Makefile || die
-
-       sed -e 's|OUTPUT="${CIRRUS_TAG:.*|OUTPUT='v${PV}'|' \
-               -i hack/get_release_info.sh || die
-}
-
-src_compile() {
-       local git_commit
-       git_commit=$(grep '^[[:space:]]*gitCommit[[:space:]]' 
vendor/k8s.io/client-go/pkg/version/base.go)
-       git_commit=${git_commit#*\"}
-       git_commit=${git_commit%\"*}
-       [[ ${git_commit} ]] || die "failed to determine gitCommit"
-
-       # Filter unsupported linker flags
-       filter-flags '-Wl,*'
-
-       [[ -f hack/apparmor_tag.sh ]] || die
-       if use apparmor; then
-               echo -e "#!/bin/sh\necho apparmor" > hack/apparmor_tag.sh || die
-       else
-               echo -e "#!/bin/sh\ntrue" > hack/apparmor_tag.sh || die
-       fi
-
-       [[ -f hack/btrfs_installed_tag.sh ]] || die
-       if use btrfs; then
-               echo -e "#!/bin/sh\ntrue" > hack/btrfs_installed_tag.sh || die
-       else
-               echo -e "#!/bin/sh\necho exclude_graphdriver_btrfs" > \
-                       hack/btrfs_installed_tag.sh || die
-       fi
-
-       [[ -f hack/selinux_tag.sh ]] || die
-       if use selinux; then
-               echo -e "#!/bin/sh\necho selinux" > hack/selinux_tag.sh || die
-       else
-               echo -e "#!/bin/sh\ntrue" > hack/selinux_tag.sh || die
-       fi
-
-       # Avoid this error when generating pkg/varlink/iopodman.go:
-       # cannot find package "github.com/varlink/go/varlink/idl"
-       mkdir -p _output || die
-       ln -snf ../vendor _output/src || die
-       GO111MODULE=off GOPATH=${PWD}/_output go generate ./pkg/varlink/... || 
die
-       rm _output/src || die
-
-       export -n GOCACHE GOPATH XDG_CACHE_HOME
-       GOBIN="${S}/bin" \
-               emake all \
-                       GIT_BRANCH=master \
-                       GIT_BRANCH_CLEAN=master \
-                       COMMIT_NO="${git_commit}" \
-                       GIT_COMMIT="${git_commit}"
-}
-
-src_install() {
-       emake DESTDIR="${D}" PREFIX="${EPREFIX}/usr" install
-
-       insinto /etc/containers
-       newins test/registries.conf registries.conf.example
-       newins test/policy.json policy.json.example
-
-       insinto /usr/share/containers
-       doins vendor/github.com/containers/common/pkg/seccomp/seccomp.json
-
-       newconfd "${FILESDIR}"/podman.confd podman
-       newinitd "${FILESDIR}"/podman.initd podman
-
-       insinto /etc/logrotate.d
-       newins "${FILESDIR}/podman.logrotated" podman
-
-       dobashcomp completions/bash/*
-
-       insinto /usr/share/zsh/site-functions
-       doins completions/zsh/*
-
-       insinto /usr/share/fish/vendor_completions.d
-       doins completions/fish/*
-
-       keepdir /var/lib/containers
-}
-
-pkg_preinst() {
-       PODMAN_ROOTLESS_UPGRADE=false
-       if use rootless; then
-               has_version 'app-emulation/podman[rootless]' || 
PODMAN_ROOTLESS_UPGRADE=true
-       fi
-}
-
-pkg_postinst() {
-       local want_newline=false
-       if [[ ! ( -e ${EROOT%/*}/etc/containers/policy.json && -e 
${EROOT%/*}/etc/containers/registries.conf ) ]]; then
-               elog "You need to create the following config files:"
-               elog "/etc/containers/registries.conf"
-               elog "/etc/containers/policy.json"
-               elog "To copy over default examples, use:"
-               elog "cp /etc/containers/registries.conf{.example,}"
-               elog "cp /etc/containers/policy.json{.example,}"
-               want_newline=true
-       fi
-       if [[ ${PODMAN_ROOTLESS_UPGRADE} == true ]] ; then
-               ${want_newline} && elog ""
-               elog "For rootless operation, you need to configure 
subuid/subgid"
-               elog "for user running podman. In case subuid/subgid has only 
been"
-               elog "configured for root, run:"
-               elog "usermod --add-subuids 1065536-1131071 <user>"
-               elog "usermod --add-subgids 1065536-1131071 <user>"
-               want_newline=true
-       fi
-}

Reply via email to