[meta-virtualization] [PATCH 1/2] runc: allow enabling seccomp

Bruce Ashfield bruce.ashfield at gmail.com
Tue May 29 07:45:49 PDT 2018


On Tue, May 29, 2018 at 10:33 AM, akuster808 <akuster808 at gmail.com> wrote:

>
>
> On 05/29/2018 07:25 AM, Bruce Ashfield wrote:
>
> merged.
>
> Bruce
>
> On Fri, May 25, 2018 at 9:58 AM, Pascal Bach <pascal.bach at siemens.com>
> wrote:
>
>> This requires libseccomp from meta-security so it is not enabled by
>> default.
>>
>
> will there be a patch to add this dependency to the layer.conf ?
>


We just tweaked it, but yes it will need another patch.

But that dependency is conditional, do we have examples of how to make the
layer.conf dependency conditional ? We may need a distro or other feature,
I suppose.

Bruce


>
> - armin
>
>
>> Signed-off-by: Pascal Bach <pascal.bach at siemens.com>
>> ---
>>  recipes-containers/runc/runc.inc | 6 +++++-
>>  1 file changed, 5 insertions(+), 1 deletion(-)
>>
>> diff --git a/recipes-containers/runc/runc.inc
>> b/recipes-containers/runc/runc.inc
>> index 9199cef..6d11a6e 100644
>> --- a/recipes-containers/runc/runc.inc
>> +++ b/recipes-containers/runc/runc.inc
>> @@ -12,6 +12,10 @@ PV = "${RUNC_VERSION}+git${SRCPV}"
>>
>>  inherit go
>>  inherit goarch
>> +inherit pkgconfig
>> +
>> +PACKAGECONFIG ??= ""
>> +PACKAGECONFIG[seccomp] = "seccomp,,libseccomp"
>>
>>  RRECOMMENDS_${PN} = "lxc docker"
>>  PROVIDES += "virtual/runc"
>> @@ -22,7 +26,7 @@ GO_IMPORT = "import"
>>  LIBCONTAINER_PACKAGE="github.com/opencontainers/runc/libcontainer"
>>
>>  do_configure[noexec] = "1"
>> -EXTRA_OEMAKE="BUILDTAGS='' GO=${GO}"
>> +EXTRA_OEMAKE="BUILDTAGS='${PACKAGECONFIG_CONFARGS}' GO=${GO}"
>>
>>  do_compile() {
>>         # Set GOPATH. See 'PACKAGERS.md'. Don't rely on
>> --
>> 2.11.0
>>
>> --
>> _______________________________________________
>> meta-virtualization mailing list
>> meta-virtualization at yoctoproject.org
>> https://lists.yoctoproject.org/listinfo/meta-virtualization
>>
>
>
>
> --
> "Thou shalt not follow the NULL pointer, for chaos and madness await thee
> at its end"
>
>
>
>


-- 
"Thou shalt not follow the NULL pointer, for chaos and madness await thee
at its end"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.yoctoproject.org/pipermail/meta-virtualization/attachments/20180529/21ca6c32/attachment.html>


More information about the meta-virtualization mailing list