[meta-virtualization] [PATCH 1/2] runc: allow enabling seccomp

[akuster808]

On 05/29/2018 07:45 AM, Bruce Ashfield wrote:
>
>
> On Tue, May 29, 2018 at 10:33 AM, akuster808 <akuster808 at gmail.com
> <mailto:akuster808 at gmail.com>> wrote:
>
>
>
>     On 05/29/2018 07:25 AM, Bruce Ashfield wrote:
>>     merged.
>>
>>     Bruce
>>
>>     On Fri, May 25, 2018 at 9:58 AM, Pascal Bach
>>     <pascal.bach at siemens.com <mailto:pascal.bach at siemens.com>> wrote:
>>
>>         This requires libseccomp from meta-security so it is not
>>         enabled by default.
>>
>
>     will there be a patch to add this dependency to the layer.conf ?
>
>
>
> We just tweaked it, but yes it will need another patch.
>
> But that dependency is conditional, do we have examples of how to make
> the layer.conf dependency conditional ? We may need a distro or other
> feature, I suppose.
or we just move libseccomp to meta-oe and call it a day ; ) ( something
I have been thinking about for a while)

- armin
>
> Bruce 
>  
>
>
>     - armin
>
>>
>>         Signed-off-by: Pascal Bach <pascal.bach at siemens.com
>>         <mailto:pascal.bach at siemens.com>>
>>         ---
>>          recipes-containers/runc/runc.inc | 6 +++++-
>>          1 file changed, 5 insertions(+), 1 deletion(-)
>>
>>         diff --git a/recipes-containers/runc/runc.inc
>>         b/recipes-containers/runc/runc.inc
>>         index 9199cef..6d11a6e 100644
>>         --- a/recipes-containers/runc/runc.inc
>>         +++ b/recipes-containers/runc/runc.inc
>>         @@ -12,6 +12,10 @@ PV = "${RUNC_VERSION}+git${SRCPV}"
>>
>>          inherit go
>>          inherit goarch
>>         +inherit pkgconfig
>>         +
>>         +PACKAGECONFIG ??= ""
>>         +PACKAGECONFIG[seccomp] = "seccomp,,libseccomp"
>>
>>          RRECOMMENDS_${PN} = "lxc docker"
>>          PROVIDES += "virtual/runc"
>>         @@ -22,7 +26,7 @@ GO_IMPORT = "import"
>>          LIBCONTAINER_PACKAGE="github.com/opencontainers/runc/libcontainer
>>         <http://github.com/opencontainers/runc/libcontainer>"
>>
>>          do_configure[noexec] = "1"
>>         -EXTRA_OEMAKE="BUILDTAGS='' GO=${GO}"
>>         +EXTRA_OEMAKE="BUILDTAGS='${PACKAGECONFIG_CONFARGS}' GO=${GO}"
>>
>>          do_compile() {
>>                 # Set GOPATH. See 'PACKAGERS.md'. Don't rely on
>>         -- 
>>         2.11.0
>>
>>         -- 
>>         _______________________________________________
>>         meta-virtualization mailing list
>>         meta-virtualization at yoctoproject.org
>>         <mailto:meta-virtualization at yoctoproject.org>
>>         https://lists.yoctoproject.org/listinfo/meta-virtualization
>>         <https://lists.yoctoproject.org/listinfo/meta-virtualization>
>>
>>
>>
>>
>>     -- 
>>     "Thou shalt not follow the NULL pointer, for chaos and madness
>>     await thee at its end"
>>
>>
>
>
>
>
> -- 
> "Thou shalt not follow the NULL pointer, for chaos and madness await
> thee at its end"
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.yoctoproject.org/pipermail/meta-virtualization/attachments/20180529/55873eed/attachment-0001.html>