[meta-virtualization] [PATCH 1/2] runc: allow enabling seccomp
akuster808
akuster808 at gmail.com
Tue May 29 07:56:40 PDT 2018
On 05/29/2018 07:45 AM, Bruce Ashfield wrote:
>
>
> On Tue, May 29, 2018 at 10:33 AM, akuster808 <akuster808 at gmail.com
> <mailto:akuster808 at gmail.com>> wrote:
>
>
>
> On 05/29/2018 07:25 AM, Bruce Ashfield wrote:
>> merged.
>>
>> Bruce
>>
>> On Fri, May 25, 2018 at 9:58 AM, Pascal Bach
>> <pascal.bach at siemens.com <mailto:pascal.bach at siemens.com>> wrote:
>>
>> This requires libseccomp from meta-security so it is not
>> enabled by default.
>>
>
> will there be a patch to add this dependency to the layer.conf ?
>
>
>
> We just tweaked it, but yes it will need another patch.
>
> But that dependency is conditional, do we have examples of how to make
> the layer.conf dependency conditional ? We may need a distro or other
> feature, I suppose.
or we just move libseccomp to meta-oe and call it a day ; ) ( something
I have been thinking about for a while)
- armin
>
> Bruce
>
>
>
> - armin
>
>>
>> Signed-off-by: Pascal Bach <pascal.bach at siemens.com
>> <mailto:pascal.bach at siemens.com>>
>> ---
>> recipes-containers/runc/runc.inc | 6 +++++-
>> 1 file changed, 5 insertions(+), 1 deletion(-)
>>
>> diff --git a/recipes-containers/runc/runc.inc
>> b/recipes-containers/runc/runc.inc
>> index 9199cef..6d11a6e 100644
>> --- a/recipes-containers/runc/runc.inc
>> +++ b/recipes-containers/runc/runc.inc
>> @@ -12,6 +12,10 @@ PV = "${RUNC_VERSION}+git${SRCPV}"
>>
>> inherit go
>> inherit goarch
>> +inherit pkgconfig
>> +
>> +PACKAGECONFIG ??= ""
>> +PACKAGECONFIG[seccomp] = "seccomp,,libseccomp"
>>
>> RRECOMMENDS_${PN} = "lxc docker"
>> PROVIDES += "virtual/runc"
>> @@ -22,7 +26,7 @@ GO_IMPORT = "import"
>> LIBCONTAINER_PACKAGE="github.com/opencontainers/runc/libcontainer
>> <http://github.com/opencontainers/runc/libcontainer>"
>>
>> do_configure[noexec] = "1"
>> -EXTRA_OEMAKE="BUILDTAGS='' GO=${GO}"
>> +EXTRA_OEMAKE="BUILDTAGS='${PACKAGECONFIG_CONFARGS}' GO=${GO}"
>>
>> do_compile() {
>> # Set GOPATH. See 'PACKAGERS.md'. Don't rely on
>> --
>> 2.11.0
>>
>> --
>> _______________________________________________
>> meta-virtualization mailing list
>> meta-virtualization at yoctoproject.org
>> <mailto:meta-virtualization at yoctoproject.org>
>> https://lists.yoctoproject.org/listinfo/meta-virtualization
>> <https://lists.yoctoproject.org/listinfo/meta-virtualization>
>>
>>
>>
>>
>> --
>> "Thou shalt not follow the NULL pointer, for chaos and madness
>> await thee at its end"
>>
>>
>
>
>
>
> --
> "Thou shalt not follow the NULL pointer, for chaos and madness await
> thee at its end"
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.yoctoproject.org/pipermail/meta-virtualization/attachments/20180529/55873eed/attachment-0001.html>
More information about the meta-virtualization
mailing list