diff options
| author | Oskari Rauta <oskari.rauta@gmail.com> | 2021-03-30 14:55:57 +0300 |
|---|---|---|
| committer | Daniel Golle <daniel@makrotopia.org> | 2021-03-31 00:55:45 +0100 |
| commit | abce42385154c824d850225f466e54f1136a657a (patch) | |
| tree | 4906f0b13112ebc62232939d848a5b3026e8dc02 /utils/podman | |
| parent | df4b1ae24e5532e8d3c634d8ae82f87c8f6ea8e0 (diff) | |
podman: Add selinux variant and several improvements
* add -selinux variant which depends on libselinux
* init script for background service
* updated configurations
* maintainer change as requested
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
Diffstat (limited to 'utils/podman')
| -rw-r--r-- | utils/podman/Makefile | 49 | ||||
| -rw-r--r-- | utils/podman/files/containers.conf | 10 | ||||
| -rwxr-xr-x | utils/podman/files/podman.init | 14 |
3 files changed, 62 insertions, 11 deletions
diff --git a/utils/podman/Makefile b/utils/podman/Makefile index c567d62b3..5c9744a44 100644 --- a/utils/podman/Makefile +++ b/utils/podman/Makefile @@ -10,7 +10,7 @@ PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_LICENSE:=Apache-2.0 PKG_LICENSE_FILES:=LICENSE -PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org> +PKG_MAINTAINER:=Oskari Rauta <oskari.rauta@gmail.com> PKG_BUILD_DEPENDS:=golang/host protobuf/host PKG_BUILD_PARALLEL:=1 @@ -19,8 +19,6 @@ PKG_USE_MIPS16:=0 GO_PKG:=github.com/containers/podman/ GO_PKG_BUILD_PKG:=github.com/containers/podman/v2/cmd/podman/ -GO_PKG_TAGS=seccomp,exclude_graphdriver_devicemapper - include $(INCLUDE_DIR)/package.mk include ../../lang/golang/golang-package.mk @@ -38,22 +36,54 @@ define Download/default-policy HASH:=cddfaa8e6a7e5497b67cc0dd8e8517058d0c97de91bf46fff867528415f2d946 endef -define Package/podman +define Package/podman/Default SECTION:=utils CATEGORY:=Utilities TITLE:=Podman + DEPENDS:=$(GO_ARCH_DEPENDS) +conmon +cni +cni-plugins +btrfs-progs +glib2 +gnupg2 +iptables +libgpg-error +libseccomp +libgpgme +nsenter +zoneinfo-simple +kmod-veth URL:=https://podman.io - DEPENDS:=$(GO_ARCH_DEPENDS) +conmon +cni +cni-plugins +btrfs-progs +glib2 +gnupg2 +iptables +libgpg-error +libseccomp +libgpgme +nsenter +zoneinfo-simple +endef + +define Package/podman + $(call Package/podman/Default) + CONFLICTS:=podman-selinux + VARIANT:=default + PROVIDES:=podman +endef + +define Package/podman-selinux + $(call Package/podman/Default) + TITLE+= with SELinux support + DEPENDS+= libselinux + VARIANT:=selinux + PROVIDES:=podman endef define Package/podman/description Podman: A tool for managing OCI containers and pods endef +define Package/podman-selinux/description + Podman: A tool for managing OCI containers and pods + SELinux enabled. +endef + define Package/podman/conffiles -/etc/containers + /etc/containers/policy.json + /etc/containers/storage.conf + /etc/containers/registries.conf + /etc/containers/containers.conf + /etc/cni/net.d/87-podman-bridge.conflist endef +Package/podman-selinux/conffiles = $(Package/podman/conffiles) + +ifeq ($(BUILD_VARIANT),selinux) + GO_PKG_TAGS=seccomp,exclude_graphdriver_devicemapper,selinux +else + GO_PKG_TAGS=seccomp,exclude_graphdriver_devicemapper +endif + define Build/Prepare $(call Build/Prepare/Default) $(eval $(call Download,default-registries)) @@ -69,7 +99,14 @@ define Package/podman/install $(INSTALL_CONF) ./files/containers.conf $(1)/etc/containers/containers.conf $(INSTALL_DIR) $(1)/etc/cni/net.d $(INSTALL_CONF) $(PKG_BUILD_DIR)/cni/87-podman-bridge.conflist $(1)/etc/cni/net.d/ + $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_BIN) ./files/podman.init $(1)/etc/init.d/podman + $(SED) 's/driver = \"\"/driver = \"overlay\"/g' $(1)/etc/containers/storage.conf endef +Package/podman-selinux/install = $(Package/podman/install) + $(eval $(call GoBinPackage,podman)) $(eval $(call BuildPackage,podman)) +$(eval $(call GoBinPackage,podman-selinux)) +$(eval $(call BuildPackage,podman-selinux)) diff --git a/utils/podman/files/containers.conf b/utils/podman/files/containers.conf index c06e4b624..3cb5e87a2 100644 --- a/utils/podman/files/containers.conf +++ b/utils/podman/files/containers.conf @@ -7,19 +7,19 @@ network_config_dir="/etc/cni/net.d/" default_network="podman" [engine] -runtime="/usr/sbin/crun" +runtime="/usr/bin/crun" # runtime="/usr/sbin/runc" # runtime="/sbin/uxc" # runtime_supports_nocgroups = ["crun", "uxc"] # runtime_supports_json = ["crun", "runc", "kata", "uxc"] [engine.runtimes] -runc = [ - "/usr/sbin/runc", +crun = [ + "/usr/bin/crun", ] -crun = [ - "/usr/bin/crun", +runc = [ + "/usr/sbin/runc", ] uxc = [ diff --git a/utils/podman/files/podman.init b/utils/podman/files/podman.init new file mode 100755 index 000000000..1df70407f --- /dev/null +++ b/utils/podman/files/podman.init @@ -0,0 +1,14 @@ +#!/bin/sh /etc/rc.common + +START=99 +USE_PROCD=1 +NAME=podman +PROG=/usr/bin/podman + +start_service() { + [ -d /run/podman ] || mkdir -p /run/podman + procd_open_instance "podman" + procd_set_param command "$PROG" system service --time=0 + procd_append_param command $command + procd_close_instance +} |