# Copyright 1999-2018 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2

EAPI=8

inherit bash-completion-r1

MY_P="${P/_/-}"

DESCRIPTION="Linux-VServer admin utilities"
HOMEPAGE="http://www.nongnu.org/util-vserver/"
SRC_URI="http://people.linux-vserver.org/~dhozac/t/uv-testing/${MY_P}.tar.gz"

LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~x86"
IUSE="beecrypt +dietlibc +nss"

CDEPEND="
	net-misc/vconfig
	beecrypt? ( dev-libs/beecrypt )
	nss? ( dev-libs/nss )
	sys-apps/iproute2
	net-firewall/iptables"

DEPEND="
	${CDEPEND}
	dietlibc? ( >dev-libs/dietlibc-0.33 )"

RDEPEND="
	${CDEPEND}"

REQUIRED_USE="
	?? ( 
		beecrypt
		nss
	)"
	
S="${WORKDIR}/${MY_P}"

DOCS=( README ChangeLog NEWS AUTHORS THANKS util-vserver.spec )

src_prepare() {
	if use dietlibc ; then
		eapply "${FILESDIR}/${P}-dietlibc.patch"
	fi
	eapply "${FILESDIR}/${PN}-install-paths.patch"
	eapply_user
}

pkg_setup() {
	if [[ -z "${VDIRBASE}" ]]; then
		einfo
		einfo "You can change the default vserver base directory (/vservers)"
		einfo "by setting the VDIRBASE environment variable."
	fi

	: ${VDIRBASE:=/vservers}

	einfo
	einfo "Using \"${VDIRBASE}\" as vserver base directory"
	einfo
}

src_test() {
	# do not use $D from portage by accident (#297982)
	sed -i -e 's/^\$D //' "${S}"/src/testsuite/vunify-test.sh || die

	default
}

src_configure() {
	local myeconf=" --with-vrootdir=${VDIRBASE} --with-initscripts=gentoo --localstatedir=/var"

	if ! use dietlibc ; then
		myeconf+=" --disable-dietlibc"
	fi
	
	if use nss ; then
		myeconf+=" --with-crypto-api=nss"
	elif use beecrypt ; then
		myeconf+=" --with-crypto-api=beecrypt"
	else
		myeconf+=" --with-crypto-api=none"
	fi
		
	econf ${myeconf} 
}

src_compile() {
	emake -j1
}

src_install() {
	make DESTDIR="${D}" install install-distribution || die

	# remove runtime paths
	rm -rf "${D}"/var/run
	rm -rf "${D}"/var/cache

	# keep dirs
	keepdir "${VDIRBASE}"
	keepdir "${VDIRBASE}"/.pkg

	# bash-completion
	newbashcomp "${FILESDIR}"/bash_completion ${PN}
}

pkg_postinst() {
	if ! use dietlibc ; then
		ewarn "dietlibc isn't just used to replace glibc, it is used to"
		ewarn "build static binaries which are actually 'static'"
		ewarn "note that glibc cannot build self contained binaries"
		ewarn "anymore, even if you build them 'statically' they will"
		ewarn "dynamically load resolver libraries, which in the case"
		ewarn "of guest management might be from the host or from the"
		ewarn "guest."
		ewarn "Anytime you start or enter the guest, you"
		ewarn "have a certain chance that the host will execute some"
		ewarn "code from the guest system (nss) which in turn gives"
		ewarn "guest root a good chance to do evil things on the host"
		ewarn "and even if security is not a concern in your case, you"
		ewarn "might end up with unexpected failures"
	fi
	# Create VDIRBASE in postinst, so it is (a) not unmerged and (b) also
	# present when merging.
	mkdir -p "${VDIRBASE}" || die
	if ! setattr --barrier "${VDIRBASE}"; then
		ewarn "Filesystem on ${VDIRBASE} does not support chroot barriers."
		ewarn "Chroot barrier is additional security measure that is used"
		ewarn "when two vservers or the host system share the same filesystem."
		ewarn "If you intend to use separate filesystem for every vserver"
		ewarn "you can safely ignore this warning."
		ewarn "To manually apply a barrier use: setattr --barrier ${VDIRBASE}"
		ewarn "For details see: http://linux-vserver.org/Secure_chroot_Barrier"
	fi

	rm /etc/vservers/.defaults/vdirbase || die
	ln -sf "${VDIRBASE}" /etc/vservers/.defaults/vdirbase || die

	elog
	elog "You have to run the vprocunhide command after every reboot"
	elog "in order to setup /proc permissions correctly for vserver"
	elog "use. An init script has been installed by this package."
	elog "To use it you should add it to a runlevel:"
	elog
	elog " rc-update add vprocunhide default"
	elog
}