# Copyright 2022-2024 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=8 inherit bash-completion-r1 linux-info meson optfeature systemd toolchain-funcs verify-sig DESCRIPTION="A userspace interface for the Linux kernel containment features" HOMEPAGE="https://linuxcontainers.org/ https://github.com/lxc/lxc" SRC_URI="https://linuxcontainers.org/downloads/lxc/${P}.tar.gz verify-sig? ( https://linuxcontainers.org/downloads/lxc/${P}.tar.gz.asc )" LICENSE="GPL-2 LGPL-2.1 LGPL-3" SLOT="0/1.8" # SONAME liblxc.so.1 + ${PV//./} _if_ breaking ABI change while bumping. KEYWORDS="amd64 ~arm ~arm64 ~ppc64 ~riscv x86" IUSE="apparmor +caps examples io-uring lto man pam seccomp selinux ssl systemd test +tools" RDEPEND="acct-group/lxc acct-user/lxc apparmor? ( sys-libs/libapparmor ) caps? ( sys-libs/libcap ) io-uring? ( >=sys-libs/liburing-2:= ) pam? ( sys-libs/pam ) seccomp? ( sys-libs/libseccomp ) selinux? ( sys-libs/libselinux ) ssl? ( dev-libs/openssl:0= ) systemd? ( sys-apps/dbus sys-apps/systemd:= ) tools? ( sys-libs/libcap )" DEPEND="${RDEPEND} caps? ( sys-libs/libcap[static-libs] ) tools? ( sys-libs/libcap[static-libs] ) sys-kernel/linux-headers" BDEPEND="virtual/pkgconfig man? ( app-text/docbook2X ) verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" RESTRICT="!test? ( test )" CONFIG_CHECK="~!NETPRIO_CGROUP ~CGROUPS ~CGROUP_CPUACCT ~CGROUP_DEVICE ~CGROUP_FREEZER ~CGROUP_SCHED ~CPUSETS ~IPC_NS ~MACVLAN ~MEMCG ~NAMESPACES ~NET_NS ~PID_NS ~POSIX_MQUEUE ~USER_NS ~UTS_NS ~VETH" ERROR_CGROUP_FREEZER="CONFIG_CGROUP_FREEZER: needed to freeze containers" ERROR_MACVLAN="CONFIG_MACVLAN: needed for internal (inter-container) networking" ERROR_MEMCG="CONFIG_MEMCG: needed for memory resource control in containers" ERROR_NET_NS="CONFIG_NET_NS: needed for unshared network" ERROR_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE: needed for lxc-execute command" ERROR_UTS_NS="CONFIG_UTS_NS: needed to unshare hostnames and uname info" ERROR_VETH="CONFIG_VETH: needed for internal (host-to-container) networking" VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/linuxcontainers.asc DOCS=( AUTHORS CONTRIBUTING MAINTAINERS README.md doc/FAQ.txt ) pkg_setup() { linux-info_pkg_setup } src_configure() { # -Dtools-multicall=false: will create a single binary called 'lxc' that conflicts with LXD. local emesonargs=( --localstatedir "${EPREFIX}/var" -Dcoverity-build=false -Dinstall-state-dirs=false -Doss-fuzz=false -Dspecfile=false -Dtools-multicall=false -Dcommands=true -Dinstall-init-files=true -Dmemfd-rexec=true -Dthread-safety=true $(meson_use apparmor) $(meson_use caps capabilities) $(meson_use examples) $(meson_use io-uring io-uring-event-loop) $(meson_use lto b_lto) $(meson_use man) $(meson_use pam pam-cgroup) $(meson_use seccomp) $(meson_use selinux) $(meson_use ssl openssl) $(meson_use test tests) $(meson_use tools) $(usex systemd -Ddbus=true -Ddbus=false) $(usex systemd -Dinit-script="systemd" -Dinit-script="sysvinit") -Ddata-path=/var/lib/lxc -Ddoc-path=/usr/share/doc/${PF} -Dlog-path=/var/log/lxc -Drootfs-mount-path=/var/lib/lxc/rootfs -Druntime-path=/run ) use tools && local emesonargs+=( -Dcapabilities=true ) if $(tc-ld-is-gold) || $(tc-ld-is-lld); then local emesonargs+=( -Db_lto_mode=thin ) else local emesonargs+=( -Db_lto_mode=default ) fi meson_src_configure } src_install() { meson_src_install # The main bash-completion file will collide with lxd, need to relocate and update symlinks. local lxcbashcompdir="${D}/$(get_bashcompdir)" mkdir -p "${lxcbashcompdir}" || die "Failed to create bashcompdir." mv "${lxcbashcompdir}"/_lxc "${lxcbashcompdir}"/lxc-start || die "Failed to move _lxc bash completion file." # Build system will install all bash completion files regardless of our 'tools' use flag. # Though installing them all will add bash completions for commands that don't exist, it's # cleaner than dealing with individual files based on the use flag status. bashcomp_alias lxc-start lxc-{attach,autostart,cgroup,checkpoint,config,console,copy,create,destroy,device,execute,freeze,info,ls,monitor,snapshot,stop,top,unfreeze,unshare,update-config,usernsexec,wait} find "${ED}" -name '*.la' -delete -o -name '*.a' -delete || die # Replace upstream sysvinit/systemd files. if use systemd ; then rm -r "${D}$(systemd_get_systemunitdir)" || die "Failed to remove systemd lib dir" else rm "${ED}"/etc/init.d/lxc-{containers,net} || die "Failed to remove sysvinit scripts" fi newinitd "${FILESDIR}/${PN}.initd.9" ${PN} systemd_newunit "${FILESDIR}"/lxc-monitord.service.5.0.0 lxc-monitord.service systemd_newunit "${FILESDIR}"/lxc-net.service.5.0.0 lxc-net.service systemd_newunit "${FILESDIR}"/lxc.service-5.0.0 lxc.service systemd_newunit "${FILESDIR}"/lxc_at.service.5.0.0 "lxc@.service" if ! use apparmor; then sed -i '/lxc-apparmor-load/d' "${D}$(systemd_get_systemunitdir)/lxc.service" || die "Failed to remove apparmor references from lxc.service systemd unit." fi } pkg_postinst() { elog "Please refer to " elog "https://wiki.gentoo.org/wiki/LXC for introduction and usage guide." elog elog "Run 'lxc-checkconfig' to see optional kernel features." elog optfeature "creating your own LXC containers" app-containers/distrobuilder optfeature "automatic template scripts" app-containers/lxc-templates optfeature "Debian-based distribution container image support" dev-util/debootstrap optfeature "snapshot & restore functionality" sys-process/criu }