Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 441094 Details for
Bug 589150
app-containers/docker: add iptables USE flag
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
docker-1.12.0_rc4-r2.ebuild
docker-1.12.0_rc4-r2.ebuild (text/plain), 7.49 KB, created by
Daniel Maxime
on 2016-07-19 13:18:55 UTC
(
hide
)
Description:
docker-1.12.0_rc4-r2.ebuild
Filename:
MIME Type:
Creator:
Daniel Maxime
Created:
2016-07-19 13:18:55 UTC
Size:
7.49 KB
patch
obsolete
># Copyright 1999-2016 Gentoo Foundation ># Distributed under the terms of the GNU General Public License v2 ># $Id$ > >EAPI=6 > >EGO_PN="github.com/docker/docker" > >if [[ ${PV} = *9999* ]]; then > # Docker cannot be fetched via "go get", thanks to autogenerated code > EGIT_REPO_URI="https://${EGO_PN}.git" > EGIT_CHECKOUT_DIR="${WORKDIR}/${P}/src/${EGO_PN}" > inherit git-r3 >else > MY_PV="${PV/_/-}" > DOCKER_GITCOMMIT="e4a0dbc" > EGIT_COMMIT="v${MY_PV}" > SRC_URI="https://${EGO_PN}/archive/${EGIT_COMMIT}.tar.gz -> ${P}.tar.gz" > KEYWORDS="~amd64" > [ "$DOCKER_GITCOMMIT" ] || die "DOCKER_GITCOMMIT must be added manually for each bump!" > inherit golang-vcs-snapshot >fi >inherit bash-completion-r1 golang-base linux-info systemd udev user > >DESCRIPTION="The core functions you need to create Docker images and run Docker containers" >HOMEPAGE="https://dockerproject.org" >LICENSE="Apache-2.0" >SLOT="0" >IUSE="apparmor aufs btrfs +device-mapper experimental overlay seccomp iptables" > ># https://github.com/docker/docker/blob/master/hack/PACKAGERS.md#build-dependencies >CDEPEND=" > >=dev-db/sqlite-3.7.9:3 > device-mapper? ( > >=sys-fs/lvm2-2.02.89[thin] > ) > seccomp? ( >=sys-libs/libseccomp-2.2.1 ) > apparmor? ( sys-libs/libapparmor ) > iptables? ( >=net-firewall/iptables-1.4 ) >" > >DEPEND=" > ${CDEPEND} > > dev-go/go-md2man > > btrfs? ( > >=sys-fs/btrfs-progs-3.8 > ) >" > ># https://github.com/docker/docker/blob/master/hack/PACKAGERS.md#runtime-dependencies ># https://github.com/docker/docker/blob/master/hack/PACKAGERS.md#optional-dependencies >RDEPEND=" > ${CDEPEND} > > !app-emulation/docker-bin > sys-process/procps > >=dev-vcs/git-1.7 > >=app-arch/xz-utils-4.9 > > >app-emulation/containerd-0.2.2 > app-emulation/runc[apparmor?,seccomp?] >" > >RESTRICT="installsources strip" > >S="${WORKDIR}/${P}/src/${EGO_PN}" > ># see "contrib/check-config.sh" from upstream's sources >CONFIG_CHECK=" > ~NAMESPACES ~NET_NS ~PID_NS ~IPC_NS ~UTS_NS > ~DEVPTS_MULTIPLE_INSTANCES > ~CGROUPS ~CGROUP_CPUACCT ~CGROUP_DEVICE ~CGROUP_FREEZER ~CGROUP_SCHED ~CPUSETS ~MEMCG > ~KEYS ~MACVLAN ~VETH ~BRIDGE ~BRIDGE_NETFILTER > ~NF_NAT_IPV4 ~IP_NF_FILTER ~IP_NF_TARGET_MASQUERADE > ~IP_VS > ~NETFILTER_XT_MATCH_ADDRTYPE ~NETFILTER_XT_MATCH_CONNTRACK > ~NF_NAT ~NF_NAT_NEEDED > > ~POSIX_MQUEUE > > ~MEMCG_KMEM ~MEMCG_SWAP ~MEMCG_SWAP_ENABLED > > ~BLK_CGROUP ~IOSCHED_CFQ > ~CGROUP_PERF > ~CGROUP_HUGETLB > ~NET_CLS_CGROUP > ~CFS_BANDWIDTH ~FAIR_GROUP_SCHED ~RT_GROUP_SCHED > ~XFRM_ALGO ~XFRM_USER >" > >ERROR_KEYS="CONFIG_KEYS: is mandatory" >ERROR_MEMCG_KMEM="CONFIG_MEMCG_KMEM: is optional" >ERROR_MEMCG_SWAP="CONFIG_MEMCG_SWAP: is required if you wish to limit swap usage of containers" >ERROR_RESOURCE_COUNTERS="CONFIG_RESOURCE_COUNTERS: is optional for container statistics gathering" > >ERROR_BLK_CGROUP="CONFIG_BLK_CGROUP: is optional for container statistics gathering" >ERROR_IOSCHED_CFQ="CONFIG_IOSCHED_CFQ: is optional for container statistics gathering" >ERROR_CGROUP_PERF="CONFIG_CGROUP_PERF: is optional for container statistics gathering" >ERROR_CFS_BANDWIDTH="CONFIG_CFS_BANDWIDTH: is optional for container statistics gathering" >ERROR_XFRM_ALGO="CONFIG_XFRM_ALGO: is optional for secure networks" >ERROR_XFRM_USER="CONFIG_XFRM_USER: is optional for secure networks" > >pkg_setup() { > if kernel_is lt 3 10; then > ewarn "" > ewarn "Using Docker with kernels older than 3.10 is unstable and unsupported." > ewarn " - http://docs.docker.com/installation/binaries/#check-kernel-dependencies" > fi > > # for where these kernel versions come from, see: > # https://www.google.com/search?q=945b2b2d259d1a4364a2799e80e8ff32f8c6ee6f+site%3Akernel.org%2Fpub%2Flinux%2Fkernel+file%3AChangeLog* > if ! { > kernel_is ge 3 16 \ > || { kernel_is 3 15 && kernel_is ge 3 15 5; } \ > || { kernel_is 3 14 && kernel_is ge 3 14 12; } \ > || { kernel_is 3 12 && kernel_is ge 3 12 25; } > }; then > ewarn "" > ewarn "There is a serious Docker-related kernel panic that has been fixed in 3.16+" > ewarn " (and was backported to 3.15.5+, 3.14.12+, and 3.12.25+)" > ewarn "" > ewarn "See also https://github.com/docker/docker/issues/2960" > fi > > if kernel_is le 3 18; then > CONFIG_CHECK+=" > ~RESOURCE_COUNTERS > " > fi > > if kernel_is le 3 13; then > CONFIG_CHECK+=" > ~NETPRIO_CGROUP > " > else > CONFIG_CHECK+=" > ~CGROUP_NET_PRIO > " > fi > > if use aufs; then > CONFIG_CHECK+=" > ~AUFS_FS > ~EXT4_FS_POSIX_ACL ~EXT4_FS_SECURITY > " > ERROR_AUFS_FS="CONFIG_AUFS_FS: is required to be set if and only if aufs-sources are used instead of aufs4/aufs3" > fi > > if use btrfs; then > CONFIG_CHECK+=" > ~BTRFS_FS > " > fi > > if use device-mapper; then > CONFIG_CHECK+=" > ~BLK_DEV_DM ~DM_THIN_PROVISIONING ~EXT4_FS ~EXT4_FS_POSIX_ACL ~EXT4_FS_SECURITY > " > fi > > if use overlay; then > CONFIG_CHECK+=" > ~OVERLAY_FS ~EXT4_FS_SECURITY ~EXT4_FS_POSIX_ACL > " > fi > > linux-info_pkg_setup > > # create docker group for the code checking for it in /etc/group > enewgroup docker >} > >src_compile() { > export GOPATH="${WORKDIR}/${P}:${PWD}/vendor" > > # setup CFLAGS and LDFLAGS for separate build target > # see https://github.com/tianon/docker-overlay/pull/10 > export CGO_CFLAGS="-I${ROOT}/usr/include" > export CGO_LDFLAGS="-L${ROOT}/usr/$(get_libdir)" > > # if we're building from a zip, we need the GITCOMMIT value > [ "$DOCKER_GITCOMMIT" ] && export DOCKER_GITCOMMIT > > if gcc-specs-pie; then > sed -i "s/EXTLDFLAGS_STATIC='/&-fno-PIC /" hack/make.sh || die > grep -q -- '-fno-PIC' hack/make.sh || die 'hardened sed failed' > > sed "s/LDFLAGS_STATIC_DOCKER='/&-extldflags -fno-PIC /" \ > -i hack/make/dynbinary || die > grep -q -- '-fno-PIC' hack/make/dynbinary || die 'hardened sed failed' > fi > > # let's set up some optional features :) > export DOCKER_BUILDTAGS='' > for gd in aufs btrfs device-mapper overlay; do > if ! use $gd; then > DOCKER_BUILDTAGS+=" exclude_graphdriver_${gd//-/}" > fi > done > > for tag in apparmor seccomp; do > if use $tag; then > DOCKER_BUILDTAGS+=" $tag" > fi > done > > # https://github.com/docker/docker/pull/13338 > if use experimental; then > export DOCKER_EXPERIMENTAL=1 > else > unset DOCKER_EXPERIMENTAL > fi > > # time to build! > ./hack/make.sh dynbinary || die 'dynbinary failed' > > # build the man pages too > ./man/md2man-all.sh || die "unable to generate man pages" >} > >src_install() { > VERSION="$(cat VERSION)" > newbin "bundles/$VERSION/dynbinary-client/docker-$VERSION" docker > newbin "bundles/$VERSION/dynbinary-daemon/dockerd-$VERSION" dockerd > newbin "bundles/$VERSION/dynbinary-daemon/docker-proxy-$VERSION" docker-proxy > dosym containerd /usr/bin/docker-containerd > dosym containerd-shim /usr/bin/docker-containerd-shim > dosym runc /usr/bin/docker-runc > > newinitd contrib/init/openrc/docker.initd docker > newconfd contrib/init/openrc/docker.confd docker > > systemd_dounit contrib/init/systemd/docker.{service,socket} > > udev_dorules contrib/udev/*.rules > > dodoc AUTHORS CONTRIBUTING.md CHANGELOG.md NOTICE README.md > dodoc -r docs/* > doman man/man*/* > > dobashcomp contrib/completion/bash/* > > insinto /usr/share/zsh/site-functions > doins contrib/completion/zsh/* > > insinto /usr/share/vim/vimfiles > doins -r contrib/syntax/vim/ftdetect > doins -r contrib/syntax/vim/syntax > > # note: intentionally not using "doins" so that we preserve +x bits > mkdir -p "${D}/usr/share/${PN}/contrib" > cp -R contrib/* "${D}/usr/share/${PN}/contrib" >} > >pkg_postinst() { > udev_reload > > elog > elog "To use Docker, the Docker daemon must be running as root. To automatically" > elog "start the Docker daemon at boot, add Docker to the default runlevel:" > elog " rc-update add docker default" > elog "Similarly for systemd:" > elog " systemctl enable docker.service" > elog > elog "To use Docker as a non-root user, add yourself to the 'docker' group:" > elog " usermod -aG docker youruser" > elog >}
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 589150
: 441094