X-Git-Url: https://git.pld-linux.org/?a=blobdiff_plain;f=lxc.spec;h=ab96fb646404625984560faf4386f121cf9a0ae5;hb=7af31a122f2ca9ca0e10fdebdd1ad09f66237e1a;hp=1247960fd3993d4fd415711278848e5643d5ad6a;hpb=56fbb682ae65e4500173f8a660de8e99770348ba;p=packages%2Flxc.git diff --git a/lxc.spec b/lxc.spec index 1247960..ab96fb6 100644 --- a/lxc.spec +++ b/lxc.spec @@ -1,50 +1,69 @@ # TODO # - package apparmor stuff +# - update (cut down, include /usr/share/lxc/config/common.conf) default pld container config # Conditional build: -%bcond_without seccomp # SecComp syscall filter -%bcond_without apparmor # apparmor -%bcond_without lua # Lua binding -%bcond_without python # Python binding -%bcond_with selinux # SELinux -%bcond_with cgmanager # Enable cgmanager (BR: libcgmanager, libnih >= 1.0.2, libnih-dbus >= 1.0.0, dbus-1 >= 1.2.16) +%bcond_without apparmor # apparmor support +%bcond_without seccomp # SecComp syscall filter +%bcond_without static # static init.lxc variant +%bcond_with selinux # SELinux support +%bcond_with cgmanager # cgmanager support +%bcond_without pam # cgfs PAM module Summary: Linux Containers userspace tools Summary(pl.UTF-8): Narzędzia do kontenerów linuksowych (LXC) Name: lxc -Version: 1.0.6 -Release: 2 +Version: 4.0.5 +Release: 1 License: LGPL v2.1+ Group: Applications/System -Source0: https://www.linuxcontainers.org/downloads/%{name}-%{version}.tar.gz -# Source0-md5: 4aad3aee84b42faa194e44091d723a3b +Source0: https://linuxcontainers.org/downloads/lxc/%{name}-%{version}.tar.gz +# Source0-md5: 9db85d0a12b24f674df3e84df12afed9 Source1: %{name}-pld.in.sh -Source2: %{name}.init -Patch1: %{name}-pld.patch +# lxc-net based on bridge, macvlan is an alternative/supported lxc network +Source2: %{name}_macvlan.sysconfig +Source3: %{name}_macvlan +Patch1: %{name}-net.patch +Patch2: x32.patch URL: https://www.linuxcontainers.org/ BuildRequires: autoconf >= 2.50 BuildRequires: automake -BuildRequires: docbook-dtd30-sgml -BuildRequires: docbook-utils -BuildRequires: docbook2X +%{?with_cgmanager:BuildRequires: cgmanager-devel} +%{?with_cgmanager:BuildRequires: dbus-devel >= 1.2.16} +BuildRequires: docbook-dtd45-xml +BuildRequires: docbook2X >= 0.8 +BuildRequires: doxygen +BuildRequires: gcc >= 6:4.7 +%{?with_static:BuildRequires: glibc-static} BuildRequires: gnutls-devel %{?with_apparmor:BuildRequires: libapparmor-devel} BuildRequires: libcap-devel +%{?with_static:BuildRequires: libcap-static} +%{?with_cgmanager:BuildRequires: libnih-devel >= 1.0.2} %{?with_seccomp:BuildRequires: libseccomp-devel} +BuildRequires: libtool >= 2:2 BuildRequires: libxslt-progs -%{?with_lua:BuildRequires: lua51-devel >= 5.1} +%{?with_pam:BuildRequires: pam-devel} BuildRequires: pkgconfig -%{?with_python:BuildRequires: python3-devel >= 3.2} -BuildRequires: rpm-pythonprov -BuildRequires: rpmbuild(macros) >= 1.612 +BuildRequires: rpmbuild(macros) >= 1.671 BuildRequires: sed >= 4.0 +Requires(post): /sbin/ldconfig +Requires(post,preun): /sbin/chkconfig +Requires: %{name}-libs = %{version}-%{release} +# lxc_macvlan script +Requires: gawk +# used in lxc-net script to set bridge nat +Requires: iproute2 +Requires: iptables Requires: rc-scripts >= 0.4.6 +Requires: systemd-units >= 38 Requires: which +# used in lxc-net script, but not all cases, may break working setups +Suggests: dnsmasq Suggests: gnupg Suggests: gnupg-plugin-keys_curl Suggests: gnupg-plugin-keys_hkp Suggests: net-tools -Suggests: python3-lxc Suggests: rsync BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) @@ -62,7 +81,7 @@ applications like bash or sshd. %description -l pl.UTF-8 Narzędzia do tworzenia i zarządzania kontenerami. System ten obejmuje -w pełni funkcjonalne kontenery z ilozacją/wirtualizacją pidów, ipc, +w pełni funkcjonalne kontenery z izolacją/wirtualizacją pidów, ipc, utsname, punktów montowania, /proc, /sys, sieci oraz uwzględniające grupy kontrolne. Jest bardzo lekki, elastyczny i udostępnia narzędzia do czynności związanych z kontenerami, takich jak monitorowanie z @@ -70,11 +89,37 @@ asynchronicznym powiadamianiem o zdarzeniach czy zamrażanie. Ten pakiet jest przydatny do tworzenia wirtualnych serwerów prywatnych oraz uruchamiania izolowanych aplikacji, takich jak bash czy sshd. +%package -n pam-pam_cgfs +Summary: PAM module to create user cgroups +Summary(pl.UTF-8): Moduł PAM do tworzenia cgroup użytkownika +Group: Libraries +Requires: pam + +%description -n pam-pam_cgfs +PAM module that when a user logs in, will create cgroups which the +user may administer. + +%description -n pam-pam_cgfs -l pl.UTF-8 +Moduł PAM, który przy logowaniu użytkownika tworzy cgroupy, którymi +użytkownik może administrować. + +%package libs +Summary: liblxc library +Summary(pl.UTF-8): Biblioteka liblxc +Group: Libraries +Conflicts: lxc < 2.0.4-2 + +%description libs +liblxc library. + +%description libs -l pl.UTF-8 +Biblioteka liblxc. + %package devel Summary: Header files for lxc library Summary(pl.UTF-8): Pliki nagłówkowe biblioteki lxc Group: Development/Libraries -Requires: %{name} = %{version}-%{release} +Requires: %{name}-libs = %{version}-%{release} %description devel Header files for lxc library. @@ -82,39 +127,27 @@ Header files for lxc library. %description devel -l pl.UTF-8 Pliki nagłówkowe biblioteki lxc. -%package -n lua-lxc -Summary: Lua binding for LXC -Summary(pl.UTF-8): Wiązanie Lua do LXC -Group: Libraries -Requires: %{name} = %{version}-%{release} -Requires: lua51-libs >= 5.1 - -%description -n lua-lxc -Lua binding for LXC. - -%description -n lua-lxc -l pl.UTF-8 -Wiązanie Lua do LXC. - -%package -n python3-lxc -Summary: Python (3.x) binding for LXC -Summary(pl.UTF-8): Wiązanie Pythona (3.x) do LXC -Group: Libraries -Requires: %{name} = %{version}-%{release} -Requires: python3-libs >= 3.2 -Requires: python3-modules +%package static +Summary: Static lxc library +Summary(pl.UTF-8): Statyczna biblioteka lxc +Group: Development/Libraries +Requires: %{name}-devel = %{version}-%{release} -%description -n python3-lxc -Python (3.x) binding for LXC. +%description static +Static lxc library. -%description -n python3-lxc -l pl.UTF-8 -Wiązanie Pythona (3.x) do LXC. +%description static -l pl.UTF-8 +Statyczna biblioteka lxc. %package -n bash-completion-%{name} Summary: bash-completion for LXC Summary(pl.UTF-8): bashowe uzupełnianie nazw dla LXC Group: Applications/Shells -Requires: %{name} +Requires: %{name} = %{version}-%{release} Requires: bash-completion +%if "%{_rpmversion}" >= "5" +BuildArch: noarch +%endif %description -n bash-completion-%{name} bash-completion for LXC. @@ -125,38 +158,40 @@ bashowe uzupełnianie nazw dla LXC. %prep %setup -q %patch1 -p1 +%patch2 -p1 cp -p %{SOURCE1} templates/lxc-pld.in %build +%{__libtoolize} %{__aclocal} -I config %{__autoconf} %{__autoheader} %{__automake} %configure \ + bashcompdir=%{bash_compdir} \ db2xman=docbook2X2man \ --disable-rpath \ + %{__enable_disable apparmor} \ --enable-bash \ + %{__enable_disable cgmanager} \ --enable-doc \ --enable-examples \ - %{__enable_disable apparmor} \ - %{__enable_disable lua} %{?with_lua:--with-lua-pc=lua51} \ - %{__enable_disable python} \ + %{?with_pam:--enable-pam} \ %{__enable_disable seccomp} \ %{__enable_disable selinux} \ --with-config-path=%{configpath} \ + --with-distro=pld \ --with-init-script=sysvinit,systemd \ - --with-runtime-path=/var/run \ - --with-distro=pld + --with-runtime-path=/var/run %{__make} %{__make} -C doc %install rm -rf $RPM_BUILD_ROOT -install -d $RPM_BUILD_ROOT{%{configpath},%{configpath}snap,/var/{cache,log}/lxc} \ - -d $RPM_BUILD_ROOT/etc/rc.d/init.d - +install -d $RPM_BUILD_ROOT{%{configpath},%{configpath}snap,/var/{cache,log}/lxc} \ + -d $RPM_BUILD_ROOT/etc/{rc.d/init.d,sysconfig} %{__make} install \ SYSTEMD_UNIT_DIR=%{systemdunitdir} \ @@ -166,6 +201,8 @@ install -d $RPM_BUILD_ROOT{%{configpath},%{configpath}snap,/var/{cache,log}/lxc} %{__make} -C doc install \ DESTDIR=$RPM_BUILD_ROOT +%{__rm} $RPM_BUILD_ROOT%{_libdir}/liblxc.la + %{__rm} -r $RPM_BUILD_ROOT%{_docdir} # apparmor profiles are not packaged, remove to avoid packagers confusion @@ -174,21 +211,31 @@ install -d $RPM_BUILD_ROOT{%{configpath},%{configpath}snap,/var/{cache,log}/lxc} # yum plugin, no idea where to package this %{__rm} $RPM_BUILD_ROOT%{_datadir}/%{name}/lxc-patch.py -install -p %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/lxc - -%if %{with python} -%py3_comp $RPM_BUILD_ROOT%{py3_sitedir}/lxc -%py3_ocomp $RPM_BUILD_ROOT%{py3_sitedir}/lxc -%endif -%if %{with lua} -%{__sed} -i -e '1s,#!/usr/bin/env lua,#!/usr/bin/lua5.1,' $RPM_BUILD_ROOT%{_bindir}/lxc-top -%endif +install -p %{SOURCE2} $RPM_BUILD_ROOT/etc/sysconfig/lxc_macvlan +install -p %{SOURCE3} $RPM_BUILD_ROOT%{_libexecdir}/%{name}/lxc_macvlan %clean rm -rf $RPM_BUILD_ROOT -%post -p /sbin/ldconfig -%postun -p /sbin/ldconfig +%post +/sbin/chkconfig --add lxc +/sbin/chkconfig --add lxc-net +%systemd_post lxc.service lxc-net.service + +%preun +if [ "$1" = "0" ]; then + %service lxc stop + /sbin/chkconfig --del lxc + %service lxc-net stop + /sbin/chkconfig --del lxc-net +fi +%systemd_preun lxc.service lxc-net.service + +%postun +%systemd_reload + +%post libs -p /sbin/ldconfig +%postun libs -p /sbin/ldconfig %files %defattr(644,root,root,755) @@ -197,52 +244,74 @@ rm -rf $RPM_BUILD_ROOT %attr(755,root,root) %{_bindir}/lxc-autostart %attr(755,root,root) %{_bindir}/lxc-cgroup %attr(755,root,root) %{_bindir}/lxc-checkconfig -%attr(755,root,root) %{_bindir}/lxc-clone +%attr(755,root,root) %{_bindir}/lxc-checkpoint +%attr(755,root,root) %{_bindir}/lxc-copy %attr(755,root,root) %{_bindir}/lxc-config %attr(755,root,root) %{_bindir}/lxc-console %attr(755,root,root) %{_bindir}/lxc-create %attr(755,root,root) %{_bindir}/lxc-destroy +%attr(755,root,root) %{_bindir}/lxc-device %attr(755,root,root) %{_bindir}/lxc-execute %attr(755,root,root) %{_bindir}/lxc-freeze %attr(755,root,root) %{_bindir}/lxc-info +%attr(755,root,root) %{_bindir}/lxc-ls %attr(755,root,root) %{_bindir}/lxc-monitor %attr(755,root,root) %{_bindir}/lxc-snapshot %attr(755,root,root) %{_bindir}/lxc-start %attr(755,root,root) %{_bindir}/lxc-stop +%attr(755,root,root) %{_bindir}/lxc-top %attr(755,root,root) %{_bindir}/lxc-unfreeze %attr(755,root,root) %{_bindir}/lxc-unshare +%attr(755,root,root) %{_bindir}/lxc-update-config %attr(755,root,root) %{_bindir}/lxc-usernsexec %attr(755,root,root) %{_bindir}/lxc-wait %attr(755,root,root) %{_sbindir}/init.lxc -%attr(755,root,root) %{_libdir}/liblxc.so.*.*.* -%attr(755,root,root) %ghost %{_libdir}/liblxc.so.1 +%if %{with static} +%attr(755,root,root) %{_sbindir}/init.lxc.static +%endif %attr(754,root,root) /etc/rc.d/init.d/lxc +%attr(754,root,root) /etc/rc.d/init.d/lxc-net + %{systemdunitdir}/lxc.service +%{systemdunitdir}/lxc@.service +%{systemdunitdir}/lxc-net.service %dir %{_libdir}/%{name} %dir %{_libdir}/%{name}/rootfs %{_libdir}/%{name}/rootfs/README -%attr(755,root,root) %{_libdir}/%{name}/lxc-devsetup -%attr(755,root,root) %{_libdir}/%{name}/lxc-monitord -%attr(755,root,root) %{_libdir}/%{name}/lxc-user-nic -%attr(755,root,root) %{_libdir}/%{name}/lxc-autostart-helper +%if "%{_libexecdir}" != "%{_libdir}" +%dir %{_libexecdir}/%{name} +%endif +%attr(755,root,root) %{_libexecdir}/%{name}/lxc-apparmor-load +%attr(755,root,root) %{_libexecdir}/%{name}/lxc-containers +%attr(755,root,root) %{_libexecdir}/%{name}/lxc-monitord +%attr(755,root,root) %{_libexecdir}/%{name}/lxc-net +%attr(755,root,root) %{_libexecdir}/%{name}/lxc-user-nic +%attr(755,root,root) %{_libexecdir}/%{name}/lxc_macvlan +%dir %{_libexecdir}/%{name}/hooks +%attr(755,root,root) %{_libexecdir}/%{name}/hooks/unmount-namespace %dir %{_sysconfdir}/lxc +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/lxc_macvlan +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/lxc %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/lxc/default.conf %dir %{_datadir}/%{name} %{_datadir}/%{name}/lxc.functions %dir %{_datadir}/%{name}/config -%{_datadir}/%{name}/config/centos.*.conf +%{_datadir}/%{name}/config/common.conf +%dir %{_datadir}/%{name}/config/common.conf.d +%{_datadir}/%{name}/config/common.conf.d/README %{_datadir}/%{name}/config/common.seccomp -%{_datadir}/%{name}/config/debian.*.conf -%{_datadir}/%{name}/config/fedora.*.conf -%{_datadir}/%{name}/config/gentoo.*.conf -%{_datadir}/%{name}/config/oracle.*.conf -%{_datadir}/%{name}/config/plamo.*.conf -%{_datadir}/%{name}/config/ubuntu-cloud.*.conf -%{_datadir}/%{name}/config/ubuntu.*.conf +%{_datadir}/%{name}/config/nesting.conf +%{_datadir}/%{name}/config/oci.common.conf +%{_datadir}/%{name}/config/userns.conf %dir %{_datadir}/%{name}/hooks +%dir %{_datadir}/%{name}/selinux +%{_datadir}/%{name}/selinux/* %dir %{_datadir}/%{name}/templates %attr(755,root,root) %{_datadir}/%{name}/hooks/clonehostname +%attr(755,root,root) %{_datadir}/%{name}/hooks/dhclient +%attr(755,root,root) %{_datadir}/%{name}/hooks/dhclient-script %attr(755,root,root) %{_datadir}/%{name}/hooks/mount* +%attr(755,root,root) %{_datadir}/%{name}/hooks/nvidia %attr(755,root,root) %{_datadir}/%{name}/hooks/squid-deb-proxy-client %attr(755,root,root) %{_datadir}/%{name}/hooks/ubuntu-cloud-prep %attr(755,root,root) %{_datadir}/%{name}/templates/lxc-* @@ -250,20 +319,25 @@ rm -rf $RPM_BUILD_ROOT %{_mandir}/man1/lxc-autostart.1* %{_mandir}/man1/lxc-cgroup.1* %{_mandir}/man1/lxc-checkconfig.1* -%{_mandir}/man1/lxc-clone.1* +%{_mandir}/man1/lxc-checkpoint.1* +%{_mandir}/man1/lxc-copy.1* %{_mandir}/man1/lxc-config.1* %{_mandir}/man1/lxc-console.1* %{_mandir}/man1/lxc-create.1* %{_mandir}/man1/lxc-destroy.1* +%{_mandir}/man1/lxc-device.1* %{_mandir}/man1/lxc-execute.1* %{_mandir}/man1/lxc-freeze.1* %{_mandir}/man1/lxc-info.1* +%{_mandir}/man1/lxc-ls.1* %{_mandir}/man1/lxc-monitor.1* %{_mandir}/man1/lxc-snapshot.1* %{_mandir}/man1/lxc-start.1* %{_mandir}/man1/lxc-stop.1* +%{_mandir}/man1/lxc-top.1* %{_mandir}/man1/lxc-unfreeze.1* %{_mandir}/man1/lxc-unshare.1* +%{_mandir}/man1/lxc-update-config.1* %{_mandir}/man1/lxc-user-nic.1* %{_mandir}/man1/lxc-usernsexec.1* %{_mandir}/man1/lxc-wait.1* @@ -278,57 +352,41 @@ rm -rf $RPM_BUILD_ROOT %lang(ja) %{_mandir}/ja/man5/lxc.container.conf.5* %lang(ja) %{_mandir}/ja/man5/lxc.system.conf.5* %lang(ja) %{_mandir}/ja/man7/lxc.7* -%exclude %{_mandir}/ja/man1/lxc-device.1* -%exclude %{_mandir}/ja/man1/lxc-ls.1* -%exclude %{_mandir}/ja/man1/lxc-start-ephemeral.1* -%exclude %{_mandir}/ja/man1/lxc-top.1* - - -%if %{without python} -# legacy version -%attr(755,root,root) %{_bindir}/lxc-ls -%{_mandir}/man1/lxc-ls.1* -%endif +%lang(ko) %{_mandir}/ko/man1/lxc*.1* +%lang(ko) %{_mandir}/ko/man5/lxc-usernet.5* +%lang(ko) %{_mandir}/ko/man5/lxc.conf.5* +%lang(ko) %{_mandir}/ko/man5/lxc.container.conf.5* +%lang(ko) %{_mandir}/ko/man5/lxc.system.conf.5* +%lang(ko) %{_mandir}/ko/man7/lxc.7* %dir %{configpath} %dir %{configpath}snap %dir %attr(750,root,root) /var/log/lxc %dir %attr(750,root,root) /var/cache/lxc +%if %{with pam} +%files -n pam-pam_cgfs +%defattr(644,root,root,755) +%attr(755,root,root) /%{_lib}/security/pam_cgfs.so +%{_mandir}/ja/man8/pam_cgfs.8* +%{_mandir}/man8/pam_cgfs.8* +%endif + +%files libs +%defattr(644,root,root,755) +%attr(755,root,root) %{_libdir}/liblxc.so.*.*.* +%attr(755,root,root) %ghost %{_libdir}/liblxc.so.1 + %files devel %defattr(644,root,root,755) %attr(755,root,root) %{_libdir}/liblxc.so %{_includedir}/lxc %{_pkgconfigdir}/lxc.pc -%if %{with lua} -%files -n lua-lxc +%files static %defattr(644,root,root,755) -%attr(755,root,root) %{_bindir}/lxc-top -%dir %{_libdir}/lua/lxc -%attr(755,root,root) %{_libdir}/lua/lxc/core.so -%{_datadir}/lua/lxc.lua -%{_mandir}/man1/lxc-top.1* -%lang(ja) %{_mandir}/ja/man1/lxc-top.1* -%endif - -%if %{with python} -%files -n python3-lxc -%defattr(644,root,root,755) -%attr(755,root,root) %{_bindir}/lxc-device -%attr(755,root,root) %{_bindir}/lxc-ls -%attr(755,root,root) %{_bindir}/lxc-start-ephemeral -%{py3_sitedir}/lxc -%attr(755,root,root) %{py3_sitedir}/_lxc.cpython-*.so -%{py3_sitedir}/_lxc-0.1-py*.egg-info -%{_mandir}/man1/lxc-device.1* -%{_mandir}/man1/lxc-ls.1* -%{_mandir}/man1/lxc-start-ephemeral.1* -%lang(ja) %{_mandir}/ja/man1/lxc-device.1* -%lang(ja) %{_mandir}/ja/man1/lxc-ls.1* -%lang(ja) %{_mandir}/ja/man1/lxc-start-ephemeral.1* -%endif +%{_libdir}/liblxc.a %files -n bash-completion-%{name} %defattr(644,root,root,755) -/etc/bash_completion.d/lxc +%{bash_compdir}/lxc