oci-systemd-hook: Uprev hook to latest

The selinux disable patch required changes as more setfilecon operations were added. The new upstream work is needed to allow the rootfs specification to continue working because runc no longer passes the "root" key as a part of the json configuration which is sent to a hook via stdin. Signed-off-by: Jason Wessel <jason.wessel@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
author: Jason Wessel <jason.wessel@windriver.com> 2017-07-13 10:09:05 -0700
committer: Bruce Ashfield <bruce.ashfield@windriver.com> 2017-07-13 13:53:58 -0400
commit: cc3d8b9268e8eca1128a7f5d6349d818211c2097 (patch)
tree: 89bea99b80f1010eb1d0516022a1fd58186e250d /recipes-containers/oci-systemd-hook
parent: 3c435ae8f0f9150dccd7d3a272323e3ee7f218d3 (diff)
download: meta-virtualization-cc3d8b9268e8eca1128a7f5d6349d818211c2097.tar.gz
2 files changed, 21 insertions, 16 deletions
diff --git a/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch b/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch
index 507cd08e..5016f6e7 100644
--- a/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch
+++ b/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch
@@ -5,25 +5,34 @@ Subject: [PATCH] selinux: drop selinux support
 Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
 ---
- src/systemdhook.c | 9 ---------
+ src/systemdhook.c |   12 ------------
- 1 file changed, 9 deletions(-)
+ 1 file changed, 12 deletions(-)
-diff --git a/src/systemdhook.c b/src/systemdhook.c
-index 274e5b910699..b9e8f1be376a 100644
 --- a/src/systemdhook.c
 +++ b/src/systemdhook.c
-@@ -14,7 +14,6 @@
+@@ -16,7 +16,6 @@
 #include <errno.h>
 #include <inttypes.h>
 #include <linux/limits.h>
 -#include <selinux/selinux.h>
 #include <yajl/yajl_tree.h>
+ #include <stdbool.h>
 
- #include "config.h"
+@@ -129,9 +128,6 @@ static int chperm(const char *path, cons
-@@ -538,14 +537,6 @@ static int prestart(const char *rootfs,
+                                closedir(dir);
+                                return -1;
                        }
-                }
+-                       if (setfilecon (full_path, label) < 0) {
+-                               pr_perror("Failed to set context %s on %s", label, full_path);
+-                       }
 
+                        if (doChown) {
+                                /* Change uid and gid to something the container can handle */
+@@ -496,14 +492,6 @@ static int prestart(const char *rootfs,
+                                return -1;
+                        }
+                }
+-
 -               if (strcmp("", mount_label)) {
 -                       rc = setfilecon(journal_dir, (security_context_t)mount_label);
 -                       if (rc < 0) {
@@ -31,10 +40,6 @@ index 274e5b910699..b9e8f1be376a 100644
 -                               return -1;
 -                       }
 -               }
-
+ 
-                if (makepath(cont_journal_dir, 0755) == -1) {
+                /* Attempt to creare /var/log/journal inside of rootfs,
-                        if (errno != EEXIST) {
+                   if successful, or directory exists, mount tmpfs on top of
-                                pr_perror("Failed to mkdir container journal dir: %s", cont_journal_dir);
-- 
-2.4.0.53.g8440f74
diff --git a/recipes-containers/oci-systemd-hook/oci-systemd-hook_git.bb b/recipes-containers/oci-systemd-hook/oci-systemd-hook_git.bb
index 872872a1..fc889053 100644
--- a/recipes-containers/oci-systemd-hook/oci-systemd-hook_git.bb
+++ b/recipes-containers/oci-systemd-hook/oci-systemd-hook_git.bb
@@ -6,7 +6,7 @@ PRIORITY = "optional"
 DEPENDS = "yajl util-linux"
-SRCREV = "ca515c1f399bd0b16e94b7c34aa1ef20498beca6"
+SRCREV = "1ac958a4197a9ea52174812fc7d7d036af8140d3"
 SRC_URI = "git://github.com/projectatomic/oci-systemd-hook \
           file://0001-selinux-drop-selinux-support.patch \
           file://0001-configure-drop-selinux-support.patch \
author	Jason Wessel <jason.wessel@windriver.com>	2017-07-13 10:09:05 -0700
committer	Bruce Ashfield <bruce.ashfield@windriver.com>	2017-07-13 13:53:58 -0400
commit	cc3d8b9268e8eca1128a7f5d6349d818211c2097 (patch)
tree	89bea99b80f1010eb1d0516022a1fd58186e250d /recipes-containers/oci-systemd-hook
parent	3c435ae8f0f9150dccd7d3a272323e3ee7f218d3 (diff)
download	meta-virtualization-cc3d8b9268e8eca1128a7f5d6349d818211c2097.tar.gz

diff --git a/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch b/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch index 507cd08e..5016f6e7 100644 --- a/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch +++ b/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch
@@ -5,25 +5,34 @@ Subject: [PATCH] selinux: drop selinux support
5		5
6	Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>	6	Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
7	---	7	---
8	src/systemdhook.c \| 9 ---------	8	src/systemdhook.c \| 12 ------------
9	1 file changed, 9 deletions(-)	9	1 file changed, 12 deletions(-)
10		10
11	diff --git a/src/systemdhook.c b/src/systemdhook.c
12	index 274e5b910699..b9e8f1be376a 100644
13	--- a/src/systemdhook.c	11	--- a/src/systemdhook.c
14	+++ b/src/systemdhook.c	12	+++ b/src/systemdhook.c
15	@@ -14,7 +14,6 @@	13	@@ -16,7 +16,6 @@
16	#include <errno.h>	14	#include <errno.h>
17	#include <inttypes.h>	15	#include <inttypes.h>
18	#include <linux/limits.h>	16	#include <linux/limits.h>
19	-#include <selinux/selinux.h>	17	-#include <selinux/selinux.h>
20	#include <yajl/yajl_tree.h>	18	#include <yajl/yajl_tree.h>
		19	#include <stdbool.h>
21		20
22	#include "config.h"	21	@@ -129,9 +128,6 @@ static int chperm(const char *path, cons
23	@@ -538,14 +537,6 @@ static int prestart(const char *rootfs,	22	closedir(dir);
		23	return -1;
24	}	24	}
25	}	25	- if (setfilecon (full_path, label) < 0) {
		26	- pr_perror("Failed to set context %s on %s", label, full_path);
		27	- }
26		28
		29	if (doChown) {
		30	/* Change uid and gid to something the container can handle */
		31	@@ -496,14 +492,6 @@ static int prestart(const char *rootfs,
		32	return -1;
		33	}
		34	}
		35	-
27	- if (strcmp("", mount_label)) {	36	- if (strcmp("", mount_label)) {
28	- rc = setfilecon(journal_dir, (security_context_t)mount_label);	37	- rc = setfilecon(journal_dir, (security_context_t)mount_label);
29	- if (rc < 0) {	38	- if (rc < 0) {
@@ -31,10 +40,6 @@ index 274e5b910699..b9e8f1be376a 100644
31	- return -1;	40	- return -1;
32	- }	41	- }
33	- }	42	- }
34	-	43
35	if (makepath(cont_journal_dir, 0755) == -1) {	44	/* Attempt to creare /var/log/journal inside of rootfs,
36	if (errno != EEXIST) {	45	if successful, or directory exists, mount tmpfs on top of
37	pr_perror("Failed to mkdir container journal dir: %s", cont_journal_dir);
38	--
39	2.4.0.53.g8440f74
40


diff --git a/recipes-containers/oci-systemd-hook/oci-systemd-hook_git.bb b/recipes-containers/oci-systemd-hook/oci-systemd-hook_git.bb index 872872a1..fc889053 100644 --- a/recipes-containers/oci-systemd-hook/oci-systemd-hook_git.bb +++ b/recipes-containers/oci-systemd-hook/oci-systemd-hook_git.bb
@@ -6,7 +6,7 @@ PRIORITY = "optional"
6		6
7	DEPENDS = "yajl util-linux"	7	DEPENDS = "yajl util-linux"
8		8
9	SRCREV = "ca515c1f399bd0b16e94b7c34aa1ef20498beca6"	9	SRCREV = "1ac958a4197a9ea52174812fc7d7d036af8140d3"
10	SRC_URI = "git://github.com/projectatomic/oci-systemd-hook \	10	SRC_URI = "git://github.com/projectatomic/oci-systemd-hook \
11	file://0001-selinux-drop-selinux-support.patch \	11	file://0001-selinux-drop-selinux-support.patch \
12	file://0001-configure-drop-selinux-support.patch \	12	file://0001-configure-drop-selinux-support.patch \