summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--recipes-containers/podman-tui/files/0001-vendor-remove-duplicate-unshare-C-symbols.patch496
-rw-r--r--recipes-containers/podman-tui/podman-tui_git.bb10
2 files changed, 501 insertions, 5 deletions
diff --git a/recipes-containers/podman-tui/files/0001-vendor-remove-duplicate-unshare-C-symbols.patch b/recipes-containers/podman-tui/files/0001-vendor-remove-duplicate-unshare-C-symbols.patch
new file mode 100644
index 00000000..5f40fb46
--- /dev/null
+++ b/recipes-containers/podman-tui/files/0001-vendor-remove-duplicate-unshare-C-symbols.patch
@@ -0,0 +1,496 @@
1From 11c63f5207494cd4eb327ab0ddf62acc4c0c6789 Mon Sep 17 00:00:00 2001
2From: Bruce Ashfield <bruce.ashfield@gmail.com>
3Date: Mon, 23 Mar 2026 14:47:55 +0000
4Subject: [PATCH] vendor: remove duplicate unshare C symbols from old storage
5 path
6
7The containers/storage module has been rehosted to go.podman.io/storage.
8Both the old (github.com/containers/storage) and new (go.podman.io/storage)
9module paths are vendored, each containing unshare.c which defines the
10_containers_unshare symbol. This causes a linker error:
11
12 multiple definition of `_containers_unshare`
13
14Remove the C files from the old vendor path since go.podman.io/storage
15provides the same symbols.
16
17Upstream-Status: Inappropriate [embedded specific]
18
19Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
20---
21 .../containers/storage/pkg/unshare/unshare.c | 379 ------------------
22 .../storage/pkg/unshare/unshare_freebsd.c | 76 ----
23 2 files changed, 455 deletions(-)
24 delete mode 100644 vendor/github.com/containers/storage/pkg/unshare/unshare.c
25 delete mode 100644 vendor/github.com/containers/storage/pkg/unshare/unshare_freebsd.c
26
27diff --git a/vendor/github.com/containers/storage/pkg/unshare/unshare.c b/vendor/github.com/containers/storage/pkg/unshare/unshare.c
28deleted file mode 100644
29index a2800654..00000000
30--- a/vendor/github.com/containers/storage/pkg/unshare/unshare.c
31+++ /dev/null
32@@ -1,379 +0,0 @@
33-#if !defined(UNSHARE_NO_CODE_AT_ALL) && defined(__linux__)
34-
35-#define _GNU_SOURCE
36-#include <sys/types.h>
37-#include <sys/ioctl.h>
38-#include <sys/stat.h>
39-#include <sys/syscall.h>
40-#include <sys/mman.h>
41-#include <fcntl.h>
42-#include <grp.h>
43-#include <sched.h>
44-#include <stdio.h>
45-#include <stdlib.h>
46-#include <string.h>
47-#include <termios.h>
48-#include <errno.h>
49-#include <unistd.h>
50-#include <libgen.h>
51-#include <sys/vfs.h>
52-#include <sys/mount.h>
53-#include <linux/limits.h>
54-
55-/* Open Source projects like conda-forge, want to package podman and are based
56- off of centos:6, Conda-force has minimal libc requirements and is lacking
57- the memfd.h file, so we use mmam.h
58-*/
59-#ifndef MFD_ALLOW_SEALING
60-#define MFD_ALLOW_SEALING 2U
61-#endif
62-#ifndef MFD_CLOEXEC
63-#define MFD_CLOEXEC 1U
64-#endif
65-
66-#ifndef F_LINUX_SPECIFIC_BASE
67-#define F_LINUX_SPECIFIC_BASE 1024
68-#endif
69-#ifndef F_ADD_SEALS
70-#define F_ADD_SEALS (F_LINUX_SPECIFIC_BASE + 9)
71-#define F_GET_SEALS (F_LINUX_SPECIFIC_BASE + 10)
72-#endif
73-#ifndef F_SEAL_SEAL
74-#define F_SEAL_SEAL 0x0001LU
75-#endif
76-#ifndef F_SEAL_SHRINK
77-#define F_SEAL_SHRINK 0x0002LU
78-#endif
79-#ifndef F_SEAL_GROW
80-#define F_SEAL_GROW 0x0004LU
81-#endif
82-#ifndef F_SEAL_WRITE
83-#define F_SEAL_WRITE 0x0008LU
84-#endif
85-
86-#define BUFSTEP 1024
87-
88-static const char *_max_user_namespaces = "/proc/sys/user/max_user_namespaces";
89-static const char *_unprivileged_user_namespaces = "/proc/sys/kernel/unprivileged_userns_clone";
90-
91-static int _containers_unshare_parse_envint(const char *envname) {
92- char *p, *q;
93- long l;
94-
95- p = getenv(envname);
96- if (p == NULL) {
97- return -1;
98- }
99- q = NULL;
100- l = strtol(p, &q, 10);
101- if ((q == NULL) || (*q != '\0')) {
102- fprintf(stderr, "Error parsing \"%s\"=\"%s\"!\n", envname, p);
103- _exit(1);
104- }
105- unsetenv(envname);
106- return l;
107-}
108-
109-static void _check_proc_sys_file(const char *path)
110-{
111- FILE *fp;
112- char buf[32];
113- size_t n_read;
114- long r;
115-
116- fp = fopen(path, "r");
117- if (fp == NULL) {
118- if (errno != ENOENT)
119- fprintf(stderr, "Error reading %s: %m\n", _max_user_namespaces);
120- } else {
121- memset(buf, 0, sizeof(buf));
122- n_read = fread(buf, 1, sizeof(buf) - 1, fp);
123- if (n_read > 0) {
124- r = atoi(buf);
125- if (r == 0) {
126- fprintf(stderr, "User namespaces are not enabled in %s.\n", path);
127- }
128- } else {
129- fprintf(stderr, "Error reading %s: no contents, should contain a number greater than 0.\n", path);
130- }
131- fclose(fp);
132- }
133-}
134-
135-static char **parse_proc_stringlist(const char *list) {
136- int fd, n, i, n_strings;
137- char *buf, *new_buf, **ret;
138- size_t size, new_size, used;
139-
140- fd = open(list, O_RDONLY);
141- if (fd == -1) {
142- return NULL;
143- }
144- buf = NULL;
145- size = 0;
146- used = 0;
147- for (;;) {
148- new_size = used + BUFSTEP;
149- new_buf = realloc(buf, new_size);
150- if (new_buf == NULL) {
151- free(buf);
152- fprintf(stderr, "realloc(%ld): out of memory\n", (long)(size + BUFSTEP));
153- return NULL;
154- }
155- buf = new_buf;
156- size = new_size;
157- memset(buf + used, '\0', size - used);
158- n = read(fd, buf + used, size - used - 1);
159- if (n < 0) {
160- fprintf(stderr, "read(): %m\n");
161- return NULL;
162- }
163- if (n == 0) {
164- break;
165- }
166- used += n;
167- }
168- close(fd);
169- n_strings = 0;
170- for (n = 0; n < used; n++) {
171- if ((n == 0) || (buf[n-1] == '\0')) {
172- n_strings++;
173- }
174- }
175- ret = calloc(n_strings + 1, sizeof(char *));
176- if (ret == NULL) {
177- fprintf(stderr, "calloc(): out of memory\n");
178- return NULL;
179- }
180- i = 0;
181- for (n = 0; n < used; n++) {
182- if ((n == 0) || (buf[n-1] == '\0')) {
183- ret[i++] = &buf[n];
184- }
185- }
186- ret[i] = NULL;
187- return ret;
188-}
189-
190-/*
191- * Taken from the runc cloned_binary.c file
192- * Copyright (C) 2019 Aleksa Sarai <cyphar@cyphar.com>
193- * Copyright (C) 2019 SUSE LLC
194- *
195- * This work is dual licensed under the following licenses. You may use,
196- * redistribute, and/or modify the work under the conditions of either (or
197- * both) licenses.
198- *
199- * === Apache-2.0 ===
200- */
201-static int try_bindfd(void)
202-{
203- int fd, ret = -1;
204- char src[PATH_MAX] = {0};
205- char template[64] = {0};
206-
207- strncpy(template, "/tmp/containers.XXXXXX", sizeof(template) - 1);
208-
209- /*
210- * We need somewhere to mount it, mounting anything over /proc/self is a
211- * BAD idea on the host -- even if we do it temporarily.
212- */
213- fd = mkstemp(template);
214- if (fd < 0)
215- return ret;
216- close(fd);
217-
218- ret = -EPERM;
219-
220- if (readlink("/proc/self/exe", src, sizeof (src) - 1) < 0)
221- goto out;
222-
223- if (mount(src, template, NULL, MS_BIND, NULL) < 0)
224- goto out;
225- if (mount(NULL, template, NULL, MS_REMOUNT | MS_BIND | MS_RDONLY, NULL) < 0)
226- goto out_umount;
227-
228- /* Get read-only handle that we're sure can't be made read-write. */
229- ret = open(template, O_PATH | O_CLOEXEC);
230-
231-out_umount:
232- /*
233- * Make sure the MNT_DETACH works, otherwise we could get remounted
234- * read-write and that would be quite bad (the fd would be made read-write
235- * too, invalidating the protection).
236- */
237- if (umount2(template, MNT_DETACH) < 0) {
238- if (ret >= 0)
239- close(ret);
240- ret = -ENOTRECOVERABLE;
241- }
242-
243-out:
244- /*
245- * We don't care about unlink errors, the worst that happens is that
246- * there's an empty file left around in STATEDIR.
247- */
248- unlink(template);
249- return ret;
250-}
251-
252-static int copy_self_proc_exe(char **argv) {
253- char *exename;
254- int fd, mmfd, n_read, n_written;
255- struct stat st;
256- char buf[2048];
257-
258- fd = open("/proc/self/exe", O_RDONLY | O_CLOEXEC);
259- if (fd == -1) {
260- fprintf(stderr, "open(\"/proc/self/exe\"): %m\n");
261- return -1;
262- }
263- if (fstat(fd, &st) == -1) {
264- fprintf(stderr, "fstat(\"/proc/self/exe\"): %m\n");
265- close(fd);
266- return -1;
267- }
268- exename = basename(argv[0]);
269- mmfd = syscall(SYS_memfd_create, exename, (long) MFD_ALLOW_SEALING | MFD_CLOEXEC);
270- if (mmfd == -1) {
271- fprintf(stderr, "memfd_create(): %m\n");
272- goto close_fd;
273- }
274- for (;;) {
275- n_read = read(fd, buf, sizeof(buf));
276- if (n_read < 0) {
277- fprintf(stderr, "read(\"/proc/self/exe\"): %m\n");
278- return -1;
279- }
280- if (n_read == 0) {
281- break;
282- }
283- n_written = write(mmfd, buf, n_read);
284- if (n_written < 0) {
285- fprintf(stderr, "write(anonfd): %m\n");
286- goto close_fd;
287- }
288- if (n_written != n_read) {
289- fprintf(stderr, "write(anonfd): short write (%d != %d)\n", n_written, n_read);
290- goto close_fd;
291- }
292- }
293- close(fd);
294- if (fcntl(mmfd, F_ADD_SEALS, F_SEAL_SHRINK | F_SEAL_GROW | F_SEAL_WRITE | F_SEAL_SEAL) == -1) {
295- fprintf(stderr, "Close_Fd sealing memfd copy: %m\n");
296- goto close_mmfd;
297- }
298-
299- return mmfd;
300-
301-close_fd:
302- close(fd);
303-close_mmfd:
304- close(mmfd);
305- return -1;
306-}
307-static int containers_reexec(int flags) {
308- char **argv;
309- int fd = -1;
310-
311- argv = parse_proc_stringlist("/proc/self/cmdline");
312- if (argv == NULL) {
313- return -1;
314- }
315-
316- if (flags & CLONE_NEWNS)
317- fd = try_bindfd();
318- if (fd < 0)
319- fd = copy_self_proc_exe(argv);
320- if (fd < 0)
321- return fd;
322-
323- if (fexecve(fd, argv, environ) == -1) {
324- close(fd);
325- fprintf(stderr, "Error during reexec(...): %m\n");
326- return -1;
327- }
328- close(fd);
329- return 0;
330-}
331-
332-void _containers_unshare(void)
333-{
334- int flags, pidfd, continuefd, n, pgrp, sid, ctty;
335- char buf[2048];
336-
337- flags = _containers_unshare_parse_envint("_Containers-unshare");
338- if (flags == -1) {
339- return;
340- }
341- if ((flags & CLONE_NEWUSER) != 0) {
342- if (unshare(CLONE_NEWUSER) == -1) {
343- fprintf(stderr, "Error during unshare(CLONE_NEWUSER): %m\n");
344- _check_proc_sys_file (_max_user_namespaces);
345- _check_proc_sys_file (_unprivileged_user_namespaces);
346- _exit(1);
347- }
348- }
349- pidfd = _containers_unshare_parse_envint("_Containers-pid-pipe");
350- if (pidfd != -1) {
351- snprintf(buf, sizeof(buf), "%llu", (unsigned long long) getpid());
352- size_t size = write(pidfd, buf, strlen(buf));
353- if (size != strlen(buf)) {
354- fprintf(stderr, "Error writing PID to pipe on fd %d: %m\n", pidfd);
355- _exit(1);
356- }
357- close(pidfd);
358- }
359- continuefd = _containers_unshare_parse_envint("_Containers-continue-pipe");
360- if (continuefd != -1) {
361- n = read(continuefd, buf, sizeof(buf));
362- if (n > 0) {
363- fprintf(stderr, "Error: %.*s\n", n, buf);
364- _exit(1);
365- }
366- close(continuefd);
367- }
368- sid = _containers_unshare_parse_envint("_Containers-setsid");
369- if (sid == 1) {
370- if (setsid() == -1) {
371- fprintf(stderr, "Error during setsid: %m\n");
372- _exit(1);
373- }
374- }
375- pgrp = _containers_unshare_parse_envint("_Containers-setpgrp");
376- if (pgrp == 1) {
377- if (setpgrp() == -1) {
378- fprintf(stderr, "Error during setpgrp: %m\n");
379- _exit(1);
380- }
381- }
382- ctty = _containers_unshare_parse_envint("_Containers-ctty");
383- if (ctty != -1) {
384- if (ioctl(ctty, TIOCSCTTY, 0) == -1) {
385- fprintf(stderr, "Error while setting controlling terminal to %d: %m\n", ctty);
386- _exit(1);
387- }
388- }
389- if ((flags & CLONE_NEWUSER) != 0) {
390- if (setresgid(0, 0, 0) != 0) {
391- fprintf(stderr, "Error during setresgid(0): %m\n");
392- _exit(1);
393- }
394- if (setresuid(0, 0, 0) != 0) {
395- fprintf(stderr, "Error during setresuid(0): %m\n");
396- _exit(1);
397- }
398- }
399- if ((flags & ~CLONE_NEWUSER) != 0) {
400- if (unshare(flags & ~CLONE_NEWUSER) == -1) {
401- fprintf(stderr, "Error during unshare(...): %m\n");
402- _exit(1);
403- }
404- }
405- if (containers_reexec(flags) != 0) {
406- _exit(1);
407- }
408- return;
409-}
410-
411-#endif // !UNSHARE_NO_CODE_AT_ALL
412diff --git a/vendor/github.com/containers/storage/pkg/unshare/unshare_freebsd.c b/vendor/github.com/containers/storage/pkg/unshare/unshare_freebsd.c
413deleted file mode 100644
414index 0b2f1788..00000000
415--- a/vendor/github.com/containers/storage/pkg/unshare/unshare_freebsd.c
416+++ /dev/null
417@@ -1,76 +0,0 @@
418-#if !defined(UNSHARE_NO_CODE_AT_ALL) && defined(__FreeBSD__)
419-
420-
421-#include <sys/types.h>
422-#include <sys/ioctl.h>
423-#include <stdlib.h>
424-#include <stdio.h>
425-#include <string.h>
426-#include <unistd.h>
427-
428-static int _containers_unshare_parse_envint(const char *envname) {
429- char *p, *q;
430- long l;
431-
432- p = getenv(envname);
433- if (p == NULL) {
434- return -1;
435- }
436- q = NULL;
437- l = strtol(p, &q, 10);
438- if ((q == NULL) || (*q != '\0')) {
439- fprintf(stderr, "Error parsing \"%s\"=\"%s\"!\n", envname, p);
440- _exit(1);
441- }
442- unsetenv(envname);
443- return l;
444-}
445-
446-void _containers_unshare(void)
447-{
448- int pidfd, continuefd, n, pgrp, sid, ctty;
449- char buf[2048];
450-
451- pidfd = _containers_unshare_parse_envint("_Containers-pid-pipe");
452- if (pidfd != -1) {
453- snprintf(buf, sizeof(buf), "%llu", (unsigned long long) getpid());
454- size_t size = write(pidfd, buf, strlen(buf));
455- if (size != strlen(buf)) {
456- fprintf(stderr, "Error writing PID to pipe on fd %d: %m\n", pidfd);
457- _exit(1);
458- }
459- close(pidfd);
460- }
461- continuefd = _containers_unshare_parse_envint("_Containers-continue-pipe");
462- if (continuefd != -1) {
463- n = read(continuefd, buf, sizeof(buf));
464- if (n > 0) {
465- fprintf(stderr, "Error: %.*s\n", n, buf);
466- _exit(1);
467- }
468- close(continuefd);
469- }
470- sid = _containers_unshare_parse_envint("_Containers-setsid");
471- if (sid == 1) {
472- if (setsid() == -1) {
473- fprintf(stderr, "Error during setsid: %m\n");
474- _exit(1);
475- }
476- }
477- pgrp = _containers_unshare_parse_envint("_Containers-setpgrp");
478- if (pgrp == 1) {
479- if (setpgrp(0, 0) == -1) {
480- fprintf(stderr, "Error during setpgrp: %m\n");
481- _exit(1);
482- }
483- }
484- ctty = _containers_unshare_parse_envint("_Containers-ctty");
485- if (ctty != -1) {
486- if (ioctl(ctty, TIOCSCTTY, 0) == -1) {
487- fprintf(stderr, "Error while setting controlling terminal to %d: %m\n", ctty);
488- _exit(1);
489- }
490- }
491-}
492-
493-#endif
494--
4952.43.0
496
diff --git a/recipes-containers/podman-tui/podman-tui_git.bb b/recipes-containers/podman-tui/podman-tui_git.bb
index 2cca88cf..f9826906 100644
--- a/recipes-containers/podman-tui/podman-tui_git.bb
+++ b/recipes-containers/podman-tui/podman-tui_git.bb
@@ -17,11 +17,11 @@ DEPENDS = " \
17 libgpg-error \ 17 libgpg-error \
18" 18"
19 19
20SRCREV_FORMAT = "podmantui_storage" 20SRCREV_FORMAT = "podmantui"
21SRCREV_podmantui = "cf7555261ac4963e2aba3b55fe487b28b4cc6338" 21SRCREV_podmantui = "84a58100eb760e793b7af5e904e789062d3ccb64"
22SRCREV_storage = "246ba3062e8b551026aef2708eee747014ce5c52"
23SRC_URI = " \ 22SRC_URI = " \
24 git://github.com/containers/podman-tui;protocol=https;name=podmantui;branch=release-v1.8;destsuffix=${GO_SRCURI_DESTSUFFIX} \ 23 git://github.com/containers/podman-tui;protocol=https;name=podmantui;branch=release-v1.11;destsuffix=${GO_SRCURI_DESTSUFFIX} \
24 file://0001-vendor-remove-duplicate-unshare-C-symbols.patch;patchdir=src/import \
25" 25"
26# Due to some other API changes, we can't directly import containers/storage at 26# Due to some other API changes, we can't directly import containers/storage at
27# the right commit, so we instead extract a patch and apply it to the tree 27# the right commit, so we instead extract a patch and apply it to the tree
@@ -32,7 +32,7 @@ LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=86d3f3a95c324c9479bd8986968f43
32 32
33GO_IMPORT = "import" 33GO_IMPORT = "import"
34 34
35PV = "v1.8.1+git" 35PV = "1.11.1+git"
36 36
37PODMAN_PKG = "github.com/containers/podman-tui" 37PODMAN_PKG = "github.com/containers/podman-tui"
38 38