diff options
| author | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2018-09-29 17:41:20 +0300 |
|---|---|---|
| committer | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2018-09-29 18:37:42 +0300 |
| commit | 5d95627ba0fb5934ecac88c076affccea193c9b4 (patch) | |
| tree | 45417fe705fa18a8b0c7a2b178501f68330fdf9b /main | |
| parent | 003599bbda6663c8a6449ed6fdff67b243f4fa79 (diff) | |
| download | aports-5d95627ba0fb5934ecac88c076affccea193c9b4.tar.bz2 aports-5d95627ba0fb5934ecac88c076affccea193c9b4.tar.xz | |
main/lxc: make dropping setpcap optional
Diffstat (limited to 'main')
| -rw-r--r-- | main/lxc/APKBUILD | 4 | ||||
| -rw-r--r-- | main/lxc/make-dropping-setpcap-optional.patch | 24 |
2 files changed, 27 insertions, 1 deletions
diff --git a/main/lxc/APKBUILD b/main/lxc/APKBUILD index 760694f6ed..bd4a49accf 100644 --- a/main/lxc/APKBUILD +++ b/main/lxc/APKBUILD @@ -5,7 +5,7 @@ pkgname=lxc pkgver=2.1.1 _pkgver=${pkgver/_rc/.rc} -pkgrel=9 +pkgrel=10 pkgdesc="Userspace interface for the Linux kernel containment features" url="https://linuxcontainers.org/lxc/" arch="all" @@ -21,6 +21,7 @@ subpackages="$pkgname-dev $pkgname-doc $pkgname-lvm::noarch lua5.3-lxc:_lua53 py3-$pkgname:_py3 $pkgname-bridge::noarch $pkgname-bash-completion:bashcomp:noarch" source="https://github.com/lxc/lxc/archive/lxc-$_pkgver.tar.gz 0001-do_lxcapi_create-set-umask.patch + make-dropping-setpcap-optional.patch add-support-for-s390x-in-template.patch version.patch lxc.initd @@ -168,6 +169,7 @@ bashcomp() { sha512sums="205d30a8914013f3d31bdcae9786a13b6728ae0d3630f51c644f06e1e96d03631630569a0ce55764ff7b8ee1d1d4d723926fdb2b916396aea212d9c3040b45ab lxc-2.1.1.tar.gz 029473d929e74c53f27982e713eae151e4b6c61635c4b38c16510b2fa996ea6ed96f29df131e9c58ab155631fc71eeb9cd5b46bcc051a99256c1dce4b0d4d7a5 0001-do_lxcapi_create-set-umask.patch +9000f5dc0614dfbd840c3c5e0f6a6555bd8adbc63d4ec7d70448e354d2e7f6dd13ab09d88a36fbd66181cf3cb6db2f820c43d1f2ce8fce58d19e0bc379be1d9a make-dropping-setpcap-optional.patch ba540402a7d9411f1ff43e6d7e713a02ecdfc7a387d844dc972466ba6c5ca524e67b1db0e88beb9a2e388f074d0cf5395a7fdb543395f808c15ec64e15ff3c0b add-support-for-s390x-in-template.patch e2ffcbf55447291a8434a4f37255c3a6a119bc4116c75d205006aa2b070bf6be28535cf6107bead14bbf64bf9fa415346ab544bd1c15e1add7d1c6380e6b2def version.patch b74ffe7c3e8f193265a90ffeb6e5743b1212bc1416b898e5a7e59ddd7f06fc77dc34e2dcbb3614038ac6222a95e2b9beb9f03ab734c991837203ab626b1b091f lxc.initd diff --git a/main/lxc/make-dropping-setpcap-optional.patch b/main/lxc/make-dropping-setpcap-optional.patch new file mode 100644 index 0000000000..5288d8f3b4 --- /dev/null +++ b/main/lxc/make-dropping-setpcap-optional.patch @@ -0,0 +1,24 @@ +--- lxc-lxc-2.1.1/config/templates/alpine.common.conf.in ++++ lxc-lxc-2.1.1.setpcap/config/templates/alpine.common.conf.in +@@ -8,7 +8,6 @@ + lxc.cap.drop = audit_write + lxc.cap.drop = ipc_owner + lxc.cap.drop = mknod +-lxc.cap.drop = setpcap + lxc.cap.drop = sys_nice + lxc.cap.drop = sys_pacct + lxc.cap.drop = sys_ptrace +Only in lxc-lxc-2.1.1.setpcap: config/templates/alpine.common.conf.in.orig +--- lxc-lxc-2.1.1/templates/lxc-alpine.in ++++ lxc-lxc-2.1.1.setpcap/templates/lxc-alpine.in +@@ -398,6 +398,9 @@ + # hostname(1). + lxc.cap.drop = sys_admin + ++ # Comment this out if required by your applications. ++ lxc.cap.drop = setpcap ++ + # Include common configuration. + lxc.include = $LXC_TEMPLATE_CONFIG/alpine.common.conf + EOF +Only in lxc-lxc-2.1.1.setpcap: templates/lxc-alpine.in.orig |