diff options
Diffstat (limited to 'import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook')
3 files changed, 0 insertions, 146 deletions
diff --git a/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-Add-additional-cgroup-mounts-from-root-NS-automatica.patch b/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-Add-additional-cgroup-mounts-from-root-NS-automatica.patch deleted file mode 100644 index 753a77d11..000000000 --- a/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-Add-additional-cgroup-mounts-from-root-NS-automatica.patch +++ /dev/null @@ -1,76 +0,0 @@ -From f59cddcedd6535e0b809ec9b4e95672d34b41a16 Mon Sep 17 00:00:00 2001 -From: Jason Wessel <jason.wessel@windriver.com> -Date: Tue, 14 Nov 2017 07:41:41 -0800 -Subject: [PATCH] Add additional cgroup mounts from root NS automatically - -Signed-off-by: Jason Wessel <jason.wessel@windriver.com> ---- - src/systemdhook.c | 45 +++++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 45 insertions(+) - -diff --git a/src/systemdhook.c b/src/systemdhook.c -index 78575ef..f735484 100644 ---- a/src/systemdhook.c -+++ b/src/systemdhook.c -@@ -238,6 +238,11 @@ static char *get_process_cgroup_subsystem_path(int pid, const char *subsystem) { - static int mount_cgroup(const char *rootfs, const char *options, char *systemd_path) - { - _cleanup_free_ char *cgroup_path = NULL; -+ char *spath, *dpath; -+ DIR *dir; -+ struct dirent *d; -+ char link[80]; -+ int got; - - if (asprintf(&cgroup_path, "%s/%s", rootfs, CGROUP_ROOT) < 0) { - pr_perror("Failed to create path for %s", CGROUP_ROOT); -@@ -256,6 +261,46 @@ static int mount_cgroup(const char *rootfs, const char *options, char *systemd_p - pr_perror("Failed to mkdir new dest: %s", systemd_path); - return -1; - } -+ /* Create all additional cgroup mounts which are in the root namespace */ -+ dir = opendir(CGROUP_ROOT); -+ if (!dir) { -+ pr_perror("Failed to open %s", CGROUP_ROOT); -+ return -1; -+ } -+ /* Skip "." and ".." */ -+ readdir(dir); -+ readdir(dir); -+ while ((d = readdir(dir))) { -+ /* Systemd is already handled above */ -+ if (strcmp(d->d_name, "systemd") == 0) { -+ continue; -+ } -+ if (asprintf(&spath, "%s/%s", CGROUP_ROOT, d->d_name) < 0) { -+ pr_perror("Failed to create path for %s", d->d_name); -+ return -1; -+ } -+ if (asprintf(&dpath, "%s%s/%s", rootfs, CGROUP_ROOT, d->d_name) < 0) { -+ pr_perror("Failed to create path for %s", d->d_name); -+ return -1; -+ } -+ got = readlink(spath, link, sizeof(link) - 1); -+ if (got > 0) { -+ link[got] = '\0'; -+ symlink(link, dpath); -+ } else { -+ if ((makepath(dpath, 0755) == -1) && (errno != EEXIST)) { -+ pr_perror("Failed to mkdir new dest: %s", dpath); -+ return -1; -+ } -+ if (bind_mount(spath, dpath, false)) { -+ pr_perror("Failed to bind mount %s on %s", spath, dpath); -+ return -1; -+ } -+ } -+ free(spath); -+ free(dpath); -+ } -+ closedir(dir); - if (mount(cgroup_path, cgroup_path, "bind", MS_REMOUNT|MS_BIND|MS_RDONLY, "") == -1) { - pr_perror("Failed to remount %s readonly", cgroup_path); - return -1; --- -2.11.0 - diff --git a/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-configure-drop-selinux-support.patch b/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-configure-drop-selinux-support.patch deleted file mode 100644 index 510126e40..000000000 --- a/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-configure-drop-selinux-support.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 12c263703a0b0ae92566de7e5440fce7b59cd9be Mon Sep 17 00:00:00 2001 -From: Bruce Ashfield <bruce.ashfield@windriver.com> -Date: Tue, 8 Nov 2016 13:16:19 -0500 -Subject: [PATCH] configure: drop selinux support - -Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> ---- - configure.ac | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index c1275acb253d..eaba7fbb57e2 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -8,7 +8,6 @@ AC_USE_SYSTEM_EXTENSIONS - AC_SYS_LARGEFILE - - PKG_CHECK_MODULES([YAJL], [yajl >= 2.0.0]) --PKG_CHECK_MODULES([SELINUX], [libselinux >= 2.0.0]) - PKG_CHECK_MODULES([LIBMOUNT], [mount >= 2.23.0]) - - AC_MSG_CHECKING([whether to disable argument checking]) --- -2.4.0.53.g8440f74 - diff --git a/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch b/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch deleted file mode 100644 index 5016f6e75..000000000 --- a/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 9b66394c712ec0d0fcb2052baa7f590621a53461 Mon Sep 17 00:00:00 2001 -From: Bruce Ashfield <bruce.ashfield@windriver.com> -Date: Tue, 8 Nov 2016 13:15:46 -0500 -Subject: [PATCH] selinux: drop selinux support - -Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> ---- - src/systemdhook.c | 12 ------------ - 1 file changed, 12 deletions(-) - ---- a/src/systemdhook.c -+++ b/src/systemdhook.c -@@ -16,7 +16,6 @@ - #include <errno.h> - #include <inttypes.h> - #include <linux/limits.h> --#include <selinux/selinux.h> - #include <yajl/yajl_tree.h> - #include <stdbool.h> - -@@ -129,9 +128,6 @@ static int chperm(const char *path, cons - closedir(dir); - return -1; - } -- if (setfilecon (full_path, label) < 0) { -- pr_perror("Failed to set context %s on %s", label, full_path); -- } - - if (doChown) { - /* Change uid and gid to something the container can handle */ -@@ -496,14 +492,6 @@ static int prestart(const char *rootfs, - return -1; - } - } -- -- if (strcmp("", mount_label)) { -- rc = setfilecon(journal_dir, (security_context_t)mount_label); -- if (rc < 0) { -- pr_perror("Failed to set journal dir selinux context"); -- return -1; -- } -- } - - /* Attempt to creare /var/log/journal inside of rootfs, - if successful, or directory exists, mount tmpfs on top of |