From d598e8eb565544f68408d6d26fc8b7f1f19e66af Mon Sep 17 00:00:00 2001 From: FollieHiyuki Date: Tue, 27 Sep 2022 23:51:26 +0700 Subject: [PATCH] testing/apptainer: upgrade to 1.1.2 Added apptainer-suid subpackage and secfixes for 1.1.2 release. Ref: - https://github.com/apptainer/apptainer/releases/tag/v1.1.2 - https://github.com/apptainer/apptainer/releases/tag/v1.1.0 --- testing/apptainer/APKBUILD | 40 ++++++++++++++++++++++++++------------ 1 file changed, 28 insertions(+), 12 deletions(-) diff --git a/testing/apptainer/APKBUILD b/testing/apptainer/APKBUILD index 6cae83d4f95..ad66b112711 100644 --- a/testing/apptainer/APKBUILD +++ b/testing/apptainer/APKBUILD @@ -1,16 +1,17 @@ # Contributor: Oleg Titov # Maintainer: Oleg Titov pkgname=apptainer -pkgver=1.0.3 -pkgrel=5 +pkgver=1.1.2 +pkgrel=0 pkgdesc="Application containers for Linux" url="https://apptainer.org/" -# aarch64: segmentation fault during build -# ppc64le: produces a non-PIE suid binary -arch="all !aarch64 !ppc64le" +arch="all" license="BSD-3-Clause AND BSD-3-Clause-LBNL" -options="suid !check" # no test suite from upstream -depends="squashfs-tools" +# Lots of tests fail due to: +# - no root privilege +# - no apptainer configuration at /etc/apptainer/apptainer.conf +options="suid !check" +depends="fakeroot squashfs-tools" makedepends=" bash cni-plugins @@ -18,11 +19,18 @@ makedepends=" go libseccomp-dev " -subpackages="$pkgname-doc $pkgname-bash-completion" +subpackages=" + $pkgname-doc + $pkgname-suid:_suid + $pkgname-bash-completion + " source="https://github.com/apptainer/apptainer/releases/download/v$pkgver/apptainer-$pkgver.tar.gz" +# secfixes: +# 1.1.2-r0: +# - CVE-2022-39237 + export GOPATH="$srcdir" -export GOFLAGS="$GOFLAGS -modcacherw -trimpath" export GOCACHE="${GOCACHE:-"$srcdir/go-cache"}" export GOTMPDIR="${GOTMPDIR:-"$srcdir"}" export GOMODCACHE="${GOMODCACHE:-"$srcdir/go"}" @@ -39,9 +47,10 @@ build() { --sysconfdir=/etc \ --mandir=/usr/share/man \ --localstatedir=/var \ - --without-network + --without-network \ + --with-suid - make -C builddir GOFLAGS="$GOFLAGS" + make -e -C builddir } package() { @@ -50,6 +59,13 @@ package() { install -Dm644 -t "$pkgdir"/usr/share/doc/$pkgname README.md } +_suid() { + pkgdesc="$pkgdesc (SUID helper binary)" + depends="$pkgname=$pkgver-r$pkgrel" + + amove usr/libexec/apptainer/bin/starter-suid +} + sha512sums=" -93ebe5abce32f35d56fe7d0f818703961cb7f7115965bad387fc895a275d45b569efeecf57ab5778457732233caa57651cd011a3bcac5ed5aaf2dd665082d959 apptainer-1.0.3.tar.gz +3fad253379a87ea790f22a14aec703296f606255d4ce847454a59f9dba0b9a6fc449489e7760c4696c1df90fc6abec198934310c1b762e33a83c72cafc7cb370 apptainer-1.1.2.tar.gz " -- GitLab