# # spec file for package lxc # # Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: lxc Version: 0.8.0 Release: 0. Url: http://lxc.sourceforge.net/ Summary: Lxc container implementation Group: System/Management AutoReqProv: on License: LGPL v2.1 only Source: http://lxc.sourceforge.net/download/lxc/%{name}-%{version}.tar.gz Source2: lxc.init Source3: lxc.cgroup_release_agent Source4: lxc-sles Source5: lxc-createconfig.in # PATCH-FIX-UPSTREAM lxc-config-path.patch fcrozat@suse.com -- allow to specify /etc/lxc as path to store configuration Patch0: lxc-config-path.patch # PATCH-FIX-OPENSUSE lxc-files_caps.patch bnc#720845 fcrozat@suse.com -- detect file_caps parameter Patch3: lxc-file_caps.patch # PATCH-FIX-SLES lxc-opensuse-sles-warning.patch fcrozat@suse.com -- reword warning when running openSUSE template under SLES Patch4: lxc-opensuse-sles-warning.patch # PATCH-FIX-UPSTREAM lxc-default-lvm-snapshot-to-ext3.patch fcrozat@suse.com -- use ext3 when using lvm snapshot Patch6: lxc-default-lvm-snapshot-to-ext3.patch # PATCH-FIX-UPSTREAM lxc-opensuse-clonefixes.patch fcrozat@suse.com -- various fixes in openSUSE template for lxc-clone Patch7: lxc-opensuse-clonefixes.patch # PATCH-FIX-UPSTREAM lxc-opensuse-tmpfs.patch fcrozat@suse.com -- fix shutdown in openSUSE container Patch8: lxc-opensuse-tmpfs.patch # PATCH-FIX-UPSTREAM lxc-cgroup-already-running.patch fcrozat@suse.com -- warn if container is already running Patch13: lxc-cgroup-already-running.patch # PATCH-FIX-UPSTREAM change-hwaddr-on-clone.patch fcrozat@suse.com -- update network address when cloning a container Patch14: change-hwaddr-on-clone.patch # PATCH-FIX-UPSTREAM 0001-Ensure-btrfs-subvolume-is-destroyed-on-error.patch fcrozat@suse.com -- ensure btrfs subvolume is destroyed on container creation fails Patch15: 0001-Ensure-btrfs-subvolume-is-destroyed-on-error.patch # PATCH-FIX-UPSTREAM lxc-cleanup_network_if_pinning_root_fs_fail.patch fcrozat@suse.com bnc#808219 -- Properly cleanup network devices if pinning root filesystem didn't work Patch16: lxc-cleanup_network_if_pinning_root_fs_fail.patch # PATCH-FIX-UPSTREAM lxc-fix-hierarchy.patch fcrozat@suse.com bnc#815662 -- correctly set hierarchy flag for memcgroup Patch17: lxc-fix-hierarchy.patch # PATCH-FIX-UPSTREAM fix-ia64-build.patch fcrozat@suse.com -- fix ia64 build Patch18: fix-ia64-build.patch # PATCH lxc-opensuse-CVE-2013-6441.patch tbehrens@suse.com -- fix priv escalation bnc#855809 Patch19: lxc-opensuse-CVE-2013-6441.patch # PATCH lxc-pty-permissions.patch tbehrens@suse.com -- backport wrong pty permissions bnc#869663 Patch20: lxc-pty-permissions.patch # PATCH-FIX-UPSTREAM CVE-2015-1335-Protect-container-mounts-against-symlinks.patch cbosdonnat@suse.com Patch21: CVE-2015-1335-Protect-container-mounts-against-symlinks.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: docbook-utils libcap-devel libcap-progs pkg-config BuildRequires: libapparmor-devel %if 0%{?suse_version} >= 1130 BuildRequires: linux-glibc-devel %else BuildRequires: linux-kernel-headers %endif Requires: /sbin/setcap Requires: rsync Requires(post): aaa_base %description It provides commands to create and manage containers. It contains a full featured container with the isolation/virtualization of the pids, the ipc, the utsname, the mount points, /proc, /sys, the network and it takes into account the control groups. It is very light, flexible, and provides a set of tools around the container like the monitoring with asynchronous events notification, or the freeze of the container. This package is useful to create Virtual Private Server, or to run isolated applications like bash or sshd. Authors: -------- Daniel Lezcano %package devel License: LGPL v2.1 only Summary: Development library for lxc Requires: %name = %version glibc-devel Group: Development/Libraries/C and C++ %description devel Lxc header files and library needed for development of containers. Authors: -------- Daniel Lezcano %prep %setup -q %patch0 -p1 %patch3 -p1 %patch4 -p1 %patch6 -p1 %patch7 -p1 %patch8 -p1 %patch13 -p1 %patch14 -p1 %patch15 -p1 %patch16 -p1 %patch17 -p1 %patch18 -p1 %patch19 -p0 %patch20 -p1 %patch21 -p1 %build export CFLAGS="-O0 -g3 -ggdb3" export CXXFLAGS=$CFLAGS %configure --disable-examples --with-config-path=/etc/lxc --docdir=%{_docdir}/%{name} --enable-apparmor %{__make} %{?jobs:-j%jobs} # copy to separate dir do we can use rpm's %doc rm -rf .doc mkdir -p .doc/examples cp doc/examples/*.conf .doc/examples %install %makeinstall install -d -m 755 %{buildroot}/var/lib/lxc %{buildroot}%{_sbindir} mkdir -p %{buildroot}/etc/lxc find $RPM_BUILD_ROOT -type f -name '*.la' -exec rm -f {} ';' %__install -Dm 755 %{S:2} %{buildroot}%{_initrddir}/lxc %__install -Dm 755 %{S:3} %{buildroot}%{_sbindir}/lxc_cgroup_release_agent %__install -Dm 755 %{S:4} %{buildroot}%{_datadir}/%{name}/templates/lxc-sles %__ln_s -f %{_initrddir}/lxc %{buildroot}%{_sbindir}/rc%name ./config.status --file=%{buildroot}%{_bindir}/lxc-createconfig:%{S:5} chmod a+x %{buildroot}%{_bindir}/lxc-createconfig %clean %__rm -rf %buildroot %post /sbin/ldconfig %fillup_and_insserv -f -Y boot.cgroup %fillup_and_insserv -f lxc /etc/init.d/boot.cgroup start 2>/dev/null >/dev/null || : %preun %stop_on_removal lxc %postun /sbin/ldconfig %insserv_cleanup %files %defattr(-,root,root) %doc AUTHORS MAINTAINERS COPYING README doc/FAQ.txt %doc .doc/examples %dir %{_sysconfdir}/lxc %{_initrddir}/lxc %{_sbindir}/rc%name %{_sbindir}/lxc_cgroup_release_agent %{_libdir}/liblxc.so.* %{_libdir}/%{name} %{_datadir}/%{name} %dir /var/lib/lxc %{_bindir}/%{name}-* %{_mandir}/man[^3]/* %files devel %defattr(-,root,root) %{_includedir}/%name %{_libdir}/lib%{name}.so %{_libdir}/pkgconfig/%{name}.pc %changelog