Index: head/sysutils/iocage/Makefile =================================================================== --- head/sysutils/iocage/Makefile (revision 542566) +++ head/sysutils/iocage/Makefile (revision 542567) @@ -1,53 +1,58 @@ # $FreeBSD$ PORTNAME= iocage PORTVERSION= 1.2 -PORTREVISION= 5 +PORTREVISION= 6 CATEGORIES= sysutils python PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} + +PATCH_SITES= https://github.com/iocage/iocage/commit/ +PATCHFILES= 2883770ae46731a2a94cd41e6d01d32cec6f1f21.patch:-p1 \ + 753b2f35731423597d7f51f33427b6d619fcd0b5.patch:-p1 \ + b47dc2c47ff125d644720b03f598a9caf4e08192.patch:-p1 MAINTAINER= grembo@FreeBSD.org COMMENT= FreeBSD jail manager written in Python3 LICENSE= BSD2CLAUSE LICENSE_FILE= ${WRKSRC}/LICENSE BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}pytest-runner>=2.0.0:devel/py-pytest-runner@${PY_FLAVOR} RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}netifaces>0:net/py-netifaces@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}click>=6.7:devel/py-click@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}tqdm>=4.10.0:misc/py-tqdm@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}coloredlogs>0:devel/py-coloredlogs@${PY_FLAVOR} \ ca_root_nss>0:security/ca_root_nss \ ${PYTHON_PKGNAMEPREFIX}texttable>=0.8.7:textproc/py-texttable@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}pytest-runner>=2.0.0:devel/py-pytest-runner@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}requests>=2.11.1:www/py-requests@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}libzfs>=1.0.2:devel/py-libzfs@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}dnspython>0:dns/py-dnspython@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}GitPython>0:devel/py-gitpython@${PY_FLAVOR} \ merge:devel/rcs57 USES= python:3.6+ USE_GITHUB= yes USE_PYTHON= autoplist distutils CONFLICTS= py27-iocage-[0-9]* NO_ARCH= yes PLIST_FILES= ${PYTHONPREFIX_SITELIBDIR}/${PORTNAME}_lib-${PORTVERSION}-py${PYTHON_VER}.egg-info/PKG-INFO \ ${PYTHONPREFIX_SITELIBDIR}/${PORTNAME}_lib-${PORTVERSION}-py${PYTHON_VER}.egg-info/SOURCES.txt \ ${PYTHONPREFIX_SITELIBDIR}/${PORTNAME}_lib-${PORTVERSION}-py${PYTHON_VER}.egg-info/dependency_links.txt \ ${PYTHONPREFIX_SITELIBDIR}/${PORTNAME}_lib-${PORTVERSION}-py${PYTHON_VER}.egg-info/entry_points.txt \ ${PYTHONPREFIX_SITELIBDIR}/${PORTNAME}_lib-${PORTVERSION}-py${PYTHON_VER}.egg-info/requires.txt \ ${PYTHONPREFIX_SITELIBDIR}/${PORTNAME}_lib-${PORTVERSION}-py${PYTHON_VER}.egg-info/top_level.txt OPTIONS_DEFAULT= GIT OPTIONS_RADIO= GIT_PACKAGE OPTIONS_RADIO_GIT_PACKAGE= GIT GIT_LITE GIT_DESC= depend on devel/git GIT_LITE_DESC= depend on devel/git-lite (bare minimum git experience) GIT_RUN_DEPENDS=git:devel/git GIT_LITE_RUN_DEPENDS=git:devel/git-lite .include Index: head/sysutils/iocage/distinfo =================================================================== --- head/sysutils/iocage/distinfo (revision 542566) +++ head/sysutils/iocage/distinfo (revision 542567) @@ -1,3 +1,9 @@ -TIMESTAMP = 1569546993 +TIMESTAMP = 1595158775 SHA256 (iocage-iocage-1.2_GH0.tar.gz) = 7ff73f4d33090e829e1dd23fa723b7f969b29249e382fc39b7564826de119819 SIZE (iocage-iocage-1.2_GH0.tar.gz) = 722499 +SHA256 (2883770ae46731a2a94cd41e6d01d32cec6f1f21.patch) = d4f7b2e8db35ca690df70768168571ae328ab5e2bdc9b7cf4f9f1e07fdaba1b1 +SIZE (2883770ae46731a2a94cd41e6d01d32cec6f1f21.patch) = 1199 +SHA256 (753b2f35731423597d7f51f33427b6d619fcd0b5.patch) = 44356560f65894019cb6e614d8020d6c17433b15b3e18c80462dad15f03a34c2 +SIZE (753b2f35731423597d7f51f33427b6d619fcd0b5.patch) = 12667 +SHA256 (b47dc2c47ff125d644720b03f598a9caf4e08192.patch) = 02af790d48933bf6d9520d11bb2392d29ae550fc6b6bd9482bfbd0901555ec11 +SIZE (b47dc2c47ff125d644720b03f598a9caf4e08192.patch) = 2089 Index: head/sysutils/iocage/files/patch-iocage__lib_ioc__common.py =================================================================== --- head/sysutils/iocage/files/patch-iocage__lib_ioc__common.py (revision 542566) +++ head/sysutils/iocage/files/patch-iocage__lib_ioc__common.py (nonexistent) @@ -1,73 +0,0 @@ -Originates here -https://github.com/iocage/iocage/commit/753b2f35731423597d7f51f33427b6d619fcd0b5 -https://github.com/iocage/iocage/pull/1106 -and most likely can be removed on the next release of iocage. ---- iocage_lib/ioc_common.py.orig 2019-09-26 07:23:24 UTC -+++ iocage_lib/ioc_common.py -@@ -44,6 +44,9 @@ import iocage_lib.ioc_exceptions - import iocage_lib.ioc_exec - - INTERACTIVE = False -+# 4 is a magic number for default and doesn't refer -+# to the actual ruleset 4 in devfs.rules(!) -+IOCAGE_DEVFS_RULESET = 4 - - - def callback(_log, callback_exception): -@@ -737,7 +740,7 @@ def generate_devfs_ruleset(conf, paths=N - Will add a per jail devfs ruleset with the specified rules, - specifying defaults that equal devfs_ruleset 4 - """ -- ruleset = conf['devfs_ruleset'] -+ configured_ruleset = conf['devfs_ruleset'] - devfs_includes = [] - devfs_rulesets = su.run( - ['devfs', 'rule', 'showsets'], -@@ -745,22 +748,26 @@ def generate_devfs_ruleset(conf, paths=N - ) - ruleset_list = [int(i) for i in devfs_rulesets.stdout.splitlines()] - -- if ruleset != '4': -- if int(ruleset) in ruleset_list: -- return str(ruleset) -- -- logit({ -- "level": "INFO", -- "message": f'* Ruleset {ruleset} does not exist, using defaults' -- }, -- _callback=callback, -- silent=silent) -- -- ruleset = 5 # 0-4 is always reserved -+ ruleset = int(conf["min_dyn_devfs_ruleset"]) - while ruleset in ruleset_list: - ruleset += 1 - ruleset = str(ruleset) - -+ # Custom devfs_ruleset configured, clone to dynamic ruleset -+ if int(configured_ruleset) != IOCAGE_DEVFS_RULESET: -+ if int(configured_ruleset) not in ruleset_list: -+ return (True, configured_ruleset, '0') -+ rules = su.run( -+ ['devfs', 'rule', '-s', configured_ruleset, 'show'], -+ stdout=su.PIPE, universal_newlines=True -+ ) -+ for rule in rules.stdout.splitlines(): -+ su.run(['devfs', 'rule', '-s', ruleset, 'add'] + -+ rule.split(' ')[1:], stdout=su.PIPE) -+ -+ return (True, configured_ruleset, ruleset) -+ -+ # Create default ruleset - devfs_dict = dict((dev, None) for dev in ( - 'hide', 'null', 'zero', 'crypto', 'random', 'urandom', 'ptyp*', - 'ptyq*', 'ptyr*', 'ptys*', 'ptyP*', 'ptyQ*', 'ptyR*', 'ptyS*', 'ptyl*', -@@ -812,7 +819,7 @@ def generate_devfs_ruleset(conf, paths=N - - su.run(['devfs', 'rule', '-s', ruleset] + path, stdout=su.PIPE) - -- return ruleset -+ return (False, configured_ruleset, ruleset) - - - def runscript(script): Property changes on: head/sysutils/iocage/files/patch-iocage__lib_ioc__common.py ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/sysutils/iocage/files/patch-iocage__lib_ioc__fetch.py =================================================================== --- head/sysutils/iocage/files/patch-iocage__lib_ioc__fetch.py (revision 542566) +++ head/sysutils/iocage/files/patch-iocage__lib_ioc__fetch.py (nonexistent) @@ -1,27 +0,0 @@ -See https://github.com/iocage/iocage/commit/b47dc2c47ff125d644720b03f598a9caf4e08192 ---- iocage_lib/ioc_fetch.py.orig 2019-09-26 07:23:24 UTC -+++ iocage_lib/ioc_fetch.py -@@ -964,19 +964,16 @@ class IOCFetch(iocage_lib.ioc_json.IOCZF - - if not cli: - for jail, path in jails.items(): -- _json = iocage_lib.ioc_json.IOCJson(path) -+ _json = iocage_lib.ioc_json.IOCJson(path, cli=False) - props = _json.json_get_value('all') - - if props['basejail'] and self.release.rsplit( - '-', 1 - )[0] in props['release']: -- props['release'] = new_release -- _json.json_write(props) -+ _json.json_set_value(f'release={new_release}') - else: -- _json = iocage_lib.ioc_json.IOCJson(jails[uuid]) -- props = _json.json_get_value('all') -- props['release'] = new_release -- _json.json_write(props) -+ _json = iocage_lib.ioc_json.IOCJson(jails[uuid], cli=False) -+ _json.json_set_value(f'release={new_release}') - - if self.verify: - # tmp only exists if they verify SSL certs Property changes on: head/sysutils/iocage/files/patch-iocage__lib_ioc__fetch.py ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/sysutils/iocage/files/patch-iocage__lib_ioc__json.py =================================================================== --- head/sysutils/iocage/files/patch-iocage__lib_ioc__json.py (revision 542566) +++ head/sysutils/iocage/files/patch-iocage__lib_ioc__json.py (nonexistent) @@ -1,74 +0,0 @@ -Originates here -https://github.com/iocage/iocage/commit/753b2f35731423597d7f51f33427b6d619fcd0b5 -https://github.com/iocage/iocage/pull/1106 -and most likely can be removed on the next release of iocage. ---- iocage_lib/ioc_json.py.orig 2019-09-26 07:23:24 UTC -+++ iocage_lib/ioc_json.py -@@ -671,7 +671,7 @@ class IOCConfiguration(IOCZFS): - @staticmethod - def get_version(): - """Sets the iocage configuration version.""" -- version = '26' -+ version = '27' - - return version - -@@ -1104,6 +1104,10 @@ class IOCConfiguration(IOCZFS): - if conf.get(option) == 'none': - conf[option] = 'auto' - -+ # Version 27 key -+ if not conf.get('min_dyn_devfs_ruleset'): -+ conf['min_dyn_devfs_ruleset'] = '1000' -+ - if not default: - conf.update(jail_conf) - -@@ -1321,7 +1325,7 @@ class IOCConfiguration(IOCZFS): - 'vnet2_mac': 'none', - 'vnet3_mac': 'none', - 'vnet_default_interface': 'auto', -- 'devfs_ruleset': '4', -+ 'devfs_ruleset': str(iocage_lib.ioc_common.IOCAGE_DEVFS_RULESET), - 'exec_start': '/bin/sh /etc/rc', - 'exec_stop': '/bin/sh /etc/rc.shutdown', - 'exec_prestart': '/usr/bin/true', -@@ -1432,6 +1436,7 @@ class IOCConfiguration(IOCZFS): - 'nat_forwards': 'none', - 'plugin_name': 'none', - 'plugin_repository': 'none', -+ 'min_dyn_devfs_ruleset': '1000', - } - - def check_default_config(self): -@@ -2369,6 +2374,7 @@ class IOCJson(IOCConfiguration): - 'nat_forwards': ('string', ), - 'plugin_name': ('string', ), - 'plugin_repository': ('string', ), -+ 'min_dyn_devfs_ruleset': ('string', ), - } - - zfs_props = { -@@ -2648,6 +2654,22 @@ class IOCJson(IOCConfiguration): - silent=self.silent, - exception=ioc_exceptions.ValidationFailed - ) -+ elif key in ('devfs_ruleset', 'min_dyn_devfs_ruleset'): -+ try: -+ intval = int(value) -+ if intval <= 0: -+ raise ValueError() -+ conf[key] = str(intval) -+ except ValueError: -+ iocage_lib.ioc_common.logit( -+ { -+ 'level': 'EXCEPTION', -+ 'message': f'Invalid {key} value: {value}' -+ }, -+ _callback=self.callback, -+ silent=self.silent, -+ exception=ioc_exceptions.ValidationFailed -+ ) - - return value, conf - else: Property changes on: head/sysutils/iocage/files/patch-iocage__lib_ioc__json.py ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/sysutils/iocage/files/patch-iocage__lib_ioc__start.py =================================================================== --- head/sysutils/iocage/files/patch-iocage__lib_ioc__start.py (revision 542566) +++ head/sysutils/iocage/files/patch-iocage__lib_ioc__start.py (nonexistent) @@ -1,104 +0,0 @@ -Originates here -https://github.com/iocage/iocage/commit/753b2f35731423597d7f51f33427b6d619fcd0b5 -https://github.com/iocage/iocage/pull/1106 -and most likely can be removed on the next release of iocage. ---- iocage_lib/ioc_start.py.orig 2019-09-26 07:23:24 UTC -+++ iocage_lib/ioc_start.py -@@ -145,7 +145,6 @@ class IOCStart(object): - allow_quotas = self.conf["allow_quotas"] - allow_socket_af = self.conf["allow_socket_af"] - allow_vmm = self.conf["allow_vmm"] -- devfs_ruleset = iocage_lib.ioc_common.generate_devfs_ruleset(self.conf) - exec_prestart = self.conf["exec_prestart"] - exec_poststart = self.conf["exec_poststart"] - exec_clean = self.conf["exec_clean"] -@@ -486,16 +485,8 @@ class IOCStart(object): - _callback=self.callback, - silent=self.silent) - -- if wants_dhcp and self.conf['type'] != 'pluginv2' \ -- and self.conf['devfs_ruleset'] != '4': -- iocage_lib.ioc_common.logit({ -- "level": "WARNING", -- "message": f" {self.uuid} is not using the devfs_ruleset" -- f" of 4, not generating a ruleset for the jail," -- " DHCP may not work." -- }, -- _callback=self.callback, -- silent=self.silent) -+ devfs_paths = None -+ devfs_includes = None - - if self.conf['type'] == 'pluginv2' and os.path.isfile( - os.path.join(self.path, f'{self.conf["plugin_name"]}.json') -@@ -509,17 +500,51 @@ class IOCStart(object): - plugin_name = self.conf['plugin_name'] - plugin_devfs = devfs_json[ - "devfs_ruleset"][f"plugin_{plugin_name}"] -- plugin_devfs_paths = plugin_devfs['paths'] -- -- plugin_devfs_includes = None if 'includes' not in \ -+ devfs_paths = plugin_devfs['paths'] -+ devfs_includes = None if 'includes' not in \ - plugin_devfs else plugin_devfs['includes'] - -- devfs_ruleset = \ -- iocage_lib.ioc_common.generate_devfs_ruleset( -- self.conf, -- paths=plugin_devfs_paths, -- includes=plugin_devfs_includes -- ) -+ # Generate dynamic devfs ruleset from configured one -+ (manual_devfs_config, configured_devfs_ruleset, devfs_ruleset) \ -+ = iocage_lib.ioc_common.generate_devfs_ruleset( -+ self.conf, devfs_paths, devfs_includes) -+ -+ if int(devfs_ruleset) <= 0: -+ iocage_lib.ioc_common.logit({ -+ "level": "ERROR", -+ "message": f"{self.uuid} devfs_ruleset" -+ f" {configured_devfs_ruleset} does not exist!" -+ " - Not starting jail" -+ }, -+ _callback=self.callback, -+ silent=self.silent) -+ return -+ -+ # Manually configured devfs_ruleset doesn't support all iocage features -+ if manual_devfs_config: -+ if devfs_paths is not None or devfs_includes is not None: -+ iocage_lib.ioc_common.logit({ -+ "level": "WARNING", -+ "message": f" {self.uuid} is not using the devfs_ruleset" -+ " of " -+ f"{iocage_lib.ioc_common.IOCAGE_DEVFS_RULESET}" -+ ", devices and includes from plugin not added" -+ ", some features of the plugin may not work." -+ }, -+ _callback=self.callback, -+ silent=self.silent) -+ -+ if wants_dhcp and self.conf['type'] != 'pluginv2': -+ iocage_lib.ioc_common.logit({ -+ "level": "WARNING", -+ "message": f" {self.uuid} is not using the devfs_ruleset" -+ " of " -+ f"{iocage_lib.ioc_common.IOCAGE_DEVFS_RULESET}" -+ ", not generating a ruleset for the jail," -+ " DHCP may not work." -+ }, -+ _callback=self.callback, -+ silent=self.silent) - - parameters = [ - fdescfs, _allow_mlock, tmpfs, -@@ -619,6 +644,9 @@ class IOCStart(object): - iocage_lib.ioc_common.logit({ - 'level': 'INFO', - 'message': f' + Using devfs_ruleset: {devfs_ruleset}' -+ + (' (cloned from devfs_ruleset ' -+ f'{configured_devfs_ruleset})' if manual_devfs_config -+ else ' (iocage generated default)') - }, - _callback=self.callback, - silent=self.silent) Property changes on: head/sysutils/iocage/files/patch-iocage__lib_ioc__start.py ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property