From unknown Sun Jun 22 07:37:59 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#69131] [PATCH 1/2] gnu: Add passt. Resent-From: Tomas Volf <~@wolfsden.cz> Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Wed, 14 Feb 2024 19:19:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 69131 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 69131@debbugs.gnu.org Cc: Tomas Volf <~@wolfsden.cz> X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.17079382903181 (code B ref -1); Wed, 14 Feb 2024 19:19:01 +0000 Received: (at submit) by debbugs.gnu.org; 14 Feb 2024 19:18:10 +0000 Received: from localhost ([127.0.0.1]:53110 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1raKll-0000pF-OI for submit@debbugs.gnu.org; Wed, 14 Feb 2024 14:18:10 -0500 Received: from lists.gnu.org ([209.51.188.17]:58626) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <~@wolfsden.cz>) id 1raKlj-0000p6-Gl for submit@debbugs.gnu.org; Wed, 14 Feb 2024 14:18:08 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <~@wolfsden.cz>) id 1raKlQ-0003FN-5m for guix-patches@gnu.org; Wed, 14 Feb 2024 14:17:48 -0500 Received: from wolfsden.cz ([37.205.8.62]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <~@wolfsden.cz>) id 1raKlN-0001NY-Hd for guix-patches@gnu.org; Wed, 14 Feb 2024 14:17:47 -0500 Received: by wolfsden.cz (Postfix, from userid 104) id 4842928BE16; Wed, 14 Feb 2024 19:17:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1707938261; bh=aRpdeswe4/hGmnJcesgILefw1XDaq/RCYAl8hHO9c28=; h=From:To:Cc:Subject:Date; b=lBzpsS34EW/oblkGLUkJAzPykO+/abdTUI/Z07CJ+BWl976rgD9HIaYj6QiS5n9yw QYbXthJklXfm477rqgiBLiHwP1zM5Fqo1cYumH1Y8E1TC4yNFtVxwwmtkavrHaoiP7 grMDViH7R1G0DjW1msMJ9Zt6v0kTl4FzvPsvBdt3q6j1GjU8TgKGeAzPny9mgb+djj XZ3LSkxsKSmv78jV3iQMkRkJxP5/dY3424iZyS3cBPmgVkhzMIjcxz6c2nNvHEZkZU n+kQ7+o3h4lGhlT4j5+6g9wOmQwKoRsT7OWQwjcpH6dLRt8n2mwWJiRkDqEQy92B2o SxeQnEk+3+T+sIPYyJuj+SRcgjT8wb5GKKOXXnwwVo4/ugX+GtGapQmZuWea7ebeio 1O5UMdTsIiCDXzEsbN7PJ0pzI9rrP349ZtvFUnd30XgEAdmcyrgjX3E6QeloGnxeXZ 5qe7VMf8q6Znyb+bRHTdMxCPNKKYCe8OVrYBNTbM4VpxISljyic+whJHf5DPU8RS1d OXOnUXJ1fFbB53YVUYQ25ikWmVfFn8KRE5MLCxf5ZN4eL3dR5FGMl1+kFCXIMupSJV Kib+V8mxHcWXA6XfHD9LVQXGxcZ6PkbLfbB15rc0tiyUqfU00Ri7zlCmEQPl1Oipfn 263T90gBVrQroGcf4oiJ16zc= X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on wolfsden X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,PDS_OTHER_BAD_TLD, T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 Received: from localhost (unknown [146.70.134.169]) by wolfsden.cz (Postfix) with ESMTPSA id 385A828C721; Wed, 14 Feb 2024 19:17:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1707938260; bh=aRpdeswe4/hGmnJcesgILefw1XDaq/RCYAl8hHO9c28=; h=From:To:Cc:Subject:Date; b=F4zwGSNPYWV4Bj5hgPZ9blQPC1iYgF3abeOCAq81LcvE5wT7V2utETO7yjEZHlE3l xpoUJ1VxRL3NwqJokma7izuBgf1UkDz5/SskQkaQsyRkbXwIgPs+1u5PjP58FgkzK6 okc7whQ1kPkGaraT8+AG0fyPUAwu94RpdOZYAd98YrukgKiVVfDzQK629OOdk66En0 SbDR25lJGXXhDgarGs9nNl30VfpcNXHCACdXrE91qpZ2sSj2jRwCHYVwmYBjuGqMoU u3M0hZBUdxsAR+/kffSTaq5/FuIHVNpNXcqeZvyuB/LiDNAoltYbN/oOiIme6AIn4p pKxXWT9dq6kxcfzGme+7x86yyJ5FHvzfYgbObbislU7ECgRc8K+s5IPZCMWXEFZ/km eiYM9KPVY7Sh81h15HMAoy99xYwndCZ1So56gNz2CelbNGFyp/XJLA8C2YbfHiHFRU gr4cf5PmNNhDkpcZL5MoGkRLi8+wJ96SnKB54e88jsazbrv10pPHSAgH5aMxdwN1sr 8j4rB4NNbnVGoK8a3iSytxQK4XQ6PIy/Swjte1jc0IGmBQ3OC1Hs6bevCA8wi3+DvW EchE8FccXrYFk+eVg6bgssDRQa07gOO5hT8cZI/B5AW7papZek9T9Xbez/YsMmCJpd gljMcqjTTW0kVM8kbkmAcMYQ= From: Tomas Volf <~@wolfsden.cz> Date: Wed, 14 Feb 2024 20:17:34 +0100 Message-ID: X-Mailer: git-send-email 2.41.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=37.205.8.62; envelope-from=~@wolfsden.cz; helo=wolfsden.cz X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, PDS_OTHER_BAD_TLD=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -3.5 (---) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -4.5 (----) * gnu/packages/containers.scm (passt): New variable. Change-Id: I2ebdd9d4255a89a86fb196568215b74bb61cb3a6 --- gnu/packages/containers.scm | 41 +++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm index a3aa9ac1db..5cd81e85a6 100644 --- a/gnu/packages/containers.scm +++ b/gnu/packages/containers.scm @@ -5,6 +5,7 @@ ;;; Copyright © 2022 Michael Rohleder ;;; Copyright © 2023 Zongyuan Li ;;; Copyright © 2023 Ricardo Wurmus +;;; Copyright © 2024 Tomas Volf <~@wolfsden.cz> ;;; ;;; This file is part of GNU Guix. ;;; @@ -259,6 +260,46 @@ (define-public slirp4netns network namespaces.") (license license:gpl2+))) +(define-public passt + (package + (name "passt") + (version "2023_12_30.f091893") + (source (origin + (method url-fetch) + (uri + (string-append + "https://passt.top/passt/snapshot/passt-" version ".tar.gz")) + (sha256 + (base32 + "1nyd4h93qlxn1r01ffijpsd7r7ny62phki5j58in8gz021jj4f3d")))) + (build-system gnu-build-system) + (arguments + (list + #:make-flags + #~(list (string-append "CC=" #$(cc-for-target)) + "RLIMIT_STACK_VAL=1024" ; ¯\_ (ツ)_/¯ + (string-append "VERSION=" #$version) + (string-append "prefix=" #$output)) + #:tests? #f + #:phases + #~(modify-phases %standard-phases + (delete 'configure)))) + (home-page "https://passt.top") + (synopsis "Plug A Simple Socket Transport") + (description "passt implements a thin layer between guest and host, that +only implements what's strictly needed to pretend processes are running +locally. The TCP adaptation doesn't keep per-connection packet buffers, and +reflects observed sending windows and acknowledgements between the two sides. +This TCP adaptation is needed as passt runs without the CAP_NET_RAW +capability: it can't create raw IP sockets on the pod, and therefore needs to +map packets at Layer-2 to Layer-4 sockets offered by the host kernel. + +Also provides pasta, which similarly to slirp4netns, provides networking to +containers by creating a tap interface available to processes in the +namespace, and mapping network traffic outside the namespace using native +Layer-4 sockets.") + (license (list license:gpl2+ license:bsd-3)))) + (define-public cni-plugins (package (name "cni-plugins") base-commit: e9a6c7094822bc859d0694eeaf8f434317219367 -- 2.41.0 From unknown Sun Jun 22 07:37:59 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#69131] [PATCH 2/2] gnu: podman: Update to 4.9.3. Resent-From: Tomas Volf <~@wolfsden.cz> Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Wed, 14 Feb 2024 19:20:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 69131 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 69131@debbugs.gnu.org Cc: Tomas Volf <~@wolfsden.cz> Received: via spool by 69131-submit@debbugs.gnu.org id=B69131.17079383783332 (code B ref 69131); Wed, 14 Feb 2024 19:20:02 +0000 Received: (at 69131) by debbugs.gnu.org; 14 Feb 2024 19:19:38 +0000 Received: from localhost ([127.0.0.1]:53117 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1raKnB-0000rg-C9 for submit@debbugs.gnu.org; Wed, 14 Feb 2024 14:19:38 -0500 Received: from wolfsden.cz ([37.205.8.62]:57720) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <~@wolfsden.cz>) id 1raKn9-0000rV-TV for 69131@debbugs.gnu.org; Wed, 14 Feb 2024 14:19:36 -0500 Received: by wolfsden.cz (Postfix, from userid 104) id 3835A28B631; Wed, 14 Feb 2024 19:19:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1707938356; bh=2JJOGxPInSJcEgHlZOQWO7yNBtJdN6TTKGqNVHr3P68=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=gq7G/HwG/H3EhnJznAP1+qTcgSaUL3ANRewhR8dfInQeOQDc8B3II23uQZA+BtXAG Ex/VuOWmFvuvOxnNDtgrQIB/nlMhoyz+NmugnVasLYmUPMJ1Tc0YuMbJx42plZDiyo XLjJmWniAhvg28WVYbMPszrDPz9kdzCw2qTa9vOd7l/XNiqE+TcE1hvMsGoJHlmDNb 9WK+munR0nnD8fAGBD1iL8xEBjiNon6XuEoCbIlQ941Nmn6I3K71whtCFNDYNayFOh hgLxzVwnYbsKOXDa4IIWwYZ9F6ba48LA+ajEVQDcEWi5aHNJCAxb+PpQT3mIpvx8i+ QaEAeN+tJng1Xks3+f6KeDH13zfzDWxYTx9BLUI2caUD0T01MIx9bfA540kBWi+QIm d2tvbSpkAttBO/rdmNXlo6SDNPRnQe8c1bjzjTLe3dZEcmxhb1LA1pCJoj8eAxuJ18 z90tT6UaqWpdlJTOl4AhyMND6gQVXFRufPPc3WgeWTgjF0FWgMRst4UC6xZcuaiQHj ByeeOTbyw/8Lr6NfkZWZbbyVEx8zu/rd7wCF7WQWNc6L2kX3eaPHwODQv/3C5wvhyv ZvVBsNmSsiDYcPAlsTEnja0FFs5bWqnBh6X+gQMU16mSwkQ96FYB8HXbQNHXASF7VU JD20b7gBOKSEdMuXxz1eRYQI= X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on wolfsden X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,T_SCC_BODY_TEXT_LINE, URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 Received: from localhost (unknown [146.70.134.169]) by wolfsden.cz (Postfix) with ESMTPSA id 5593228BBB1; Wed, 14 Feb 2024 19:19:15 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1707938355; bh=2JJOGxPInSJcEgHlZOQWO7yNBtJdN6TTKGqNVHr3P68=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=W7O4Eub8BSnjlRbqAI6K+CW3sFEmMyi0SdeYgIoK9+zo0aOfH3/tQGnsYFCND/dQ8 XtMcCt/h63zCQ5y9HNNKyvyp49YpLny5uW+nbJDwFj7zk910Q7pluZ14Dit2XfbpVS yk6/6SuPKQnCB4rGIzAZ8/9n0xurvjIei2+G3snz7lebfxEy9CLW+Xiidkf8NZNEvS rCjSI7MN+zEUR+Nr6NVY+9UYM2rthueHAhRecVBNBcjutOd6PHfOWFVp1EzcBiOy9X Y1NCxoOotzuP16rosnrpOX+Iej6cLYyuIN8+vQNJhI+Grqqn/gQNy7rg8s7Pkq1/sK riJYw3af4kUXDIU62RTqK5pXxjD1x6LX/rDS3j4JapAqvXazEGRTKE2XejZ2wteonD V1qaWu5hDnL/jNFdef9qDkJaljToRCvQBUSXqWC+bEK11qanMFUw8vYpju3NlyOnVp zvmTDAE87rbbe4NmKhJ+1/qYUWkBk8aVYB+CZ1c9liSmKCbvTiNlXH3uulCuXEFtXN vS3IZzEuUIlZdKPLLzS5FDfl36norheO2CKKDXV8Drc45RmBzoDlypAfkuqyIlp0VC cTrDrlyEEESPzLhBTVvdY69/OY4odRuluLkXNA4koQlpv3qzvf2SJkot3Bsfenpd9Q YF3/D/47Cq4VAQX8QnHNcO/c= From: Tomas Volf <~@wolfsden.cz> Date: Wed, 14 Feb 2024 20:19:13 +0100 Message-ID: <564fa27db3acf9ab25ebb8887023c34a0f41930c.1707938222.git.~@wolfsden.cz> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -1.9 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.9 (--) * gnu/packages/containers.scm (podman): Update to 4.9.3. Change-Id: If764e8456a697d16b76cd4ba1243cc5f633a6049 --- gnu/local.mk | 1 + gnu/packages/containers.scm | 24 ++-- ...earch-for-binaries-to-fit-Guix-model.patch | 120 ++++++++++++++++++ 3 files changed, 137 insertions(+), 8 deletions(-) create mode 100644 gnu/packages/patches/podman-Modify-search-for-binaries-to-fit-Guix-model.patch diff --git a/gnu/local.mk b/gnu/local.mk index ab690795a7..bdd9338ebc 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1785,6 +1785,7 @@ dist_patch_DATA = \ %D%/packages/patches/plasp-fix-normalization.patch \ %D%/packages/patches/plasp-include-iostream.patch \ %D%/packages/patches/pocketfft-cpp-prefer-preprocessor-if.patch \ + %D%/packages/patches/podman-Modify-search-for-binaries-to-fit-Guix-model.patch \ %D%/packages/patches/pokerth-boost.patch \ %D%/packages/patches/ppsspp-disable-upgrade-and-gold.patch \ %D%/packages/patches/procps-strtod-test.patch \ diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm index 5cd81e85a6..f958f46fca 100644 --- a/gnu/packages/containers.scm +++ b/gnu/packages/containers.scm @@ -354,7 +354,7 @@ (define-public cni-plugins (define-public podman (package (name "podman") - (version "4.4.1") + (version "4.9.3") (source (origin (method git-fetch) @@ -365,8 +365,11 @@ (define-public podman ;; FIXME: Btrfs libraries not detected by these scripts. (snippet '(substitute* "Makefile" ((".*hack/btrfs.*") ""))) + (patches + (search-patches + "podman-Modify-search-for-binaries-to-fit-Guix-model.patch")) (sha256 - (base32 "0qbr6rbyig3c2hvdvmd94jjkg820hpdz6j7dgyv62dl6wfwvj5jj")) + (base32 "17g7n09ndxhpjr39s9qwxdcv08wavjj0g5nmnrvrkz2wgdqigl1x")) (file-name (git-file-name name version)))) (build-system gnu-build-system) @@ -393,10 +396,11 @@ (define-public podman (invoke "make" "remotesystem")))) (add-after 'unpack 'fix-hardcoded-paths (lambda _ - (substitute* (find-files "libpod" "\\.go") - (("exec.LookPath[(][\"]slirp4netns[\"][)]") - (string-append "exec.LookPath(\"" - (which "slirp4netns") "\")"))) + (substitute* "vendor/github.com/containers/common/pkg/config/config.go" + (("@SLIRP4NETNS_DIR@") + (string-append #$slirp4netns "/bin")) + (("@PASST_DIR@") + (string-append #$passt "/bin"))) (substitute* "hack/install_catatonit.sh" (("CATATONIT_PATH=\"[^\"]+\"") (string-append "CATATONIT_PATH=" (which "true")))) @@ -426,11 +430,12 @@ (define-public podman libassuan libseccomp libselinux + passt slirp4netns)) (native-inputs (list bats git - go-1.19 + go-1.21 ; strace ; XXX debug pkg-config python)) @@ -439,7 +444,10 @@ (define-public podman (description "Podman (the POD MANager) is a tool for managing containers and images, volumes mounted into those containers, and pods made from groups of -containers.") +containers. + +The @code{machine} subcommand is not supported due to gvproxy not being +packaged.") (license license:asl2.0))) (define-public buildah diff --git a/gnu/packages/patches/podman-Modify-search-for-binaries-to-fit-Guix-model.patch b/gnu/packages/patches/podman-Modify-search-for-binaries-to-fit-Guix-model.patch new file mode 100644 index 0000000000..27a9421285 --- /dev/null +++ b/gnu/packages/patches/podman-Modify-search-for-binaries-to-fit-Guix-model.patch @@ -0,0 +1,120 @@ +From 914aed3e04f71453fbdc30f4287e13ca3ce63a36 Mon Sep 17 00:00:00 2001 +From: Tomas Volf <~@wolfsden.cz> +Date: Wed, 14 Feb 2024 20:02:03 +0100 +Subject: [PATCH] Modify search for binaries to fit Guix model + +Podman basically looked into the $PATH and into its libexec. That does not fit +Guix's model very well, to an additional option to specify additional +directories during compilation was added. + +* pkg/rootless/rootless_linux.go +(tryMappingTool): Also check /run/setuid-programs. +* vendor/github.com/containers/common/pkg/config/config.go +(extraGuixDir): New function. +(FindHelperBinary): Use it. +* vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go +(guixLookupSetuidPath): New function. +(Start): Use it. +--- + pkg/rootless/rootless_linux.go | 3 +++ + .../containers/common/pkg/config/config.go | 23 +++++++++++++++++++ + .../storage/pkg/unshare/unshare_linux.go | 14 +++++++++-- + 3 files changed, 38 insertions(+), 2 deletions(-) + +diff --git a/pkg/rootless/rootless_linux.go b/pkg/rootless/rootless_linux.go +index d303c8b..0191d90 100644 +--- a/pkg/rootless/rootless_linux.go ++++ b/pkg/rootless/rootless_linux.go +@@ -102,6 +102,9 @@ func tryMappingTool(uid bool, pid int, hostID int, mappings []idtools.IDMap) err + idtype = "setgid" + } + path, err := exec.LookPath(tool) ++ if err != nil { ++ path, err = exec.LookPath("/run/setuid-programs/" + tool) ++ } + if err != nil { + return fmt.Errorf("command required for rootless mode with multiple IDs: %w", err) + } +diff --git a/vendor/github.com/containers/common/pkg/config/config.go b/vendor/github.com/containers/common/pkg/config/config.go +index 75b917f..ed2f131 100644 +--- a/vendor/github.com/containers/common/pkg/config/config.go ++++ b/vendor/github.com/containers/common/pkg/config/config.go +@@ -1102,6 +1102,24 @@ func findBindir() string { + return bindirCached + } + ++func extraGuixDir(bin_name string) string { ++ if (bin_name == "slirp4netns") { ++ return "@SLIRP4NETNS_DIR@"; ++ } else if (bin_name == "pasta") { ++ return "@PASST_DIR@"; ++ } else if (strings.HasPrefix(bin_name, "qemu-")) { ++ return "@QEMU_DIR@"; ++ } else if (bin_name == "gvproxy") { ++ return "@GVPROXY_DIR@"; ++ } else if (bin_name == "netavark") { ++ return "@NETAVARK_DIR@"; ++ } else if (bin_name == "aardvark-dns") { ++ return "@AARDVARK_DNS_DIR@"; ++ } else { ++ return ""; ++ } ++} ++ + // FindHelperBinary will search the given binary name in the configured directories. + // If searchPATH is set to true it will also search in $PATH. + func (c *Config) FindHelperBinary(name string, searchPATH bool) (string, error) { +@@ -1109,6 +1127,11 @@ func (c *Config) FindHelperBinary(name string, searchPATH bool) (string, error) + bindirPath := "" + bindirSearched := false + ++ if dir := extraGuixDir(name); dir != "" { ++ /* If there is a Guix dir, skip the PATH search. */ ++ dirList = append([]string{dir}, dirList...) ++ } ++ + // If set, search this directory first. This is used in testing. + if dir, found := os.LookupEnv("CONTAINERS_HELPER_BINARY_DIR"); found { + dirList = append([]string{dir}, dirList...) +diff --git a/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go b/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go +index a8dc1ba..0b0d755 100644 +--- a/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go ++++ b/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go +@@ -26,6 +26,16 @@ import ( + "github.com/syndtr/gocapability/capability" + ) + ++func guixLookupSetuidPath(prog string) (string, error) { ++ path, err := exec.LookPath(prog) ++ if err != nil { ++ path, err = exec.LookPath("/run/setuid-programs/" + prog) ++ } ++ return path, err ++} ++ ++ ++ + // Cmd wraps an exec.Cmd created by the reexec package in unshare(), and + // handles setting ID maps and other related settings by triggering + // initialization code in the child. +@@ -237,7 +247,7 @@ func (c *Cmd) Start() error { + gidmapSet := false + // Set the GID map. + if c.UseNewgidmap { +- path, err := exec.LookPath("newgidmap") ++ path, err := guixLookupSetuidPath("newgidmap") + if err != nil { + return fmt.Errorf("finding newgidmap: %w", err) + } +@@ -297,7 +307,7 @@ func (c *Cmd) Start() error { + uidmapSet := false + // Set the UID map. + if c.UseNewuidmap { +- path, err := exec.LookPath("newuidmap") ++ path, err := guixLookupSetuidPath("newuidmap") + if err != nil { + return fmt.Errorf("finding newuidmap: %w", err) + } +-- +2.41.0 + -- 2.41.0 From unknown Sun Jun 22 07:37:59 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#69131] [PATCH 2/2] gnu: podman: Update to 4.9.3. Resent-From: Skyler Ferris Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Fri, 16 Feb 2024 03:03:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 69131 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 69131@debbugs.gnu.org Received: via spool by 69131-submit@debbugs.gnu.org id=B69131.170805255525550 (code B ref 69131); Fri, 16 Feb 2024 03:03:01 +0000 Received: (at 69131) by debbugs.gnu.org; 16 Feb 2024 03:02:35 +0000 Received: from localhost ([127.0.0.1]:57707 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1raoUl-0006e2-6z for submit@debbugs.gnu.org; Thu, 15 Feb 2024 22:02:35 -0500 Received: from mail-40134.protonmail.ch ([185.70.40.134]:62861) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1raoUi-0006dn-7d for 69131@debbugs.gnu.org; Thu, 15 Feb 2024 22:02:33 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail3; t=1708052526; x=1708311726; bh=BXfhxO3AMXHV+ap4XZryouJQ0RR1ObNB80ns/IboP1E=; h=Date:To:From:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=fMEy6zP++fZriT2BcNlawWzwCPuCTn56UaZ0NWedjOqIVzcTufwnmFisFWNeM0JSg 6CJa/dKop/1xYjBkJgvru1EoWaohRog9y/VmoGIu0PFdjMI7xN7xTPyaZ1sTt3MCms gOe2nK9I5DIlG9kKaGZ2mXrEA7BmIZzz3Gqun0SC886wOADfMfDLk8R2XvIo5qz5G7 Jwmpjt1PX9hgF8JxLNIe/CEMQbrGZSy3D2cICcRFwbbL4myq+y2RL77Uw4DWzPmyHU CU7M6m2GjqxsiETLrVnEjM7ESa5MU3iMEt0oTor8RsqYaj1YWwQRTYRwrCMh9Ns7qA PAvhT+8fSve0A== Date: Fri, 16 Feb 2024 03:01:46 +0000 From: Skyler Ferris Message-ID: <67f55915-ec45-4568-87fc-ebf1e03a07ab@protonmail.com> In-Reply-To: <564fa27db3acf9ab25ebb8887023c34a0f41930c.1707938222.git.~@wolfsden.cz> References: <564fa27db3acf9ab25ebb8887023c34a0f41930c.1707938222.git.~@wolfsden.cz> Feedback-ID: 40635331:user:proton MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -1.9 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.9 (--) Hi Tomas, Thanks for submitting this patch! I am adding some review notes to this=20 issue in hopes of making the process more efficient for the committer. I=20 noticed that `guix style` applies some minor changes to the definition=20 of passt which should ideally be followed, but I don't expect that this=20 would hold up the commit (and I'm not sure if it would be appropriate or=20 intrusive to add a new patch to this thread with the style changes=20 applied). Everything else looks good! I will add a couple more messages=20 to this thread which contain full notes of items I reviewed, for=20 transparency and clarity. Please let me know if there is anything I=20 could do to improve my review process! Regards, Skyler From unknown Sun Jun 22 07:37:59 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#69131] [PATCH 1/2] gnu: Add passt. Resent-From: Skyler Ferris Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Fri, 16 Feb 2024 03:04:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 69131 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 69131@debbugs.gnu.org Received: via spool by 69131-submit@debbugs.gnu.org id=B69131.170805259525629 (code B ref 69131); Fri, 16 Feb 2024 03:04:02 +0000 Received: (at 69131) by debbugs.gnu.org; 16 Feb 2024 03:03:15 +0000 Received: from localhost ([127.0.0.1]:57712 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1raoVO-0006fI-Ix for submit@debbugs.gnu.org; Thu, 15 Feb 2024 22:03:15 -0500 Received: from mail-4322.protonmail.ch ([185.70.43.22]:31003) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1raoVL-0006f4-Tl for 69131@debbugs.gnu.org; Thu, 15 Feb 2024 22:03:12 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail3; t=1708052566; x=1708311766; bh=vUOeYLjww0UkklO8LMraaVV7s/SBK1EGkscBZtctIgk=; h=Date:To:From:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=bG9rfXOUNltxHZwx4oF9WrguVEQQTos6rzL0oOfoezq+SC0iWTt3k95rZQPquHBOU VmR7Po/hsNJYCS52vwvwGQHcKEjdHLII59e3tSyTAgTWWrr9CuzCjjDqlGqimgaXEL qmR3GKsWzBHCKqrHlV3xjOcJmQBcMDe4lX4oI41wzOOLrQYswHNJJa4NqM7GejNUwt hRC3JIUloAiRlGUGHK2J8Li5DwgAznONxsXpDOp+rL3BscWcDnUPzOy2YwJxk7rZcZ xT+h/e98uUlH1aXcQgosGsfs9FeFxPlgU83Tavnn2ylgURGM3AoaM0vvqng9AjwQPd gZD99e5g9YYFA== Date: Fri, 16 Feb 2024 03:02:43 +0000 From: Skyler Ferris Message-ID: <44375893-d991-49cf-a050-68ce493de299@protonmail.com> In-Reply-To: References: Feedback-ID: 40635331:user:proton MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -1.9 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.9 (--) "Add passt" review notes: The following checklist is based on the items listed in the manual (22.7=20 "Submitting Patches"). Each checklist item may have one of the following=20 statuses: C: Commitable. This item looks as expected for a final commit. CC: Commitable with Context. Like commitable, but some notes have been=20 added providing context about anything notable or unusual. These notes=20 are provided for transparency or to set expectations for the committer=20 and should not be interpreted as meaning that I object to the patch. MR: Minor Repair. There is something about the patch which I think=20 should ideally be changed, but I do not think that the commit should be=20 held up for this reason alone. A: Attention. Something in the patch needs attention from the author,=20 the committer, or both. Resolving the matter may or may not require a=20 change to the patch. Blank: I did not review this aspect of the patch. [CC] Applies cleanly (commit bd87416648929f38c0173f047776d7675ea8a10d) [CC] Cryptographic hash [C ] Synopsis & Description [C ] Package license matches source license [C ] No compiler warnings [CC] `guix lint` output [MR] `guix style` output [C ] Package builds (my host is an x86_64 Xen guest) [=C2=A0 ] Builds for other architectures [C ] No bundled software [=C2=A0 ] Works in container with minimal inputs [C ] `guix size` output [C ] Dependent packages (`guix refresh --list-dependent PACKAGE`) [C ] `guix build --rounds=3D2` [C ] Gender-neutral wording [C ] One set of related changes [=C2=A0 ] Simulated guix pull # Patch Application The copyright statement in the first patch does not apply cleanly=20 because commit 6002e9e7711136373de5a6325769e9c7d11032c9 recently added=20 it already, but git successfully processed that diff after manually=20 deleting the chunk from the patch. # Cryptographic Signatures I was not able to locate signatures for either the source tarball or the=20 git commits. # Guix Lint Output The linter printed two notes, one that the 'generic-html' updater failed=20 to find upstream releases and another indicated that archives are not=20 available from either Software Heritage or Disarchive. As I understand=20 it, these issues issues should not block the package. Not every package=20 has an automatic updater (though it would be nice if they did) and the=20 release page for this project is atypical. The 'archival' section in the=20 "Invoking 'guix lint'" chapter (9.8) indicates that the Software=20 Heritage will pick up the source at some point in the future. # Guix Style output (Minor repair) The tool made some reasonable-looking changes. I'm not sure if it would=20 be appropriate for me to add a new patch to this thread that applies=20 these changes. # Runs in a container with minimal inputs This package wants to use QEMU, and my machine is already a Xen guest. I=20 know that there are some complications when it comes to nested=20 virtualization. The demo script (at #$output/share/doc/passt/demo.sh)=20 did not "just work" for me, but it's not clear to me that this is a=20 problem with the package. I tried running it with the following: ``` $ # Extra inputs are for the shell script $ ./pre-inst-env guix shell -C iproute2 coreutils util-linux-with-udev=20 passd [env]$=20 /gnu/store/wgzlv2chrxmk4y4m4fxx8g7x0z59cb98-passt-2023_12_30.f091893/share/= doc/passt/demo.sh ``` From unknown Sun Jun 22 07:37:59 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#69131] [PATCH 2/2] gnu: podman: Update to 4.9.3. Resent-From: Skyler Ferris Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Fri, 16 Feb 2024 03:05:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 69131 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 69131@debbugs.gnu.org Received: via spool by 69131-submit@debbugs.gnu.org id=B69131.170805267025746 (code B ref 69131); Fri, 16 Feb 2024 03:05:01 +0000 Received: (at 69131) by debbugs.gnu.org; 16 Feb 2024 03:04:30 +0000 Received: from localhost ([127.0.0.1]:57717 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1raoWb-0006hB-5V for submit@debbugs.gnu.org; Thu, 15 Feb 2024 22:04:29 -0500 Received: from mail-4316.protonmail.ch ([185.70.43.16]:46425) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1raoWY-0006gx-Hx for 69131@debbugs.gnu.org; Thu, 15 Feb 2024 22:04:27 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail3; t=1708052641; x=1708311841; bh=pjfVKGe+O/5FChCJ9b7qJMzQh/hZn7aKMI/f3fD3SiQ=; h=Date:To:From:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=LEzSBXDGptd/ZsDSoB13M1+CtNGCBvLLc9Q7uDXbwEUrO1YlnfmtWHWTMZa+z9Zc1 op0r5JDVHBj7Q3LDhWOqbV+vAz8Pb/0qqCuXZAD6WmaqJ5z6/A6NpGCm5FZOQwc53I 22GZqE1N/SQz/l5SBr+W1oarhSqCgawWPqiGQiL53NL4PO6OFGJM9I+LukX6L4CLiY ClNlH1NqFU+gLtkDBXsvhKnfVYkXRFKHtJUXW5MyrpuRHEDwNHRcUzIl2l58fV5TDy PvHJvoZ0Zv+qHdfutUd0e2I2fjkdqD7sy6ZydVmBumj06CsTf42NG48ScdI/jvjI9F dFHgg3byQ+/IA== Date: Fri, 16 Feb 2024 03:03:46 +0000 From: Skyler Ferris Message-ID: <72fb933f-f28f-459b-88fc-ee3dc7581def@protonmail.com> In-Reply-To: <564fa27db3acf9ab25ebb8887023c34a0f41930c.1707938222.git.~@wolfsden.cz> References: <564fa27db3acf9ab25ebb8887023c34a0f41930c.1707938222.git.~@wolfsden.cz> Feedback-ID: 40635331:user:proton MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -1.9 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.9 (--) "Update podman" review notes: The following checklist is based on the items listed in the manual (22.7=20 "Submitting Patches"). Each checklist item may have one of the following=20 statuses: C: Commitable. This item looks as expected for a final commit. CC: Commitable with Context. Like commitable, but some notes have been=20 added providing context about anything notable or unusual. These notes=20 are provided for transparency or to set expectations for the committer=20 and should not be interpreted as meaning that I object to the patch. MR: Minor Repair. There is something about the patch which I think=20 should ideally be changed, but I do not think that the commit should be=20 held up for this reason alone. A: Attention. Something in the patch needs attention from the author,=20 the committer, or both. Resolving the matter may or may not require a=20 change to the patch. Blank: I did not review this aspect of the patch. [CC] Applies cleanly (commit bd87416648929f38c0173f047776d7675ea8a10d,=20 after applying the previous commit in this series) [CC] Cryptographic hash [C ] Synopsis & Description [C ] Package license matches source license [C ] No compiler warnings [CC] `guix lint` output [CC] `guix style` output [C ] Package builds (my host is an x86_64 Xen guest) [=C2=A0 ] Builds for other architectures [=C2=A0 ] No bundled software [CC] Works in container with minimal inputs [C ] `guix size` output [CC] Dependent packages (`guix refresh --list-dependent PACKAGE`) [C ] `guix build --rounds=3D2` [C ] Gender-neutral wording [C ] One set of related changes [=C2=A0 ] Simulated guix pull # Applies Cleanly Git reported that there were some "whitespace errors" due to spaces=20 before tabs. This is because the commit includes a new patch and the=20 patch applies to a file that uses tabs. The diff format requires that a=20 space appears before the tabs, so this error is erroneous. # Cryptographic hash A key with a fingerprint of 968479a1aff927e37d1a566bb5690eeebb952194=20 verified a checkout that hashes to the same value as found in the=20 package. This key is listed on the Ubuntu keyserver=20 (https://keyserver.ubuntu.com/pks/lookup?search=3DB5690EEEBB952194&fingerpr= int=3Don&op=3Dindex)=20 with two signatures from other keys. One of them is a key that only has=20 a self-signature, the other has a large number of other signatures and=20 claims to belong to Andy Brody=20 (https://keyserver.ubuntu.com/pks/lookup?op=3Dvindex&search=3D0xc7090b1a5f5= 7cdc5).=20 The key was not found on the OpenPGP keyserver. The only UID attached to=20 the key is "GitHub ", implying that the GitHub=20 server is ultimately responsible for maintaining source integrity. # guix lint output Guix lint reports 2 issues neither of which require action. It states that the new version is "probably vulnerable to=20 CVE-2022-2989". However, the discussion at=20 https://bugzilla.redhat.com/show_bug.cgi?id=3D2121445 indicates that fix=20 is implemented by=20 https://github.com/containers/podman/pull/15696/commits/21540161f20daffd884= eba99b2cc31373c9a0ec4.=20 My copy of the checkout contains commit=20 d82a41687e614d9ac8b2d169dee47fe226835e4c which has an identical diff. It also states that line 396 is too long, but this is due to a long=20 string which consists of a single "word" (a path). # guix style output The tool wants to change the formatting of the majority of lines in this=20 package, which were not changed in this patch, leading to a much larger=20 diff than what has been submitted. # Container with minimal inputs I ran the following command: ``` $ ./pre-inst-env guix shell -C podman -- podman ps ``` This caused podman to print 2 warnings and 1 error in addition to the=20 header line for containers (as I do not have any containers on my=20 system, I expected the remaining output to be blank). The warnings &=20 error were related to "/" not being a shared mount (it's not) and=20 operating in rootless mode (the output made sense based on rootless.md=20 in the root of the repository). # Dependent packages There is one dependent package, distrobox, which continues to build=20 successfully after applying this patch. From unknown Sun Jun 22 07:37:59 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#69131] [PATCH v2 2/2] gnu: podman: Update to 4.9.3. Resent-From: Tomas Volf <~@wolfsden.cz> Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Fri, 16 Feb 2024 21:16:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 69131 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 69131@debbugs.gnu.org Cc: Tomas Volf <~@wolfsden.cz> Received: via spool by 69131-submit@debbugs.gnu.org id=B69131.170811810330161 (code B ref 69131); Fri, 16 Feb 2024 21:16:02 +0000 Received: (at 69131) by debbugs.gnu.org; 16 Feb 2024 21:15:03 +0000 Received: from localhost ([127.0.0.1]:60275 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rb5Xy-0007oI-I6 for submit@debbugs.gnu.org; Fri, 16 Feb 2024 16:15:03 -0500 Received: from wolfsden.cz ([37.205.8.62]:47970) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <~@wolfsden.cz>) id 1rb5Xu-0007m3-3w for 69131@debbugs.gnu.org; Fri, 16 Feb 2024 16:15:01 -0500 Received: by wolfsden.cz (Postfix, from userid 104) id 0201628D97A; Fri, 16 Feb 2024 21:14:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1708118078; bh=p4WRWDCdJ/Nk7Z8UR73g0L6KqtCm5c5pZFhfx2fBVdM=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=sak+vZlR0+0RPEqZj8rNDKTPI4Tvjjem0rLSvWWdB7o71YgaUAX/mWlh+ssUVm/57 tA+ALD5nH1cWaOkwC85ZO2NREE4CROQisTmJJed9LIfPV/VNjUtGpWzypuDWAvZwSb YQmDGMfSXFZI2wcsuF9JfenPm4g5+fUuMQIz7mLBj3Ht/dMShrfwYuXXfs4Uj6aJLD 99AukAwtyXNKAq0B8TUmaVsCTG2ljBMXeeBRcoqd5cS2UNPcxEySjji54/kvRIYTKU ZLMMwPtr5d4Lwdl+QMdHn49JAG0SOvqxY2CKiw5BIKiK86k6LfNtr6+3Gug60A7pLG DAdGfnloTnE0+LO0QBnWZ7K6wEFv3UC6/u2qjvdXiPlCAzUMYOrK6yxDbPFu+1LJQ5 ykN+RCJAMUUYC4PnH0HKmWjRr0W3/to5lnDNs9cB8UKAekGHKkkj+d9g8e6j2CTbTv hZLNHa60a19hTlV7xBJKSuDA6TqtZ3c4Yz+AHPzLmjqjVtXQxp0ZOsDNrldTQ4Yjrk fMzlqmUIKUEwyFLljVZjJMqdv7/RKUM0vH467uVXuGP9EiIKTv7TCjbIfZ94CmVhm+ Vvj3Lgx2E2JqnU2Wc24GSa+s+ok1u+jefRwbfL7XbMpE3VXVkz0u/RI3EhwARC1y5M dTVVLHCNlC3DEPcmrAFOaGxM= X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on wolfsden X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,T_SCC_BODY_TEXT_LINE, URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 Received: from localhost (unknown [193.32.127.177]) by wolfsden.cz (Postfix) with ESMTPSA id 217D628EE1B; Fri, 16 Feb 2024 21:14:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1708118077; bh=p4WRWDCdJ/Nk7Z8UR73g0L6KqtCm5c5pZFhfx2fBVdM=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=nTV2EFDnXWRHuk6UipuiOboaz0yTVY9Z+sQpu2b0/YPLlNDJln8u/xqkYf6/KpPvH R45RIfGaskp2KC38WlmHLgcb2Rdlj8LA81kExEAUF9+LDIYaMGoLeZk1TJww7Lb4GM zZ/zDHLl4HoHNB0dH0r4u17fqP8RfLmJHOJcu2+kNTi6ht18c3QHSkVhXaDZWw9H0g 6eyRpkKF5bSor2bvjHNni9Y6Yp61OWuXN1ZV/0JDP7f1WgBSD5zq1QS86Uj897Ka6S fwHpf32/spmz9Dx8c7vl9dG9ChKFDeQAzjolW+H1bbS5+8GqzIckmbCCrT7ot2jZR8 L5Biy1hB7EBixiPRGOvYkpSQ+G9NEhbM4EXHpov83Y+mIn8iQ3bls5Xmzy/u/WQRyu ZUcVsdPnx0DN2IMyYnxXcBrwC6GIhw+6K4Tahi02/FTp7S9unZjnqI9J8NEgt1Jjd4 e9WwM8MydzBrXypCKPgWmKFRAjFSp3jdY7He92rwI4hQ5mwWe0op21JymKMWQbl7o0 tbRBo2kzXMsjxsY7NhNnV6z9NGfvA50kM65n1Us+xvYQlKDmYFns/+pwcbW7fQnMsv Lz+bjP4839hOs4MUoMf5xlPzDOf377D36o+tkJSdQHNdBHgaD2DMmSFWV1OaHLiNJ0 T5A1fy69C04kKCkYLtKJfmGA= From: Tomas Volf <~@wolfsden.cz> Date: Fri, 16 Feb 2024 22:14:27 +0100 Message-ID: X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -1.9 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.9 (--) * gnu/packages/containers.scm (podman): Update to 4.9.3. * gnu/packages/patches/podman-Modify-search-for-binaries-to-fit-Guix-model.patch: New patch. * gnu/local.mk (dist_patch_DATA): Register it. Change-Id: If764e8456a697d16b76cd4ba1243cc5f633a6049 --- gnu/local.mk | 1 + gnu/packages/containers.scm | 24 ++-- ...earch-for-binaries-to-fit-Guix-model.patch | 120 ++++++++++++++++++ 3 files changed, 137 insertions(+), 8 deletions(-) create mode 100644 gnu/packages/patches/podman-Modify-search-for-binaries-to-fit-Guix-model.patch diff --git a/gnu/local.mk b/gnu/local.mk index becca7dd56..ddc14acb9c 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1786,6 +1786,7 @@ dist_patch_DATA = \ %D%/packages/patches/plasp-fix-normalization.patch \ %D%/packages/patches/plasp-include-iostream.patch \ %D%/packages/patches/pocketfft-cpp-prefer-preprocessor-if.patch \ + %D%/packages/patches/podman-Modify-search-for-binaries-to-fit-Guix-model.patch \ %D%/packages/patches/pokerth-boost.patch \ %D%/packages/patches/ppsspp-disable-upgrade-and-gold.patch \ %D%/packages/patches/procps-strtod-test.patch \ diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm index 5b79e8a446..b16ea26341 100644 --- a/gnu/packages/containers.scm +++ b/gnu/packages/containers.scm @@ -342,7 +342,7 @@ (define-public cni-plugins (define-public podman (package (name "podman") - (version "4.4.1") + (version "4.9.3") (source (origin (method git-fetch) @@ -353,8 +353,11 @@ (define-public podman ;; FIXME: Btrfs libraries not detected by these scripts. (snippet '(substitute* "Makefile" ((".*hack/btrfs.*") ""))) + (patches + (search-patches + "podman-Modify-search-for-binaries-to-fit-Guix-model.patch")) (sha256 - (base32 "0qbr6rbyig3c2hvdvmd94jjkg820hpdz6j7dgyv62dl6wfwvj5jj")) + (base32 "17g7n09ndxhpjr39s9qwxdcv08wavjj0g5nmnrvrkz2wgdqigl1x")) (file-name (git-file-name name version)))) (build-system gnu-build-system) @@ -381,10 +384,11 @@ (define-public podman (invoke "make" "remotesystem")))) (add-after 'unpack 'fix-hardcoded-paths (lambda _ - (substitute* (find-files "libpod" "\\.go") - (("exec.LookPath[(][\"]slirp4netns[\"][)]") - (string-append "exec.LookPath(\"" - (which "slirp4netns") "\")"))) + (substitute* "vendor/github.com/containers/common/pkg/config/config.go" + (("@SLIRP4NETNS_DIR@") + (string-append #$slirp4netns "/bin")) + (("@PASST_DIR@") + (string-append #$passt "/bin"))) (substitute* "hack/install_catatonit.sh" (("CATATONIT_PATH=\"[^\"]+\"") (string-append "CATATONIT_PATH=" (which "true")))) @@ -414,11 +418,12 @@ (define-public podman libassuan libseccomp libselinux + passt slirp4netns)) (native-inputs (list bats git - go-1.19 + go-1.21 ; strace ; XXX debug pkg-config python)) @@ -427,7 +432,10 @@ (define-public podman (description "Podman (the POD MANager) is a tool for managing containers and images, volumes mounted into those containers, and pods made from groups of -containers.") +containers. + +The @code{machine} subcommand is not supported due to gvproxy not being +packaged.") (license license:asl2.0))) (define-public buildah diff --git a/gnu/packages/patches/podman-Modify-search-for-binaries-to-fit-Guix-model.patch b/gnu/packages/patches/podman-Modify-search-for-binaries-to-fit-Guix-model.patch new file mode 100644 index 0000000000..27a9421285 --- /dev/null +++ b/gnu/packages/patches/podman-Modify-search-for-binaries-to-fit-Guix-model.patch @@ -0,0 +1,120 @@ +From 914aed3e04f71453fbdc30f4287e13ca3ce63a36 Mon Sep 17 00:00:00 2001 +From: Tomas Volf <~@wolfsden.cz> +Date: Wed, 14 Feb 2024 20:02:03 +0100 +Subject: [PATCH] Modify search for binaries to fit Guix model + +Podman basically looked into the $PATH and into its libexec. That does not fit +Guix's model very well, to an additional option to specify additional +directories during compilation was added. + +* pkg/rootless/rootless_linux.go +(tryMappingTool): Also check /run/setuid-programs. +* vendor/github.com/containers/common/pkg/config/config.go +(extraGuixDir): New function. +(FindHelperBinary): Use it. +* vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go +(guixLookupSetuidPath): New function. +(Start): Use it. +--- + pkg/rootless/rootless_linux.go | 3 +++ + .../containers/common/pkg/config/config.go | 23 +++++++++++++++++++ + .../storage/pkg/unshare/unshare_linux.go | 14 +++++++++-- + 3 files changed, 38 insertions(+), 2 deletions(-) + +diff --git a/pkg/rootless/rootless_linux.go b/pkg/rootless/rootless_linux.go +index d303c8b..0191d90 100644 +--- a/pkg/rootless/rootless_linux.go ++++ b/pkg/rootless/rootless_linux.go +@@ -102,6 +102,9 @@ func tryMappingTool(uid bool, pid int, hostID int, mappings []idtools.IDMap) err + idtype = "setgid" + } + path, err := exec.LookPath(tool) ++ if err != nil { ++ path, err = exec.LookPath("/run/setuid-programs/" + tool) ++ } + if err != nil { + return fmt.Errorf("command required for rootless mode with multiple IDs: %w", err) + } +diff --git a/vendor/github.com/containers/common/pkg/config/config.go b/vendor/github.com/containers/common/pkg/config/config.go +index 75b917f..ed2f131 100644 +--- a/vendor/github.com/containers/common/pkg/config/config.go ++++ b/vendor/github.com/containers/common/pkg/config/config.go +@@ -1102,6 +1102,24 @@ func findBindir() string { + return bindirCached + } + ++func extraGuixDir(bin_name string) string { ++ if (bin_name == "slirp4netns") { ++ return "@SLIRP4NETNS_DIR@"; ++ } else if (bin_name == "pasta") { ++ return "@PASST_DIR@"; ++ } else if (strings.HasPrefix(bin_name, "qemu-")) { ++ return "@QEMU_DIR@"; ++ } else if (bin_name == "gvproxy") { ++ return "@GVPROXY_DIR@"; ++ } else if (bin_name == "netavark") { ++ return "@NETAVARK_DIR@"; ++ } else if (bin_name == "aardvark-dns") { ++ return "@AARDVARK_DNS_DIR@"; ++ } else { ++ return ""; ++ } ++} ++ + // FindHelperBinary will search the given binary name in the configured directories. + // If searchPATH is set to true it will also search in $PATH. + func (c *Config) FindHelperBinary(name string, searchPATH bool) (string, error) { +@@ -1109,6 +1127,11 @@ func (c *Config) FindHelperBinary(name string, searchPATH bool) (string, error) + bindirPath := "" + bindirSearched := false + ++ if dir := extraGuixDir(name); dir != "" { ++ /* If there is a Guix dir, skip the PATH search. */ ++ dirList = append([]string{dir}, dirList...) ++ } ++ + // If set, search this directory first. This is used in testing. + if dir, found := os.LookupEnv("CONTAINERS_HELPER_BINARY_DIR"); found { + dirList = append([]string{dir}, dirList...) +diff --git a/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go b/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go +index a8dc1ba..0b0d755 100644 +--- a/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go ++++ b/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go +@@ -26,6 +26,16 @@ import ( + "github.com/syndtr/gocapability/capability" + ) + ++func guixLookupSetuidPath(prog string) (string, error) { ++ path, err := exec.LookPath(prog) ++ if err != nil { ++ path, err = exec.LookPath("/run/setuid-programs/" + prog) ++ } ++ return path, err ++} ++ ++ ++ + // Cmd wraps an exec.Cmd created by the reexec package in unshare(), and + // handles setting ID maps and other related settings by triggering + // initialization code in the child. +@@ -237,7 +247,7 @@ func (c *Cmd) Start() error { + gidmapSet := false + // Set the GID map. + if c.UseNewgidmap { +- path, err := exec.LookPath("newgidmap") ++ path, err := guixLookupSetuidPath("newgidmap") + if err != nil { + return fmt.Errorf("finding newgidmap: %w", err) + } +@@ -297,7 +307,7 @@ func (c *Cmd) Start() error { + uidmapSet := false + // Set the UID map. + if c.UseNewuidmap { +- path, err := exec.LookPath("newuidmap") ++ path, err := guixLookupSetuidPath("newuidmap") + if err != nil { + return fmt.Errorf("finding newuidmap: %w", err) + } +-- +2.41.0 + -- 2.41.0 From unknown Sun Jun 22 07:37:59 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#69131] [PATCH v2 1/2] gnu: Add passt. References: In-Reply-To: Resent-From: Tomas Volf <~@wolfsden.cz> Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Fri, 16 Feb 2024 21:16:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 69131 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 69131@debbugs.gnu.org Cc: Tomas Volf <~@wolfsden.cz> Received: via spool by 69131-submit@debbugs.gnu.org id=B69131.170811810430239 (code B ref 69131); Fri, 16 Feb 2024 21:16:02 +0000 Received: (at 69131) by debbugs.gnu.org; 16 Feb 2024 21:15:04 +0000 Received: from localhost ([127.0.0.1]:60277 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rb5Xz-0007qM-E7 for submit@debbugs.gnu.org; Fri, 16 Feb 2024 16:15:04 -0500 Received: from wolfsden.cz ([37.205.8.62]:47962) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <~@wolfsden.cz>) id 1rb5Xt-0007m1-Pf for 69131@debbugs.gnu.org; Fri, 16 Feb 2024 16:15:01 -0500 Received: by wolfsden.cz (Postfix, from userid 104) id 5071128DC96; Fri, 16 Feb 2024 21:14:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1708118076; bh=i6exJCvUROW3IdpnWD2FoCqpgmpoU323dH3eQxMqQE8=; h=From:To:Cc:Subject:Date; b=OCoccCKR/JXkYkrnpUP3UZ89UPoRIvCMXUkFeUhsExFmEyvmxZVWgrjJOdHOaWNDj w2KYsV8hph+AHxW3y27vpfxz3USvHsGNIj/jiIFWuf3bKOtp11oa0m1fKqt3ZtmQb4 hHs9i6MUeX914qKMDrScRev0BRXe52EaeSMJOLASDu6YpPe71fjC0bAPaibUyB0vVb cZupQ4wlkyZE8QZuYsgBu+Jgo8lEeY+Dk6fZQ6pcomn0vQgl68vb1q9sdiqtsvskbl oFMhh3t9G1qZkZ8ZlsmJP+A/uKVKuiEThnnZJeOHJ/WiuUb90QzoYdJKhi1dDXoj6u 2G3ea2lALSyTCHE0GMMzW7EdrDJL03vhyeUWFjnCA1wkCGpmZR6Mr1Eds/BUhl8lQf sgcPiI/kXJU6yuf4AoujNinFvKriqR6YF7GTGH8B7sm47s8DvFkBdLjLag52V9zyGX ELLxfgMovfGTOsWsRu4A4yeoKhfPxSzPbLTxONTePEhtss/+GFSMM6Dfu8fsWTJSEZ VrT/P0idtzKNX9U6HtvYSwCrHA5uXvkqUFeqm5MGA9nJ3dmF1VTvw25MWZhEYeJHIQ p1pxbbUggXI44ot2iNvI57OHICVh3CU/olmUIFh9GaNsV6tS/mkUvsWzsCJCNSoAow YTwHX6yB9oht4HOXqyVrSpRU= X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on wolfsden X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,PDS_OTHER_BAD_TLD, T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 Received: from localhost (unknown [193.32.127.177]) by wolfsden.cz (Postfix) with ESMTPSA id 6C97528DBFE; Fri, 16 Feb 2024 21:14:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1708118075; bh=i6exJCvUROW3IdpnWD2FoCqpgmpoU323dH3eQxMqQE8=; h=From:To:Cc:Subject:Date; b=MKtDMIfQkH7N1lsLAeeUCZJLuX5hEw+9DHPb6zUm/hll8xBvki2um5ue8b1fvmXYa UsB/++S2dOEbOHE15xu6mmhM59RXFAiP2S7NpJhmvPQoIe0lVWaG0rznW4qwDHi+MF UnV6Egtx0UpTBesLSeoiidhCQLQrLH+pxNJ2xY3Q+W30Cafph4aUN+9A70QQAIQe0o NYhF2mCZCIBV/7v9qoArZIZVNomOahmNR0HPvmjwTX9+ZMmhhZIWycqoSihcChFNwB J2pIkdLxc85pTyc8UuPY6aHbX+HLG04sir+L2hKXtjY9qTfugBDS3gzyFTjf5hrXRM BR/m+F/CMhTiTfAMOSnOlmXJNrWg7eFYRm+sIawUxsMgFCoWp+7WgmaOp4L2XjLOrZ 0MnpX3EPV2PlpFhP5R+teu82wOK64UErBGh1fPsPSziUjpqfTecQTxeh7rqOY5OHV1 2yhTKa//O+nutLo7XcVYY1hq7eUEcZYbtoR5co3j8f4fljfr9Dax7Icw7xsagy1CB+ CbNlhzvTnPte91DOgowp/W/55J5W1CayAbr9bLOVspxjffQ7/vQioDCGnZKBIlOOtD vmyIHqNDLfLCmVdynd+SvmvjugRYnDwUkX5Kyev8EOCpSsunVNnemg4CoydkLY7MDE QZe9l2AQB32lvsRrFZAQjS6Y= From: Tomas Volf <~@wolfsden.cz> Date: Fri, 16 Feb 2024 22:14:26 +0100 Message-ID: X-Mailer: git-send-email 2.41.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Score: -1.9 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.9 (--) * gnu/packages/containers.scm (passt): New variable. Change-Id: I2ebdd9d4255a89a86fb196568215b74bb61cb3a6 --- gnu/packages/containers.scm | 40 +++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm index 2b5acdc3bc..5b79e8a446 100644 --- a/gnu/packages/containers.scm +++ b/gnu/packages/containers.scm @@ -248,6 +248,46 @@ (define-public slirp4netns network namespaces.") (license license:gpl2+))) +(define-public passt + (package + (name "passt") + (version "2023_12_30.f091893") + (source + (origin + (method url-fetch) + (uri (string-append "https://passt.top/passt/snapshot/passt-" version + ".tar.gz")) + (sha256 + (base32 "1nyd4h93qlxn1r01ffijpsd7r7ny62phki5j58in8gz021jj4f3d")))) + (build-system gnu-build-system) + (arguments + (list + #:make-flags + #~(list (string-append "CC=" #$(cc-for-target)) + "RLIMIT_STACK_VAL=1024" ; ¯\_ (ツ)_/¯ + (string-append "VERSION=" #$version) + (string-append "prefix=" #$output)) + #:tests? #f + #:phases + #~(modify-phases %standard-phases + (delete 'configure)))) + (home-page "https://passt.top") + (synopsis "Plug A Simple Socket Transport") + (description + "passt implements a thin layer between guest and host, that only +implements what's strictly needed to pretend processes are running locally. +The TCP adaptation doesn't keep per-connection packet buffers, and reflects +observed sending windows and acknowledgements between the two sides. This TCP +adaptation is needed as passt runs without the CAP_NET_RAW capability: it +can't create raw IP sockets on the pod, and therefore needs to map packets at +Layer-2 to Layer-4 sockets offered by the host kernel. + +Also provides pasta, which similarly to slirp4netns, provides networking to +containers by creating a tap interface available to processes in the +namespace, and mapping network traffic outside the namespace using native +Layer-4 sockets.") + (license (list license:gpl2+ license:bsd-3)))) + (define-public cni-plugins (package (name "cni-plugins") base-commit: 7142f6df77bfac4fdc8da65a7caae915df945a8b -- 2.41.0 From unknown Sun Jun 22 07:37:59 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#69131] [PATCH 2/2] gnu: podman: Update to 4.9.3. Resent-From: Tomas Volf <~@wolfsden.cz> Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Fri, 16 Feb 2024 21:18:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 69131 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Skyler Ferris Cc: 69131@debbugs.gnu.org Received: via spool by 69131-submit@debbugs.gnu.org id=B69131.17081182328148 (code B ref 69131); Fri, 16 Feb 2024 21:18:01 +0000 Received: (at 69131) by debbugs.gnu.org; 16 Feb 2024 21:17:12 +0000 Received: from localhost ([127.0.0.1]:60284 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rb5a4-00027M-Cl for submit@debbugs.gnu.org; Fri, 16 Feb 2024 16:17:12 -0500 Received: from wolfsden.cz ([37.205.8.62]:34288) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <~@wolfsden.cz>) id 1rb5a0-00027B-Jt for 69131@debbugs.gnu.org; Fri, 16 Feb 2024 16:17:10 -0500 Received: by wolfsden.cz (Postfix, from userid 104) id 1F22328F503; Fri, 16 Feb 2024 21:16:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1708118208; bh=P4rbbImbTn5QwwJZwfb9DhcV6tSTMEOY+JiYrWh/Xv8=; h=From:To:Cc:Subject:In-Reply-To:References:Date; b=vdYCRcFafh+mO+QIfe3AnwpnDHFq0d8gjnxPXG4rPjc3jfj7WBp4ujXq8nrO9XT0b qdVrTVvw85yzZ3M/YbkIQQaqW+pXSoUhonqAGLGHeAjC3SwuVzvHYwUhhMqLk05Mw8 nUsLFz8OOLlWfANqhOKVdWWtk+SECVZh6Hksir/vrXGLNmb9VJJryQE/gUq1ALNEjD wPFmfGu9bVLsAg+LhNjsevNR6O6p4E3hq8p+Odu+afO+Eq6egnkqBWGSCjc6MxHuMk f00C0zgb/tzlUrIjfc0Cnkq4loAhyMYLOI7y/sJXiAVDGLu/vfevbahH6ArmEaUhHl 15CnoY29WB39vVvQNd/TpZdyVoQpov2pO9hMz9a0LF6d/yavLeZw3NMZsV4yEZAotg I3rV33yMcqCiqgYOB/9dlUBu1GR1hLckd9TNCp1eDZf+Jm6AjNWpf+ZzRfq9CnFPUV y7818o/T1GiRGG6mGGprwlRd3S4wzrZoUKDdwzbjO4cgwvKhQ+qoZUDKHgA17ylh8n Djl7WNo5Ug7nBxTtkoil/BSO95zU6apaRiDLVVMSfPz3ZGQq4zARKy1PE3VhUJw/Eo lDgdp/Nilmuq9feEr6ckNhsbG2vx4esytgYOkwOZY1PC1IG5FL9xYTjPBSb9LTHSCZ ktYQd+ytijpKJLGVSTpkCmQs= X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on wolfsden X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,T_SCC_BODY_TEXT_LINE, URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 Received: from localhost (unknown [193.32.127.177]) by wolfsden.cz (Postfix) with ESMTPSA id B2EE228E996; Fri, 16 Feb 2024 21:16:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1708118207; bh=P4rbbImbTn5QwwJZwfb9DhcV6tSTMEOY+JiYrWh/Xv8=; h=From:To:Cc:Subject:In-Reply-To:References:Date; b=a5rbwa5Hb2xEmEfh7/UJ/w986rw2YRGFUhApQkj7hxnfd7H2F6onblp5rIyEBAW5r dpf2g8af0iOMED+iUB5u6ri+ifiHZoSgFJi/W7IsYboJxJdyRkNBG8p16F0fuyiq5t 9/01bkLKpscqPTaRS/W5KidmLQljInnXI/Rb8zNbW5fIL57dCjb1Y4yDnHgjJcHgA9 mCctIgmNcqsXDXI5gRtoG3s+YIe2VzAG1EdRNST8pbjaKtHlMENRtOQo6AHxiLHfdJ V0M/vn97B7UNcSod5gu+WvtuM7vLCgmImrA+qgROeFHMrFB4k8FZ5ZYaq7nreH9d03 cn+wP+hpWXklKWEXHHAJGTVOAh7lZn1vyMhPZVSlKs42yV++1XyI3CVmPaRfwnTfUM GS3fFHYPLvNTp059CIBc6wh9C4loduJNNc8l/X3eiGaairDjZBALegNjIixKWfhDRa +RpFJzF0c/mwBz+v1zKhXsXlTHoEEphotgMooSHHyD5fD/kHrqVImDUUYuxZaroEAo LpDUpfyZb67fudph3yp38WFN6gLhniZ/xtxSbT0h1XaKUzKOy8ZhH2n5HsEpLkRIvq 9LJIJHqDhG1JColQjvwFTfaWbb78z7ejtd/mWItFZP0q71bw8Xd8u+ACwJKoFaQdaT r7xVhcCb7CkeLmFyQMi7txs0= From: Tomas Volf <~@wolfsden.cz> In-Reply-To: <67f55915-ec45-4568-87fc-ebf1e03a07ab@protonmail.com> (Skyler Ferris's message of "Fri, 16 Feb 2024 03:01:46 +0000") References: <564fa27db3acf9ab25ebb8887023c34a0f41930c.1707938222.git.~@wolfsden.cz> <67f55915-ec45-4568-87fc-ebf1e03a07ab@protonmail.com> Date: Fri, 16 Feb 2024 22:16:47 +0100 Message-ID: <8734tsyurk.fsf@wolfsden.cz> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -1.9 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.9 (--) Hi, thanks for the review :) Skyler Ferris writes: > Hi Tomas, > > Thanks for submitting this patch! I am adding some review notes to this > issue in hopes of making the process more efficient for the committer. I > noticed that `guix style` applies some minor changes to the definition > of passt which should ideally be followed, but I don't expect that this > would hold up the commit (and I'm not sure if it would be appropriate or > intrusive to add a new patch to this thread with the style changes > applied). Everything else looks good! I will add a couple more messages > to this thread which contain full notes of items I reviewed, for > transparency and clarity. Please let me know if there is anything I > could do to improve my review process! Only thing I would maybe mention is that as far as I can tell, I did not receive any emails regarding your comments. I am not sure if that is just how debbugs works, but if I did not open the bug for unrelated reasons, I would have never noticed you commented. Have a nice day, Tomas Volf From unknown Sun Jun 22 07:37:59 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#69131] [PATCH 1/2] gnu: Add passt. Resent-From: Tomas Volf <~@wolfsden.cz> Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Fri, 16 Feb 2024 21:21:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 69131 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Skyler Ferris Cc: 69131@debbugs.gnu.org Received: via spool by 69131-submit@debbugs.gnu.org id=B69131.17081184198438 (code B ref 69131); Fri, 16 Feb 2024 21:21:02 +0000 Received: (at 69131) by debbugs.gnu.org; 16 Feb 2024 21:20:19 +0000 Received: from localhost ([127.0.0.1]:60290 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rb5d5-0002C2-32 for submit@debbugs.gnu.org; Fri, 16 Feb 2024 16:20:19 -0500 Received: from wolfsden.cz ([37.205.8.62]:45700) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <~@wolfsden.cz>) id 1rb5d2-0002Bn-7M for 69131@debbugs.gnu.org; Fri, 16 Feb 2024 16:20:17 -0500 Received: by wolfsden.cz (Postfix, from userid 104) id C073828EF94; Fri, 16 Feb 2024 21:19:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1708118395; bh=Nt9RCIASCAMGryDsHwITJhS7nSpdIQwIgCbu2XlBoT0=; h=From:To:Cc:Subject:In-Reply-To:References:Date; b=XfrSnpPn7Si8JEafupj6vS31xwsA9+N7XKFqbhyNhzaELggJuDyqd4amOunUs+yQN 1ehBnmX8+oIWNHju3Gbz6ERGSDYV4KjyuKR5VAQrwcvMwp5PS8WdbyG47kbFehMinM ZzLIXFMpaUgjDfi6dAGougHq1Om8eGpcas4OdohqRuV9s+4BzNiFurOopV7E9gFzYE defgpyT/lRqKLHuJKSI8JI9CpxE6RxrwUhUXHA1bf91wsRpYmBsj75qy5Ipkemh7S5 iJp+pSgf1tO5StJdhb9uToBpHN3wtMHNFWGud2UhfdR+oDRSNCmmVL8PSblikZ6yd8 w1cthq4/PocQffr7KzFif9N2QTgeG83zzrtikvkKx96WUoXAkIPFISoMBKn7lMvUbz +ZodGdHDnfR/NEpVvpgdRtF1BnotUp9B6H1+0d3bXy/6nIIcNgyuQpedq2h1gJRuq3 KxNry1sYZldgibJLUzYKC/JLm9tkGwcX2YR9IzkmII/6sX9VaPBo1bPumT6vKCxG8k 3h/5wVWeO3rrWw4ETwFBQTLNRcATajATJeAgTrC+VoBx4QaqxBlNOKaEmf0Q7Ii3jr 5gOhvWVcwChb1r/JPdPpQFIjNjsewCO+NQ3yGAU8Ol9EFxzfV2WdPApVEQimZCkEJa T9M9HXrS9L/X0tDLc+BLXZqw= X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on wolfsden X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,T_SCC_BODY_TEXT_LINE, URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 Received: from localhost (unknown [193.32.127.177]) by wolfsden.cz (Postfix) with ESMTPSA id C9FCA28DA70; Fri, 16 Feb 2024 21:19:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1708118394; bh=Nt9RCIASCAMGryDsHwITJhS7nSpdIQwIgCbu2XlBoT0=; h=From:To:Cc:Subject:In-Reply-To:References:Date; b=TVcqISC1S8fn7gFyoTZ/madtMwM7IFtRbW5LOIbLPnmeZZtCssJOUcDfUVZ3BdhCh G4Gl2rTs41p7fnwiW8O4ICsAQJSAEPXF1xxo34Sqk87m79FzcK/LHt3ebZaBOFsb2/ z/tah+4JVFd1lpPjO1YPdyCmlJqMaGa8W4uuUO42nPo5IZTa4ap6D3JBUIp/18BGSp 2XjcZv3DnsNT2IXcJNYSQyA/fI4FfgJM4tD4VR82EU9PE7LRth8X4vyXwcScSNuB60 G8L7XrCMcbWKjaB3F3VkwGEp6RM//HkmUmBGIp6eJWx9Fi0q0AZfbvoajgCOF8s5Wa Laz8hq1riAcU2Z04mluWSmHV8C1qAJ0uFO5LaM4dsnn+BwJVDbQXWI+OnNku+mhkhc HMoEIg0j6rC5YMgGQL4M7Jtlhk2XQH+EFJtRHupfpIMNFvpcw6vteP5oeTRsMTIKFD r7yY1TWygWmfY/JtVLErovStaJz/WRCGctwlSyHclIiiUwmC5WmjhY96arNJKPU66O Gy1X1l825m5pwRWgweFyQrEwfZ4Npg9MIAE2KMQgD8oNhPtxomWVFz80lJlCduSjld hcbtb5nuQGdUsvmTTva9tIh7RUcjmCdEzDxUDRgZBbZtBgJswz4zADnnGNKGNry84S ntMzPcAXdGohy92IDOrG9LaA= From: Tomas Volf <~@wolfsden.cz> In-Reply-To: <44375893-d991-49cf-a050-68ce493de299@protonmail.com> (Skyler Ferris's message of "Fri, 16 Feb 2024 03:02:43 +0000") References: <44375893-d991-49cf-a050-68ce493de299@protonmail.com> Date: Fri, 16 Feb 2024 22:19:54 +0100 Message-ID: <87zfw0xg1x.fsf@wolfsden.cz> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -1.9 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.9 (--) Skyler Ferris writes: > # Guix Style output (Minor repair) > The tool made some reasonable-looking changes. I'm not sure if it would > be appropriate for me to add a new patch to this thread that applies > these changes. I sent a v2 with some of the style changes applied. It seems that across guix the more common approach is to put (modify-phases) under the #:phases keyword, and I prefer it. In general I do not believe what `guix style' did to the (arguments) let to more readable code, so I left it as it was. I did adjust the (source) and (description) though. > > # Runs in a container with minimal inputs > This package wants to use QEMU, and my machine is already a Xen guest. I > know that there are some complications when it comes to nested > virtualization. The demo script (at #$output/share/doc/passt/demo.sh) > did not "just work" for me, but it's not clear to me that this is a > problem with the package. I tried running it with the following: > > ``` > $ # Extra inputs are for the shell script > $ ./pre-inst-env guix shell -C iproute2 coreutils util-linux-with-udev > passd > [env]$ > /gnu/store/wgzlv2chrxmk4y4m4fxx8g7x0z59cb98-passt-2023_12_30.f091893/share/doc/passt/demo.sh > ``` I tested the pasta binary instead using podman (--network=pasta), since it was the reason I added this package in the first place. It worked. From unknown Sun Jun 22 07:37:59 2025 MIME-Version: 1.0 X-Mailer: MIME-tools 5.505 (Entity 5.505) X-Loop: help-debbugs@gnu.org From: help-debbugs@gnu.org (GNU bug Tracking System) To: Tomas Volf <~@wolfsden.cz> Subject: bug#69131: closed (Re: [bug#69131] [PATCH v2 1/2] gnu: Add passt.) Message-ID: References: <878r30d2iu.fsf@gnu.org> X-Gnu-PR-Message: they-closed 69131 X-Gnu-PR-Package: guix-patches X-Gnu-PR-Keywords: patch Reply-To: 69131@debbugs.gnu.org Date: Sat, 02 Mar 2024 16:27:02 +0000 Content-Type: multipart/mixed; boundary="----------=_1709396822-22528-1" This is a multi-part message in MIME format... ------------=_1709396822-22528-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Your bug report #69131: [PATCH 1/2] gnu: Add passt. which was filed against the guix-patches package, has been closed. The explanation is attached below, along with your original report. If you require more details, please reply to 69131@debbugs.gnu.org. --=20 69131: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D69131 GNU Bug Tracking System Contact help-debbugs@gnu.org with problems ------------=_1709396822-22528-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 69131-done) by debbugs.gnu.org; 2 Mar 2024 16:26:28 +0000 Received: from localhost ([127.0.0.1]:39240 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rgSBw-0005qR-4O for submit@debbugs.gnu.org; Sat, 02 Mar 2024 11:26:28 -0500 Received: from eggs.gnu.org ([209.51.188.92]:45958) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rgSBr-0005qB-Vb for 69131-done@debbugs.gnu.org; Sat, 02 Mar 2024 11:26:27 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rgSBI-0004AR-W7; Sat, 02 Mar 2024 11:25:49 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:Date:References:In-Reply-To:Subject:To: From; bh=qynTYoe+M9lJkxtQhga6FvijLhIREVtzb/sTJMjIMRY=; b=ik36TgS5520wp3Fqg3+s lLh8k2qAO4F+K2CltStItC2D8sZ2mVNJuGIpxbyAVrxGkJcl1O8HeRGiWWt2d2StoBvyhpqFm/kmI YDatkBkJP/Zqbj+wWgWvqklwbBmoyNiNaKDLn3ik4k4oXGdpgloopJCFuG0b2cs7WnUCB4rHos14E VOBC+7uw1wtc9q1EzabzXKWyAdqVMRvG2U2poKz47Zr2ahoK3mE2DUKXWNSV48FlXSqdIxe2HlDfG mlKprbE1SFFVKlUqTieXwgaM6aWCg0iEVoDuwlvpSfWCmZ4/SExeTXDsOOMoQqzI7+cBlVCIJ5KYv drWdORBjepM2lA==; From: =?utf-8?Q?Ludovic_Court=C3=A8s?= To: Tomas Volf <~@wolfsden.cz> Subject: Re: [bug#69131] [PATCH v2 1/2] gnu: Add passt. In-Reply-To: (Tomas Volf's message of "Fri, 16 Feb 2024 22:14:26 +0100") References: Date: Sat, 02 Mar 2024 17:25:29 +0100 Message-ID: <878r30d2iu.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 69131-done Cc: 69131-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Hi, Tomas Volf <~@wolfsden.cz> skribis: > * gnu/packages/containers.scm (passt): New variable. Applied. Tomas Volf <~@wolfsden.cz> skribis: > * gnu/packages/containers.scm (podman): Update to 4.9.3. > * gnu/packages/patches/podman-Modify-search-for-binaries-to-fit-Guix-mode= l.patch: > New patch. > * gnu/local.mk (dist_patch_DATA): Register it. > > Change-Id: If764e8456a697d16b76cd4ba1243cc5f633a6049 Applied. I took the liberty to rename the patch to something shorter, in accordance with =E2=80=98guix lint=E2=80=99. Thanks! Ludo=E2=80=99. ------------=_1709396822-22528-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by debbugs.gnu.org; 14 Feb 2024 19:18:10 +0000 Received: from localhost ([127.0.0.1]:53110 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1raKll-0000pF-OI for submit@debbugs.gnu.org; Wed, 14 Feb 2024 14:18:10 -0500 Received: from lists.gnu.org ([209.51.188.17]:58626) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <~@wolfsden.cz>) id 1raKlj-0000p6-Gl for submit@debbugs.gnu.org; Wed, 14 Feb 2024 14:18:08 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <~@wolfsden.cz>) id 1raKlQ-0003FN-5m for guix-patches@gnu.org; Wed, 14 Feb 2024 14:17:48 -0500 Received: from wolfsden.cz ([37.205.8.62]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <~@wolfsden.cz>) id 1raKlN-0001NY-Hd for guix-patches@gnu.org; Wed, 14 Feb 2024 14:17:47 -0500 Received: by wolfsden.cz (Postfix, from userid 104) id 4842928BE16; Wed, 14 Feb 2024 19:17:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1707938261; bh=aRpdeswe4/hGmnJcesgILefw1XDaq/RCYAl8hHO9c28=; h=From:To:Cc:Subject:Date; b=lBzpsS34EW/oblkGLUkJAzPykO+/abdTUI/Z07CJ+BWl976rgD9HIaYj6QiS5n9yw QYbXthJklXfm477rqgiBLiHwP1zM5Fqo1cYumH1Y8E1TC4yNFtVxwwmtkavrHaoiP7 grMDViH7R1G0DjW1msMJ9Zt6v0kTl4FzvPsvBdt3q6j1GjU8TgKGeAzPny9mgb+djj XZ3LSkxsKSmv78jV3iQMkRkJxP5/dY3424iZyS3cBPmgVkhzMIjcxz6c2nNvHEZkZU n+kQ7+o3h4lGhlT4j5+6g9wOmQwKoRsT7OWQwjcpH6dLRt8n2mwWJiRkDqEQy92B2o SxeQnEk+3+T+sIPYyJuj+SRcgjT8wb5GKKOXXnwwVo4/ugX+GtGapQmZuWea7ebeio 1O5UMdTsIiCDXzEsbN7PJ0pzI9rrP349ZtvFUnd30XgEAdmcyrgjX3E6QeloGnxeXZ 5qe7VMf8q6Znyb+bRHTdMxCPNKKYCe8OVrYBNTbM4VpxISljyic+whJHf5DPU8RS1d OXOnUXJ1fFbB53YVUYQ25ikWmVfFn8KRE5MLCxf5ZN4eL3dR5FGMl1+kFCXIMupSJV Kib+V8mxHcWXA6XfHD9LVQXGxcZ6PkbLfbB15rc0tiyUqfU00Ri7zlCmEQPl1Oipfn 263T90gBVrQroGcf4oiJ16zc= X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on wolfsden X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,PDS_OTHER_BAD_TLD, T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 Received: from localhost (unknown [146.70.134.169]) by wolfsden.cz (Postfix) with ESMTPSA id 385A828C721; Wed, 14 Feb 2024 19:17:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1707938260; bh=aRpdeswe4/hGmnJcesgILefw1XDaq/RCYAl8hHO9c28=; h=From:To:Cc:Subject:Date; b=F4zwGSNPYWV4Bj5hgPZ9blQPC1iYgF3abeOCAq81LcvE5wT7V2utETO7yjEZHlE3l xpoUJ1VxRL3NwqJokma7izuBgf1UkDz5/SskQkaQsyRkbXwIgPs+1u5PjP58FgkzK6 okc7whQ1kPkGaraT8+AG0fyPUAwu94RpdOZYAd98YrukgKiVVfDzQK629OOdk66En0 SbDR25lJGXXhDgarGs9nNl30VfpcNXHCACdXrE91qpZ2sSj2jRwCHYVwmYBjuGqMoU u3M0hZBUdxsAR+/kffSTaq5/FuIHVNpNXcqeZvyuB/LiDNAoltYbN/oOiIme6AIn4p pKxXWT9dq6kxcfzGme+7x86yyJ5FHvzfYgbObbislU7ECgRc8K+s5IPZCMWXEFZ/km eiYM9KPVY7Sh81h15HMAoy99xYwndCZ1So56gNz2CelbNGFyp/XJLA8C2YbfHiHFRU gr4cf5PmNNhDkpcZL5MoGkRLi8+wJ96SnKB54e88jsazbrv10pPHSAgH5aMxdwN1sr 8j4rB4NNbnVGoK8a3iSytxQK4XQ6PIy/Swjte1jc0IGmBQ3OC1Hs6bevCA8wi3+DvW EchE8FccXrYFk+eVg6bgssDRQa07gOO5hT8cZI/B5AW7papZek9T9Xbez/YsMmCJpd gljMcqjTTW0kVM8kbkmAcMYQ= From: Tomas Volf <~@wolfsden.cz> To: guix-patches@gnu.org Subject: [PATCH 1/2] gnu: Add passt. Date: Wed, 14 Feb 2024 20:17:34 +0100 Message-ID: X-Mailer: git-send-email 2.41.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=37.205.8.62; envelope-from=~@wolfsden.cz; helo=wolfsden.cz X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, PDS_OTHER_BAD_TLD=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -3.5 (---) X-Debbugs-Envelope-To: submit Cc: Tomas Volf <~@wolfsden.cz> X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -4.5 (----) * gnu/packages/containers.scm (passt): New variable. Change-Id: I2ebdd9d4255a89a86fb196568215b74bb61cb3a6 --- gnu/packages/containers.scm | 41 +++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm index a3aa9ac1db..5cd81e85a6 100644 --- a/gnu/packages/containers.scm +++ b/gnu/packages/containers.scm @@ -5,6 +5,7 @@ ;;; Copyright © 2022 Michael Rohleder ;;; Copyright © 2023 Zongyuan Li ;;; Copyright © 2023 Ricardo Wurmus +;;; Copyright © 2024 Tomas Volf <~@wolfsden.cz> ;;; ;;; This file is part of GNU Guix. ;;; @@ -259,6 +260,46 @@ (define-public slirp4netns network namespaces.") (license license:gpl2+))) +(define-public passt + (package + (name "passt") + (version "2023_12_30.f091893") + (source (origin + (method url-fetch) + (uri + (string-append + "https://passt.top/passt/snapshot/passt-" version ".tar.gz")) + (sha256 + (base32 + "1nyd4h93qlxn1r01ffijpsd7r7ny62phki5j58in8gz021jj4f3d")))) + (build-system gnu-build-system) + (arguments + (list + #:make-flags + #~(list (string-append "CC=" #$(cc-for-target)) + "RLIMIT_STACK_VAL=1024" ; ¯\_ (ツ)_/¯ + (string-append "VERSION=" #$version) + (string-append "prefix=" #$output)) + #:tests? #f + #:phases + #~(modify-phases %standard-phases + (delete 'configure)))) + (home-page "https://passt.top") + (synopsis "Plug A Simple Socket Transport") + (description "passt implements a thin layer between guest and host, that +only implements what's strictly needed to pretend processes are running +locally. The TCP adaptation doesn't keep per-connection packet buffers, and +reflects observed sending windows and acknowledgements between the two sides. +This TCP adaptation is needed as passt runs without the CAP_NET_RAW +capability: it can't create raw IP sockets on the pod, and therefore needs to +map packets at Layer-2 to Layer-4 sockets offered by the host kernel. + +Also provides pasta, which similarly to slirp4netns, provides networking to +containers by creating a tap interface available to processes in the +namespace, and mapping network traffic outside the namespace using native +Layer-4 sockets.") + (license (list license:gpl2+ license:bsd-3)))) + (define-public cni-plugins (package (name "cni-plugins") base-commit: e9a6c7094822bc859d0694eeaf8f434317219367 -- 2.41.0 ------------=_1709396822-22528-1--