From 3a9670c0ebee8b88492200a984c95243cb353071 Mon Sep 17 00:00:00 2001
From: Silvano Cirujano Cuesta <silvano.cirujano-cuesta@siemens.com>
Date: Mon, 28 Jan 2019 23:26:51 +0100
Subject: [PATCH] podman 1.0.0-3: replace patch with build flag

Signed-off-by: Silvano Cirujano Cuesta <silvano.cirujano-cuesta@siemens.com>
---
 .../trunk/0001-Revert-SELinux-support.patch   | 159 ------------------
 podman/trunk/PKGBUILD                         |  13 +-
 2 files changed, 4 insertions(+), 168 deletions(-)
 delete mode 100644 podman/trunk/0001-Revert-SELinux-support.patch

diff --git a/podman/trunk/0001-Revert-SELinux-support.patch b/podman/trunk/0001-Revert-SELinux-support.patch
deleted file mode 100644
index 85845b3d135..00000000000
--- a/podman/trunk/0001-Revert-SELinux-support.patch
+++ /dev/null
@@ -1,159 +0,0 @@
-From 0dcc87af0cdd484480e8cc3f968b9e3d44758f15 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Bart=C5=82omiej=20Piotrowski?= <b@bpiotrowski.pl>
-Date: Wed, 23 Jan 2019 08:55:02 +0100
-Subject: [PATCH] Revert SELinux support
-
----
- ostree/ostree_dest.go | 62 +++++--------------------------------------
- 1 file changed, 7 insertions(+), 55 deletions(-)
-
-diff --git a/ostree/ostree_dest.go b/ostree/ostree_dest.go
-index d69f4fa..78b15e5 100644
---- a/ostree/ostree_dest.go
-+++ b/ostree/ostree_dest.go
-@@ -15,32 +15,26 @@ import (
- 	"path/filepath"
- 	"runtime"
- 	"strconv"
--	"strings"
--	"syscall"
- 	"time"
--	"unsafe"
- 
- 	"github.com/containers/image/manifest"
- 	"github.com/containers/image/types"
- 	"github.com/containers/storage/pkg/archive"
- 	"github.com/klauspost/pgzip"
- 	"github.com/opencontainers/go-digest"
--	selinux "github.com/opencontainers/selinux/go-selinux"
- 	"github.com/ostreedev/ostree-go/pkg/otbuiltin"
- 	"github.com/pkg/errors"
- 	"github.com/vbatts/tar-split/tar/asm"
- 	"github.com/vbatts/tar-split/tar/storage"
- )
- 
--// #cgo pkg-config: glib-2.0 gobject-2.0 ostree-1 libselinux
-+// #cgo pkg-config: glib-2.0 gobject-2.0 ostree-1
- // #include <glib.h>
- // #include <glib-object.h>
- // #include <gio/gio.h>
- // #include <stdlib.h>
- // #include <ostree.h>
- // #include <gio/ginputstream.h>
--// #include <selinux/selinux.h>
--// #include <selinux/label.h>
- import "C"
- 
- type blobToImport struct {
-@@ -179,7 +173,7 @@ func (d *ostreeImageDestination) PutBlob(ctx context.Context, stream io.Reader,
- 	return types.BlobInfo{Digest: computedDigest, Size: size}, nil
- }
- 
--func fixFiles(selinuxHnd *C.struct_selabel_handle, root string, dir string, usermode bool) error {
-+func fixFiles(dir string, usermode bool) error {
- 	entries, err := ioutil.ReadDir(dir)
- 	if err != nil {
- 		return err
-@@ -194,42 +188,13 @@ func fixFiles(selinuxHnd *C.struct_selabel_handle, root string, dir string, user
- 			continue
- 		}
- 
--		if selinuxHnd != nil {
--			relPath, err := filepath.Rel(root, fullpath)
--			if err != nil {
--				return err
--			}
--			// Handle /exports/hostfs as a special case.  Files under this directory are copied to the host,
--			// thus we benefit from maintaining the same SELinux label they would have on the host as we could
--			// use hard links instead of copying the files.
--			relPath = fmt.Sprintf("/%s", strings.TrimPrefix(relPath, "exports/hostfs/"))
--
--			relPathC := C.CString(relPath)
--			defer C.free(unsafe.Pointer(relPathC))
--			var context *C.char
--
--			res, err := C.selabel_lookup_raw(selinuxHnd, &context, relPathC, C.int(info.Mode()&os.ModePerm))
--			if int(res) < 0 && err != syscall.ENOENT {
--				return errors.Wrapf(err, "cannot selabel_lookup_raw %s", relPath)
--			}
--			if int(res) == 0 {
--				defer C.freecon(context)
--				fullpathC := C.CString(fullpath)
--				defer C.free(unsafe.Pointer(fullpathC))
--				res, err = C.lsetfilecon_raw(fullpathC, context)
--				if int(res) < 0 {
--					return errors.Wrapf(err, "cannot setfilecon_raw %s", fullpath)
--				}
--			}
--		}
--
- 		if info.IsDir() {
- 			if usermode {
- 				if err := os.Chmod(fullpath, info.Mode()|0700); err != nil {
- 					return err
- 				}
- 			}
--			err = fixFiles(selinuxHnd, root, fullpath, usermode)
-+			err = fixFiles(fullpath, usermode)
- 			if err != nil {
- 				return err
- 			}
-@@ -285,9 +250,7 @@ func generateTarSplitMetadata(output *bytes.Buffer, file string) (digest.Digest,
- 	return digester.Digest(), written, nil
- }
- 
--func (d *ostreeImageDestination) importBlob(selinuxHnd *C.struct_selabel_handle, repo *otbuiltin.Repo, blob *blobToImport) error {
--	// TODO: This can take quite some time, and should ideally be cancellable using a context.Context.
--
-+func (d *ostreeImageDestination) importBlob(repo *otbuiltin.Repo, blob *blobToImport) error {
- 	ostreeBranch := fmt.Sprintf("ociimage/%s", blob.Digest.Hex())
- 	destinationPath := filepath.Join(d.tmpDirPath, blob.Digest.Hex(), "root")
- 	if err := ensureDirectoryExists(destinationPath); err != nil {
-@@ -308,7 +271,7 @@ func (d *ostreeImageDestination) importBlob(selinuxHnd *C.struct_selabel_handle,
- 		if err := archive.UntarPath(blob.BlobPath, destinationPath); err != nil {
- 			return err
- 		}
--		if err := fixFiles(selinuxHnd, destinationPath, destinationPath, false); err != nil {
-+		if err := fixFiles(destinationPath, false); err != nil {
- 			return err
- 		}
- 	} else {
-@@ -317,7 +280,7 @@ func (d *ostreeImageDestination) importBlob(selinuxHnd *C.struct_selabel_handle,
- 			return err
- 		}
- 
--		if err := fixFiles(selinuxHnd, destinationPath, destinationPath, true); err != nil {
-+		if err := fixFiles(destinationPath, true); err != nil {
- 			return err
- 		}
- 	}
-@@ -430,17 +393,6 @@ func (d *ostreeImageDestination) Commit(ctx context.Context) error {
- 		return err
- 	}
- 
--	var selinuxHnd *C.struct_selabel_handle
--
--	if os.Getuid() == 0 && selinux.GetEnabled() {
--		selinuxHnd, err = C.selabel_open(C.SELABEL_CTX_FILE, nil, 0)
--		if selinuxHnd == nil {
--			return errors.Wrapf(err, "cannot open the SELinux DB")
--		}
--
--		defer C.selabel_close(selinuxHnd)
--	}
--
- 	checkLayer := func(hash string) error {
- 		blob := d.blobs[hash]
- 		// if the blob is not present in d.blobs then it is already stored in OSTree,
-@@ -448,7 +400,7 @@ func (d *ostreeImageDestination) Commit(ctx context.Context) error {
- 		if blob == nil {
- 			return nil
- 		}
--		err := d.importBlob(selinuxHnd, repo, blob)
-+		err := d.importBlob(repo, blob)
- 		if err != nil {
- 			return err
- 		}
--- 
-2.20.1
-
diff --git a/podman/trunk/PKGBUILD b/podman/trunk/PKGBUILD
index 9c7cddc68fd..4b58ff62810 100644
--- a/podman/trunk/PKGBUILD
+++ b/podman/trunk/PKGBUILD
@@ -3,7 +3,7 @@
 pkgbase=podman
 pkgname=(podman podman-docker)
 pkgver=1.0.0
-pkgrel=2
+pkgrel=3
 pkgdesc='Tool and library for running OCI-based containers in pods'
 arch=(x86_64)
 url='https://github.com/containers/libpod'
@@ -11,22 +11,17 @@ license=(Apache)
 depends=(cni-plugins conmon device-mapper iptables libseccomp ostree runc skopeo
          btrfs-progs slirp4netns)
 makedepends=(go-pie go-md2man git)
-source=(libpod-$pkgver.tar.gz::$url/archive/v${pkgver}.tar.gz
-        0001-Revert-SELinux-support.patch)
-sha256sums=('f7a462563dd587208eff3c3c0689bc4d01071a8f7933bec2a13126be123f63a8'
-            '441380487cb62895d878084f98210affc30f65c2237c8ee9a1eae1adef7fa566')
+source=(libpod-$pkgver.tar.gz::$url/archive/v${pkgver}.tar.gz)
+sha256sums=('f7a462563dd587208eff3c3c0689bc4d01071a8f7933bec2a13126be123f63a8')
 
 prepare() {
-  patch -p1 -i "$srcdir/0001-Revert-SELinux-support.patch" \
-    -d libpod-$pkgver/vendor/github.com/containers/image
-
   mkdir -p src/github.com/containers src/github.com/varlink
   cp -r libpod-$pkgver src/github.com/containers/libpod
 }
 
 build() {
   export GOPATH="$srcdir"
-  export BUILDTAGS='seccomp ostree varlink'
+  export BUILDTAGS='seccomp ostree varlink containers_image_ostree_stub'
 
   # buildsystem passes LDFLAGS to GO's -ldflags, which isn't really compatible
   unset LDFLAGS
-- 
2.20.1