Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:string0:pkgs
incus
incus.spec
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File incus.spec of Package incus
# # spec file for package Incus # # Copyright (c) 2024 Helder Costa, srv@hcosta.io # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # ----------------------------------------------------------------------------------- # This rpm spec file has been developed with inspiration # from the following individuals and their respective works: # # - Aleksa Sarai [https://build.opensuse.org/package/show/home:cyphar:lxc/lxd] # - Reto Gantenbein [https://github.com/ganto/copr-lxc4/blob/master/incus/incus.spec] # - Stéphane Graber [https://github.com/zabbly/incus] # # This rpm spec file endeavors to adhere to the packaging guidelines and # recommendations as outlined in the Linux Containers documentation, # accessible at [https://linuxcontainers.org/incus/docs/main/packaging/]. # ----------------------------------------------------------------------------------- %define _buildshell /bin/bash %define import_path github.com/lxc/incus %define incus_datadir %{_datadir}/incus %define incus_ovmfdir %{incus_datadir}/ovmf %define selinux_version 1.0 Name: incus Version: 6.0.0 Release: 0 Summary: Modern lightweight, system container and virtual machine manager License: Apache-2.0 Group: System/Management URL: https://linuxcontainers.org/incus/ Source: https://linuxcontainers.org/downloads/%{name}/%{name}-%{version}.tar.xz Source1: https://linuxcontainers.org/downloads/%{name}/%{name}-%{version}.tar.xz.asc Source2: %{name}.keyring Source10: %{name}-systemd.socket Source11: %{name}-systemd.service Source12: %{name}-systemd-startup.service Source13: %{name}-systemd-user.socket Source14: %{name}-systemd-user.service Source15: %{name}-systemd-lxcfs.service Source30: %{name}.sysusers Source31: %{name}.sysctl Source32: %{name}-dnsmasq.conf Source33: %{name}.default Source34: %{name}.logrotate Source50: %{name}-selinux.fc Source100: %{name}-example.config BuildRequires: acl BuildRequires: attr BuildRequires: autoconf BuildRequires: automake BuildRequires: bzip2 BuildRequires: dnsmasq BuildRequires: fdupes BuildRequires: git BuildRequires: go >= 1.21 BuildRequires: golang-packaging BuildRequires: help2man BuildRequires: libacl-devel BuildRequires: libcap-devel BuildRequires: liblz4-devel BuildRequires: libtool BuildRequires: make BuildRequires: nftables BuildRequires: patchelf BuildRequires: pkgconfig BuildRequires: pkgconfig(libudev) BuildRequires: pkgconfig(lxc) >= 4.0.0 BuildRequires: pkgconfig(libuv) >= 1.8.0 BuildRequires: qemu-ovmf-x86_64 BuildRequires: rsync BuildRequires: sqlite3-devel >= 3.25 BuildRequires: squashfuse-tools BuildRequires: sysuser-tools BuildRequires: tar BuildRequires: tcl BuildRequires: xz BuildRequires: zstd Requires: acl Requires: attr Requires: ca-certificates Requires: dnsmasq Requires: incus-selinux Requires: incus-client Requires: kernel-base >= 5.4 Requires: logrotate Requires: lxcfs Requires: lxcfs-hooks-lxc Requires: nftables Requires: qemu-x86 >= 8.0 Requires: qemu-ovmf-x86_64 Requires: qemu-img Requires: qemu-hw-usb-redirect Requires: qemu-hw-display-virtio-vga Requires: qemu-hw-display-virtio-gpu Requires: qemu-ui-spice-app Requires: rsync Requires: squashfs Requires: squashfuse-tools Requires: tar Requires: xz Requires: xdelta3 Recommends: criu >= 3.0 Recommends: thin-provisioning-tools Recommends: incus-tools Suggests: btrfsprogs Suggests: lvm2 Suggests: virtiofsd %sysusers_requires %description Incus is a modern, secure and powerful system container and virtual machine manager. It provides a unified experience for running and managing full Linux system inside containers or virtual machines. Incus supports images for a large number of Linux distributions (official Ubuntu images and images provided by the community) and is built around a very powerful, yet pretty simple, REST API. Incus scales from one instance on a single machine to a cluster in a full data center rack, making it suitable for running workloads both for development and in production. %package bash-completion Summary: Modern lightweight, system container and virtual machine manager Group: System/Management BuildArch: noarch Requires: bash-completion Supplements: (%{name}-client and bash-completion) %description bash-completion Incus is a modern, secure and powerful system container and virtual machine manager. It provides a unified experience for running and managing full Linux system inside containers or virtual machines. Incus supports images for a large number of Linux distributions (official Ubuntu images and images provided by the community) and is built around a very powerful, yet pretty simple, REST API. Incus scales from one instance on a single machine to a cluster in a full data center rack, making it suitable for running workloads both for development and in production. This package contains the bash-completion support for %{name}. %package selinux Summary: Modern lightweight, system container and virtual machine manager Group: System/Management BuildArch: noarch BuildRequires: container-selinux BuildRequires: selinux-policy BuildRequires: selinux-policy-devel Requires: %{name} = %{version}-%{release} Requires: container-selinux Requires: selinux-tools %description selinux Incus is a modern, secure and powerful system container and virtual machine manager. It provides a unified experience for running and managing full Linux system inside containers or virtual machines. Incus supports images for a large number of Linux distributions (official Ubuntu images and images provided by the community) and is built around a very powerful, yet pretty simple, REST API. Incus scales from one instance on a single machine to a cluster in a full data center rack, making it suitable for running workloads both for development and in production. This package contains the SELinux policy support for %{name}. %package client Summary: Modern lightweight, system container and virtual machine manager License: Apache-2.0 Group: System/Management Requires: incus-bash-completion %description client Incus is a modern, secure and powerful system container and virtual machine manager. It provides a unified experience for running and managing full Linux system inside containers or virtual machines. Incus supports images for a large number of Linux distributions (official Ubuntu images and images provided by the community) and is built around a very powerful, yet pretty simple, REST API. Incus scales from one instance on a single machine to a cluster in a full data center rack, making it suitable for running workloads both for development and in production. This package contains extra tools provided with %{name}. %package tools Summary: Modern lightweight, system container and virtual machine manager License: Apache-2.0 Group: System/Management Requires: %{name} = %{version}-%{release} Conflicts: lxd-tools %description tools Incus is a modern, secure and powerful system container and virtual machine manager. It provides a unified experience for running and managing full Linux system inside containers or virtual machines. Incus supports images for a large number of Linux distributions (official Ubuntu images and images provided by the community) and is built around a very powerful, yet pretty simple, REST API. Incus scales from one instance on a single machine to a cluster in a full data center rack, making it suitable for running workloads both for development and in production. This package contains extra tools provided with %{name}. - incus-benchmark - A Incus benchmark utility - incus-migrate - A physical to container migration tool - incus-generate - Entry point for all "go:generate" directives used in source code - fuidshift - A tool to map/unmap filesystem uids/gids - lxc-to-incus - A tool to migrate LXC containers to Incus - lxd-to-incus - A tool to migrate an existing LXD environment to Incus %prep %setup -q %build %sysusers_generate_pre %{SOURCE30} %{name} %{name}.conf go clean -cache # Temporary installation paths. export INSTALL_ROOT="$PWD/.install" export INSTALL_INCLUDEDIR="$INSTALL_ROOT/%{_includedir}" export INSTALL_LIBDIR="$INSTALL_ROOT/%{_libdir}/%{name}" # Build as dylibs. export CFLAGS="%{optflags} -fPIC -DPIC" # Temporary install directory which contains all of the dylib deps. export PKG_CONFIG_SYSROOT_DIR="$INSTALL_ROOT" export PKG_CONFIG_PATH="$INSTALL_LIBDIR/pkgconfig" # Using custom CGO_LDFLAGS_ALLOW. export CGO_LDFLAGS_ALLOW="(-Wl,-wrap,pthread_create)|(-Wl,-z,now)" mkdir -p $INSTALL_INCLUDEDIR pushd "vendor/raft" autoreconf -fiv %configure \ --libdir="%{_libdir}/%{name}" \ --disable-static make %{?_smp_mflags} make DESTDIR="$INSTALL_ROOT" install popd pushd "vendor/cowsql" ( autoreconf -fiv %configure \ --libdir="%{_libdir}/%{name}" \ --disable-static make clean make %{?_smp_mflags} make DESTDIR="$INSTALL_ROOT" install ) popd # Find all of the main packages using go-list. readarray -t mainpkgs \ <<<"$(go list -f '{{.Name}}:{{.ImportPath}}' %{import_path}/... | \ awk -F: '$1 == "main" { print $2 }' | \ grep -Ev '^github.com/lxc/incus/(test|shared)')" mkdir bin for mainpkg in "${mainpkgs[@]}" do # All binaries *except* mentioned bellow, will have an incus- prefix. binary="$(basename "$mainpkg")" if ( echo "$binary" | grep -Eqv '^incus.*$|^lxc-to-incus.*$|^lxd-to-incus.*$|^fuidshift.*$' ) then binary="incus-$binary" fi case "$binary" in incus-agent) build_static=1 build_tags="agent,netgo" ;; incus-p2c) build_static=1 build_tags="netgo" ;; *) build_static= build_tags="libsqlite3" ;; esac ( # Link against dylib deps export \ CGO_CFLAGS="-I $INSTALL_INCLUDEDIR" \ CGO_LDFLAGS="-L $INSTALL_LIBDIR" ||: if [ -n "$build_static" ] then CGO_ENABLED=0 go build -ldflags "-extldflags -static" \ -tags "$build_tags" -o "bin/$binary" "$mainpkg" else go build -buildmode=pie \ -tags "$build_tags" -o "bin/$binary" "$mainpkg" fi ) done # Generate manual pages. ( export LD_LIBRARY_PATH="$INSTALL_LIBDIR" mkdir man ./bin/incus manpage man/ ./bin/incusd manpage man/ ) # Use absolute paths as DT_NEEDED entries -- which bypasses the need # for RUNPATH and allows us to set garbage sonames for the vendor/* libraries. ( # A simple check that incus isn't broken. We can't do this after patchelf # because we'd need to chroot(2) into {buildroot} which isn't permitted due # to user namespaces being blocked inside rpmbuild. boo#1138769 export LD_LIBRARY_PATH="$INSTALL_LIBDIR" ./bin/incus version ) for lib in "$INSTALL_LIBDIR"/lib*.so do # Strip off last two version digits. name="$(basename "$(readlink "$lib")" | sed -E 's/\.[0-9]+\.[0-9]+$//')" # Give our libraries unrecognisable DT_SONAME entries. patchelf --set-soname "._INCUS_INTERNAL-$name" "$lib" # Make sure they're executable. chmod +x "$lib" done # Switch to absolute DT_NEEDED for all dylibs we have as well as the main Incus binary. for target in bin/* "$INSTALL_LIBDIR"/lib*.so do case "$(basename "$target")" in incus-agent|incus-p2c) continue ;; *) ;; esac # Drop RPATH in case it got included during builds. patchelf --remove-rpath "$target" # And now replace all the possible DT_NEEDEDs to absolute paths. for lib in "$INSTALL_LIBDIR"/lib*.so do # Strip off last two version digits. name="$(basename "$(readlink "$lib")" | sed -E 's/\.[0-9]+\.[0-9]+$//')" patchelf --replace-needed {,%{_libdir}/%{name}/}"$name" "$target" done done # Final sanity-check during build. pushd bin/ for bin in * do # Ensure that all our binaries are dynamic (except for incus-p2c and # incus-agent, which must be static). boo#1138769 case "$(basename $bin)" in incus-agent|incus-p2c) file "$bin" | grep 'statically linked' ;; *) file "$bin" | grep 'dynamically linked' # Check what they are linked against. ldd "$bin" ;; esac done popd # SELinux policy. mkdir selinux cp -p %{SOURCE50} selinux/%{name}.fc pushd selinux echo 'policy_module(%{name},%{selinux_version})' > %{name}.te make -f %{_datadir}/selinux/devel/Makefile %{name}.pp bzip2 -9 %{name}.pp popd %install export INSTALL_LIBDIR="$PWD/.install/%{_libdir}/%{name}" # Install libraries. install -d -m 0755 %{buildroot}%{_libdir}/%{name} # We can't use install because *.so.$n are symlinks. cp -avt %{buildroot}%{_libdir}/%{name}/ "$INSTALL_LIBDIR"/lib*.so.* # Install binaries. install -d -m 0755 %{buildroot}%{_bindir} install -m 0755 -vp bin/* %{buildroot}%{_bindir}/ # System-wide configuration. install -D -m 0644 %{SOURCE30} %{buildroot}%{_sysusersdir}/%{name}.conf install -D -m 0644 %{SOURCE31} %{buildroot}%{_sysctldir}/40-%{name}.conf install -D -m 0644 %{SOURCE32} %{buildroot}%{_sysconfdir}/dnsmasq.d/40-%{name}.conf install -D -m 0644 %{SOURCE33} %{buildroot}%{_sysconfdir}/default/%{name} install -D -m 0644 %{SOURCE34} %{buildroot}%{_sysconfdir}/logrotate.d/%{name} install -D -m 0644 %{SOURCE100} %{buildroot}%{_sysconfdir}/%{name}/example-config.yml # Run-time directories. install -d -m 0711 %{buildroot}%{_localstatedir}/lib/%{name} install -d -m 0700 %{buildroot}%{_localstatedir}/log/%{name} install -d -m 0700 %{buildroot}%{_sysconfdir}/%{name}/servercerts # Virtual machine support, firmware/UEFI. mkdir -p %{buildroot}%{incus_ovmfdir} ln -s %{_datarootdir}/qemu/ovmf-x86_64-code.bin %{buildroot}%{incus_ovmfdir}/OVMF_CODE.fd ln -s %{_datarootdir}/qemu/ovmf-x86_64-vars.bin %{buildroot}%{incus_ovmfdir}/OVMF_VARS.fd ln -s OVMF_VARS.fd %{buildroot}%{incus_ovmfdir}/OVMF_VARS.ms.fd # Systemd units. install -D -m 0644 %{SOURCE10} %{buildroot}%{_unitdir}/%{name}.socket install -D -m 0644 %{SOURCE11} %{buildroot}%{_unitdir}/%{name}.service install -D -m 0644 %{SOURCE12} %{buildroot}%{_unitdir}/%{name}-startup.service install -D -m 0644 %{SOURCE13} %{buildroot}%{_unitdir}/%{name}-user.socket install -D -m 0644 %{SOURCE14} %{buildroot}%{_unitdir}/%{name}-user.service install -D -m 0644 %{SOURCE15} %{buildroot}%{_unitdir}/%{name}-lxcfs.service # Bash completion. install -D -m 0644 scripts/bash/%{name} %{buildroot}%{_datadir}/bash-completion/completions/%{name} # SELinux policy. install -D -m 0644 -p selinux/%{name}.pp.bz2 %{buildroot}%{_datadir}/selinux/packages/%{name}.pp.bz2 # Install man pages. pushd man/ for man in * do section="${man##*.}" install -D -m 0644 "$man" "%{buildroot}%{_mandir}/man$section/$man" done popd # Stripping executables and libraries. find %{buildroot}%{_bindir} -type f -executable -exec strip {} \; find %{buildroot}%{_libdir} -name "*.so.*" -exec strip --strip-unneeded {} \; # Find and remove duplicates. %fdupes %{buildroot} %pre touch /etc/subuid /etc/subgid ||: grep -q '^root:' /etc/subuid || \ usermod -v 400000000-900000000 root &>/dev/null || \ echo "root:400000000:500000001" >>/etc/subuid ||: grep -q '^root:' /etc/subgid || \ usermod -w 400000000-900000000 root &>/dev/null || \ echo "root:400000000:500000001" >>/etc/subgid ||: %pre selinux %selinux_relabel_pre %post %sysctl_apply 40-%{name}.conf %systemd_post %{name}.socket %systemd_post %{name}.service %systemd_post %{name}-startup.service %systemd_post %{name}-user.socket %systemd_post %{name}.user.service %systemd_post %{name}-lxcfs.service %post selinux %selinux_modules_install %{_datadir}/selinux/packages/%{name}.pp.bz2 %selinux_relabel_post %preun %systemd_preun %{name}.socket %systemd_preun %{name}.service %systemd_preun %{name}-startup.service %systemd_preun %{name}-user.socket %systemd_preun %{name}-user.service %systemd_preun %{name}-lxcfs.service %postun %systemd_postun_with_restart %{name}.socket %systemd_postun_with_restart %{name}.service %systemd_postun_with_restart %{name}-user.socket %systemd_postun_with_restart %{name}-user.service %systemd_postun_with_restart %{name}-lxcfs.service %postun selinux if [ $1 -eq 0 ]; then %selinux_modules_uninstall %{name} %selinux_relabel_post fi %posttrans selinux %selinux_relabel_post %files %defattr(-,root,root) %doc AUTHORS README.md %license COPYING %{_bindir}/%{name}d %{_bindir}/%{name}-user %{_bindir}/%{name}-agent %{_mandir}/man1/%{name}d.* %{_libdir}/%{name} %{_unitdir}/%{name}.socket %{_unitdir}/%{name}.service %{_unitdir}/%{name}-startup.service %{_unitdir}/%{name}-user.socket %{_unitdir}/%{name}-user.service %{_unitdir}/%{name}-lxcfs.service %{incus_datadir} %{_sysusersdir}/%{name}.conf %{_sysctldir}/40-%{name}.conf %config %{_sysconfdir}/%{name}/example-config.yml %config(noreplace) %{_sysconfdir}/dnsmasq.d/40-%{name}.conf %config(noreplace) %{_sysconfdir}/default/%{name} %config(noreplace) %{_sysconfdir}/logrotate.d/%{name} %attr(700,root,root) %dir %{_sysconfdir}/%{name} %attr(700,root,root) %dir %{_sysconfdir}/%{name}/servercerts %attr(700,root,root) %dir %{_localstatedir}/lib/%{name} %attr(711,root,root) %dir %{_localstatedir}/log/%{name} %files bash-completion %attr(-,root,root) %{_datadir}/bash-completion/completions/%{name} %files selinux %attr(0644,root,root) %{_datadir}/selinux/packages/%{name}.pp.bz2 %files client %license COPYING %{_bindir}/%{name} %{_mandir}/man1/%{name}.* %files tools %defattr(-,root,root) %license COPYING %{_bindir}/%{name}-benchmark %{_bindir}/%{name}-migrate %{_bindir}/%{name}-generate %{_bindir}/fuidshift %{_bindir}/lxc-to-%{name} %{_bindir}/lxd-to-%{name} %changelog
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor