slackware-current/source/ap/lxc/get-lxc.sh

#!/bin/sh

# Copyright 2019  Patrick J. Volkerding, Sebeka, Minnesota, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
# permitted provided that the following conditions are met:
#
# 1. Redistributions of this script must retain the above copyright
#    notice, this list of conditions and the following disclaimer.
#
#  THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
#  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
#  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO
#  EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
#  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
#  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
#  OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
#  WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
#  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
#  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

# Pull a stable branch + patches
BRANCH=${1:-stable-2.0}

# Clear download area:
rm -rf lxc

# Clone repository:
git clone git://github.com/lxc/lxc

# checkout $BRANCH:
( cd lxc 
  git checkout $BRANCH || exit 1
)

LXC_MAJOR=$(cd lxc && grep "^m4_define(\[lxc_version_major" configure.ac | cut -f 2 -d ' ' | tr -d ')')
LXC_MINOR=$(cd lxc && grep "^m4_define(\[lxc_version_minor" configure.ac | cut -f 2 -d ' ' | tr -d ')')
LXC_MICRO=$(cd lxc && grep "^m4_define(\[lxc_version_micro" configure.ac | cut -f 2 -d ' ' | tr -d ')')
HEADISAT="$( cd lxc && git log -1 --format=%h )"
DATE="$( cd lxc && git log -1 --format=%cd --date=format:%Y%m%d )"

# Cleanup.  We're not packing up the whole git repo.
( cd lxc && find . -type d -name ".git*" -exec rm -rf {} \; 2> /dev/null )
mv lxc lxc-${LXC_MAJOR}.${LXC_MINOR}.${LXC_MICRO}_${HEADISAT}
tar cf lxc-${LXC_MAJOR}.${LXC_MINOR}.${LXC_MICRO}_${HEADISAT}.tar lxc-${LXC_MAJOR}.${LXC_MINOR}.${LXC_MICRO}_${HEADISAT}
xz -9 -f lxc-${LXC_MAJOR}.${LXC_MINOR}.${LXC_MICRO}_${HEADISAT}.tar
rm -rf lxc-${LXC_MAJOR}.${LXC_MINOR}.${LXC_MICRO}_${HEADISAT}
echo
echo "lxc branch $BRANCH with HEAD at $HEADISAT packaged as lxc-${LXC_MAJOR}.${LXC_MINOR}.${LXC_MICRO}_${HEADISAT}.tar.xz"
echo
Wed Feb 13 00:22:29 UTC 2019 a/kernel-firmware-20190212_28f5f7d-noarch-1.txz: Upgraded. a/kernel-generic-4.19.21-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.21-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.21-x86_64-1.txz: Upgraded. ap/lxc-2.0.9_d3a03247-x86_64-1.txz: Upgraded. This update fixes a security issue where a malicious privileged container could overwrite the host binary and thus gain root-level code execution on the host. As the LXC project considers privileged containers to be unsafe no CVE has been assigned for this issue for LXC. To prevent this attack, LXC has been patched to create a temporary copy of the calling binary itself when it starts or attaches to containers. To do this LXC creates an anonymous, in-memory file using the memfd_create() system call and copies itself into the temporary in-memory file, which is then sealed to prevent further modifications. LXC then executes this sealed, in-memory file instead of the original on-disk binary. For more information, see: https://seclists.org/oss-sec/2019/q1/119 (* Security fix ) d/kernel-headers-4.19.21-x86-1.txz: Upgraded. k/kernel-source-4.19.21-noarch-1.txz: Upgraded. l/libbluray-1.1.0-x86_64-1.txz: Upgraded. l/libcap-2.26-x86_64-2.txz: Rebuilt. Don't ship static library. l/xapian-core-1.4.10-x86_64-1.txz: Upgraded. n/gnupg2-2.2.13-x86_64-1.txz: Upgraded. n/irssi-1.2.0-x86_64-1.txz: Upgraded. n/libassuan-2.5.3-x86_64-1.txz: Upgraded. x/bitmap-1.0.9-x86_64-1.txz: Upgraded. x/libXau-1.0.9-x86_64-1.txz: Upgraded. x/pixman-0.38.0-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 2019-02-13 01:22:29 +01:00			`#!/bin/sh`

			`# Copyright 2019 Patrick J. Volkerding, Sebeka, Minnesota, USA`
			`# All rights reserved.`
			`#`
			`# Redistribution and use of this script, with or without modification, is`
			`# permitted provided that the following conditions are met:`
			`#`
			`# 1. Redistributions of this script must retain the above copyright`
			`# notice, this list of conditions and the following disclaimer.`
			`#`
			# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
			`# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF`
			`# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO`
			`# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,`
			`# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,`
			`# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;`
			`# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,`
			`# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR`
			`# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF`
			`# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.`

			`# Pull a stable branch + patches`
			`BRANCH=${1:-stable-2.0}`

			`# Clear download area:`
			`rm -rf lxc`

			`# Clone repository:`
			`git clone git://github.com/lxc/lxc`

			`# checkout $BRANCH:`
			`( cd lxc`
			`git checkout $BRANCH \|\| exit 1`
			`)`

			`LXC_MAJOR=$(cd lxc && grep "^m4_define(\[lxc_version_major" configure.ac \| cut -f 2 -d ' ' \| tr -d ')')`
			`LXC_MINOR=$(cd lxc && grep "^m4_define(\[lxc_version_minor" configure.ac \| cut -f 2 -d ' ' \| tr -d ')')`
			`LXC_MICRO=$(cd lxc && grep "^m4_define(\[lxc_version_micro" configure.ac \| cut -f 2 -d ' ' \| tr -d ')')`
			`HEADISAT="$( cd lxc && git log -1 --format=%h )"`
Fri Jul 10 00:40:43 UTC 2020 a/kernel-generic-5.4.51-x86_64-1.txz: Upgraded. +EFI_CUSTOM_SSDT_OVERLAYS y a/kernel-huge-5.4.51-x86_64-1.txz: Upgraded. SPEAKUP y -> m SPEAKUP_SYNTH_ACNTPC y -> m SPEAKUP_SYNTH_ACNTSA y -> m SPEAKUP_SYNTH_APOLLO y -> m SPEAKUP_SYNTH_AUDPTR y -> m SPEAKUP_SYNTH_BNS y -> m SPEAKUP_SYNTH_DECEXT y -> m SPEAKUP_SYNTH_DECTLK y -> m SPEAKUP_SYNTH_DTLK y -> m SPEAKUP_SYNTH_DUMMY y -> m SPEAKUP_SYNTH_KEYPC y -> m SPEAKUP_SYNTH_LTLK y -> m SPEAKUP_SYNTH_SOFT y -> m SPEAKUP_SYNTH_SPKOUT y -> m SPEAKUP_SYNTH_TXPRT y -> m +EFI_CUSTOM_SSDT_OVERLAYS y a/kernel-modules-5.4.51-x86_64-1.txz: Upgraded. ap/vim-8.2.1167-x86_64-1.txz: Upgraded. d/Cython-0.29.21-x86_64-1.txz: Upgraded. d/kernel-headers-5.4.51-x86-1.txz: Upgraded. k/kernel-source-5.4.51-noarch-1.txz: Upgraded. +EFI_CUSTOM_SSDT_OVERLAYS y n/gnupg2-2.2.21-x86_64-1.txz: Upgraded. x/mesa-20.1.3-x86_64-1.txz: Upgraded. xap/mozilla-firefox-78.0.2esr-x86_64-1.txz: Upgraded. This release contains a security fix and improvements. For more information, see: https://www.mozilla.org/en-US/firefox/78.0.2/releasenotes/ https://www.mozilla.org/security/advisories/mfsa2020-28/ (* Security fix ) xap/vim-gvim-8.2.1167-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. Speakup is included as modules which will need to be loaded manually, for now at least. kernels/: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. Speakup is included as modules which will need to be loaded manually, for now at least. 2020-07-10 02:40:43 +02:00			`DATE="$( cd lxc && git log -1 --format=%cd --date=format:%Y%m%d )"`
Wed Feb 13 00:22:29 UTC 2019 a/kernel-firmware-20190212_28f5f7d-noarch-1.txz: Upgraded. a/kernel-generic-4.19.21-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.21-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.21-x86_64-1.txz: Upgraded. ap/lxc-2.0.9_d3a03247-x86_64-1.txz: Upgraded. This update fixes a security issue where a malicious privileged container could overwrite the host binary and thus gain root-level code execution on the host. As the LXC project considers privileged containers to be unsafe no CVE has been assigned for this issue for LXC. To prevent this attack, LXC has been patched to create a temporary copy of the calling binary itself when it starts or attaches to containers. To do this LXC creates an anonymous, in-memory file using the memfd_create() system call and copies itself into the temporary in-memory file, which is then sealed to prevent further modifications. LXC then executes this sealed, in-memory file instead of the original on-disk binary. For more information, see: https://seclists.org/oss-sec/2019/q1/119 (* Security fix ) d/kernel-headers-4.19.21-x86-1.txz: Upgraded. k/kernel-source-4.19.21-noarch-1.txz: Upgraded. l/libbluray-1.1.0-x86_64-1.txz: Upgraded. l/libcap-2.26-x86_64-2.txz: Rebuilt. Don't ship static library. l/xapian-core-1.4.10-x86_64-1.txz: Upgraded. n/gnupg2-2.2.13-x86_64-1.txz: Upgraded. n/irssi-1.2.0-x86_64-1.txz: Upgraded. n/libassuan-2.5.3-x86_64-1.txz: Upgraded. x/bitmap-1.0.9-x86_64-1.txz: Upgraded. x/libXau-1.0.9-x86_64-1.txz: Upgraded. x/pixman-0.38.0-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 2019-02-13 01:22:29 +01:00
			`# Cleanup. We're not packing up the whole git repo.`
			`( cd lxc && find . -type d -name ".git*" -exec rm -rf {} \; 2> /dev/null )`
			`mv lxc lxc-${LXC_MAJOR}.${LXC_MINOR}.${LXC_MICRO}_${HEADISAT}`
			`tar cf lxc-${LXC_MAJOR}.${LXC_MINOR}.${LXC_MICRO}_${HEADISAT}.tar lxc-${LXC_MAJOR}.${LXC_MINOR}.${LXC_MICRO}_${HEADISAT}`
			`xz -9 -f lxc-${LXC_MAJOR}.${LXC_MINOR}.${LXC_MICRO}_${HEADISAT}.tar`
			`rm -rf lxc-${LXC_MAJOR}.${LXC_MINOR}.${LXC_MICRO}_${HEADISAT}`
			`echo`
			`echo "lxc branch $BRANCH with HEAD at $HEADISAT packaged as lxc-${LXC_MAJOR}.${LXC_MINOR}.${LXC_MICRO}_${HEADISAT}.tar.xz"`
			`echo`