[gnome-build-meta/valentindavid/snapd: 2/3] Add snapd
- From: Valentin David <valentindavid src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-build-meta/valentindavid/snapd: 2/3] Add snapd
- Date: Fri, 23 Sep 2022 16:38:56 +0000 (UTC)
commit 0af8379eeba926ec081c16ef3662a5c890066b95
Author: Valentin David <me valentindavid com>
Date: Tue Oct 5 20:59:54 2021 +0200
Add snapd
Snapd is only added to the development tree as a developer tool. The
services are not started by default.
To enable snapd run:
```
ln -s /dev/null /etc/systemd/system-preset/50-snapd.preset
ln -s /dev/null /etc/systemd/user-preset/50-snapd.preset
systemctl preset-all
systemctl --global preset-all
ostree admin deploy gnome-os:gnome-os/master/x86_64-devel --karg-append=security=apparmor
```
Then reboot.
elements/vm/deps-devel.bst | 1 +
elements/vm/snapd.bst | 149 ++++++++++++++++++++++++++++++++++++++++
files/snapd/fix-mount-dir.patch | 11 +++
files/snapd/ostree.patch | 11 +++
files/snapd/snapd-user.preset | 1 +
files/snapd/snapd.preset | 4 ++
files/snapd/tmpfiles-snapd.conf | 2 +
7 files changed, 179 insertions(+)
---
diff --git a/elements/vm/deps-devel.bst b/elements/vm/deps-devel.bst
index 483c78faa..c74d86ff1 100644
--- a/elements/vm/deps-devel.bst
+++ b/elements/vm/deps-devel.bst
@@ -12,4 +12,5 @@ depends:
- vm/initramfs.bst
- vm/lxc.bst
- vm/os-release-devel.bst
+- vm/snapd.bst
- vm/toolbox.bst
diff --git a/elements/vm/snapd.bst b/elements/vm/snapd.bst
new file mode 100644
index 000000000..d437c22d3
--- /dev/null
+++ b/elements/vm/snapd.bst
@@ -0,0 +1,149 @@
+kind: autotools
+
+sources:
+- kind: tar
+ url: https://github.com/snapcore/snapd/releases/download/2.57.3/snapd_2.57.3.vendor.tar.xz
+- kind: patch
+ path: files/snapd/fix-mount-dir.patch
+- kind: patch
+ path: files/snapd/ostree.patch
+- kind: local
+ path: files/snapd/tmpfiles-snapd.conf
+- kind: local
+ path: files/snapd/snapd-user.preset
+- kind: local
+ path: files/snapd/snapd.preset
+
+build-depends:
+- freedesktop-sdk.bst:public-stacks/buildsystem-autotools.bst
+- freedesktop-sdk.bst:components/go.bst
+- freedesktop-sdk.bst:components/git-minimal.bst
+- freedesktop-sdk.bst:components/systemd.bst
+
+depends:
+- sdk/glib.bst
+- freedesktop-sdk.bst:components/apparmor.bst
+- freedesktop-sdk.bst:components/libseccomp.bst
+- freedesktop-sdk.bst:snap-images/squashfs-tools.bst
+- freedesktop-sdk.bst:components/systemd-libs.bst
+- freedesktop-sdk.bst:components/xfsprogs.bst
+- freedesktop-sdk.bst:bootstrap-import.bst
+
+environment:
+ GOPATH: "%{build-root}"
+ GO111MODULE: 'off'
+
+variables:
+ mount-dir: '%{localstatedir}/lib/snapd/snap'
+ conf-local: >-
+ --enable-merged-usr
+ --enable-apparmor
+ --disable-selinux
+ --with-snap-mount-dir="%{mount-dir}"
+ --without-unit-tests
+ libexecdir: '%{indep-libdir}/snapd'
+ go-flags: |
+ -buildmode=pie \
+ -ldflags "-s -linkmode external -extldflags '$LDFLAGS'"
+ go-static-flags: |
+ -buildmode=pie \
+ -ldflags "-s -linkmode external -extldflags '$LDFLAGS -static'"
+
+config:
+ configure-commands:
+ - |
+ mkdir -p src/github.com/snapcore
+ ln -sr . src/github.com/snapcore/snapd
+
+ - |
+ ./mkversion.sh 2.57.3
+
+ - |
+ cd cmd
+ autoreconf -i -f
+
+ - |
+ cd cmd
+ ./configure %{conf-args}
+
+ build-commands:
+ - go build -o bins/snapd %{go-flags} github.com/snapcore/snapd/cmd/snapd
+ - go build -o bins/snap %{go-flags} github.com/snapcore/snapd/cmd/snap
+ - go build -o bins/snap-failure %{go-flags} github.com/snapcore/snapd/cmd/snap-failure
+ - go build -o bins/snap-seccomp %{go-flags} github.com/snapcore/snapd/cmd/snap-seccomp
+ - go build -o bins/snap-update-ns %{go-static-flags} github.com/snapcore/snapd/cmd/snap-update-ns
+ - |
+ go build -o bins/snap-exec %{go-static-flags} github.com/snapcore/snapd/cmd/snap-exec
+ - |
+ go build -o bins/snapctl %{go-static-flags} github.com/snapcore/snapd/cmd/snapctl
+ - |
+ go build -o bins/snapd-apparmor %{go-flags} github.com/snapcore/snapd/cmd/snapd-apparmor
+
+ - |
+ make -C cmd
+
+ install-commands:
+ - |
+ install -Dm755 -t '%{install-root}%{libexecdir}' \
+ bins/snapd \
+ bins/snap \
+ bins/snap-failure \
+ bins/snap-seccomp \
+ bins/snap-update-ns \
+ bins/snap-exec \
+ bins/snapctl \
+ bins/snapd-apparmor
+
+ - |
+ install -Dm755 -d '%{install-root}%{bindir}'
+ ln -sr '%{install-root}%{libexecdir}/snap' '%{install-root}%{bindir}/snap'
+
+ - |
+ systemdsystemunitdir="$(pkg-config --variable=systemdsystemunitdir systemd)"
+ systemduserunitdir="$(pkg-config --variable=systemduserunitdir systemd)"
+ make -C data -j1 install DESTDIR='%{install-root}' \
+ SYSTEMDSYSTEMUNITDIR="${systemdsystemunitdir}" \
+ SYSTEMDUSERUNITDIR="$(systemduserunitdir)" \
+ BINDIR="%{bindir}" \
+ LIBEXECDIR="%{indep-libdir}" \
+ SNAP_MOUNT_DIR="%{mount-dir}" \
+ SNAPD_ENVIRONMENT_FILE="%{sysconfdir}/default/snapd"
+
+ for unit in \
+ snapd.core-fixup.service \
+ snapd.recovery-chooser-trigger.service \
+ snapd.system-shutdown.service \
+ snapd.snap-repair.timer; do
+ rm "%{install-root}${systemdsystemunitdir}/${unit}"
+ done
+
+ - |
+ make -C cmd -j1 install DESTDIR='%{install-root}'
+
+ - |
+ rm -rf '%{install-root}/var'
+
+ - |
+ dir="$(pkg-config --variable=tmpfilesdir systemd)"
+ install -Dm644 tmpfiles-snapd.conf "%{install-root}${dir}/snapd.conf"
+
+ - |
+ install -Dm644 -d "%{install-root}%{prefix}/src"
+
+ - |
+ install -Dm644 -t "%{install-root}%{datadir}/polkit-1/actions" data/polkit/io.snapcraft.snapd.policy
+
+ - |
+ systemdsystempresetdir="$(pkg-config --variable=systemdsystempresetdir systemd)"
+ install -Dm644 snapd.preset "%{install-root}${systemdsystempresetdir}/50-snapd.preset"
+
+ - |
+ systemduserpresetdir="$(pkg-config --variable=systemduserpresetdir systemd)"
+ install -Dm644 snapd-user.preset "%{install-root}${systemduserpresetdir}/50-snapd.preset"
+
+public:
+ initial-script:
+ script: |
+ #!/bin/bash
+ sysroot="${1}"
+ chmod 4755 "${sysroot}%{indep-libdir}/snapd/snap-confine"
diff --git a/files/snapd/fix-mount-dir.patch b/files/snapd/fix-mount-dir.patch
new file mode 100644
index 000000000..1e2fa75ec
--- /dev/null
+++ b/files/snapd/fix-mount-dir.patch
@@ -0,0 +1,11 @@
+diff -ur snapd.old/dirs/dirs.go snapd/dirs/dirs.go
+--- snapd.old/dirs/dirs.go 2021-10-02 17:27:51.578196035 +0200
++++ snapd/dirs/dirs.go 2021-10-04 14:00:34.857702020 +0200
+@@ -305,6 +305,7 @@
+ "gentoo",
+ "manjaro",
+ "manjaro-arm",
++ "org.gnome.gnomeos",
+ }
+
+ isInsideBase, _ := isInsideBaseSnap()
diff --git a/files/snapd/ostree.patch b/files/snapd/ostree.patch
new file mode 100644
index 000000000..6c5b27756
--- /dev/null
+++ b/files/snapd/ostree.patch
@@ -0,0 +1,11 @@
+diff -ur snapd.old/systemd/systemd.go snapd/systemd/systemd.go
+--- snapd.old/systemd/systemd.go 2022-08-10 08:30:50.000000000 +0200
++++ snapd/systemd/systemd.go 2022-08-12 14:32:03.785721795 +0200
+@@ -1370,6 +1370,7 @@
+ {{- with .Origin}} via {{.}}{{end}}
+ Before=snapd.service
+ After=zfs-mount.service
++After=ostree-remount.service
+
+ [Mount]
+ What={{.What}}
diff --git a/files/snapd/snapd-user.preset b/files/snapd/snapd-user.preset
new file mode 100644
index 000000000..9039be771
--- /dev/null
+++ b/files/snapd/snapd-user.preset
@@ -0,0 +1 @@
+disable snapd.session-agent.socket
diff --git a/files/snapd/snapd.preset b/files/snapd/snapd.preset
new file mode 100644
index 000000000..136816ce3
--- /dev/null
+++ b/files/snapd/snapd.preset
@@ -0,0 +1,4 @@
+disable snapd.*.service
+disable snapd.*.timer
+disable snapd.service
+disable snapd.socket
diff --git a/files/snapd/tmpfiles-snapd.conf b/files/snapd/tmpfiles-snapd.conf
new file mode 100644
index 000000000..ad2db6af1
--- /dev/null
+++ b/files/snapd/tmpfiles-snapd.conf
@@ -0,0 +1,2 @@
+d /var/lib/snapd/apparmor/snap-confine 0755 root root -
+d /var/lib/snapd/void 0111 root root -
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
