summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--meta-unit-core/dynamic-layers/virtualization-layer/recipes-containers/podman/podman_%.bbappend2
-rw-r--r--meta-unit-core/dynamic-layers/virtualization-layer/recipes-extended/shadow/shadow_%.bbappend12
-rw-r--r--meta-unit-core/dynamic-layers/virtualization-layer/recipes-kernel/linux/linux-yocto_%.bbappend1
-rw-r--r--meta-unit-core/dynamic-layers/virtualization-layer/recipes-unit/images/core-image-unit.bbappend1
-rw-r--r--meta-unit-core/dynamic-layers/virtualization-layer/recipes-users/useradd/add-user-unitexe.bbappend18
-rw-r--r--meta-virtualization-extra/recipes-containers/packagegroups/packagegroup-unit-containers.bb27
-rw-r--r--meta-virtualization-extra/recipes-kernel/linux/files/netfilter_xt_match.cfg2
-rw-r--r--meta-virtualization-extra/recipes-kernel/linux/linux-yocto_%.bbappend1
8 files changed, 64 insertions, 0 deletions
diff --git a/meta-unit-core/dynamic-layers/virtualization-layer/recipes-containers/podman/podman_%.bbappend b/meta-unit-core/dynamic-layers/virtualization-layer/recipes-containers/podman/podman_%.bbappend
new file mode 100644
index 0000000..3b9e0c7
--- /dev/null
+++ b/meta-unit-core/dynamic-layers/virtualization-layer/recipes-containers/podman/podman_%.bbappend
@@ -0,0 +1,2 @@
+# Enable rootless containers.
+PACKAGECONFIG:append = " rootless"
diff --git a/meta-unit-core/dynamic-layers/virtualization-layer/recipes-extended/shadow/shadow_%.bbappend b/meta-unit-core/dynamic-layers/virtualization-layer/recipes-extended/shadow/shadow_%.bbappend
new file mode 100644
index 0000000..cb2beaa
--- /dev/null
+++ b/meta-unit-core/dynamic-layers/virtualization-layer/recipes-extended/shadow/shadow_%.bbappend
@@ -0,0 +1,12 @@
+#
+# Support rootless podman for unitexe user.
+#
+# This is explained at:
+# https://github.com/containers/podman/blob/main/docs/tutorials/rootless_tutorial.md#etcsubuid-and-etcsubgid-configuration
+#
+do_install:append() {
+ echo "unitexe:100000:65536" >> ${D}${sysconfdir}/subuid
+ echo "" >> ${D}${sysconfdir}/subuid
+ echo "unitexe:100000:65536" >> ${D}${sysconfdir}/subgid
+ echo "" >> ${D}${sysconfdir}/subgid
+}
diff --git a/meta-unit-core/dynamic-layers/virtualization-layer/recipes-kernel/linux/linux-yocto_%.bbappend b/meta-unit-core/dynamic-layers/virtualization-layer/recipes-kernel/linux/linux-yocto_%.bbappend
new file mode 100644
index 0000000..37d2edd
--- /dev/null
+++ b/meta-unit-core/dynamic-layers/virtualization-layer/recipes-kernel/linux/linux-yocto_%.bbappend
@@ -0,0 +1 @@
+SRC_URI:append = " file://netfilter_xt_match.cfg"
diff --git a/meta-unit-core/dynamic-layers/virtualization-layer/recipes-unit/images/core-image-unit.bbappend b/meta-unit-core/dynamic-layers/virtualization-layer/recipes-unit/images/core-image-unit.bbappend
new file mode 100644
index 0000000..ee336ce
--- /dev/null
+++ b/meta-unit-core/dynamic-layers/virtualization-layer/recipes-unit/images/core-image-unit.bbappend
@@ -0,0 +1 @@
+IMAGE_INSTALL:append = " packagegroup-unit-containers"
diff --git a/meta-unit-core/dynamic-layers/virtualization-layer/recipes-users/useradd/add-user-unitexe.bbappend b/meta-unit-core/dynamic-layers/virtualization-layer/recipes-users/useradd/add-user-unitexe.bbappend
new file mode 100644
index 0000000..922b0c8
--- /dev/null
+++ b/meta-unit-core/dynamic-layers/virtualization-layer/recipes-users/useradd/add-user-unitexe.bbappend
@@ -0,0 +1,18 @@
+do_install:append() {
+ # If linger is not enabled then rootless podman
+ # commands will complain with number of warnings.
+ install -d ${D}${localstatedir}/lib/systemd/linger
+ touch ${D}${localstatedir}/lib/systemd/linger/${USER_TO_ADD_NAME}
+
+ # Note: Use of .profile here assumes busybox shell.
+ # Podman uses these (if defined) for overriding
+ # default configuration file locations. This is
+ # explained here:
+ # https://github.com/containers/podman/blob/main/docs/tutorials/rootless_tutorial.md#user-configuration-files
+ cat > ${D}/home/${USER_TO_ADD_NAME}/.profile << 'EOF'
+export XDG_RUNTIME_DIR=/run/user/$(id -u)
+export XDG_CONFIG_HOME=$HOME/.config
+EOF
+}
+
+FILES:${PN}:append = " ${localstatedir}/lib/systemd/linger/${USER_TO_ADD_NAME}"
diff --git a/meta-virtualization-extra/recipes-containers/packagegroups/packagegroup-unit-containers.bb b/meta-virtualization-extra/recipes-containers/packagegroups/packagegroup-unit-containers.bb
new file mode 100644
index 0000000..7cf28bd
--- /dev/null
+++ b/meta-virtualization-extra/recipes-containers/packagegroups/packagegroup-unit-containers.bb
@@ -0,0 +1,27 @@
+SUMMARY = "Container packages"
+
+PACKAGE_ARCH = "${MACHINE_ARCH}"
+
+inherit packagegroup
+
+# A number of kernel modules are needed for this to work
+RDEPENDS:${PN}:append = " kernel-modules"
+
+# Rootless containers
+RDEPENDS:${PN}:append = " dbus-broker"
+RDEPENDS:${PN}:append = " libpam"
+
+# Networking
+RDEPENDS:${PN}:append = " iproute2"
+RDEPENDS:${PN}:append = " passt"
+
+# Podman
+RDEPENDS:${PN}:append = " podman"
+RDEPENDS:${PN}:append = " podman-tui"
+RDEPENDS:${PN}:append = " podman-compose"
+
+# Working with registries
+RDEPENDS:${PN}:append = " skopeo"
+
+# Working with container images
+RDEPENDS:${PN}:append = " umoci"
diff --git a/meta-virtualization-extra/recipes-kernel/linux/files/netfilter_xt_match.cfg b/meta-virtualization-extra/recipes-kernel/linux/files/netfilter_xt_match.cfg
new file mode 100644
index 0000000..5ea566a
--- /dev/null
+++ b/meta-virtualization-extra/recipes-kernel/linux/files/netfilter_xt_match.cfg
@@ -0,0 +1,2 @@
+CONFIG_NETFILTER_XT_MATCH_COMMENT=m
+CONFIG_NETFILTER_XT_MATCH_MARK=m
diff --git a/meta-virtualization-extra/recipes-kernel/linux/linux-yocto_%.bbappend b/meta-virtualization-extra/recipes-kernel/linux/linux-yocto_%.bbappend
new file mode 100644
index 0000000..8802adb
--- /dev/null
+++ b/meta-virtualization-extra/recipes-kernel/linux/linux-yocto_%.bbappend
@@ -0,0 +1 @@
+FILESEXTRAPATHS:prepend := "${THISDIR}/files:"
generated by cgit v1.2.3 (git 2.39.1) at 2026-04-04 20:32:41 +0000