Patch runc: add OCI hooks

app-emulation/docker-runc/docker-runc-1.0.0_rc5_p22.ebuild

@@ -43,6 +43,7 @@ src_unpack() {
 
 PATCHES=(
 	"${FILESDIR}/0001-Delay-unshare-of-clone-newipc-for-selinux.patch"
+	"${FILESDIR}/0001-Add-static-hooks-opt-bin-runc-hook-prestart-poststar.patch"
 )
 
 src_compile() {

app-emulation/docker-runc/files/0001-Add-static-hooks-opt-bin-runc-hook-prestart-poststar.patch

@@ -0,0 +1,45 @@
+From ee41e4492974158d92158e32b24f7826850dd9e2 Mon Sep 17 00:00:00 2001
+From: Alban Crequy <alban@kinvolk.io>
+Date: Tue, 12 Mar 2019 17:52:37 +0100
+Subject: [PATCH] Add static hooks
+ /opt/bin/runc-hook-{prestart,poststart,poststop}.sh
+
+---
+ libcontainer/specconv/spec_linux.go | 21 +++++++++++++++++++++
+ 1 file changed, 21 insertions(+)
+
+diff --git a/libcontainer/specconv/spec_linux.go b/libcontainer/specconv/spec_linux.go
+index f68cac01..63aa1351 100644
+--- a/libcontainer/specconv/spec_linux.go
++++ b/libcontainer/specconv/spec_linux.go
+@@ -806,6 +806,27 @@ func SetupSeccomp(config *specs.LinuxSeccomp) (*configs.Seccomp, error) {
+
+ func createHooks(rspec *specs.Spec, config *configs.Config) {
+ 	config.Hooks = &configs.Hooks{}
++
++	extraPrestartCmd := configs.Command{
++		Path: "/bin/sh",
++		Args: []string{"/bin/sh", "-c", "test ! -x /opt/bin/runc-hook-prestart.sh || /opt/bin/runc-hook-prestart.sh"},
++		Dir:  "/",
++	}
++	extraPoststartCmd := configs.Command{
++		Path: "/bin/sh",
++		Args: []string{"/bin/sh", "-c", "test ! -x /opt/bin/runc-hook-poststart.sh || /opt/bin/runc-hook-poststart.sh"},
++		Dir:  "/",
++	}
++	extraPoststopCmd := configs.Command{
++		Path: "/bin/sh",
++		Args: []string{"/bin/sh", "-c", "test ! -x /opt/bin/runc-hook-poststop.sh || /opt/bin/runc-hook-poststop.sh"},
++		Dir:  "/",
++	}
++
++	config.Hooks.Prestart = append(config.Hooks.Prestart, configs.NewCommandHook(extraPrestartCmd))
++	config.Hooks.Poststart = append(config.Hooks.Poststart, configs.NewCommandHook(extraPoststartCmd))
++	config.Hooks.Poststop = append(config.Hooks.Poststop, configs.NewCommandHook(extraPoststopCmd))
++
+ 	if rspec.Hooks != nil {
+
+ 		for _, h := range rspec.Hooks.Prestart {
+-- 
+2.20.1
+

app-emulation/runc/Manifest

@@ -1 +1 @@
-DIST runc-1.0.0_rc2_p9.tar.gz 550963 SHA256 374822cc2895ed3899b7a3a03b566413ea782fccec1307231f27894e9c6d5bea SHA512 0176fc0fd69b298b5cb304388544a45b3805154f635c4a7492daac6e33774b16ad76af2b3008205de169306812834f4299106c89a17b1667168f3ad2ddc2e975 WHIRLPOOL 5015352fe7dc9ddedf93d555cf2750b3e9d72adfda534b1e30a69ac8b6b05e73bfbbe0ba72f543be4e3133f1604a5b42acc3363d30187a75861ca42755dfff81
+DIST runc-1.0.0_rc2_p9.tar.gz 550963 BLAKE2B 1cb85d185499112bb283be2f79b28d2708d5c57db1c87ef862bcc50b0ada9df2da73038fdf03aae0edf62ef60443e4108cbf64f2b2c1c668d5095e79808746ea SHA512 0176fc0fd69b298b5cb304388544a45b3805154f635c4a7492daac6e33774b16ad76af2b3008205de169306812834f4299106c89a17b1667168f3ad2ddc2e975

app-emulation/runc/files/0001-Add-static-hooks-opt-bin-runc-hook-prestart-poststar.patch

@@ -0,0 +1,51 @@
+From 78ed546f1383b40ae4999f3b440934a9c7933cb2 Mon Sep 17 00:00:00 2001
+From: Alban Crequy <alban@kinvolk.io>
+Date: Wed, 17 Apr 2019 15:19:30 +0200
+Subject: [PATCH] Add static hooks
+ /opt/bin/runc-hook-{prestart,poststart,poststop}.sh
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This patch is rebased on this version:
+https://github.com/opencontainers/runc/archive/50a19c6ff828c58e5dab13830bd3dacde268afe5.tar.gz
+
+---
+ libcontainer/specconv/spec_linux.go | 21 +++++++++++++++++++++
+ 1 file changed, 21 insertions(+)
+
+diff --git a/libcontainer/specconv/spec_linux.go b/libcontainer/specconv/spec_linux.go
+index 7e12ffd..8d03916 100644
+--- a/libcontainer/specconv/spec_linux.go
++++ b/libcontainer/specconv/spec_linux.go
+@@ -726,6 +726,27 @@ func setupSeccomp(config *specs.Seccomp) (*configs.Seccomp, error) {
+
+ func createHooks(rspec *specs.Spec, config *configs.Config) {
+ 	config.Hooks = &configs.Hooks{}
++
++	extraPrestartCmd := configs.Command{
++		Path: "/bin/sh",
++		Args: []string{"/bin/sh", "-c", "test ! -x /opt/bin/runc-hook-prestart.sh || /opt/bin/runc-hook-prestart.sh"},
++		Dir:  "/",
++	}
++	extraPoststartCmd := configs.Command{
++		Path: "/bin/sh",
++		Args: []string{"/bin/sh", "-c", "test ! -x /opt/bin/runc-hook-poststart.sh || /opt/bin/runc-hook-poststart.sh"},
++		Dir:  "/",
++	}
++	extraPoststopCmd := configs.Command{
++		Path: "/bin/sh",
++		Args: []string{"/bin/sh", "-c", "test ! -x /opt/bin/runc-hook-poststop.sh || /opt/bin/runc-hook-poststop.sh"},
++		Dir:  "/",
++	}
++
++	config.Hooks.Prestart = append(config.Hooks.Prestart, configs.NewCommandHook(extraPrestartCmd))
++	config.Hooks.Poststart = append(config.Hooks.Poststart, configs.NewCommandHook(extraPoststartCmd))
++	config.Hooks.Poststop = append(config.Hooks.Poststop, configs.NewCommandHook(extraPoststopCmd))
++
+ 	for _, h := range rspec.Hooks.Prestart {
+ 		cmd := createCommandHook(h)
+ 		config.Hooks.Prestart = append(config.Hooks.Prestart, configs.NewCommandHook(cmd))
+-- 
+2.20.1
+

app-emulation/runc/runc-1.0.0_rc2_p9-r1.ebuild

@@ -39,6 +39,7 @@ src_prepare() {
 	epatch "${FILESDIR}/0001-Makefile-do-not-install-dependencies-of-target.patch"
 	epatch "${FILESDIR}/0002-${PV}-Fix-setting-selinux-label-for-mqueue-under-userns.patch"
 	epatch "${FILESDIR}/0001-nsenter-clone-proc-self-exe-to-avoid-exposing-host-b_1.12.patch"
+	epatch "${FILESDIR}/0001-Add-static-hooks-opt-bin-runc-hook-prestart-poststar.patch"
 
 	# Work around https://github.com/golang/go/issues/14669
 	# Remove after updating to go1.7