From: Kunhoon Baik <knhoon.baik@samsung.com>
Date: Mon, 12 Jul 2021 09:07:35 +0000 (+0900)
Subject: Creating nsjail RPM specification and build patch based on upstream-git branch
X-Git-Tag: submit/tizen/20210825.085400~13
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=84bcf292ca3a603ca65cef4953a39ee58b2b33c1;p=platform%2Fupstream%2Fnsjail.git

Creating nsjail RPM specification and build patch based on upstream-git branch

Upstream git was created with "nsjail 2021-07-07 version"
For Tizen RPM, additional patches were created based on the open source version

1) Linking to upstream-git branch - .gbs.conf
   : You can check the Tizen open source updating guide at https://wiki.tizen.org/Updating_packages

2) Creating kafel.tar.gz
   : Unfortunately, Tizen does not provide git tool at build time. (git-core package is required)
   : Thus, instead of using git submodule command, create kafel.tar.gz from the git submodule.
   : For your information, following patch is added for the kafel for fixing build error (TODO)

	+// Fix for Linux <3.12
	+#ifndef EM_ARM
	+#define EM_ARM 40
	+#endif
	+

3) NSJail requires 3.2.24 over libnl3 vesion.
   Unfortunately, current Tizen libnl3 version 3.2.22. (TODO)
---

diff --git a/.gbs.conf b/.gbs.conf
new file mode 100644
index 0000000..657a101
--- /dev/null
+++ b/.gbs.conf
@@ -0,0 +1,3 @@
+[general]
+upstream_branch = upstream-git
+upstream_tag = ${upstreamversion}
diff --git a/Makefile b/Makefile
index 9494732..7722452 100644
--- a/Makefile
+++ b/Makefile
@@ -72,7 +72,8 @@ endif
 .PHONY: kafel_init
 kafel_init:
 ifeq ("$(wildcard kafel/Makefile)","")
-	git submodule update --init
+	tar xvfz kafel.tar.gz
+#	git submodule update --init
 endif
 
 kafel/include/kafel.h: kafel_init
diff --git a/kafel.tar.gz b/kafel.tar.gz
new file mode 100644
index 0000000..3b570ba
Binary files /dev/null and b/kafel.tar.gz differ
diff --git a/packaging/nsjail.spec b/packaging/nsjail.spec
new file mode 100644
index 0000000..250bc19
--- /dev/null
+++ b/packaging/nsjail.spec
@@ -0,0 +1,48 @@
+#
+# spec file for package nsjail
+#
+
+Name:           nsjail
+Version:        3.0.20210707 
+Release:	0
+Summary:        A light-weight process isolation tool
+License:        Apache-2.0
+Group:          System/Other
+URL:            https://nsjail.com
+Source0:        nsjail-%{version}.tar.gz
+#Source1:        kafel.tar.gz
+BuildRequires:  autoconf
+BuildRequires:  bison
+BuildRequires:  flex
+BuildRequires:  gcc-c++
+#BuildRequires:  git-core
+BuildRequires:  glibc-devel
+BuildRequires:  libnl3-devel
+BuildRequires:  make
+BuildRequires:  pkgconfig
+BuildRequires:  protobuf-devel
+
+%description
+A light-weight process isolation tool, making use of Linux namespaces and
+seccomp-bpf syscall filters (with help of the kafel bpf language)
+
+%prep
+%setup -q
+
+%build
+%define _lto_cflags %{nil}
+export CFLAGS="%{optflags}"
+export CXXFLAGS="$CFLAGS"
+make %{?_smp_mflags}
+
+%install
+mkdir -p %{buildroot}/%{_bindir}/
+cp nsjail %{buildroot}/%{_bindir}/
+
+%files
+%license LICENSE
+%{_bindir}/nsjail
+
+%changelog
+* Mon Jul 7 2021 Baik 
+ - Initial import of version latest version of nsjail - 2021-07-07 version