runc/config: add seccomp distro feature

When using podman (or other seccomp enabled container runtimes), you will get an OCI container startup error if runc hasn't been built with seccomp. Adding a distro feature to runc and to the README to make it easier to coordinate the support. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
2025-07-19 12:50:22 +02:00 · 2021-02-06 11:56:25 -05:00 · 2021-02-06 11:56:25 -05:00 · e2bba8633e
commit e2bba8633e
parent da32b79488
2 changed files with 6 additions and 1 deletions
--- a/1
+++ b/1
@ -34,6 +34,7 @@ that may also be enabled:
 - selinux: enables functionality in libvirt and lxc
 - systemd: enable systemd services and unit files (for recipes for support)
 - sysvinit: enable sysvinit scripts (for recipes with support)
+ - seccomp: enable seccomp support for packages that have the capability.

 Dependencies
 ------------
--- a/recipes-containers/runc/runc.inc
+++ b/recipes-containers/runc/runc.inc
@ -14,11 +14,15 @@ inherit go
 inherit goarch
 inherit pkgconfig

-PACKAGECONFIG ??= "static"
 PACKAGECONFIG[seccomp] = "seccomp,,libseccomp"
 # This PACKAGECONFIG serves the purpose of whether building runc as static or not
 PACKAGECONFIG[static] = ""

+PACKAGECONFIG ??= "static \
+                   ${@bb.utils.contains('DISTRO_FEATURES', 'seccomp', 'seccomp', '', d)} \
+	          "
+
+
 PROVIDES += "virtual/runc"
 RPROVIDES_${PN} = "virtual/runc"