1 files changed, 53 insertions, 22 deletions

diff --git a/community/podman/APKBUILD b/community/podman/APKBUILD
index b881c676726..844046da846 100644
--- a/community/podman/APKBUILD
+++ b/community/podman/APKBUILD
@@ -1,33 +1,38 @@
 # Contributor: Michał Polański <michal@polanski.me>
 # Maintainer: Michał Polański <michal@polanski.me>
 pkgname=podman
-pkgver=3.2.3
+pkgver=4.9.4
 pkgrel=0
-pkgdesc="Simple management tool for pods, containers, and images"
+pkgdesc="Simple management tool for pods, containers and images"
 url="https://podman.io/"
 license="Apache-2.0"
-arch="all"
+# s390x: blocked by aardvark-dns and netavark
+arch="all !s390x"
 options="!check" # tests require root privileges
 depends="
 	conmon
-	cni-plugins
-	crun
+	oci-runtime
 	iptables
-	ip6tables
 	slirp4netns
-	shadow-uidmap
-	fuse-overlayfs
+	shadow-subids
 	containers-common
+	netavark
+	aardvark-dns
+	catatonit
 	"
 makedepends="
+	bash
+	btrfs-progs-dev
 	go
+	go-md2man
 	gpgme-dev
-	libseccomp-dev
+	grep
 	libassuan-dev
-	go-md2man
-	btrfs-progs-dev
-	bash
+	libseccomp-dev
+	mandoc
+	sqlite-dev
 	"
+install="$pkgname.post-install"
 subpackages="
 	$pkgname-doc
 	$pkgname-openrc
@@ -39,11 +44,32 @@ subpackages="
 	$pkgname-docker-doc:docker_doc:noarch
 	"
 source="https://github.com/containers/podman/archive/v$pkgver/podman-$pkgver.tar.gz
+	no-quadlet.patch
+
 	podman.initd
 	podman.confd
 	"
 
 # secfixes:
+#   4.9.4-r0:
+#     - CVE-2024-1753
+#   4.9.2-r0:
+#     - CVE-2024-23651
+#     - CVE-2024-23652
+#     - CVE-2024-23653
+#   4.8.2-r1:
+#     - CVE-2023-48795
+#   4.4.3-r0:
+#     - CVE-2022-41723
+#   4.4.2-r0:
+#     - CVE-2023-0778
+#   4.3.0-r0:
+#     - CVE-2022-2989
+#   4.0.3-r0:
+#     - CVE-2022-27649
+#   3.4.4-r0:
+#     - CVE-2021-4024
+#     - CVE-2021-41190
 #   3.2.3-r0:
 #     - CVE-2021-3602
 #   3.0.0-r0:
@@ -53,23 +79,27 @@ source="https://github.com/containers/podman/archive/v$pkgver/podman-$pkgver.tar
 #   1.8.1-r0:
 #     - CVE-2020-1726
 
+export GOCACHE="${GOCACHE:-"$srcdir/go-cache"}"
+export GOTMPDIR="${GOTMPDIR:-"$srcdir"}"
+export GOMODCACHE="${GOMODCACHE:-"$srcdir/go"}"
+
 build() {
-	export BUILDTAGS="exclude_graphdriver_devicemapper seccomp apparmor"
-	make podman podman-remote docs
+	# https://github.com/mattn/go-sqlite3/issues/1164
+	export CGO_CFLAGS="$CFLAGS -D_LARGEFILE64_SOURCE"
+
+	export BUILDTAGS="exclude_graphdriver_devicemapper seccomp apparmor libsqlite3"
+	make -j1 podman podman-remote rootlessport docs \
+		PREFIX=/usr \
+		GOMD2MAN="$(which go-md2man)"
 }
 
 package() {
-	make install.bin install.remote install.man-nobuild install.completions install.cni \
+	make install.bin install.remote install.man install.completions \
 		PREFIX=/usr DESTDIR="$pkgdir"
 
 	install -Dm755 "$srcdir"/$pkgname.initd "$pkgdir"/etc/init.d/$pkgname
 	install -Dm644 "$srcdir"/$pkgname.confd "$pkgdir"/etc/conf.d/$pkgname
 
-	mv "$pkgdir"/usr/share/fish/vendor_completions.d "$pkgdir"/usr/share/fish/completions
-
-	# remove files provided by containers-common-doc
-	rm -r "$pkgdir"/usr/share/man/man5
-
 	# remove systemd files
 	rm -r "$pkgdir"/usr/lib/tmpfiles.d
 }
@@ -112,7 +142,8 @@ docker_doc() {
 }
 
 sha512sums="
-e9df45b0f6afbcdce1f5ef0b2fa7dfc0f374699d0a080b4989c47bbff54d2e5a85d6eb899e17726948e8d233393454b4441d83c2be5a8068fa75c40e1dc1c2bf  podman-3.2.3.tar.gz
-72e91da5c2144c190f4f1a98b5b1f32cbaee50ef53d4c0a2a255a514b79d76cf71a1eca9470d4ad0a5f51ee65df68b1711fd7c5b90a416916715c607275af484  podman.initd
+7b52555789a1c214fcf26b0826bdda6cf0ccca588f87c0f15ac5e8358ddac625e17cafbe6a43de07cad964e1418b5ee0d2e38a5cb5dc6f6d4e638399749a7f7b  podman-4.9.4.tar.gz
+4eb688c35634c0986231c9723667e1fac034573b0bc778bf078c3e797120653e7013965e59c63075eb9db9685aae8ddd79a899288b674f460a06aa4410ba4499  no-quadlet.patch
+f8941dc3f8c6b08b288e3347ef2d782140f6e46809da0353f3695338a2de75a971b312e57d09b0a0ea51557568d888b367e3b234be550aea8386321878f4a22f  podman.initd
 ec6e6d3f72d0ab6c90a30b2cca5152c0d0f1e402ae671289263d7bf3b5141de9d67c3593f20b6075cedd214b7fb1506e69ff7b4f9691b43b391389343ab9b9b1  podman.confd
 "