From 8f0c2f03ca6bbf35c0bdad3c12f2a05329410077 Mon Sep 17 00:00:00 2001
From: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Date: Wed, 27 Apr 2022 14:10:04 +0000
Subject: [PATCH] Add additional configuration

Tmpfiles.d entry to create default subuid/subid and podman configs, and systemd
units for dbus user session.
---
 Dockerfile                                         | 14 ++++++++++----
 usr/etc/subgid                                     |  1 +
 usr/etc/subuid                                     |  1 +
 usr/lib/systemd/user/dbus.service                  |  8 ++++++++
 usr/lib/systemd/user/dbus.socket                   |  6 ++++++
 .../systemd/user/sockets.target.wants/dbus.socket  |  1 +
 usr/lib/tmpfiles.d/podman.conf                     |  4 ++++
 7 files changed, 31 insertions(+), 4 deletions(-)
 create mode 100644 usr/etc/subgid
 create mode 100644 usr/etc/subuid
 create mode 100644 usr/lib/systemd/user/dbus.service
 create mode 100644 usr/lib/systemd/user/dbus.socket
 create mode 120000 usr/lib/systemd/user/sockets.target.wants/dbus.socket
 create mode 100644 usr/lib/tmpfiles.d/podman.conf

diff --git a/Dockerfile b/Dockerfile
index c01a514..22ccf88 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -7,16 +7,22 @@ CMD ["/bin/bash"]
 RUN emerge-gitclone
 RUN echo 'FEATURES="-network-sandbox -pid-sandbox -ipc-sandbox -usersandbox -sandbox"' >>/etc/portage/make.conf
 COPY repos.conf /etc/portage/repos.conf/podman.conf
-COPY . /var/lib/portage/podman-overlay/
+COPY overlay /var/lib/portage/podman-overlay/
 
 FROM base AS builder
 RUN emerge -j4 --getbinpkg --autounmask-write --autounmask-continue --onlydeps podman
-RUN emerge -j4 --getbinpkg --buildpkgonly podman
-RUN emerge --root=/work --nodeps --usepkgonly podman
+RUN emerge -j4 --getbinpkg --buildpkgonly podman squashfs-tools
+
+FROM base AS staging
+COPY --from=builder /var/lib/portage/pkgs /var/lib/portage/pkgs
+RUN emerge --getbinpkg --usepkg squashfs-tools
+RUN pkgs=$(emerge 2>/dev/null --usepkgonly --pretend podman | awk -F'] ' '/binary/{ print $ 2 }' | awk '{ print "="$1 }'); emerge --usepkgonly --root=/work --nodeps $pkgs
 RUN mkdir -p /work/usr/lib/extension-release.d && echo -e 'ID=flatcar\nSYSEXT_LEVEL=1.0' >/work/usr/lib/extension-release.d/extension-release.podman
 RUN mkdir -p /work/usr/src
+RUN mv /work/etc /work/usr/etc
+COPY usr /work/usr
 RUN mkdir -p /output && mksquashfs /work /output/podman.raw -noappend
 
 FROM busybox
-COPY --from=builder /output /output
+COPY --from=staging /output /output
 CMD ["cp", "/output/podman.raw", "/out"]
diff --git a/usr/etc/subgid b/usr/etc/subgid
new file mode 100644
index 0000000..e9cd52b
--- /dev/null
+++ b/usr/etc/subgid
@@ -0,0 +1 @@
+core:100000:65536
diff --git a/usr/etc/subuid b/usr/etc/subuid
new file mode 100644
index 0000000..e9cd52b
--- /dev/null
+++ b/usr/etc/subuid
@@ -0,0 +1 @@
+core:100000:65536
diff --git a/usr/lib/systemd/user/dbus.service b/usr/lib/systemd/user/dbus.service
new file mode 100644
index 0000000..ce7cabf
--- /dev/null
+++ b/usr/lib/systemd/user/dbus.service
@@ -0,0 +1,8 @@
+[Unit]
+Description=D-Bus User Message Bus
+Documentation=man:dbus-daemon(1)
+Requires=dbus.socket
+
+[Service]
+ExecStart=/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
+ExecReload=/usr/bin/dbus-send --print-reply --session --type=method_call --dest=org.freedesktop.DBus / org.freedesktop.DBus.ReloadConfig
diff --git a/usr/lib/systemd/user/dbus.socket b/usr/lib/systemd/user/dbus.socket
new file mode 100644
index 0000000..e9f7909
--- /dev/null
+++ b/usr/lib/systemd/user/dbus.socket
@@ -0,0 +1,6 @@
+[Unit]
+Description=D-Bus User Message Bus Socket
+
+[Socket]
+ListenStream=%t/bus
+ExecStartPost=-/bin/systemctl --user set-environment DBUS_SESSION_BUS_ADDRESS=unix:path=%t/bus
diff --git a/usr/lib/systemd/user/sockets.target.wants/dbus.socket b/usr/lib/systemd/user/sockets.target.wants/dbus.socket
new file mode 120000
index 0000000..fe02d16
--- /dev/null
+++ b/usr/lib/systemd/user/sockets.target.wants/dbus.socket
@@ -0,0 +1 @@
+../dbus.socket
\ No newline at end of file
diff --git a/usr/lib/tmpfiles.d/podman.conf b/usr/lib/tmpfiles.d/podman.conf
new file mode 100644
index 0000000..3022625
--- /dev/null
+++ b/usr/lib/tmpfiles.d/podman.conf
@@ -0,0 +1,4 @@
+C /etc/containers/registries.conf - - - - /usr/etc/containers/registries.conf.example
+C /etc/containers/policy.json - - - - /usr/etc/containers/policy.json.example
+C /etc/subuid - - - - /usr/etc/subuid
+C /etc/subgid - - - - /usr/etc/subgid