├── README.md ├── build-container-vm.sh ├── make.conf ├── overlay ├── boot │ └── loader.conf ├── etc │ ├── fstab │ ├── pf.conf │ ├── rc.conf.d │ │ ├── create_accounts_from_ignition │ │ ├── growfs │ │ ├── init_container_storage │ │ ├── linux │ │ ├── network │ │ ├── ntpd │ │ ├── ntpdate │ │ ├── pf │ │ ├── podman │ │ ├── podman_service │ │ ├── podman_vm_ready │ │ ├── qemufwcfg │ │ ├── sshd │ │ └── zpoolreguid │ ├── rc.d │ │ └── init_container_storage │ ├── ssh │ │ └── sshd_config │ └── sysctl.conf ├── firstboot └── usr │ └── local │ └── etc │ └── rc.d │ ├── create_accounts_from_ignition │ └── podman_vm_ready ├── pkg.lst └── ports ├── pkglist └── sysutils ├── ocijail ├── Makefile ├── distinfo └── pkg-descr ├── qemufwcfg-fusefs ├── Makefile ├── distinfo ├── files │ └── qemufwcfg.in ├── pkg-descr └── pkg-plist └── qemufwcfg-kmod ├── Makefile ├── distinfo ├── pkg-descr └── pkg-plist /README.md: -------------------------------------------------------------------------------- 1 | FreeBSD Container VM tools for Podman 2 | ===================================== 3 | 4 | This repository contains (early, very work-in-progress) scripts to build a VM image that can be used with `podman machine` to manage FreeBSD VMs (initially on macOS, hopefully elsewhere eventually) to run FreeBSD containers on other operating systems. 5 | 6 | Current status 7 | -------------- 8 | 9 | The VM image can be loaded by `podman machine init`: 10 | 11 | - [X] User accounts from the Ignition file provided by the host over the qemufwcfg interface are created. 12 | - [X] SSH keys are provisioned. 13 | - [X] The network is set up, podman is able to ssh into the guest. 14 | - [X] Host filesystems are mounted. 15 | Note: This requires a some Podman bits that are not yet upstream. 16 | - [X] Podman service runs in the guest. 17 | - [X] Podman can connect to the service in the guest. 18 | This is currently done using a hack to symlink the socket to where Podman expects it. 19 | Eventually, podman should be taught to look in the right place. 20 | - [X] `podman container` and `podman image` commands work. 21 | - [ ] Test on x86-64. 22 | Currently tested only on AArch64 ('Apple silicon'). 23 | 24 | A lot of the base system is unnecessary for the VM image (most kernel drivers, the toolchain, and so on) and a future version should install a smaller base. 25 | This does not prevent containers from including a full FreeBSD base system image. 26 | 27 | Using 28 | ----- 29 | 30 | This can currently be used with unmodified podman with host mounts not working. 31 | For host mounts to work, you the [freebsd-guest-vm branch of this repo](https://github.com/davidchisnall/podman/), which has not (yet) been upstreamed. 32 | 33 | ### Building the VM 34 | 35 | The `build-container-vm.sh` expects to run as root and should be run on -CURRENT. 36 | You can download VM images for -CURRENT from the FreeBSD project, they work well with UTM. 37 | It will use `poudriere` to build the image. 38 | Poudriere works much better on ZFS, so using one of these as the base is a good idea. 39 | 40 | The script runs the following steps: 41 | 42 | 1. Clones the FreeBSD sources and applies the patch for 9p-over-virtio support. 43 | 2. Uses Poudriere to build a jail containing the downloaded sources. 44 | 3. Uses Poudriere to build the necessary packages (podman, qemufwcfg) 45 | 4. Uses Poudriere again to build an image containing the base 46 | 47 | This will generate the VM image in `/usr/local/poudriere/data/images/podmanvm.img`. 48 | You can copy this to a macOS system and then run: 49 | 50 | ```sh 51 | $ podman machine init --cpus $(sysctl -n hw.ncpu) --image-path podmanvm.img --rootful freebsd 52 | $ podman machine start freebsd 53 | $ podman system connection default freebsd-root 54 | ``` 55 | 56 | You can now run `podman` commands and they will automatically invoke the podman service in the VM. 57 | 58 | If you want to debug the VM edit `.config/containers/podman/machine/qemu/freebsd.json` *before* running the `podman machine start` command and add the following two lines in the `CmdLine` section: 59 | 60 | ``` 61 | "-serial", 62 | "tcp::4444,server", 63 | ``` 64 | 65 | Note that some qemu command-line options are split over multiple arguments. 66 | Inserting this before the `-fw_cfg` line is safe. 67 | This will allow you to connect to the console of the VM with `nc localhost 4444`. 68 | 69 | ### Using the custom podman branch 70 | 71 | This has been tested only on macOS, but might work on other platforms that use QEMU to host VMs. 72 | 73 | Clone the branch and build podman remote: 74 | 75 | ``` 76 | $ git clone -b freebsd-guest-vm https://github.com/davidchisnall/podman 77 | $ cd podman 78 | $ make podman-remote 79 | $ mv bin/darwin/podman {somewhere in your path} 80 | ``` 81 | 82 | This requires a working Go toolchain and GNU coreutils, both of which can be installed from homebrew. 83 | Copying podman into your path is optional, feel free to invoke it from there. 84 | This branch adds a `--machine-os` flag to `podman machine init`, which lets it behave differently for different guest types. 85 | 86 | ``` 87 | $ podman machine init --cpus $(sysctl -n hw.ncpu) --image-path podmanvm.img --rootful --machine-os freebsd freebsd 88 | $ podman machine start freebsd 89 | $ podman system connection default freebsd-root 90 | ``` 91 | 92 | You can now run FreeBSD containers, and they can have access to your host system: 93 | 94 | ``` 95 | $ podman pull docker.io/dougrabson/freebsd13.2-minimal 96 | $ podman container run --mount type=bind,src=/Users/${LOGNAME},target=/home/${LOGNAME} --rm -t freebsd13.2-minimal ls /home/${LOGNAME} 97 | ``` 98 | 99 | This should print the contents of your macOS home directory. 100 | You can confirm that this is a FreeBSD 13.2 container running on a FreeBSD 15.0-CURRENT kernel: 101 | 102 | ``` 103 | $ podman container run --rm freebsd13.2-minimal uname -mrs 104 | FreeBSD 15.0-CURRENT arm64 105 | $ podman container run --rm freebsd13.2-minimal freebsd-version 106 | 13.2-RELEASE-p2 107 | ``` 108 | 109 | Future plans 110 | ------------ 111 | 112 | Many of the bits here need to be upstreamed to FreeBSD (ports or the base system). 113 | Eventually, most of this repository should go away, but I want to get it to the state where it's actually usable first. 114 | 115 | Most of the next steps will require changes to Podman, to decouple the how-to-create-a-VM abstractions from the how-to-configure-a-Linux-VM bits. 116 | These will probably also be useful for managing Windows VMs with Podman, if someone ever wants to do that. 117 | 118 | On other hosts, Podman uses different virtualization mechanisms. 119 | The QEMU guest support should be sufficient on Linux, but on Windows it would be good to have Hyper-V support at some point. 120 | 121 | The VM creation process should be automated and run from CI. 122 | Cirrus has x86-64 and AArch64 VM instances that should be fast enough to do this quickly. 123 | 124 | For some reason, using `qemu-img` to convert the raw disk image to QCoW2 results in something that doesn't boot. 125 | It's probably a good idea to figure out why and fix it. 126 | 127 | Notes 128 | ----- 129 | 130 | This currently uses a patched version of ocijail to build with CMake because Bazel depends on OpenJDK, which does not appear to work on FreeBSD/AArch64. 131 | Hopefully that can be fixed at some point, or the CMake build can be upstreamed. 132 | This version also builds its dependencies from ports, so should work with `pkg audit` if there are vulnerabilities in the JSON parser. 133 | 134 | We currently provide an entire `sshd_config` to permit root login. 135 | This would be better to do this modification later or we risk failing to pick up changes to the defaults. 136 | Root login via ssh is safe here because the Podman does not expose the SSH login port except to the owner of the VM. 137 | 138 | The VM is built from -CURRENT at the moment so that containers for -CURRENT and any -RELEASE should work. 139 | At some point, it's probably a good idea to default to building from 14.0 since most users probably don't want to run -CURRENT containers and there's less chance of breakage. 140 | -------------------------------------------------------------------------------- /build-container-vm.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | set -e 4 | 5 | # FIXME: These are stupid names that will conflict with other things. They are 6 | # fine for now because I am not using this VM for anything else but they will 7 | # cause pain when other people try to use this script. 8 | JAILNAME=podman-vm-jail 9 | PORTSNAME=podmanvmports 10 | OVERLAYNAME=podmanvmpatches 11 | SCRIPTPATH=$(realpath $(dirname $0)) 12 | echo Script source: ${SCRIPTPATH} 13 | 14 | if [ ! -d freebsd-src ] ; then 15 | echo Cloning FreeBSD source 16 | git clone https://github.com/freebsd/freebsd-src 17 | cd freebsd-src 18 | echo Applying 9pfs patches 19 | git remote add dfr https://github.com/dfr/freebsd-src 20 | git fetch dfr 9pfs 21 | git cherry-pick dfr/9pfs 22 | cd .. 23 | fi 24 | 25 | # Create the jail and ports trees if they don't exist 26 | echo Creating jail 27 | poudriere jail -i -j ${JAILNAME} || poudriere jail -c -j ${JAILNAME} -b -m src=$(pwd)/freebsd-src -K GENERIC -J $(sysctl -n hw.ncpu) 28 | echo Creating ports tree 29 | poudriere ports -c -p ${PORTSNAME} -m git+https -U https://github.com/freebsd/freebsd-ports || true 30 | echo Creating ports tree overlay 31 | poudriere ports -c -M ${SCRIPTPATH}/ports -m null -p ${OVERLAYNAME} || true 32 | 33 | # Install our make.conf in the right place 34 | cp ${SCRIPTPATH}/make.conf /usr/local/etc/poudriere.d/${JAILNAME}-${PORTSNAME}-make.conf 35 | # Build the required packages. 36 | time poudriere bulk -j ${JAILNAME} -O ${OVERLAYNAME} -p ${PORTSNAME} -f pkg.lst 37 | # Create the image with our overlay and the required packages 38 | time poudriere image -t zfs+gpt -j ${JAILNAME} -s 2G -c overlay -f pkg.lst -p ${PORTSNAME} -n podmanvm -h podmanvm 39 | 40 | # For some reason, the qcow2 version doesn't boot. Figure out why later. 41 | #qemu-img convert -f raw -O qcow2 /usr/local/poudriere/data/images/podmanvm.img podmanvm.qcow2 42 | -------------------------------------------------------------------------------- /make.conf: -------------------------------------------------------------------------------- 1 | OPTIONS_UNSET+=DOCS 2 | OPTIONS_UNSET+=EXAMPLES 3 | OPTIONS_UNSET+=DEBUG 4 | OPTIONS_UNSET+=GTKDOC 5 | OPTIONS_UNSET+=MANPAGES 6 | -------------------------------------------------------------------------------- /overlay/boot/loader.conf: -------------------------------------------------------------------------------- 1 | pf_load="YES" 2 | zfs_load=YES 3 | fusefs_load=YES 4 | virtio_p9fs_load=YES 5 | autoboot_delay=0 6 | -------------------------------------------------------------------------------- /overlay/etc/fstab: -------------------------------------------------------------------------------- 1 | fdesc /dev/fd fdescfs rw 0 0 2 | -------------------------------------------------------------------------------- /overlay/etc/pf.conf: -------------------------------------------------------------------------------- 1 | # Change these to the interface(s) with the default route 2 | v4egress_if = "vtnet0" 3 | v6egress_if = "vtnet0" 4 | 5 | nat on $v4egress_if inet from to any -> ($v4egress_if) 6 | nat on $v6egress_if inet6 from to !ff00::/8 -> ($v6egress_if) 7 | 8 | rdr-anchor "cni-rdr/*" 9 | table 10 | 11 | -------------------------------------------------------------------------------- /overlay/etc/rc.conf.d/create_accounts_from_ignition: -------------------------------------------------------------------------------- 1 | create_accounts_from_ignition_enable=YES 2 | -------------------------------------------------------------------------------- /overlay/etc/rc.conf.d/growfs: -------------------------------------------------------------------------------- 1 | growfs_enable="YES" 2 | -------------------------------------------------------------------------------- /overlay/etc/rc.conf.d/init_container_storage: -------------------------------------------------------------------------------- 1 | init_container_storage_enable="YES" 2 | -------------------------------------------------------------------------------- /overlay/etc/rc.conf.d/linux: -------------------------------------------------------------------------------- 1 | linux_enable=YES 2 | -------------------------------------------------------------------------------- /overlay/etc/rc.conf.d/network: -------------------------------------------------------------------------------- 1 | ifconfig_vtnet0="DHCP" 2 | -------------------------------------------------------------------------------- /overlay/etc/rc.conf.d/ntpd: -------------------------------------------------------------------------------- 1 | ntpd_enable=YES 2 | -------------------------------------------------------------------------------- /overlay/etc/rc.conf.d/ntpdate: -------------------------------------------------------------------------------- 1 | ntpdate_enable=YES 2 | -------------------------------------------------------------------------------- /overlay/etc/rc.conf.d/pf: -------------------------------------------------------------------------------- 1 | pf_enable=YES 2 | -------------------------------------------------------------------------------- /overlay/etc/rc.conf.d/podman: -------------------------------------------------------------------------------- 1 | podman_enable=YES 2 | -------------------------------------------------------------------------------- /overlay/etc/rc.conf.d/podman_service: -------------------------------------------------------------------------------- 1 | podman_service_enable=YES 2 | -------------------------------------------------------------------------------- /overlay/etc/rc.conf.d/podman_vm_ready: -------------------------------------------------------------------------------- 1 | podman_vm_ready_enable=YES 2 | -------------------------------------------------------------------------------- /overlay/etc/rc.conf.d/qemufwcfg: -------------------------------------------------------------------------------- 1 | qemufwcfg_enable="YES" 2 | -------------------------------------------------------------------------------- /overlay/etc/rc.conf.d/sshd: -------------------------------------------------------------------------------- 1 | sshd_enable="YES" 2 | -------------------------------------------------------------------------------- /overlay/etc/rc.conf.d/zpoolreguid: -------------------------------------------------------------------------------- 1 | zpool_reguid="zroot" 2 | -------------------------------------------------------------------------------- /overlay/etc/rc.d/init_container_storage: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # On first boot, create the ZFS filesystem to store containers. 4 | 5 | # PROVIDE: podman_storage 6 | # REQUIRE: zfs 7 | # BEFORE: podman_service 8 | # KEYWORD: firstboot 9 | 10 | . /etc/rc.subr 11 | 12 | name="init_container_storage" 13 | desc="Create the ZFS filesystem for container storage" 14 | start_cmd="init_container_storage_start" 15 | rcvar="init_container_storage_enable" 16 | 17 | init_container_storage_start() 18 | { 19 | echo "Created ZFS storage for containers" 20 | zfs create -o mountpoint=/var/db/containers zroot/containers 21 | # Quick hack to put the podman socket where podman remote expects it to be. 22 | # Note: In theory, podman allows you to specify this location. In 23 | # practice, that doesn't seem to work and it always uses the default 24 | # location. 25 | echo "Creating symlink for container socket" 26 | mkdir -p /run/podman 27 | ln -s /var/run/podman/podman.sock /run/podman/ 28 | } 29 | 30 | load_rc_config $name 31 | run_rc_command "$1" 32 | 33 | -------------------------------------------------------------------------------- /overlay/etc/ssh/sshd_config: -------------------------------------------------------------------------------- 1 | # $OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $ 2 | 3 | # This is the sshd server system-wide configuration file. See 4 | # sshd_config(5) for more information. 5 | 6 | # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin 7 | 8 | # The strategy used for options in the default sshd_config shipped with 9 | # OpenSSH is to specify options with their default value where 10 | # possible, but leave them commented. Uncommented options override the 11 | # default value. 12 | 13 | # Note that some of FreeBSD's defaults differ from OpenBSD's, and 14 | # FreeBSD has a few additional options. 15 | 16 | #Port 22 17 | #AddressFamily any 18 | #ListenAddress 0.0.0.0 19 | #ListenAddress :: 20 | 21 | #HostKey /etc/ssh/ssh_host_rsa_key 22 | #HostKey /etc/ssh/ssh_host_ecdsa_key 23 | #HostKey /etc/ssh/ssh_host_ed25519_key 24 | 25 | # Ciphers and keying 26 | #RekeyLimit default none 27 | 28 | # Logging 29 | #SyslogFacility AUTH 30 | #LogLevel INFO 31 | 32 | # Authentication: 33 | 34 | #LoginGraceTime 2m 35 | #PermitRootLogin no 36 | PermitRootLogin yes 37 | #StrictModes yes 38 | #MaxAuthTries 6 39 | #MaxSessions 10 40 | 41 | #PubkeyAuthentication yes 42 | 43 | # The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 44 | # but this is overridden so installations will only check .ssh/authorized_keys 45 | AuthorizedKeysFile .ssh/authorized_keys 46 | 47 | #AuthorizedPrincipalsFile none 48 | 49 | #AuthorizedKeysCommand none 50 | #AuthorizedKeysCommandUser nobody 51 | 52 | # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts 53 | #HostbasedAuthentication no 54 | # Change to yes if you don't trust ~/.ssh/known_hosts for 55 | # HostbasedAuthentication 56 | #IgnoreUserKnownHosts no 57 | # Don't read the user's ~/.rhosts and ~/.shosts files 58 | #IgnoreRhosts yes 59 | 60 | # Change to yes to enable built-in password authentication. 61 | # Note that passwords may also be accepted via KbdInteractiveAuthentication. 62 | #PasswordAuthentication no 63 | #PermitEmptyPasswords no 64 | 65 | # Change to no to disable PAM authentication 66 | #KbdInteractiveAuthentication yes 67 | 68 | # Kerberos options 69 | #KerberosAuthentication no 70 | #KerberosOrLocalPasswd yes 71 | #KerberosTicketCleanup yes 72 | #KerberosGetAFSToken no 73 | 74 | # GSSAPI options 75 | #GSSAPIAuthentication no 76 | #GSSAPICleanupCredentials yes 77 | 78 | # Set this to 'no' to disable PAM authentication, account processing, 79 | # and session processing. If this is enabled, PAM authentication will 80 | # be allowed through the KbdInteractiveAuthentication and 81 | # PasswordAuthentication. Depending on your PAM configuration, 82 | # PAM authentication via KbdInteractiveAuthentication may bypass 83 | # the setting of "PermitRootLogin prohibit-password". 84 | # If you just want the PAM account and session checks to run without 85 | # PAM authentication, then enable this but set PasswordAuthentication 86 | # and KbdInteractiveAuthentication to 'no'. 87 | #UsePAM yes 88 | 89 | #AllowAgentForwarding yes 90 | #AllowTcpForwarding yes 91 | #GatewayPorts no 92 | #X11Forwarding no 93 | #X11DisplayOffset 10 94 | #X11UseLocalhost yes 95 | #PermitTTY yes 96 | #PrintMotd yes 97 | #PrintLastLog yes 98 | #TCPKeepAlive yes 99 | #PermitUserEnvironment no 100 | #Compression delayed 101 | #ClientAliveInterval 0 102 | #ClientAliveCountMax 3 103 | #UseDNS yes 104 | #PidFile /var/run/sshd.pid 105 | #MaxStartups 10:30:100 106 | #PermitTunnel no 107 | #ChrootDirectory none 108 | #UseBlacklist no 109 | #VersionAddendum FreeBSD-20230719 110 | 111 | # no default banner path 112 | #Banner none 113 | 114 | # override default of no subsystems 115 | Subsystem sftp /usr/libexec/sftp-server 116 | 117 | # Example of overriding settings on a per-user basis 118 | #Match User anoncvs 119 | # X11Forwarding no 120 | # AllowTcpForwarding no 121 | # PermitTTY no 122 | # ForceCommand cvs server 123 | -------------------------------------------------------------------------------- /overlay/etc/sysctl.conf: -------------------------------------------------------------------------------- 1 | net.pf.filter_local=1 2 | -------------------------------------------------------------------------------- /overlay/firstboot: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/davidchisnall/container-vm-scripts/6037eed65c5ee8abfbd09dff2d3304b1448fd8a0/overlay/firstboot -------------------------------------------------------------------------------- /overlay/usr/local/etc/rc.d/create_accounts_from_ignition: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # On first boot, create the ZFS filesystem to store containers. 4 | 5 | # PROVIDE: ignition_accounts 6 | # REQUIRE: qemufwcfg, ldconfig 7 | # BEFORE: podman_service 8 | # KEYWORD: firstboot 9 | 10 | . /etc/rc.subr 11 | 12 | name="create_accounts_from_ignition" 13 | desc="Create accounts from the ignition config" 14 | start_cmd="create_accounts_from_ignition_start" 15 | rcvar="create_accounts_from_ignition_enable" 16 | create_accounts_from_ignition_qemufwcfg_mount_path="/var/run/qemufwcfg" 17 | create_accounts_from_ignition_ignition_path="${create_accounts_from_ignition_qemufwcfg_mount_path}/opt/com.coreos/config" 18 | 19 | create_accounts_from_ignition_start() 20 | { 21 | local count jq username uid keys uidflag home I 22 | echo "Creating accounts and provisioning SSH keys from ignition" 23 | jq="/usr/local/bin/jq" 24 | count=$(${jq} < ${create_accounts_from_ignition_ignition_path} -r '.passwd.users | length') 25 | for I in $(seq 0 $(expr ${count} - 1)) ; do 26 | username=$(${jq} < ${create_accounts_from_ignition_ignition_path} -r ".passwd.users[${I}].name") 27 | if [ -n "${username}" ] ; then 28 | if id ${username} >/dev/null 2>&1 ; then 29 | echo ${username} already exists, not creating. 30 | else 31 | uid=$(${jq} < ${create_accounts_from_ignition_ignition_path} -r ".passwd.users[${I}].uid") 32 | uidflag=$(if [ ${uid} = "null" ] ; then echo "" ; else echo "-u ${uid}" ; fi) 33 | # Create the account. If any UID is specified, use it. Disable 34 | # password auth (these users will just be used via ssh). Add the 35 | # user to the wheel group so that they can run podman. 36 | /usr/sbin/pw useradd ${uidflag} -w no -n ${username} -G wheel -m 37 | echo "Created user ${username}" 38 | fi 39 | home=$(eval echo ~${username}) 40 | echo Installed ssh keys for ${username} to ${home}/.ssh/authorized_keys 41 | mkdir -p ${home}/.ssh 42 | ${jq} < ${create_accounts_from_ignition_ignition_path} -r ".passwd.users[${I}].sshAuthorizedKeys | values[]" 43 | ${jq} < ${create_accounts_from_ignition_ignition_path} -r ".passwd.users[${I}].sshAuthorizedKeys | values[]" >> ${home}/.ssh/authorized_keys 44 | chown ${username} ${home}/.ssh/authorized_keys 45 | chmod 600 ${home}/.ssh/authorized_keys 46 | chown ${username} ${home}/.ssh 47 | chmod 700 ${home}/.ssh 48 | else 49 | echo "Invalid user description in Ignition file:" 50 | ${jq} < ${create_accounts_from_ignition_ignition_path} ".passwd.users[${I}]" 51 | fi 52 | done 53 | } 54 | 55 | load_rc_config $name 56 | run_rc_command "$1" 57 | 58 | -------------------------------------------------------------------------------- /overlay/usr/local/etc/rc.d/podman_vm_ready: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # After the podman service is booted, let the host VM know. 4 | 5 | # PROVIDE: podman_vm_ready 6 | # REQUIRE: podman_service 7 | 8 | . /etc/rc.subr 9 | 10 | name="podman_vm_ready" 11 | desc="Notify the host that this VM is ready" 12 | start_cmd="podman_vm_ready_start" 13 | rcvar="podman_vm_ready_enable" 14 | 15 | podman_vm_ready_start() 16 | { 17 | echo Ready >> /dev/vtcon/org.fedoraproject.port.0 18 | } 19 | 20 | load_rc_config $name 21 | run_rc_command "$1" 22 | 23 | -------------------------------------------------------------------------------- /pkg.lst: -------------------------------------------------------------------------------- 1 | sysutils/qemufwcfg-kmod 2 | sysutils/qemufwcfg-fusefs 3 | sysutils/podman-suite 4 | textproc/jq 5 | -------------------------------------------------------------------------------- /ports/pkglist: -------------------------------------------------------------------------------- 1 | sysutils/qemufwcfg-kmod 2 | -------------------------------------------------------------------------------- /ports/sysutils/ocijail/Makefile: -------------------------------------------------------------------------------- 1 | PORTNAME= ocijail 2 | DISTVERSION= 0.2.0 3 | PORTREVISION= 1 4 | CATEGORIES= sysutils 5 | 6 | MAINTAINER= dfr@FreeBSD.org 7 | COMMENT= Experimental, proof-of-concept OCI-compatible runtime for jails 8 | WWW= https://github.com/dfr/ocijail 9 | 10 | LICENSE= BSD3CLAUSE 11 | 12 | IGNORE_FreeBSD_12= Not supported on FreeBSD 12 (uses c++20) 13 | 14 | USE_GITHUB= yes 15 | GH_ACCOUNT= davidchisnall 16 | GH_TAGNAME= bad3a82 17 | 18 | 19 | PLIST_FILES= bin/ocijail 20 | 21 | BUILD_DEPENDS= \ 22 | ${LOCALBASE}/include/nlohmann/json.hpp:devel/nlohmann-json \ 23 | ${LOCALBASE}/include/CLI/CLI.hpp:devel/cli11 24 | 25 | 26 | USES= cmake 27 | 28 | .include 29 | -------------------------------------------------------------------------------- /ports/sysutils/ocijail/distinfo: -------------------------------------------------------------------------------- 1 | TIMESTAMP = 1696132380 2 | SHA256 (davidchisnall-ocijail-0.2.0-bad3a82_GH0.tar.gz) = 0c56b50e9f9841fd4d74b9c7faeeea88e86c92f4fb9524f1deb68097ca00ca47 3 | SIZE (davidchisnall-ocijail-0.2.0-bad3a82_GH0.tar.gz) = 48057868 4 | -------------------------------------------------------------------------------- /ports/sysutils/ocijail/pkg-descr: -------------------------------------------------------------------------------- 1 | Experimental, proof-of-concept OCI-compatible runtime for jails. This 2 | is used by container engines such as buildah or podman to manage the 3 | container lifecycle 4 | -------------------------------------------------------------------------------- /ports/sysutils/qemufwcfg-fusefs/Makefile: -------------------------------------------------------------------------------- 1 | PORTNAME= qemufwcfg-fusefs 2 | DISTVERSION= 0.1 3 | CATEGORIES= sysutils 4 | 5 | LICENSE= BSD2CLAUSE 6 | 7 | MAINTAINER= theraven@FreeBSD.org 8 | COMMENT= QEMU firmware config driver and filesystem 9 | WWW= https://github.com/davidchisnall/qemufwcfg/tree/main 10 | 11 | USE_GITHUB= yes 12 | GH_ACCOUNT= davidchisnall 13 | GH_PROJECT= qemufwcfg 14 | GH_TAGNAME= d67e278 15 | 16 | USES= fakeroot 17 | 18 | USE_RC_SUBR= qemufwcfg 19 | 20 | LIB_DEPENDS= libfuse.so:sysutils/fusefs-libs 21 | 22 | BUILD_WRKSRC= ${WRKSRC}/mount_qemufwcfg 23 | INSTALL_WRKSRC= ${WRKSRC}/mount_qemufwcfg 24 | 25 | MAKE_ENV+= BINDIR="${PREFIX}/bin" \ 26 | MANDIR="${PREFIX}/share/man/man" 27 | 28 | pre-install: 29 | ${MKDIR} -p ${STAGEDIR}${PREFIX}/bin ${STAGEDIR}${PREFIX}/share/man/man8 ${STAGEDIR}/var/run/qemufwcfg 30 | 31 | 32 | .include 33 | -------------------------------------------------------------------------------- /ports/sysutils/qemufwcfg-fusefs/distinfo: -------------------------------------------------------------------------------- 1 | TIMESTAMP = 1692372887 2 | SHA256 (davidchisnall-qemufwcfg-0.1-d67e278_GH0.tar.gz) = 10eda13eeeb474533ab7316736d7e1fd20abe8a6d3e8ebea7d2947f4d09fda37 3 | SIZE (davidchisnall-qemufwcfg-0.1-d67e278_GH0.tar.gz) = 13458 4 | -------------------------------------------------------------------------------- /ports/sysutils/qemufwcfg-fusefs/files/qemufwcfg.in: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # PROVIDE: qemufwcfg 4 | # REQUIRE: ldconfig 5 | 6 | . /etc/rc.subr 7 | 8 | name="qemufwcfg" 9 | start_cmd="${name}_start" 10 | stop_cmd="${name}_stop" 11 | qemufwcfg_mount_path="/var/run/qemufwcfg" 12 | 13 | qemufwcfg_start() 14 | { 15 | kldload qemufwcfg 16 | %%LOCALBASE%%/bin/mount_qemufwcfg ${qemufwcfg_mount_path} 17 | } 18 | 19 | qemufwcfg_stop() 20 | { 21 | pkill -9 mount_qemufwcfg 22 | kldunload qemufwcfg 23 | } 24 | 25 | load_rc_config $name 26 | run_rc_command "$1" 27 | -------------------------------------------------------------------------------- /ports/sysutils/qemufwcfg-fusefs/pkg-descr: -------------------------------------------------------------------------------- 1 | asdf 2 | -------------------------------------------------------------------------------- /ports/sysutils/qemufwcfg-fusefs/pkg-plist: -------------------------------------------------------------------------------- 1 | bin/mount_qemufwcfg 2 | share/man/man8/mount_qemufwcfg.8.gz 3 | @dir /var/run/qemufwcfg 4 | 5 | -------------------------------------------------------------------------------- /ports/sysutils/qemufwcfg-kmod/Makefile: -------------------------------------------------------------------------------- 1 | PORTNAME= qemufwcfg-kmod 2 | DISTVERSION= 0.1 3 | CATEGORIES= sysutils 4 | 5 | LICENSE= BSD2CLAUSE 6 | 7 | MAINTAINER= theraven@FreeBSD.org 8 | COMMENT= QEMU firmware config driver 9 | WWW= https://github.com/davidchisnall/qemufwcfg/tree/main 10 | 11 | USE_GITHUB= yes 12 | GH_ACCOUNT= davidchisnall 13 | GH_PROJECT= qemufwcfg 14 | GH_TAGNAME= d67e278 15 | 16 | USES= kmod fakeroot 17 | 18 | 19 | .include 20 | -------------------------------------------------------------------------------- /ports/sysutils/qemufwcfg-kmod/distinfo: -------------------------------------------------------------------------------- 1 | TIMESTAMP = 1692372908 2 | SHA256 (davidchisnall-qemufwcfg-0.1-d67e278_GH0.tar.gz) = 10eda13eeeb474533ab7316736d7e1fd20abe8a6d3e8ebea7d2947f4d09fda37 3 | SIZE (davidchisnall-qemufwcfg-0.1-d67e278_GH0.tar.gz) = 13458 4 | -------------------------------------------------------------------------------- /ports/sysutils/qemufwcfg-kmod/pkg-descr: -------------------------------------------------------------------------------- 1 | asdfa 2 | -------------------------------------------------------------------------------- /ports/sysutils/qemufwcfg-kmod/pkg-plist: -------------------------------------------------------------------------------- 1 | /%%KMODDIR%%/qemufwcfg.ko 2 | --------------------------------------------------------------------------------