From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2.migadu.com ([2001:41d0:403:4876::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms8.migadu.com with LMTPS id 8KwdGC0SzWV/fwAAe85BDQ:P1 (envelope-from ) for ; Wed, 14 Feb 2024 20:19:09 +0100 Received: from aspmx1.migadu.com ([2001:41d0:403:4876::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2.migadu.com with LMTPS id 8KwdGC0SzWV/fwAAe85BDQ (envelope-from ) for ; Wed, 14 Feb 2024 20:19:09 +0100 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=wolfsden.cz header.s=mail header.b=lBzpsS34; dkim=fail ("headers rsa verify failed") header.d=wolfsden.cz header.s=mail header.b=F4zwGSNP; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"; dmarc=fail reason="SPF not aligned (relaxed)" header.from=wolfsden.cz (policy=none) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1707938349; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=swWVN1Kk9fG+pr30LnZo4y/rKHHBJR5FmLcfraq4gfs=; b=GxRgtdlmtnviGiS7iOPGRKAnSy1l2T53FRaT8doLYzGa5p7eRihqpp5ybddYFPw3+PHXTA P1jTuTwhiBcpdaJHecHZDNoUonVP335HsZpMyK2SR59eeFnQ81p8HlgfwuJRBxGED1mIPp HAS0CTFwsLdBhyUfNGDxV3UYy3C06o03HVgDU1u6EO06VVB1Tqx0DSI0fuMnWpy1E5cEMJ pqqkWCu+EqoSL1cWwJxGuyfGKHPsOt6+lGxXC/wj0iVM9H9INqhfKxRZh5sARucAV66XRg +WFs2ej+LLBNDXqXn2StzGTw9pKzGH894oeXBTIWSYX3dHAjs9HXMb6AXHWd5w== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=wolfsden.cz header.s=mail header.b=lBzpsS34; dkim=fail ("headers rsa verify failed") header.d=wolfsden.cz header.s=mail header.b=F4zwGSNP; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"; dmarc=fail reason="SPF not aligned (relaxed)" header.from=wolfsden.cz (policy=none) ARC-Seal: i=1; s=key1; d=yhetil.org; t=1707938349; a=rsa-sha256; cv=none; b=BA2yOzjjvBuEGf9UmSBWxbBaLSjmLv77aIRwy2g8UJKSP+kT3cQT0omAcBOw6izz/SSOFE H+fwKK7k8OcMpa3CXVlOkQQfattcCvW/ARC0lV1yhnOAE8LYJdTDWWpFSuPThGcpusq4mF 1UJsC5TKDXfhaga65OXBBM6AQfbLbLQOucssLZAi4YwFD4Zc7vwXosac9JujYVQt+GM2xp OMw9QMrgNJvFp8Q2pYQS4oFRWmVJfIxIx8w6IUdYj4Vhb9O4xn6Wh7H5JSvVeG/FW3sLzT 6zJ/GZGHJtSqS6Sve4aBp1UCCrAHeOFPLdxV7YK7CC8okNP8QZHJqstzNBkkGQ== Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 8F277D3E5 for ; Wed, 14 Feb 2024 20:19:08 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1raKmM-0003M5-EI; Wed, 14 Feb 2024 14:18:46 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1raKmK-0003LY-9R for guix-patches@gnu.org; Wed, 14 Feb 2024 14:18:44 -0500 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1raKmK-0001Xd-0y for guix-patches@gnu.org; Wed, 14 Feb 2024 14:18:44 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1raKmc-0000qT-5L for guix-patches@gnu.org; Wed, 14 Feb 2024 14:19:02 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#69131] [PATCH 1/2] gnu: Add passt. Resent-From: Tomas Volf <~@wolfsden.cz> Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Wed, 14 Feb 2024 19:19:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 69131 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 69131@debbugs.gnu.org Cc: Tomas Volf <~@wolfsden.cz> X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.17079382903181 (code B ref -1); Wed, 14 Feb 2024 19:19:01 +0000 Received: (at submit) by debbugs.gnu.org; 14 Feb 2024 19:18:10 +0000 Received: from localhost ([127.0.0.1]:53110 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1raKll-0000pF-OI for submit@debbugs.gnu.org; Wed, 14 Feb 2024 14:18:10 -0500 Received: from lists.gnu.org ([209.51.188.17]:58626) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <~@wolfsden.cz>) id 1raKlj-0000p6-Gl for submit@debbugs.gnu.org; Wed, 14 Feb 2024 14:18:08 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <~@wolfsden.cz>) id 1raKlQ-0003FN-5m for guix-patches@gnu.org; Wed, 14 Feb 2024 14:17:48 -0500 Received: from wolfsden.cz ([37.205.8.62]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <~@wolfsden.cz>) id 1raKlN-0001NY-Hd for guix-patches@gnu.org; Wed, 14 Feb 2024 14:17:47 -0500 Received: by wolfsden.cz (Postfix, from userid 104) id 4842928BE16; Wed, 14 Feb 2024 19:17:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1707938261; bh=aRpdeswe4/hGmnJcesgILefw1XDaq/RCYAl8hHO9c28=; h=From:To:Cc:Subject:Date; b=lBzpsS34EW/oblkGLUkJAzPykO+/abdTUI/Z07CJ+BWl976rgD9HIaYj6QiS5n9yw QYbXthJklXfm477rqgiBLiHwP1zM5Fqo1cYumH1Y8E1TC4yNFtVxwwmtkavrHaoiP7 grMDViH7R1G0DjW1msMJ9Zt6v0kTl4FzvPsvBdt3q6j1GjU8TgKGeAzPny9mgb+djj XZ3LSkxsKSmv78jV3iQMkRkJxP5/dY3424iZyS3cBPmgVkhzMIjcxz6c2nNvHEZkZU n+kQ7+o3h4lGhlT4j5+6g9wOmQwKoRsT7OWQwjcpH6dLRt8n2mwWJiRkDqEQy92B2o SxeQnEk+3+T+sIPYyJuj+SRcgjT8wb5GKKOXXnwwVo4/ugX+GtGapQmZuWea7ebeio 1O5UMdTsIiCDXzEsbN7PJ0pzI9rrP349ZtvFUnd30XgEAdmcyrgjX3E6QeloGnxeXZ 5qe7VMf8q6Znyb+bRHTdMxCPNKKYCe8OVrYBNTbM4VpxISljyic+whJHf5DPU8RS1d OXOnUXJ1fFbB53YVUYQ25ikWmVfFn8KRE5MLCxf5ZN4eL3dR5FGMl1+kFCXIMupSJV Kib+V8mxHcWXA6XfHD9LVQXGxcZ6PkbLfbB15rc0tiyUqfU00Ri7zlCmEQPl1Oipfn 263T90gBVrQroGcf4oiJ16zc= Received: from localhost (unknown [146.70.134.169]) by wolfsden.cz (Postfix) with ESMTPSA id 385A828C721; Wed, 14 Feb 2024 19:17:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1707938260; bh=aRpdeswe4/hGmnJcesgILefw1XDaq/RCYAl8hHO9c28=; h=From:To:Cc:Subject:Date; b=F4zwGSNPYWV4Bj5hgPZ9blQPC1iYgF3abeOCAq81LcvE5wT7V2utETO7yjEZHlE3l xpoUJ1VxRL3NwqJokma7izuBgf1UkDz5/SskQkaQsyRkbXwIgPs+1u5PjP58FgkzK6 okc7whQ1kPkGaraT8+AG0fyPUAwu94RpdOZYAd98YrukgKiVVfDzQK629OOdk66En0 SbDR25lJGXXhDgarGs9nNl30VfpcNXHCACdXrE91qpZ2sSj2jRwCHYVwmYBjuGqMoU u3M0hZBUdxsAR+/kffSTaq5/FuIHVNpNXcqeZvyuB/LiDNAoltYbN/oOiIme6AIn4p pKxXWT9dq6kxcfzGme+7x86yyJ5FHvzfYgbObbislU7ECgRc8K+s5IPZCMWXEFZ/km eiYM9KPVY7Sh81h15HMAoy99xYwndCZ1So56gNz2CelbNGFyp/XJLA8C2YbfHiHFRU gr4cf5PmNNhDkpcZL5MoGkRLi8+wJ96SnKB54e88jsazbrv10pPHSAgH5aMxdwN1sr 8j4rB4NNbnVGoK8a3iSytxQK4XQ6PIy/Swjte1jc0IGmBQ3OC1Hs6bevCA8wi3+DvW EchE8FccXrYFk+eVg6bgssDRQa07gOO5hT8cZI/B5AW7papZek9T9Xbez/YsMmCJpd gljMcqjTTW0kVM8kbkmAcMYQ= From: Tomas Volf <~@wolfsden.cz> Date: Wed, 14 Feb 2024 20:17:34 +0100 Message-ID: X-Mailer: git-send-email 2.41.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=37.205.8.62; envelope-from=~@wolfsden.cz; helo=wolfsden.cz X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, PDS_OTHER_BAD_TLD=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: guix-patches-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US X-Migadu-Scanner: mx10.migadu.com X-Migadu-Spam-Score: -2.71 X-Spam-Score: -2.71 X-Migadu-Queue-Id: 8F277D3E5 X-TUID: FPBAZmImelgg * gnu/packages/containers.scm (passt): New variable. Change-Id: I2ebdd9d4255a89a86fb196568215b74bb61cb3a6 --- gnu/packages/containers.scm | 41 +++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm index a3aa9ac1db..5cd81e85a6 100644 --- a/gnu/packages/containers.scm +++ b/gnu/packages/containers.scm @@ -5,6 +5,7 @@ ;;; Copyright © 2022 Michael Rohleder ;;; Copyright © 2023 Zongyuan Li ;;; Copyright © 2023 Ricardo Wurmus +;;; Copyright © 2024 Tomas Volf <~@wolfsden.cz> ;;; ;;; This file is part of GNU Guix. ;;; @@ -259,6 +260,46 @@ (define-public slirp4netns network namespaces.") (license license:gpl2+))) +(define-public passt + (package + (name "passt") + (version "2023_12_30.f091893") + (source (origin + (method url-fetch) + (uri + (string-append + "https://passt.top/passt/snapshot/passt-" version ".tar.gz")) + (sha256 + (base32 + "1nyd4h93qlxn1r01ffijpsd7r7ny62phki5j58in8gz021jj4f3d")))) + (build-system gnu-build-system) + (arguments + (list + #:make-flags + #~(list (string-append "CC=" #$(cc-for-target)) + "RLIMIT_STACK_VAL=1024" ; ¯\_ (ツ)_/¯ + (string-append "VERSION=" #$version) + (string-append "prefix=" #$output)) + #:tests? #f + #:phases + #~(modify-phases %standard-phases + (delete 'configure)))) + (home-page "https://passt.top") + (synopsis "Plug A Simple Socket Transport") + (description "passt implements a thin layer between guest and host, that +only implements what's strictly needed to pretend processes are running +locally. The TCP adaptation doesn't keep per-connection packet buffers, and +reflects observed sending windows and acknowledgements between the two sides. +This TCP adaptation is needed as passt runs without the CAP_NET_RAW +capability: it can't create raw IP sockets on the pod, and therefore needs to +map packets at Layer-2 to Layer-4 sockets offered by the host kernel. + +Also provides pasta, which similarly to slirp4netns, provides networking to +containers by creating a tap interface available to processes in the +namespace, and mapping network traffic outside the namespace using native +Layer-4 sockets.") + (license (list license:gpl2+ license:bsd-3)))) + (define-public cni-plugins (package (name "cni-plugins") base-commit: e9a6c7094822bc859d0694eeaf8f434317219367 -- 2.41.0