system/apptainer: Make setuid configurable.

Signed-off-by: Andrew Clemons <andrew.clemons@gmail.com>
Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>

2 files changed, 17 insertions, 0 deletions

diff --git a/system/apptainer/README b/system/apptainer/README
index 28182dbd80..178c15c706 100644
--- a/system/apptainer/README
+++ b/system/apptainer/README
@@ -26,3 +26,10 @@ migration documentation and user compatibility documentation.
   Usage example:
 apptainer build slackware.sif \
   /usr/share/apptainer/examples/slackware/slackware.def
+
+Various features can be enabled/disabled by passing variables to the
+script (VAR=yes/no ./apptainer.SlackBuild):
+
+WITH_SUID=auto|yes|no (default: auto)
+  create a setuid-installation (auto uses upstream's default which
+  is currently no)
diff --git a/system/apptainer/apptainer.SlackBuild b/system/apptainer/apptainer.SlackBuild
index 7f60d6af73..be7130c529 100644
--- a/system/apptainer/apptainer.SlackBuild
+++ b/system/apptainer/apptainer.SlackBuild
@@ -76,6 +76,15 @@ find -L . \
  \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \
   -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \;
 
+WITH_SUID=${WITH_SUID:-auto}
+
+if [ "$WITH_SUID" = "no" ] ; then
+  suid_option="--without-suid"
+elif [ "$WITH_SUID" = "yes" ] ; then
+  suid_option="--with-suid"
+else
+  suid_option=""
+fi
 
 # this sets the go path without the needs of logout
 SBOGO=$(find /usr/lib${LIBDIRSUFFIX} -type f -name "go")
@@ -88,6 +97,7 @@ PATH=$GOROOT/bin:$PATH \
   --libdir=/usr/lib${LIBDIRSUFFIX} \
   --sysconfdir=/etc \
   --localstatedir=/var \
+  $suid_option \
   --mandir=/usr/man \
   --docdir=/usr/doc/$PRGNAM-$VERSION