From 71e5c3d671999b5610be5defeff5c4dc7f891835 Mon Sep 17 00:00:00 2001
From: Cristovao Cordeiro <cristovao.cordeiro@canonical.com>
Date: Mon, 25 Sep 2023 17:29:40 +0200
Subject: [PATCH 1/2] feat: add iproute2 slices for Mantic

---
 slices/iproute2.yaml         | 75 ++++++++++++++++++++++++++++++++++++
 slices/libbpf1.yaml          | 10 +++++
 slices/libbsd0.yaml          |  9 +++++
 slices/libcap2-bin.yaml      | 12 ++++++
 slices/libcap2.yaml          | 10 +++++
 slices/libdb5.3.yaml         |  8 ++++
 slices/libelf1.yaml          | 11 ++++++
 slices/libgssapi-krb5-2.yaml | 12 ++++++
 slices/libmd0.yaml           |  8 ++++
 slices/libmnl0.yaml          |  8 ++++
 slices/libpcre2-8-0.yaml     |  8 ++++
 slices/libselinux1.yaml      |  9 +++++
 slices/libtirpc-common.yaml  |  6 +++
 slices/libtirpc3.yaml        | 10 +++++
 slices/libxtables12.yaml     |  8 ++++
 slices/libzstd1.yaml         |  8 ++++
 16 files changed, 212 insertions(+)
 create mode 100644 slices/iproute2.yaml
 create mode 100644 slices/libbpf1.yaml
 create mode 100644 slices/libbsd0.yaml
 create mode 100644 slices/libcap2-bin.yaml
 create mode 100644 slices/libcap2.yaml
 create mode 100644 slices/libdb5.3.yaml
 create mode 100644 slices/libelf1.yaml
 create mode 100644 slices/libgssapi-krb5-2.yaml
 create mode 100644 slices/libmd0.yaml
 create mode 100644 slices/libmnl0.yaml
 create mode 100644 slices/libpcre2-8-0.yaml
 create mode 100644 slices/libselinux1.yaml
 create mode 100644 slices/libtirpc-common.yaml
 create mode 100644 slices/libtirpc3.yaml
 create mode 100644 slices/libxtables12.yaml
 create mode 100644 slices/libzstd1.yaml

diff --git a/slices/iproute2.yaml b/slices/iproute2.yaml
new file mode 100644
index 000000000..c78344679
--- /dev/null
+++ b/slices/iproute2.yaml
@@ -0,0 +1,75 @@
+package: iproute2
+
+slices:
+  # iproute2 is a utility package which typically could be split into
+  # utility-specific slices. The `bins` slice however brings in all the
+  # utilities for cases where iproute2 is used as a dependency for another
+  # package (eg. nginx), where we can't easily know which utilities are
+  # actually going to be needed.
+  bins:
+    # Leaving the debconf dependency out as we don't currently need pkg mgmt.
+    # Also, debconf is used by the pkg's maintainer scripts, which are handled
+    # differently in Chisel. 
+    essential:
+      - iproute2_config
+      - iproute2_libs
+      - libcap2-bin_bins
+    contents:
+      /bin/ip:
+      /sbin/ip:
+      /bin/ss:
+      /sbin/bridge:
+      /sbin/dcb:
+      /sbin/devlink:
+      /sbin/rtacct:
+      /sbin/rtmon:
+      # "tc" is an obvious candidate for getting its own "traffic-control"
+      # slice in the future, if needed.
+      /sbin/tc:
+      /sbin/tipc:
+      /sbin/vdpa:
+      /usr/bin/lnstat:
+      /usr/bin/ctstat:
+      /usr/bin/rtstat:
+      /usr/bin/nstat:
+      /usr/bin/rdma:
+      /usr/bin/routel:
+      /usr/sbin/arpd:
+      /usr/sbin/genl:
+
+  config:
+    # Corresponds to the pkg's conffiles
+    contents:
+      /etc/iproute2/bpf_pinning:
+      /etc/iproute2/ematch_map:
+      /etc/iproute2/group:
+      /etc/iproute2/nl_protos:
+      /etc/iproute2/rt_dsfield:
+      /etc/iproute2/rt_protos:
+      /etc/iproute2/rt_protos.d/:
+      /etc/iproute2/rt_realms:
+      /etc/iproute2/rt_scopes:
+      /etc/iproute2/rt_tables:
+      /etc/iproute2/rt_tables.d/:
+
+  libs:
+    essential:
+      - libbpf1_libs
+      - libbsd0_libs
+      - libc6_libs
+      - libcap2_libs
+      - libdb5.3_libs
+      - libelf1_libs
+      - libmnl0_libs
+      - libselinux1_libs
+      - libtirpc3_libs
+      - libxtables12_libs
+    contents:
+      /usr/include/iproute2/bpf_elf.h:
+      /usr/lib/*-linux-*/tc/experimental.dist:
+      /usr/lib/*-linux-*/tc/m_xt.so:
+      /usr/lib/*-linux-*/tc/m_ipt.so:
+      /usr/lib/*-linux-*/tc/normal.dist:
+      /usr/lib/*-linux-*/tc/pareto.dist:
+      /usr/lib/*-linux-*/tc/paretonormal.dist:
+      /usr/lib/*-linux-*/tc/q_atm.so:
diff --git a/slices/libbpf1.yaml b/slices/libbpf1.yaml
new file mode 100644
index 000000000..63480f30b
--- /dev/null
+++ b/slices/libbpf1.yaml
@@ -0,0 +1,10 @@
+package: libbpf1
+
+slices:
+  libs:
+    essential:
+      - libc6_libs
+      - libelf1_libs
+      - zlib1g_libs
+    contents:
+      /usr/lib/*-linux-*/libbpf.so.1*:
diff --git a/slices/libbsd0.yaml b/slices/libbsd0.yaml
new file mode 100644
index 000000000..b6acf98f8
--- /dev/null
+++ b/slices/libbsd0.yaml
@@ -0,0 +1,9 @@
+package: libbsd0
+
+slices:
+  libs:
+    essential:
+      - libc6_libs
+      - libmd0_libs
+    contents:
+      /usr/lib/*-linux-*/libbsd.so.0*:
diff --git a/slices/libcap2-bin.yaml b/slices/libcap2-bin.yaml
new file mode 100644
index 000000000..096043ea8
--- /dev/null
+++ b/slices/libcap2-bin.yaml
@@ -0,0 +1,12 @@
+package: libcap2-bin
+
+slices:
+  bins:
+    essential:
+      - libc6_libs
+      - libcap2_libs
+    contents:
+      /sbin/capsh:
+      /sbin/getcap:
+      /sbin/getpcaps:
+      /sbin/setcap:
diff --git a/slices/libcap2.yaml b/slices/libcap2.yaml
new file mode 100644
index 000000000..fc1838b8b
--- /dev/null
+++ b/slices/libcap2.yaml
@@ -0,0 +1,10 @@
+package: libcap2
+
+slices:
+  libs:
+    essential:
+      - libc6_libs
+    contents:
+      /lib/*-linux-*/libcap.so.2*:
+      /lib/*-linux-*/libpsx.so.2*:
+
diff --git a/slices/libdb5.3.yaml b/slices/libdb5.3.yaml
new file mode 100644
index 000000000..1e3a29190
--- /dev/null
+++ b/slices/libdb5.3.yaml
@@ -0,0 +1,8 @@
+package: libdb5.3
+
+slices:
+  libs:
+    essential:
+      - libc6_libs
+    contents:
+      /usr/lib/*-linux-*/libdb-5.3.so:
diff --git a/slices/libelf1.yaml b/slices/libelf1.yaml
new file mode 100644
index 000000000..7ceeb849a
--- /dev/null
+++ b/slices/libelf1.yaml
@@ -0,0 +1,11 @@
+package: libelf1
+
+slices:
+  libs:
+    essential:
+      - libc6_libs
+      - libzstd1_libs
+      - zlib1g_libs
+    contents:
+      /usr/lib/*-linux-*/libelf-0.*.so:
+      /usr/lib/*-linux-*/libelf.so.1:
diff --git a/slices/libgssapi-krb5-2.yaml b/slices/libgssapi-krb5-2.yaml
new file mode 100644
index 000000000..532ff36a0
--- /dev/null
+++ b/slices/libgssapi-krb5-2.yaml
@@ -0,0 +1,12 @@
+package: libgssapi-krb5-2
+
+slices:
+  libs:
+    essential:
+      - libc6_libs
+      - libcom-err2_libs
+      - libk5crypto3_libs
+      - libkrb5-3_libs
+      - libkrb5support0_libs
+    contents:
+      /usr/lib/*-linux-*/libgssapi_krb5.so.2*:
diff --git a/slices/libmd0.yaml b/slices/libmd0.yaml
new file mode 100644
index 000000000..877a51013
--- /dev/null
+++ b/slices/libmd0.yaml
@@ -0,0 +1,8 @@
+package: libmd0
+
+slices:
+  libs:
+    essential:
+      - libc6_libs
+    contents:
+      /usr/lib/*-linux-*/libmd.so.0*:
diff --git a/slices/libmnl0.yaml b/slices/libmnl0.yaml
new file mode 100644
index 000000000..bc9d08460
--- /dev/null
+++ b/slices/libmnl0.yaml
@@ -0,0 +1,8 @@
+package: libmnl0
+
+slices:
+  libs:
+    essential:
+      - libc6_libs
+    contents:
+      /usr/lib/*-linux-*/libmnl.so.0*:
diff --git a/slices/libpcre2-8-0.yaml b/slices/libpcre2-8-0.yaml
new file mode 100644
index 000000000..480f022b6
--- /dev/null
+++ b/slices/libpcre2-8-0.yaml
@@ -0,0 +1,8 @@
+package: libpcre2-8-0
+
+slices:
+  libs:
+    essential:
+      - libc6_libs
+    contents:
+      /usr/lib/*-linux-*/libpcre2-8.so.0*:
diff --git a/slices/libselinux1.yaml b/slices/libselinux1.yaml
new file mode 100644
index 000000000..ce82bb19e
--- /dev/null
+++ b/slices/libselinux1.yaml
@@ -0,0 +1,9 @@
+package: libselinux1
+
+slices:
+  libs:
+    essential:
+      - libc6_libs
+      - libpcre2-8-0_libs
+    contents:
+      /lib/*-linux-*/libselinux.so.1:
diff --git a/slices/libtirpc-common.yaml b/slices/libtirpc-common.yaml
new file mode 100644
index 000000000..03faa3f48
--- /dev/null
+++ b/slices/libtirpc-common.yaml
@@ -0,0 +1,6 @@
+package: libtirpc-common
+
+slices:
+  config:
+    contents:
+      /etc/netconfig:
diff --git a/slices/libtirpc3.yaml b/slices/libtirpc3.yaml
new file mode 100644
index 000000000..0080f486a
--- /dev/null
+++ b/slices/libtirpc3.yaml
@@ -0,0 +1,10 @@
+package: libtirpc3
+
+slices:
+  libs:
+    essential:
+      - libc6_libs
+      - libgssapi-krb5-2_libs
+      - libtirpc-common_config
+    contents:
+      /lib/*-linux-*/libtirpc.so.3*:
diff --git a/slices/libxtables12.yaml b/slices/libxtables12.yaml
new file mode 100644
index 000000000..1e04a0bb2
--- /dev/null
+++ b/slices/libxtables12.yaml
@@ -0,0 +1,8 @@
+package: libxtables12
+
+slices:
+  libs:
+    essential:
+      - libc6_libs
+    contents:
+      /usr/lib/*-linux-*/libxtables.so.12*:
diff --git a/slices/libzstd1.yaml b/slices/libzstd1.yaml
new file mode 100644
index 000000000..0a8175140
--- /dev/null
+++ b/slices/libzstd1.yaml
@@ -0,0 +1,8 @@
+package: libzstd1
+
+slices:
+  libs:
+    essential:
+      - libc6_libs
+    contents:
+      /usr/lib/*-linux-*/libzstd.so.1*:

From a4aac51e0cf8606678ea56b591d0d68fcfa95b59 Mon Sep 17 00:00:00 2001
From: Cristovao Cordeiro <cristovao.cordeiro@canonical.com>
Date: Mon, 25 Sep 2023 17:29:58 +0200
Subject: [PATCH 2/2] feat: add NGINX slices for Mantic

---
 slices/nginx-common.yaml | 60 ++++++++++++++++++++++++++++++++++++++++
 slices/nginx.yaml        | 16 +++++++++++
 2 files changed, 76 insertions(+)
 create mode 100644 slices/nginx-common.yaml
 create mode 100644 slices/nginx.yaml

diff --git a/slices/nginx-common.yaml b/slices/nginx-common.yaml
new file mode 100644
index 000000000..ad6d5c449
--- /dev/null
+++ b/slices/nginx-common.yaml
@@ -0,0 +1,60 @@
+package: nginx-common
+
+slices:
+  # Leaving the debconf dependency out as we don't currently need pkg mgmt.
+  # Also, debconf is especially used for the maintainer scripts, which are
+  # handled differently in Chisel.
+  # There's also no need (yet) for any init- and systemd-related files.
+  config:
+    contents:
+      /etc/logrotate.d/nginx:
+      /etc/nginx/fastcgi.conf:
+      /etc/nginx/fastcgi_params:
+      /etc/nginx/koi-utf:
+      /etc/nginx/koi-win:
+      /etc/nginx/mime.types:
+      /etc/nginx/nginx.conf:
+      /etc/nginx/proxy_params:
+      /etc/nginx/scgi_params:
+      /etc/nginx/sites-available/default:
+      /etc/nginx/snippets/fastcgi-php.conf:
+      /etc/nginx/snippets/snakeoil.conf:
+      /etc/nginx/uwsgi_params:
+      /etc/nginx/win-utf:
+      # Created by the maintainer scripts
+      /var/log/nginx/: {make: true, mode: 0755}
+      /var/log/nginx/access.log: {text: "", mode: 640} 
+      /var/log/nginx/error.log: {text: "", mode: 640}
+      /etc/nginx/sites-enabled/default: {symlink: /etc/nginx/sites-available/default}
+      /var/www/html/: {make: true}
+      /var/lib/nginx/: {make: true}
+
+  ufw-config:
+    contents:
+      /etc/ufw/applications.d/nginx:
+
+  apport:
+    contents:
+      /usr/share/apport/package-hooks/source_nginx.py:
+
+  index:
+    contents:
+      /usr/share/nginx/html/index.html:
+      /var/www/html/index.nginx-debian.html: {copy: /usr/share/nginx/html/index.html}
+
+  modules:
+    contents:
+      /usr/share/nginx/modules:
+
+  vim-addons:
+    essential:
+      - nginx-common_vim-config
+    contents:
+      /usr/share/vim/addons/ftdetect/nginx.vim:
+      /usr/share/vim/addons/ftplugin/nginx.vim:
+      /usr/share/vim/addons/indent/nginx.vim:
+      /usr/share/vim/addons/syntax/nginx.vim:
+  
+  vim-config:
+    contents:
+      /usr/share/vim/registry/nginx.yaml:
diff --git a/slices/nginx.yaml b/slices/nginx.yaml
new file mode 100644
index 000000000..41976021b
--- /dev/null
+++ b/slices/nginx.yaml
@@ -0,0 +1,16 @@
+package: nginx
+
+slices:
+  bins:
+    essential:
+      # iproute2 seems to only be required for executing the maintainer
+      # scripts, which is something that is handled differently in Chisel.
+      # - iproute2_bins
+      - libc6_libs
+      - libcrypt1_libs
+      - libpcre2-8-0_libs
+      - libssl3_libs
+      - nginx-common_config
+      - zlib1g_libs
+    contents:
+      /usr/sbin/nginx: