From 576362668319d6324af9660316b349c056882a55 Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Mon, 17 Aug 2020 13:15:58 +0000 Subject: [PATCH 01/48] crun-0.14.1-1 Signed-off-by: RH Container Bot --- crun.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/crun.spec b/crun.spec index b2aea90..2432d49 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun Version: 0.14.1 -Release: 2%{?dist} +Release: 1%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv3+ URL: https://github.com/containers/crun @@ -44,6 +44,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Mon Aug 17 13:15:45 GMT 2020 RH Container Bot - 0.14.1-1 +- autobuilt 0.14.1 + * Mon Jul 27 2020 Fedora Release Engineering - 0.14.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild From 7a81d890cb7327988a0a4ce1a4d67048aa87be99 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Thu, 27 Aug 2020 13:53:39 +0200 Subject: [PATCH 02/48] crun-0.14.1-3 Signed-off-by: Giuseppe Scrivano --- ...x-race-condition-when-reading-cgroup.patch | 42 +++++++++++++++++++ crun.spec | 7 +++- 2 files changed, 48 insertions(+), 1 deletion(-) create mode 100644 0001-state-fix-race-condition-when-reading-cgroup.patch diff --git a/0001-state-fix-race-condition-when-reading-cgroup.patch b/0001-state-fix-race-condition-when-reading-cgroup.patch new file mode 100644 index 0000000..cbdaf76 --- /dev/null +++ b/0001-state-fix-race-condition-when-reading-cgroup.patch @@ -0,0 +1,42 @@ +From 1a71c82ea9fd3561b16e2730bea9673219c15843 Mon Sep 17 00:00:00 2001 +From: Giuseppe Scrivano +Date: Thu, 27 Aug 2020 12:10:21 +0200 +Subject: [PATCH] state: fix race condition when reading cgroup + +by the time crun attempts to read from the cgroup, systemd might have +already cleaned it up. When using systemd, on ENOENT state reports +the container as "stopped" instead of an error. + +Closes: https://github.com/containers/podman/issues/7148 + +Signed-off-by: Giuseppe Scrivano +--- + src/libcrun/container.c | 12 +++++++++++- + 1 file changed, 11 insertions(+), 1 deletion(-) + +diff --git a/src/libcrun/container.c b/src/libcrun/container.c +index 3723300..289e551 100644 +--- a/src/libcrun/container.c ++++ b/src/libcrun/container.c +@@ -2112,7 +2112,17 @@ libcrun_get_container_state_string (const char *id, libcrun_container_status_t * + + ret = libcrun_cgroup_is_container_paused (status->cgroup_path, cgroup_mode, &paused, err); + if (UNLIKELY (ret < 0)) +- return ret; ++ { ++ /* The cgroup might have been cleaned up by systemd by the time we try to read it, so ignore ENOENT. */ ++ if (status->systemd_cgroup && crun_error_get_errno (err) == ENOENT) ++ { ++ crun_error_release (err); ++ *container_status = "stopped"; ++ return 0; ++ } ++ ++ return ret; ++ } + } + + if (! *running) +-- +2.26.2 + diff --git a/crun.spec b/crun.spec index 2432d49..ce32e15 100644 --- a/crun.spec +++ b/crun.spec @@ -22,11 +22,13 @@ BuildRequires: libtool BuildRequires: go-md2man Provides: oci-runtime = 2 +Patch0: 0001-state-fix-race-condition-when-reading-cgroup.patch + %description crun is a runtime for running OCI containers %prep -%autosetup -n %{name}-%{version} +%autosetup -p1 -n %{name}-%{version} %build ./autogen.sh @@ -44,6 +46,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Thu Aug 27 2020 Giuseppe Scrivano - 0.14.1-3 +- backport ed9c3e6f466dfb6d2e79802060fabd5f4b66f78e + * Mon Aug 17 13:15:45 GMT 2020 RH Container Bot - 0.14.1-1 - autobuilt 0.14.1 From 75e6a515610790386f79efbd7e4e62e7afc3ef2c Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Thu, 27 Aug 2020 14:00:23 +0200 Subject: [PATCH 03/48] fix-nvr Signed-off-by: Giuseppe Scrivano --- crun.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crun.spec b/crun.spec index ce32e15..42b01dd 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun Version: 0.14.1 -Release: 1%{?dist} +Release: 3%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv3+ URL: https://github.com/containers/crun From 3b24ee0301b3ae07475d85fac0e16a91574a8946 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Mon, 31 Aug 2020 14:47:08 -0400 Subject: [PATCH 04/48] crun-0.14.1-4 - rebuild Signed-off-by: Lokesh Mandvekar --- crun.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/crun.spec b/crun.spec index 42b01dd..4850b6f 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun Version: 0.14.1 -Release: 3%{?dist} +Release: 4%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv3+ URL: https://github.com/containers/crun @@ -46,6 +46,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Mon Aug 31 2020 Lokesh Mandvekar - 0.14.1-4 +- rebuild + * Thu Aug 27 2020 Giuseppe Scrivano - 0.14.1-3 - backport ed9c3e6f466dfb6d2e79802060fabd5f4b66f78e From 27edd076a61eccef061f2e885a97a6a48bb91763 Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Wed, 2 Sep 2020 13:47:54 +0000 Subject: [PATCH 05/48] crun-0.14.1-1 Signed-off-by: RH Container Bot --- crun.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/crun.spec b/crun.spec index 4850b6f..4748e8a 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun Version: 0.14.1 -Release: 4%{?dist} +Release: 1%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv3+ URL: https://github.com/containers/crun @@ -46,6 +46,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Wed Sep 2 2020 RH Container Bot - 0.14.1-1 +- autobuilt 0.14.1 + * Mon Aug 31 2020 Lokesh Mandvekar - 0.14.1-4 - rebuild From ae2a73dd76e102ae5eef8131353d1e2ebbd9d9a3 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Fri, 11 Sep 2020 06:03:27 -0400 Subject: [PATCH 06/48] Revert "crun-0.14.1-1" This reverts commit 27edd076a61eccef061f2e885a97a6a48bb91763. --- crun.spec | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/crun.spec b/crun.spec index 4748e8a..4850b6f 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun Version: 0.14.1 -Release: 1%{?dist} +Release: 4%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv3+ URL: https://github.com/containers/crun @@ -46,9 +46,6 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog -* Wed Sep 2 2020 RH Container Bot - 0.14.1-1 -- autobuilt 0.14.1 - * Mon Aug 31 2020 Lokesh Mandvekar - 0.14.1-4 - rebuild From 0430ab03ff1099debfa78c9267acf7e7c3dc2f07 Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Fri, 11 Sep 2020 10:13:01 +0000 Subject: [PATCH 07/48] crun-0.14.1-1 autobuilt 0.14.1 Signed-off-by: RH Container Bot --- crun.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/crun.spec b/crun.spec index 4850b6f..9f72f36 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun Version: 0.14.1 -Release: 4%{?dist} +Release: 1%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv3+ URL: https://github.com/containers/crun @@ -46,6 +46,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Fri Sep 11 2020 RH Container Bot - 0.14.1-1 +- autobuilt 0.14.1 + * Mon Aug 31 2020 Lokesh Mandvekar - 0.14.1-4 - rebuild From 9dba12c7b680a90cb216ea3b8f26380f024dbeac Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Mon, 14 Sep 2020 12:05:15 +0200 Subject: [PATCH 08/48] crun-0.14.1-5 Signed-off-by: Giuseppe Scrivano --- ...apabilities-get-last_cap-dynamically.patch | 100 ++++++++++++++++++ crun.spec | 6 +- 2 files changed, 105 insertions(+), 1 deletion(-) create mode 100644 0001-Capabilities-get-last_cap-dynamically.patch diff --git a/0001-Capabilities-get-last_cap-dynamically.patch b/0001-Capabilities-get-last_cap-dynamically.patch new file mode 100644 index 0000000..4a4751f --- /dev/null +++ b/0001-Capabilities-get-last_cap-dynamically.patch @@ -0,0 +1,100 @@ +From 2dd22b2f1aa13edc704cf5a6e50793457076789e Mon Sep 17 00:00:00 2001 +From: Ed Santiago +Date: Mon, 31 Aug 2020 12:09:39 -0600 +Subject: [PATCH] Capabilities: get last_cap dynamically + +Determine the kernel capability set at run time, for +consistency with runc. + +Signed-off-by: Ed Santiago +(cherry picked from commit 4453af4c060e380051552ee589af5cad37f2ae82) +--- + src/libcrun/container.c | 4 ++++ + src/libcrun/linux.c | 29 +++++++++++++++++++++++++++-- + src/libcrun/linux.h | 1 + + 3 files changed, 32 insertions(+), 2 deletions(-) + +diff --git a/src/libcrun/container.c b/src/libcrun/container.c +index 3723300..0870cf2 100644 +--- a/src/libcrun/container.c ++++ b/src/libcrun/container.c +@@ -480,6 +480,10 @@ initialize_security (runtime_spec_schema_config_schema_process *proc, libcrun_er + if (UNLIKELY (ret < 0)) + return ret; + ++ ret = libcrun_init_caps (err); ++ if (UNLIKELY (ret < 0)) ++ return ret; ++ + return 0; + } + +diff --git a/src/libcrun/linux.c b/src/libcrun/linux.c +index fa87d82..316943d 100644 +--- a/src/libcrun/linux.c ++++ b/src/libcrun/linux.c +@@ -2291,6 +2291,28 @@ has_cap_on (int cap, long unsigned *caps) + return (CAP_TO_MASK_1 (cap) & caps[1]); + } + ++static unsigned long cap_last_cap; ++ ++int ++libcrun_init_caps (libcrun_error_t *err) ++{ ++ cleanup_close int fd = -1; ++ int ret; ++ char buffer[16]; ++ fd = open ("/proc/sys/kernel/cap_last_cap", O_RDONLY); ++ if (fd < 0) ++ return crun_make_error (err, errno, "open /proc/sys/kernel/cap_last_cap"); ++ ret = TEMP_FAILURE_RETRY (read (fd, buffer, sizeof (buffer))); ++ if (UNLIKELY (ret < 0)) ++ return crun_make_error (err, errno, "read from /proc/sys/kernel/cap_last_cap"); ++ ++ errno = 0; ++ cap_last_cap = strtoul (buffer, NULL, 10); ++ if (errno != 0) ++ return crun_make_error (err, errno, "strtoul() from /proc/sys/kernel/cap_last_cap"); ++ return 0; ++} ++ + static int + set_required_caps (struct all_caps_s *caps, uid_t uid, gid_t gid, int no_new_privs, libcrun_error_t *err) + { +@@ -2299,7 +2321,10 @@ set_required_caps (struct all_caps_s *caps, uid_t uid, gid_t gid, int no_new_pri + struct __user_cap_header_struct hdr = { _LINUX_CAPABILITY_VERSION_3, 0 }; + struct __user_cap_data_struct data[2] = { { 0 } }; + +- for (cap = 0; cap <= CAP_LAST_CAP; cap++) ++ if (cap_last_cap == 0) ++ return crun_make_error (err, 0, "internal error: max number of capabilities not initialized"); ++ ++ for (cap = 0; cap <= cap_last_cap; cap++) + if (! has_cap_on (cap, caps->bounding)) + { + ret = prctl (PR_CAPBSET_DROP, cap, 0, 0, 0); +@@ -2335,7 +2360,7 @@ set_required_caps (struct all_caps_s *caps, uid_t uid, gid_t gid, int no_new_pri + if (UNLIKELY (ret < 0 && !(errno == EINVAL || errno == EPERM))) + return crun_make_error (err, errno, "prctl reset ambient"); + +- for (cap = 0; cap <= CAP_LAST_CAP; cap++) ++ for (cap = 0; cap <= cap_last_cap; cap++) + if (has_cap_on (cap, caps->ambient)) + { + ret = prctl (PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, cap, 0, 0); +diff --git a/src/libcrun/linux.h b/src/libcrun/linux.h +index a92b5f1..fc70feb 100644 +--- a/src/libcrun/linux.h ++++ b/src/libcrun/linux.h +@@ -38,6 +38,7 @@ pid_t libcrun_run_linux_container (libcrun_container_t *container, + libcrun_error_t *err); + int get_notify_fd (libcrun_context_t *context, libcrun_container_t *container, int *notify_socket_out, libcrun_error_t *err); + int libcrun_set_mounts (libcrun_container_t *container, const char *rootfs, libcrun_error_t *err); ++int libcrun_init_caps (libcrun_error_t *err); + int libcrun_do_pivot_root (libcrun_container_t *container, bool no_pivot, const char *rootfs, libcrun_error_t *err); + int libcrun_reopen_dev_null (libcrun_error_t *err); + int libcrun_set_usernamespace (libcrun_container_t *container, pid_t pid, libcrun_error_t *err); +-- +2.26.2 + diff --git a/crun.spec b/crun.spec index 9f72f36..24cb673 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun Version: 0.14.1 -Release: 1%{?dist} +Release: 5%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv3+ URL: https://github.com/containers/crun @@ -23,6 +23,7 @@ BuildRequires: go-md2man Provides: oci-runtime = 2 Patch0: 0001-state-fix-race-condition-when-reading-cgroup.patch +Patch1: 0001-Capabilities-get-last_cap-dynamically.patch %description crun is a runtime for running OCI containers @@ -46,6 +47,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Mon Sep 14 2020 Giuseppe Scrivano - 0.14.1-5 +- backport 4453af4c060e380051552ee589af5cad37f2ae82 + * Fri Sep 11 2020 RH Container Bot - 0.14.1-1 - autobuilt 0.14.1 From b091ac3f0537ac1ceeab662cb4e712513a55179d Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Mon, 14 Sep 2020 11:13:27 +0000 Subject: [PATCH 09/48] crun-0.14.1-1 autobuilt 0.14.1 Signed-off-by: RH Container Bot --- crun.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/crun.spec b/crun.spec index 24cb673..a6063bd 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun Version: 0.14.1 -Release: 5%{?dist} +Release: 1%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv3+ URL: https://github.com/containers/crun @@ -47,6 +47,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Mon Sep 14 2020 RH Container Bot - 0.14.1-1 +- autobuilt 0.14.1 + * Mon Sep 14 2020 Giuseppe Scrivano - 0.14.1-5 - backport 4453af4c060e380051552ee589af5cad37f2ae82 From 2f4dc5622f899685481bfae20398e92db7834b94 Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Wed, 23 Sep 2020 15:13:26 +0000 Subject: [PATCH 10/48] crun-0.15-1 autobuilt 0.15 Signed-off-by: RH Container Bot --- .gitignore | 1 + crun.spec | 5 ++++- sources | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index ce20ab0..515f617 100644 --- a/.gitignore +++ b/.gitignore @@ -20,3 +20,4 @@ crun-0.1.1.tar.gz /crun-0.13.tar.gz /crun-0.14.tar.gz /crun-0.14.1.tar.gz +/crun-0.15.tar.gz diff --git a/crun.spec b/crun.spec index a6063bd..bafd9a4 100644 --- a/crun.spec +++ b/crun.spec @@ -1,6 +1,6 @@ Summary: OCI runtime written in C Name: crun -Version: 0.14.1 +Version: 0.15 Release: 1%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv3+ @@ -47,6 +47,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Wed Sep 23 2020 RH Container Bot - 0.15-1 +- autobuilt 0.15 + * Mon Sep 14 2020 RH Container Bot - 0.14.1-1 - autobuilt 0.14.1 diff --git a/sources b/sources index 0d91064..07332d6 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (crun-0.14.1.tar.gz) = 420f1713653cbd17df83b2a63d163aaa41baf78115b093877a2241305e10b2ceeaf08ea6700658eca894729ff8a20cbc66f868d18d27fba3fbedf1a9993b122e +SHA512 (crun-0.15.tar.gz) = f9a9e94b6a9c5cff01fe93b1c3d5876a0794e6288b802cf579556e11411ca5d6e63cae3859aaa4df4bb600e2d27aa131872a93a92784b9b48f7885411d86f325 From e42a77d89d296087e73ccc961989eeea12530a33 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Wed, 23 Sep 2020 17:18:44 +0200 Subject: [PATCH 11/48] remove old patches Signed-off-by: Giuseppe Scrivano --- ...apabilities-get-last_cap-dynamically.patch | 100 ------------------ ...x-race-condition-when-reading-cgroup.patch | 42 -------- 2 files changed, 142 deletions(-) delete mode 100644 0001-Capabilities-get-last_cap-dynamically.patch delete mode 100644 0001-state-fix-race-condition-when-reading-cgroup.patch diff --git a/0001-Capabilities-get-last_cap-dynamically.patch b/0001-Capabilities-get-last_cap-dynamically.patch deleted file mode 100644 index 4a4751f..0000000 --- a/0001-Capabilities-get-last_cap-dynamically.patch +++ /dev/null @@ -1,100 +0,0 @@ -From 2dd22b2f1aa13edc704cf5a6e50793457076789e Mon Sep 17 00:00:00 2001 -From: Ed Santiago -Date: Mon, 31 Aug 2020 12:09:39 -0600 -Subject: [PATCH] Capabilities: get last_cap dynamically - -Determine the kernel capability set at run time, for -consistency with runc. - -Signed-off-by: Ed Santiago -(cherry picked from commit 4453af4c060e380051552ee589af5cad37f2ae82) ---- - src/libcrun/container.c | 4 ++++ - src/libcrun/linux.c | 29 +++++++++++++++++++++++++++-- - src/libcrun/linux.h | 1 + - 3 files changed, 32 insertions(+), 2 deletions(-) - -diff --git a/src/libcrun/container.c b/src/libcrun/container.c -index 3723300..0870cf2 100644 ---- a/src/libcrun/container.c -+++ b/src/libcrun/container.c -@@ -480,6 +480,10 @@ initialize_security (runtime_spec_schema_config_schema_process *proc, libcrun_er - if (UNLIKELY (ret < 0)) - return ret; - -+ ret = libcrun_init_caps (err); -+ if (UNLIKELY (ret < 0)) -+ return ret; -+ - return 0; - } - -diff --git a/src/libcrun/linux.c b/src/libcrun/linux.c -index fa87d82..316943d 100644 ---- a/src/libcrun/linux.c -+++ b/src/libcrun/linux.c -@@ -2291,6 +2291,28 @@ has_cap_on (int cap, long unsigned *caps) - return (CAP_TO_MASK_1 (cap) & caps[1]); - } - -+static unsigned long cap_last_cap; -+ -+int -+libcrun_init_caps (libcrun_error_t *err) -+{ -+ cleanup_close int fd = -1; -+ int ret; -+ char buffer[16]; -+ fd = open ("/proc/sys/kernel/cap_last_cap", O_RDONLY); -+ if (fd < 0) -+ return crun_make_error (err, errno, "open /proc/sys/kernel/cap_last_cap"); -+ ret = TEMP_FAILURE_RETRY (read (fd, buffer, sizeof (buffer))); -+ if (UNLIKELY (ret < 0)) -+ return crun_make_error (err, errno, "read from /proc/sys/kernel/cap_last_cap"); -+ -+ errno = 0; -+ cap_last_cap = strtoul (buffer, NULL, 10); -+ if (errno != 0) -+ return crun_make_error (err, errno, "strtoul() from /proc/sys/kernel/cap_last_cap"); -+ return 0; -+} -+ - static int - set_required_caps (struct all_caps_s *caps, uid_t uid, gid_t gid, int no_new_privs, libcrun_error_t *err) - { -@@ -2299,7 +2321,10 @@ set_required_caps (struct all_caps_s *caps, uid_t uid, gid_t gid, int no_new_pri - struct __user_cap_header_struct hdr = { _LINUX_CAPABILITY_VERSION_3, 0 }; - struct __user_cap_data_struct data[2] = { { 0 } }; - -- for (cap = 0; cap <= CAP_LAST_CAP; cap++) -+ if (cap_last_cap == 0) -+ return crun_make_error (err, 0, "internal error: max number of capabilities not initialized"); -+ -+ for (cap = 0; cap <= cap_last_cap; cap++) - if (! has_cap_on (cap, caps->bounding)) - { - ret = prctl (PR_CAPBSET_DROP, cap, 0, 0, 0); -@@ -2335,7 +2360,7 @@ set_required_caps (struct all_caps_s *caps, uid_t uid, gid_t gid, int no_new_pri - if (UNLIKELY (ret < 0 && !(errno == EINVAL || errno == EPERM))) - return crun_make_error (err, errno, "prctl reset ambient"); - -- for (cap = 0; cap <= CAP_LAST_CAP; cap++) -+ for (cap = 0; cap <= cap_last_cap; cap++) - if (has_cap_on (cap, caps->ambient)) - { - ret = prctl (PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, cap, 0, 0); -diff --git a/src/libcrun/linux.h b/src/libcrun/linux.h -index a92b5f1..fc70feb 100644 ---- a/src/libcrun/linux.h -+++ b/src/libcrun/linux.h -@@ -38,6 +38,7 @@ pid_t libcrun_run_linux_container (libcrun_container_t *container, - libcrun_error_t *err); - int get_notify_fd (libcrun_context_t *context, libcrun_container_t *container, int *notify_socket_out, libcrun_error_t *err); - int libcrun_set_mounts (libcrun_container_t *container, const char *rootfs, libcrun_error_t *err); -+int libcrun_init_caps (libcrun_error_t *err); - int libcrun_do_pivot_root (libcrun_container_t *container, bool no_pivot, const char *rootfs, libcrun_error_t *err); - int libcrun_reopen_dev_null (libcrun_error_t *err); - int libcrun_set_usernamespace (libcrun_container_t *container, pid_t pid, libcrun_error_t *err); --- -2.26.2 - diff --git a/0001-state-fix-race-condition-when-reading-cgroup.patch b/0001-state-fix-race-condition-when-reading-cgroup.patch deleted file mode 100644 index cbdaf76..0000000 --- a/0001-state-fix-race-condition-when-reading-cgroup.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 1a71c82ea9fd3561b16e2730bea9673219c15843 Mon Sep 17 00:00:00 2001 -From: Giuseppe Scrivano -Date: Thu, 27 Aug 2020 12:10:21 +0200 -Subject: [PATCH] state: fix race condition when reading cgroup - -by the time crun attempts to read from the cgroup, systemd might have -already cleaned it up. When using systemd, on ENOENT state reports -the container as "stopped" instead of an error. - -Closes: https://github.com/containers/podman/issues/7148 - -Signed-off-by: Giuseppe Scrivano ---- - src/libcrun/container.c | 12 +++++++++++- - 1 file changed, 11 insertions(+), 1 deletion(-) - -diff --git a/src/libcrun/container.c b/src/libcrun/container.c -index 3723300..289e551 100644 ---- a/src/libcrun/container.c -+++ b/src/libcrun/container.c -@@ -2112,7 +2112,17 @@ libcrun_get_container_state_string (const char *id, libcrun_container_status_t * - - ret = libcrun_cgroup_is_container_paused (status->cgroup_path, cgroup_mode, &paused, err); - if (UNLIKELY (ret < 0)) -- return ret; -+ { -+ /* The cgroup might have been cleaned up by systemd by the time we try to read it, so ignore ENOENT. */ -+ if (status->systemd_cgroup && crun_error_get_errno (err) == ENOENT) -+ { -+ crun_error_release (err); -+ *container_status = "stopped"; -+ return 0; -+ } -+ -+ return ret; -+ } - } - - if (! *running) --- -2.26.2 - From 81d411756376747a12f3efa30a9fb085f9cf9a65 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Wed, 23 Sep 2020 17:19:14 +0200 Subject: [PATCH 12/48] remove old patches Signed-off-by: Giuseppe Scrivano --- crun.spec | 3 --- 1 file changed, 3 deletions(-) diff --git a/crun.spec b/crun.spec index bafd9a4..45a4683 100644 --- a/crun.spec +++ b/crun.spec @@ -22,9 +22,6 @@ BuildRequires: libtool BuildRequires: go-md2man Provides: oci-runtime = 2 -Patch0: 0001-state-fix-race-condition-when-reading-cgroup.patch -Patch1: 0001-Capabilities-get-last_cap-dynamically.patch - %description crun is a runtime for running OCI containers From 4f10f56b3e8dc10fc9a5ac135f39c9a552b10480 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Wed, 23 Sep 2020 17:27:34 +0200 Subject: [PATCH 13/48] rebuild Signed-off-by: Giuseppe Scrivano (cherry picked from commit 89169426ca4a015e5ca8af27d04bf2d6ab2097fa) --- crun.spec | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/crun.spec b/crun.spec index 45a4683..31eea02 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun Version: 0.15 -Release: 1%{?dist} +Release: 2%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv3+ URL: https://github.com/containers/crun @@ -44,12 +44,18 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Wed Sep 23 2020 Giuseppe Scrivano - 0.15-2 +- rebuild + * Wed Sep 23 2020 RH Container Bot - 0.15-1 - autobuilt 0.15 * Mon Sep 14 2020 RH Container Bot - 0.14.1-1 - autobuilt 0.14.1 +* Wed Sep 23 2020 Giuseppe Scrivano - 0.15-1 +- build version 0.15 + * Mon Sep 14 2020 Giuseppe Scrivano - 0.14.1-5 - backport 4453af4c060e380051552ee589af5cad37f2ae82 From 7810240c2d40c73190c2953b77641cd66a85fc95 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Wed, 23 Sep 2020 18:00:37 +0200 Subject: [PATCH 14/48] fix changelog Signed-off-by: Giuseppe Scrivano --- crun.spec | 6 ------ 1 file changed, 6 deletions(-) diff --git a/crun.spec b/crun.spec index 31eea02..9b595fd 100644 --- a/crun.spec +++ b/crun.spec @@ -50,12 +50,6 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* * Wed Sep 23 2020 RH Container Bot - 0.15-1 - autobuilt 0.15 -* Mon Sep 14 2020 RH Container Bot - 0.14.1-1 -- autobuilt 0.14.1 - -* Wed Sep 23 2020 Giuseppe Scrivano - 0.15-1 -- build version 0.15 - * Mon Sep 14 2020 Giuseppe Scrivano - 0.14.1-5 - backport 4453af4c060e380051552ee589af5cad37f2ae82 From ea29abb4bec46926db55e0a94ffc1da1c864d1a1 Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Wed, 23 Sep 2020 16:13:43 +0000 Subject: [PATCH 15/48] crun-0.15-1 autobuilt 0.15 Signed-off-by: RH Container Bot --- crun.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/crun.spec b/crun.spec index 9b595fd..09e824c 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun Version: 0.15 -Release: 2%{?dist} +Release: 1%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv3+ URL: https://github.com/containers/crun @@ -44,6 +44,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Wed Sep 23 2020 RH Container Bot - 0.15-1 +- autobuilt 0.15 + * Wed Sep 23 2020 Giuseppe Scrivano - 0.15-2 - rebuild From bf6cb7c82ef5599f535e8165cd81e0c734dd5674 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Thu, 24 Sep 2020 10:12:44 -0400 Subject: [PATCH 16/48] Revert "crun-0.15-1" This reverts commit ea29abb4bec46926db55e0a94ffc1da1c864d1a1. --- crun.spec | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/crun.spec b/crun.spec index 09e824c..9b595fd 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun Version: 0.15 -Release: 1%{?dist} +Release: 2%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv3+ URL: https://github.com/containers/crun @@ -44,9 +44,6 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog -* Wed Sep 23 2020 RH Container Bot - 0.15-1 -- autobuilt 0.15 - * Wed Sep 23 2020 Giuseppe Scrivano - 0.15-2 - rebuild From 59ef977f921441a6938ae07e52ad4b1c9c01e71d Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Thu, 24 Sep 2020 10:13:45 -0400 Subject: [PATCH 17/48] crun-0.15-3 - release tag ahead of f32 Signed-off-by: Lokesh Mandvekar --- crun.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/crun.spec b/crun.spec index 9b595fd..b21486f 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun Version: 0.15 -Release: 2%{?dist} +Release: 3%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv3+ URL: https://github.com/containers/crun @@ -44,6 +44,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Thu Sep 24 10:13:25 EDT 2020 Lokesh Mandvekar - 0.15-3 +- release tag ahead of f32 + * Wed Sep 23 2020 Giuseppe Scrivano - 0.15-2 - rebuild From 6b1c3f0497b7ad7987c80eee3bca6338f4a51dc1 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Wed, 30 Sep 2020 14:33:23 +0200 Subject: [PATCH 18/48] crun-0.15-4 Signed-off-by: Giuseppe Scrivano --- 0001-exec-check-read-bytes-from-sync.patch | 35 ++++++++++++++++++++++ crun.spec | 10 ++++++- 2 files changed, 44 insertions(+), 1 deletion(-) create mode 100644 0001-exec-check-read-bytes-from-sync.patch diff --git a/0001-exec-check-read-bytes-from-sync.patch b/0001-exec-check-read-bytes-from-sync.patch new file mode 100644 index 0000000..fc41655 --- /dev/null +++ b/0001-exec-check-read-bytes-from-sync.patch @@ -0,0 +1,35 @@ +From 20c56beb3307b0ac07af0edbbbe49ec65819f559 Mon Sep 17 00:00:00 2001 +From: Giuseppe Scrivano +Date: Tue, 29 Sep 2020 16:52:02 +0200 +Subject: [PATCH] exec: check read bytes from sync + +when reading from the exec sync pipe, make sure it reads exactly one +byte otherwise return an error. + +Closes: https://github.com/containers/crun/issues/511 + +Signed-off-by: Giuseppe Scrivano +--- + src/libcrun/container.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/libcrun/container.c b/src/libcrun/container.c +index 927986a..0308992 100644 +--- a/src/libcrun/container.c ++++ b/src/libcrun/container.c +@@ -2595,10 +2595,10 @@ libcrun_container_exec (libcrun_context_t *context, const char *id, runtime_spec + } + } + +- TEMP_FAILURE_RETRY (read (pipefd0, &b, sizeof (b))); ++ ret = TEMP_FAILURE_RETRY (read (pipefd0, &b, sizeof (b))); + TEMP_FAILURE_RETRY (close (pipefd0)); + pipefd0 = -1; +- if (b != '0') ++ if (ret != 1 || b != '0') + ret = -1; + else + { +-- +2.26.2 + diff --git a/crun.spec b/crun.spec index b21486f..eaaba49 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun Version: 0.15 -Release: 3%{?dist} +Release: 4%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv3+ URL: https://github.com/containers/crun @@ -22,6 +22,8 @@ BuildRequires: libtool BuildRequires: go-md2man Provides: oci-runtime = 2 +Patch0: 0001-exec-check-read-bytes-from-sync.patch + %description crun is a runtime for running OCI containers @@ -44,9 +46,15 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Wed Sep 30 2020 Giuseppe Scrivano - 0.15-4 +- backport "exec: check read bytes from sync" + * Thu Sep 24 10:13:25 EDT 2020 Lokesh Mandvekar - 0.15-3 - release tag ahead of f32 +* Wed Sep 23 2020 RH Container Bot - 0.15-1 +- autobuilt 0.15 + * Wed Sep 23 2020 Giuseppe Scrivano - 0.15-2 - rebuild From 3e2c9f57839d3a2e882ed094e38f78521155ba05 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Wed, 30 Sep 2020 11:49:43 -0400 Subject: [PATCH 19/48] crun-0.15-5 - rebuild to bump release tag ahead of older fedoras (cherry picked from commit 2d611f8179de715143822e36d37d59d28d8c471b) Signed-off-by: Lokesh Mandvekar --- crun.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/crun.spec b/crun.spec index eaaba49..f6fe319 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun Version: 0.15 -Release: 4%{?dist} +Release: 5%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv3+ URL: https://github.com/containers/crun @@ -46,6 +46,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Wed Sep 30 2020 Lokesh Mandvekar - 0.15-5 +- rebuild to bump release tag ahead of older fedoras + * Wed Sep 30 2020 Giuseppe Scrivano - 0.15-4 - backport "exec: check read bytes from sync" From 6066bfe21d73aebc9e8a9b69b89fde530c2db490 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Wed, 4 Nov 2020 09:48:37 +0100 Subject: [PATCH 20/48] crun-0.15.1-1 Signed-off-by: Giuseppe Scrivano (cherry picked from commit 428de5e45ad66e1415b450adb054b9ad4d87e3d3) --- .gitignore | 1 + 0001-exec-check-read-bytes-from-sync.patch | 35 ---------------------- crun.spec | 9 +++--- sources | 2 +- 4 files changed, 7 insertions(+), 40 deletions(-) delete mode 100644 0001-exec-check-read-bytes-from-sync.patch diff --git a/.gitignore b/.gitignore index 515f617..3630bec 100644 --- a/.gitignore +++ b/.gitignore @@ -21,3 +21,4 @@ crun-0.1.1.tar.gz /crun-0.14.tar.gz /crun-0.14.1.tar.gz /crun-0.15.tar.gz +/crun-0.15.1.tar.gz diff --git a/0001-exec-check-read-bytes-from-sync.patch b/0001-exec-check-read-bytes-from-sync.patch deleted file mode 100644 index fc41655..0000000 --- a/0001-exec-check-read-bytes-from-sync.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 20c56beb3307b0ac07af0edbbbe49ec65819f559 Mon Sep 17 00:00:00 2001 -From: Giuseppe Scrivano -Date: Tue, 29 Sep 2020 16:52:02 +0200 -Subject: [PATCH] exec: check read bytes from sync - -when reading from the exec sync pipe, make sure it reads exactly one -byte otherwise return an error. - -Closes: https://github.com/containers/crun/issues/511 - -Signed-off-by: Giuseppe Scrivano ---- - src/libcrun/container.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/libcrun/container.c b/src/libcrun/container.c -index 927986a..0308992 100644 ---- a/src/libcrun/container.c -+++ b/src/libcrun/container.c -@@ -2595,10 +2595,10 @@ libcrun_container_exec (libcrun_context_t *context, const char *id, runtime_spec - } - } - -- TEMP_FAILURE_RETRY (read (pipefd0, &b, sizeof (b))); -+ ret = TEMP_FAILURE_RETRY (read (pipefd0, &b, sizeof (b))); - TEMP_FAILURE_RETRY (close (pipefd0)); - pipefd0 = -1; -- if (b != '0') -+ if (ret != 1 || b != '0') - ret = -1; - else - { --- -2.26.2 - diff --git a/crun.spec b/crun.spec index f6fe319..7b11f41 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun -Version: 0.15 -Release: 5%{?dist} +Version: 0.15.1 +Release: 1%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv3+ URL: https://github.com/containers/crun @@ -22,8 +22,6 @@ BuildRequires: libtool BuildRequires: go-md2man Provides: oci-runtime = 2 -Patch0: 0001-exec-check-read-bytes-from-sync.patch - %description crun is a runtime for running OCI containers @@ -46,6 +44,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Wed Nov 04 2020 Giuseppe Scrivano - 0.15.1-1 +- built version 0.15.1 + * Wed Sep 30 2020 Lokesh Mandvekar - 0.15-5 - rebuild to bump release tag ahead of older fedoras diff --git a/sources b/sources index 07332d6..f3a122c 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (crun-0.15.tar.gz) = f9a9e94b6a9c5cff01fe93b1c3d5876a0794e6288b802cf579556e11411ca5d6e63cae3859aaa4df4bb600e2d27aa131872a93a92784b9b48f7885411d86f325 +SHA512 (crun-0.15.1.tar.gz) = 470d69c6be809ac20bcbe33c9225aa4b6193fd95f0c469fc87b0d3bdccc4fb92ff31b60915fa93617fd2f89adee799818c85617ddd9f9dc20af00edb6482724e From 59e7449b25a96b0931e08a98c6cde560120dd624 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Tue, 24 Nov 2020 10:03:57 +0100 Subject: [PATCH 21/48] crun-0.16-1 Signed-off-by: Giuseppe Scrivano --- .gitignore | 1 + crun.spec | 5 ++++- sources | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index 3630bec..1c1c0cb 100644 --- a/.gitignore +++ b/.gitignore @@ -22,3 +22,4 @@ crun-0.1.1.tar.gz /crun-0.14.1.tar.gz /crun-0.15.tar.gz /crun-0.15.1.tar.gz +/crun-0.16.tar.gz diff --git a/crun.spec b/crun.spec index 7b11f41..61c9538 100644 --- a/crun.spec +++ b/crun.spec @@ -1,6 +1,6 @@ Summary: OCI runtime written in C Name: crun -Version: 0.15.1 +Version: 0.16 Release: 1%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv3+ @@ -44,6 +44,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Tue Nov 24 2020 Giuseppe Scrivano - 0.16-1 +- built version 0.16 + * Wed Nov 04 2020 Giuseppe Scrivano - 0.15.1-1 - built version 0.15.1 diff --git a/sources b/sources index f3a122c..5a02c82 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (crun-0.15.1.tar.gz) = 470d69c6be809ac20bcbe33c9225aa4b6193fd95f0c469fc87b0d3bdccc4fb92ff31b60915fa93617fd2f89adee799818c85617ddd9f9dc20af00edb6482724e +SHA512 (crun-0.16.tar.gz) = f5a0d19c037af55478ee5f83b63d74277c8640f715b81a8233d3f1acd4cdfdad491e5c1f5beda04d0d7aa16693e9a004b0bde71343b082aa514ae76e5907d029 From 4d1c1eec0de21308d13154c18c97de168632dc43 Mon Sep 17 00:00:00 2001 From: Jindrich Novy Date: Wed, 25 Nov 2020 09:11:53 +0100 Subject: [PATCH 22/48] crun-0.16-2.fc34 - fix license Signed-off-by: Jindrich Novy --- crun.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/crun.spec b/crun.spec index 61c9538..358f51f 100644 --- a/crun.spec +++ b/crun.spec @@ -1,9 +1,9 @@ Summary: OCI runtime written in C Name: crun Version: 0.16 -Release: 1%{?dist} +Release: 2%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz -License: GPLv3+ +License: GPLv2+ URL: https://github.com/containers/crun # We always run autogen.sh @@ -44,6 +44,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Wed Nov 25 2020 Jindrich Novy - 0.16-2 +- fix license + * Tue Nov 24 2020 Giuseppe Scrivano - 0.16-1 - built version 0.16 From 6418c9c0950b42f6c31451b2439d9f4101e514c9 Mon Sep 17 00:00:00 2001 From: Tom Stellard Date: Thu, 17 Dec 2020 04:03:08 +0000 Subject: [PATCH 23/48] Add BuildRequires: make https://fedoraproject.org/wiki/Changes/Remove_make_from_BuildRoot --- crun.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/crun.spec b/crun.spec index 358f51f..6339f63 100644 --- a/crun.spec +++ b/crun.spec @@ -20,6 +20,7 @@ BuildRequires: libselinux-devel BuildRequires: python3-libmount BuildRequires: libtool BuildRequires: go-md2man +BuildRequires: make Provides: oci-runtime = 2 %description From 06a2912eecfc79ee417e6bc5dc6770711e6d869b Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Thu, 17 Dec 2020 14:57:56 +0100 Subject: [PATCH 24/48] crun-0.16-3.fc33 Signed-off-by: Giuseppe Scrivano --- crun.spec | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/crun.spec b/crun.spec index 6339f63..e05e9d9 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun Version: 0.16 -Release: 2%{?dist} +Release: 3%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv2+ URL: https://github.com/containers/crun @@ -21,6 +21,9 @@ BuildRequires: python3-libmount BuildRequires: libtool BuildRequires: go-md2man BuildRequires: make +%ifnarch %ix86 +BuildRequires: criu-devel >= 3.15 +%endif Provides: oci-runtime = 2 %description @@ -45,6 +48,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Thu Dec 17 2020 Giuseppe Scrivano - 0.16-3 +- build with CRIU + * Wed Nov 25 2020 Jindrich Novy - 0.16-2 - fix license From 0813ad3fad42c00d2b0178eb8c0915b8c8b6d302 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Thu, 21 Jan 2021 23:15:49 +0100 Subject: [PATCH 25/48] crun-0.17.1-1 Signed-off-by: Giuseppe Scrivano --- .gitignore | 1 + crun.spec | 7 +++++-- sources | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 1c1c0cb..c227741 100644 --- a/.gitignore +++ b/.gitignore @@ -23,3 +23,4 @@ crun-0.1.1.tar.gz /crun-0.15.tar.gz /crun-0.15.1.tar.gz /crun-0.16.tar.gz +/crun-0.17.tar.gz diff --git a/crun.spec b/crun.spec index e05e9d9..17eb0f7 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun -Version: 0.16 -Release: 3%{?dist} +Version: 0.17 +Release: 1%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv2+ URL: https://github.com/containers/crun @@ -48,6 +48,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Thu Jan 21 2021 Giuseppe Scrivano - 0.17-1 +- built version 0.17 + * Thu Dec 17 2020 Giuseppe Scrivano - 0.16-3 - build with CRIU diff --git a/sources b/sources index 5a02c82..8e3eccb 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (crun-0.16.tar.gz) = f5a0d19c037af55478ee5f83b63d74277c8640f715b81a8233d3f1acd4cdfdad491e5c1f5beda04d0d7aa16693e9a004b0bde71343b082aa514ae76e5907d029 +SHA512 (crun-0.17.tar.gz) = b095a3c4fca8ae683553805de468594e8dd891cc9911b56e8be7c429584e71fb40a364cf55a6a829950078a539d35308310f53f57b8fb40d483d394e91b20b01 From 91f448d0b74cb2733e7f43b0bb0161b89fc1321c Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Wed, 3 Feb 2021 14:36:04 -0500 Subject: [PATCH 26/48] make centos7 happy Signed-off-by: Lokesh Mandvekar --- crun.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/crun.spec b/crun.spec index 17eb0f7..fca5728 100644 --- a/crun.spec +++ b/crun.spec @@ -10,17 +10,20 @@ URL: https://github.com/containers/crun BuildRequires: autoconf BuildRequires: automake BuildRequires: gcc +%if 0%{?centos} >= 8 +BuildRequires: python3 +%else +BuildRequires: python3-libmount BuildRequires: python +%endif BuildRequires: git BuildRequires: libcap-devel BuildRequires: systemd-devel BuildRequires: yajl-devel BuildRequires: libseccomp-devel BuildRequires: libselinux-devel -BuildRequires: python3-libmount BuildRequires: libtool BuildRequires: go-md2man -BuildRequires: make %ifnarch %ix86 BuildRequires: criu-devel >= 3.15 %endif From 5f3f07f611891186e2eed18ed57b2078849efeef Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Thu, 4 Feb 2021 10:44:14 -0500 Subject: [PATCH 27/48] use deprecated changelog format Signed-off-by: Lokesh Mandvekar --- crun.spec | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/crun.spec b/crun.spec index fca5728..51eadbe 100644 --- a/crun.spec +++ b/crun.spec @@ -10,7 +10,7 @@ URL: https://github.com/containers/crun BuildRequires: autoconf BuildRequires: automake BuildRequires: gcc -%if 0%{?centos} >= 8 +%if 0%{?centos} BuildRequires: python3 %else BuildRequires: python3-libmount @@ -24,9 +24,11 @@ BuildRequires: libseccomp-devel BuildRequires: libselinux-devel BuildRequires: libtool BuildRequires: go-md2man +%if ! 0%{?centos} %ifnarch %ix86 BuildRequires: criu-devel >= 3.15 %endif +%endif Provides: oci-runtime = 2 %description @@ -72,7 +74,7 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* * Wed Sep 30 2020 Giuseppe Scrivano - 0.15-4 - backport "exec: check read bytes from sync" -* Thu Sep 24 10:13:25 EDT 2020 Lokesh Mandvekar - 0.15-3 +* Thu Sep 24 2020 Lokesh Mandvekar - 0.15-3 - release tag ahead of f32 * Wed Sep 23 2020 RH Container Bot - 0.15-1 From 033197384f878c5513aace588fd9ef3c92838c29 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Fri, 12 Feb 2021 14:56:46 -0500 Subject: [PATCH 28/48] crun-0.17-3 - use deprecated changelog format Signed-off-by: Lokesh Mandvekar --- crun.spec | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/crun.spec b/crun.spec index 51eadbe..251ddec 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun Version: 0.17 -Release: 1%{?dist} +Release: 3%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv2+ URL: https://github.com/containers/crun @@ -53,6 +53,12 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Thu Feb 04 2021 Lokesh Mandvekar - 0.17-3 +- use deprecated changelog format + +* Thu Feb 04 2021 Lokesh Mandvekar - 0.17-2 +- bump for centos on obs + * Thu Jan 21 2021 Giuseppe Scrivano - 0.17-1 - built version 0.17 @@ -98,7 +104,7 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* * Thu Aug 27 2020 Giuseppe Scrivano - 0.14.1-3 - backport ed9c3e6f466dfb6d2e79802060fabd5f4b66f78e -* Mon Aug 17 13:15:45 GMT 2020 RH Container Bot - 0.14.1-1 +* Mon Aug 17 2020 RH Container Bot - 0.14.1-1 - autobuilt 0.14.1 * Mon Jul 27 2020 Fedora Release Engineering - 0.14.1-2 From 2e6285648bb628b418a409cdda9d6e31c3626d51 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Fri, 19 Feb 2021 08:50:05 +0100 Subject: [PATCH 29/48] crun-0.18.1-1 Signed-off-by: Giuseppe Scrivano --- .gitignore | 1 + crun.spec | 9 +++++++-- sources | 2 +- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index c227741..e9f2c58 100644 --- a/.gitignore +++ b/.gitignore @@ -24,3 +24,4 @@ crun-0.1.1.tar.gz /crun-0.15.1.tar.gz /crun-0.16.tar.gz /crun-0.17.tar.gz +/crun-0.18.tar.gz diff --git a/crun.spec b/crun.spec index 251ddec..4408476 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun -Version: 0.17 -Release: 3%{?dist} +Version: 0.18 +Release: 1%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv2+ URL: https://github.com/containers/crun @@ -24,6 +24,8 @@ BuildRequires: libseccomp-devel BuildRequires: libselinux-devel BuildRequires: libtool BuildRequires: go-md2man +BuildRequires: make +BuildRequires: glibc-static %if ! 0%{?centos} %ifnarch %ix86 BuildRequires: criu-devel >= 3.15 @@ -53,6 +55,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Fri Feb 19 2021 Giuseppe Scrivano - 0.18-1 +- built version 0.18 + * Thu Feb 04 2021 Lokesh Mandvekar - 0.17-3 - use deprecated changelog format diff --git a/sources b/sources index 8e3eccb..8fdc941 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (crun-0.17.tar.gz) = b095a3c4fca8ae683553805de468594e8dd891cc9911b56e8be7c429584e71fb40a364cf55a6a829950078a539d35308310f53f57b8fb40d483d394e91b20b01 +SHA512 (crun-0.18.tar.gz) = 94610d9d4ef95a9be708c6cf8cc38587c9c3b847d9da5cf9dfa4a2eddddb7e6724e39ffb222ed5d6c61bad8374ae50dc9e92d95b6d03ce0b185d5123afeeca46 From 6743fe6701f21a57ba7faec32996339728444441 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Wed, 24 Feb 2021 15:22:46 -0500 Subject: [PATCH 30/48] crun-0.18-2 - bump to make centos happy Signed-off-by: Lokesh Mandvekar --- crun.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/crun.spec b/crun.spec index 4408476..146b5b7 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun Version: 0.18 -Release: 1%{?dist} +Release: 2%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv2+ URL: https://github.com/containers/crun @@ -55,6 +55,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Wed Feb 24 2021 Lokesh Mandvekar - 0.18-2 +- bump to make centos happy + * Fri Feb 19 2021 Giuseppe Scrivano - 0.18-1 - built version 0.18 From ad62fc8c5bb3059b7afeec8706e4d5167bfb2d93 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Thu, 25 Feb 2021 09:53:01 -0500 Subject: [PATCH 31/48] crun-0.18-3 - bump for centos Signed-off-by: Lokesh Mandvekar --- crun.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/crun.spec b/crun.spec index 146b5b7..0aefce2 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun Version: 0.18 -Release: 2%{?dist} +Release: 3%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv2+ URL: https://github.com/containers/crun @@ -55,6 +55,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Thu Feb 25 2021 Lokesh Mandvekar - 0.18-3 +- bump for centos + * Wed Feb 24 2021 Lokesh Mandvekar - 0.18-2 - bump to make centos happy From 2c385cd958aa86e4154a7b20c0a0fde15481c279 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Thu, 25 Mar 2021 10:30:22 -0400 Subject: [PATCH 32/48] crun-0.18-4 - Requires: libcap >= 2.48 Signed-off-by: Lokesh Mandvekar --- crun.spec | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/crun.spec b/crun.spec index 0aefce2..9a12fdd 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun Version: 0.18 -Release: 3%{?dist} +Release: 4%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv2+ URL: https://github.com/containers/crun @@ -17,7 +17,7 @@ BuildRequires: python3-libmount BuildRequires: python %endif BuildRequires: git -BuildRequires: libcap-devel +BuildRequires: libcap-devel >= 2.48 BuildRequires: systemd-devel BuildRequires: yajl-devel BuildRequires: libseccomp-devel @@ -32,6 +32,7 @@ BuildRequires: criu-devel >= 3.15 %endif %endif Provides: oci-runtime = 2 +Requires: libcap >= 2.48 %description crun is a runtime for running OCI containers @@ -55,6 +56,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Thu Mar 25 2021 Lokesh Mandvekar - 0.18-4 +- Requires: libcap >= 2.48 + * Thu Feb 25 2021 Lokesh Mandvekar - 0.18-3 - bump for centos From 57a31b41d6899a79a53378eaa219fee3f6a5ac1b Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Thu, 25 Mar 2021 14:26:43 -0400 Subject: [PATCH 33/48] enforce min libcap only on fedora for now Signed-off-by: Lokesh Mandvekar --- crun.spec | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/crun.spec b/crun.spec index 9a12fdd..8b3f9d6 100644 --- a/crun.spec +++ b/crun.spec @@ -17,7 +17,6 @@ BuildRequires: python3-libmount BuildRequires: python %endif BuildRequires: git -BuildRequires: libcap-devel >= 2.48 BuildRequires: systemd-devel BuildRequires: yajl-devel BuildRequires: libseccomp-devel @@ -32,7 +31,13 @@ BuildRequires: criu-devel >= 3.15 %endif %endif Provides: oci-runtime = 2 +%if 0%{?fedora} +BuildRequires: libcap-devel >= 2.48 Requires: libcap >= 2.48 +%else +BuildRequires: libcap-devel +Requires: libcap +%endif %description crun is a runtime for running OCI containers From 65f8b31a7a22f7077e50b183c5b34467641515d3 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Wed, 31 Mar 2021 14:25:47 -0400 Subject: [PATCH 34/48] crun-0.18-5 - linux: always remount bind mounts ghpr#640 Signed-off-by: Lokesh Mandvekar (cherry picked from commit 6248751eb0cb44ecec0f0868d99c6497f6c74258) Signed-off-by: Lokesh Mandvekar --- .gitignore | 2 ++ crun.spec | 7 ++++++- sources | 2 ++ 3 files changed, 10 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index e9f2c58..5a35d45 100644 --- a/.gitignore +++ b/.gitignore @@ -25,3 +25,5 @@ crun-0.1.1.tar.gz /crun-0.16.tar.gz /crun-0.17.tar.gz /crun-0.18.tar.gz +/3e7fa1db14a3c4ad0605f1cb2851ec134f4ccc07.patch +/f642968ec5ae05b33f2545da6edf135c338b34d1.patch diff --git a/crun.spec b/crun.spec index 8b3f9d6..a974007 100644 --- a/crun.spec +++ b/crun.spec @@ -1,8 +1,10 @@ Summary: OCI runtime written in C Name: crun Version: 0.18 -Release: 4%{?dist} +Release: 5%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz +Patch0: https://github.com/containers/crun/commit/f642968ec5ae05b33f2545da6edf135c338b34d1.patch +Patch1: https://github.com/containers/crun/commit/3e7fa1db14a3c4ad0605f1cb2851ec134f4ccc07.patch License: GPLv2+ URL: https://github.com/containers/crun @@ -61,6 +63,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Wed Mar 31 2021 Lokesh Mandvekar - 0.18-5 +- linux: always remount bind mounts ghpr#640 + * Thu Mar 25 2021 Lokesh Mandvekar - 0.18-4 - Requires: libcap >= 2.48 diff --git a/sources b/sources index 8fdc941..780a341 100644 --- a/sources +++ b/sources @@ -1 +1,3 @@ SHA512 (crun-0.18.tar.gz) = 94610d9d4ef95a9be708c6cf8cc38587c9c3b847d9da5cf9dfa4a2eddddb7e6724e39ffb222ed5d6c61bad8374ae50dc9e92d95b6d03ce0b185d5123afeeca46 +SHA512 (3e7fa1db14a3c4ad0605f1cb2851ec134f4ccc07.patch) = 62a2cd5f6020f3fe49177f6cc79583a8be5f7f0c8573d6063b323ca55b25cbfa6ee95601eb995383a3c94e751c62996c785f01c1cc19a0169939db678379be93 +SHA512 (f642968ec5ae05b33f2545da6edf135c338b34d1.patch) = 4d1c2bb8e32fd3b082099839f298d6cd5d14f195226f667091f7bfc0d1a9165f21a144f531a37e85a7ec567930ab41904067499f9651ae8ab437223a49bcf2ac From 4adf36fb2e5f173561414df32cba3ced323534cc Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Tue, 6 Apr 2021 09:56:23 +0200 Subject: [PATCH 35/48] crun-0.19-1 Signed-off-by: Giuseppe Scrivano --- .gitignore | 1 + crun.spec | 17 ++++++----------- sources | 4 +--- 3 files changed, 8 insertions(+), 14 deletions(-) diff --git a/.gitignore b/.gitignore index 5a35d45..3b99289 100644 --- a/.gitignore +++ b/.gitignore @@ -27,3 +27,4 @@ crun-0.1.1.tar.gz /crun-0.18.tar.gz /3e7fa1db14a3c4ad0605f1cb2851ec134f4ccc07.patch /f642968ec5ae05b33f2545da6edf135c338b34d1.patch +/crun-0.19.tar.gz diff --git a/crun.spec b/crun.spec index a974007..7d95680 100644 --- a/crun.spec +++ b/crun.spec @@ -1,10 +1,8 @@ Summary: OCI runtime written in C Name: crun -Version: 0.18 -Release: 5%{?dist} +Version: 0.19 +Release: 1%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz -Patch0: https://github.com/containers/crun/commit/f642968ec5ae05b33f2545da6edf135c338b34d1.patch -Patch1: https://github.com/containers/crun/commit/3e7fa1db14a3c4ad0605f1cb2851ec134f4ccc07.patch License: GPLv2+ URL: https://github.com/containers/crun @@ -19,6 +17,7 @@ BuildRequires: python3-libmount BuildRequires: python %endif BuildRequires: git +BuildRequires: libcap-devel BuildRequires: systemd-devel BuildRequires: yajl-devel BuildRequires: libseccomp-devel @@ -33,13 +32,6 @@ BuildRequires: criu-devel >= 3.15 %endif %endif Provides: oci-runtime = 2 -%if 0%{?fedora} -BuildRequires: libcap-devel >= 2.48 -Requires: libcap >= 2.48 -%else -BuildRequires: libcap-devel -Requires: libcap -%endif %description crun is a runtime for running OCI containers @@ -63,6 +55,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Tue Apr 06 2021 Giuseppe Scrivano - 0.19-1 +- built version 0.19 + * Wed Mar 31 2021 Lokesh Mandvekar - 0.18-5 - linux: always remount bind mounts ghpr#640 diff --git a/sources b/sources index 780a341..ee80c47 100644 --- a/sources +++ b/sources @@ -1,3 +1 @@ -SHA512 (crun-0.18.tar.gz) = 94610d9d4ef95a9be708c6cf8cc38587c9c3b847d9da5cf9dfa4a2eddddb7e6724e39ffb222ed5d6c61bad8374ae50dc9e92d95b6d03ce0b185d5123afeeca46 -SHA512 (3e7fa1db14a3c4ad0605f1cb2851ec134f4ccc07.patch) = 62a2cd5f6020f3fe49177f6cc79583a8be5f7f0c8573d6063b323ca55b25cbfa6ee95601eb995383a3c94e751c62996c785f01c1cc19a0169939db678379be93 -SHA512 (f642968ec5ae05b33f2545da6edf135c338b34d1.patch) = 4d1c2bb8e32fd3b082099839f298d6cd5d14f195226f667091f7bfc0d1a9165f21a144f531a37e85a7ec567930ab41904067499f9651ae8ab437223a49bcf2ac +SHA512 (crun-0.19.tar.gz) = a23230307cba6c1348e4bb6fed3553f94409c2a667b38198b896955fa0dcb9c2d890c1b85bd240f5f9806f6dd3595c06333f8c672244776c07e25b7f633084a7 From cf42c42ec10930b0396346fff87598d9b454a0ef Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Tue, 13 Apr 2021 15:19:27 -0400 Subject: [PATCH 36/48] crun-0.19-2 - unversioned Provides: oci-runtime - runc package will also provide an unversioned Provides: oci-runtime. - user should pull in runc separately or else it will install crun by default (alphabetical order) - similar situation as caddy, httpd, lighttpd and nginx having Provides: webserver Signed-off-by: Lokesh Mandvekar (cherry picked from commit aced1fa25215330cdb2f990c9a7f09f85b251315) Signed-off-by: Lokesh Mandvekar --- crun.spec | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/crun.spec b/crun.spec index 7d95680..d4c9ef1 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun Version: 0.19 -Release: 1%{?dist} +Release: 2%{?dist} Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv2+ URL: https://github.com/containers/crun @@ -31,7 +31,7 @@ BuildRequires: glibc-static BuildRequires: criu-devel >= 3.15 %endif %endif -Provides: oci-runtime = 2 +Provides: oci-runtime %description crun is a runtime for running OCI containers @@ -55,6 +55,14 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Tue Apr 13 2021 Lokesh Mandvekar - 0.19-2 +- unversioned Provides: oci-runtime +- runc package will also provide an unversioned Provides: oci-runtime. +- user should pull in runc separately or else it will install crun by default + (alphabetical order) +- similar situation as caddy, httpd, lighttpd and nginx having Provides: +webserver + * Tue Apr 06 2021 Giuseppe Scrivano - 0.19-1 - built version 0.19 From 1550612e6e30ef9a81298886e979d4ded7d50c8e Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Fri, 16 Apr 2021 12:15:40 -0400 Subject: [PATCH 37/48] rearrange URL and Source0 Signed-off-by: Lokesh Mandvekar (cherry picked from commit 4fa0fa9b9173932f1eee97d0db2429e87d36aba7) Signed-off-by: Lokesh Mandvekar --- crun.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crun.spec b/crun.spec index d4c9ef1..70db229 100644 --- a/crun.spec +++ b/crun.spec @@ -2,9 +2,9 @@ Summary: OCI runtime written in C Name: crun Version: 0.19 Release: 2%{?dist} -Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz -License: GPLv2+ URL: https://github.com/containers/crun +Source0: %{url}/releases/download/%{version}/%{name}-%{version}.tar.gz +License: GPLv2+ # We always run autogen.sh BuildRequires: autoconf From 2745231886669a2839e1b87e3db6efb3a04f220b Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Thu, 22 Apr 2021 13:15:16 +0200 Subject: [PATCH 38/48] crun-0.19.1-1 Signed-off-by: Giuseppe Scrivano --- .gitignore | 1 + crun.spec | 7 +++++-- sources | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 3b99289..f173873 100644 --- a/.gitignore +++ b/.gitignore @@ -28,3 +28,4 @@ crun-0.1.1.tar.gz /3e7fa1db14a3c4ad0605f1cb2851ec134f4ccc07.patch /f642968ec5ae05b33f2545da6edf135c338b34d1.patch /crun-0.19.tar.gz +/crun-0.19.1.tar.gz diff --git a/crun.spec b/crun.spec index 70db229..e53ebf1 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun -Version: 0.19 -Release: 2%{?dist} +Version: 0.19.1 +Release: 1%{?dist} URL: https://github.com/containers/crun Source0: %{url}/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv2+ @@ -55,6 +55,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Thu Apr 22 2021 Giuseppe Scrivano - 0.19.1-1 +- built version 0.19.1 + * Tue Apr 13 2021 Lokesh Mandvekar - 0.19-2 - unversioned Provides: oci-runtime - runc package will also provide an unversioned Provides: oci-runtime. diff --git a/sources b/sources index ee80c47..afdd58b 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (crun-0.19.tar.gz) = a23230307cba6c1348e4bb6fed3553f94409c2a667b38198b896955fa0dcb9c2d890c1b85bd240f5f9806f6dd3595c06333f8c672244776c07e25b7f633084a7 +SHA512 (crun-0.19.1.tar.gz) = f93f79d1d63d6749bcf92d48542d9555f3ad47657c959c7c06701861d7a5a4171969f00f6dff3878286970a48aba3314c25e35c005463e606533b0ff7843d994 From 19d4509a36c1f2921c78db56f0c432140d435cd6 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Thu, 22 Apr 2021 09:48:33 -0400 Subject: [PATCH 39/48] crun-0.19.1-2 - rebuild for new bodhi Signed-off-by: Lokesh Mandvekar (cherry picked from commit 6cf17ade9e1361e3e24d46723b9b893d37adcfe2) Signed-off-by: Lokesh Mandvekar --- crun.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/crun.spec b/crun.spec index e53ebf1..36cf3c4 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun Version: 0.19.1 -Release: 1%{?dist} +Release: 2%{?dist} URL: https://github.com/containers/crun Source0: %{url}/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv2+ @@ -55,6 +55,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Thu Apr 22 2021 Lokesh Mandvekar - 0.19.1-2 +- rebuild for new bodhi + * Thu Apr 22 2021 Giuseppe Scrivano - 0.19.1-1 - built version 0.19.1 From 04b5f7656d6a6d29b9486c27d92046c2ab007804 Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Fri, 7 May 2021 17:47:44 +0000 Subject: [PATCH 40/48] crun-0.19.1-1 autobuilt 0.19.1 Signed-off-by: RH Container Bot --- crun.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/crun.spec b/crun.spec index 36cf3c4..023dfbf 100644 --- a/crun.spec +++ b/crun.spec @@ -1,7 +1,7 @@ Summary: OCI runtime written in C Name: crun Version: 0.19.1 -Release: 2%{?dist} +Release: 1%{?dist} URL: https://github.com/containers/crun Source0: %{url}/releases/download/%{version}/%{name}-%{version}.tar.gz License: GPLv2+ @@ -55,6 +55,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Fri May 07 2021 RH Container Bot - 0.19.1-1 +- autobuilt 0.19.1 + * Thu Apr 22 2021 Lokesh Mandvekar - 0.19.1-2 - rebuild for new bodhi From ffedd1ec4df1b23eb67437922519fb68cc969ec8 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Mon, 17 May 2021 09:54:33 -0400 Subject: [PATCH 41/48] crun-0.19.1-3 - rebuild to fix prior build downgrades Signed-off-by: Lokesh Mandvekar (cherry picked from commit 91d8f460e186201db527640837869bd817385dc4) Signed-off-by: Lokesh Mandvekar --- .gitignore | 1 + crun.spec | 16 +++++++++++++--- sources | 2 +- 3 files changed, 15 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index f173873..6e8837a 100644 --- a/.gitignore +++ b/.gitignore @@ -29,3 +29,4 @@ crun-0.1.1.tar.gz /f642968ec5ae05b33f2545da6edf135c338b34d1.patch /crun-0.19.tar.gz /crun-0.19.1.tar.gz +/crun-0.19.1.tar.xz diff --git a/crun.spec b/crun.spec index 023dfbf..5970d95 100644 --- a/crun.spec +++ b/crun.spec @@ -1,9 +1,16 @@ +%global git0 https://github.com/containers/crun + +# Used for comparing with latest upstream tag +# to decide whether to autobuild and set download_url (non-rawhide only) +%define built_tag 0.19.1 +%define built_tag_strip %(b=%{built_tag}; echo ${b:1}) + Summary: OCI runtime written in C Name: crun Version: 0.19.1 -Release: 1%{?dist} +Release: 3%{?dist} URL: https://github.com/containers/crun -Source0: %{url}/releases/download/%{version}/%{name}-%{version}.tar.gz +Source0: %{name}-%{version}.tar.xz License: GPLv2+ # We always run autogen.sh @@ -16,7 +23,7 @@ BuildRequires: python3 BuildRequires: python3-libmount BuildRequires: python %endif -BuildRequires: git +BuildRequires: git-core BuildRequires: libcap-devel BuildRequires: systemd-devel BuildRequires: yajl-devel @@ -55,6 +62,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Mon May 17 2021 Lokesh Mandvekar - 0.19.1-3 +- rebuild to fix prior build downgrades + * Fri May 07 2021 RH Container Bot - 0.19.1-1 - autobuilt 0.19.1 diff --git a/sources b/sources index afdd58b..35618cd 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (crun-0.19.1.tar.gz) = f93f79d1d63d6749bcf92d48542d9555f3ad47657c959c7c06701861d7a5a4171969f00f6dff3878286970a48aba3314c25e35c005463e606533b0ff7843d994 +SHA512 (crun-0.19.1.tar.xz) = 16619876599629c6186ecb83076268dd10715f4edde7bb129eefb94c856c3efe1259652002f600fee923be29afd1b868b47616dfd415e2447b41245cb87dcedd From 25229d93b75c602fd2edf125523b69bf8fabaf73 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Wed, 2 Jun 2021 10:45:42 -0400 Subject: [PATCH 42/48] crun-0.20-1 - bump to 0.20 Signed-off-by: Lokesh Mandvekar (cherry picked from commit cc27eff5e8cd39ed6a594cd5230c0e1081eb9842) Signed-off-by: Lokesh Mandvekar --- .gitignore | 1 + crun.spec | 14 ++++++++------ sources | 2 +- 3 files changed, 10 insertions(+), 7 deletions(-) diff --git a/.gitignore b/.gitignore index 6e8837a..6d1be37 100644 --- a/.gitignore +++ b/.gitignore @@ -30,3 +30,4 @@ crun-0.1.1.tar.gz /crun-0.19.tar.gz /crun-0.19.1.tar.gz /crun-0.19.1.tar.xz +/crun-0.20.tar.xz diff --git a/crun.spec b/crun.spec index 5970d95..7e5aa2f 100644 --- a/crun.spec +++ b/crun.spec @@ -1,15 +1,14 @@ -%global git0 https://github.com/containers/crun +%global git0 https://github.com/containers/%{name} # Used for comparing with latest upstream tag # to decide whether to autobuild and set download_url (non-rawhide only) -%define built_tag 0.19.1 -%define built_tag_strip %(b=%{built_tag}; echo ${b:1}) +%define built_tag 0.20 Summary: OCI runtime written in C Name: crun -Version: 0.19.1 -Release: 3%{?dist} -URL: https://github.com/containers/crun +Version: 0.20 +Release: 1%{?dist} +URL: %{git0} Source0: %{name}-%{version}.tar.xz License: GPLv2+ @@ -62,6 +61,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Wed Jun 02 2021 Lokesh Mandvekar - 0.20-1 +- bump to 0.20 + * Mon May 17 2021 Lokesh Mandvekar - 0.19.1-3 - rebuild to fix prior build downgrades diff --git a/sources b/sources index 35618cd..c98c3e0 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (crun-0.19.1.tar.xz) = 16619876599629c6186ecb83076268dd10715f4edde7bb129eefb94c856c3efe1259652002f600fee923be29afd1b868b47616dfd415e2447b41245cb87dcedd +SHA512 (crun-0.20.tar.xz) = 51e9a72a399b26d45475a6ef40399692bd58a65e6dd7c2101fd86db868f5f1d86e5ff8edc8f80aaeb0ad19ad33439c0b93cbb00738f69190f77d7abb7be0443a From b75ddcd9eecf4265d1fb49ec679ecb30dc85feb9 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Wed, 9 Jun 2021 08:44:41 -0400 Subject: [PATCH 43/48] crun-0.20.1-1 - Fixes: https://github.com/containers/crun/issues/687 Signed-off-by: Lokesh Mandvekar (cherry picked from commit ba801cfd6febf8091e6a444968eccaf3df26d7c8) Signed-off-by: Lokesh Mandvekar --- .gitignore | 1 + crun.spec | 7 +++++-- sources | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 6d1be37..3a3b1cd 100644 --- a/.gitignore +++ b/.gitignore @@ -31,3 +31,4 @@ crun-0.1.1.tar.gz /crun-0.19.1.tar.gz /crun-0.19.1.tar.xz /crun-0.20.tar.xz +/crun-0.20.1.tar.xz diff --git a/crun.spec b/crun.spec index 7e5aa2f..29eeb38 100644 --- a/crun.spec +++ b/crun.spec @@ -2,11 +2,11 @@ # Used for comparing with latest upstream tag # to decide whether to autobuild and set download_url (non-rawhide only) -%define built_tag 0.20 +%define built_tag 0.20.1 Summary: OCI runtime written in C Name: crun -Version: 0.20 +Version: 0.20.1 Release: 1%{?dist} URL: %{git0} Source0: %{name}-%{version}.tar.xz @@ -61,6 +61,9 @@ rm -rf $RPM_BUILD_ROOT/usr/lib* %{_mandir}/man1/* %changelog +* Wed Jun 09 2021 Lokesh Mandvekar - 0.20.1-1 +- Fixes: https://github.com/containers/crun/issues/687 + * Wed Jun 02 2021 Lokesh Mandvekar - 0.20-1 - bump to 0.20 diff --git a/sources b/sources index c98c3e0..8e08653 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (crun-0.20.tar.xz) = 51e9a72a399b26d45475a6ef40399692bd58a65e6dd7c2101fd86db868f5f1d86e5ff8edc8f80aaeb0ad19ad33439c0b93cbb00738f69190f77d7abb7be0443a +SHA512 (crun-0.20.1.tar.xz) = 71d9eafd1dfa0442a6b34b3cd372adac7884670e42b132e61cbd6214aa7bbda525c83ce8153794c9443fd89bc201452105b07f004f88bc5b559a79662013e970 From 16c8a53f5318cffb2b4a06cb67b89a84f5b48eba Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Thu, 5 Aug 2021 15:38:29 -0400 Subject: [PATCH 44/48] update macros Signed-off-by: Lokesh Mandvekar (cherry picked from commit e40e8e0c83a28b1d2825f2637db69084870744bd) Signed-off-by: Lokesh Mandvekar --- crun.spec | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/crun.spec b/crun.spec index 29eeb38..2b8941a 100644 --- a/crun.spec +++ b/crun.spec @@ -2,14 +2,14 @@ # Used for comparing with latest upstream tag # to decide whether to autobuild and set download_url (non-rawhide only) -%define built_tag 0.20.1 +%global built_tag 0.20.1 Summary: OCI runtime written in C Name: crun Version: 0.20.1 Release: 1%{?dist} URL: %{git0} -Source0: %{name}-%{version}.tar.xz +Source0: %{name}-%{version}-dirty.tar.xz License: GPLv2+ # We always run autogen.sh @@ -43,7 +43,7 @@ Provides: oci-runtime crun is a runtime for running OCI containers %prep -%autosetup -p1 -n %{name}-%{version} +%autosetup -p1 -n %{name}-%{version}-dirty %build ./autogen.sh @@ -53,7 +53,7 @@ crun is a runtime for running OCI containers %install %make_install -rm -rf $RPM_BUILD_ROOT/usr/lib* +rm -rf %{buildroot}%{_usr}/lib* %files %license COPYING From 161ba3f52c5497ca390cbbc2ded18a4386316076 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Tue, 10 Aug 2021 15:43:55 -0400 Subject: [PATCH 45/48] update BUILD dir format Signed-off-by: Lokesh Mandvekar (cherry picked from commit adf71b05b28cb2764fdb72c027fe93a02e25f5b8) Signed-off-by: Lokesh Mandvekar --- crun.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crun.spec b/crun.spec index 2b8941a..5d66503 100644 --- a/crun.spec +++ b/crun.spec @@ -43,7 +43,7 @@ Provides: oci-runtime crun is a runtime for running OCI containers %prep -%autosetup -p1 -n %{name}-%{version}-dirty +%autosetup -p1 -n %{name}-%{version} %build ./autogen.sh From 97ffcb840d31fd3a384a79276123655860e9e7ac Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Tue, 10 Aug 2021 19:52:59 +0000 Subject: [PATCH 46/48] crun-0.21-1 autobuilt 0.21 Signed-off-by: RH Container Bot --- .gitignore | 1 + crun.spec | 7 +++++-- sources | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 3a3b1cd..5dbfab7 100644 --- a/.gitignore +++ b/.gitignore @@ -32,3 +32,4 @@ crun-0.1.1.tar.gz /crun-0.19.1.tar.xz /crun-0.20.tar.xz /crun-0.20.1.tar.xz +/crun-0.21.tar.xz diff --git a/crun.spec b/crun.spec index 5d66503..f09931b 100644 --- a/crun.spec +++ b/crun.spec @@ -2,11 +2,11 @@ # Used for comparing with latest upstream tag # to decide whether to autobuild and set download_url (non-rawhide only) -%global built_tag 0.20.1 +%global built_tag 0.21 Summary: OCI runtime written in C Name: crun -Version: 0.20.1 +Version: 0.21 Release: 1%{?dist} URL: %{git0} Source0: %{name}-%{version}-dirty.tar.xz @@ -61,6 +61,9 @@ rm -rf %{buildroot}%{_usr}/lib* %{_mandir}/man1/* %changelog +* Tue Aug 10 2021 RH Container Bot - 0.21-1 +- autobuilt 0.21 + * Wed Jun 09 2021 Lokesh Mandvekar - 0.20.1-1 - Fixes: https://github.com/containers/crun/issues/687 diff --git a/sources b/sources index 8e08653..001354d 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (crun-0.20.1.tar.xz) = 71d9eafd1dfa0442a6b34b3cd372adac7884670e42b132e61cbd6214aa7bbda525c83ce8153794c9443fd89bc201452105b07f004f88bc5b559a79662013e970 +SHA512 (crun-0.21.tar.xz) = e7c41d07c8ffbabaa99f056cc32421b487d9a581ce8548b96bda5f9ea95655794eae2dc6b06eaf07c806f02adfc447a135041bd2cd18ea80332d6b0582f5847f From db12c1b5fc2a676e8e04ec8c201451e92d4633cf Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Tue, 10 Aug 2021 15:59:24 -0400 Subject: [PATCH 47/48] fix tarball name Signed-off-by: Lokesh Mandvekar (cherry picked from commit 83ca19aef84166b4ec715486350053ae95f9ce7f) Signed-off-by: Lokesh Mandvekar --- crun.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crun.spec b/crun.spec index f09931b..81e59bc 100644 --- a/crun.spec +++ b/crun.spec @@ -9,7 +9,7 @@ Name: crun Version: 0.21 Release: 1%{?dist} URL: %{git0} -Source0: %{name}-%{version}-dirty.tar.xz +Source0: %{name}-%{version}.tar.xz License: GPLv2+ # We always run autogen.sh From 77abf953e0e72ca4cc7cfe888437e408dd1b241f Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Wed, 25 Aug 2021 17:20:33 +0000 Subject: [PATCH 48/48] crun-1.0-1 autobuilt 1.0 Signed-off-by: RH Container Bot --- .gitignore | 1 + crun.spec | 7 +++++-- sources | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 5dbfab7..a7cc6fe 100644 --- a/.gitignore +++ b/.gitignore @@ -33,3 +33,4 @@ crun-0.1.1.tar.gz /crun-0.20.tar.xz /crun-0.20.1.tar.xz /crun-0.21.tar.xz +/crun-1.0.tar.xz diff --git a/crun.spec b/crun.spec index 81e59bc..d67b17c 100644 --- a/crun.spec +++ b/crun.spec @@ -2,11 +2,11 @@ # Used for comparing with latest upstream tag # to decide whether to autobuild and set download_url (non-rawhide only) -%global built_tag 0.21 +%global built_tag 1.0 Summary: OCI runtime written in C Name: crun -Version: 0.21 +Version: 1.0 Release: 1%{?dist} URL: %{git0} Source0: %{name}-%{version}.tar.xz @@ -61,6 +61,9 @@ rm -rf %{buildroot}%{_usr}/lib* %{_mandir}/man1/* %changelog +* Wed Aug 25 2021 RH Container Bot - 1.0-1 +- autobuilt 1.0 + * Tue Aug 10 2021 RH Container Bot - 0.21-1 - autobuilt 0.21 diff --git a/sources b/sources index 001354d..3601d11 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (crun-0.21.tar.xz) = e7c41d07c8ffbabaa99f056cc32421b487d9a581ce8548b96bda5f9ea95655794eae2dc6b06eaf07c806f02adfc447a135041bd2cd18ea80332d6b0582f5847f +SHA512 (crun-1.0.tar.xz) = 4e9c9cc5a448d28d6b11f27b9750c408ffa6fe9a27fb6acc2c87211fa2c1a04f573a94636c53ada39d7415ec0cc89eb0a26a585aeb5d7c94c357ccdf0192fe69