commit 392a525860e51ee78c7b0f4224cf56c4f58f2cec Author: Adrian Schröter Date: Sat Feb 10 20:23:29 2024 +0100 Sync from SUSE:ALP:Source:Standard:1.0 rootlesskit revision 7f2c9e4b0953b37ede8d12452452cf9e diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..fecc750 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/_service b/_service new file mode 100644 index 0000000..5f73379 --- /dev/null +++ b/_service @@ -0,0 +1,18 @@ + + + + https://github.com/rootless-containers/rootlesskit.git + git + .git + v2.0.0 + @PARENT_TAG@ + enable + v(.*) + + + + *.tar + gz + + + diff --git a/_servicedata b/_servicedata new file mode 100644 index 0000000..15f6179 --- /dev/null +++ b/_servicedata @@ -0,0 +1,4 @@ + + + https://github.com/rootless-containers/rootlesskit.git + d99e9dd4561761f56d0da8e932998d9da86cf3d5 \ No newline at end of file diff --git a/rootlesskit-2.0.0.tar.gz b/rootlesskit-2.0.0.tar.gz new file mode 100644 index 0000000..2537820 --- /dev/null +++ b/rootlesskit-2.0.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:54522763a3897a7a546ea4f5b5decce1d2f574749c9f7b30e60bffa37a8e5ecb +size 1729505 diff --git a/rootlesskit.changes b/rootlesskit.changes new file mode 100644 index 0000000..91fefb3 --- /dev/null +++ b/rootlesskit.changes @@ -0,0 +1,115 @@ +------------------------------------------------------------------- +Tue Jan 23 07:03:49 UTC 2024 - danish.prakash@suse.com + +- Update to version 2.0.0: + * v2.0.0 + * v2.0.0-beta.0+dev + * v2.0.0-beta.0 + * CI: update Docker to v24.0.7 + * CI: update pasta (2023_12_30.f091893) + * Write `$ROOTLESSKIT_STATE_DIR/resolv.conf` + * Build(deps): Bump golang.org/x/sys from 0.15.0 to 0.16.0 + * fix typo + * Build(deps): Bump github.com/urfave/cli/v2 from 2.26.0 to 2.27.1 + * Build(deps): Bump github.com/google/uuid from 1.4.0 to 1.5.0 + * Build(deps): Bump github.com/containernetworking/plugins + * Build(deps): Bump github.com/urfave/cli/v2 from 2.25.7 to 2.26.0 + * v2.0.0-alpha.2+dev + * v2.0.0-alpha.2 + * CI: update pasta (2023_12_04.b86afe3) + * pasta: add debug logs + * Build(deps): Bump golang.org/x/sys from 0.14.0 to 0.15.0 + * Build(deps): Bump github.com/moby/sys/mountinfo from 0.6.2 to 0.7.1 + * Build(deps): Bump github.com/gorilla/mux from 1.8.0 to 1.8.1 + * Build(deps): Bump golang.org/x/sys from 0.13.0 to 0.14.0 + * Build(deps): Bump github.com/google/uuid from 1.3.1 to 1.4.0 + * Build(deps): Bump golang.org/x/net from 0.10.0 to 0.17.0 + * v2.0.0-alpha.1+dev + * v2.0.0-alpha.1 + * release.yaml: migrate from `hub` to `gh` + * Build(deps): Bump golang.org/x/sys from 0.12.0 to 0.13.0 + * Build(deps): Bump gotest.tools/v3 from 3.5.0 to 3.5.1 + * Build(deps): Bump golang.org/x/sys from 0.11.0 to 0.12.0 + * Build(deps): Bump github.com/google/uuid from 1.3.0 to 1.3.1 + * lxc-user-nic: support detach-netns + * Build(deps): Bump golang.org/x/sys from 0.10.0 to 0.11.0 + * Build(deps): Bump golang.org/x/sys from 0.9.0 to 0.10.0 + * Build(deps): Bump gotest.tools/v3 from 3.4.0 to 3.5.0 + * v2.0.0-alpha.0+dev + * v2.0.0-alpha.0; add --print-semver=(major|minor|patch) + * new network driver: `pasta` (with port driver `implicit`) + * [Carry 362] support detach-netns + * pkg/port: ChildContext: remove unused PID field + * cmd/rootlesskit: format logs + * Refactor parent-child communication (Add message union) + * Refactor parent-child communication (Remove "stages") + * pkg/api: split pkg/httputil + * Build(deps): Bump github.com/urfave/cli/v2 from 2.25.6 to 2.25.7 + * Build(deps): Bump golang.org/x/sys from 0.8.0 to 0.9.0 + * Build(deps): Bump github.com/urfave/cli/v2 from 2.25.5 to 2.25.6 + * Build(deps): Bump github.com/sirupsen/logrus from 1.9.2 to 1.9.3 + * v1.1.1+dev + +------------------------------------------------------------------- +Tue Oct 10 06:16:47 UTC 2023 - Danish Prakash + +- Bump go version to 1.21 (bsc#1215611) + +------------------------------------------------------------------- +Tue Jun 20 07:33:53 UTC 2023 - danish.prakash@suse.com + +- Update to version 1.1.1: + * v1.1.1 + * Bump up deps + * Build(deps): Bump github.com/urfave/cli/v2 from 2.25.4 to 2.25.5 + * Build(deps): Bump github.com/urfave/cli/v2 from 2.25.3 to 2.25.4 + * Remove duplicate id ranges returned by getsubu/gid for username/uid + * Build(deps): Bump github.com/sirupsen/logrus from 1.9.1 to 1.9.2 + * Build(deps): Bump github.com/sirupsen/logrus from 1.9.0 to 1.9.1 + * Build(deps): Bump golang.org/x/sys from 0.7.0 to 0.8.0 + * Build(deps): Bump github.com/urfave/cli/v2 from 2.25.1 to 2.25.3 + * Build(deps): Bump golang.org/x/sys from 0.6.0 to 0.7.0 + * Build(deps): Bump github.com/urfave/cli/v2 from 2.25.0 to 2.25.1 + * Build(deps): Bump golang.org/x/sys from 0.5.0 to 0.6.0 + * Build(deps): Bump github.com/urfave/cli/v2 from 2.24.4 to 2.25.0 + * Build(deps): Bump golang.org/x/net from 0.1.0 to 0.7.0 + * Build(deps): Bump github.com/urfave/cli/v2 from 2.24.3 to 2.24.4 + * CI: update Docker to v23.0.0 + * Build(deps): Bump golang.org/x/sys from 0.4.0 to 0.5.0 + * Build(deps): Bump github.com/urfave/cli/v2 from 2.24.2 to 2.24.3 + * Build(deps): Bump github.com/urfave/cli/v2 from 2.24.1 to 2.24.2 + * Build(deps): Bump github.com/urfave/cli/v2 from 2.23.7 to 2.24.1 + * CI: update Docker to v23.0.0-rc.1 + * Bump github.com/urfave/cli/v2 from 2.23.6 to 2.23.7 + * Bump golang.org/x/sys from 0.3.0 to 0.4.0 + * Bump github.com/urfave/cli/v2 from 2.23.5 to 2.23.6 + * Bump golang.org/x/sys from 0.2.0 to 0.3.0 + * v1.1.0+dev + +------------------------------------------------------------------- +Sun Feb 5 23:41:04 UTC 2023 - Takashi Tamura + +- Install rootlesskit-docker-proxy + +------------------------------------------------------------------- +Sat Dec 24 16:43:43 UTC 2022 - andrea.manzini@suse.com + +- Update to version 1.1.0: + * Support using /usr/bin/getsubids (`--subid-source=dynamic`) + Useful for SSSD environments (subid: sss in /etc/nsswitch.conf) + + Full changes: https://github.com/rootless-containers/rootlesskit/milestone/3?closed=1 + +- bump vendor dependencies + +------------------------------------------------------------------- +Fri Apr 22 13:36:54 UTC 2022 - rpm@fthiessen.de + +- Update to version 1.0.0: + * use Go 1.18 + * updated some dependencies + +------------------------------------------------------------------- +Tue Nov 23 11:21:49 UTC 2021 - Richard Brown + +- Initial Packaging diff --git a/rootlesskit.spec b/rootlesskit.spec new file mode 100644 index 0000000..c9d8e00 --- /dev/null +++ b/rootlesskit.spec @@ -0,0 +1,57 @@ +# +# spec file for package rootlesskit +# +# Copyright (c) 2024 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +Name: rootlesskit +Version: 2.0.0 +Release: 0 +Summary: Linux-native fakeroot using user namespaces +License: Apache-2.0 +URL: https://github.com/rootless-containers/rootlesskit +Source: %{name}-%{version}.tar.gz +Source1: vendor.tar.gz +BuildRequires: golang(API) >= 1.21 +BuildRoot: %{_tmppath}/%{name}-%{version}-build + +%description +RootlessKit is a Linux-native implementation of "fake root" +using user_namespaces. RootlessKit is intended to run Docker and +Kubernetes as an unprivileged user (known as "Rootless mode"), so as to protect +the real root on the host from potential container-breakout attacks. + +%prep +%setup -qa1 + +%build +go build -mod=vendor -buildmode=pie -o _output/rootlesskit ./cmd/rootlesskit +go build -mod=vendor -buildmode=pie -o _output/rootlessctl ./cmd/rootlessctl +go build -mod=vendor -buildmode=pie -o _output/rootlesskit-docker-proxy ./cmd/rootlesskit-docker-proxy + +%install +mkdir -p %{buildroot}%{_bindir}/ +install -m 0755 _output/rootlesskit %{buildroot}%{_bindir}/rootlesskit +install -m 0755 _output/rootlessctl %{buildroot}%{_bindir}/rootlessctl +install -m 0755 _output/rootlesskit-docker-proxy %{buildroot}%{_bindir}/rootlesskit-docker-proxy + +%files +%license LICENSE +%doc README.md docs/*.md +%{_bindir}/rootlesskit +%{_bindir}/rootlessctl +%{_bindir}/rootlesskit-docker-proxy + +%changelog diff --git a/vendor.tar.gz b/vendor.tar.gz new file mode 100644 index 0000000..33174fa --- /dev/null +++ b/vendor.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:73ae0c03fadcec2c1713b1d14e13d8a65b76d6ea3b76593c19b6020cf829f6ad +size 1614349