pool/crun
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1068319 from home:aboe76

Browse Source 
- Update to 1.8.1
  * linux: idmapped mounts expect the same configuration as 
    the user namespace mappings. Before they were expecting the inverted
    mapping. It is a breaking change, but the behavior was aligned 
    to what runc will do as well.
  * krun: always allow /dev/kvm in the cgroup configuration.
  * handlers: disable exec for handlers that do not support it.
  * selinux: allow setting fscontext using a custom annotation.
  * cgroup: reset systemd unit if start fails.
  * cgroup: rmdir the entire systemd scope. It fixes a leak on cgroupv1.
  * cgroup: always delete the cgroup on errors. 
    On some errors it could have been leaked before.
- changes from 1.8
  * linux: precreate devices on the host.
  * cgroup: support cpuset mounted with noprefix.
  * linux: mount the source cgroup if cgroupns=host.
  * libcrun: don't clone self from read-only mount.
  * build: fix build without dlfcn.h.
  * linux: set PR_SET_DUMPABLE.
  * utils: fix applying AppArmor profile.
  * linux: write setgroups=deny when mapping a single uid/gid.
  * cgroup: fix enter cgroupv1 mount on RHEL 7.

OBS-URL: https://build.opensuse.org/request/show/1068319
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/crun?expand=0&rev=20
This commit is contained in:
Dario Faggioli 2023-03-02 13:39:37 +00:00 committed by Git OBS Bridge
parent 4b26ba52de
commit 717a46a1f5
6 changed files with 43 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
crun-1.7.2.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f669ecd3d1895dcaa8425eabb707c06eb3bdb5ae5201a50a423c3cace36c4a05
size 1929797

11
crun-1.7.2.tar.gz.asc
View File

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCAAdFiEEr2D8o82qberRV+o6Z+OPeouiF3IFAmOGYmUACgkQZ+OPeoui
F3J5iggAoxDcRafahpWyUShQ8S23jOPnhSmgUW9CM1RTQ5IgPUpUCgbhH1nLKerZ
+jBWb0A1p+by+63Uhd/tnf9SHlkc0GvfjoYigP3Qr+CwPPp/+YrZujlMyZeYrY+7
L8tP9A6NocVfAmNQhcX7ubOMFXDlYb1b0khnZItlg3+608OvRnwwlHCkcarhBgIs
U56fE6O+ezKW8rh+mlv/NpJ+YiMS29xm0SwGeTt0vc5Oe1eENc5LZPvTNXwLToUT
Eqa0g3rAWF301+TaBL988J8LsNXHTDQKWgwqP3pH5YPLRWtu3E2BX+qGJ+6aT3GY
28s1Ma9soWadeUznqR1FKIBPa5MQmA==
=dSw0
-----END PGP SIGNATURE-----

3
crun-1.8.1.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:c7f01be3afb45453429a88dc6c541f2fed13e186cc2e30c91f7c2eef039602fc
size 1661369

11
crun-1.8.1.tar.gz.asc Normal file
View File

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCAAdFiEEr2D8o82qberRV+o6Z+OPeouiF3IFAmP8iFgACgkQZ+OPeoui
F3KHxQgAk7ZFn/k7Vqx1iYj1Osg9VoVV9cwMtcpat9Bef43hHm94TPL3d88RhmTl
3nRdKdU3MUjeL+jkJvZ0GHcNuSvjQZePGaiY0W913X8qxjzXu2HyHCCdPmGP8t1m
OMMpR08vsdI7rSaC+1yWMGLaHAT/eE7Z8G54WUxdndtuUIh+6aZr6w7gXs/D80cq
I/DK+k/S4jV6o4vK6oKFrQajF0dyVJ2MQmyLAlWglv1/HOC2LoH692bRIQ2DF6wo
hchKgnvEy18kWnAic3sF6qD6dSvl+4S/Nexo9Pg2YV2k84tvlN6x920Xij+M0AfO
Rp7Ed+4Bv9Ya7v4n4pFnUmNzWLHmAQ==
=3bFX
-----END PGP SIGNATURE-----

27
crun.changes
View File

@ -1,3 +1,30 @@
-------------------------------------------------------------------
Tue Feb 28 20:14:52 UTC 2023 - Niels Abspoel <aboe76@gmail.com>
- Update to 1.8.1
* linux: idmapped mounts expect the same configuration as
the user namespace mappings. Before they were expecting the inverted
mapping. It is a breaking change, but the behavior was aligned
to what runc will do as well.
* krun: always allow /dev/kvm in the cgroup configuration.
* handlers: disable exec for handlers that do not support it.
* selinux: allow setting fscontext using a custom annotation.
* cgroup: reset systemd unit if start fails.
* cgroup: rmdir the entire systemd scope. It fixes a leak on cgroupv1.
* cgroup: always delete the cgroup on errors.
On some errors it could have been leaked before.
- changes from 1.8
* linux: precreate devices on the host.
* cgroup: support cpuset mounted with noprefix.
* linux: mount the source cgroup if cgroupns=host.
* libcrun: don't clone self from read-only mount.
* build: fix build without dlfcn.h.
* linux: set PR_SET_DUMPABLE.
* utils: fix applying AppArmor profile.
* linux: write setgroups=deny when mapping a single uid/gid.
* cgroup: fix enter cgroupv1 mount on RHEL 7.
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Dec 7 09:24:19 UTC 2022 - Frederic Crozat <fcrozat@suse.com> Wed Dec 7 09:24:19 UTC 2022 - Frederic Crozat <fcrozat@suse.com>

4
crun.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package crun # spec file for package crun
# #
# Copyright (c) 2022 SUSE LLC # Copyright (c) 2023 SUSE LLC
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -19,7 +19,7 @@
Summary: OCI runtime written in C Summary: OCI runtime written in C
License: GPL-2.0-or-later License: GPL-2.0-or-later
Name: crun Name: crun
Version: 1.7.2 Version: 1.8.1
Release: 0 Release: 0
Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz
Source1: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz.asc Source1: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz.asc