Accepting request 910492 from Virtualization:containers
OBS-URL: https://build.opensuse.org/request/show/910492 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/crun?expand=0&rev=2
This commit is contained in:
Dominique Leuenberger
Git OBS Bridge
commit
734f0d2db1
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:913191076ceaca7d8809f776894bb37be9271de82c06a810697d6a8f4746e241
|
|
||||||
size 1394857
|
|
||||||
3
crun-0.21.tar.gz
Normal file
3
crun-0.21.tar.gz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:018c805c88a15cbd8341d00badd00c92de256bc585c46336be78f1ff9a5a3cf2
|
||||||
|
size 1878109
|
||||||
49
crun.changes
49
crun.changes
@ -1,3 +1,52 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Aug 6 09:55:53 UTC 2021 - Frederic Crozat <fcrozat@suse.com>
|
||||||
|
|
||||||
|
- Add libkrun-dlopen.patch: use soname when dlopening libkrun.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Jul 28 11:56:01 UTC 2021 - Paolo Stivanin <info@paolostivanin.com>
|
||||||
|
|
||||||
|
- Update to 0.21
|
||||||
|
- honor memory swappiness set to 0
|
||||||
|
- status: add fields for owner and created timestamp
|
||||||
|
- cgroup: lookup pids controller as well when the memory controller
|
||||||
|
is not available
|
||||||
|
- when compiled with krun, automatically use it if the current
|
||||||
|
executable file is called "krun".
|
||||||
|
- container: ignore error when resetting the SELinux label for the
|
||||||
|
keyring.
|
||||||
|
- container: call prestart hooks before rootfs is RO.
|
||||||
|
- cgroup: added support cleaning custom controllers on cgroupv1.
|
||||||
|
- spec: add support for --bundle.
|
||||||
|
- exec: add --no-new-privs.
|
||||||
|
- exec: add --process-label and --apparmor to change SELinux and
|
||||||
|
AppArmor labels.
|
||||||
|
- cgroup: kill procs in cgroup on EBUSY.
|
||||||
|
- cgroup: ignore devices errors when running in a user namespace.
|
||||||
|
- seccomp: drop SECCOMP_FILTER_FLAG_LOG by default.
|
||||||
|
- seccomp: report correct action in error message.
|
||||||
|
- apply SELinux label to keyring.
|
||||||
|
- add custom annotation run.oci.delegate-cgroup.
|
||||||
|
- close_range fallbacks to close on EPERM.
|
||||||
|
- report error if the cgroup path was set and the cgroup could not be
|
||||||
|
joined.
|
||||||
|
- on exec, honor additional_gids from the process spec, not the
|
||||||
|
container definition.
|
||||||
|
- spec: add cgroup ns if on cgroup v2.
|
||||||
|
- systemd: support array of strings for cgroup annotation.
|
||||||
|
- join all the cgroup v1 controllers.
|
||||||
|
- raise a warning when newuidmap/newgidmap fail.
|
||||||
|
- handle eBPF access(dev_name, F_OK) call correctly.
|
||||||
|
- fix some memory leaks on errors when libcrun is used by a long
|
||||||
|
running process.
|
||||||
|
- fix the SELinux label for masked directories.
|
||||||
|
- support default seccomp errno value.
|
||||||
|
- fail if no default seccomp action specified.
|
||||||
|
- support OCI seccomp notify listener.
|
||||||
|
- improve OOM error messages.
|
||||||
|
- ignore unknown capabilities and raise a warning.
|
||||||
|
- always remount bind mounts to drop not requested mount flags.
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Tue Mar 23 17:52:10 UTC 2021 - Dario Faggioli <dfaggioli@suse.com>
|
Tue Mar 23 17:52:10 UTC 2021 - Dario Faggioli <dfaggioli@suse.com>
|
||||||
|
|
||||||
|
|||||||
60
crun.spec
60
crun.spec
@ -15,41 +15,44 @@
|
|||||||
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
||||||
#
|
#
|
||||||
|
|
||||||
Summary: OCI runtime written in C
|
|
||||||
Name: crun
|
Summary: OCI runtime written in C
|
||||||
Version: 0.18
|
License: GPL-2.0-or-later
|
||||||
Release: 0
|
Name: crun
|
||||||
Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz
|
Version: 0.21
|
||||||
Source1: crun-rpmlintrc
|
Release: 0
|
||||||
License: GPL-2.0-or-later
|
Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz
|
||||||
URL: https://github.com/containers/crun
|
Source1: crun-rpmlintrc
|
||||||
ExclusiveArch: x86_64 aarch64
|
# PATCH-FIX-OPENSUSE libkrun-dlopen.patch fcrozat@suse.com -- use soname when dlopening libkrun
|
||||||
|
Patch0: libkrun-dlopen.patch
|
||||||
|
URL: https://github.com/containers/crun
|
||||||
|
ExclusiveArch: x86_64 aarch64
|
||||||
# We always run autogen.sh
|
# We always run autogen.sh
|
||||||
BuildRequires: autoconf
|
BuildRequires: autoconf
|
||||||
BuildRequires: automake
|
BuildRequires: automake
|
||||||
BuildRequires: gcc
|
BuildRequires: gcc
|
||||||
BuildRequires: python
|
BuildRequires: git-core
|
||||||
BuildRequires: git-core
|
BuildRequires: glibc-devel-static
|
||||||
BuildRequires: libcap-devel
|
BuildRequires: go-md2man
|
||||||
BuildRequires: systemd-devel
|
BuildRequires: libcap-devel
|
||||||
BuildRequires: libyajl-devel
|
BuildRequires: libkrun-devel >= 0.1.4
|
||||||
BuildRequires: libseccomp-devel
|
BuildRequires: libseccomp-devel
|
||||||
BuildRequires: libselinux-devel
|
BuildRequires: libselinux-devel
|
||||||
BuildRequires: python3-libmount
|
BuildRequires: libtool
|
||||||
BuildRequires: libtool
|
BuildRequires: libyajl-devel
|
||||||
BuildRequires: go-md2man
|
BuildRequires: python
|
||||||
BuildRequires: glibc-devel-static
|
BuildRequires: python3-libmount
|
||||||
BuildRequires: libkrun-devel >= 0.1.4
|
BuildRequires: systemd-devel
|
||||||
%ifnarch %ix86
|
%ifnarch %ix86
|
||||||
BuildRequires: criu-devel >= 3.15
|
BuildRequires: criu-devel >= 3.15
|
||||||
%endif
|
%endif
|
||||||
Requires: libkrun0 >= 0.1.4
|
Requires: libkrun0 >= 0.1.4
|
||||||
|
|
||||||
%description
|
%description
|
||||||
crun is a runtime for running OCI containers. It is built with libkrun support
|
crun is a runtime for running OCI containers. It is built with libkrun support
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%autosetup
|
%autosetup -p1
|
||||||
|
|
||||||
%build
|
%build
|
||||||
./autogen.sh
|
./autogen.sh
|
||||||
@ -59,6 +62,8 @@ crun is a runtime for running OCI containers. It is built with libkrun support
|
|||||||
%install
|
%install
|
||||||
%make_install
|
%make_install
|
||||||
rm -rf %{buildroot}/%{_libdir}/lib*
|
rm -rf %{buildroot}/%{_libdir}/lib*
|
||||||
|
# allow easy krun usage with podman
|
||||||
|
ln -s %{_bindir}/crun %{buildroot}%{_bindir}/krun
|
||||||
|
|
||||||
%files
|
%files
|
||||||
%defattr(-,root,root)
|
%defattr(-,root,root)
|
||||||
@ -66,6 +71,7 @@ rm -rf %{buildroot}/%{_libdir}/lib*
|
|||||||
%doc README.md
|
%doc README.md
|
||||||
%doc SECURITY.md
|
%doc SECURITY.md
|
||||||
%{_bindir}/%{name}
|
%{_bindir}/%{name}
|
||||||
|
%{_bindir}/krun
|
||||||
%{_mandir}/man1/*
|
%{_mandir}/man1/*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
|||||||
16
libkrun-dlopen.patch
Normal file
16
libkrun-dlopen.patch
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
Index: crun-0.18/src/libcrun/container.c
|
||||||
|
===================================================================
|
||||||
|
--- crun-0.18.orig/src/libcrun/container.c 2021-02-18 16:25:28.000000000 +0100
|
||||||
|
+++ crun-0.18/src/libcrun/container.c 2021-08-06 11:54:48.798850933 +0200
|
||||||
|
@@ -712,9 +712,9 @@
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if HAVE_DLOPEN && HAVE_LIBKRUN
|
||||||
|
- handle = dlopen ("libkrun.so", RTLD_NOW);
|
||||||
|
+ handle = dlopen ("libkrun.so.0", RTLD_NOW);
|
||||||
|
if (handle == NULL)
|
||||||
|
- return crun_make_error (err, 0, "could not load `libkrun.so`: %s", dlerror ());
|
||||||
|
+ return crun_make_error (err, 0, "could not load `libkrun.so.0`: %s", dlerror ());
|
||||||
|
|
||||||
|
args->exec_func = libkrun_do_exec;
|
||||||
|
args->exec_func_arg = handle;
|
||||||
Loading…
Reference in New Issue
Block a user