From 58ad780bfe59525259d68375e0e3c53181a93da5009a17e149486b5228a4f5b6 Mon Sep 17 00:00:00 2001 From: Richard Brown Date: Fri, 12 Apr 2024 08:46:31 +0000 Subject: [PATCH] Accepting request 1166981 from home:danishprakash:branches:devel:microos - Add patch to keep containers.conf modifications in sync with upstream (bsc#1213556) - Fallback to podman's default capabilities and journal driver via containers.conf - New release 20240408 OBS-URL: https://build.opensuse.org/request/show/1166981 OBS-URL: https://build.opensuse.org/package/show/devel:microos/libcontainers-common?expand=0&rev=34 --- ...nf-SUSE-clear-cni-config-dir-for-ALP.patch | 37 +++ _service | 6 +- common-0.57.4.tar.xz | 3 - common-0.58.0.tar.xz | 3 + containers.conf | 240 +++++++++++++++--- image-5.29.2.tar.xz | 3 - image-5.30.0.tar.xz | 3 + libcontainers-common.changes | 11 + libcontainers-common.spec | 32 +-- storage-1.51.0.tar.xz | 3 - storage-1.53.0.tar.xz | 3 + 11 files changed, 274 insertions(+), 70 deletions(-) create mode 100644 0001-containers.conf-SUSE-clear-cni-config-dir-for-ALP.patch delete mode 100644 common-0.57.4.tar.xz create mode 100644 common-0.58.0.tar.xz delete mode 100644 image-5.29.2.tar.xz create mode 100644 image-5.30.0.tar.xz delete mode 100644 storage-1.51.0.tar.xz create mode 100644 storage-1.53.0.tar.xz diff --git a/0001-containers.conf-SUSE-clear-cni-config-dir-for-ALP.patch b/0001-containers.conf-SUSE-clear-cni-config-dir-for-ALP.patch new file mode 100644 index 0000000..c2109b9 --- /dev/null +++ b/0001-containers.conf-SUSE-clear-cni-config-dir-for-ALP.patch @@ -0,0 +1,37 @@ +From 817674bc542d7169c3d3ca687988c8619a210372 Mon Sep 17 00:00:00 2001 +From: danishprakash +Date: Wed, 10 Apr 2024 13:21:08 +0530 +Subject: [PATCH] containers.conf: SUSE: clear cni config dir for ALP + +This allows us to clear the cni_plugin_dirs when building +for SUSE ALP since we don't ship cni anymore. + +https://github.com/containers/podman/issues/19327 + +SUSE Bugs: bsc#1213556 +Signed-off-by: danishprakash +--- + pkg/config/containers.conf | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/pkg/config/containers.conf b/pkg/config/containers.conf +index 6e0044f6..e1b1b280 100644 +--- a/pkg/config/containers.conf ++++ b/pkg/config/containers.conf +@@ -331,6 +331,13 @@ default_sysctls = [ + + # Path to directory where CNI plugin binaries are located. + # ++ ++# SUSE: We don't ship CNI in SUSE ALP stream, ++# and so we modify this option at build time ++# conditionally. (bsc#1213556) ++# https://github.com/containers/podman/issues/19327 ++cni_plugin_dirs = ["@LIBEXECDIR@/cni"] ++ + #cni_plugin_dirs = [ + # "/usr/local/libexec/cni", + # "/usr/libexec/cni", +-- +2.43.0 + diff --git a/_service b/_service index 7ba4321..78def79 100644 --- a/_service +++ b/_service @@ -3,7 +3,7 @@ https://github.com/containers/storage.git git storage - v1.51.0 + v1.53.0 @PARENT_TAG@ v(.*) @@ -11,7 +11,7 @@ https://github.com/containers/image.git git image - v5.29.2 + v5.30.0 @PARENT_TAG@ v(.*) @@ -19,7 +19,7 @@ https://github.com/containers/common.git git common - v0.57.4 + v0.58.0 @PARENT_TAG@ v(.*) diff --git a/common-0.57.4.tar.xz b/common-0.57.4.tar.xz deleted file mode 100644 index b90e3bf..0000000 --- a/common-0.57.4.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:23fa495f7da1921eb1633e95c13ba9f678f124f145ed7f7cd2c891f9ca1d3cd3 -size 7865740 diff --git a/common-0.58.0.tar.xz b/common-0.58.0.tar.xz new file mode 100644 index 0000000..dc54ada --- /dev/null +++ b/common-0.58.0.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:7924351cdc3fddce22b5803457694901437bccd4b4e95b0b522e21cfed5be309 +size 8233332 diff --git a/containers.conf b/containers.conf index b983204..c54e669 100644 --- a/containers.conf +++ b/containers.conf @@ -10,7 +10,8 @@ # locations in the following order: # 1. /usr/share/containers/containers.conf # 2. /etc/containers/containers.conf -# 3. $HOME/.config/containers/containers.conf (Rootless containers ONLY) +# 3. $XDG_CONFIG_HOME/containers/containers.conf or +# $HOME/.config/containers/containers.conf if $XDG_CONFIG_HOME is not set # Items specified in the latter containers.conf, if they exist, override the # previous containers.conf settings, or the default settings. @@ -33,6 +34,11 @@ # #base_hosts_file = "" +# List of cgroup_conf entries specifying a list of cgroup files to write to and +# their values. For example `memory.high=1073741824` sets the +# memory.high limit to 1GB. +# cgroup_conf = [] + # Default way to to create a cgroup namespace for the container # Options are: # `private` Create private Cgroup Namespace for the container. @@ -52,19 +58,19 @@ # List of default capabilities for containers. If it is empty or commented out, # the default capabilities defined in the container engine will be added. # -default_capabilities = [ - "CHOWN", - "DAC_OVERRIDE", - "FOWNER", - "FSETID", - "KILL", - "NET_BIND_SERVICE", - "SETFCAP", - "SETGID", - "SETPCAP", - "SETUID", - "SYS_CHROOT" -] +#default_capabilities = [ +# "CHOWN", +# "DAC_OVERRIDE", +# "FOWNER", +# "FSETID", +# "KILL", +# "NET_BIND_SERVICE", +# "SETFCAP", +# "SETGID", +# "SETPCAP", +# "SETUID", +# "SYS_CHROOT", +#] # A list of sysctls to be set in containers by default, # specified as "name=value", @@ -114,7 +120,6 @@ default_sysctls = [ # #env = [ # "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", -# "TERM=xterm", #] # Pass all host environment variables into the container. @@ -145,8 +150,11 @@ default_sysctls = [ #init = false # Container init binary, if init=true, this is the init binary to be used for containers. +# If this option is not set catatonit is searched in the directories listed under +# the helper_binaries_dir option. It is recommended to just install catatonit +# there instead of configuring this option here. # -init_path = "/usr/bin/catatonit" +#init_path = "/usr/libexec/podman/catatonit" # Default way to to create an IPC namespace (POSIX SysV IPC) for the container # Options are: @@ -157,6 +165,13 @@ init_path = "/usr/bin/catatonit" # #ipcns = "shareable" +# Default way to set an interface name inside container. Defaults to legacy +# pattern of ethX, where X is a integer, when left undefined. +# Options are: +# "device" Uses the network_interface name from the network config as interface name. +# Falls back to the ethX pattern if the network_interface is not set. +#interface_name = "" + # keyring tells the container engine whether to create # a kernel keyring for use within the container. # @@ -168,9 +183,15 @@ init_path = "/usr/bin/catatonit" # #label = true +# label_users indicates whether to enforce confined users in containers on +# SELinux systems. This option causes containers to maintain the current user +# and role field of the calling process. By default SELinux containers run with +# the user system_u, and the role system_r. +#label_users = false + # Logging driver for the container. Available options: k8s-file and journald. # -log_driver = "journald" +#log_driver = "k8s-file" # Maximum size allowed for the container log file. Negative numbers indicate # that no size limit is imposed. If positive, it must be >= 8192 to match or @@ -185,6 +206,13 @@ log_driver = "journald" # #log_tag = "" +# List of mounts. Specified as +# "type=TYPE,source=,destination=,", for example: +# "type=bind,source=/var/lib/foobar,destination=/var/lib/foobar,ro". +# If it is empty or commented out, no mounts will be added +# +#mounts = [] + # Default way to to create a Network namespace for the container # Options are: # `private` Create private Network Namespace for the container. @@ -198,6 +226,10 @@ log_driver = "journald" # #no_hosts = false +# Tune the host's OOM preferences for containers +# (accepts values from -1000 to 1000). +#oom_score_adj = 0 + # Default way to to create a PID namespace for the container # Options are: # `private` Create private PID Namespace for the container. @@ -216,6 +248,18 @@ log_driver = "journald" # #prepare_volume_on_create = false +# Give extended privileges to all containers. A privileged container turns off +# the security features that isolate the container from the host. Dropped +# Capabilities, limited devices, read-only mount points, Apparmor/SELinux +# separation, and Seccomp filters are all disabled. Due to the disabled +# security features the privileged field should almost never be set as +# containers can easily break out of confinment. +# +# Containers running in a user namespace (e.g., rootless containers) cannot +# have more privileges than the user that launched them. +# +#privileged = false + # Run all containers with root file system mounted read-only # # read_only = false @@ -261,7 +305,7 @@ log_driver = "journald" # If it is empty or commented out, no volumes will be added # #volumes = [] -# + #[engine.platform_to_oci_runtime] #"wasi/wasm" = ["crun-wasm"] #"wasi/wasm32" = ["crun-wasm"] @@ -287,7 +331,30 @@ log_driver = "journald" # Path to directory where CNI plugin binaries are located. # -cni_plugin_dirs = ["@LIBEXECDIR@/cni"] +#cni_plugin_dirs = [ +# "/usr/local/libexec/cni", +# "/usr/libexec/cni", +# "/usr/local/lib/cni", +# "/usr/lib/cni", +# "/opt/cni/bin", +#] + +# List of directories that will be searched for netavark plugins. +# +#netavark_plugin_dirs = [ +# "/usr/local/libexec/netavark", +# "/usr/libexec/netavark", +# "/usr/local/lib/netavark", +# "/usr/lib/netavark", +#] + +# The firewall driver to be used by netavark. +# The default is empty which means netavark will pick one accordingly. Current supported +# drivers are "iptables", "none" (no firewall rules will be created) and "firewalld" (firewalld is +# experimental at the moment and not recommend outside of testing). In the future we are +# planning to add support for a "nftables" driver. +#firewall_driver = "" + # The network name of the default network to attach pods to. # @@ -314,6 +381,13 @@ cni_plugin_dirs = ["@LIBEXECDIR@/cni"] # {"base" = "10.128.0.0/9", "size" = 24}, #] + + +# Configure which rootless network program to use by default. Valid options are +# `slirp4netns` and `pasta` (default). +# +#default_rootless_network_cmd = "pasta" + # Path to the directory where network configuration files are located. # For the CNI backend the default is "/etc/cni/net.d" as root # and "$HOME/.config/cni/net.d" as rootless. @@ -329,16 +403,50 @@ cni_plugin_dirs = ["@LIBEXECDIR@/cni"] # #dns_bind_port = 53 +# A list of default pasta options that should be used running pasta. +# It accepts the pasta cli options, see pasta(1) for the full list of options. +# +#pasta_options = [] + [engine] # Index to the active service # -#active_service = production +#active_service = "production" + +#List of compression algorithms. If set makes sure that requested compression variant +#for each platform is added to the manifest list keeping original instance intact in +#the same manifest list on every `manifest push`. Supported values are (`gzip`, `zstd` and `zstd:chunked`). +# +#add_compression = ["gzip", "zstd", "zstd:chunked"] + +# Enforces using docker.io for completing short names in Podman's compatibility +# REST API. Note that this will ignore unqualified-search-registries and +# short-name aliases defined in containers-registries.conf(5). +#compat_api_enforce_docker_hub = true + +# Specify one or more external providers for the compose command. The first +# found provider is used for execution. Can be an absolute and relative path +# or a (file) name. +#compose_providers=[] + +# Emit logs on each invocation of the compose command indicating that an +# external compose provider is being executed. +#compose_warning_logs = true # The compression format to use when pushing an image. # Valid options are: `gzip`, `zstd` and `zstd:chunked`. +# This field is ignored when pushing images to the docker-daemon and +# docker-archive formats. It is also ignored when the manifest format is set +# to v2s2. # #compression_format = "gzip" +# The compression level to use when pushing an image. +# Valid options depend on the compression format used. +# For gzip, valid options are 1-9, with a default of 5. +# For zstd, valid options are 1-20, with a default of 3. +# +#compression_level = 5 # Cgroup management implementation used for the runtime. # Valid options "systemd" or "cgroupfs" @@ -368,11 +476,20 @@ cni_plugin_dirs = ["@LIBEXECDIR@/cni"] # short-name aliases defined in containers-registries.conf(5). #compat_api_enforce_docker_hub = true +# The database backend of Podman. Supported values are "" (default), "boltdb" +# and "sqlite". An empty value means it will check whenever a boltdb already +# exists and use it when it does, otherwise it will use sqlite as default +# (e.g. new installs). This allows for backwards compatibility with older versions. +# Please run `podman-system-reset` prior to changing the database +# backend of an existing deployment, to make sure Podman can operate correctly. +# +#database_backend = "" + # Specify the keys sequence used to detach a container. # Format is a single character [a-Z] or a comma separated sequence of # `ctrl-`, where `` is one of: # `a-z`, `@`, `^`, `[`, `\`, `]`, `^` or `_` -# +# Specifying "" disables this feature. #detach_keys = "ctrl-p,ctrl-q" # Determines whether engine will reserve ports on the host when they are @@ -442,8 +559,8 @@ cni_plugin_dirs = ["@LIBEXECDIR@/cni"] # #image_parallel_copies = 0 -# Tells container engines how to handle the builtin image volumes. -# * bind: An anonymous named volume will be created and mounted +# Tells container engines how to handle the built-in image volumes. +# * anonymous: An anonymous named volume will be created and mounted # into the container. # * tmpfs: The volume is mounted onto the container as a tmpfs, # which allows users to create content that disappears when @@ -458,26 +575,30 @@ cni_plugin_dirs = ["@LIBEXECDIR@/cni"] # Infra (pause) container image name for pod infra containers. When running a # pod, we start a `pause` process in a container to hold open the namespaces -# associated with the pod. This container does nothing other then sleep, -# reserving the pods resources for the lifetime of the pod. By default container -# engines run a builtin container using the pause executable. If you want override +# associated with the pod. This container does nothing other than sleep, +# reserving the pod's resources for the lifetime of the pod. By default container +# engines run a built-in container using the pause executable. If you want override # specify an image to pull. # #infra_image = "" +# Default Kubernetes kind/specification of the kubernetes yaml generated with the `podman kube generate` command. +# The possible options are `pod` and `deployment`. +#kube_generate_type = "pod" + # Specify the locking mechanism to use; valid values are "shm" and "file". # Change the default only if you are sure of what you are doing, in general # "file" is useful only on platforms where cgo is not available for using the # faster "shm" lock type. You may need to run "podman system renumber" after # you change the lock type. # -#lock_type** = "shm" +#lock_type = "shm" # MultiImageArchive - if true, the container engine allows for storing archives # (e.g., of the docker-archive transport) with multiple images. By default, # Podman creates single-image archives. # -#multi_image_archive = "false" +#multi_image_archive = false # Default engine namespace # If engine is joined to a namespace, it will see only containers and pods @@ -518,7 +639,8 @@ cni_plugin_dirs = ["@LIBEXECDIR@/cni"] # #no_pivot_root = false -# Number of locks available for containers and pods. +# Number of locks available for containers, pods, and volumes. Each container, +# pod, and volume consumes 1 lock for as long as it exists. # If this is changed, a lock renumber must be performed (e.g. with the # 'podman system renumber' command). # @@ -537,6 +659,16 @@ cni_plugin_dirs = ["@LIBEXECDIR@/cni"] # #remote = false +# Number of times to retry pulling/pushing images in case of failure +# +#retry = 3 + +# Delay between retries in case pulling/pushing image fails. +# If set, container engines will retry at the set interval, +# otherwise they delay 2 seconds and then exponentially back off. +# +#retry_delay = "2s" + # Default OCI runtime # #runtime = "crun" @@ -582,12 +714,12 @@ cni_plugin_dirs = ["@LIBEXECDIR@/cni"] # map of service destinations # -#[service_destinations] -# [service_destinations.production] +# [engine.service_destinations] +# [engine.service_destinations.production] # URI to access the Podman service # Examples: -# rootless "unix://run/user/$UID/podman/podman.sock" (Default) -# rootful "unix://run/podman/podman.sock (Default) +# rootless "unix:///run/user/$UID/podman/podman.sock" (Default) +# rootful "unix:///run/podman/podman.sock (Default) # remote rootless ssh://engineering.lab.company.com/run/user/1000/podman/podman.sock # remote rootful ssh://root@10.10.1.136:22/run/podman/podman.sock # @@ -612,6 +744,9 @@ cni_plugin_dirs = ["@LIBEXECDIR@/cni"] # A value of 0 is treated as no timeout. #volume_plugin_timeout = 5 +# Default timeout in seconds for podmansh logins. +#podmansh_timeout = 30 + # Paths to look for a valid OCI runtime (crun, runc, kata, runsc, krun, etc) [engine.runtimes] #crun = [ @@ -624,6 +759,15 @@ cni_plugin_dirs = ["@LIBEXECDIR@/cni"] # "/run/current-system/sw/bin/crun", #] +#crun-vm = [ +# "/usr/bin/crun-vm", +# "/usr/local/bin/crun-vm", +# "/usr/local/sbin/crun-vm", +# "/sbin/crun-vm", +# "/bin/crun-vm", +# "/run/current-system/sw/bin/crun-vm", +#] + #kata = [ # "/usr/bin/kata-runtime", # "/usr/sbin/kata-runtime", @@ -679,16 +823,15 @@ cni_plugin_dirs = ["@LIBEXECDIR@/cni"] # #disk_size=10 -# Default image URI when creating a new VM using `podman machine init`. -# Options: On Linux/Mac, `testing`, `stable`, `next`. On Windows, the major -# version of the OS (e.g `36`) for Fedora 36. For all platforms you can -# alternatively specify a custom download URL to an image. Container engines -# translate URIs $OS and $ARCH to the native OS and ARCH. URI -# "https://example.com/$OS/$ARCH/foobar.ami" becomes +# Default Image used when creating a new VM using `podman machine init`. +# Can be specified as registry with a bootable OCI artifact, download URL, or a local path. +# Registry target must be in the form of `docker://registry/repo/image:version`. +# Container engines translate URIs $OS and $ARCH to the native OS and ARCH. +# URI "https://example.com/$OS/$ARCH/foobar.ami" would become # "https://example.com/linux/amd64/foobar.ami" on a Linux AMD machine. -# The default value is `testing`. +# If unspecified, the default Podman machine image will be used. # -#image = "testing" +#image = "" # Memory in MB a machine is created with. # @@ -704,7 +847,7 @@ cni_plugin_dirs = ["@LIBEXECDIR@/cni"] # the source and destination. An optional third field `:ro` can be used to # tell the container engines to mount the volume readonly. # -# volumes = [ +#volumes = [ # "$HOME:$HOME", #] @@ -713,8 +856,21 @@ cni_plugin_dirs = ["@LIBEXECDIR@/cni"] # #provider = "" +# Rosetta supports running x86_64 Linux binaries on a Podman machine on Apple silicon. +# The default value is `true`. Supported on AppleHV(arm64) machines only. +# +#rosetta=true + # The [machine] table MUST be the last entry in this file. # (Unless another table is added) # TOML does not provide a way to end a table other than a further table being # defined, so every key hereafter will be part of [machine] and not the # main config. + +[farms] +# +# the default farm to use when farming out builds +# default = "" +# +# map of existing farms +#[farms.list] diff --git a/image-5.29.2.tar.xz b/image-5.29.2.tar.xz deleted file mode 100644 index abc4c68..0000000 --- a/image-5.29.2.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7812f2d34d4d308168a38c3b4451e693d4729f551e9bc4484dca8be2efd1e8c2 -size 481376 diff --git a/image-5.30.0.tar.xz b/image-5.30.0.tar.xz new file mode 100644 index 0000000..17753e2 --- /dev/null +++ b/image-5.30.0.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:89578b06e33bae568939478650572ee1d932b663d9b0eee47d96c74d6af8d77c +size 488856 diff --git a/libcontainers-common.changes b/libcontainers-common.changes index ff5e366..aaec02d 100644 --- a/libcontainers-common.changes +++ b/libcontainers-common.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Mon Apr 8 15:15:18 UTC 2024 - Danish Prakash + +- Add patch to keep containers.conf modifications in sync with upstream (bsc#1213556) + + 0001-containers.conf-SUSE-clear-cni-config-dir-for-ALP.patch +- Fallback to podman's default capabilities and journal driver via containers.conf +- New release 20240408 +- bump bundled c/common to 0.58.0 +- bump bundled c/image to 5.30.0 +- bump bundled c/storage to 1.53.0 + ------------------------------------------------------------------- Wed Mar 20 10:41:40 UTC 2024 - Marcus Meissner diff --git a/libcontainers-common.spec b/libcontainers-common.spec index c9f1940..c896eb0 100644 --- a/libcontainers-common.spec +++ b/libcontainers-common.spec @@ -17,17 +17,17 @@ # commonver - version from containers/common -%define commonver 0.57.4 +%define commonver 0.58.0 # storagever - version from containers/storage -%define storagever 1.51.0 +%define storagever 1.53.0 # imagever - version from containers/image -%define imagever 5.29.2 +%define imagever 5.30.0 # skopeover - version from containers/skopeo -%define skopeover 1.14.2 +%define skopeover 1.15.0 # https://github.com/containers/shortnames %define shortnamesver 2023.02.20 Name: libcontainers-common -Version: 20240206 +Version: 20240408 Release: 0 Summary: Configuration files common to github.com/containers License: Apache-2.0 @@ -47,11 +47,11 @@ Source6: registries.conf # https://github.com/containers/skopeo/blob/main/default.yaml but heavily modified Source7: default.yaml Source8: common-%{commonver}.tar.xz -# https://github.com/containers/common/blob/main/pkg/config/containers.conf with custom settings -Source9: containers.conf +Source9: https://raw.githubusercontent.com/containers/common/v%{commonver}/pkg/config/containers.conf Source10: %{name}.rpmlintrc Source11: https://raw.githubusercontent.com/containers/shortnames/v%{shortnamesver}/shortnames.conf Source12: openSUSE-policy.json +Patch100: 0001-containers.conf-SUSE-clear-cni-config-dir-for-ALP.patch BuildRequires: go-go-md2man Requires(post): %{_bindir}/sed # add SLE-specific mounts for only SLES systems @@ -95,13 +95,20 @@ Conflicts: libcontainers-openSUSE-policy This package ships the default /etc/containers/policy.json %prep +cp %{SOURCE9} . +# Apply CNI config on streams other than ALP (bsc#1213556) +# https://github.com/containers/podman/issues/19327 +%if 0%{?suse_version} < 1600 && !0%{?is_opensuse} +%patch -P100 -p3 +sed -e 's-@LIBEXECDIR@-%{_libexecdir}-g' -i %_builddir/containers.conf +%endif + %setup -q -Tcq -b0 -b1 -b8 # copy the LICENSE file in the build root cp %{SOURCE2} . %build cd .. -pwd # compile containers/image manpages cd image-%{imagever} for md in docs/*.md @@ -132,12 +139,6 @@ cat >>%{SOURCE5} <= 1600 && !0%{?is_opensuse} -sed -i 's/cni_plugin_dirs = .*/\# cni_plugin_dirs = []/g' %{SOURCE9} -%endif - cd common-%{commonver} %make_build docs cd .. @@ -160,8 +161,7 @@ install -D -m 0644 %{SOURCE5} %{buildroot}/%{_sysconfdir}/containers/mounts.conf install -D -m 0644 %{SOURCE6} %{buildroot}/%{_sysconfdir}/containers/registries.conf install -D -m 0644 %{SOURCE11} %{buildroot}/%{_sysconfdir}/containers/registries.conf.d/000-shortnames.conf install -D -m 0644 %{SOURCE7} %{buildroot}/%{_sysconfdir}/containers/registries.d/default.yaml -sed -e 's-@LIBEXECDIR@-%{_libexecdir}-g' -i %{SOURCE9} -install -D -m 0644 %{SOURCE9} %{buildroot}/%{_datadir}/containers/containers.conf +install -D -m 0644 %_builddir/containers.conf %{buildroot}/%{_datadir}/containers/containers.conf install -D -m 0644 common-%{commonver}/pkg/seccomp/seccomp.json %{buildroot}/%{_datadir}/containers/seccomp.json install -D -m 0644 common-%{commonver}/pkg/seccomp/seccomp.json %{buildroot}/%{_sysconfdir}/containers/seccomp.json diff --git a/storage-1.51.0.tar.xz b/storage-1.51.0.tar.xz deleted file mode 100644 index 1270979..0000000 --- a/storage-1.51.0.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:0b3d80510789b5ff4691e72b0ec941a4ad07ba4aaf7629f36580933f6676b110 -size 2290404 diff --git a/storage-1.53.0.tar.xz b/storage-1.53.0.tar.xz new file mode 100644 index 0000000..2065954 --- /dev/null +++ b/storage-1.53.0.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f8675a6aaf1209232202cec84794a3b32eb38d4439b4deeec865675eeb995ffc +size 2295056