------------------------------------------------------------------- Fri Jul 23 08:31:52 UTC 2021 - Alexandre Vicenzi - Update common to 0.41.0 - Update podman to 3.2.3 - Update storage to 1.32.6 - Update image to 5.14.0 ------------------------------------------------------------------- Tue Jun 29 07:38:39 UTC 2021 - Fabian Vogt - Mention libcontainers-common.rpmlintrc as source - Use versioned obsoletes ------------------------------------------------------------------- Fri Jun 25 22:37:43 UTC 2021 - Enrico Belleri - Update common to 0.38.11 - Update podman to 3.2.2 - Update storage to 1.32.5 - Update image to 5.13.2 ------------------------------------------------------------------- Tue May 18 09:28:28 UTC 2021 - Alexandre Vicenzi - Update common to 0.38.2 - Update storage to 1.31.0 - Update image to 5.12.0 ------------------------------------------------------------------- Thu Apr 29 09:06:07 UTC 2021 - Alexandre Vicenzi - Update common to 0.37.0 - Update podman to 3.1.2 - Update storage to 1.30.1 - Update image to 5.11.1 ------------------------------------------------------------------- Mon Apr 19 12:21:56 UTC 2021 - Richard Brown - Force overlay as default storage driver if system is not btrfs (gh#containers/buildah#3153) ------------------------------------------------------------------- Mon Apr 19 11:03:30 UTC 2021 - Alexandre Vicenzi - Update common to 0.36.0 - Update podman to 3.1.1 - Update storage to 1.29.0 - Update image to 5.11.0 ------------------------------------------------------------------- Tue Mar 30 08:37:09 UTC 2021 - Alexandre Vicenzi - Update common to 0.35.3 - Update podman to 3.1.0 - Update storage to 1.28.1 - Update image to 5.10.5 ------------------------------------------------------------------- Tue Mar 23 09:39:45 UTC 2021 - Richard Brown - Reintroduce SLE specific mounts config, to avoid errors on non-SLE systems ------------------------------------------------------------------- Thu Mar 4 18:14:43 UTC 2021 - Richard Brown - Require util-linux-systemd for %post scripts (findmnt) (boo#1182998) ------------------------------------------------------------------- Thu Feb 25 16:15:46 UTC 2021 - Alexandre Vicenzi - Update commonver to 0.35.1 - Update podmanver to 3.0.1 - Update storagever to 1.24.8 - Update imagever to 5.10.4 ------------------------------------------------------------------- Tue Jan 12 08:43:22 UTC 2021 - Sascha Grunert - Update common to 0.33.0 - Update image to 5.9.0 - Update podman to 2.2.1 - Update storage to 1.24.5 - Switch to seccomp profile provided by common instead of podman - Update containers.conf to match latest version ------------------------------------------------------------------- Tue Oct 13 15:53:05 UTC 2020 - Jan Engelhardt - Simplify %setup statements. ------------------------------------------------------------------- Mon Aug 3 17:10:46 UTC 2020 - Callum Farmer - Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075) ------------------------------------------------------------------- Tue Jul 28 13:22:02 UTC 2020 - Ralf Haferkamp - Added containers/common tarball for containers.conf(5) man page - Install containers.conf default configuration in /usr/share/containers - libpod repository on github got renamed to podman - Update to image 5.5.1 - Add documentation for credHelpera - Add defaults for using the rootless policy path - Update libpod/podman to 2.0.3 - docs: user namespace can't be shared in pods - Switch references from libpod.conf to containers.conf - Allow empty host port in --publish flag - update document login see config.json as valid - Update storage to 1.20.2 - Add back skip_mount_home ------------------------------------------------------------------- Fri Jun 19 09:57:44 UTC 2020 - Ralf Haferkamp - Remove remaining difference between SLE and openSUSE package and ship the some mounts.conf default configuration on both platforms. As the sources for the mount point do not exist on openSUSE by default this config will basically have no effect on openSUSE. (jsc#SLE-12122, bsc#1175821) ------------------------------------------------------------------- Wed Jun 3 14:37:20 UTC 2020 - Ralf Haferkamp - Update to image 5.4.4 - Remove registries.conf VERSION 2 references from man page - Intial authfile man page - Add $HOME/.config/containers/certs.d to perHostCertDirPath - Add $HOME/.config/containers/registries.conf to config path - registries.conf.d: add stances for the registries.conf - update to libpod 1.9.3 - userns: support --userns=auto - Switch to using --time as opposed to --timeout to better match Docker - Add support for specifying CNI networks in podman play kube - man pages: fix inconsistencies - Update to storage 1.19.1 - userns: add support for auto - store: change the default user to containers - config: honor XDG_CONFIG_HOME - Remove the /var/lib/ca-certificates/pem/SUSE.pem workaround again. It never ended up in SLES and a different way to fix the underlying problem is being worked on. ------------------------------------------------------------------- Wed May 13 12:45:58 UTC 2020 - Richard Brown - Add registry.opensuse.org as default registry [bsc#1171578] ------------------------------------------------------------------- Fri Apr 24 08:35:54 UTC 2020 - Ralf Haferkamp - Add /var/lib/ca-certificates/pem/SUSE.pem to the SLES mounts. This for making container-suseconnect working in the public cloud on-demand images. It needs that file for being able to verify the server certificates of the RMT servers hosted in the public cloud. (https://github.com/SUSE/container-suseconnect/issues/41) ------------------------------------------------------------------- Fri Mar 6 11:14:24 UTC 2020 - Ralf Haferkamp - New snaphot (bsc#1165917) - Update to image 5.2.1 * Add documentation about rewriting docker.io registries * Add registries warning to registries.conf - Update to libpod 1.8.0 * Fixed some spelling errors in oci-hooks documentations * include containers-mounts.conf(5) man-page into the package - Update to storage 1.16.1 * Add `rootless_storage_path` directive to storage.conf * Add better documentation for the mount_program in overlay driver ------------------------------------------------------------------- Wed Dec 11 16:13:32 UTC 2019 - Richard Brown - Update to image 5.0.0 - Clean up various imports primarily so that imports of packages that aren't in the standard library are all in one section. - Update to major version v5 - return resp error message - copy.Image(): select the CopySystemImage image using the source context - Add manifest list support - docker: handle http 429 status codes - allow for .dockercfg files to reside in non-home directories - Use the correct module path in (make test-skopeo) - Update to libpod 1.6.3 - Handling of the libpod.conf configuration file has seen major changes. Most significantly, rootless users will no longer automatically receive a complete configuration file when they first use Podman, and will instead only receive differences from the global configuration. - Initial support for the CNI DNS plugin, which allows containers to resolve the IPs of other containers via DNS name, has been added - Podman now supports anonymous named volumes, created by specifying only a destination to the -v flag to the podman create and podman run commands - Named volumes now support uid and gid options in --opt o=... to set UID and GID of the created volume - Update to storage 1.15.3 - overlay: allow storing images with more than 127 layers - Lazy initialize the layer store - tarlogger: drop state mutex ------------------------------------------------------------------- Wed Oct 2 08:29:50 UTC 2019 - Sascha Grunert - Update to image 4.0.0 - Add http response to log - Add tests for parsing OpenShift kubeconfig files - Compress: define some consts for the compression algos - Compression: add support for the zstd - Compression: allow to specify the compression format - Copy: add nil checks - Copy: compression: default to gzip - Copy: don't lose annotations of BlobInfo - Copy: fix options.DestinationCtx nil check - Copy: use a bigger buffer for the compression - Fix cross-compilation by vendoring latest c/storage - Internal/testing/explicitfilepath-tmpdir: handle unset TMPDIR - Keyctl: clean up after tests - Make container tools work with go+openssl - Make test-skopeo: replace c/image module instead of copying code - Media type checks - Move keyctl to internal & func remove auth from keyring - Replace vendor.conf by go.mod - Update dependencies - Update test certificates - Update to mergo v0.3.5 - Vendor.conf: update reference for containers/storage - Update to storage 1.13.4 - Update generated files - ImageBigData: distinguish between no-such-image and no-such-item - ImageSize: don't get tripped up by images with no layers - tarlogger: disable raw accouting - Update to libpod 1.6.0 - Nothing changed regarding the OCI hooks documentation provided by this package ------------------------------------------------------------------- Mon Sep 23 15:28:02 UTC 2019 - Richard Brown - Update to image 1.4.4 - Hard-code the kernel keyring use to be disabled for now - Update to libpod 1.5.1 - The hostname of pods is now set to the pod's name - Minor bugfixes - Update to storage 1.12.16 - Ignore ro mount options in btrfs and windows drivers ------------------------------------------------------------------- Mon Sep 23 12:01:53 UTC 2019 - Richard Brown - Check /var/lib/containers if possible before setting btrfs backend (bsc#1151028) ------------------------------------------------------------------- Wed Aug 7 10:35:07 UTC 2019 - Sascha Grunert - Add missing licenses to spec file ------------------------------------------------------------------- Tue Aug 6 11:42:17 UTC 2019 - Marco Vedovati - Add a default registries.d configuration file, used to specify images signatures storage location. ------------------------------------------------------------------- Fri Aug 2 09:46:10 UTC 2019 - Sascha Grunert - Update to image v3.0.0 - Add "Env" to ImageInspectInfo - Add API function TryUpdatingCache - Add ability to install man pages - Add user registry auth to kernel keyring - Fix policy.json.md -> containers-policy.json.5.md references - Fix typo in docs/containers-registries.conf.5.md - Remove pkg/sysregistries - Touch up transport man page - Try harder in storageImageDestination.TryReusingBlob - Use the same HTTP client for contacting the bearer token server and the registry - ci: change GOCACHE to a writeable path - config.go: improve debug message - config.go: log where credentials come from - docker client: error if registry is blocked - docker: allow deleting OCI images - docker: delete: support all MIME types - ostree: default is no OStree support - ostree: improve error message - progress bar: use spinners for unknown blob sizes - use 'containers_image_ostree' as build tag - use keyring when authfile empty - Update to storage v1.12.16 - Add cirrus vendor check - Add storage options to IgnoreChownErrors - Add support for UID as well as UserName in /etc/subuid files. - Add support for ignoreChownErrors to vfs - Add support for installing man pages - Fix cross-compilation - Keep track of the UIDs and GIDs used in applied layers - Move lockfiles to their own package - Remove merged directory when it is unmounted - Switch to go modules - Switch to golangci-lint - Update generated files - Use same variable name on both commands - cirrus: ubuntu: try removing cryptsetup-initramfs - compression: add support for the zstd algorithm - getLockfile(): use the absolute path - loadMounts(): reset counts before merging just-loaded data - lockfile: don't bother releasing a lock when closing a file - locking test updates - locking: take read locks on read-only stores - make local-cross more reliable for CI - overlay: cache the results of supported/using-metacopy/use-naive-diff feature tests - overlay: fix small piece of repeated work - utils: fix check for missing conf file - zstd: use github.com/klauspost/compress directly ------------------------------------------------------------------- Mon Jul 8 13:18:20 UTC 2019 - Sascha Grunert - Update to libpod v1.4.4 - Fixed a bug where rootless Podman would attempt to use the entire root configuration if no rootless configuration was present for the user, breaking rootless Podman for new installations - Fixed a bug where rootless Podman's pause process would block SIGTERM, preventing graceful system shutdown and hanging until the system's init send SIGKILL - Fixed a bug where running Podman as root with sudo -E would not work after running rootless Podman at least once - Fixed a bug where options for tmpfs volumes added with the --tmpfs flag were being ignored - Fixed a bug where images with no layers could not properly be displayed and removed by Podman - Fixed a bug where locks were not properly freed on failure to create a container or pod - Podman now has greatly improved support for containers using multiple OCI runtimes. Containers now remember if they were created with a different runtime using --runtime and will always use that runtime - The cached and delegated options for volume mounts are now allowed for Docker compatability (#3340) - The podman diff command now supports the --latest flag - Fixed a bug where podman cp on a single file would create a directory at the target and place the file in it (#3384) - Fixed a bug where podman inspect --format '{{.Mounts}}' would print a hexadecimal address instead of a container's mounts - Fixed a bug where rootless Podman would not add an entry to container's /etc/hosts files for their own hostname (#3405) - Fixed a bug where podman ps --sync would segfault (#3411) - Fixed a bug where podman generate kube would produce an invalid ports configuration (#3408) - Podman now performs much better on systems with heavy I/O load - The --cgroup-manager flag to podman now shows the correct default setting in help if the default was overridden by libpod.conf - For backwards compatability, setting --log-driver=json-file in podman run is now supported as an alias for --log-driver=k8s-file. This is considered deprecated, and json-file will be moved to a new implementation in the future ([#3363](https://github.com/containers/libpod/issues/3363)) - Podman's default libpod.conf file now allows the crun OCI runtime to be used if it is installed - Fixed a bug where Podman could not run containers using an older version of Systemd as init (#3295) - Updated vendored Buildah to v1.9.0 to resolve a critical bug with Dockerfile RUN instructions - The error message for running podman kill on containers that are not running has been improved - The Podman remote client can now log to a file if syslog is not available - The MacOS dmg file is experimental, use at your own risk. - The podman exec command now sets its error code differently based on whether the container does not exist, and the command in the container does not exist - The podman inspect command on containers now outputs Mounts JSON that matches that of docker inspect, only including user-specified volumes and differentiating bind mounts and named volumes - The podman inspect command now reports the path to a container's OCI spec with the OCIConfigPath key (only included when the container is initialized or running) - The podman run --mount command now supports the bind-nonrecursive option for bind mounts (#3314) - Fixed a bug where podman play kube would fail to create containers due to an unspecified log driver - Fixed a bug where Podman would fail to build with musl libc (#3284) - Fixed a bug where rootless Podman using slirp4netns networking in an environment with no nameservers on the host other than localhost would result in nonfunctional networking (#3277) - Fixed a bug where podman import would not properly set environment variables, discarding their values and retaining only keys - Fixed a bug where Podman would fail to run when built with Apparmor support but run on systems without the Apparmor kernel module loaded (#3331) - Remote Podman will now default the username it uses to log in to remote systems to the username of the current user - Podman now uses JSON logging with OCI runtimes that support it, allowing for better error reporting - Updated vendored Buildah to v1.8.4 - Updated vendored containers/image to v2.0 - Update to image v2.0.0 - Add registry mirror support - Include missing man pages (bsc#1139526) - Update to storage v1.12.10 - Add support for UID as well as UserName in /etc/subuid files. - utils: fix check for missing conf file - compression: add support for the zstd algorithm - overlay: cache the results of supported/using-metacopy/use-naive-diff feature tests ------------------------------------------------------------------- Tue Jun 11 07:06:13 UTC 2019 - Sascha Grunert - Update to libpod v1.4.0 - The podman checkpoint and podman restore commands can now be used to migrate containers between Podman installations on different systems - The podman cp command now supports a pause flag to pause containers while copying into them - The remote client now supports a configuration file for pre-configuring connections to remote Podman installations - Fixed CVE-2019-10152 - The podman cp command improperly dereferenced symlinks in host context - Fixed a bug where podman commit could improperly set environment variables that contained = characters - Fixed a bug where rootless Podman would sometimes fail to start containers with forwarded ports - Fixed a bug where podman version on the remote client could segfault - Fixed a bug where podman container runlabel would use /proc/self/exe instead of the path of the Podman command when printing the command being executed - Fixed a bug where filtering images by label did not work - Fixed a bug where specifying a bing mount or tmpfs mount over an image volume would cause a container to be unable to start - Fixed a bug where podman generate kube did not work with containers with named volumes - Fixed a bug where rootless Podman would receive permission denied errors accessing conmon.pid - Fixed a bug where podman cp with a folder specified as target would replace the folder, as opposed to copying into it - Fixed a bug where rootless Podman commands could double-unlock a lock, causing a crash - Fixed a bug where Podman incorrectly set tmpcopyup on /dev/ mounts, causing errors when using the Kata containers runtime - Fixed a bug where podman exec would fail on older kernels - The podman commit command is now usable with the Podman remote client - The --signature-policy flag (used with several image-related commands) has been deprecated - The podman unshare command now defines two environment variables in the spawned shell: CONTAINERS_RUNROOT and CONTAINERS_GRAPHROOT, pointing to temporary and permanent storage for rootless containers - Updated vendored containers/storage and containers/image libraries with numerous bugfixes - Updated vendored Buildah to v1.8.3 - Podman now requires Conmon v0.2.0 - The podman cp command is now aliased as podman container cp - Rootless Podman will now default init_path using root Podman's configuration files (/etc/containers/libpod.conf and /usr/share/containers/libpod.conf) if not overridden in the rootless configuration - Update to image v1.5.1 - Vendor in latest containers/storage - docker/docker_client: Drop redundant Domain(ref.ref) call - pkg/blobinfocache: Split implementations into subpackages - copy: progress bar: show messages on completion - docs: rename manpages to *.5.command - add container-certs.d.md manpage - pkg/docker/config: Bring auth tests from docker/docker_client_test - Don't allocate a sync.Mutex separately - Update to storage v1.12.10 - Add function to parse out mount options from graphdriver - Merge the disparate parts of all of the Unix-like lockfiles - Fix unix-but-not-Linux compilation - Return XDG_RUNTIME_DIR as RootlessRuntimeDir if set - Cherry-pick moby/moby #39292 for CVE-2018-15664 fixes - lockfile: add RecursiveLock() API - Update generated files - Fix crash on tesing of aufs code - Let consumers know when Layers and Images came from read-only stores - chown: do not change owner for the mountpoint - locks: correctly mark updates to the layers list - CreateContainer: don't worry about mapping layers unless necessary - docs: fix manpage for containers-storage.conf - docs: sort configuration options alphabetically - docs: document OSTree file deduplication - Add missing options to man page for containers-storage - overlay: use the layer idmapping if present - vfs: prefer layer custom idmappings - layers: propagate down the idmapping settings - Recreate symlink when not found - docs: fix manpage for configuration file - docs: add special handling for manpages in sect 5 - overlay: fix single-lower test - Recreate symlink when not found - overlay: propagate errors from mountProgram - utils: root in a userns uses global conf file - Fix handling of additional stores - Correctly check permissions on rootless directory - Fix possible integer overflow on 32bit builds - Evaluate device path for lvm - lockfile test: make concurrent RW test determinisitc - lockfile test: make concurrent read tests deterministic - drivers.DirCopy: fix filemode detection - storage: move the logic to detect rootless into utils.go - Don't set (struct flock).l_pid - Improve documentation of getLockfile - Rename getLockFile to createLockerForPath, and document it - Add FILES section to containers-storage.5 man page - add digest locks - drivers/copy: add a non-cgo fallback - Add default SLES mounts for container-suseconnect usage ------------------------------------------------------------------- Tue Jun 4 14:27:15 UTC 2019 - Richard Brown - Add util-linux and grep as Requires(post) to ensure btrfs config gets made correctly ------------------------------------------------------------------- Mon Apr 1 14:24:17 UTC 2019 - Richard Brown - Update to libpod v1.2.0 * Rootless Podman can now be used with a single UID and GID, without requiring a full 65536 UIDs/GIDs to be allocated in /etc/subuid and /etc/subgid * Move pkg/util default storage functions from libpod to containers/storage - Update to image v1.5 * Minor behind the scene bugfixes, no user facing changes - Update to storage v1.12.1 * Move pkg/util default storage functions from libpod to containers/storage * containers/storage no longer depends on containers/image - Version 20190401 ------------------------------------------------------------------- Wed Feb 27 14:51:55 UTC 2019 - Richard Brown - Update to libpod v1.1.0 * Rootless Podman can now forward ports into containers (using the same -p and -P flags as root Podman) * Rootless Podman will now pull some configuration options (for example, OCI runtime path) from the default root libpod.conf if they are not explicitly set in the user's own libpod.conf ------------------------------------------------------------------- Tue Feb 19 15:34:54 UTC 2019 - Richard Brown - Upgrade to storage v1.10 * enable parallel blob reads * Teach images to hold multiple manifests * Move structs for storage.conf to pkg/config - Upgrade to libpod v1.0.1 * Do not unmarshal into c.config.Spec * spec: add nosuid,noexec,nodev to ro bind mount ------------------------------------------------------------------- Sat Feb 2 11:07:30 UTC 2019 - Richard Brown - Restore non-upstream storage.conf, needed by CRI-O ------------------------------------------------------------------- Fri Jan 25 14:30:45 UTC 2019 - Richard Brown - Upgrade to storage v1.8 * Check for the OS when setting btrfs/libdm/ostree tags - Upgrade to image v1.3 * vendor: use github.com/klauspost/pgzip instead of compress/gzip * vendor latest ostree - Refactor specfile to use versioned tarballs - Established package versioning scheme (ISODATE of change) - Remove non-upstream storage.conf - Set btrfs as default driver if /var/lib is on btrfs [boo#1123119] - Version 20190125 ------------------------------------------------------------------- Thu Jan 17 14:20:49 UTC 2019 - Richard Brown - Upgrade to storage v1.6 * Remove private mount from zfs driver * Update zfs driver to be closer to moby driver * Use mount options when mounting the chown layer. ------------------------------------------------------------------- Sun Jan 13 15:39:42 UTC 2019 - Richard Brown - Upgrade to libpod v1.0.0 * Fixed a bug where storage.conf was sometimes ignored for rootless containers ------------------------------------------------------------------- Tue Jan 8 11:35:41 UTC 2019 - Richard Brown - Upgrade to libpod v0.12.1.2 and storage v1.4 * No significant functional or packaging changes ------------------------------------------------------------------- Sun Jan 6 22:11:02 UTC 2019 - Richard Brown - storage.conf - restore btrfs as the default driver ------------------------------------------------------------------- Fri Dec 7 10:54:37 UTC 2018 - Richard Brown - Update to latest libpod and storage to support cri-o 1.13 ------------------------------------------------------------------- Wed Dec 5 14:45:37 UTC 2018 - Richard Brown - Use seccomp.json from github.com/containers/libpod, instead of installing the tar.xz on users systems (boo#1118444) ------------------------------------------------------------------- Mon Nov 12 09:21:37 UTC 2018 - Valentin Rothberg - Add oci-hooks(5) manpage from libpod. ------------------------------------------------------------------- Mon Nov 12 08:14:08 UTC 2018 - Valentin Rothberg - Use seccomp.json from github.com/containers/libpod to align with the upstream defaults. - Update to the latest image and storage to pull in improvements to the manpages. ------------------------------------------------------------------- Mon Aug 27 14:24:51 UTC 2018 - vrothberg@suse.com - storage.conf: comment out options that are not supported by btrfs. This simplifies switching the driver as it avoids the whack-a-mole of commenting out "unsupported" options. ------------------------------------------------------------------- Mon Aug 27 08:48:16 UTC 2018 - vrothberg@suse.com - Consolidate libcontainers-{common,image,storage} into one package, libcontainers-common. That's the way upstream intended all libraries from github.com/containers to be packaged. It facilitates updating and maintaining the package, as all configs and manpages come from a central source. Note that the `storage` binary that previously has been provided by the libcontainers-storage package is not provided anymore as, despite the claims in the manpages, it is not intended for production use. ------------------------------------------------------------------- Mon Aug 13 11:44:31 UTC 2018 - vrothberg@suse.com - Make libcontainers-common arch independent. - Add LICENSE. ------------------------------------------------------------------- Thu Apr 12 09:36:39 UTC 2018 - fcastelli@suse.com - Added /usr/share/containers/oci/hooks.d and /etc/containers/oci/hooks.d to the package. These are used by tools like cri-o and podman to store custom hooks. ------------------------------------------------------------------- Mon Mar 5 09:30:12 UTC 2018 - vrothberg@suse.com - Configuration files should generally be tagged as %config(noreplace) in order to keep the modified config files and to avoid losing data when the package is being updated. feature#crio ------------------------------------------------------------------- Thu Feb 8 13:07:24 UTC 2018 - vrothberg@suse.com - Add libcontainers-common package.