commit 01d90297f81a481c6883aa35c855b4ec3b28b7e969d7357fe4c1cd3d23884204 Author: Danish Prakash Date: Wed Nov 27 17:49:35 2024 +0000 switch to nftables OBS-URL: https://build.opensuse.org/package/show/devel:microos/netavark?expand=0&rev=30 diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/_service b/_service new file mode 100644 index 0000000..f9674bc --- /dev/null +++ b/_service @@ -0,0 +1,26 @@ + + + https://github.com/containers/netavark.git + @PARENT_TAG@ + git + v1.13.0 + * + v(\d+\.\d+\.\d+) + \1 + enable + + + + *.tar + gz + + + + netavark + gz + true + + + netavark + + diff --git a/_servicedata b/_servicedata new file mode 100644 index 0000000..42b637c --- /dev/null +++ b/_servicedata @@ -0,0 +1,4 @@ + + + https://github.com/containers/netavark.git + 00e74728cc65aac7cdc6ba0ac74fc12e947bb04c \ No newline at end of file diff --git a/netavark-1.11.0.tar.gz b/netavark-1.11.0.tar.gz new file mode 100644 index 0000000..5ed1122 --- /dev/null +++ b/netavark-1.11.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:7c6331985314dc0d61a9dba6c4555831388dbff4b8f0cb413d1bdeb06cb1585f +size 168986 diff --git a/netavark-1.12.1.tar.gz b/netavark-1.12.1.tar.gz new file mode 100644 index 0000000..79f8924 --- /dev/null +++ b/netavark-1.12.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:0717c3bb7bcbe5fe4e05d83cbc19829527d2098569c4e59dd3fc19384dab952e +size 169915 diff --git a/netavark-1.12.2.tar.gz b/netavark-1.12.2.tar.gz new file mode 100644 index 0000000..2309a80 --- /dev/null +++ b/netavark-1.12.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1ad1c59f1460fac874b365bf70012f3deebc0e783701bcde7d464e7002d14649 +size 169922 diff --git a/netavark-1.13.0.tar.gz b/netavark-1.13.0.tar.gz new file mode 100644 index 0000000..5112358 --- /dev/null +++ b/netavark-1.13.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:b5e6714a8a1f9edd3742b816805b275ca7c5c8c3aebeb335f6cd391306e81050 +size 169303 diff --git a/netavark-iptables.conf b/netavark-iptables.conf new file mode 100644 index 0000000..0b15e95 --- /dev/null +++ b/netavark-iptables.conf @@ -0,0 +1,4 @@ +# A rootless user has no permsissions to load kernel modules. +# If iptables is using nftables as a backend this might not be needed. +ip_tables +ip6_tables diff --git a/netavark-nftables.conf b/netavark-nftables.conf new file mode 100644 index 0000000..2874c28 --- /dev/null +++ b/netavark-nftables.conf @@ -0,0 +1,2 @@ +# A rootless user has no permsissions to load kernel modules. +nf_tables diff --git a/netavark.changes b/netavark.changes new file mode 100644 index 0000000..11e8a06 --- /dev/null +++ b/netavark.changes @@ -0,0 +1,540 @@ +------------------------------------------------------------------- +Fri Nov 1 09:58:34 UTC 2024 - Alexandre Vicenzi + +- Set default firewall driver based on the project configuration (bsc#1231424) + * Require correct dependencies + * Add netavark-iptables.conf and netavark-nftables.conf + +------------------------------------------------------------------- +Wed Oct 30 02:02:34 UTC 2024 - danish.prakash@suse.com + +- Update to version 1.13.0: + * Release v1.13.0 + * Updates release notes for v1.13.0 + * run cargo update + * fix(deps): update rust crate hyper-util to 0.1.10 + * [skip-ci] Packit: Remove epel targets + * fix(deps): update rust crate nftables to 0.5.0 + * fix(deps): update rust crate anyhow to 1.0.91 + * fix(deps): update rust crate tokio to 1.41.0 + * fix(deps): update rust crate anyhow to 1.0.90 + * Updated to zbus4 + * chore(deps): update dependency containers/automation_images to v20241010 + * test-dhcp: fix NOP test + * fix new lint errors with rust 1.81 + * fix(deps): update rust crate clap to ~4.5.20 + * contrib/container_images: remove no longer used images + * cirrus: check for msrv build + * add new rust image to check for MSRV + * define a MSRV policy + * [skip-ci] Packit: constrain koji and bodhi to the fedora package + * chore(deps): update rust crate once_cell to 1.20.2 + * fix(deps): update rust-futures monorepo to 0.3.31 + * OWNERS file audit and update + * update tonic and prost dependencies + * update tower to v0.5.1 + * fix(deps): update rust crate sysctl to 0.6.0 + * fix(deps): update rust crate netlink-packet-route to 0.21.0 + * chore(deps): update rust crate tempfile to 3.13.0 + * chore(deps): update rust crate once_cell to 1.20.1 + * fix(deps): update rust crate nispor to 1.2.21 + * fix(deps): update rust crate anyhow to 1.0.89 + * nftables: add dns dnat rule first + * iptables: add dns dnat rule first + * fix(deps): update rust crate anyhow to 1.0.88 + * nft: remove port forwarding rules correctly + * fix(deps): update rust crate tokio-stream to 0.1.16 + * nft: do not parse localhost string ip + * nft: use append() over push() where possible + * Packit: add sidetag to release with aardvark-dns + * fix(deps): update rust crate tokio to 1.40.0 + * fix(deps): update rust crate libc to 0.2.157 + * fix(deps): update rust crate tokio to 1.39.3 + * fix(deps): update rust crate libc to 0.2.156 + * aardvark: on start failure delete entries again + * iptables: make dns rules cover tcp as well + * nftables: make dns rules cover tcp as well + * fix(deps): update rust crate serde_json to 1.0.123 + * remove superfluous formatters from debug stmt + * chore(deps): update rust crate tempfile to 3.12.0 + * fix new rust 1.80 lint issues + * silence new rust 1.80 warnings + * chore(deps): update rust crate tempfile to 3.11.0 + * fix(deps): update rust crate serde_json to 1.0.122 + * Bumping main back to v1.13.0-dev for development + +------------------------------------------------------------------- +Tue Sep 10 15:51:16 UTC 2024 - danish.prakash@suse.com + +- Update to version 1.12.2: + * Release v1.12.2 + * Release notes for 1.12.2 + * fix new rust 1.80 lint issues + * silence new rust 1.80 warnings + * aardvark: on start failure delete entries again + * iptables: make dns rules cover tcp as well + * nftables: make dns rules cover tcp as well + +------------------------------------------------------------------- +Wed Aug 07 06:36:53 UTC 2024 - danish.prakash@suse.com + +- Update to version 1.12.1: + * Release v1.12.1 + * Update release notes for v1.12.1 + * Change nv cargo categories + * Bump to 1.13.0-dev + * Release 1.12 + * Release Notes for 1.12 + * run cargo update + * rpm: use nftables as default for f41 + * fix(deps): update rust crate serde_json to 1.0.121 + * fix(deps): update rust crate tokio to 1.39.2 + * aardvark-dns: trim whitespaces from error text + * fix(deps): update rust crate env_logger to 0.11.5 + * [skip-ci] RPM: handle iptables/nftables dependencies + * fix aardvark-dns error handling + * fix(deps): update rust crate tokio to 1.39.1 + * fix(deps): update rust crate env_logger to 0.11.4 + * fix(deps): update rust crate tokio to 1.38.1 + * update mozim to 0.2.4 + * fix(deps): update rust crate serde_json to 1.0.120 + * netavark: dhcp_proxy: use dns servers from dhcp lease + * fix(deps): update rust crate serde_json to 1.0.119 + * fix(deps): update rust crate netlink-packet-route to 0.20.1 + * fix(deps): update rust crate log to 0.4.22 + * Fix Epoch so upgrade path is preserved from Fedora/RHEL. + * test: add macvlan metric test + * fix(deps): update rust crate serde_json to 1.0.118 + * fix(deps): update rust crate url to 2.5.2 + * fix(deps): update rust crate prost to 0.12.6 + * fix(deps): update rust crate url to 2.5.1 + * fix(deps): update rust crate iptables to 0.5.2 + * [CI:BUILD] rpm: Update Rust macro usage + * fix(deps): update rust crate nftables to 0.4.1 + * fix(deps): update rust crate tokio to 1.38.0 + * Bump to 1.12.0-dev + +------------------------------------------------------------------- +Mon Jun 03 06:42:43 UTC 2024 - danish.prakash@suse.com + +- Remove redundant source: cargo_config +- Update to version 1.11.0: + * Release v1.11.0 + * Update release notes for 1.11.0 + * update netlink-packet-route to 0.20.0 + * run cargo update + * fix: remove extra / in make install and uninstall + * chore(deps): update dependency containers/automation_images to v20240529 + * fix(deps): update rust crate nix to 0.29.0 + * fix(deps): update rust crate nispor to 1.2.19 + * fix(deps): update rust crate anyhow to 1.0.86 + * fix(deps): update rust crate anyhow to 1.0.85 + * [skip-ci] Packit: do not create dup jobs on podman-next + * fix(deps): update rust crate anyhow to 1.0.84 + * [skip-ci] RPM: use default __cargo macro across all envs + * [skip-ci] RPM: switch default firewall to nftables on EL10+ + * chore(deps): update dependency containers/automation_images to v20240513 + * Add conditional compilation of default firewall driver + * fix(deps): update rust crate serde_json to 1.0.117 + * fix new clippy warnings + * Update CI image to fedora 40 + * fix ncat sctp tests + * fix(deps): update rust crate anyhow to 1.0.83 + * build(deps): bump h2 from 0.3.25 to 0.3.26 + * [skip-ci] Packit: distinct `-rhel` packages value + * [skip-ci] Packit: enable c10s downstream sync + * fix(deps): update rust crate libc to 0.2.154 + * fix(deps): update rust crate ipnet to 2.9.0 + * fix(deps): update rust crate tower to 0.4.13 + * fix(deps): update rust crate tokio-stream to 0.1.15 + * fix(deps): update rust crate prost to 0.12.4 + * fix(deps): update rust crate iptables to 0.5.1 + * [skip-ci] Packit: remove el8 jobs + * fix(deps): update rust crate anyhow to 1.0.82 + * fix(deps): update rust crate serde to 1.0.199 + * Add suffix to Aardvark internal network filenames + * fix port forward with strict RPF and multi networks + * renovate: stop rebasing PRs automatically + * chore(deps): update rust crate chrono to 0.4.38 + * fix(deps): update rust crate serde_json to 1.0.116 + * fix(deps): update rust crate netlink-sys to 0.8.6 + * nftables: only dump netavark table rules + * update nftables to 0.4 + * fix aardvark-dns netns check + * fix(deps): update rust crate tokio to 1.37 + * fix(deps): update rust crate netlink-packet-route to 0.19.0 + * Update to nix-0.28.0 + * fix(deps): update rust crate mozim to 0.2.3 + * fix(deps): update rust crate nispor to 1.2.18 + * Update chrono + * fix(deps): update rust crate serde_json to 1.0.115 + * build(deps): bump mio from 0.8.9 to 0.8.11 + * [skip-ci] rpm: aardvark-dns is a hard dep across the board + * Update Rust crate env_logger to 0.11.3 + * Update Rust crate serde to 1.0.197 + * Update Rust crate tempfile to 3.10.1 + * Update Rust crate log to 0.4.21 + * Update Rust crate zbus to 3.15.2 + * Update Rust crate serde_json to 1.0.114 + * Update Rust crate env_logger to 0.11.2 + * Update Rust crate chrono to 0.4.34 + * Update Rust crate tonic-build to 0.11 + * Update Rust crate tonic to 0.11 + * fix netavark update to not start a new aardvark-dns + * Update Rust crate tempfile to 3.10.0 + * Update Rust crate zbus to 3.15.0 + * Update Rust crate tokio to 1.36 + * Update Rust crate chrono to 0.4.33 + * Do not perform network namespace detection on AV update + * [CI:BUILD] Packit/rpm: fix aardvark-dns handling + * Update Rust crate serde_json to 1.0.113 + * Update Rust crate serde_json to 1.0.112 + * Update Rust crate env_logger to 0.11.1 + * update README with nftables support + * Bump to v1.11.0-dev + * perf-netavark: accept fw driver as argument + * perf-netavark: fix missing --config arg + +------------------------------------------------------------------- +Tue Feb 13 08:43:45 UTC 2024 - danish.prakash@suse.com + +- Update to version 1.10.3: + * v1.10.3 + * fix netavark update to not start a new aardvark-dns + +------------------------------------------------------------------- +Tue Feb 6 07:50:29 UTC 2024 - Danish Prakash + +- Rely only on . for aardvark-dns requires, even though + it is released in sync with netavark, relying on patch version is brittle. + +------------------------------------------------------------------- +Thu Feb 01 14:04:11 UTC 2024 - danish.prakash@suse.com + +- Update to version 1.10.2: + * Release v1.10.2 + * Release notes for v1.10.2 + * [CI:BUILD] Packit/rpm: fix aardvark-dns handling + * Do not perform network namespace detection on AV update + * Release v1.10.1 + * Updated release notes for v1.10.1 + * update to nftables release 0.3 from crates.io + * DISTRO_PACKAGE: fix incorrect vendored tar archive URL + * Bump to 1.11.0-dev + * Release 1.10.0 + * Release notes for 1.10.0 + * RPM: update .cargo/config before building + * Add support for isolation to the nftables driver + * build(deps): bump h2 from 0.3.22 to 0.3.24 + * chore(deps): update rust crate chrono to 0.4.32 + * fix(deps): update rust crate env_logger to 0.11.0 + * chore(deps): update dependency containers/automation_images to v20240102 + * Bump nftables-rs to latest commit + * Netavark: nftables support + * fix(deps): update rust crate serde_json to 1.0.111 + * feat: added the --firewall-driver option + * Document how to generate a code coverage report for netavark + * fix(deps): update rust crate clap to ~4.4.12 + * fix(deps): update rust crate serde_json to 1.0.110 + * fix(deps): update rust-futures monorepo to 0.3.30 + * fix(deps): update rust crate nispor to 1.2.16 + * chore(deps): update rust crate tempfile to 3.9.0 + * Use tonic::transport::Uri instead of HTTP + * chore(deps): update dependency containers/automation_images to v20231208 + * fix(deps): update rust crate tokio to 1.35 + * dhcp-proxy: return actual error instead of generic one + * dhcp-proxy: skip set gateway if missing + * bump netlink-packet-route to 0.18.1 + * chore(deps): update rust crate once_cell to 1.19.0 + * fix(deps): update rust crate nispor to 1.2.15 + * fix(deps): update rust crate serde to 1.0.193 + * fix(deps): update rust crate clap to ~4.4.10 + * aardvark: show error if process is in wrong netns + * aardvark: remove unessesary unlock lockfile calls + * fix(deps): update rust crate url to 2.5.0 + * Bump working version to v1.10.0-dev + +------------------------------------------------------------------- +Thu Nov 30 07:05:28 UTC 2023 - danish.prakash@suse.com + +- Update to version 1.9.0: + * v1.9.0 Release + * v1.9.0 Release notes + * test: fix syntax problem in helpers.bash + * run cargo update + * use OsString/Path over String for file paths + * chore(deps): update dependency containers/automation_images to v20231116 + * firewalld-reload: fix CI tests + * firewalld-reload: prevent race which could leak fw rules + * fix(deps): update rust crate clap to ~4.4.8 + * CI: skip broken firewalld test + * fix(deps): update rust crate http to 0.2.11 + * rpm: add netavark-firewalld-reload.service to spec + * firewalld-reload: add integration tests + * firewall/state: make sure to ignore enoent on read + * firewall-reload: integrate actual logic to reload rules + * firewall/state: improve error messages + * firewall: add state functions to serialize configs + * firewalld: fix lint errors with rust v1.73 + * firewall: do not use full Network in NetworkStruct + * firewall: add dns_port to SetupNetwork + * add firewalld-reload subcommand + * fix(deps): update rust crate http to 0.2.10 + * fix(deps): update rust crate env_logger to 0.10.1 + * fix(deps): update rust crate tokio to 1.34 + * Update rust container build files + * bridge: force static mac on bridge interface + * fix(deps): update rust crate futures-core to 0.3.29 + * fix(deps): update rust crate serde to 1.0.190 + * fix(deps): update rust crate serde_json to 1.0.108 + * fix(deps): update rust crate sysctl to 0.5.5 + * fix(deps): update rust-futures monorepo to 0.3.29 + * CI: Drop CI VM distro name + * chore(deps): update dependency containers/automation_images to v20231004 + * fix(deps): update rust crate tokio to 1.33 + * build-sys: Filter to tier 2 Linux declaratively + * fix(deps): update rust crate sha2 to 0.10.8 + * fix podman.io community link + * Bump to v1.9.0-dev + +------------------------------------------------------------------- +Thu Sep 28 05:05:43 UTC 2023 - danish.prakash@suse.com + +- Update to version 1.8.0: + * Release v1.8.0 + * update release notes for v1.8.0 + * run cargo update + * Add vrf support for bridges + * Packit: switch to @containers/packit-build team for copr failure notification comments + * fix(deps): update rust crate nispor to 1.2.14 + * [CI:BUILD] Packit: tag @lsm5 on copr build failures + * chore(deps): update rust crate chrono to 0.4.31 + * fix(deps): update rust crate serde_json to 1.0.107 + * rust io safety: convert RawFd to BorrowedFd<> + * bump nix to 0.27.1 + * chore(deps): update rust crate chrono to 0.4.30 + * fix(deps): update rust crate serde_json to 1.0.106 + * chore(deps): update rust crate chrono to 0.4.29 + * fix(deps): update rust crate netlink-packet-route to 0.17.1 + * Bump tonic and prost + * Update container image to F38 + * Add ACCEPT rules in firewall for bridge network with internal dns. + * chore(deps): update rust crate tonic-build to 0.10 + * fix(deps): update rust crate nispor to 1.2.13 + * fix(deps): update rust crate serde to 1.0.188 + * Fix clippy warnings about formatting + * update chrono crate + * fix(deps): update rust crate url to 2.4.1 + * Add protoc dependency to README + * [CI:BUILD] rpm: spdx compatible license field + * fix(deps): update rust crate tokio to 1.32 + * chore(deps): update dependency containers/automation_images to v20230816 + * fix(deps): update rust crate serde_json to 1.0.105 + * fix(deps): update rust crate tokio to 1.31 + * fix(deps): update rust crate log to 0.4.20 + * run cargo update + * update tonic-build to 0.9.2 + * bump rust edition to 2021 + * iptables: drop invalid packages + * fix(deps): update rust crate tokio to 1.30 + * docs: Convert markdown with go-md2man instead of mandown + * fix(deps): update rust crate clap to 4.3.21 + * packit: Build PRs into default packit COPRs + * chore(deps): update dependency containers/automation_images to v20230807 + * fix(deps): update rust crate serde to 1.0.183 + * fix(deps): update rust crate serde to 1.0.181 + * fix(deps): update rust crate serde to 1.0.180 + * fix(deps): update rust crate serde_json to 1.0.104 + * fix(deps): update rust crate serde to 1.0.179 + * fix(deps): update rust crate serde to 1.0.176 + * fix(deps): update rust crate clap to 4.3.19 + * fix(deps): update rust crate serde to 1.0.175 + * fix(deps): update rust crate clap to 4.3.17 + * fix(deps): update rust crate clap to 4.3.15 + * fix(deps): update rust crate clap to 4.3.12 + * fix(deps): update rust crate serde_json to 1.0.103 + * [CI:BUILD] Packit: remove pre-sync action + * fix(deps): update rust crate serde_json to 1.0.102 + * fix(deps): update rust crate nispor to 1.2.12 + * macvlan: use netlink type for bclim + * bump netlink deps + * fix(deps): update rust crate serde to 1.0.171 + * fix(deps): update rust crate serde to 1.0.167 + * fix(deps): update rust crate clap to 4.3.11 + * fix(deps): update rust crate serde to 1.0.166 + * fix(deps): update rust crate serde_json to 1.0.100 + * iptables: improve error when ip6?tables commands are missing + * fix(deps): update rust crate clap to 4.3.10 + * fix(deps): update rust crate zbus to 3.14.1 + * [CI:BUILD] RPM: Fix ELN build and cleanup spec + * bump to v1.8.0-dev + +------------------------------------------------------------------- +Tue Jul 11 13:30:20 UTC 2023 - Danish Prakash + +- Disable restricting builds only for tier1 platforms + i.e. only for x86_64 and aarch64 and enable for all. + +------------------------------------------------------------------- +Mon Jul 03 11:22:33 UTC 2023 - danish.prakash@suse.com + +- Update to version 1.7.0: + * release v1.7.0 + * Update release notes for v1.7.0 + * fix(deps): update rust crate tokio to 1.29 + * netavark: make --config required for dns + * fix(deps): update rust crate serde_json to 1.0.99 + * fix(deps): update rust crate clap to 4.3.8 + * [CI:BUILD] Packit: add Fedora downstream tasks + * run cargo update + * fix(deps): update rust crate serde_json to 1.0.97 + * fix(deps): update rust crate sha2 to 0.10.7 + * fix(deps): update rust crate clap to 4.3.4 + * chore(deps): update dependency containers/automation_images to v20230614 + * fix(deps): update rust crate clap to 4.3.3 + * fix(deps): update rust crate log to 0.4.19 + * aardvark: fix missleading dns disabled log + * firewall: add NETAVARK_ISOLATION_3 chain for strict isolation + * docs: fix link to getting started + * fix(deps): update rust crate serde to 1.0.164 + * netlink: fix incorrect info log for del_route + * dhcp-proxy: apply new ip address/gateway + * test-dhcp: fix broekn has_ip() check + * dhcp-proxy: actually implement renewing leases + * dhcp-proxy: simplify code + * dhcp-proxy: drop macaddr dependency + * dhcp-proxy: remove some unused traits + * fix(deps): update rust crate zbus to 3.13.1 + * fix(deps): update rust crate clap to 4.3.2 + * chore(deps): update rust crate once_cell to 1.18.0 + * fix(deps): update rust crate url to 2.4.0 + * fix(deps): update rust crate clap to 4.3.1 + * chore(deps): update dependency containers/automation_images to v20230601 + * chore(deps): update rust crate chrono to 0.4.26 + * chore(deps): update rust crate chrono to 0.4.25 + * fix(deps): update rust crate log to 0.4.18 + * chore(deps): update rust crate once_cell to 1.17.2 + * macvlan: add bclim option + * parse_option(): return option instead of default + * add no_default_gateway option + * fix(deps): update rust crate clap to 4.3.0 + * chore(deps): update dependency containers/automation_images to v20230517 + * fix(deps): update rust crate serde to 1.0.163 + * Add ability to add static route + * fix(deps): update rust crate serde to 1.0.162 + * Cirrus: Update fedora name to match image + * fix(deps): update rust crate clap to 4.2.7 + * chore(deps): update dependency containers/automation_images to v20230426 + * correct typo in Makefile + * simplify path printing + * fix(deps): update rust crate tokio to 1.28 + * aardvark-dns pid: return better errors + * fix comment in Subnet definition + * aardvark: no error when aardvark config is not there + * fix(deps): update rust crate zbus to 3.12.0 + * fix(deps): update rust crate clap to 4.2.4 + * fix(deps): update rust crate clap to 4.2.2 + * fix(deps): update rust crate serde_json to 1.0.96 + * update clap to v4 + * fix(deps): update rust crate serde to 1.0.160 + * bump to v1.7.0-dev + +------------------------------------------------------------------- +Fri Jun 23 13:50:40 UTC 2023 - Danish Prakash + +- Add aardvark-dns as Requires for netavark + +------------------------------------------------------------------- +Wed Apr 12 06:12:35 UTC 2023 - danish.prakash@suse.com + +- Update to version 1.6.0: + * v1.6.0 release + * Update release notes for v1.6.0 + * dhcp-proxy: fix typo for --activity-timeout + * chore(deps): update dependency containers/automation_images to v20230405 + * dhcp-proxy: use better error when connection fails + * add documentation for netavark plugins + * add stderr example plugin to test stderr passthrough + * add netavark plugin driver + * add example error plugin + * add host-device example plugin + * plugin: add simple plugin interface + * netlink: add dump_addresses + * netlink: add set_link_ns + * dhcp-proxy: correctly exit > 0 on errors + * fix(deps): update rust crate tonic to 0.9 + * fix(deps): update rust crate mozim to 0.2.2 + * fix(deps): update rust crate serde to 1.0.159 + * fix(deps): update rust crate netlink-sys to 0.8.5 + * dhcp-proxy: create socket directory only when used + * dhcp-proxy: do not remove socket when running under systemd + * Makefile: netavark-dhcp-proxy.service use correct path + * fix(deps): update rust crate http to 0.2.9 + * chore(deps): update rust crate once_cell to 1.17.1 + * fix(deps): update rust-futures monorepo to 0.3.28 + * fix(deps): update rust crate serde_json to 1.0.95 + * chore(deps): update dependency containers/automation_images to v20230330 + * Disable Dependabot in favor of Renovate + * chore(deps): update rust crate chrono to 0.4.24 + * build(deps): bump ipnet from 2.7.1 to 2.7.2 + * build(deps): bump serde from 1.0.158 to 1.0.159 + * build(deps): bump serde_json from 1.0.94 to 1.0.95 + * update,main: dont write empty space when no network_dns_servers is given + * fix(deps): update rust crate tokio to 1.27 + * Quit Leasing when Client disconnects + * build(deps): bump mozim from 0.2.1 to 0.2.2 + * iptables: fix incorrect debug statement + * build(deps): bump serde from 1.0.156 to 1.0.158 + * iptables: port fw handle wildcard address correctly + * chore(deps): update dependency containers/automation_images to v20230320 + * build(deps): bump zbus from 3.11.0 to 3.11.1 + * build(deps): bump anyhow from 1.0.69 to 1.0.70 + * [CI:BUILD] Packit: trigger builds on commit to main branch + * Cirrus: Invalidate v2 bin cache + * Include Systemd Files in RPM Package + * Cirrus: Fix success failing on artifact extraction + * fix lint issue with new rust version 1.68 + * Cirrus: Update to newer CI VM images + * build(deps): bump serde from 1.0.152 to 1.0.156 + * combine dhcp-proxy and netavark into one binary + * update: should allow empty network_dns_servers + * build(deps): bump libc from 0.2.139 to 0.2.140 + * fix aarch64 ncat flake + * update to mozim 0.2.1 + * build(deps): bump zbus from 3.10.0 to 3.11.0 + * packit: Update build release tag correctly + * test: move proto option into run_nc_test() + * test: add netns pid param to port checks + * test: import podman code to check for ports + * cirrus.yaml: add new binaries in art_prep_script + * fix netavark-dhcp-proxy binary in system unit + * import netavark-proxy-dhcp tests + * add build_proxy_client target + * add netavark-dhcp-proxy to rpm + * Fix dhcp-proxy build + * Merge nv-dhcp-proxy into nv + * fix default route metric test name + * build(deps): bump tokio from 1.25.0 to 1.26.0 + * Support none parameter on NETAVARK_FW + * build(deps): bump anyhow from 1.0.68 to 1.0.69 + * Fix typos + * update netlink-packet-{route,core} to 0.15 and 0.5 + * build(deps): bump serde_json from 1.0.92 to 1.0.93 + * build(deps): bump zbus from 3.8.0 to 3.10.0 + * [CI:BUILD] Packit: initial enablement + * Allow custom cargo binary path + * build(deps): bump serde_json from 1.0.91 to 1.0.92 + * Cirrus: Reduce requested CPUs for compile-tasks + * bump to version 1.0.6-dev + * build(deps): bump netlink-sys from 0.8.3 to 0.8.4 + * Add renovate.json5 + +------------------------------------------------------------------- +Thu Mar 16 14:07:12 UTC 2023 - Dan Čermák + +- Bump required rust version & fix libexecdir + +------------------------------------------------------------------- +Fri Feb 10 09:14:07 UTC 2023 - Dan Čermák + +- First version of netavark diff --git a/netavark.spec b/netavark.spec new file mode 100644 index 0000000..e624ac4 --- /dev/null +++ b/netavark.spec @@ -0,0 +1,97 @@ +# +# spec file for package netavark +# +# Copyright (c) 2024 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%define major_minor %((v=%{version}; echo ${v%.*})) + +Name: netavark +Version: 1.13.0 +Release: 0 +Summary: Container network stack +License: Apache-2.0 +URL: https://github.com/containers/%{name} +Source0: %{name}-%{version}.tar.gz +Source1: vendor.tar.gz +Source2: netavark-%{?default_firewall_backend}.conf +BuildRequires: cargo-packaging +BuildRequires: go-md2man +BuildRequires: protobuf-devel +BuildRequires: rust+cargo >= 1.66 +BuildRequires: systemd-rpm-macros +# aardvark-dns and %%{name} are usually released in sync +Requires: aardvark-dns >= %{major_minor} +# Provides: container-network-stack = 2 +Requires: %{?default_firewall_backend} + +%description +Netavark is a rust based network stack for containers. It is being +designed to work with Podman but is also applicable for other OCI +container management applications. +Netavark is a tool for configuring networking for Linux containers. +Its features include: +* Configuration of container networks via JSON configuration file +* Creation and management of required network interfaces, + including MACVLAN networks +* All required firewall configuration to perform NAT and port + forwarding as required for containers +* Support for iptables and firewalld at present, with support + for nftables planned in a future release +* Support for rootless containers +* Support for IPv4 and IPv6 +* Support for container DNS resolution via aardvark-dns. + +%prep +%autosetup -a1 + +%build +NETAVARK_DEFAULT_FW=%{?default_firewall_backend} cargo build --release +mkdir -p bin +cp target/release/%{name} bin/ + +cd docs +go-md2man -in %{name}.1.md -out %{name}.1 + +%install +%make_install DESTDIR=%{buildroot} PREFIX=%{_prefix} LIBEXECDIR=%{_libexecdir} + +mkdir -p %{buildroot}%{_prefix}/lib/modules-load.d +install -m 0644 -t %{buildroot}%{_prefix}/lib/modules-load.d/ %{SOURCE2} + +%files +%license LICENSE +%dir %{_libexecdir}/podman +%{_libexecdir}/podman/%{name} +%{_mandir}/man1/%{name}.1%{?ext_man} +%{_unitdir}/%{name}-dhcp-proxy.service +%{_unitdir}/%{name}-dhcp-proxy.socket +%{_unitdir}/%{name}-firewalld-reload.service +%dir %{_prefix}/lib/modules-load.d +%{_prefix}/lib/modules-load.d/netavark-%{?default_firewall_backend}.conf + +%pre +%service_add_pre %{name}-dhcp-proxy.service %{name}-dhcp-proxy.socket %{name}-firewalld-reload.service + +%post +%service_add_post %{name}-dhcp-proxy.service %{name}-dhcp-proxy.socket %{name}-firewalld-reload.service + +%preun +%service_del_preun %{name}-dhcp-proxy.service %{name}-dhcp-proxy.socket %{name}-firewalld-reload.service + +%postun +%service_del_postun %{name}-dhcp-proxy.service %{name}-dhcp-proxy.socket %{name}-firewalld-reload.service + +%changelog diff --git a/vendor.tar.gz b/vendor.tar.gz new file mode 100644 index 0000000..1945bd3 --- /dev/null +++ b/vendor.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:60d1643d8309a1064d81b88bcd6ed1d4664d96cc1df47d70f1c58c69f4c013b2 +size 36341440