From 6d8fabef060f28803bd880f56abfdbdd2bcb192b6002c2ce8fbad7931d0eac0f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dan=20=C4=8Cerm=C3=A1k?= <dcermak@suse.com>
Date: Tue, 17 Sep 2024 06:24:12 +0000
Subject: [PATCH] new upstream release 2.3.1

OBS-URL: https://build.opensuse.org/package/show/devel:microos/rootlesskit?expand=0&rev=18
---
 .gitattributes           |  23 +++++
 .gitignore               |   1 +
 _service                 |  18 ++++
 _servicedata             |   4 +
 rootlesskit-2.1.0.tar.gz |   3 +
 rootlesskit-2.2.0.tar.gz |   3 +
 rootlesskit-2.3.1.tar.gz |   3 +
 rootlesskit.changes      | 193 +++++++++++++++++++++++++++++++++++++++
 rootlesskit.spec         |  57 ++++++++++++
 vendor.tar.gz            |   3 +
 10 files changed, 308 insertions(+)
 create mode 100644 .gitattributes
 create mode 100644 .gitignore
 create mode 100644 _service
 create mode 100644 _servicedata
 create mode 100644 rootlesskit-2.1.0.tar.gz
 create mode 100644 rootlesskit-2.2.0.tar.gz
 create mode 100644 rootlesskit-2.3.1.tar.gz
 create mode 100644 rootlesskit.changes
 create mode 100644 rootlesskit.spec
 create mode 100644 vendor.tar.gz

diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..9b03811
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..57affb6
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+.osc
diff --git a/_service b/_service
new file mode 100644
index 0000000..aacad2c
--- /dev/null
+++ b/_service
@@ -0,0 +1,18 @@
+<services>
+  <service name="download_files" mode="manual" />
+  <service name="tar_scm" mode="manual">
+    <param name="url">https://github.com/rootless-containers/rootlesskit.git</param>
+    <param name="scm">git</param>
+    <param name="exclude">.git</param>
+    <param name="revision">v2.3.1</param>
+    <param name="versionformat">@PARENT_TAG@</param>
+    <param name="changesgenerate">enable</param>
+    <param name="versionrewrite-pattern">v(.*)</param>
+  </service>
+  <service name="set_version" mode="manual" />
+  <service name="recompress" mode="manual">
+    <param name="file">*.tar</param>
+    <param name="compression">gz</param>
+  </service>
+  <service name="go_modules" mode="manual" />
+</services>
diff --git a/_servicedata b/_servicedata
new file mode 100644
index 0000000..52a9885
--- /dev/null
+++ b/_servicedata
@@ -0,0 +1,4 @@
+<servicedata>
+<service name="tar_scm">
+                <param name="url">https://github.com/rootless-containers/rootlesskit.git</param>
+              <param name="changesrevision">fcc67feacd7deea8bca12a1a849e638704b8e7d2</param></service></servicedata>
\ No newline at end of file
diff --git a/rootlesskit-2.1.0.tar.gz b/rootlesskit-2.1.0.tar.gz
new file mode 100644
index 0000000..6c8ee14
--- /dev/null
+++ b/rootlesskit-2.1.0.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:1764ce16a156d16480b4afaec54c348146cd52cc28a46319590aad84fc2cebae
+size 78411
diff --git a/rootlesskit-2.2.0.tar.gz b/rootlesskit-2.2.0.tar.gz
new file mode 100644
index 0000000..7198f36
--- /dev/null
+++ b/rootlesskit-2.2.0.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:bea761c12377773f7619261c961cd1775a738af81e4159b7683ca6c6b48b7972
+size 80257
diff --git a/rootlesskit-2.3.1.tar.gz b/rootlesskit-2.3.1.tar.gz
new file mode 100644
index 0000000..8d27f05
--- /dev/null
+++ b/rootlesskit-2.3.1.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:1f5663bc50915a6e8796c4bedf6c27d6092e46c407442d981f2eb760f36491d5
+size 81081
diff --git a/rootlesskit.changes b/rootlesskit.changes
new file mode 100644
index 0000000..3f415ae
--- /dev/null
+++ b/rootlesskit.changes
@@ -0,0 +1,193 @@
+-------------------------------------------------------------------
+Thu Sep 05 10:58:24 UTC 2024 - dcermak@suse.com
+
+- Update to version 2.3.1:
+  * v2.3.1
+  * CI: attest-build-provenance: fix a subject-path issue (461)
+  * v2.3.0+dev
+  * v2.3.0
+  * Enable actions/attest-build-provenance
+  * CI: update Docker (27.1.2)
+  * CI: update pasta (2024_08_14.61c0b0d)
+  * go.mod: golang.org/x/net v0.28.0
+  * go.mod: github.com/insomniacslk/dhcp v0.0.0-20240812123929-b105c29bd1b5
+  * Deprecate rootlesskit-docker-proxy (no longer needed since Docker v28)
+  * child, pasta: Allow drivers to configure their own interface, let pasta do that
+  * pasta: Let it run in background, and wait until it forks
+  * CI: update Go to 1.23
+  * Build(deps): Bump github.com/urfave/cli/v2 from 2.27.3 to 2.27.4
+  * Build(deps): Bump golang.org/x/sys from 0.22.0 to 0.24.0
+  * Build(deps): Bump github.com/urfave/cli/v2 from 2.27.2 to 2.27.3
+  * Build(deps): Bump github.com/gofrs/flock from 0.12.0 to 0.12.1
+  * Build(deps): Bump github.com/moby/sys/mountinfo from 0.7.1 to 0.7.2
+  * v2.2.0+dev
+
+-------------------------------------------------------------------
+Wed Jul 17 05:36:39 UTC 2024 - danish.prakash@suse.com
+
+- Update to version 2.2.0:
+  * v2.2.0
+  * go.mod: update
+  * CI: update dependencies
+  * Build(deps): Bump github.com/gofrs/flock from 0.8.1 to 0.12.0
+  * Add reexec branch for socket activation to correct LISTEN_PID
+  * Build(deps): Bump golang.org/x/sys from 0.21.0 to 0.22.0
+  * Build(deps): Bump github.com/containernetworking/plugins
+  * Build(deps): Bump golang.org/x/sys from 0.20.0 to 0.21.0
+  * Build(deps): Bump github.com/containernetworking/plugins
+  * pkg/network/slirp4netns: advertise IPv6 nameserver when it's enabled
+  * pkg/network: allow network drivers to advertise multiple nameservers
+  * CI: update slirp4netns to v1.3.1
+  * Build(deps): Bump golang.org/x/sys from 0.19.0 to 0.20.0
+  * Build(deps): Bump github.com/urfave/cli/v2 from 2.27.1 to 2.27.2
+  * v2.1.0+dev
+
+-------------------------------------------------------------------
+Mon Jun 10 07:41:21 UTC 2024 - danish.prakash@suse.com
+
+- Update to version 2.1.0:
+  * v2.1.0
+  * Build(deps): Bump golang.org/x/net from 0.20.0 to 0.23.0
+  * feat: add new none network
+  * Build(deps): Bump golang.org/x/sys from 0.18.0 to 0.19.0
+  * testing: add test for systemd socket activation
+  * child: createCmd: propogate systemd files to actual process within namespace
+  * parent: setupFilesAndEnv: retrieve socket count from systemd environment variable
+  * parent: setupFilesAndEnv: systemd socket activation concept
+  * parent: setupFilesAndEnv: introduce dynamic array for cmd.ExtraFiles
+  * parent: setupFilesAndEnv: avoid hardcoded file descriptor numbers
+  * parent: refactor cmd files and environment to helper function
+  * Build(deps): Bump github.com/containernetworking/plugins
+  * v2.0.2+dev
+
+-------------------------------------------------------------------
+Mon Mar 11 10:48:03 UTC 2024 - danish.prakash@suse.com
+
+- Update to version 2.0.2:
+  * v2.0.2
+  * Build(deps): Bump golang.org/x/sys from 0.17.0 to 0.18.0
+  * update Go to 1.22
+  * Print hints if `kernel.apparmor_restrict_unprivileged_userns` is set
+  * Build(deps): Bump golang.org/x/sys from 0.16.0 to 0.17.0
+  * v2.0.1+dev
+  * v2.0.1
+  * CI: update Docker to v25.0.2
+  * lxc-user-nic: fix `/etc/resolv.conf` missing IP
+  * Build(deps): Bump github.com/google/uuid from 1.5.0 to 1.6.0
+  * v2.0.0+dev
+
+-------------------------------------------------------------------
+Tue Jan 23 07:03:49 UTC 2024 - danish.prakash@suse.com
+
+- Update to version 2.0.0:
+  * v2.0.0
+  * v2.0.0-beta.0+dev
+  * v2.0.0-beta.0
+  * CI: update Docker to v24.0.7
+  * CI: update pasta (2023_12_30.f091893)
+  * Write `$ROOTLESSKIT_STATE_DIR/resolv.conf`
+  * Build(deps): Bump golang.org/x/sys from 0.15.0 to 0.16.0
+  * fix typo
+  * Build(deps): Bump github.com/urfave/cli/v2 from 2.26.0 to 2.27.1
+  * Build(deps): Bump github.com/google/uuid from 1.4.0 to 1.5.0
+  * Build(deps): Bump github.com/containernetworking/plugins
+  * Build(deps): Bump github.com/urfave/cli/v2 from 2.25.7 to 2.26.0
+  * v2.0.0-alpha.2+dev
+  * v2.0.0-alpha.2
+  * CI: update pasta (2023_12_04.b86afe3)
+  * pasta: add debug logs
+  * Build(deps): Bump golang.org/x/sys from 0.14.0 to 0.15.0
+  * Build(deps): Bump github.com/moby/sys/mountinfo from 0.6.2 to 0.7.1
+  * Build(deps): Bump github.com/gorilla/mux from 1.8.0 to 1.8.1
+  * Build(deps): Bump golang.org/x/sys from 0.13.0 to 0.14.0
+  * Build(deps): Bump github.com/google/uuid from 1.3.1 to 1.4.0
+  * Build(deps): Bump golang.org/x/net from 0.10.0 to 0.17.0
+  * v2.0.0-alpha.1+dev
+  * v2.0.0-alpha.1
+  * release.yaml: migrate from `hub` to `gh`
+  * Build(deps): Bump golang.org/x/sys from 0.12.0 to 0.13.0
+  * Build(deps): Bump gotest.tools/v3 from 3.5.0 to 3.5.1
+  * Build(deps): Bump golang.org/x/sys from 0.11.0 to 0.12.0
+  * Build(deps): Bump github.com/google/uuid from 1.3.0 to 1.3.1
+  * lxc-user-nic: support detach-netns
+  * Build(deps): Bump golang.org/x/sys from 0.10.0 to 0.11.0
+  * Build(deps): Bump golang.org/x/sys from 0.9.0 to 0.10.0
+  * Build(deps): Bump gotest.tools/v3 from 3.4.0 to 3.5.0
+  * v2.0.0-alpha.0+dev
+  * v2.0.0-alpha.0; add --print-semver=(major|minor|patch)
+  * new network driver: `pasta` (with port driver `implicit`)
+  * [Carry 362] support detach-netns
+  * pkg/port: ChildContext: remove unused PID field
+  * cmd/rootlesskit: format logs
+  * Refactor parent-child communication (Add message union)
+  * Refactor parent-child communication (Remove "stages")
+  * pkg/api: split pkg/httputil
+  * Build(deps): Bump github.com/urfave/cli/v2 from 2.25.6 to 2.25.7
+  * Build(deps): Bump golang.org/x/sys from 0.8.0 to 0.9.0
+  * Build(deps): Bump github.com/urfave/cli/v2 from 2.25.5 to 2.25.6
+  * Build(deps): Bump github.com/sirupsen/logrus from 1.9.2 to 1.9.3
+  * v1.1.1+dev
+
+-------------------------------------------------------------------
+Tue Oct 10 06:16:47 UTC 2023 - Danish Prakash <danish.prakash@suse.com>
+
+- Bump go version to 1.21 (bsc#1215611)
+
+-------------------------------------------------------------------
+Tue Jun 20 07:33:53 UTC 2023 - danish.prakash@suse.com
+
+- Update to version 1.1.1:
+  * v1.1.1
+  * Bump up deps
+  * Build(deps): Bump github.com/urfave/cli/v2 from 2.25.4 to 2.25.5
+  * Build(deps): Bump github.com/urfave/cli/v2 from 2.25.3 to 2.25.4
+  * Remove duplicate id ranges returned by getsubu/gid for username/uid
+  * Build(deps): Bump github.com/sirupsen/logrus from 1.9.1 to 1.9.2
+  * Build(deps): Bump github.com/sirupsen/logrus from 1.9.0 to 1.9.1
+  * Build(deps): Bump golang.org/x/sys from 0.7.0 to 0.8.0
+  * Build(deps): Bump github.com/urfave/cli/v2 from 2.25.1 to 2.25.3
+  * Build(deps): Bump golang.org/x/sys from 0.6.0 to 0.7.0
+  * Build(deps): Bump github.com/urfave/cli/v2 from 2.25.0 to 2.25.1
+  * Build(deps): Bump golang.org/x/sys from 0.5.0 to 0.6.0
+  * Build(deps): Bump github.com/urfave/cli/v2 from 2.24.4 to 2.25.0
+  * Build(deps): Bump golang.org/x/net from 0.1.0 to 0.7.0
+  * Build(deps): Bump github.com/urfave/cli/v2 from 2.24.3 to 2.24.4
+  * CI: update Docker to v23.0.0
+  * Build(deps): Bump golang.org/x/sys from 0.4.0 to 0.5.0
+  * Build(deps): Bump github.com/urfave/cli/v2 from 2.24.2 to 2.24.3
+  * Build(deps): Bump github.com/urfave/cli/v2 from 2.24.1 to 2.24.2
+  * Build(deps): Bump github.com/urfave/cli/v2 from 2.23.7 to 2.24.1
+  * CI: update Docker to v23.0.0-rc.1
+  * Bump github.com/urfave/cli/v2 from 2.23.6 to 2.23.7
+  * Bump golang.org/x/sys from 0.3.0 to 0.4.0
+  * Bump github.com/urfave/cli/v2 from 2.23.5 to 2.23.6
+  * Bump golang.org/x/sys from 0.2.0 to 0.3.0
+  * v1.1.0+dev
+
+-------------------------------------------------------------------
+Sun Feb  5 23:41:04 UTC 2023 - Takashi Tamura <tamuratak.9876@gmail.com>
+
+- Install rootlesskit-docker-proxy
+
+-------------------------------------------------------------------
+Sat Dec 24 16:43:43 UTC 2022 - andrea.manzini@suse.com
+
+- Update to version 1.1.0:
+  * Support using /usr/bin/getsubids (`--subid-source=dynamic`)
+    Useful for SSSD environments (subid: sss in /etc/nsswitch.conf)
+
+    Full changes: https://github.com/rootless-containers/rootlesskit/milestone/3?closed=1
+
+- bump vendor dependencies
+
+-------------------------------------------------------------------
+Fri Apr 22 13:36:54 UTC 2022 - rpm@fthiessen.de
+
+- Update to version 1.0.0:
+  * use Go 1.18
+  * updated some dependencies
+
+-------------------------------------------------------------------
+Tue Nov 23 11:21:49 UTC 2021 - Richard Brown <rbrown@suse.com>
+
+- Initial Packaging 
diff --git a/rootlesskit.spec b/rootlesskit.spec
new file mode 100644
index 0000000..92cec56
--- /dev/null
+++ b/rootlesskit.spec
@@ -0,0 +1,57 @@
+#
+# spec file for package rootlesskit
+#
+# Copyright (c) 2024 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+Name:           rootlesskit
+Version:        2.3.1
+Release:        0
+Summary:        Linux-native fakeroot using user namespaces
+License:        Apache-2.0
+URL:            https://github.com/rootless-containers/rootlesskit
+Source:         %{name}-%{version}.tar.gz
+Source1:        vendor.tar.gz
+BuildRequires:  golang(API) >= 1.21
+BuildRoot:      %{_tmppath}/%{name}-%{version}-build
+
+%description
+RootlessKit is a Linux-native implementation of "fake root"
+using user_namespaces. RootlessKit is intended to run Docker and
+Kubernetes as an unprivileged user (known as "Rootless mode"), so as to protect
+the real root on the host from potential container-breakout attacks.
+
+%prep
+%setup -qa1
+
+%build
+go build -mod=vendor -buildmode=pie -o _output/rootlesskit ./cmd/rootlesskit
+go build -mod=vendor -buildmode=pie -o _output/rootlessctl ./cmd/rootlessctl
+go build -mod=vendor -buildmode=pie -o _output/rootlesskit-docker-proxy ./cmd/rootlesskit-docker-proxy
+
+%install
+mkdir -p %{buildroot}%{_bindir}/
+install -m 0755 _output/rootlesskit %{buildroot}%{_bindir}/rootlesskit
+install -m 0755 _output/rootlessctl %{buildroot}%{_bindir}/rootlessctl
+install -m 0755 _output/rootlesskit-docker-proxy %{buildroot}%{_bindir}/rootlesskit-docker-proxy
+
+%files
+%license LICENSE
+%doc README.md docs/*.md
+%{_bindir}/rootlesskit
+%{_bindir}/rootlessctl
+%{_bindir}/rootlesskit-docker-proxy
+
+%changelog
diff --git a/vendor.tar.gz b/vendor.tar.gz
new file mode 100644
index 0000000..b1a0b99
--- /dev/null
+++ b/vendor.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:ce6dae7d87c06f06e885cbd78f92c9e6412a8fd746726e19f8b8de9e278bbb34
+size 1623675