pool/runc
SHA256
14
0
Fork 1
Code Issues Pull Requests Activity

Accepting request 981401 from home:cyphar:docker

Browse Source 
- Update to runc v1.1.3. Upstream changelog is available from
  https://github.com/opencontainers/runc/releases/tag/v1.1.3.
  (Includes a fix for bsc#1200088.)

  * Our seccomp `-ENOSYS` stub now correctly handles multiplexed syscalls on
    s390 and s390x. This solves the issue where syscalls the host kernel did not
    support would return `-EPERM` despite the existence of the `-ENOSYS` stub
    code (this was due to how s390x does syscall multiplexing).
  * Retry on dbus disconnect logic in libcontainer/cgroups/systemd now works as
    intended; this fix does not affect runc binary itself but is important for
    libcontainer users such as Kubernetes.
  * Inability to compile with recent clang due to an issue with duplicate
    constants in libseccomp-golang.
  * When using systemd cgroup driver, skip adding device paths that don't exist,
    to stop systemd from emitting warnings about those paths.
  * Socket activation was failing when more than 3 sockets were used.
  * Various CI fixes.
  * Allow to bind mount /proc/sys/kernel/ns_last_pid to inside container.
  * runc static binaries are now linked against libseccomp v2.5.4.
- Remove upstreamed patches:
  - bsc1192051-0001-seccomp-enosys-always-return-ENOSYS-for-setup-2-on-s390x.patch

OBS-URL: https://build.opensuse.org/request/show/981401
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=128
This commit is contained in:
Aleksa Sarai
2022-06-09 00:28:16 +00:00
committed by Git OBS Bridge
parent bb89a115f8
commit 683f0a36dd
7 changed files with 48 additions and 191 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
runc.changes
View File

@@ -1,3 +1,28 @@
-------------------------------------------------------------------
Thu Jun 9 00:22:16 UTC 2022 - Aleksa Sarai <asarai@suse.com>
- Update to runc v1.1.3. Upstream changelog is available from
https://github.com/opencontainers/runc/releases/tag/v1.1.3.
(Includes a fix for bsc#1200088.)
* Our seccomp `-ENOSYS` stub now correctly handles multiplexed syscalls on
s390 and s390x. This solves the issue where syscalls the host kernel did not
support would return `-EPERM` despite the existence of the `-ENOSYS` stub
code (this was due to how s390x does syscall multiplexing).
* Retry on dbus disconnect logic in libcontainer/cgroups/systemd now works as
intended; this fix does not affect runc binary itself but is important for
libcontainer users such as Kubernetes.
* Inability to compile with recent clang due to an issue with duplicate
constants in libseccomp-golang.
* When using systemd cgroup driver, skip adding device paths that don't exist,
to stop systemd from emitting warnings about those paths.
* Socket activation was failing when more than 3 sockets were used.
* Various CI fixes.
* Allow to bind mount /proc/sys/kernel/ns_last_pid to inside container.
* runc static binaries are now linked against libseccomp v2.5.4.
- Remove upstreamed patches:
- bsc1192051-0001-seccomp-enosys-always-return-ENOSYS-for-setup-2-on-s390x.patch
-------------------------------------------------------------------
Mon May 23 03:02:32 UTC 2022 - Aleksa Sarai <asarai@suse.com>