pool/umoci
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 585262 from home:cyphar:umoci_0.4.0

Browse Source 
- Update to umoci v0.4.0. Upstream changelog:
	+ `umoci repack` now supports `--refresh-bundle` which will update the
	  OCI bundle's metadata (mtree and umoci-specific manifests) after packing
	  the image tag. This means that the bundle can be used as a base layer for
	  future diffs without needing to unpack the image again.
	  openSUSE/umoci#196
	+ Added a website, and reworked the documentation to be better structured.
	  You can visit the website at [`umo.ci`][umo.ci]. openSUSE/umoci#188
	+ Added support for the `user.rootlesscontainers` specification, which
	  allows for persistent on-disk emulation of `chown(2)` inside rootless
	  containers. This implementation is interoperable with [@AkihiroSuda's
	  `PRoot` fork][as-proot-fork] (though we do not test its interoperability
	  at the moment) as both tools use [the same protobuf
	  specification][rootlesscontainers-proto]. openSUSE/umoci#227
	+ `umoci unpack` now has support for opaque whiteouts (whiteouts which
	  remove all children of a directory in the lower layer), though `umoci
	  repack` does not currently have support for generating them. While this
	  is technically a spec requirement, through testing we've never
	  encountered an actual user of these whiteouts. openSUSE/umoci#224
	  openSUSE/umoci#229
	+ `umoci unpack` will now use some rootless tricks inside user namespaces
	  for operations that are known to fail (such as `mknod(2)`) while other
	  operations will be carried out as normal (such as `lchown(2)`). It should
	  be noted that the `/proc/self/uid_map` checking we do can be tricked into
	  not detecting user namespaces, but you would need to be trying to break
	  it on purpose. openSUSE/umoci#171 openSUSE/umoci#230
	* Fix a bug in our "parent directory restore" code, which is responsible
	  for ensuring that the mtime and other similar properties of a directory
	  are not modified by extraction inside said directory. The bug would
	  manifest as xattrs not being restored properly in certain edge-cases
	  (which we incidentally hit in a test-case). openSUSE/umoci#161
	  openSUSE/umoci#162
	* `umoci unpack` will now "clean up" the bundle generated if an error
	  occurs during unpacking. Previously this didn't happen, which made
	  cleaning up the responsibility of the caller (which was quite difficult
	  if you were unprivileged). This is a breaking change, but is in the error
	  path so it's not critical. openSUSE/umoci#174 openSUSE/umoci#187
	* `umoci gc` now will no longer remove unknown files and directories that
	  aren't `flock(2)`ed, thus ensuring that any possible OCI image-spec
	  extensions or other users of an image being operated on will no longer
	  break. openSUSE/umoci#198
	* `umoci unpack --rootless` will now correctly handle regular file
	  unpacking when overwriting a file that `umoci` doesn't have write access
	  to. In addition, the semantics of pre-existing hardlinks to a clobbered
	  file are clarified (the hard-links will not refer to the new layer's
	  inode). openSUSE/umoci#222 openSUSE/umoci#223

	[as-proot-fork]: https://github.com/AkihiroSuda/runrootless
	[rootlesscontainers-proto]: https://rootlesscontaine.rs/proto/rootlesscontainers.proto
	[umo.ci]: https://umo.ci/

OBS-URL: https://build.opensuse.org/request/show/585262
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/umoci?expand=0&rev=30
This commit is contained in:
Aleksa Sarai 2018-03-10 09:23:00 +00:00 committed by Git OBS Bridge
parent 0d6a87ba22
commit 25dea8b9ef
6 changed files with 74 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
umoci-0.3.1.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:9c92c72edeaf44b3409125e15a619f6718d9ddd29ed9539c60076b8746625440
size 341716

16
umoci-0.3.1.tar.xz.asc
View File

@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEXzbGxhtUYBJKdfWmnhiqJn3bjbQFAlnUNXwACgkQnhiqJn3b
jbRlPBAAg/ykOVftxsHQM8YKjQqRcD2+d6csXMlI0q2zErnWAQ+G7qdoRwj2PyLW
KbnV20082eqhI5+eg+LRGjb6XKyDdx/3YzqTH8etbUi8U9VKaj1fdAH08bTa93fq
sDEo6s1DiZZfI/POG/00ugkkBsLriROAYfqgUez7YH91+bPGVpY/5CmioACWBCs+
tNgd/dT3Db+q0ORkWjCLQLNtejJ3lFzL7gQwoQl0gv1NH6h3zxM6LcAvD9n8mm6w
ADxoCkWwvbH6qfIH7tKgbkDYxf9LTPfwijyFtBxF9jkwUOjJnURwTA6kTvwtRdjN
Dl8SKqqZGrivu4tki4JRAIOKuvRCqVryeMX98IHTTyuQENZneSK8uojYTZdV/mq0
YrExjs1K7OZHIgdxcJfRmxpP8ypXfWeP6s4pQklTmXjWmA+IU9IbOi43phEJ6fKI
8vlItvNTTDimePvp0RRP+UnwatT7XMnp+2AioCN3cexx+//Iadtl8jcs0dTDBqe7
gdPx7f6Qw81ZQmAoL0OBat7zBtxHnKeLsdK0xcl3RJ7RzdSPaLvOHqMmaNS356Ve
q/dq/a65b/kReQwM636JSssMEdtB2eEvJ+LNVMB/oOyfdRutOPODM67W5PVUBHAE
0XDf8HWxZNPUghQnYUIWIlwfhRHGnatOgbsi7/Rr3nVFsPaCI9w=
=VfqF
-----END PGP SIGNATURE-----

3
umoci-0.4.0.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:cda6e7ab833d024952034f0e3d121053ec3091d164915afd73423ed58886e741
size 408456

16
umoci-0.4.0.tar.xz.asc Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEXzbGxhtUYBJKdfWmnhiqJn3bjbQFAlqjkfgACgkQnhiqJn3b
jbTCPg//Rv6FIo2PzEqb3LlrOxib8hMoBwFDloQbfBqs+gH7n3ulJcixuaQpSPK1
3aSgR+7pm6goDKmIqPXSG9X0HHCyoT+i7xyDPoxIbN379w7+OBLdb0iCZ/u4EqFm
rrSIaGZnWGHv3JqmVdiaaMeccISbsQmYH9ADAI0GAyl7JLbr/7DVuNjsyXL6ttr9
xOfQiCwiTIr6W97smBvwXJsZKNe7C77Nd69rxWFMMrwDcPrhc1U9zK2PHKWiR/ad
J4zEQqNNWJaxis2NB3X9G+TfDzZNsQOqlduhBzfrPzdRDDZkfIFvn7cNCh39brwD
Q8XuGgst0f2XaivZBUHpRoDoHxhLjrNTpK76qC17aBSlAAlV0IwNXMV2H2/pUGTa
o4E1bIikAp/rjNXHUOH3D7NBIhX7bAK1q/Q2e4MeZ7btHlNV6JwWtYOm2/CanuT8
WqweBLw82jmk7JsYbdlrJwZhF7udhh7hnjFle2ezKmfIZOBWikmuD5PnG5z4Yah1
CGYUdjWGuJ6L1Q5yNpF+UGCl0Bg2UbNuXJ7BIJ5fIOe5/H4PVlOicNVEqgvCZHMa
vxilPVttPJpcaPZ0aKK2aZDZ9xVDDxW1cMIqs0H7+BcpG/Gsi/Ky25LwSUbn3+qb
dzVac17Uo/DwrCT0/iEv9bekqRCq0AeQ9gAx0JH88IqHrTUCdgI=
=bgmX
-----END PGP SIGNATURE-----

54
umoci.changes
View File

@ -1,3 +1,57 @@
-------------------------------------------------------------------
Sat Mar 10 08:10:42 UTC 2018 - asarai@suse.com
- Update to umoci v0.4.0. Upstream changelog:
+ `umoci repack` now supports `--refresh-bundle` which will update the
OCI bundle's metadata (mtree and umoci-specific manifests) after packing
the image tag. This means that the bundle can be used as a base layer for
future diffs without needing to unpack the image again.
openSUSE/umoci#196
+ Added a website, and reworked the documentation to be better structured.
You can visit the website at [`umo.ci`][umo.ci]. openSUSE/umoci#188
+ Added support for the `user.rootlesscontainers` specification, which
allows for persistent on-disk emulation of `chown(2)` inside rootless
containers. This implementation is interoperable with [@AkihiroSuda's
`PRoot` fork][as-proot-fork] (though we do not test its interoperability
at the moment) as both tools use [the same protobuf
specification][rootlesscontainers-proto]. openSUSE/umoci#227
+ `umoci unpack` now has support for opaque whiteouts (whiteouts which
remove all children of a directory in the lower layer), though `umoci
repack` does not currently have support for generating them. While this
is technically a spec requirement, through testing we've never
encountered an actual user of these whiteouts. openSUSE/umoci#224
openSUSE/umoci#229
+ `umoci unpack` will now use some rootless tricks inside user namespaces
for operations that are known to fail (such as `mknod(2)`) while other
operations will be carried out as normal (such as `lchown(2)`). It should
be noted that the `/proc/self/uid_map` checking we do can be tricked into
not detecting user namespaces, but you would need to be trying to break
it on purpose. openSUSE/umoci#171 openSUSE/umoci#230
* Fix a bug in our "parent directory restore" code, which is responsible
for ensuring that the mtime and other similar properties of a directory
are not modified by extraction inside said directory. The bug would
manifest as xattrs not being restored properly in certain edge-cases
(which we incidentally hit in a test-case). openSUSE/umoci#161
openSUSE/umoci#162
* `umoci unpack` will now "clean up" the bundle generated if an error
occurs during unpacking. Previously this didn't happen, which made
cleaning up the responsibility of the caller (which was quite difficult
if you were unprivileged). This is a breaking change, but is in the error
path so it's not critical. openSUSE/umoci#174 openSUSE/umoci#187
* `umoci gc` now will no longer remove unknown files and directories that
aren't `flock(2)`ed, thus ensuring that any possible OCI image-spec
extensions or other users of an image being operated on will no longer
break. openSUSE/umoci#198
* `umoci unpack --rootless` will now correctly handle regular file
unpacking when overwriting a file that `umoci` doesn't have write access
to. In addition, the semantics of pre-existing hardlinks to a clobbered
file are clarified (the hard-links will not refer to the new layer's
inode). openSUSE/umoci#222 openSUSE/umoci#223
[as-proot-fork]: https://github.com/AkihiroSuda/runrootless
[rootlesscontainers-proto]: https://rootlesscontaine.rs/proto/rootlesscontainers.proto
[umo.ci]: https://umo.ci/
-------------------------------------------------------------------
Thu Feb 1 16:58:09 CET 2018 - ro@suse.de

2
umoci.spec
View File

@ -24,7 +24,7 @@
%define project github.com/openSUSE/umoci
Name: umoci
Version: 0.3.1
Version: 0.4.0
Release: 0
Summary: Open Container Image manipulation tool
License: Apache-2.0