Accepting request 1288543 from Virtualization:Appliances:Builder

- Bump version: 3.1.18 → 3.1.19

- Fix CVE-2025-3416
  rebuild of the tool also inherits openssl in a version that
  fixes the above mentioned CVE. This fixes bsc#1242680

- Fix CVE-2025-5791
  Switch to uzers crate as actively maintained fork of the
  unmaintained users crate. This Fixes bsc#1244207

OBS-URL: https://build.opensuse.org/request/show/1288543
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/flake-pilot?expand=0&rev=12

flake-pilot.changes

@@ -1,3 +1,431 @@
+-------------------------------------------------------------------
+Wed Jun 25 14:49:48 CEST 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Bump version: 3.1.18 → 3.1.19
+
+-------------------------------------------------------------------
+Wed Jun 25 10:13:12 CEST 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Fix CVE-2025-3416
+
+  rebuild of the tool also inherits openssl in a version that
+  fixes the above mentioned CVE. This fixes bsc#1242680
+
+-------------------------------------------------------------------
+Wed Jun 25 09:59:27 CEST 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Fix CVE-2025-5791
+
+  Switch to uzers crate as actively maintained fork of the
+  unmaintained users crate. This Fixes bsc#1244207
+
+-------------------------------------------------------------------
+Wed Feb 26 09:35:26 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Fix firecracker requirement
+
+  Require firefracker only for TW as it exists in no
+  other version of SUSE. In case the firecracker-pilot
+  is installed on a system that has no firecracker it
+  must be installed to this system in an alternative
+  way which is easily possible because firefracker
+  is also a rust application only depending on libc
+
+-------------------------------------------------------------------
+Tue Feb 11 21:41:40 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Bump version: 3.1.17 → 3.1.18
+
+-------------------------------------------------------------------
+Tue Feb 11 21:41:15 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Style fixes
+
+-------------------------------------------------------------------
+Tue Feb 11 21:30:01 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Fix error handling for container check methods
+
+  The condition to setup permissions and redo the call
+  was done when the exec of the call was not possible.
+  But this is not the right place to check for a permission
+  denied error. This commit fixes the evaluation of the
+  error data
+
+-------------------------------------------------------------------
+Tue Feb 11 19:17:18 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Bump version: 3.1.16 → 3.1.17
+
+-------------------------------------------------------------------
+Tue Feb 11 19:15:33 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Don't use perform for bool status methods
+
+  The perform() call checks the status code and raises an
+  ExecutionError. This does not allow us to return a
+  false boolean. Use output() call instead
+
+-------------------------------------------------------------------
+Tue Feb 11 18:38:09 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Bump version: 3.1.15 → 3.1.16
+
+-------------------------------------------------------------------
+Tue Feb 11 18:37:38 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- No error return for bool method
+
+-------------------------------------------------------------------
+Tue Feb 11 18:05:20 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Bump version: 3.1.14 → 3.1.15
+
+-------------------------------------------------------------------
+Tue Feb 11 18:00:48 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Fix call for podman_setup_permissions
+
+  Make sure podman_setup_permissions is only called if there
+  is a permission problem detected.
+
+-------------------------------------------------------------------
+Sat Feb 01 22:57:28 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Bump version: 3.1.13 → 3.1.14
+
+-------------------------------------------------------------------
+Sat Feb 01 22:47:35 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Use actions/upload-artifact: v4
+
+-------------------------------------------------------------------
+Sat Feb 01 22:46:14 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Make clippy happy
+
+-------------------------------------------------------------------
+Sat Feb 01 22:37:25 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Fix building runtime arguments
+
+  Use get_run_cmdline method everywhere
+
+-------------------------------------------------------------------
+Sat Feb 01 22:14:16 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Fix container cleanup
+
+  A flake configured to be attached can also be re-started
+  using the same container storage. However, the container
+  was always removed when the command exited. This commit
+  fixes it to avoid removing the container of attach type
+  flakes. In addition a flake option %remove was added to
+  allow removing the container created for resume and attach
+  type flakes
+
+-------------------------------------------------------------------
+Tue Dec 17 14:46:11 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Bump version: 3.1.12 → 3.1.13
+
+-------------------------------------------------------------------
+Tue Dec 17 10:19:53 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Allow env placeholders for the podman pilot
+
+  The podman runtime arguments allows to set environment
+  variable placeholders starting with '%' and followed by
+  the name of the environment variable. For example %HOME
+  will be replaced to the value of $HOME of the calling user.
+  If the given placeholder cannot be translated into an
+  existing environment variable it will be turned into the
+  variable name, $HOME in the above example.
+
+-------------------------------------------------------------------
+Mon Dec 16 14:40:06 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Bump version: 3.1.11 → 3.1.12
+
+-------------------------------------------------------------------
+Mon Dec 16 12:51:34 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Automatically detect terminal mode
+
+-------------------------------------------------------------------
+Mon Dec 16 12:41:09 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Drop superfluous comment
+
+-------------------------------------------------------------------
+Mon Dec 16 12:37:42 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Bump version: 3.1.10 → 3.1.11
+
+-------------------------------------------------------------------
+Mon Dec 16 12:36:37 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Update system files provisioning
+
+  Expect systemfiles to be a callable that produces the
+  list of host files to sync
+
+-------------------------------------------------------------------
+Fri Dec 13 10:47:06 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Bump version: 3.1.9 → 3.1.10
+
+-------------------------------------------------------------------
+Fri Dec 13 10:28:40 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Include systemfiles.libs for host provisioning
+
+  Only use copy-links for the files mentioned in
+  systemfiles.libs. The other systemfiles are synced in the
+  usual way.
+
+-------------------------------------------------------------------
+Thu Dec 12 15:39:51 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Make sure interactive processes can run
+
+-------------------------------------------------------------------
+Thu Dec 12 15:22:37 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Fixed podman call dead lock
+
+  When calling the flake and stdout/stderr gets redirected into
+  a pipe like `flake | grep ... | cut ...` the pilot binary runs
+  in a dead lock because there is no reader/writer to feed the
+  pipe from the child process (podman) executed via the pilot.
+  This commit fixes it by making sure all data from the child
+  gets read first and then passed along to stdout/stderr of the
+  caller.
+
+-------------------------------------------------------------------
+Thu Dec 12 11:01:36 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Bump version: 3.1.8 → 3.1.9
+
+-------------------------------------------------------------------
+Tue Dec 10 18:46:14 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Copy symlinks for host dependencies
+
+  For provisioning of host dependencies copy symlinks such
+  that they appear under their name as a file and not as a
+  symlink. We use this logic for the host dependency sync
+  only to be less strict on versioned library syncing
+
+-------------------------------------------------------------------
+Wed Dec 04 15:01:53 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Clippy fix
+
+  elide the lifetimes for User instances
+
+-------------------------------------------------------------------
+Wed Dec 04 14:16:53 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Bump version: 3.1.7 → 3.1.8
+
+-------------------------------------------------------------------
+Wed Dec 04 09:50:50 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Fixed the runroot permission fixup
+
+  podman differentiates the runroot between root and rootless
+  calls. If you initially call a flake as a user the initial
+  podman database gets setup as rootless variant which also
+  allows root based workloads without permission issues.
+  However, if you do it the other way round the runroot is
+  setup for root only which prevents the flake to be called
+  as normal user. To handle this permission issues we have
+  fix methods in the flake common code to change the
+  permissions according to the calling user via sudo. The
+  code to handle permissions for the runroot target has to
+  apply for all users as we can't predict if the storage
+  will be setup initially as rootless or for root only
+
+-------------------------------------------------------------------
+Fri Nov 29 12:13:32 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Bump version: 3.1.6 → 3.1.7
+
+-------------------------------------------------------------------
+Fri Nov 29 12:12:43 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Follow symlinks for mkdir
+
+-------------------------------------------------------------------
+Thu Nov 28 11:56:14 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Bump version: 3.1.5 → 3.1.6
+
+-------------------------------------------------------------------
+Thu Nov 28 11:54:08 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Add support for systemfiles provisioning
+
+  If the base container comes with a systemfiles metadata file
+  it will be used to transfer all the data mentioned in the file
+  from the host to the instance. In contrast to the removed files
+  the systemfiles sync will not continue when failed and this
+  can only be overwritten via the %ignore_sync_error flake option
+
+-------------------------------------------------------------------
+Wed Nov 27 22:21:46 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Bump version: 3.1.4 → 3.1.5
+
+-------------------------------------------------------------------
+Wed Nov 27 22:21:18 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Add provision of systemfiles
+
+-------------------------------------------------------------------
+Wed Nov 27 21:21:55 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Fix initialization of CID dir
+
+  chmod to the wrong path
+
+-------------------------------------------------------------------
+Tue Nov 26 17:25:56 CET 2024 - Robert Schweikert <rjschwei@suse.com>
+
+- Doc clarification
+
+  Using the term "container name" can be confusing and interpreted as simply
+  the name of the container itself. What we really need to make registration
+  work is the path of the container in the local registry. Clarify the
+  documentation by adding a not ethat points out this potential pitfall.
+
+-------------------------------------------------------------------
+Tue Nov 26 16:04:57 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Bump version: 3.1.3 → 3.1.4
+
+-------------------------------------------------------------------
+Tue Nov 26 16:03:33 CET 2024 - Robert Schweikert <rjschwei@suse.com>
+
+- Handle incomplete container path
+
+  If the given oci path does not match a file, the value is treated
+  as a glob pattern. From the possible match of the pattern the
+  last match will be used as the file to load. This Fixes #51
+
+-------------------------------------------------------------------
+Sun Nov 24 14:32:10 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Bump version: 3.1.2 → 3.1.3
+
+-------------------------------------------------------------------
+Sun Nov 24 14:27:33 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Handle the removal of containers in the pilot
+
+-------------------------------------------------------------------
+Sun Nov 24 11:58:19 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Fix cleanup
+
+  Only modify permissions of the run state for the calling user.
+  Make sure to remove non resume/attach type app containers after
+  the call
+
+-------------------------------------------------------------------
+Sat Nov 23 23:36:24 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- suppress podman exists output
+
+-------------------------------------------------------------------
+Sat Nov 23 22:35:50 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Bump version: 3.1.1 → 3.1.2
+
+-------------------------------------------------------------------
+Sat Nov 23 22:35:20 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Fix spec file
+
+  Do not create /usr/share/flakes as part of the
+  package. Let the tooling create the directory
+  if not present
+
+-------------------------------------------------------------------
+Sat Nov 23 22:23:57 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Bump version: 3.1.0 → 3.1.1
+
+-------------------------------------------------------------------
+Sat Nov 23 22:22:55 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Provide error message for unknown command
+
+  If the target_app_path is set to / this means the
+  container configured entry point is called. Such a
+  setup cannot be used as resume flake because we
+  don't know the entry point command to exec
+
+-------------------------------------------------------------------
+Sat Nov 23 22:04:48 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Update flake-ctl-podman-register man page
+
+-------------------------------------------------------------------
+Sat Nov 23 18:32:41 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Bump version: 3.0.15 → 3.1.0
+
+-------------------------------------------------------------------
+Thu Nov 21 23:16:04 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Use custom registry for the podman pilot
+
+  Use podman in a way that it references a custom registry
+  only for the flakes and independent of any other registry
+  setup on the system. This Fixes #48
+
+-------------------------------------------------------------------
+Tue Nov 05 14:40:52 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Bump version: 3.0.14 → 3.0.15
+
+-------------------------------------------------------------------
+Tue Nov 05 14:40:29 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Fix vendoring
+
+  Use cargo-vendor-filterer crate
+
+-------------------------------------------------------------------
+Tue Nov 05 11:13:04 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Bump version: 3.0.13 → 3.0.14
+
+-------------------------------------------------------------------
+Tue Nov 05 10:49:52 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Fixed code still not using flakes config file
+
+-------------------------------------------------------------------
+Mon Nov 04 23:02:57 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Allow to mount podman storage in rootless mode
+
+  Temporary gain root permissions via sudo for mounting
+  and modifying instance storage. This allows for provisioning
+  transparent containers also for non root users but still
+  requires sudo to be configured properly.
+
+-------------------------------------------------------------------
+Mon Nov 04 11:48:06 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
+
+- Make sure flake-ctl also reads /etc/flakes.yml
+
+  The system wide configuration file was not read by flake-ctl
+  only by the pilots. This commit fixes it
+
 -------------------------------------------------------------------
 Thu Jun 06 17:26:31 CEST 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 

flake-pilot.spec

@@ -23,7 +23,7 @@
 # SOFTWARE.
 #
 Name:           flake-pilot
-Version:        3.0.13
+Version:        3.1.19
 Release:        0
 Summary:        Launcher for flake applications
 License:        MIT
@@ -83,7 +83,9 @@ BuildRequires:  clang
 BuildRequires:  clang-devel
 %endif
 Requires:       rsync
+%if 0%{?suse_version} > 1600
 Requires:       firecracker
+%endif
 Requires:       xz
 Requires:       e2fsprogs
 Requires:       sudo
@@ -120,7 +122,7 @@ Guest VM tools to help with firecracker workloads
 
 %build
 mkdir -p .cargo
-cp %{SOURCE1} .cargo/config
+cp %{SOURCE1} .cargo/config.toml
 make build
 %ifnarch ppc64le
 %if 0%{?suse_version} && 0%{?suse_version} >= 1600
@@ -157,7 +159,6 @@ install -m 644 flakes.yml %{buildroot}/etc/flakes.yml
 
 %files
 %defattr(-,root,root)
-%dir /usr/share/flakes
 %dir /etc/flakes
 %config /etc/flakes.yml
 /usr/bin/flake-ctl
@@ -168,6 +169,7 @@ install -m 644 flakes.yml %{buildroot}/etc/flakes.yml
 
 %files -n flake-pilot-podman
 %config /etc/flakes/container-flake.yaml
+%config /etc/flakes/storage.conf
 /usr/bin/podman-pilot
 /usr/sbin/flake-registry
 %doc /usr/share/man/man8/flake-ctl-podman-load.8.gz