------------------------------------------------------------------- Tue Jun 11 07:06:13 UTC 2019 - Sascha Grunert - Update to libpod v1.4.0 - The podman checkpoint and podman restore commands can now be used to migrate containers between Podman installations on different systems - The podman cp command now supports a pause flag to pause containers while copying into them - The remote client now supports a configuration file for pre-configuring connections to remote Podman installations - Fixed CVE-2019-10152 - The podman cp command improperly dereferenced symlinks in host context - Fixed a bug where podman commit could improperly set environment variables that contained = characters - Fixed a bug where rootless Podman would sometimes fail to start containers with forwarded ports - Fixed a bug where podman version on the remote client could segfault - Fixed a bug where podman container runlabel would use /proc/self/exe instead of the path of the Podman command when printing the command being executed - Fixed a bug where filtering images by label did not work - Fixed a bug where specifying a bing mount or tmpfs mount over an image volume would cause a container to be unable to start - Fixed a bug where podman generate kube did not work with containers with named volumes - Fixed a bug where rootless Podman would receive permission denied errors accessing conmon.pid - Fixed a bug where podman cp with a folder specified as target would replace the folder, as opposed to copying into it - Fixed a bug where rootless Podman commands could double-unlock a lock, causing a crash - Fixed a bug where Podman incorrectly set tmpcopyup on /dev/ mounts, causing errors when using the Kata containers runtime - Fixed a bug where podman exec would fail on older kernels - The podman commit command is now usable with the Podman remote client - The --signature-policy flag (used with several image-related commands) has been deprecated - The podman unshare command now defines two environment variables in the spawned shell: CONTAINERS_RUNROOT and CONTAINERS_GRAPHROOT, pointing to temporary and permanent storage for rootless containers - Updated vendored containers/storage and containers/image libraries with numerous bugfixes - Updated vendored Buildah to v1.8.3 - Podman now requires Conmon v0.2.0 - The podman cp command is now aliased as podman container cp - Rootless Podman will now default init_path using root Podman's configuration files (/etc/containers/libpod.conf and /usr/share/containers/libpod.conf) if not overridden in the rootless configuration - Update to image v1.5.1 - Vendor in latest containers/storage - docker/docker_client: Drop redundant Domain(ref.ref) call - pkg/blobinfocache: Split implementations into subpackages - copy: progress bar: show messages on completion - docs: rename manpages to *.5.command - add container-certs.d.md manpage - pkg/docker/config: Bring auth tests from docker/docker_client_test - Don't allocate a sync.Mutex separately - Update to storage v1.12.10 - Add function to parse out mount options from graphdriver - Merge the disparate parts of all of the Unix-like lockfiles - Fix unix-but-not-Linux compilation - Return XDG_RUNTIME_DIR as RootlessRuntimeDir if set - Cherry-pick moby/moby #39292 for CVE-2018-15664 fixes - lockfile: add RecursiveLock() API - Update generated files - Fix crash on tesing of aufs code - Let consumers know when Layers and Images came from read-only stores - chown: do not change owner for the mountpoint - locks: correctly mark updates to the layers list - CreateContainer: don't worry about mapping layers unless necessary - docs: fix manpage for containers-storage.conf - docs: sort configuration options alphabetically - docs: document OSTree file deduplication - Add missing options to man page for containers-storage - overlay: use the layer idmapping if present - vfs: prefer layer custom idmappings - layers: propagate down the idmapping settings - Recreate symlink when not found - docs: fix manpage for configuration file - docs: add special handling for manpages in sect 5 - overlay: fix single-lower test - Recreate symlink when not found - overlay: propagate errors from mountProgram - utils: root in a userns uses global conf file - Fix handling of additional stores - Correctly check permissions on rootless directory - Fix possible integer overflow on 32bit builds - Evaluate device path for lvm - lockfile test: make concurrent RW test determinisitc - lockfile test: make concurrent read tests deterministic - drivers.DirCopy: fix filemode detection - storage: move the logic to detect rootless into utils.go - Don't set (struct flock).l_pid - Improve documentation of getLockfile - Rename getLockFile to createLockerForPath, and document it - Add FILES section to containers-storage.5 man page - add digest locks - drivers/copy: add a non-cgo fallback - Add default SLES mounts for container-suseconnect usage ------------------------------------------------------------------- Tue Jun 4 14:27:15 UTC 2019 - Richard Brown - Add util-linux and grep as Requires(post) to ensure btrfs config gets made correctly ------------------------------------------------------------------- Mon Apr 1 14:24:17 UTC 2019 - Richard Brown - Update to libpod v1.2.0 * Rootless Podman can now be used with a single UID and GID, without requiring a full 65536 UIDs/GIDs to be allocated in /etc/subuid and /etc/subgid * Move pkg/util default storage functions from libpod to containers/storage - Update to image v1.5 * Minor behind the scene bugfixes, no user facing changes - Update to storage v1.12.1 * Move pkg/util default storage functions from libpod to containers/storage * containers/storage no longer depends on containers/image - Version 20190401 ------------------------------------------------------------------- Wed Feb 27 14:51:55 UTC 2019 - Richard Brown - Update to libpod v1.1.0 * Rootless Podman can now forward ports into containers (using the same -p and -P flags as root Podman) * Rootless Podman will now pull some configuration options (for example, OCI runtime path) from the default root libpod.conf if they are not explicitly set in the user's own libpod.conf ------------------------------------------------------------------- Tue Feb 19 15:34:54 UTC 2019 - Richard Brown - Upgrade to storage v1.10 * enable parallel blob reads * Teach images to hold multiple manifests * Move structs for storage.conf to pkg/config - Upgrade to libpod v1.0.1 * Do not unmarshal into c.config.Spec * spec: add nosuid,noexec,nodev to ro bind mount ------------------------------------------------------------------- Sat Feb 2 11:07:30 UTC 2019 - Richard Brown - Restore non-upstream storage.conf, needed by CRI-O ------------------------------------------------------------------- Fri Jan 25 14:30:45 UTC 2019 - Richard Brown - Upgrade to storage v1.8 * Check for the OS when setting btrfs/libdm/ostree tags - Upgrade to image v1.3 * vendor: use github.com/klauspost/pgzip instead of compress/gzip * vendor latest ostree - Refactor specfile to use versioned tarballs - Established package versioning scheme (ISODATE of change) - Remove non-upstream storage.conf - Set btrfs as default driver if /var/lib is on btrfs [boo#1123119] - Version 20190125 ------------------------------------------------------------------- Thu Jan 17 14:20:49 UTC 2019 - Richard Brown - Upgrade to storage v1.6 * Remove private mount from zfs driver * Update zfs driver to be closer to moby driver * Use mount options when mounting the chown layer. ------------------------------------------------------------------- Sun Jan 13 15:39:42 UTC 2019 - Richard Brown - Upgrade to libpod v1.0.0 * Fixed a bug where storage.conf was sometimes ignored for rootless containers ------------------------------------------------------------------- Tue Jan 8 11:35:41 UTC 2019 - Richard Brown - Upgrade to libpod v0.12.1.2 and storage v1.4 * No significant functional or packaging changes ------------------------------------------------------------------- Sun Jan 6 22:11:02 UTC 2019 - Richard Brown - storage.conf - restore btrfs as the default driver ------------------------------------------------------------------- Fri Dec 7 10:54:37 UTC 2018 - Richard Brown - Update to latest libpod and storage to support cri-o 1.13 ------------------------------------------------------------------- Wed Dec 5 14:45:37 UTC 2018 - Richard Brown - Use seccomp.json from github.com/containers/libpod, instead of installing the tar.xz on users systems (boo#1118444) ------------------------------------------------------------------- Mon Nov 12 09:21:37 UTC 2018 - Valentin Rothberg - Add oci-hooks(5) manpage from libpod. ------------------------------------------------------------------- Mon Nov 12 08:14:08 UTC 2018 - Valentin Rothberg - Use seccomp.json from github.com/containers/libpod to align with the upstream defaults. - Update to the latest image and storage to pull in improvements to the manpages. ------------------------------------------------------------------- Mon Aug 27 14:24:51 UTC 2018 - vrothberg@suse.com - storage.conf: comment out options that are not supported by btrfs. This simplifies switching the driver as it avoids the whack-a-mole of commenting out "unsupported" options. ------------------------------------------------------------------- Mon Aug 27 08:48:16 UTC 2018 - vrothberg@suse.com - Consolidate libcontainers-{common,image,storage} into one package, libcontainers-common. That's the way upstream intended all libraries from github.com/containers to be packaged. It facilitates updating and maintaining the package, as all configs and manpages come from a central source. Note that the `storage` binary that previously has been provided by the libcontainers-storage package is not provided anymore as, despite the claims in the manpages, it is not intended for production use. ------------------------------------------------------------------- Mon Aug 13 11:44:31 UTC 2018 - vrothberg@suse.com - Make libcontainers-common arch independent. - Add LICENSE. ------------------------------------------------------------------- Thu Apr 12 09:36:39 UTC 2018 - fcastelli@suse.com - Added /usr/share/containers/oci/hooks.d and /etc/containers/oci/hooks.d to the package. These are used by tools like cri-o and podman to store custom hooks. ------------------------------------------------------------------- Mon Mar 5 09:30:12 UTC 2018 - vrothberg@suse.com - Configuration files should generally be tagged as %config(noreplace) in order to keep the modified config files and to avoid losing data when the package is being updated. feature#crio ------------------------------------------------------------------- Thu Feb 8 13:07:24 UTC 2018 - vrothberg@suse.com - Add libcontainers-common package.