rpm/podman
SHA256
1
0
Fork 0
forked from pool/podman
Code Pull Requests Activity

Accepting request 824166 from devel:kubic

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/824166
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/podman?expand=0&rev=64
This commit is contained in:
Dominique Leuenberger 2020-08-06 15:29:42 +00:00 committed by Git OBS Bridge
parent c08ac6d17a
commit 94f7342a8c
6 changed files with 275 additions and 168 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
_service
View File

@ -1,11 +1,11 @@
<services>
<service name="tar_scm" mode="disabled">
<param name="url">https://github.com/containers/libpod.git</param>
<param name="url">https://github.com/containers/podman.git</param>
<param name="scm">git</param>
<param name="filename">podman</param>
<param name="versionformat">1.9.3</param>
<param name="revision">v1.9.3</param>
<param name="versionformat">2.0.4</param>
<param name="revision">v2.0.4</param>
</service>
<service name="set_version" mode="disabled">

147
libpod.conf
View File

@ -1,147 +0,0 @@
# libpod.conf is the default configuration file for all tools using libpod to
# manage containers
# Default transport method for pulling and pushing for images
image_default_transport = "docker://"
# Paths to look for the conmon container manager binary.
# If the paths are empty or no valid path was found, then the `$PATH`
# environment variable will be used as the fallback.
conmon_path = [
]
# Environment variables to pass into conmon
conmon_env_vars = [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
]
# CGroup Manager - valid values are "systemd" and "cgroupfs"
cgroup_manager = "systemd"
# Container init binary
init_path = "/usr/bin/catatonit"
# Directory for persistent libpod files (database, etc)
# By default, this will be configured relative to where containers/storage
# stores containers
# Uncomment to change location from this default
#static_dir = "/var/lib/containers/storage/libpod"
# Directory for temporary files. Must be tmpfs (wiped after reboot)
tmp_dir = "/var/run/libpod"
# Maximum size of log files (in bytes)
# -1 is unlimited
max_log_size = -1
# Whether to use chroot instead of pivot_root in the runtime
no_pivot_root = false
# Directory containing CNI plugin configuration files
cni_config_dir = "/etc/cni/net.d/"
# Directories where the CNI plugin binaries may be located
cni_plugin_dir = [
"/usr/lib/cni",
"/opt/cni/bin"
]
# Default CNI network for libpod.
# If multiple CNI network configs are present, libpod will use the network with
# the name given here for containers unless explicitly overridden.
# The default here is set to the name we set in the
# 87-podman-bridge.conflist included in the repository.
# Not setting this, or setting it to the empty string, will use normal CNI
# precedence rules for selecting between multiple networks.
cni_default_network = "podman"
# Default libpod namespace
# If libpod is joined to a namespace, it will see only containers and pods
# that were created in the same namespace, and will create new containers and
# pods in that namespace.
# The default namespace is "", which corresponds to no namespace. When no
# namespace is set, all containers and pods are visible.
#namespace = ""
# Default infra (pause) image name for pod infra containers
infra_image = "registry.opensuse.org/kubic/pause:3.2"
# Default command to run the infra container
infra_command = "/usr/bin/pause"
# Determines whether libpod will reserve ports on the host when they are
# forwarded to containers. When enabled, when ports are forwarded to containers,
# they are held open by conmon as long as the container is running, ensuring that
# they cannot be reused by other programs on the host. However, this can cause
# significant memory usage if a container has many ports forwarded to it.
# Disabling this can save memory.
#enable_port_reservation = true
# Default libpod support for container labeling
# label=true
# The locking mechanism to use
lock_type = "shm"
# Number of locks available for containers and pods.
# If this is changed, a lock renumber must be performed (e.g. with the
# 'podman system renumber' command).
num_locks = 2048
# Directory for libpod named volumes.
# By default, this will be configured relative to where containers/storage
# stores containers.
# Uncomment to change location from this default.
#volume_path = "/var/lib/containers/storage/volumes"
# Selects which logging mechanism to use for Podman events. Valid values
# are `journald` or `file`.
# events_logger = "journald"
# Specify the keys sequence used to detach a container.
# Format is a single character [a-Z] or a comma separated sequence of
# `ctrl-<value>`, where `<value>` is one of:
# `a-z`, `@`, `^`, `[`, `\`, `]`, `^` or `_`
#
# detach_keys = "ctrl-p,ctrl-q"
# Default OCI runtime
runtime = "runc"
# List of the OCI runtimes that support --format=json. When json is supported
# libpod will use it for reporting nicer errors.
runtime_supports_json = ["runc"]
# List of all the OCI runtimes that support --cgroup-manager=disable to disable
# creation of CGroups for containers.
runtime_supports_nocgroups = []
# Paths to look for a valid OCI runtime (runc, runv, etc)
# If the paths are empty or no valid path was found, then the `$PATH`
# environment variable will be used as the fallback.
[runtimes]
runc = [
]
# Kata Containers is an OCI runtime, where containers are run inside lightweight
# VMs. Kata provides additional isolation towards the host, minimizing the host attack
# surface and mitigating the consequences of containers breakout.
# Kata Containers with the default configured VMM
kata-runtime = [
]
# Kata Containers with the QEMU VMM
kata-qemu = [
]
# Kata Containers with the Firecracker VMM
kata-fc = [
]
# The [runtimes] table MUST be the last thing in this file.
# (Unless another table is added)
# TOML does not provide a way to end a table other than a further table being
# defined, so every key hereafter will be part of [runtimes] and not the main
# config.

3
podman-1.9.3.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:d252cfafee47db2fcaccbc4c0e168bf1d026a5398fb2133afecbc335bb38d947
size 5081016

3
podman-2.0.4.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:5a2b39fa13b9d95c8b22819cf615c560292c2cf8b8c914f51600993550a4fead
size 5380128

238
podman.changes
View File

@ -1,3 +1,241 @@
-------------------------------------------------------------------
Mon Aug 3 06:47:04 UTC 2020 - Sascha Grunert <sgrunert@suse.com>
- Update to v2.0.4
* Fixed a bug where the output of podman image search did not
populate the Description field as it was mistakenly assigned to
the ID field.
* Fixed a bug where podman build - and podman build on an HTTP
target would fail.
* Fixed a bug where rootless Podman would improperly chown the
copied-up contents of anonymous volumes (#7130).
* Fixed a bug where Podman would sometimes HTML-escape special
characters in its CLI output.
* Fixed a bug where the podman start --attach --interactive
command would print the container ID of the container attached
to when exiting (#7068).
* Fixed a bug where podman run --ipc=host --pid=host would only
set --pid=host and not --ipc=host (#7100).
* Fixed a bug where the --publish argument to podman run, podman
create and podman pod create would not allow binding the same
container port to more than one host port (#7062).
* Fixed a bug where incorrect arguments to podman images --format
could cause Podman to segfault.
* Fixed a bug where podman rmi --force on an image ID with more
than one name and at least one container using the image would
not completely remove containers using the image (#7153).
* Fixed a bug where memory usage in bytes and memory use
percentage were swapped in the output of podman stats
--format=json.
* Fixed a bug where the libpod and compat events endpoints would
fail if no filters were specified (#7078).
* Fixed a bug where the CgroupVersion field in responses from the
compat Info endpoint was prefixed by "v" (instead of just being
"1" or "2", as is documented).
-------------------------------------------------------------------
Fri Jul 31 13:07:59 UTC 2020 - Ralf Haferkamp <rhafer@suse.com>
- Remove obsolete libpod.conf from Package sources
-------------------------------------------------------------------
Tue Jul 28 13:16:55 UTC 2020 - Ralf Haferkamp <rhafer@suse.com>
- libpod got renamed to podman on GitHub. Point _service file to
the new name.
- Remove obsolete old Requires on libcontainers-image and -storage
all of that is inside libcontainers-common
- Require a new enough libcontainers-common version to have the
default containers.conf installed.
- Remove deprecated libpod.conf and create an update notice pointing
to containers.conf for user that made changes to libpod.conf
-------------------------------------------------------------------
Tue Jul 28 09:13:49 UTC 2020 - Fabian Vogt <fvogt@suse.com>
- Suggest katacontainers instead of recommending it. It's not
enabled by default, so it's just bloat
-------------------------------------------------------------------
Fri Jul 24 12:19:32 UTC 2020 - Ralf Haferkamp <rhafer@suse.com>
- Update to v2.0.3
* Fix handling of entrypoint
* log API: add context to allow for cancelling
* fix API: Create container with an invalid configuration
* Remove all instances of named return "err" from Libpod
* Fix: Correct connection counters for hijacked connections
* Fix: Hijacking v2 endpoints to follow rfc 7230 semantics
* Remove hijacked connections from active connections list
* version/info: format: allow more json variants
* Correctly print STDOUT on non-terminal remote exec
* Fix container and pod create commands for remote create
* Mask out /sys/dev to prevent information leak from the host
* Ensure sig-proxy default is propagated in start
* Add SystemdMode to inspect for containers
* When determining systemd mode, use full command
* Fix lint
* Populate remaining unused fields in `pod inspect`
* Include infra container information in `pod inspect`
* play-kube: add suport for "IfNotPresent" pull type
* docs: user namespace can't be shared in pods
* Fix "Error: unrecognized protocol \"TCP\" in port mapping"
* Error on rootless mac and ip addresses
* Fix & add notes regarding problematic language in codebase
* abi: set default umask and rlimits
* Used reference package with errors for parsing tag
* fix: system df error when an image has no name
* Fix Generate API title/description
* Add noop function disable-content-trust
* fix play kube doesn't override dockerfile ENTRYPOINT
* Support default profile for apparmor
* Bump github.com/containers/common to v0.14.6
* events endpoint: backwards compat to old type
* events endpoint: fix panic and race condition
* Switch references from libpod.conf to containers.conf
* podman.service: set type to simple
* podman.service: set doc to podman-system-service
* podman.service: use default registries.conf
* podman.service: use default killmode
* podman.service: remove stop timeout
* systemd: symlink user->system
* vendor golang.org/x/text@v0.3.3
* Fix a bug where --pids-limit was parsed incorrectly
* search: allow wildcards
* [CI:DOCS]Do not copy policy.json into gating image
* Fix systemd pid 1 test
* Cirrus: Rotate keys post repo. rename
- The libpod.conf(5) man page got removed and all references are
now pointing towards containers.conf(5), which will be part
of the libcontainers-common package.
-------------------------------------------------------------------
Wed Jul 8 07:12:58 UTC 2020 - Ralf Haferkamp <rhafer@suse.com>
- Update to podman v2.0.2
* fix race condition in `libpod.GetEvents(...)`
* Fix bug where `podman mount` didn't error as rootless
* remove podman system connection
* Fix imports to ensure v2 is used with libpod
* Update release notes for v2.0.2
* specgen: fix order for setting rlimits
* Ensure umask is set appropriately for 'system service'
* generate systemd: improve pod-flags filter
* Fix a bug with APIv2 compat network remove to log an ErrNetworkNotFound instead of nil
* Fixes --remote flag issues
* Pids-limit should only be set if the user set it
* Set console mode for windows
* Allow empty host port in --publish flag
* Add a note on the APIs supported by `system service`
* fix: Don't override entrypoint if it's `nil`
* Set TMPDIR to /var/tmp by default if not set
* test: add tests for --user and volumes
* container: move volume chown after spec generation
* libpod: volume copyup honors namespace mappings
* Fix `system service` panic from early hangup in events
* stop podman service in e2e tests
* Print errors from individual containers in pods
* auto-update: clarify systemd-unit requirements
* podman ps truncate the command
* move go module to v2
* Vendor containers/common v0.14.4
* Bump to imagebuilder v1.1.6 on v2 branch
* Account for non-default port number in image name
- Changes since v2.0.1
* Update release notes with further v2.0.1 changes
* Fix inspect to display multiple label: changes
* Set syslog for exit commands on log-level=debug
* Friendly amendment for pr 6751
* podman run/create: support all transports
* systemd generate: allow manual restart of container units in pods
* Revert sending --remote flag to containers
* Print port mappings in `ps` for ctrs sharing network
* vendor github.com/containers/common@v0.14.3
* Update release notes for v2.0.1
* utils: drop default mapping when running uid!=0
* Set stop signal to 15 when not explicitly set
* podman untag: error if tag doesn't exist
* Reformat inspect network settings
* APIv2: Return `StatusCreated` from volume creation
* APIv2:fix: Remove `/json` from compat network EPs
* Fix ssh-agent support
* libpod: specify mappings to the storage
* APIv2:doc: Fix swagger doc to refer to volumes
* Add podman network to bash command completions
* Fix typo in manpage for `podman auto update`.
* Add JSON output field for ps
* V2 podman system connection
* image load: no args required
* Re-add PODMAN_USERNS environment variable
* Fix conflicts between privileged and other flags
* Bump required go version to 1.13
* Add explicit command to alpine container in test case.
* Use POLL_DURATION for timer
* Stop following logs using timers
* "pod" was being truncated to "po" in the names of the generated systemd unit files.
* rootless_linux: improve error message
* Fix podman build handling of --http-proxy flag
* correct the absolute path of `rm` executable
* Makefile: allow customizable GO_BUILD
* Cirrus: Change DEST_BRANCH to v2.0
-------------------------------------------------------------------
Mon Jun 22 14:55:23 UTC 2020 - Ralf Haferkamp <rhafer@suse.com>
- Update to podman v2.0.0
* The `podman generate systemd` command now supports the `--new`
flag when used with pods, allowing portable services for pods
to be created.
* The `podman play kube` command now supports running Kubernetes
Deployment YAML.
* The `podman exec` command now supports the `--detach` flag to
run commands in the container in the background.
* The `-p` flag to `podman run` and `podman create` now supports
forwarding ports to IPv6 addresses.
* The `podman run`, `podman create` and `podman pod create`
command now support a `--replace` flag to remove and replace any
existing container (or, for `pod create`, pod) with the same name
* The `--restart-policy` flag to `podman run` and `podman create`
now supports the `unless-stopped` restart policy.
* The `--log-driver` flag to `podman run` and `podman create`
now supports the `none` driver, which does not log the
container's output.
* The `--mount` flag to `podman run` and `podman create` now
accepts `readonly` option as an alias to `ro`.
* The `podman generate systemd` command now supports the `--container-prefix`,
`--pod-prefix`, and `--separator` arguments to control the
name of generated unit files.
* The `podman network ls` command now supports the `--filter`
flag to filter results.
* The `podman auto-update` command now supports specifying an
authfile to use when pulling new images on a per-container
basis using the `io.containers.autoupdate.authfile` label.
* Fixed a bug where the `podman exec` command would log to journald
when run in containers loggined to journald
([#6555](https://github.com/containers/libpod/issues/6555)).
* Fixed a bug where the `podman auto-update` command would not
preserve the OS and architecture of the original image when
pulling a replacement
([#6613](https://github.com/containers/libpod/issues/6613)).
* Fixed a bug where the `podman cp` command could create an extra
`merged` directory when copying into an existing directory
([#6596](https://github.com/containers/libpod/issues/6596)).
* Fixed a bug where the `podman pod stats` command would crash
on pods run with `--network=host`
([#5652](https://github.com/containers/libpod/issues/5652)).
* Fixed a bug where containers logs written to journald did not
include the name of the container.
* Fixed a bug where the `podman network inspect` and
`podman network rm` commands did not properly handle non-default
CNI configuration paths ([#6212](https://github.com/containers/libpod/issues/6212)).
* Fixed a bug where Podman did not properly remove containers
when using the Kata containers OCI runtime.
* Fixed a bug where `podman inspect` would sometimes incorrectly
report the network mode of containers started with `--net=none`.
* Podman is now better able to deal with cases where `conmon`
is killed before the container it is monitoring.
- Requires go 1.13 now
-------------------------------------------------------------------
Mon May 25 11:32:32 UTC 2020 - Paolo Stivanin <info@paolostivanin.com>

46
podman.spec
View File

@ -22,7 +22,7 @@
%define with_libostree 1
%endif
Name: podman
Version: 1.9.3
Version: 2.0.4
Release: 0
Summary: Daemon-less container engine for managing containers, pods and images
License: Apache-2.0
@ -30,7 +30,6 @@ Group: System/Management
Url: https://github.com/containers/libpod
Source0: %{name}-%{version}.tar.xz
Source1: podman.conf
Source2: libpod.conf
Source3: %{name}-rpmlintrc
Source4: README.SUSE.SLES
BuildRequires: bash-completion
@ -49,7 +48,7 @@ BuildRequires: libcontainers-common
BuildRequires: libgpgme-devel
BuildRequires: libseccomp-devel
BuildRequires: pkgconfig(libsystemd)
BuildRequires: golang(API) >= 1.12
BuildRequires: golang(API) = 1.13
# Build fails with PIE enabled on ppc64le due to boo#1098017
%ifarch ppc64le
#!BuildIgnore: gcc-PIE
@ -60,15 +59,13 @@ Requires: cni
Requires: cni-plugins
Requires: conmon
Requires: iptables
Requires: libcontainers-common
Requires: libcontainers-image
Requires: libcontainers-storage
Requires: libcontainers-common >= 20200727
Requires: runc >= 1.0.0~rc4
Requires: slirp4netns >= 0.4.0
Requires: catatonit
Requires: fuse-overlayfs
Recommends: %{name}-cni-config = %{version}
Recommends: katacontainers
Suggests: katacontainers
%{go_nostrip}
%if 0%{?with_libostree}
BuildRequires: libostree-devel
@ -125,11 +122,7 @@ install -D -m 0755 bin/podman %{buildroot}/%{_bindir}/podman
install -D -m 0755 bin/podman-remote %{buildroot}/%{_bindir}/podman-remote
install -d %{buildroot}/%{_mandir}/man1
install -m 0644 docs/build/man/podman*.1 %{buildroot}/%{_mandir}/man1
install -d %{buildroot}/%{_mandir}/man5
install -m 0644 docs/build/man/libpod*.5 %{buildroot}/%{_mandir}/man5
install -D -m 0644 cni/87-podman-bridge.conflist %{buildroot}/%{_sysconfdir}/cni/net.d/87-podman-bridge.conflist
install -D -m 0644 %{SOURCE2} %{buildroot}/%{_sysconfdir}/containers/libpod.conf
install -D -m 0644 %{SOURCE2} %{buildroot}/%{_datadir}/containers/libpod.conf
install -D -m 0644 completions/bash/podman %{buildroot}/%{_datadir}/bash-completion/completions/podman
install -D -m 0644 completions/zsh/_podman %{buildroot}%{_sysconfdir}/zsh_completion.d/_podman
@ -158,11 +151,7 @@ install -D -m 0644 %{SOURCE4} %{buildroot}%{_docdir}/%{name}/README.SUSE
%{_bindir}/podman-remote
# Manpages
%{_mandir}/man1/podman*.1*
%{_mandir}/man5/libpod*.5*
# Configs
%config(noreplace) %{_sysconfdir}/containers/libpod.conf
%dir %{_datadir}/containers
%{_datadir}/containers/libpod.conf
%dir %{_libexecdir}/modules-load.d
%{_libexecdir}/modules-load.d/podman.conf
# Completion
@ -173,6 +162,7 @@ install -D -m 0644 %{SOURCE4} %{buildroot}%{_docdir}/%{name}/README.SUSE
%{_unitdir}/io.podman.service
%{_unitdir}/io.podman.socket
%ghost /run/podman
%ghost %{_localstatedir}/adm/update-messages/%{name}-%{version}-%{release}-libpodconf
%license LICENSE
%files cni-config
@ -181,6 +171,9 @@ install -D -m 0644 %{SOURCE4} %{buildroot}%{_docdir}/%{name}/README.SUSE
%pre
%service_add_pre io.podman.service io.podman.socket
# move away any old rpmsave config file to avoid having it re-activated again in
# %posttrans
test -f /etc/containers/libpod.conf.rpmsave && mv -v /etc/containers/libpod.conf.rpmsave /etc/containers/libpod.conf.rpmsave.old ||:
%post
%service_add_post io.podman.service io.podman.socket
@ -192,6 +185,29 @@ install -D -m 0644 %{SOURCE4} %{buildroot}%{_docdir}/%{name}/README.SUSE
%postun
%service_del_postun io.podman.service io.podman.socket
%posttrans
# if libpod.conf.rpmsave was created move it back into place and set an update
# message informing about the libpod.conf -> containers.conf change
if test -f /etc/containers/libpod.conf.rpmsave ; then
mv -v /etc/containers/libpod.conf.rpmsave /etc/containers/libpod.conf ||:
cat >> %{_localstatedir}/adm/update-messages/%{name}-%{version}-%{release}-libpodconf << EOF
WARNING: Podman configuration file changes
With version 2.0 Podman changed to a slightly different configuration file format.
Also the name of default configuration file has been changed. The new format is
documented in the containers.conf(5) man-page and changes should usually be
straight-forward.
The new default configuration is located in /usr/share/containers/containers.conf.
In order to override setting from that file you can create
/etc/containers/containers.conf with your changed settings.
For backwards compatibility Podman 2.0 is still able to read libpod.conf. The support
for this will go away in future releases. Please migrate your configuration to the new
format as soon as possible.
EOF
fi
%triggerun cni-config -- %{name}-cni-config < 1.6.0
# The name of the network bridge changed from cni0 to podman-cni0 with
# podman 1.6. We need to rename the existing bridge to the new name to