From 94f7342a8ce0bca8ed24061f2caa2f3e7e82eca17338cc3f9f2b0ce2e12d7179 Mon Sep 17 00:00:00 2001 From: Dominique Leuenberger Date: Thu, 6 Aug 2020 15:29:42 +0000 Subject: [PATCH] Accepting request 824166 from devel:kubic OBS-URL: https://build.opensuse.org/request/show/824166 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/podman?expand=0&rev=64 --- _service | 6 +- libpod.conf | 147 --------------------------- podman-1.9.3.tar.xz | 3 - podman-2.0.4.tar.xz | 3 + podman.changes | 238 ++++++++++++++++++++++++++++++++++++++++++++ podman.spec | 46 ++++++--- 6 files changed, 275 insertions(+), 168 deletions(-) delete mode 100644 libpod.conf delete mode 100644 podman-1.9.3.tar.xz create mode 100644 podman-2.0.4.tar.xz diff --git a/_service b/_service index 5a32738..d113b7d 100644 --- a/_service +++ b/_service @@ -1,11 +1,11 @@ -https://github.com/containers/libpod.git +https://github.com/containers/podman.git git podman -1.9.3 -v1.9.3 +2.0.4 +v2.0.4 diff --git a/libpod.conf b/libpod.conf deleted file mode 100644 index 4f8d52d..0000000 --- a/libpod.conf +++ /dev/null @@ -1,147 +0,0 @@ -# libpod.conf is the default configuration file for all tools using libpod to -# manage containers - -# Default transport method for pulling and pushing for images -image_default_transport = "docker://" - -# Paths to look for the conmon container manager binary. -# If the paths are empty or no valid path was found, then the `$PATH` -# environment variable will be used as the fallback. -conmon_path = [ -] - -# Environment variables to pass into conmon -conmon_env_vars = [ - "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" -] - -# CGroup Manager - valid values are "systemd" and "cgroupfs" -cgroup_manager = "systemd" - -# Container init binary -init_path = "/usr/bin/catatonit" - -# Directory for persistent libpod files (database, etc) -# By default, this will be configured relative to where containers/storage -# stores containers -# Uncomment to change location from this default -#static_dir = "/var/lib/containers/storage/libpod" - -# Directory for temporary files. Must be tmpfs (wiped after reboot) -tmp_dir = "/var/run/libpod" - -# Maximum size of log files (in bytes) -# -1 is unlimited -max_log_size = -1 - -# Whether to use chroot instead of pivot_root in the runtime -no_pivot_root = false - -# Directory containing CNI plugin configuration files -cni_config_dir = "/etc/cni/net.d/" - -# Directories where the CNI plugin binaries may be located -cni_plugin_dir = [ - "/usr/lib/cni", - "/opt/cni/bin" -] - -# Default CNI network for libpod. -# If multiple CNI network configs are present, libpod will use the network with -# the name given here for containers unless explicitly overridden. -# The default here is set to the name we set in the -# 87-podman-bridge.conflist included in the repository. -# Not setting this, or setting it to the empty string, will use normal CNI -# precedence rules for selecting between multiple networks. -cni_default_network = "podman" - -# Default libpod namespace -# If libpod is joined to a namespace, it will see only containers and pods -# that were created in the same namespace, and will create new containers and -# pods in that namespace. -# The default namespace is "", which corresponds to no namespace. When no -# namespace is set, all containers and pods are visible. -#namespace = "" - -# Default infra (pause) image name for pod infra containers -infra_image = "registry.opensuse.org/kubic/pause:3.2" - -# Default command to run the infra container -infra_command = "/usr/bin/pause" - -# Determines whether libpod will reserve ports on the host when they are -# forwarded to containers. When enabled, when ports are forwarded to containers, -# they are held open by conmon as long as the container is running, ensuring that -# they cannot be reused by other programs on the host. However, this can cause -# significant memory usage if a container has many ports forwarded to it. -# Disabling this can save memory. -#enable_port_reservation = true - -# Default libpod support for container labeling -# label=true - -# The locking mechanism to use -lock_type = "shm" - -# Number of locks available for containers and pods. -# If this is changed, a lock renumber must be performed (e.g. with the -# 'podman system renumber' command). -num_locks = 2048 - -# Directory for libpod named volumes. -# By default, this will be configured relative to where containers/storage -# stores containers. -# Uncomment to change location from this default. -#volume_path = "/var/lib/containers/storage/volumes" - -# Selects which logging mechanism to use for Podman events. Valid values -# are `journald` or `file`. -# events_logger = "journald" - -# Specify the keys sequence used to detach a container. -# Format is a single character [a-Z] or a comma separated sequence of -# `ctrl-`, where `` is one of: -# `a-z`, `@`, `^`, `[`, `\`, `]`, `^` or `_` -# -# detach_keys = "ctrl-p,ctrl-q" - -# Default OCI runtime -runtime = "runc" - -# List of the OCI runtimes that support --format=json. When json is supported -# libpod will use it for reporting nicer errors. -runtime_supports_json = ["runc"] - -# List of all the OCI runtimes that support --cgroup-manager=disable to disable -# creation of CGroups for containers. -runtime_supports_nocgroups = [] - -# Paths to look for a valid OCI runtime (runc, runv, etc) -# If the paths are empty or no valid path was found, then the `$PATH` -# environment variable will be used as the fallback. -[runtimes] -runc = [ -] - - -# Kata Containers is an OCI runtime, where containers are run inside lightweight -# VMs. Kata provides additional isolation towards the host, minimizing the host attack -# surface and mitigating the consequences of containers breakout. - -# Kata Containers with the default configured VMM -kata-runtime = [ -] - -# Kata Containers with the QEMU VMM -kata-qemu = [ -] - -# Kata Containers with the Firecracker VMM -kata-fc = [ -] - -# The [runtimes] table MUST be the last thing in this file. -# (Unless another table is added) -# TOML does not provide a way to end a table other than a further table being -# defined, so every key hereafter will be part of [runtimes] and not the main -# config. diff --git a/podman-1.9.3.tar.xz b/podman-1.9.3.tar.xz deleted file mode 100644 index 7a18f67..0000000 --- a/podman-1.9.3.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:d252cfafee47db2fcaccbc4c0e168bf1d026a5398fb2133afecbc335bb38d947 -size 5081016 diff --git a/podman-2.0.4.tar.xz b/podman-2.0.4.tar.xz new file mode 100644 index 0000000..0cb5c80 --- /dev/null +++ b/podman-2.0.4.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:5a2b39fa13b9d95c8b22819cf615c560292c2cf8b8c914f51600993550a4fead +size 5380128 diff --git a/podman.changes b/podman.changes index c03c57c..8d608fd 100644 --- a/podman.changes +++ b/podman.changes @@ -1,3 +1,241 @@ +------------------------------------------------------------------- +Mon Aug 3 06:47:04 UTC 2020 - Sascha Grunert + +- Update to v2.0.4 + * Fixed a bug where the output of podman image search did not + populate the Description field as it was mistakenly assigned to + the ID field. + * Fixed a bug where podman build - and podman build on an HTTP + target would fail. + * Fixed a bug where rootless Podman would improperly chown the + copied-up contents of anonymous volumes (#7130). + * Fixed a bug where Podman would sometimes HTML-escape special + characters in its CLI output. + * Fixed a bug where the podman start --attach --interactive + command would print the container ID of the container attached + to when exiting (#7068). + * Fixed a bug where podman run --ipc=host --pid=host would only + set --pid=host and not --ipc=host (#7100). + * Fixed a bug where the --publish argument to podman run, podman + create and podman pod create would not allow binding the same + container port to more than one host port (#7062). + * Fixed a bug where incorrect arguments to podman images --format + could cause Podman to segfault. + * Fixed a bug where podman rmi --force on an image ID with more + than one name and at least one container using the image would + not completely remove containers using the image (#7153). + * Fixed a bug where memory usage in bytes and memory use + percentage were swapped in the output of podman stats + --format=json. + * Fixed a bug where the libpod and compat events endpoints would + fail if no filters were specified (#7078). + * Fixed a bug where the CgroupVersion field in responses from the + compat Info endpoint was prefixed by "v" (instead of just being + "1" or "2", as is documented). + +------------------------------------------------------------------- +Fri Jul 31 13:07:59 UTC 2020 - Ralf Haferkamp + +- Remove obsolete libpod.conf from Package sources + +------------------------------------------------------------------- +Tue Jul 28 13:16:55 UTC 2020 - Ralf Haferkamp + +- libpod got renamed to podman on GitHub. Point _service file to + the new name. +- Remove obsolete old Requires on libcontainers-image and -storage + all of that is inside libcontainers-common +- Require a new enough libcontainers-common version to have the + default containers.conf installed. +- Remove deprecated libpod.conf and create an update notice pointing + to containers.conf for user that made changes to libpod.conf + +------------------------------------------------------------------- +Tue Jul 28 09:13:49 UTC 2020 - Fabian Vogt + +- Suggest katacontainers instead of recommending it. It's not + enabled by default, so it's just bloat + +------------------------------------------------------------------- +Fri Jul 24 12:19:32 UTC 2020 - Ralf Haferkamp + +- Update to v2.0.3 + * Fix handling of entrypoint + * log API: add context to allow for cancelling + * fix API: Create container with an invalid configuration + * Remove all instances of named return "err" from Libpod + * Fix: Correct connection counters for hijacked connections + * Fix: Hijacking v2 endpoints to follow rfc 7230 semantics + * Remove hijacked connections from active connections list + * version/info: format: allow more json variants + * Correctly print STDOUT on non-terminal remote exec + * Fix container and pod create commands for remote create + * Mask out /sys/dev to prevent information leak from the host + * Ensure sig-proxy default is propagated in start + * Add SystemdMode to inspect for containers + * When determining systemd mode, use full command + * Fix lint + * Populate remaining unused fields in `pod inspect` + * Include infra container information in `pod inspect` + * play-kube: add suport for "IfNotPresent" pull type + * docs: user namespace can't be shared in pods + * Fix "Error: unrecognized protocol \"TCP\" in port mapping" + * Error on rootless mac and ip addresses + * Fix & add notes regarding problematic language in codebase + * abi: set default umask and rlimits + * Used reference package with errors for parsing tag + * fix: system df error when an image has no name + * Fix Generate API title/description + * Add noop function disable-content-trust + * fix play kube doesn't override dockerfile ENTRYPOINT + * Support default profile for apparmor + * Bump github.com/containers/common to v0.14.6 + * events endpoint: backwards compat to old type + * events endpoint: fix panic and race condition + * Switch references from libpod.conf to containers.conf + * podman.service: set type to simple + * podman.service: set doc to podman-system-service + * podman.service: use default registries.conf + * podman.service: use default killmode + * podman.service: remove stop timeout + * systemd: symlink user->system + * vendor golang.org/x/text@v0.3.3 + * Fix a bug where --pids-limit was parsed incorrectly + * search: allow wildcards + * [CI:DOCS]Do not copy policy.json into gating image + * Fix systemd pid 1 test + * Cirrus: Rotate keys post repo. rename +- The libpod.conf(5) man page got removed and all references are + now pointing towards containers.conf(5), which will be part + of the libcontainers-common package. + +------------------------------------------------------------------- +Wed Jul 8 07:12:58 UTC 2020 - Ralf Haferkamp + +- Update to podman v2.0.2 + * fix race condition in `libpod.GetEvents(...)` + * Fix bug where `podman mount` didn't error as rootless + * remove podman system connection + * Fix imports to ensure v2 is used with libpod + * Update release notes for v2.0.2 + * specgen: fix order for setting rlimits + * Ensure umask is set appropriately for 'system service' + * generate systemd: improve pod-flags filter + * Fix a bug with APIv2 compat network remove to log an ErrNetworkNotFound instead of nil + * Fixes --remote flag issues + * Pids-limit should only be set if the user set it + * Set console mode for windows + * Allow empty host port in --publish flag + * Add a note on the APIs supported by `system service` + * fix: Don't override entrypoint if it's `nil` + * Set TMPDIR to /var/tmp by default if not set + * test: add tests for --user and volumes + * container: move volume chown after spec generation + * libpod: volume copyup honors namespace mappings + * Fix `system service` panic from early hangup in events + * stop podman service in e2e tests + * Print errors from individual containers in pods + * auto-update: clarify systemd-unit requirements + * podman ps truncate the command + * move go module to v2 + * Vendor containers/common v0.14.4 + * Bump to imagebuilder v1.1.6 on v2 branch + * Account for non-default port number in image name +- Changes since v2.0.1 + * Update release notes with further v2.0.1 changes + * Fix inspect to display multiple label: changes + * Set syslog for exit commands on log-level=debug + * Friendly amendment for pr 6751 + * podman run/create: support all transports + * systemd generate: allow manual restart of container units in pods + * Revert sending --remote flag to containers + * Print port mappings in `ps` for ctrs sharing network + * vendor github.com/containers/common@v0.14.3 + * Update release notes for v2.0.1 + * utils: drop default mapping when running uid!=0 + * Set stop signal to 15 when not explicitly set + * podman untag: error if tag doesn't exist + * Reformat inspect network settings + * APIv2: Return `StatusCreated` from volume creation + * APIv2:fix: Remove `/json` from compat network EPs + * Fix ssh-agent support + * libpod: specify mappings to the storage + * APIv2:doc: Fix swagger doc to refer to volumes + * Add podman network to bash command completions + * Fix typo in manpage for `podman auto update`. + * Add JSON output field for ps + * V2 podman system connection + * image load: no args required + * Re-add PODMAN_USERNS environment variable + * Fix conflicts between privileged and other flags + * Bump required go version to 1.13 + * Add explicit command to alpine container in test case. + * Use POLL_DURATION for timer + * Stop following logs using timers + * "pod" was being truncated to "po" in the names of the generated systemd unit files. + * rootless_linux: improve error message + * Fix podman build handling of --http-proxy flag + * correct the absolute path of `rm` executable + * Makefile: allow customizable GO_BUILD + * Cirrus: Change DEST_BRANCH to v2.0 + +------------------------------------------------------------------- +Mon Jun 22 14:55:23 UTC 2020 - Ralf Haferkamp + +- Update to podman v2.0.0 + * The `podman generate systemd` command now supports the `--new` + flag when used with pods, allowing portable services for pods + to be created. + * The `podman play kube` command now supports running Kubernetes + Deployment YAML. + * The `podman exec` command now supports the `--detach` flag to + run commands in the container in the background. + * The `-p` flag to `podman run` and `podman create` now supports + forwarding ports to IPv6 addresses. + * The `podman run`, `podman create` and `podman pod create` + command now support a `--replace` flag to remove and replace any + existing container (or, for `pod create`, pod) with the same name + * The `--restart-policy` flag to `podman run` and `podman create` + now supports the `unless-stopped` restart policy. + * The `--log-driver` flag to `podman run` and `podman create` + now supports the `none` driver, which does not log the + container's output. + * The `--mount` flag to `podman run` and `podman create` now + accepts `readonly` option as an alias to `ro`. + * The `podman generate systemd` command now supports the `--container-prefix`, + `--pod-prefix`, and `--separator` arguments to control the + name of generated unit files. + * The `podman network ls` command now supports the `--filter` + flag to filter results. + * The `podman auto-update` command now supports specifying an + authfile to use when pulling new images on a per-container + basis using the `io.containers.autoupdate.authfile` label. + * Fixed a bug where the `podman exec` command would log to journald + when run in containers loggined to journald + ([#6555](https://github.com/containers/libpod/issues/6555)). + * Fixed a bug where the `podman auto-update` command would not + preserve the OS and architecture of the original image when + pulling a replacement + ([#6613](https://github.com/containers/libpod/issues/6613)). + * Fixed a bug where the `podman cp` command could create an extra + `merged` directory when copying into an existing directory + ([#6596](https://github.com/containers/libpod/issues/6596)). + * Fixed a bug where the `podman pod stats` command would crash + on pods run with `--network=host` + ([#5652](https://github.com/containers/libpod/issues/5652)). + * Fixed a bug where containers logs written to journald did not + include the name of the container. + * Fixed a bug where the `podman network inspect` and + `podman network rm` commands did not properly handle non-default + CNI configuration paths ([#6212](https://github.com/containers/libpod/issues/6212)). + * Fixed a bug where Podman did not properly remove containers + when using the Kata containers OCI runtime. + * Fixed a bug where `podman inspect` would sometimes incorrectly + report the network mode of containers started with `--net=none`. + * Podman is now better able to deal with cases where `conmon` + is killed before the container it is monitoring. +- Requires go 1.13 now + ------------------------------------------------------------------- Mon May 25 11:32:32 UTC 2020 - Paolo Stivanin diff --git a/podman.spec b/podman.spec index f5c445e..2807974 100644 --- a/podman.spec +++ b/podman.spec @@ -22,7 +22,7 @@ %define with_libostree 1 %endif Name: podman -Version: 1.9.3 +Version: 2.0.4 Release: 0 Summary: Daemon-less container engine for managing containers, pods and images License: Apache-2.0 @@ -30,7 +30,6 @@ Group: System/Management Url: https://github.com/containers/libpod Source0: %{name}-%{version}.tar.xz Source1: podman.conf -Source2: libpod.conf Source3: %{name}-rpmlintrc Source4: README.SUSE.SLES BuildRequires: bash-completion @@ -49,7 +48,7 @@ BuildRequires: libcontainers-common BuildRequires: libgpgme-devel BuildRequires: libseccomp-devel BuildRequires: pkgconfig(libsystemd) -BuildRequires: golang(API) >= 1.12 +BuildRequires: golang(API) = 1.13 # Build fails with PIE enabled on ppc64le due to boo#1098017 %ifarch ppc64le #!BuildIgnore: gcc-PIE @@ -60,15 +59,13 @@ Requires: cni Requires: cni-plugins Requires: conmon Requires: iptables -Requires: libcontainers-common -Requires: libcontainers-image -Requires: libcontainers-storage +Requires: libcontainers-common >= 20200727 Requires: runc >= 1.0.0~rc4 Requires: slirp4netns >= 0.4.0 Requires: catatonit Requires: fuse-overlayfs Recommends: %{name}-cni-config = %{version} -Recommends: katacontainers +Suggests: katacontainers %{go_nostrip} %if 0%{?with_libostree} BuildRequires: libostree-devel @@ -125,11 +122,7 @@ install -D -m 0755 bin/podman %{buildroot}/%{_bindir}/podman install -D -m 0755 bin/podman-remote %{buildroot}/%{_bindir}/podman-remote install -d %{buildroot}/%{_mandir}/man1 install -m 0644 docs/build/man/podman*.1 %{buildroot}/%{_mandir}/man1 -install -d %{buildroot}/%{_mandir}/man5 -install -m 0644 docs/build/man/libpod*.5 %{buildroot}/%{_mandir}/man5 install -D -m 0644 cni/87-podman-bridge.conflist %{buildroot}/%{_sysconfdir}/cni/net.d/87-podman-bridge.conflist -install -D -m 0644 %{SOURCE2} %{buildroot}/%{_sysconfdir}/containers/libpod.conf -install -D -m 0644 %{SOURCE2} %{buildroot}/%{_datadir}/containers/libpod.conf install -D -m 0644 completions/bash/podman %{buildroot}/%{_datadir}/bash-completion/completions/podman install -D -m 0644 completions/zsh/_podman %{buildroot}%{_sysconfdir}/zsh_completion.d/_podman @@ -158,11 +151,7 @@ install -D -m 0644 %{SOURCE4} %{buildroot}%{_docdir}/%{name}/README.SUSE %{_bindir}/podman-remote # Manpages %{_mandir}/man1/podman*.1* -%{_mandir}/man5/libpod*.5* # Configs -%config(noreplace) %{_sysconfdir}/containers/libpod.conf -%dir %{_datadir}/containers -%{_datadir}/containers/libpod.conf %dir %{_libexecdir}/modules-load.d %{_libexecdir}/modules-load.d/podman.conf # Completion @@ -173,6 +162,7 @@ install -D -m 0644 %{SOURCE4} %{buildroot}%{_docdir}/%{name}/README.SUSE %{_unitdir}/io.podman.service %{_unitdir}/io.podman.socket %ghost /run/podman +%ghost %{_localstatedir}/adm/update-messages/%{name}-%{version}-%{release}-libpodconf %license LICENSE %files cni-config @@ -181,6 +171,9 @@ install -D -m 0644 %{SOURCE4} %{buildroot}%{_docdir}/%{name}/README.SUSE %pre %service_add_pre io.podman.service io.podman.socket +# move away any old rpmsave config file to avoid having it re-activated again in +# %posttrans +test -f /etc/containers/libpod.conf.rpmsave && mv -v /etc/containers/libpod.conf.rpmsave /etc/containers/libpod.conf.rpmsave.old ||: %post %service_add_post io.podman.service io.podman.socket @@ -192,6 +185,29 @@ install -D -m 0644 %{SOURCE4} %{buildroot}%{_docdir}/%{name}/README.SUSE %postun %service_del_postun io.podman.service io.podman.socket +%posttrans +# if libpod.conf.rpmsave was created move it back into place and set an update +# message informing about the libpod.conf -> containers.conf change +if test -f /etc/containers/libpod.conf.rpmsave ; then + mv -v /etc/containers/libpod.conf.rpmsave /etc/containers/libpod.conf ||: + cat >> %{_localstatedir}/adm/update-messages/%{name}-%{version}-%{release}-libpodconf << EOF +WARNING: Podman configuration file changes + +With version 2.0 Podman changed to a slightly different configuration file format. +Also the name of default configuration file has been changed. The new format is +documented in the containers.conf(5) man-page and changes should usually be +straight-forward. + +The new default configuration is located in /usr/share/containers/containers.conf. +In order to override setting from that file you can create +/etc/containers/containers.conf with your changed settings. + +For backwards compatibility Podman 2.0 is still able to read libpod.conf. The support +for this will go away in future releases. Please migrate your configuration to the new +format as soon as possible. +EOF +fi + %triggerun cni-config -- %{name}-cni-config < 1.6.0 # The name of the network bridge changed from cni0 to podman-cni0 with # podman 1.6. We need to rename the existing bridge to the new name to