diff --git a/_service b/_service
index 72bf99b..c89cc4c 100644
--- a/_service
+++ b/_service
@@ -4,8 +4,8 @@
https://github.com/containers/podman.git
git
podman
-2.0.6
-v2.0.6
+2.1.1
+v2.1.1
diff --git a/podman-2.0.6.tar.xz b/podman-2.0.6.tar.xz
deleted file mode 100644
index 27eb9dd..0000000
--- a/podman-2.0.6.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:9c8ff7bc9729b54052ad3112c09d136571fa5b8a3f2e5d32156ebf78512501ba
-size 5254560
diff --git a/podman-2.1.1.tar.xz b/podman-2.1.1.tar.xz
new file mode 100644
index 0000000..2908c9d
--- /dev/null
+++ b/podman-2.1.1.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:87d93ff0df3a819ef2a87df5635637f31cbf672264a60ca47373a6c19a54f68a
+size 5468888
diff --git a/podman.changes b/podman.changes
index c77679c..6fc6de6 100644
--- a/podman.changes
+++ b/podman.changes
@@ -1,3 +1,195 @@
+-------------------------------------------------------------------
+Wed Sep 30 14:07:34 UTC 2020 - rhafer@suse.com
+- Added patch varlink.patch to disable needless varlink code
+ generation. This would cause compile failures in OBS.
+ (https://github.com/containers/podman/pull/7854)
+- Cleanup %build section a bit and no longer build in GOPATH.
+ This shouldn't be needed anymore.
+- Path BUILDFLAGS via enviroment variable to allow it being
+ appended to the corresponding Makefile variable instead of
+ completely overriding it.
+- Install new auto-update system units
+- Update to v2.1.1:
+ * Changes
+ - The `podman info` command now includes the cgroup manager
+ Podman is using.
+ * API
+ - The REST API now includes a Server header in all responses.
+ - Fixed a bug where the Libpod and Compat Attach endpoints
+ could terminate early, before sending all output from the
+ container.
+ - Fixed a bug where the Compat Create endpoint for containers
+ did not properly handle the Interactive parameter.
+ - Fixed a bug where the Compat Kill endpoint for containers
+ could continue to run after a fatal error.
+ - Fixed a bug where the Limit parameter of the Compat List
+ endpoint for Containers did not properly handle a limit of 0
+ (returning nothing, instead of all containers) [#7722].
+ - The Libpod Stats endpoint for containers is being deprecated
+ and will be replaced by a similar endpoint with additional
+ features in a future release.
+- Changes in v2.1.0
+ * Features
+ - A new command, `podman image mount`, has been added. This
+ allows for an image to be mounted, read-only, to inspect its
+ contents without creating a container from it [#1433].
+ - The `podman save` and `podman load` commands can now create
+ and load archives containing multiple images [#2669].
+ - Rootless Podman now supports all `podman network` commands,
+ and rootless containers can now be joined to networks.
+ - The performance of `podman build` on `ADD` and `COPY`
+ instructions has been greatly improved, especially when a
+ `.dockerignore` is present.
+ - The `podman run` and `podman create` commands now support a
+ new mode for the `--cgroups` option, `--cgroups=split`.
+ Podman will create two cgroups under the cgroup it was
+ launched in, one for the container and one for Conmon. This
+ mode is useful for running Podman in a systemd unit, as it
+ ensures that all processes are retained in systemd's cgroup
+ hierarchy [#6400].
+ - The `podman run` and `podman create` commands can now specify
+ options to slirp4netns by using the `--network` option as
+ follows: `--net slirp4netns:opt1,opt2`. This allows for,
+ among other things, switching the port forwarder used by
+ slirp4netns away from rootlessport.
+ - The `podman ps` command now features a new option,
+ `--storage`, to show containers from Buildah, CRI-O and other
+ applications.
+ - The `podman run` and `podman create` commands now feature a
+ `--sdnotify` option to control the behavior of systemd's
+ sdnotify with containers, enabling improved support for
+ Podman in `Type=notify` units.
+ - The `podman run` command now features a `--preserve-fds`
+ opton to pass file descriptors from the host into the
+ container [#6458].
+ - The `podman run` and `podman create` commands can now create
+ overlay volume mounts, by adding the `:O` option to a bind
+ mount (e.g. `-v /test:/test:O`). Overlay volume mounts will
+ mount a directory into a container from the host and allow
+ changes to it, but not write those changes back to the
+ directory on the host.
+ - The `podman play kube` command now supports the Socket
+ HostPath type [#7112].
+ - The `podman play kube` command now supports read-only mounts.
+ - The `podman play kube` command now supports setting labels on
+ pods from Kubernetes metadata labels.
+ - The `podman play kube` command now supports setting container
+ restart policy [#7656].
+ - The `podman play kube` command now properly handles
+ `HostAlias` entries.
+ - The `podman generate kube` command now adds entries to
+ `/etc/hosts` from `--host-add` generated YAML as `HostAlias`
+ entries.
+ - The `podman play kube` and `podman generate kube` commands
+ now properly support `shareProcessNamespace` to share the PID
+ namespace in pods.
+ - The `podman volume ls` command now supports the `dangling`
+ filter to identify volumes that are dangling (not attached to
+ any container).
+ - The `podman run` and `podman create` commands now feature a
+ `--umask` option to set the umask of the created container.
+ - The `podman create` and `podman run` commands now feature a
+ `--tz` option to set the timezone within the container [#5128].
+ - Environment variables for Podman can now be added in the
+ `containers.conf` configuration file.
+ - The `--mount` option of `podman run` and `podman create` now
+ supports a new mount type, `type=devpts`, to add a `devpts`
+ mount to the container. This is useful for containers that
+ want to mount `/dev/` from the host into the container, but
+ still create a terminal.
+ - The `--security-opt` flag to `podman run` and `podman create`
+ now supports a new option, `proc-opts`, to specify options
+ for the container's `/proc` filesystem.
+ - Podman with the `crun` OCI runtime now supports a new option
+ to `podman run` and `podman create`, `--cgroup-conf`, which
+ allows for advanced configuration of cgroups on cgroups v2
+ systems.
+ - The `podman create` and `podman run` commands now support a
+ `--override-variant` option, to override the architecture
+ variant of the image that will be pulled and ran.
+ - A new global option has been added to Podman,
+ `--runtime-flags`, which allows for setting flags to use when
+ the OCI runtime is called.
+ - The `podman manifest add` command now supports the
+ `--cert-dir`, `--auth-file`, `--creds`, and `--tls-verify`
+ options.
+ * Security
+ - This release resolves CVE-2020-14370, in which environment
+ variables could be leaked between containers created using
+ the Varlink API.
+ * Changes
+ - Podman will now retry pulling an image 3 times if a pull
+ fails due to network errors.
+ - The `podman exec` command would previously print error
+ messages (e.g. `exec session exited with non-zero exit code
+ -1`) when the command run exited with a non-0 exit code. It
+ no longer does this. The `podman exec` command will still
+ exit with the same exit code as the command run in the
+ container did.
+ - Error messages when creating a container or pod with a name
+ that is already in use have been improved.
+ - For read-only containers running systemd init, Podman creates
+ a tmpfs filesystem at `/run`. This was previously limited to
+ 65k in size and mounted `noexec`, but is now unlimited size
+ and mounted `exec`.
+ - The `podman system reset` command no longer removes
+ configuration files for rootless Podman.
+ * API
+ - The Libpod API version has been bumped to v2.0.0 due to a
+ breaking change in the Image List API.
+ - Docker-compatible Volume Endpoints (Create, Inspect, List,
+ Remove, Prune) are now available!
+ - Added an endpoint for generating systemd unit files for
+ containers.
+ - The `last` parameter to the Libpod container list endpoint
+ now has an alias, `limit` [#6413].
+ - The Libpod image list API new returns timestamps in Unix
+ format, as integer, as opposed to as strings
+ - The Compat Inspect endpoint for containers now includes port
+ information in NetworkSettings.
+ - The Compat List endpoint for images now features limited
+ support for the (deprecated) `filter` query parameter [#6797].
+ - Fixed a bug where the Compat Create endpoint for containers
+ was not correctly handling bind mounts.
+ - Fixed a bug where the Compat Create endpoint for containers
+ would not return a 404 when the requested image was not
+ present.
+ - Fixed a bug where the Compat Create endpoint for containers
+ did not properly handle Entrypoint and Command from images.
+ - Fixed a bug where name history information was not properly
+ added in the Libpod Image List endpoint.
+ - Fixed a bug where the Libpod image search endpoint improperly
+ populated the Description field of responses.
+ - Added a `noTrunc` option to the Libpod image search endpoint.
+ - Fixed a bug where the Pod List API would return null, instead
+ of an empty array, when no pods were present [#7392].
+ - Fixed a bug where endpoints that hijacked would do perform
+ the hijack too early, before being ready to send and receive
+ data [#7195].
+ - Fixed a bug where Pod endpoints that can operate on multiple
+ containers at once (e.g. Kill, Pause, Unpause, Stop) would
+ not forward errors from individual containers that failed.
+ - The Compat List endpoint for networks now supports filtering
+ results [#7462].
+ - Fixed a bug where the Top endpoint for pods would return both
+ a 500 and 404 when run on a non-existant pod.
+ - Fixed a bug where Pull endpoints did not stream progress back
+ to the client.
+ - The Version endpoints (Libpod and Compat) now provide version
+ in a format compatible with Docker.
+ - All non-hijacking responses to API requests should not
+ include headers with the version of the server.
+ - Fixed a bug where Libpod and Compat Events endpoints did not
+ send response headers until the first event occurred [#7263].
+ - Fixed a bug where the Build endpoints (Compat and Libpod) did
+ not stream progress to the client.
+ - Fixed a bug where the Stats endpoints (Compat and Libpod) did
+ not properly handle clients disconnecting.
+ - Fixed a bug where the Ignore parameter to the Libpod Stop
+ endpoint was not performing properly.
+ - Fixed a bug where the Compat Logs endpoint for containers did
+ not stream its output in the correct format [#7196].
+
-------------------------------------------------------------------
Tue Sep 8 13:41:21 UTC 2020 - Ralf Haferkamp
diff --git a/podman.spec b/podman.spec
index f3bd621..4338181 100644
--- a/podman.spec
+++ b/podman.spec
@@ -16,13 +16,13 @@
#
-%define project github.com/containers/libpod
+%define project github.com/containers/podman
# Build with libostree-devel in Tumbleweed, Leap 15 and SLES 15
%if 0%{?suse_version} >= 1500
%define with_libostree 1
%endif
Name: podman
-Version: 2.0.6
+Version: 2.1.1
Release: 0
Summary: Daemon-less container engine for managing containers, pods and images
License: Apache-2.0
@@ -32,6 +32,7 @@ Source0: %{name}-%{version}.tar.xz
Source1: podman.conf
Source3: %{name}-rpmlintrc
Source4: README.SUSE.SLES
+Patch0: varlink.patch
BuildRequires: bash-completion
BuildRequires: cni
BuildRequires: device-mapper-devel
@@ -82,6 +83,7 @@ skopeo, as they all share the same datastore backend.
%prep
%setup -q
+%patch0
%package cni-config
Summary: Basic CNI configuration for podman
@@ -97,16 +99,8 @@ setups. In more complicated setups, users are recommended to write their own
CNI configurations.
%build
-# We can't use symlinks here because go-list gets confused by symlinks, so we
-# have to copy the source to $HOME/go and then use that as the GOPATH.
-export GOPATH=$HOME/go
-mkdir -pv $HOME/go/src/%{project}
-rm -rf $HOME/go/src/%{project}/*
-cp -avr * $HOME/go/src/%{project}
-cd $HOME/go/src/%{project}
-
# Build podman
-make BUILDFLAGS=-buildmode=pie
+BUILDFLAGS="-buildmode=pie" make
# Build manpages
make %{?_smp_mflags} docs
@@ -150,8 +144,12 @@ install -D -m 0644 %{SOURCE4} %{buildroot}%{_docdir}/%{name}/README.SUSE
%{_datadir}/zsh/site-functions/_podman
%{_unitdir}/podman.service
%{_unitdir}/podman.socket
+%{_unitdir}/podman-auto-update.service
+%{_unitdir}/podman-auto-update.timer
%{_userunitdir}/podman.service
%{_userunitdir}/podman.socket
+%{_userunitdir}/podman-auto-update.service
+%{_userunitdir}/podman-auto-update.timer
%ghost /run/podman
%ghost %{_localstatedir}/adm/update-messages/%{name}-%{version}-%{release}-libpodconf
%license LICENSE
diff --git a/varlink.patch b/varlink.patch
new file mode 100644
index 0000000..ec89801
--- /dev/null
+++ b/varlink.patch
@@ -0,0 +1,11 @@
+--- ./Makefile 2020/09/30 15:55:41 1.1
++++ ./Makefile 2020/09/30 17:59:12
+@@ -615,7 +615,7 @@
+
+ # $BUILD_TAGS variable is used in hack/golangci-lint.sh
+ .PHONY: varlink_generate
+-ifneq (or $(findstring varlink,$(BUILDTAGS)),$(findstring varlink,$(BUILD_TAGS)))
++ifneq (,$(or $(findstring varlink,$(BUILDTAGS)),$(findstring varlink,$(BUILD_TAGS))))
+ varlink_generate: .gopathok pkg/varlink/iopodman.go ## Generate varlink
+ else
+ varlink_generate: