diff --git a/0001-cloned_binary-switch-from-error-to-warning-for-SYS_m.patch b/0001-cloned_binary-switch-from-error-to-warning-for-SYS_m.patch deleted file mode 100644 index ffda869..0000000 --- a/0001-cloned_binary-switch-from-error-to-warning-for-SYS_m.patch +++ /dev/null @@ -1,38 +0,0 @@ -From dd7444d3bba4ae2e461b41026f5f37416d7ee158 Mon Sep 17 00:00:00 2001 -From: Aleksa Sarai -Date: Mon, 26 Apr 2021 17:41:29 +1000 -Subject: [PATCH] cloned_binary: switch from #error to #warning for - SYS_memfd_create hardcode - -We shouldn't refuse to build on architectures just because we don't know -what the syscall number of memfd_create(2) is. In addition, use the -correct defined(...) macros for ppc64 (these are the ones glibc uses). - -Fixes: 3aead32ea246 ("nsenter: hard-code memfd_create(2) syscall numbers") -Signed-off-by: Aleksa Sarai ---- - libcontainer/nsenter/cloned_binary.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/libcontainer/nsenter/cloned_binary.c b/libcontainer/nsenter/cloned_binary.c -index 2667cd65c293..b78000fec317 100644 ---- a/libcontainer/nsenter/cloned_binary.c -+++ b/libcontainer/nsenter/cloned_binary.c -@@ -75,12 +75,12 @@ - # define SYS_memfd_create 385 - # elif defined(__aarch64__) // arm64 - # define SYS_memfd_create 279 --# elif defined(__ppc__) || defined(__ppc64__) // ppc + ppc64 -+# elif defined(__ppc__) || defined(__PPC64__) || defined(__powerpc64__) // ppc + ppc64 - # define SYS_memfd_create 360 - # elif defined(__s390__) || defined(__s390x__) // s390(x) - # define SYS_memfd_create 350 - # else --# error "unknown architecture -- cannot hard-code SYS_memfd_create" -+# warning "unknown architecture -- cannot hard-code SYS_memfd_create" - # endif - # endif - #endif --- -2.31.1 - diff --git a/runc-1.0.0-rc93.tar.xz b/runc-1.0.0-rc93.tar.xz deleted file mode 100644 index aabc5dd..0000000 --- a/runc-1.0.0-rc93.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:70ee0fcf45b17f0da93dd4c4d174046a3584080dcc07c5468914d33d57c8202d -size 1261676 diff --git a/runc-1.0.0-rc93.tar.xz.asc b/runc-1.0.0-rc93.tar.xz.asc deleted file mode 100644 index 29add6b..0000000 --- a/runc-1.0.0-rc93.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCAAdFiEEXzbGxhtUYBJKdfWmnhiqJn3bjbQFAmAaAVwACgkQnhiqJn3b -jbRLSw/8DQEIlXTrCGYtB6qu/Aog3gU2JrwYWLDIRHJNl5e5QEemdgsm7JjcKU02 -cOTKjH4StQdXA164pHUaq4CYvZxzDZoACyD9G8x9dW3CP4thT9ySDE8ElV2wo5R7 -7JYoG4I7A/rmejVvA1H48U0YZdolUMJDvqEUoyY+NnIFAU3WFx/cJw5GOZ7KeGLg -LzZxVRUQQHJdth5E9uE+DyF/7IMiMwEFXC+FG+uEOkK8uVbSu6yJyN9N8ef5aZE2 -BWmr6U9K9rq6cfQi6zGd2k5m0vRMB8qwqSDLiiVLMJYpE13Y9pxxzBasq+R4+8QS -FACtmpmBmhVFM1RdYtoB0uoMS3ZE2xlMEWtauLXYxRwEybXeu75ZEnNAewAozY2m -8xllZQrpSFvlqjgEslBhztWJcu7Ds7veT4SRhby/RflF087teMPvxDErh0QAPXpF -mUZX8UahjPTMu1hv0nwrdfNe5EBkLoyOYtWIy29qgW3e+DmiAfAuOE2XI9ttn4ZB -+i7CQocy8hlyCeDHHVPgoyWTSAV7/jYizTDq1aj0FcvGC+WHI8ZrzYgfWKQZ+/ov -b356RwhK1lZ9sZf107phf4gmPA/uvIGvERO0PdPvWQaJbIZ4TUTxx/IO8tO5PAHz -7DJ/UGvyIMwiERuM1ul/4bgRsMXEoCYbirqQmqe0qBSiy2c+q1g= -=+kc+ ------END PGP SIGNATURE----- diff --git a/runc-1.0.0-rc94.tar.xz b/runc-1.0.0-rc94.tar.xz new file mode 100644 index 0000000..81149e1 --- /dev/null +++ b/runc-1.0.0-rc94.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:87daf369dcac7f1895e72bc0ee22ba9e29d4678d6d0dd795f336e35c222a801a +size 1364032 diff --git a/runc-1.0.0-rc94.tar.xz.asc b/runc-1.0.0-rc94.tar.xz.asc new file mode 100644 index 0000000..5043e26 --- /dev/null +++ b/runc-1.0.0-rc94.tar.xz.asc @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- + +iQJDBAABCAAtFiEEXzbGxhtUYBJKdfWmnhiqJn3bjbQFAmCZRxgPHGFzYXJhaUBz +dXNlLmRlAAoJEJ4YqiZ92420WWUP/08JwOzo18rLbVsFHKcsrEQdNjzzFSE+8QNA +plajgGEyjb7iaqhHL/j2Cv0U+rM5IcDKwLGL1Oj0n9FD9f3mst9LZubDGYK7xBnc +rJ8J3vkVZ5vxi4qzGs0csTefkt9OOqsK3emrV9Tpqxqi2mwoGLHMWOlqziZEhZ1b +n5aktmd/Qrdc6E1Seb1Er0O57xWDenK0w7aTHWbr7ug20Lv6T4BBiSPWsk/m8Sgm +hkKJq4bN8ZSzRjC3AuP7TSeuneMjCwdSsKdqPXqQB9iO+cwpEdA2IjzUlQkJxCub +4NtwmIZ9Ik7x2oLxFwV5l3NFRo7YM2SYePHVfYLFJuSq/SMQ6SVESwDC8lnTpZPd +6/ZQFuSYGxHee7lf2HHGFmLTB1kJ27jKxqEvSMzOz+CBAvkeiNLStNAAyq4AWuzo +ia9cJY8fEEn4nY2+pbZAS8vxrAcUzs6vNMUIv9ECyQ/XzsrhRwtC3QXkm8J1eih9 +O6hlBpajHen/JjGaDhrWWPdRwC83kIVRIqeB1x/g1hGR21HAOlFltxGgmkyy/Cz6 +MxgHoJ/GMnhdW88SR/ToTQKCTedj4nCmMSsIFcNR/YRtaeMVvzWUyYDu4wnZXJua +U11+iwsL3e3KgObzvSSNJ4eq6N6r5BxRnbKpC3xDQ5jautzQgUrEKjA6PBdF/Bsx +e/zmslTf +=Uunz +-----END PGP SIGNATURE----- diff --git a/runc.changes b/runc.changes index 8143a05..1c37eae 100644 --- a/runc.changes +++ b/runc.changes @@ -1,3 +1,19 @@ +------------------------------------------------------------------- +Wed May 12 08:03:58 UTC 2021 - Aleksa Sarai + +- Update to runc v1.0.0~rc94. Upstream changelog is available from + https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc94 + Breaking Changes: + * cgroupv1: kernel memory limits are now always ignored, as kmemcg has + been effectively deprecated by the kernel. Users should make use of regular + memory cgroup controls. + Regression Fixes: + * seccomp: fix 32-bit compilation errors + * runc init: fix a hang caused by deadlock in seccomp/ebpf loading code + * runc start: fix "chdir to cwd: permission denied" for some setups +- Remove upstreamed patches: + - 0001-cloned_binary-switch-from-error-to-warning-for-SYS_m.patch + ------------------------------------------------------------------- Mon Apr 26 07:54:54 UTC 2021 - Aleksa Sarai @@ -14,7 +30,7 @@ Wed Feb 3 04:09:17 UTC 2021 - Aleksa Sarai * Cgroupv2 support is no longer considered experimental. * Mountinfo parsing code has been reworked significantly. * Special ENOSYS handling for seccomp profiles to avoid making new - syscalls unusable for glibc. + syscalls unusable for glibc. * Various rootless containers improvements. * The "selinux" and "apparmor" buildtags have been removed, and now all runc builds will have SELinux and AppArmor support enabled. diff --git a/runc.spec b/runc.spec index a10db92..45ba9e1 100644 --- a/runc.spec +++ b/runc.spec @@ -22,11 +22,11 @@ # Package-wide golang version %define go_version 1.13 -%define _version 1.0.0-rc93 %define project github.com/opencontainers/runc Name: runc -Version: 1.0.0~rc93 +Version: 1.0.0~rc94 +%define _version 1.0.0-rc94 Release: 0 Summary: Tool for spawning and running OCI containers License: Apache-2.0 @@ -36,10 +36,6 @@ Source0: https://github.com/opencontainers/runc/releases/download/v%{_ver Source1: https://github.com/opencontainers/runc/releases/download/v%{_version}/runc.tar.xz.asc#/runc-%{_version}.tar.xz.asc Source2: runc.keyring Source3: runc-rpmlintrc -# SUSE-FIX: SLE-12 has too old a glibc for memfd_create(2) and __ppc64__ -# doesn't appear to match ppc64le for some reason. This is a backport -# of . -Patch1: 0001-cloned_binary-switch-from-error-to-warning-for-SYS_m.patch BuildRequires: fdupes BuildRequires: go-go-md2man # Due to a limitation in openSUSE's Go packaging we cannot have a BuildRequires @@ -73,8 +69,6 @@ and has grown to become a separate project entirely. %prep %setup -q -n %{name}-%{_version} -# fix build on SLE-12 ppc64le -%patch1 -p1 %build # build runc