David Runge pushed to branch main at Arch Linux / Packaging / Packages / containers-common
Commits: 02786763 by David Runge at 2025-12-22T15:46:39+01:00 Fix issue with systemd >= 259 and rootless containers With systemd >= 259 the use of rootless containers facilitating "iptables" as `firewall_driver` (as implicit default) is no longer supported. We explicitly switch to the upcoming, new implicit default "nftables". Fixes: https://gitlab.archlinux.org/archlinux/packaging/packages/containers-common/-/issues/7 Signed-off-by: David Runge <[email protected]> - - - - - a618f7fd by David Runge at 2025-12-22T15:51:22+01:00 upgpkg: 1:0.66.1-2 Rebuild to fix issues with rootless containers and systemd >= 259. - - - - - 4 changed files: - .SRCINFO - PKGBUILD - REUSE.toml - + containers-common-0.66.1-containers.conf-firewall-defaults.patch Changes: ===================================== .SRCINFO ===================================== @@ -1,7 +1,7 @@ pkgbase = containers-common pkgdesc = Configuration files and manpages for containers pkgver = 0.66.1 - pkgrel = 1 + pkgrel = 2 epoch = 1 url = https://github.com/containers/container-libs arch = any @@ -23,6 +23,7 @@ pkgbase = containers-common source = mounts.conf source = tmpfiles.conf source = containers-common-0.48.0-init_path.patch + source = containers-common-0.66.1-containers.conf-firewall-defaults.patch sha512sums = 97079f2021ed47ac69d782c017dd301c001b99463a4a93213b29376d9d19e6d654047cd650c77f541c55cc5e417faaa9e164b974f2991c6ecfe8739b3ade9413 sha512sums = e53e3f6d441de7865733e085017ce1c3e0af5cb0ad0cf605f5d15e9813d38e1af22691d59498960ed7bd18e32ef003db4c151a4f4bd5bd0dbac69f4011851ff1 sha512sums = 2d1bc2e991d11b2060f7d2d4869aa30bb281794c3a5fa8aa6c5e333fc9c0190eb716d1855f6554ab0ee810b93e1638fcfde48e58f1e3e01ac5474c329ac041c7 @@ -30,6 +31,7 @@ pkgbase = containers-common sha512sums = 11fa515bbb0686d2b49c4fd2ab35348cb19f9c6780d6eb951a33b07ed7b7c72a676627f36e8c74e1a2d15e306d4537178f0e127fd3490f6131d078e56b46d5e1 sha512sums = 2b187c119db95cda439f36509545fd0f45530c69d9139823387f9aa68ea2e9c4b3dee8ee21a517daa73a88ac63cc694e0e170061bfc1503425c21868b2ccf7dd sha512sums = 4a6526d01f192f0eb4dcbd28c019a2b0db6dc2128af644e8e89992e5dcfa45a02c739b06ee01e22606b5cb847213c002f8ab5f87a576846ac73f73eed9b2b469 + sha512sums = 07bd289e1889a9426d30e9c4b538904b48eaf1b3fc481b44cca94a4f9cd8fc873621943cfaee7272a328946f7490942342fa8212f6cad49e74ecc4cd328d782c b2sums = 0723908d2aef422a8c574e520af2819fd73d4997a1defb9df54d462ae93d7dbe0a7c350f1712d6030b4b668085d700cfe4e3a2c9e0e025387f30843369e0849d b2sums = ac67654b0a5d0e0acdfb94701409aecfaaee27ce36bd5329491ab03e28abcca93f76ec22627e9213f9c776b628695845eb0bce20abd682273a8dfa556c55de09 b2sums = 7a173e99e940c64e27e541575880a13132d0784cf4187e5d5ca871a75a1c71d8cbbe04e8f462a58e9f5e9fafaa610af69db42f28bc2cb6329f21bebd972b7c20 @@ -37,5 +39,6 @@ pkgbase = containers-common b2sums = 2f4b0af3271103362a898e7fcc3ec05f06755902ad664ac3107bb8debb8b2ac0d50de311d5fc651279a817a56e3ff05864a7e77c0d8fc628ff7411bfb98c9b69 b2sums = 1cd6884f06269c3e6cbdfa542bdf8e178574062ec11252defc48187b60a98d0193353cc8a12ba186d338ce7da6b879a1e9dc249d2f40c28fe997c433c91e8e0e b2sums = 89e95f468785f6ca1309b0de37921702bd4eb6fb191afc0d93454bec7b7096a1b84e19408b5a0abcdfd89ce2ebd228879cbc42a0d409425fb41caab6a8f049f5 + b2sums = 92edad9b2514dc3920ddfcbd73007f0e37de1704c6e3d55c4b39b3f7c9eab4eca4c3e0b8bebad33bc480abbeb8451a7da9b65556fb08546b3997a2af8f230cde pkgname = containers-common ===================================== PKGBUILD ===================================== @@ -3,7 +3,7 @@ pkgname=containers-common _upstream=container-libs pkgver=0.66.1 -pkgrel=1 +pkgrel=2 epoch=1 _podman_pkgver=5.7.0 _shortnames_pkgver=2025.03.19 @@ -34,6 +34,7 @@ source=( mounts.conf tmpfiles.conf $pkgname-0.48.0-init_path.patch + $pkgname-0.66.1-containers.conf-firewall-defaults.patch ) sha512sums=('97079f2021ed47ac69d782c017dd301c001b99463a4a93213b29376d9d19e6d654047cd650c77f541c55cc5e417faaa9e164b974f2991c6ecfe8739b3ade9413' 'e53e3f6d441de7865733e085017ce1c3e0af5cb0ad0cf605f5d15e9813d38e1af22691d59498960ed7bd18e32ef003db4c151a4f4bd5bd0dbac69f4011851ff1' @@ -41,18 +42,23 @@ sha512sums=('97079f2021ed47ac69d782c017dd301c001b99463a4a93213b29376d9d19e6d6540 'edadadda8920ac4880f2c44f396e5d4c844bf15c964d7ef5d14c68637ac43e0df91f4efd2be747bca74bd0da959ea21cc3200ab14b2b57aba5975cff8f2fbefa' '11fa515bbb0686d2b49c4fd2ab35348cb19f9c6780d6eb951a33b07ed7b7c72a676627f36e8c74e1a2d15e306d4537178f0e127fd3490f6131d078e56b46d5e1' '2b187c119db95cda439f36509545fd0f45530c69d9139823387f9aa68ea2e9c4b3dee8ee21a517daa73a88ac63cc694e0e170061bfc1503425c21868b2ccf7dd' - '4a6526d01f192f0eb4dcbd28c019a2b0db6dc2128af644e8e89992e5dcfa45a02c739b06ee01e22606b5cb847213c002f8ab5f87a576846ac73f73eed9b2b469') + '4a6526d01f192f0eb4dcbd28c019a2b0db6dc2128af644e8e89992e5dcfa45a02c739b06ee01e22606b5cb847213c002f8ab5f87a576846ac73f73eed9b2b469' + '07bd289e1889a9426d30e9c4b538904b48eaf1b3fc481b44cca94a4f9cd8fc873621943cfaee7272a328946f7490942342fa8212f6cad49e74ecc4cd328d782c') b2sums=('0723908d2aef422a8c574e520af2819fd73d4997a1defb9df54d462ae93d7dbe0a7c350f1712d6030b4b668085d700cfe4e3a2c9e0e025387f30843369e0849d' 'ac67654b0a5d0e0acdfb94701409aecfaaee27ce36bd5329491ab03e28abcca93f76ec22627e9213f9c776b628695845eb0bce20abd682273a8dfa556c55de09' '7a173e99e940c64e27e541575880a13132d0784cf4187e5d5ca871a75a1c71d8cbbe04e8f462a58e9f5e9fafaa610af69db42f28bc2cb6329f21bebd972b7c20' 'a72160f65aa13316c33b984173e151f0519720ec9617395980f0d7c5f25dc14b400aafbcb2fa8769eace9c1e51d4f1ddbe783e68fc0e40280743f90fbce30aa9' '2f4b0af3271103362a898e7fcc3ec05f06755902ad664ac3107bb8debb8b2ac0d50de311d5fc651279a817a56e3ff05864a7e77c0d8fc628ff7411bfb98c9b69' '1cd6884f06269c3e6cbdfa542bdf8e178574062ec11252defc48187b60a98d0193353cc8a12ba186d338ce7da6b879a1e9dc249d2f40c28fe997c433c91e8e0e' - '89e95f468785f6ca1309b0de37921702bd4eb6fb191afc0d93454bec7b7096a1b84e19408b5a0abcdfd89ce2ebd228879cbc42a0d409425fb41caab6a8f049f5') + '89e95f468785f6ca1309b0de37921702bd4eb6fb191afc0d93454bec7b7096a1b84e19408b5a0abcdfd89ce2ebd228879cbc42a0d409425fb41caab6a8f049f5' + '92edad9b2514dc3920ddfcbd73007f0e37de1704c6e3d55c4b39b3f7c9eab4eca4c3e0b8bebad33bc480abbeb8451a7da9b65556fb08546b3997a2af8f230cde') prepare() { sed -r 's/(GOMD2MAN = ).*/\1 go-md2man/' -i $_src_dir/storage/docs/Makefile patch -Np1 -d $_src_dir/common -i ../../$pkgname-0.48.0-init_path.patch + # systemd >= 259 no longer supports iptables, so we switch from the implicit default on iptables to nftables: + # https://gitlab.archlinux.org/archlinux/packaging/packages/containers-common/-/issues/7 + patch -Np1 -d $_src_dir -i ../$pkgname-0.66.1-containers.conf-firewall-defaults.patch mkdir -vp build/{man1,man5} } ===================================== REUSE.toml ===================================== @@ -25,6 +25,7 @@ SPDX-License-Identifier = "0BSD" [[annotations]] path = [ "containers-common-0.48.0-init_path.patch", + "containers-common-0.66.1-containers.conf-firewall-defaults.patch", ] SPDX-FileCopyrightText = "containers-common contributors" SPDX-License-Identifier = "Apache-2.0" ===================================== containers-common-0.66.1-containers.conf-firewall-defaults.patch ===================================== @@ -0,0 +1,13 @@ +diff --git i/common/pkg/config/containers.conf w/common/pkg/config/containers.conf +index 1c9fe54c37..fd6baec2eb 100644 +--- i/common/pkg/config/containers.conf ++++ w/common/pkg/config/containers.conf +@@ -387,7 +387,7 @@ default_sysctls = [ + # drivers are "iptables", "nftables", "none" (no firewall rules will be created) and "firewalld" (firewalld is + # experimental at the moment and not recommend outside of testing). + # +-#firewall_driver = "" ++firewall_driver = "nftables" + + + # The name of the default network as seen in `podman network ls`. This option only effects the network assignment when View it on GitLab: https://gitlab.archlinux.org/archlinux/packaging/packages/containers-common/-/compare/2f9f6be2b38a83ed624d5efda65a5060d15672e5...a618f7fd2d0c07a8683a39a2194a86c2fdb08097 -- View it on GitLab: https://gitlab.archlinux.org/archlinux/packaging/packages/containers-common/-/compare/2f9f6be2b38a83ed624d5efda65a5060d15672e5...a618f7fd2d0c07a8683a39a2194a86c2fdb08097 You're receiving this email because of your account on gitlab.archlinux.org.
