Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package crun for openSUSE:Factory checked in at 2021-08-06 22:44:59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/crun (Old) and /work/SRC/openSUSE:Factory/.crun.new.1899 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "crun" Fri Aug 6 22:44:59 2021 rev:2 rq:910492 version:0.21 Changes: -------- --- /work/SRC/openSUSE:Factory/crun/crun.changes 2021-03-24 16:16:47.756180999 +0100 +++ /work/SRC/openSUSE:Factory/.crun.new.1899/crun.changes 2021-08-06 22:45:38.241979429 +0200 @@ -1,0 +2,49 @@ +Fri Aug 6 09:55:53 UTC 2021 - Frederic Crozat <[email protected]> + +- Add libkrun-dlopen.patch: use soname when dlopening libkrun. + +------------------------------------------------------------------- +Wed Jul 28 11:56:01 UTC 2021 - Paolo Stivanin <[email protected]> + +- Update to 0.21 + - honor memory swappiness set to 0 + - status: add fields for owner and created timestamp + - cgroup: lookup pids controller as well when the memory controller + is not available + - when compiled with krun, automatically use it if the current + executable file is called "krun". + - container: ignore error when resetting the SELinux label for the + keyring. + - container: call prestart hooks before rootfs is RO. + - cgroup: added support cleaning custom controllers on cgroupv1. + - spec: add support for --bundle. + - exec: add --no-new-privs. + - exec: add --process-label and --apparmor to change SELinux and + AppArmor labels. + - cgroup: kill procs in cgroup on EBUSY. + - cgroup: ignore devices errors when running in a user namespace. + - seccomp: drop SECCOMP_FILTER_FLAG_LOG by default. + - seccomp: report correct action in error message. + - apply SELinux label to keyring. + - add custom annotation run.oci.delegate-cgroup. + - close_range fallbacks to close on EPERM. + - report error if the cgroup path was set and the cgroup could not be + joined. + - on exec, honor additional_gids from the process spec, not the + container definition. + - spec: add cgroup ns if on cgroup v2. + - systemd: support array of strings for cgroup annotation. + - join all the cgroup v1 controllers. + - raise a warning when newuidmap/newgidmap fail. + - handle eBPF access(dev_name, F_OK) call correctly. + - fix some memory leaks on errors when libcrun is used by a long + running process. + - fix the SELinux label for masked directories. + - support default seccomp errno value. + - fail if no default seccomp action specified. + - support OCI seccomp notify listener. + - improve OOM error messages. + - ignore unknown capabilities and raise a warning. + - always remount bind mounts to drop not requested mount flags. + +------------------------------------------------------------------- Old: ---- crun-0.18.tar.gz New: ---- crun-0.21.tar.gz libkrun-dlopen.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ crun.spec ++++++ --- /var/tmp/diff_new_pack.MnYrFV/_old 2021-08-06 22:45:38.637978727 +0200 +++ /var/tmp/diff_new_pack.MnYrFV/_new 2021-08-06 22:45:38.637978727 +0200 @@ -15,31 +15,34 @@ # Please submit bugfixes or comments via https://bugs.opensuse.org/ # + Summary: OCI runtime written in C +License: GPL-2.0-or-later Name: crun -Version: 0.18 +Version: 0.21 Release: 0 Source0: https://github.com/containers/crun/releases/download/%{version}/%{name}-%{version}.tar.gz Source1: crun-rpmlintrc -License: GPL-2.0-or-later +# PATCH-FIX-OPENSUSE libkrun-dlopen.patch [email protected] -- use soname when dlopening libkrun +Patch0: libkrun-dlopen.patch URL: https://github.com/containers/crun ExclusiveArch: x86_64 aarch64 # We always run autogen.sh BuildRequires: autoconf BuildRequires: automake BuildRequires: gcc -BuildRequires: python BuildRequires: git-core +BuildRequires: glibc-devel-static +BuildRequires: go-md2man BuildRequires: libcap-devel -BuildRequires: systemd-devel -BuildRequires: libyajl-devel +BuildRequires: libkrun-devel >= 0.1.4 BuildRequires: libseccomp-devel BuildRequires: libselinux-devel -BuildRequires: python3-libmount BuildRequires: libtool -BuildRequires: go-md2man -BuildRequires: glibc-devel-static -BuildRequires: libkrun-devel >= 0.1.4 +BuildRequires: libyajl-devel +BuildRequires: python +BuildRequires: python3-libmount +BuildRequires: systemd-devel %ifnarch %ix86 BuildRequires: criu-devel >= 3.15 %endif @@ -49,7 +52,7 @@ crun is a runtime for running OCI containers. It is built with libkrun support %prep -%autosetup +%autosetup -p1 %build ./autogen.sh @@ -59,6 +62,8 @@ %install %make_install rm -rf %{buildroot}/%{_libdir}/lib* +# allow easy krun usage with podman +ln -s %{_bindir}/crun %{buildroot}%{_bindir}/krun %files %defattr(-,root,root) @@ -66,6 +71,7 @@ %doc README.md %doc SECURITY.md %{_bindir}/%{name} +%{_bindir}/krun %{_mandir}/man1/* %changelog ++++++ crun-0.18.tar.gz -> crun-0.21.tar.gz ++++++ ++++ 58067 lines of diff (skipped) ++++++ libkrun-dlopen.patch ++++++ Index: crun-0.18/src/libcrun/container.c =================================================================== --- crun-0.18.orig/src/libcrun/container.c 2021-02-18 16:25:28.000000000 +0100 +++ crun-0.18/src/libcrun/container.c 2021-08-06 11:54:48.798850933 +0200 @@ -712,9 +712,9 @@ #endif #if HAVE_DLOPEN && HAVE_LIBKRUN - handle = dlopen ("libkrun.so", RTLD_NOW); + handle = dlopen ("libkrun.so.0", RTLD_NOW); if (handle == NULL) - return crun_make_error (err, 0, "could not load `libkrun.so`: %s", dlerror ()); + return crun_make_error (err, 0, "could not load `libkrun.so.0`: %s", dlerror ()); args->exec_func = libkrun_do_exec; args->exec_func_arg = handle;
