Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package libcontainers-common for
openSUSE:Factory checked in at 2022-08-09 15:25:54
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libcontainers-common (Old)
and /work/SRC/openSUSE:Factory/.libcontainers-common.new.1521 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libcontainers-common"
Tue Aug 9 15:25:54 2022 rev:48 rq:993956 version:20210626
Changes:
--------
---
/work/SRC/openSUSE:Factory/libcontainers-common/libcontainers-common.changes
2022-06-17 21:18:36.906646550 +0200
+++
/work/SRC/openSUSE:Factory/.libcontainers-common.new.1521/libcontainers-common.changes
2022-08-09 15:25:56.489211873 +0200
@@ -1,0 +2,12 @@
+Tue Aug 9 08:49:18 UTC 2022 - Fabian Vogt <fv...@suse.com>
+
+- Fix obvious typo in containers.conf
+
+-------------------------------------------------------------------
+Wed Aug 3 13:19:58 UTC 2022 - Frederic Crozat <fcro...@suse.com>
+
+- Resync containers.conf / storage.conf with Fedora
+- Create /etc/containers/registries.conf.d and
+ add 000-shortnames.conf to it.
+
+-------------------------------------------------------------------
New:
----
shortnames.conf
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libcontainers-common.spec ++++++
--- /var/tmp/diff_new_pack.yIRFTo/_old 2022-08-09 15:25:58.357217211 +0200
+++ /var/tmp/diff_new_pack.yIRFTo/_new 2022-08-09 15:25:58.361217222 +0200
@@ -47,6 +47,7 @@
Source9: common-%{commonver}.tar.xz
Source10: containers.conf
Source11: %{name}.rpmlintrc
+Source12: shortnames.conf
BuildRequires: go-go-md2man
Provides: libcontainers-image = %{version}
Provides: libcontainers-storage = %{version}
@@ -111,12 +112,14 @@
install -d -m 0755 %{buildroot}/%{_sysconfdir}/containers/oci/hooks.d
install -d -m 0755 %{buildroot}/%{_datadir}/containers/oci/hooks.d
install -d -m 0755 %{buildroot}/%{_sysconfdir}/containers/registries.d
+install -d -m 0755 %{buildroot}/%{_sysconfdir}/containers/registries.conf.d
install -D -m 0644 %{SOURCE3}
%{buildroot}/%{_sysconfdir}/containers/policy.json
install -D -m 0644 %{SOURCE4}
%{buildroot}/%{_sysconfdir}/containers/storage.conf
install -D -m 0644 %{SOURCE5} %{buildroot}/%{_datadir}/containers/mounts.conf
install -D -m 0644 %{SOURCE5}
%{buildroot}/%{_sysconfdir}/containers/mounts.conf
install -D -m 0644 %{SOURCE6}
%{buildroot}/%{_sysconfdir}/containers/registries.conf
+install -D -m 0644 %{SOURCE12}
%{buildroot}/%{_sysconfdir}/containers/registries.conf.d/000-shortnames.conf
install -D -m 0644 %{SOURCE8}
%{buildroot}/%{_sysconfdir}/containers/registries.d/default.yaml
sed -e 's-@LIBEXECDIR@-%{_libexecdir}-g' -i %{SOURCE10}
install -D -m 0644 %{SOURCE10}
%{buildroot}/%{_datadir}/containers/containers.conf
@@ -151,6 +154,7 @@
%dir %{_sysconfdir}/containers/oci
%dir %{_sysconfdir}/containers/oci/hooks.d
%dir %{_sysconfdir}/containers/registries.d
+%dir %{_sysconfdir}/containers/registries.conf.d
%dir %{_datadir}/containers
%dir %{_datadir}/containers/oci
%dir %{_datadir}/containers/oci/hooks.d
@@ -162,6 +166,7 @@
%config(noreplace) %{_sysconfdir}/containers/registries.conf
%config(noreplace) %{_sysconfdir}/containers/seccomp.json
%config(noreplace) %{_sysconfdir}/containers/registries.d/default.yaml
+%config(noreplace)
%{_sysconfdir}/containers/registries.conf.d/000-shortnames.conf
%{_datadir}/containers/seccomp.json
%{_datadir}/containers/containers.conf
++++++ containers.conf ++++++
++++ 857 lines (skipped)
++++ between /work/SRC/openSUSE:Factory/libcontainers-common/containers.conf
++++ and
/work/SRC/openSUSE:Factory/.libcontainers-common.new.1521/containers.conf
++++++ shortnames.conf ++++++
[aliases]
# almalinux
"almalinux" = "docker.io/library/almalinux"
"almalinux-minimal" = "docker.io/library/almalinux-minimal"
# Arch Linux
"archlinux" = "docker.io/archlinux/archlinux"
# centos
"centos" = "quay.io/centos/centos"
# containers
"skopeo" = "quay.io/skopeo/stable"
"buildah" = "quay.io/buildah/stable"
"podman" = "quay.io/podman/stable"
"hello" = "quay.io/podman/hello"
"hello-world" = "quay.io/podman/hello"
# docker
"alpine" = "docker.io/library/alpine"
"docker" = "docker.io/library/docker"
"registry" = "docker.io/library/registry"
"swarm" = "docker.io/library/swarm"
# Fedora
"fedora-minimal" = "registry.fedoraproject.org/fedora-minimal"
"fedora" = "registry.fedoraproject.org/fedora"
# openSUSE
"opensuse/tumbleweed" = "registry.opensuse.org/opensuse/tumbleweed"
"opensuse/tumbleweed-dnf" = "registry.opensuse.org/opensuse/tumbleweed-dnf"
"opensuse/tumbleweed-microdnf" =
"registry.opensuse.org/opensuse/tumbleweed-microdnf"
"opensuse/leap" = "registry.opensuse.org/opensuse/leap"
"opensuse/busybox" = "registry.opensuse.org/opensuse/busybox"
"tumbleweed" = "registry.opensuse.org/opensuse/tumbleweed"
"tumbleweed-dnf" = "registry.opensuse.org/opensuse/tumbleweed-dnf"
"tumbleweed-microdnf" = "registry.opensuse.org/opensuse/tumbleweed-microdnf"
"leap" = "registry.opensuse.org/opensuse/leap"
"leap-dnf" = "registry.opensuse.org/opensuse/leap-dnf"
"leap-microdnf" = "registry.opensuse.org/opensuse/leap-microdnf"
"tw-busybox" = "registry.opensuse.org/opensuse/busybox"
# SUSE
"suse/sle15" = "registry.suse.com/suse/sle15"
"suse/sles12sp5" = "registry.suse.com/suse/sles12sp5"
"suse/sles12sp4" = "registry.suse.com/suse/sles12sp4"
"suse/sles12sp3" = "registry.suse.com/suse/sles12sp3"
"sle15" = "registry.suse.com/suse/sle15"
"sles12sp5" = "registry.suse.com/suse/sles12sp5"
"sles12sp4" = "registry.suse.com/suse/sles12sp4"
"sles12sp3" = "registry.suse.com/suse/sles12sp3"
# Red Hat Enterprise Linux
"rhel" = "registry.access.redhat.com/rhel"
"rhel6" = "registry.access.redhat.com/rhel6"
"rhel7" = "registry.access.redhat.com/rhel7"
"rhel7.9" = "registry.access.redhat.com/rhel7.9"
"rhel-atomic" = "registry.access.redhat.com/rhel-atomic"
"rhel-minimal" = "registry.access.redhat.com/rhel-minimum"
"rhel-init" = "registry.access.redhat.com/rhel-init"
"rhel7-atomic" = "registry.access.redhat.com/rhel7-atomic"
"rhel7-minimal" = "registry.access.redhat.com/rhel7-minimum"
"rhel7-init" = "registry.access.redhat.com/rhel7-init"
"rhel7/rhel" = "registry.access.redhat.com/rhel7/rhel"
"rhel7/rhel-atomic" = "registry.access.redhat.com/rhel7/rhel7/rhel-atomic"
"ubi7/ubi" = "registry.access.redhat.com/ubi7/ubi"
"ubi7/ubi-minimal" = "registry.access.redhat.com/ubi7-minimal"
"ubi7/ubi-init" = "registry.access.redhat.com/ubi7-init"
"ubi7" = "registry.access.redhat.com/ubi7"
"ubi7-init" = "registry.access.redhat.com/ubi7-init"
"ubi7-minimal" = "registry.access.redhat.com/ubi7-minimal"
"rhel8" = "registry.access.redhat.com/ubi8"
"rhel8-init" = "registry.access.redhat.com/ubi8-init"
"rhel8-minimal" = "registry.access.redhat.com/ubi8-minimal"
"rhel8-micro" = "registry.access.redhat.com/ubi8-micro"
"ubi8" = "registry.access.redhat.com/ubi8"
"ubi8-minimal" = "registry.access.redhat.com/ubi8-minimal"
"ubi8-init" = "registry.access.redhat.com/ubi8-init"
"ubi8-micro" = "registry.access.redhat.com/ubi8-micro"
"ubi8/ubi" = "registry.access.redhat.com/ubi8/ubi"
"ubi8/ubi-minimal" = "registry.access.redhat.com/ubi8-minimal"
"ubi8/ubi-init" = "registry.access.redhat.com/ubi8-init"
"ubi8/ubi-micro" = "registry.access.redhat.com/ubi8-micro"
"ubi8/podman" = "registry.access.redhat.com/ubi8/podman"
"ubi8/buildah" = "registry.access.redhat.com/ubi8/buildah"
"ubi8/skopeo" = "registry.access.redhat.com/ubi8/skopeo"
"rhel9" = "registry.access.redhat.com/ubi9"
"rhel9-init" = "registry.access.redhat.com/ubi9-init"
"rhel9-minimal" = "registry.access.redhat.com/ubi9-minimal"
"rhel9-micro" = "registry.access.redhat.com/ubi9-micro"
"ubi9" = "registry.access.redhat.com/ubi9"
"ubi9-minimal" = "registry.access.redhat.com/ubi9-minimal"
"ubi9-init" = "registry.access.redhat.com/ubi9-init"
"ubi9-micro" = "registry.access.redhat.com/ubi9-micro"
"ubi9/ubi" = "registry.access.redhat.com/ubi9/ubi"
"ubi9/ubi-minimal" = "registry.access.redhat.com/ubi9-minimal"
"ubi9/ubi-init" = "registry.access.redhat.com/ubi9-init"
"ubi9/ubi-micro" = "registry.access.redhat.com/ubi9-micro"
"ubi9/podman" = "registry.access.redhat.com/ubi9/podman"
"ubi9/buildah" = "registry.access.redhat.com/ubi9/buildah"
"ubi9/skopeo" = "registry.access.redhat.com/ubi9/skopeo"
# Rocky Linux
"rockylinux" = "docker.io/library/rockylinux"
# Debian
"debian" = "docker.io/library/debian"
# Kali Linux
"kali-bleeding-edge" = "docker.io/kalilinux/kali-bleeding-edge"
"kali-dev" = "docker.io/kalilinux/kali-dev"
"kali-experimental" = "docker.io/kalilinux/kali-experimental"
"kali-last-release" = "docker.io/kalilinux/kali-last-release"
"kali-rolling" = "docker.io/kalilinux/kali-rolling"
# Ubuntu
"ubuntu" = "docker.io/library/ubuntu"
# Oracle Linux
"oraclelinux" = "container-registry.oracle.com/os/oraclelinux"
# busybox
"busybox" = "docker.io/library/busybox"
# php
"php" = "docker.io/library/php"
# python
"python" = "docker.io/library/python"
# node
"node" = "docker.io/library/node"
++++++ storage.conf ++++++
--- /var/tmp/diff_new_pack.yIRFTo/_old 2022-08-09 15:25:58.541217736 +0200
+++ /var/tmp/diff_new_pack.yIRFTo/_new 2022-08-09 15:25:58.545217748 +0200
@@ -1,18 +1,37 @@
# This file is is the configuration file for all tools
-# that use the containers/storage library.
+# that use the containers/storage library. The storage.conf file
+# overrides all other storage.conf files. Container engines using the
+# container/storage library do not inherit fields from other storage.conf
+# files.
+#
+# Note: The storage.conf file overrides other storage.conf files based on
this precedence:
+# /usr/containers/storage.conf
+# /etc/containers/storage.conf
+# $HOME/.config/containers/storage.conf
+# $XDG_CONFIG_HOME/containers/storage.conf (If XDG_CONFIG_HOME is set)
# See man 5 containers-storage.conf for more information
# The "container storage" table contains all of the server options.
[storage]
-# Default Storage Driver
+# Default Storage Driver, Must be set for proper operation.
driver = "overlay"
# Temporary storage location
-runroot = "/var/run/containers/storage"
+runroot = "/run/containers/storage"
# Primary Read/Write location of container storage
+# When changing the graphroot location on an SELINUX system, you must
+# ensure the labeling matches the default locations labels with the
+# following commands:
+# semanage fcontext -a -e /var/lib/containers/storage /NEWSTORAGEPATH
+# restorecon -R -v /NEWSTORAGEPATH
graphroot = "/var/lib/containers/storage"
+
+# Storage path for rootless users
+#
+# rootless_storage_path = "$HOME/.local/share/containers/storage"
+
[storage.options]
# Storage options to be passed to underlying storage drivers
@@ -21,48 +40,121 @@
additionalimagestores = [
]
-# Size is used to set a maximum size of the container image. Only supported by
-# certain container storage drivers.
-size = ""
-
-# Path to an helper program to use for mounting the file system instead of
mounting it
-# directly.
-#mount_program = "/usr/bin/fuse-overlayfs"
-
-# OverrideKernelCheck tells the driver to ignore kernel checks based on kernel
version
-# override_kernel_check = "false"
-
-# mountopt specifies comma separated list of extra mount options
-# mountopt = "nodev"
+# Allows specification of how storage is populated when pulling images. This
+# option can speed the pulling process of images compressed with format
+# zstd:chunked. Containers/storage looks for files within images that are being
+# pulled from a container registry that were previously pulled to the host. It
+# can copy or create a hard link to the existing file when it finds them,
+# eliminating the need to pull them from the container registry. These options
+# can deduplicate pulling of content, disk storage of content and can allow the
+# kernel to use less memory when running containers.
+
+# containers/storage supports four keys
+# * enable_partial_images="true" | "false"
+# Tells containers/storage to look for files previously pulled in storage
+# rather then always pulling them from the container registry.
+# * use_hard_links = "false" | "true"
+# Tells containers/storage to use hard links rather then create new files
in
+# the image, if an identical file already existed in storage.
+# * ostree_repos = ""
+# Tells containers/storage where an ostree repository exists that might
have
+# previously pulled content which can be used when attempting to avoid
+# pulling content from the container registry
+pull_options = {enable_partial_images = "false", use_hard_links = "false",
ostree_repos=""}
# Remap-UIDs/GIDs is the mapping from UIDs/GIDs as they should appear inside of
-# a container, to UIDs/GIDs as they should appear outside of the container, and
-# the length of the range of UIDs/GIDs. Additional mapped sets can be listed
-# and will be heeded by libraries, but there are limits to the number of
+# a container, to the UIDs/GIDs as they should appear outside of the container,
+# and the length of the range of UIDs/GIDs. Additional mapped sets can be
+# listed and will be heeded by libraries, but there are limits to the number of
# mappings which the kernel will allow when you later attempt to run a
# container.
#
# remap-uids = 0:1668442479:65536
# remap-gids = 0:1668442479:65536
-# Remap-User/Group is a name which can be used to look up one or more UID/GID
+# Remap-User/Group is a user name which can be used to look up one or more
UID/GID
# ranges in the /etc/subuid or /etc/subgid file. Mappings are set up starting
-# with an in-container ID of 0 and the a host-level ID taken from the lowest
+# with an in-container ID of 0 and then a host-level ID taken from the lowest
# range that matches the specified name, and using the length of that range.
# Additional ranges are then assigned, using the ranges which specify the
-# lowest host-level IDs first, to the lowest not-yet-mapped container-level ID,
+# lowest host-level IDs first, to the lowest not-yet-mapped in-container ID,
# until all of the entries have been used for maps.
#
-# remap-user = "storage"
-# remap-group = "storage"
+# remap-user = "containers"
+# remap-group = "containers"
+
+# Root-auto-userns-user is a user name which can be used to look up one or
more UID/GID
+# ranges in the /etc/subuid and /etc/subgid file. These ranges will be
partitioned
+# to containers configured to create automatically a user namespace.
Containers
+# configured to automatically create a user namespace can still overlap with
containers
+# having an explicit mapping set.
+# This setting is ignored when running as rootless.
+# root-auto-userns-user = "storage"
+#
+# Auto-userns-min-size is the minimum size for a user namespace created
automatically.
+# auto-userns-min-size=1024
+#
+# Auto-userns-max-size is the minimum size for a user namespace created
automatically.
+# auto-userns-max-size=65536
+
+[storage.options.overlay]
+# ignore_chown_errors can be set to allow a non privileged user running with
+# a single UID within a user namespace to run containers. The user can pull
+# and use any image even those with multiple uids. Note multiple UIDs will be
+# squashed down to the default uid in the container. These images will have no
+# separation between the users in the container. Only supported for the overlay
+# and vfs drivers.
+#ignore_chown_errors = "false"
-# If specified, use OSTree to deduplicate files with the overlay backend
-# ostree_repo = ""
+# Inodes is used to set a maximum inodes of the container image.
+# inodes = ""
-# Set to skip a PRIVATE bind mount on the storage home directory. Only
supported by
-# certain container storage drivers
+# Path to an helper program to use for mounting the file system instead of
mounting it
+# directly.
+#mount_program = "/usr/bin/fuse-overlayfs"
+
+# mountopt specifies comma separated list of extra mount options
+mountopt = "nodev,metacopy=on"
+
+# Set to skip a PRIVATE bind mount on the storage home directory.
# skip_mount_home = "false"
+# Size is used to set a maximum size of the container image.
+# size = ""
+
+# ForceMask specifies the permissions mask that is used for new files and
+# directories.
+#
+# The values "shared" and "private" are accepted.
+# Octal permission masks are also accepted.
+#
+# "": No value specified.
+# All files/directories, get set with the permissions identified within the
+# image.
+# "private": it is equivalent to 0700.
+# All files/directories get set with 0700 permissions. The owner has rwx
+# access to the files. No other users on the system can access the files.
+# This setting could be used with networked based homedirs.
+# "shared": it is equivalent to 0755.
+# The owner has rwx access to the files and everyone else can read, access
+# and execute them. This setting is useful for sharing containers storage
+# with other users. For instance have a storage owned by root but shared
+# to rootless users as an additional store.
+# NOTE: All files within the image are made readable and executable by any
+# user on the system. Even /etc/shadow within your image is now readable by
+# any user.
+#
+# OCTAL: Users can experiment with other OCTAL Permissions.
+#
+# Note: The force_mask Flag is an experimental feature, it could change in the
+# future. When "force_mask" is set the original permission mask is stored in
+# the "user.containers.override_stat" xattr and the "mount_program" option
must
+# be specified. Mount programs like "/usr/bin/fuse-overlayfs" present the
+# extended attribute permissions to processes within containers rather then
the
+# "force_mask" permissions.
+#
+# force_mask = ""
+
[storage.options.thinpool]
# Storage Options for thinpool
@@ -109,10 +201,17 @@
# Value 0% disables
# min_free_space = "10%"
-# mkfsarg specifies extra mkfs arguments to be used when creating the base.
+# mkfsarg specifies extra mkfs arguments to be used when creating the base
# device.
# mkfsarg = ""
+# metadata_size is used to set the `pvcreate --metadatasize` options when
+# creating thin devices. Default is 128k
+# metadata_size = ""
+
+# Size is used to set a maximum size of the container image.
+# size = ""
+
# use_deferred_removal marks devicemapper block device for deferred removal.
# If the thinpool is in use when the driver attempts to remove it, the driver
# tells the kernel to remove it as soon as possible. Note this does not free
