I'm not taking any package updates at this time, but I'll look at this when I do go through the next update cycle.
Bruce On Thu, Apr 18, 2024 at 4:31 AM Xiangyu Chen via lists.yoctoproject.org <xiangyu.chen=eng.windriver....@lists.yoctoproject.org> wrote: > From: Xiangyu Chen <xiangyu.c...@windriver.com> > > Changes: > 17ac6f691 lxc.spec: Align SPDX license id > 5fe2de84c Makefile: Align SPDX license id > 97f93be72 meson: Align SPDX license id > d4cd3741d COPYING: Clarify licensing of files without SPDX > 8e67eb07c doc: Add SPDX headers and remove Author field > cb94edf53 src/include: Add SPDX headers > 7bc33ef6e src/tests: Add SPDX headers > 007642c89 hooks: Add SPDX headers > 1e9e66be3 lxc.spec: Clear default changelog > 202d649d1 lxc.spec: Use SPDX > 85abd4026 template: Use SPDX > a074b3d27 config/yum: Use SPDX header > 7ed43e5e9 COPYING: Remove whitespace > 522721216 MAINTAINERS: Remove Dwight from the maintainer list > 08bf8b9e2 lxc-checkconfig: Fix shellcheck > 0f18db543 lxc-checkconfig: Show namespace limits > f71b8e3f8 lxc-ls: list names with whitespaces in `--active`. > 816b8973d lxc/tools: set default log_priority to ERROR > 989ea3969 tools/lxc_autostart: don't fail when there are no containers > dc4df2335 lxc/lxccontainer: specify file mode in open() call inside > mod_rdep > 630b46ed2 lxc/confile: do not print excess space before scale suffix for > time.offset.boot > 796f2ccb7 lxc/confile: do not print newline symbol in getter for > lxc.time.offset.* > dcc4fb929 tests/parse_config_file: fix some typos > 6fea67429 tests/parse_config_file: add tests for lxc.time.offset.* > ad8f55445 tree-wide: replace multiply_overflow with check_mul_overflow > 4464cee19 lxccontainer: rework copy_file() > 9d1aa932d lxccontainer: improve mod_rdep() > 81c1bbf45 Revert "lxccontainer: fixes" > 82fe01821 src/lxc/syscall_numbers.h: drop define -1 > 590a95d83 rexec: Avoid invalid free in rexec failure path > f9978b179 README: Correct 'armvl7' to 'armv7l' > 046b63cd2 unshare: simplify lookup_name > 7452ee8ab lxc-unshare: fix an buffer overflow issue in lxc_unshare > e88883445 lxc-net: Enable IPv6 by default > d78ca00bc tests/meson: attempt to fix ossfuzz builds > d18f993b3 github: master -> main > 86799f554 meson: link with liblxc dynamically everywhere if possible > b90fecfda network: use IN_LIBLXC > 9eee450d2 storage_utils: move get_fssize to utils > 6eb0a73e2 storage_utils: unhide and rename is_valid_storage_type to > lxc_is_valid_storage_type > 42eeffcb0 confile: unhide lxc_config_parse_arch() helper > 9bb318881 conf: reorganize/split code to utils.c > 863c59dc3 conf: reorganize/split code to idmap_utils.c > b7591ad49 confile: unhide lxc_config_define*() helpers > f14656ebf meson: introduce IN_LIBLXC preprocessor macro > 672b2172d confile: move lxc_fill_elevated_privileges() to tools/lxc_attach > 8f9733d75 tests: remove old and broken cgroup handling code from tests > d51ea224e config: apparmor: add AppArmor profile for lxc-copy > 627bb9460 tests: lxc-test-usernic: use iproute tool instead of brctl > df0665b6d oci: resolve cross-filesystem blob caching failure > ec85e5ca4 lxc-test-usernic: drop cgroup handling > 27ec0b0f6 test-usernic: don't use ifconfig > 44e845b3c Add x32 to the list of recognized architectures > 07e3a516e lxc-download, lxc-local: preserve xattrs on unpack > 9ac7c4895 tree-wide: use container_uses_namespace() in less trivial cases > 64341ce7b tree-wide: use container_uses_namespace() helper > 6b40e66c1 Fix error message. > c8189ee2a Add verbose output in download template. > 84cc3155a Align columns in lxc-download.in template > 872db5424 build: add more options for customizing install > df17ac417 Add loongarch64 support > 112d5615e build(deps): bump actions/upload-artifact from 3 to 4 > 789457f1a config: try to create workdir if not exist > 86f5c1226 lxc-local: Add --no-dev option to exclude /dev from the fstree > f885a3c56 lxc-local: Re-organize code to use more functions > 7c025072e lxc-local: Improve usage info > faa38a197 lxc-local: Change LXC_CONFIG to LXC_METADATA to match args and > be more clear > d65fe1b27 Disable IPv6 link-local addresses for bridged veth > 8cff8fa1a don't try to delete vlan 0 from veth > 0e932812a conf: fix ephemeral copies > abffab441 config/init: Drop upstart files > 79a4a3cf8 doc: remove the warning mentionning upstart > 7bf1695d0 hooks/ubuntu-cloud-prep: remove upstart handling > fb73c18d2 meson: Remove support for upstart > cc6819c69 reset root_nsuid_map and root_nsgid_map when idmaps is cleared > a87d6fcc9 lxc/checkconfig: use multiline `echo` > f3e01fa80 lxc/checkconfig: replace `echo -n` by printf > ba4f810bc lxc/checkconfig: minor cosmetic change > d52c345c8 lxc/checkconfig: avoid subshell (SC2235) > f84f03d1d lxc/checkconfig: remove superfluous (..) around test command > (SC2234) > 74b9faa64 lxc/checkconfig: check exit code directly (SC2181) > 5cc69e440 lxc/checkconfig: replace `! -z` by `-n` (SC2236) > a4684eb11 lxc/checkconfig: add missing quotes to please shellcheck > 8a611c0b2 lxc/checkconfig: remove some unneeded `echo -n` > cb2574319 lxc/checkconfig: replace `type` by `command` > 003efe6db lxc/checkconfig: replace `cat | grep` with `grep` > adadfa372 lxc/lxccontainer: fix do_lxcapi_set_timeout retval > c02367e59 containers in the FREEZING state also need to be unfreeze > aca53bcf7 build(deps): bump actions/checkout from 3 to 4 > 84169158f lxccontainer.h: Move new fields to the end > e2696df93 Remove references to LXD > 7cec54455 Update console perms to 0600 > 3f45443fd Fix start api call to split quoted strings in execute or init > command. > > Local patches modification: > Removed two patches due to they are available in the code: > 0001-lxc-test-usernic-drop-cgroup-handling.patch > 0001-tests-remove-old-and-broken-cgroup-handling-code-fro.patch > > Refreshed templates-use-curl-instead-of-wget.patch > > Ptest modification: > Released lxc-test-shutdowntest and lxc-test-state-server due to > those back to normal > lxc-test-no-new-privs and lxc-test-checkpoint-restore are > broken test, already reported to upstream[1][2], move them to blacklist > until upstream fixed them. > lxc-test-usernic always fails when use ptest-runner, but normal with > run-ptest by manual. > > Ref: > [1] https://github.com/lxc/lxc/issues/4296 > [2] https://github.com/lxc/lxc/issues/4435 > > Signed-off-by: Xiangyu Chen <xiangyu.c...@windriver.com> > --- > ...xc-test-usernic-drop-cgroup-handling.patch | 61 ----------- > ...-and-broken-cgroup-handling-code-fro.patch | 103 ------------------ > recipes-containers/lxc/files/run-ptest | 12 +- > .../templates-use-curl-instead-of-wget.patch | 13 ++- > recipes-containers/lxc/lxc_git.bb | 10 +- > 5 files changed, 20 insertions(+), 179 deletions(-) > delete mode 100644 > recipes-containers/lxc/files/0001-lxc-test-usernic-drop-cgroup-handling.patch > delete mode 100644 > recipes-containers/lxc/files/0001-tests-remove-old-and-broken-cgroup-handling-code-fro.patch > > diff --git > a/recipes-containers/lxc/files/0001-lxc-test-usernic-drop-cgroup-handling.patch > b/recipes-containers/lxc/files/0001-lxc-test-usernic-drop-cgroup-handling.patch > deleted file mode 100644 > index 162e8f9d..00000000 > --- > a/recipes-containers/lxc/files/0001-lxc-test-usernic-drop-cgroup-handling.patch > +++ /dev/null > @@ -1,61 +0,0 @@ > -From ec85e5ca4953292c4341497704ce738669a79b64 Mon Sep 17 00:00:00 2001 > -From: Serge Hallyn <se...@hallyn.com> > -Date: Fri, 2 Feb 2024 10:41:11 -0600 > -Subject: [PATCH] lxc-test-usernic: drop cgroup handling > - > -This stuff is not needed in a modern systemd based system, and in fact > -breaks. It would probably be better to detect such a system so that a > -non-systemd box can still run this test. But I'm not sure what would be > -reliable. > - > -Upstream-Status: Backport from > -[ > https://github.com/lxc/lxc/commit/ec85e5ca4953292c4341497704ce738669a79b64 > ] > - > -Signed-off-by: Serge Hallyn <se...@hallyn.com> > -Signed-off-by: Xiangyu Chen <xiangyu.c...@windriver.com> > ---- > - src/tests/lxc-test-usernic.in | 28 ---------------------------- > - 1 file changed, 28 deletions(-) > - > -diff --git a/src/tests/lxc-test-usernic.in b/src/tests/ > lxc-test-usernic.in > -index 9af8678f3..49fd5e3f7 100755 > ---- a/src/tests/lxc-test-usernic.in > -+++ b/src/tests/lxc-test-usernic.in > -@@ -80,34 +80,6 @@ lxc.idmap = u 0 910000 10000 > - lxc.idmap = g 0 910000 10000 > - EOF > - > --if command -v cgm >/dev/null 2>&1; then > -- cgm create all usernic-user > -- cgm chown all usernic-user $(id -u usernic-user) $(id -g > usernic-user) > -- cgm movepid all usernic-user $$ > --elif [ -e /sys/fs/cgroup/cgmanager/sock ]; then > -- for d in $(cut -d : -f 2 /proc/self/cgroup); do > -- dbus-send --print-reply > --address=unix:path=/sys/fs/cgroup/cgmanager/sock \ > -- --type=method_call /org/linuxcontainers/cgmanager > org.linuxcontainers.cgmanager0_0.Create \ > -- string:$d string:usernic-user >/dev/null > -- > -- dbus-send --print-reply > --address=unix:path=/sys/fs/cgroup/cgmanager/sock \ > -- --type=method_call /org/linuxcontainers/cgmanager > org.linuxcontainers.cgmanager0_0.Chown \ > -- string:$d string:usernic-user int32:$(id -u > usernic-user) int32:$(id -g usernic-user) >/dev/null > -- > -- dbus-send --print-reply > --address=unix:path=/sys/fs/cgroup/cgmanager/sock \ > -- --type=method_call /org/linuxcontainers/cgmanager > org.linuxcontainers.cgmanager0_0.MovePid \ > -- string:$d string:usernic-user int32:$$ >/dev/null > -- done > --else > -- for d in /sys/fs/cgroup/*; do > -- [ "$d" = "/sys/fs/cgroup/unified" ] && continue > -- [ -f $d/cgroup.clone_children ] && echo 1 > > $d/cgroup.clone_children > -- [ ! -d $d/lxctest ] && mkdir $d/lxctest > -- chown -R usernic-user: $d/lxctest > -- echo $$ > $d/lxctest/tasks > -- done > --fi > -- > - mkdir -p /run/user/$(id -u usernic-user) > - chown -R usernic-user: /run/user/$(id -u usernic-user) /home/usernic-user > - > --- > -2.35.5 > - > diff --git > a/recipes-containers/lxc/files/0001-tests-remove-old-and-broken-cgroup-handling-code-fro.patch > b/recipes-containers/lxc/files/0001-tests-remove-old-and-broken-cgroup-handling-code-fro.patch > deleted file mode 100644 > index bf8df795..00000000 > --- > a/recipes-containers/lxc/files/0001-tests-remove-old-and-broken-cgroup-handling-code-fro.patch > +++ /dev/null > @@ -1,103 +0,0 @@ > -From 8f9733d756361ff8f8d8d589f286c0e064b1195d Mon Sep 17 00:00:00 2001 > -From: Alexander Mikhalitsyn <aleksandr.mikhalit...@canonical.com> > -Date: Thu, 15 Feb 2024 18:13:05 +0100 > -Subject: [PATCH] tests: remove old and broken cgroup handling code from > tests > - > -We have removed the same piece of code in > -ec85e5ca495 ("lxc-test-usernic: drop cgroup handling") > -let's do the same for two other tests. > - > -This fixes autopkgtests. > - > -Upstream-Status: Backport from > -[ > https://github.com/lxc/lxc/commit/8f9733d756361ff8f8d8d589f286c0e064b1195d > ] > - > -Signed-off-by: Alexander Mikhalitsyn <aleksandr.mikhalit...@canonical.com > > > -Signed-off-by: Xiangyu Chen <xiangyu.c...@windriver.com> > ---- > - src/tests/lxc-test-apparmor-mount | 29 ----------------------------- > - src/tests/lxc-test-unpriv | 28 ---------------------------- > - 2 files changed, 57 deletions(-) > - > -diff --git a/src/tests/lxc-test-apparmor-mount > b/src/tests/lxc-test-apparmor-mount > -index 7c9d9ad50..ddf783d4b 100755 > ---- a/src/tests/lxc-test-apparmor-mount > -+++ b/src/tests/lxc-test-apparmor-mount > -@@ -119,35 +119,6 @@ chown -R $TUSER: /run/user/$(id -u $TUSER) > - > - cd $HDIR > - > --if command -v cgm >/dev/null 2>&1; then > -- cgm create all $TUSER > -- cgm chown all $TUSER $(id -u $TUSER) $(id -g $TUSER) > -- cgm movepid all $TUSER $$ > --elif [ -e /sys/fs/cgroup/cgmanager/sock ]; then > -- for d in $(cut -d : -f 2 /proc/self/cgroup); do > -- dbus-send --print-reply > --address=unix:path=/sys/fs/cgroup/cgmanager/sock \ > -- --type=method_call /org/linuxcontainers/cgmanager > org.linuxcontainers.cgmanager0_0.Create \ > -- string:$d string:$TUSER >/dev/null > -- > -- dbus-send --print-reply > --address=unix:path=/sys/fs/cgroup/cgmanager/sock \ > -- --type=method_call /org/linuxcontainers/cgmanager > org.linuxcontainers.cgmanager0_0.Chown \ > -- string:$d string:$TUSER int32:$(id -u $TUSER) > int32:$(id -g $TUSER) >/dev/null > -- > -- dbus-send --print-reply > --address=unix:path=/sys/fs/cgroup/cgmanager/sock \ > -- --type=method_call /org/linuxcontainers/cgmanager > org.linuxcontainers.cgmanager0_0.MovePid \ > -- string:$d string:$TUSER int32:$$ >/dev/null > -- done > --else > -- for d in /sys/fs/cgroup/*; do > -- [ "$d" = "/sys/fs/cgroup/unified" ] && continue > -- [ -f $d/cgroup.clone_children ] && echo 1 > > $d/cgroup.clone_children > -- [ ! -d $d/lxctest ] && mkdir $d/lxctest > -- chown -R $TUSER: $d/lxctest > -- echo $$ > $d/lxctest/tasks > -- done > --fi > -- > -- > - run_cmd lxc-create -t busybox -n $cname > - > - echo "test default confined container" > -diff --git a/src/tests/lxc-test-unpriv b/src/tests/lxc-test-unpriv > -index 8fb9106d6..426add9da 100755 > ---- a/src/tests/lxc-test-unpriv > -+++ b/src/tests/lxc-test-unpriv > -@@ -130,34 +130,6 @@ chown -R $TUSER: /run/user/$(id -u $TUSER) > - > - cd $HDIR > - > --if command -v cgm >/dev/null 2>&1; then > -- cgm create all $TUSER > -- cgm chown all $TUSER $(id -u $TUSER) $(id -g $TUSER) > -- cgm movepid all $TUSER $$ > --elif [ -e /sys/fs/cgroup/cgmanager/sock ]; then > -- for d in $(cut -d : -f 2 /proc/self/cgroup); do > -- dbus-send --print-reply > --address=unix:path=/sys/fs/cgroup/cgmanager/sock \ > -- --type=method_call /org/linuxcontainers/cgmanager > org.linuxcontainers.cgmanager0_0.Create \ > -- string:$d string:$TUSER >/dev/null > -- > -- dbus-send --print-reply > --address=unix:path=/sys/fs/cgroup/cgmanager/sock \ > -- --type=method_call /org/linuxcontainers/cgmanager > org.linuxcontainers.cgmanager0_0.Chown \ > -- string:$d string:$TUSER int32:$(id -u $TUSER) > int32:$(id -g $TUSER) >/dev/null > -- > -- dbus-send --print-reply > --address=unix:path=/sys/fs/cgroup/cgmanager/sock \ > -- --type=method_call /org/linuxcontainers/cgmanager > org.linuxcontainers.cgmanager0_0.MovePid \ > -- string:$d string:$TUSER int32:$$ >/dev/null > -- done > --else > -- for d in /sys/fs/cgroup/*; do > -- [ "$d" = "/sys/fs/cgroup/unified" ] && continue > -- [ -f $d/cgroup.clone_children ] && echo 1 > > $d/cgroup.clone_children > -- [ ! -d $d/lxctest ] && mkdir $d/lxctest > -- chown -R $TUSER: $d/lxctest > -- echo $$ > $d/lxctest/tasks > -- done > --fi > -- > - run_cmd lxc-create -t busybox -n c1 -l trace -o "${UNPRIV_LOG}" > - > - # Make sure we can start it - twice > --- > -2.35.5 > - > diff --git a/recipes-containers/lxc/files/run-ptest > b/recipes-containers/lxc/files/run-ptest > index 196adb04..278107d9 100644 > --- a/recipes-containers/lxc/files/run-ptest > +++ b/recipes-containers/lxc/files/run-ptest > @@ -12,9 +12,15 @@ blacklist="$blacklist lxc-test-apparmor" > blacklist="$blacklist lxc-test-apparmor-mount" > #lxc-test-get_item would report Built without AppArmor support error > blacklist="$blacklist lxc-test-get_item" > -# These currently hang so skip them until someone fixes them up > -blacklist="$blacklist lxc-test-shutdowntest" > -blacklist="$blacklist lxc-test-state-server" > +# This is a broken case, also fails on opensuse, already reported to > +# upstream https://github.com/lxc/lxc/issues/4296 > +blacklist="$blacklist lxc-test-no-new-privs" > +# lxc doesn't adapt the criu's new mount flag, that cause restore fails > +# already reported to upstream https://github.com/lxc/lxc/issues/4435 > +blacklist="$blacklist lxc-test-checkpoint-restore" > +# if we run "run-ptest" under /usr/lib64/lxc/ptest, the result is normal > +# but it would be failed when using "ptest-runner lxc" > +blacklist="$blacklist lxc-test-usernic" > > # Tests in firstrunlist will be run first > firstrunlist="" > diff --git > a/recipes-containers/lxc/files/templates-use-curl-instead-of-wget.patch > b/recipes-containers/lxc/files/templates-use-curl-instead-of-wget.patch > index e9af8335..3ef66138 100644 > --- a/recipes-containers/lxc/files/templates-use-curl-instead-of-wget.patch > +++ b/recipes-containers/lxc/files/templates-use-curl-instead-of-wget.patch > @@ -10,6 +10,7 @@ Upstream-Status: Inappropriate [embedded specific] > Signed-off-by: Joakim Roubert <joak...@axis.com> > Signed-off-by: Yanfei Xu <yanfei...@windriver.com> > Signed-off-by: Bruce Ashfield <bruce.ashfi...@gmail.com> > +Signed-off-by: Xiangyu Chen <xiangyu.c...@windriver.com> > --- > templates/lxc-download.in | 8 ++++---- > 1 file changed, 4 insertions(+), 4 deletions(-) > @@ -18,7 +19,7 @@ diff --git a/templates/lxc-download.in b/templates/ > lxc-download.in > index a62ddf482..690307338 100755 > --- a/templates/lxc-download.in > +++ b/templates/lxc-download.in > -@@ -59,9 +59,9 @@ cleanup() { > +@@ -45,9 +45,9 @@ cleanup() { > fi > } > > @@ -30,16 +31,16 @@ index a62ddf482..690307338 100755 > return 0 > fi > done > -@@ -70,7 +70,7 @@ wget_wrapper() { > - } > - > - download_file() { > +@@ -59,7 +59,7 @@ download_file() { > + if [ "${DOWNLOAD_VERBOSE}" = "true" ]; then > + echo "Download file: https://${DOWNLOAD_SERVER}$1" > + fi > - if ! wget_wrapper --user-agent="lxc/@PACKAGE_VERSION@ > compat:${DOWNLOAD_COMPAT_LEVEL}" -T 30 -q "https://${DOWNLOAD_SERVER}/$1" > -O "$2" >/dev/null 2>&1; then > + if ! curl_wrapper -L --user-agent "lxc/@PACKAGE_VERSION@ > compat:${DOWNLOAD_COMPAT_LEVEL}" -m 30 -s "https://${DOWNLOAD_SERVER}/$1" > -o "$2" >/dev/null 2>&1; then > if [ "$3" = "noexit" ]; then > return 1 > else > -@@ -176,7 +176,7 @@ while :; do > +@@ -167,7 +167,7 @@ while :; do > done > > # Check for required binaries > diff --git a/recipes-containers/lxc/lxc_git.bb b/recipes-containers/lxc/ > lxc_git.bb > index ee0e442f..379b4ecd 100644 > --- a/recipes-containers/lxc/lxc_git.bb > +++ b/recipes-containers/lxc/lxc_git.bb > @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = > "file://LICENSE.LGPL2.1;md5=4fbd65380cdd255951079008b364516c > > file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe \ > " > > -DEPENDS = "libxml2 libcap" > +DEPENDS = "libxml2 libcap dbus" > RDEPENDS:${PN} = " \ > rsync \ > curl \ > @@ -36,7 +36,7 @@ RDEPENDS:${PN}-ptest += "file make gmp nettle gnutls > bash libgcc" > > RDEPENDS:${PN}-networking += "iptables" > > -SRC_URI = "git://github.com/lxc/lxc.git;branch=stable-5.0;protocol=https > \ > +SRC_URI = "git://github.com/lxc/lxc.git;branch=stable-6.0;protocol=https > \ > file://lxc-1.0.0-disable-udhcp-from-busybox-template.patch \ > file://run-ptest \ > file://templates-actually-create-DOWNLOAD_TEMP-directory.patch \ > @@ -47,12 +47,10 @@ SRC_URI = "git:// > github.com/lxc/lxc.git;branch=stable-5.0;protocol=https \ > > file://0001-template-if-busybox-contains-init-use-it-in-containe.patch \ > file://dnsmasq.conf \ > file://lxc-net \ > - file://0001-lxc-test-usernic-drop-cgroup-handling.patch \ > - > file://0001-tests-remove-old-and-broken-cgroup-handling-code-fro.patch \ > " > > -SRCREV = "cb8e38aca27a23964941f0f011a8919aab8bebab" > -PV = "5.0.3+git" > +SRCREV = "3dee5fb88c6f77496dbcab46f31bcd891c9ee4e0" > +PV = "6.0.0+git" > > S = "${WORKDIR}/git" > > -- > 2.25.1 > > > > > -- - Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end - "Use the force Harry" - Gandalf, Star Trek II
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#8685): https://lists.yoctoproject.org/g/meta-virtualization/message/8685 Mute This Topic: https://lists.yoctoproject.org/mt/105594307/21656 Group Owner: meta-virtualization+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/meta-virtualization/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-