Hello community, here is the log from the commit of package podman for openSUSE:Factory checked in at 2019-02-04 21:10:47 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/podman (Old) and /work/SRC/openSUSE:Factory/.podman.new.28833 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "podman" Mon Feb 4 21:10:47 2019 rev:37 rq:670287 version:1.0.0 Changes: -------- --- /work/SRC/openSUSE:Factory/podman/podman.changes 2019-01-21 11:00:57.535228162 +0100 +++ /work/SRC/openSUSE:Factory/.podman.new.28833/podman.changes 2019-02-04 21:10:49.819881590 +0100 @@ -1,0 +2,15 @@ +Wed Jan 30 22:57:51 UTC 2019 - Duncan Mac-Vicar <[email protected]> + +- Fix rootless mode with AppArmor + https://github.com/containers/libpod/pull/2225 + Add patch containers-libpod-pull-2225.diff + +------------------------------------------------------------------- +Mon Jan 28 10:32:38 UTC 2019 - Richard Brown <[email protected]> + +- Stop using conmon from random git commits, use cri-o releases +- Update to conmon from cri-o v1.13.0 + * Solve gh#containers/libpod#527 +- Tidy up .gitignore files from podman-1.0.0.tar.xz + +------------------------------------------------------------------- Old: ---- conmon-git.4cd5a7c60349be0678d9f1b0657683324c1a2726.tar.xz New: ---- conmon-1.13.0.tar.xz containers-libpod-pull-2225.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ podman.spec ++++++ --- /var/tmp/diff_new_pack.su5AmS/_old 2019-02-04 21:10:50.515881341 +0100 +++ /var/tmp/diff_new_pack.su5AmS/_new 2019-02-04 21:10:50.515881341 +0100 @@ -18,7 +18,7 @@ %define project github.com/containers/libpod %define conmon_project github.com/kubernetes-sigs/cri-o -%define conmon_commit 4cd5a7c60349be0678d9f1b0657683324c1a2726 +%define conmonver 1.13.0 # Build with libostree-devel in Tumbleweed, Leap 15 and SLES 15 %if 0%{?suse_version} >= 1500 %define with_libostree 1 @@ -31,9 +31,11 @@ Group: System/Management Url: https://github.com/containers/libpod Source0: %{name}-%{version}.tar.xz -Source1: conmon-git.%{conmon_commit}.tar.xz +Source1: conmon-%{conmonver}.tar.xz Source2: libpod.conf Source3: %{name}-rpmlintrc +# https://github.com/containers/libpod/pull/2225 +Patch0: containers-libpod-pull-2225.diff BuildRequires: bash-completion BuildRequires: cni BuildRequires: device-mapper-devel @@ -78,8 +80,9 @@ # unpack conmon into the unpacked podman source %setup -q -T -D -a 1 mkdir -pv $HOME/go/src/%{conmon_project} -mv conmon-git.%{conmon_commit}/* $HOME/go/src/%{conmon_project} -rm -r conmon-git.%{conmon_commit} +mv conmon-%{conmonver}/* $HOME/go/src/%{conmon_project} +rm -r conmon-%{conmonver} +%patch0 -p1 %package cni-config Summary: Basic CNI configuration for podman ++++++ _service ++++++ --- /var/tmp/diff_new_pack.su5AmS/_old 2019-02-04 21:10:50.535881334 +0100 +++ /var/tmp/diff_new_pack.su5AmS/_new 2019-02-04 21:10:50.535881334 +0100 @@ -4,8 +4,8 @@ <param name="url">https://github.com/containers/libpod.git</param> <param name="scm">git</param> <param name="filename">podman</param> -<param name="versionformat">0.11.1.1</param> -<param name="revision">v0.11.1.1</param> +<param name="versionformat">1.0.0</param> +<param name="revision">v1.0.0</param> </service> <service name="set_version" mode="disabled"> @@ -16,8 +16,8 @@ <param name="url">https://github.com/kubernetes-sigs/cri-o.git</param> <param name="scm">git</param> <param name="filename">conmon</param> -<param name="versionformat">git.%H</param> -<param name="revision">4cd5a7c60349be0678d9f1b0657683324c1a2726</param> +<param name="versionformat">1.13.0</param> +<param name="revision">v1.13.0</param> </service> <service name="recompress" mode="disabled"> ++++++ conmon-git.4cd5a7c60349be0678d9f1b0657683324c1a2726.tar.xz -> conmon-1.13.0.tar.xz ++++++ ++++ 120015 lines of diff (skipped) ++++++ containers-libpod-pull-2225.diff ++++++ diff --git a/contrib/cirrus/integration_test.sh b/contrib/cirrus/integration_test.sh index 627864f47..58c8af289 100755 --- a/contrib/cirrus/integration_test.sh +++ b/contrib/cirrus/integration_test.sh @@ -17,9 +17,9 @@ set -x cd "$GOSRC" case "${OS_RELEASE_ID}-${OS_RELEASE_VER}" in ubuntu-18) - make install PREFIX=/usr ETCDIR=/etc "BUILDTAGS=$BUILDTAGS" - make test-binaries "BUILDTAGS=$BUILDTAGS" - SKIP_USERNS=1 make localintegration "BUILDTAGS=$BUILDTAGS" + make install PREFIX=/usr ETCDIR=/etc + make test-binaries + SKIP_USERNS=1 make localintegration ;; fedora-29) ;& # Continue to the next item fedora-28) ;& diff --git a/contrib/cirrus/lib.sh b/contrib/cirrus/lib.sh index 32b2c91a5..39e6c7699 100644 --- a/contrib/cirrus/lib.sh +++ b/contrib/cirrus/lib.sh @@ -199,7 +199,7 @@ install_runc_from_git(){ cd "$DEST" ooe.sh git fetch origin --tags ooe.sh git checkout -q "$RUNC_COMMIT" - ooe.sh make static BUILDTAGS="seccomp selinux" + ooe.sh make static BUILDTAGS="seccomp apparmor selinux" sudo install -m 755 runc /usr/bin/runc cd $wd } diff --git a/contrib/cirrus/setup_environment.sh b/contrib/cirrus/setup_environment.sh index bcfe7e396..838f3c3f3 100755 --- a/contrib/cirrus/setup_environment.sh +++ b/contrib/cirrus/setup_environment.sh @@ -57,7 +57,6 @@ then ubuntu-18) # Always install runc on Ubuntu install_runc_from_git - envstr='export BUILDTAGS="seccomp $($GOSRC/hack/btrfs_tag.sh) $($GOSRC/hack/btrfs_installed_tag.sh) $($GOSRC/hack/ostree_tag.sh) varlink exclude_graphdriver_devicemapper"' ;; fedora-29) ;& # Continue to the next item fedora-28) @@ -67,11 +66,9 @@ then ;& # Continue to the next item centos-7) ;& rhel-7) - envstr='unset BUILDTAGS' # Use default from Makefile ;; *) bad_os_id_ver ;; esac - X=$(echo "$envstr" | tee -a "$HOME/$ENVLIB") && eval "$X" && echo "$X" # Do the same for golang env. vars go env | while read envline diff --git a/contrib/cirrus/system_test.sh b/contrib/cirrus/system_test.sh index 66974f8c6..cb179407a 100755 --- a/contrib/cirrus/system_test.sh +++ b/contrib/cirrus/system_test.sh @@ -15,12 +15,9 @@ set -x cd "$GOSRC" case "${OS_RELEASE_ID}-${OS_RELEASE_VER}" in - ubuntu-18) - make install.tools "BUILDTAGS=$BUILDTAGS" - make "BUILDTAGS=$BUILDTAGS" - make test-binaries "BUILDTAGS=$BUILDTAGS" - ;; + ubuntu-18) ;& # Continue to the next item fedora-28) ;& + fedora-29) ;& centos-7) ;& rhel-7) make install.tools diff --git a/contrib/cirrus/unit_test.sh b/contrib/cirrus/unit_test.sh index 15403b7a7..fd9e82509 100755 --- a/contrib/cirrus/unit_test.sh +++ b/contrib/cirrus/unit_test.sh @@ -16,12 +16,8 @@ clean_env set -x cd "$GOSRC" case "${OS_RELEASE_ID}-${OS_RELEASE_VER}" in - ubuntu-18) - make install.tools "BUILDTAGS=$BUILDTAGS" - make localunit "BUILDTAGS=$BUILDTAGS" - make "BUILDTAGS=$BUILDTAGS" - ;; - fedora-29) ;& # Continue to the next item + ubuntu-18) ;& # Continue to the next item + fedora-29) ;& fedora-28) ;& centos-7) ;& rhel-7) diff --git a/pkg/apparmor/apparmor_linux.go b/pkg/apparmor/apparmor_linux.go index 0787b3fa5..2c5022c1f 100644 --- a/pkg/apparmor/apparmor_linux.go +++ b/pkg/apparmor/apparmor_linux.go @@ -214,8 +214,15 @@ func CheckProfileAndLoadDefault(name string) (string, error) { return name, nil } - if name != "" && rootless.IsRootless() { - return "", errors.Wrapf(ErrApparmorRootless, "cannot load AppArmor profile %q", name) + // AppArmor is not supported in rootless mode as it requires root + // privileges. Return an error in case a specific profile is specified. + if rootless.IsRootless() { + if name != "" { + return "", errors.Wrapf(ErrApparmorRootless, "cannot load AppArmor profile %q", name) + } else { + logrus.Debug("skipping loading default AppArmor profile (rootless mode)") + return "", nil + } } if name != "" && !runcaa.IsEnabled() { @@ -230,7 +237,7 @@ func CheckProfileAndLoadDefault(name string) (string, error) { return "", err } if !isLoaded { - return "", fmt.Errorf("AppArmor profile %q specified but not loaded") + return "", fmt.Errorf("AppArmor profile %q specified but not loaded", name) } return name, nil } ++++++ podman-1.0.0.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/podman-1.0.0/.gitignore new/podman-1.0.0/.gitignore --- old/podman-1.0.0/.gitignore 2019-01-11 21:17:03.000000000 +0100 +++ new/podman-1.0.0/.gitignore 1970-01-01 01:00:00.000000000 +0100 @@ -1,19 +0,0 @@ -/.artifacts/ -/_output/ -/conmon/conmon.o -/docs/*.[158] -/docs/*.[158].gz -*.o -*.orig -/pause/pause.o -/bin/ -/test/bin2img/bin2img -/test/checkseccomp/checkseccomp -/test/copyimg/copyimg -/build/ -.nfs* -.ropeproject -__pycache__ -/cmd/podman/varlink/ioprojectatomicpodman.go -/cmd/podman/varlink/iopodman.go -.gopathok diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/podman-1.0.0/contrib/cirrus/packer/.gitignore new/podman-1.0.0/contrib/cirrus/packer/.gitignore --- old/podman-1.0.0/contrib/cirrus/packer/.gitignore 2019-01-11 21:17:03.000000000 +0100 +++ new/podman-1.0.0/contrib/cirrus/packer/.gitignore 1970-01-01 01:00:00.000000000 +0100 @@ -1,7 +0,0 @@ -*json -packer -packer*zip -packer_cache -cidata* -meta-data -user-data diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/podman-1.0.0/pkg/hooks/docs/.gitignore new/podman-1.0.0/pkg/hooks/docs/.gitignore --- old/podman-1.0.0/pkg/hooks/docs/.gitignore 2019-01-11 21:17:03.000000000 +0100 +++ new/podman-1.0.0/pkg/hooks/docs/.gitignore 1970-01-01 01:00:00.000000000 +0100 @@ -1 +0,0 @@ -*.5 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/podman-1.0.0/test/install/.gitignore new/podman-1.0.0/test/install/.gitignore --- old/podman-1.0.0/test/install/.gitignore 2019-01-11 21:17:03.000000000 +0100 +++ new/podman-1.0.0/test/install/.gitignore 1970-01-01 01:00:00.000000000 +0100 @@ -1 +0,0 @@ -rpms/ \ No newline at end of file diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/podman-1.0.0/vendor/github.com/varlink/go/.gitignore new/podman-1.0.0/vendor/github.com/varlink/go/.gitignore --- old/podman-1.0.0/vendor/github.com/varlink/go/.gitignore 2019-01-11 21:17:03.000000000 +0100 +++ new/podman-1.0.0/vendor/github.com/varlink/go/.gitignore 1970-01-01 01:00:00.000000000 +0100 @@ -1 +0,0 @@ -/cmd/varlink-go-certification/orgvarlinkcertification/orgvarlinkcertification.go
