Hello community, here is the log from the commit of package slirp4netns for openSUSE:Factory checked in at 2019-10-25 18:38:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/slirp4netns (Old) and /work/SRC/openSUSE:Factory/.slirp4netns.new.2990 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "slirp4netns" Fri Oct 25 18:38:23 2019 rev:7 rq:741705 version:0.4.2 Changes: -------- --- /work/SRC/openSUSE:Factory/slirp4netns/slirp4netns.changes 2019-09-02 13:22:56.697339589 +0200 +++ /work/SRC/openSUSE:Factory/.slirp4netns.new.2990/slirp4netns.changes 2019-10-25 18:38:26.099687805 +0200 @@ -1,0 +2,6 @@ +Mon Oct 21 07:30:05 UTC 2019 - Sascha Grunert <[email protected]> + +- Update to 0.4.2 + * Do not propagate mounts to the parent ns in sandbox + +------------------------------------------------------------------- Old: ---- slirp4netns-0.4.1.tar.xz New: ---- slirp4netns-0.4.2.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ slirp4netns.spec ++++++ --- /var/tmp/diff_new_pack.JKB3Wa/_old 2019-10-25 18:38:26.579688257 +0200 +++ /var/tmp/diff_new_pack.JKB3Wa/_new 2019-10-25 18:38:26.583688261 +0200 @@ -17,7 +17,7 @@ Name: slirp4netns -Version: 0.4.1 +Version: 0.4.2 Release: 0 Summary: User-mode networking for unprivileged network namespaces License: GPL-2.0-only AND MIT AND BSD-2-Clause ++++++ _service ++++++ --- /var/tmp/diff_new_pack.JKB3Wa/_old 2019-10-25 18:38:26.603688279 +0200 +++ /var/tmp/diff_new_pack.JKB3Wa/_new 2019-10-25 18:38:26.603688279 +0200 @@ -4,8 +4,8 @@ <param name="url">https://github.com/rootless-containers/slirp4netns.git</param> <param name="scm">git</param> <param name="filename">slirp4netns</param> -<param name="versionformat">0.4.1</param> -<param name="revision">v0.4.1</param> +<param name="versionformat">0.4.2</param> +<param name="revision">v0.4.2</param> </service> <service name="recompress" mode="disabled"> ++++++ slirp4netns-0.4.1.tar.xz -> slirp4netns-0.4.2.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/slirp4netns-0.4.1/Makefile.am new/slirp4netns-0.4.2/Makefile.am --- old/slirp4netns-0.4.1/Makefile.am 2019-08-30 13:03:50.000000000 +0200 +++ new/slirp4netns-0.4.2/Makefile.am 2019-10-18 15:04:32.000000000 +0200 @@ -16,6 +16,7 @@ api.h \ sandbox.h \ seccompfilter.h \ + tests/slirp4netns-no-unmount.sh \ vendor/libslirp/COPYRIGHT \ vendor/libslirp/README.md \ vendor/libslirp/src/bootp.h \ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/slirp4netns-0.4.1/configure.ac new/slirp4netns-0.4.2/configure.ac --- old/slirp4netns-0.4.1/configure.ac 2019-08-30 13:03:50.000000000 +0200 +++ new/slirp4netns-0.4.2/configure.ac 2019-10-18 15:04:32.000000000 +0200 @@ -1,5 +1,5 @@ AC_PREREQ([2.69]) -AC_INIT([slirp4netns], [0.4.1], [https://github.com/rootless-containers/slirp4netns/issues]) +AC_INIT([slirp4netns], [0.4.2], [https://github.com/rootless-containers/slirp4netns/issues]) AC_CONFIG_SRCDIR([main.c]) AC_CONFIG_HEADERS([config.h]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/slirp4netns-0.4.1/sandbox.c new/slirp4netns-0.4.2/sandbox.c --- old/slirp4netns-0.4.1/sandbox.c 2019-08-30 13:03:50.000000000 +0200 +++ new/slirp4netns-0.4.2/sandbox.c 2019-10-18 15:04:32.000000000 +0200 @@ -16,6 +16,11 @@ { int ret; + ret = mount("", from, "", MS_SLAVE | MS_REC, NULL); + if (ret < 0 && errno != EINVAL) { + fprintf(stderr, "cannot make mount propagation slave %s\n", from); + return ret; + } ret = mount(from, to, "", MS_BIND | MS_REC | MS_SLAVE | MS_NOSUID | MS_NODEV | MS_NOEXEC, NULL); @@ -23,6 +28,11 @@ fprintf(stderr, "cannot bind mount %s to %s\n", from, to); return ret; } + ret = mount("", to, "", MS_SLAVE | MS_REC, NULL); + if (ret < 0) { + fprintf(stderr, "cannot make mount propagation slave %s\n", to); + return ret; + } ret = mount(from, to, "", MS_REMOUNT | MS_BIND | MS_RDONLY | MS_NOSUID | MS_NODEV | MS_NOEXEC, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/slirp4netns-0.4.1/tests/slirp4netns-no-unmount.sh new/slirp4netns-0.4.2/tests/slirp4netns-no-unmount.sh --- old/slirp4netns-0.4.1/tests/slirp4netns-no-unmount.sh 1970-01-01 01:00:00.000000000 +0100 +++ new/slirp4netns-0.4.2/tests/slirp4netns-no-unmount.sh 2019-10-18 15:04:32.000000000 +0200 @@ -0,0 +1,29 @@ +#!/bin/bash +set -xeuo pipefail + +. $(dirname $0)/common.sh + +# it is a part of test-slirp4netns.sh +# must run in a new mount namespace + +mount -t tmpfs tmpfs /run +mkdir /run/foo +mount -t tmpfs tmpfs /run/foo +mount --make-rshared /run + +unshare -n sleep infinity & +child=$! + +wait_for_network_namespace $child + +./slirp4netns --enable-sandbox --netns-type=path /proc/$child/ns/net tun11 & +slirp_pid=$! + +function cleanup { + kill -9 $child $slirp_pid +} +trap cleanup EXIT + +wait_for_network_device $child tun11 + +findmnt /run/foo diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/slirp4netns-0.4.1/tests/test-slirp4netns.sh new/slirp4netns-0.4.2/tests/test-slirp4netns.sh --- old/slirp4netns-0.4.1/tests/test-slirp4netns.sh 2019-08-30 13:03:50.000000000 +0200 +++ new/slirp4netns-0.4.2/tests/test-slirp4netns.sh 2019-10-18 15:04:32.000000000 +0200 @@ -67,3 +67,5 @@ nsenter --preserve-credentials -U -n --target=$child ip -a netconf | grep tun11 nsenter --preserve-credentials -U -n --target=$child ip addr show tun11 | grep -v inet + +unshare -rm $(readlink -f $(dirname $0)/slirp4netns-no-unmount.sh)
