| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If host does not install libdevmapper.so.1.02, run native skopeo failed:
...
$ tmp-glibc/sysroots/x86_64/usr/sbin/skopeo -h
|tmp-glibc/sysroots/x86_64/usr/sbin/skopeo.real: error while loading
shared libraries: libdevmapper.so.1.02: cannot open shared object file: No such file or directory
...
Create wrapper to set LD_LIBRARY_PATH which using native
libdevmapper.so.1.02
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* now when pypi uses SRC_URI_prepend since:
https://git.openembedded.org/openembedded-core/commit/?id=8f17b8bce85efb0e9a7e15d0b98a5cf7b6bd9750
both entries end in SRC_URI (because of delayed nature of prepend):
https://files.pythonhosted.org/packages/source/p/podman-compose/podman-compose-0.1.5.tar.gz
git://github.com/containers/podman-compose.git
causing:
ERROR: podman-compose-0.1.5-r0 do_fetch: No checksum specified for '/OE/build/oe-core/downloads/podman-compose-0.1.5.tar.gz', please add at least one to the recipe:
SRC_URI[sha256sum] = "fb229362f188980ea3fbdee2a25d0a2dd6a0b886d925d5213e22e09f1062ebe9"
ERROR: podman-compose-0.1.5-r0 do_fetch: Fetcher failure for URL: 'https://files.pythonhosted.org/packages/source/p/podman-compose/podman-compose-0.1.5.tar.gz'. Missing SRC_URI checksum
ERROR: Logfile of failure stored in: /OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/podman-compose/0.1.5-r0/temp/log.do_fetch.55855
drop pypi inherit to restore the previous SRC_URI with just the git:// entry.
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Since seccomp depends on libseccomp, and seccomp is only available
when the distro feature is enabled, we add the same dependency and
distro feature check to this recipe.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Since seccomp depends on libseccomp, and seccomp is only available
when the distro feature is enabled, we add the same dependency and
distro feature check to this recipe.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
The libseccomp package is only available if seccomp is in DISTRO_FEATURES.
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* added with to v2.0.29 commit:
106cad5 seccomp: add support for seccomp notify
* fixes:
| src/seccomp_notify.c:9:10: fatal error: seccomp.h: No such file or directory
| 9 | #include <seccomp.h>
| | ^~~~~~~~~~~
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1.Add native and nativesdk support.
2.Replace "multipath-tools" with "libdevmapper" and "lvm2". Because
the really direct DEPENDS package is "libdevmapper" and "lvm2". Log
of do_comopile as below:
-----------------[cut here]---------------------
DEBUG: Executing shell function do_compile
NOTE: make -j 40 BUILDTAGS= bin/skopeo
CGO_CFLAGS="-I/...../usr/include"
CGO_LDFLAGS="-L/...../usr/lib
-lgpgme -lgpg-error -lassuan" GO111MODULE=on go build -mod=vendor
"-buildmode=pie" -ldflags '-X
main.gitCommit=8efffce8befc2de87670ba75d6c86ada61e869fd ' -gcflags ""
-tags "" -o bin/skopeo ./cmd/skopeo
Package devmapper was not found in the pkg-config search path.
Perhaps you should add the directory containing `devmapper.pc'
to the PKG_CONFIG_PATH environment variable
No package 'devmapper' found
pkg-config: exit status 1
make: *** [Makefile:134: bin/skopeo] Error 2
Signed-off-by: Yanfei Xu <yanfei.xu@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
add nativesdk to BBCLASSEXTEND
Signed-off-by: Yanfei Xu <yanfei.xu@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping conmon to version v2.0.1-250-g1ef2468, which comprises the following commits:
1ef2468 Fix docs links due to branch rename
24c73c2 seccomp: fix for unsupported versions
fc7830d bump to v2.0.30-dev
7e6de66 bump to v2.0.29
b033cb5 Reset OOM score back to 0 for container runtime
106cad5 seccomp: add support for seccomp notify
77dfb4b .cirrus.yml: raise the timeout to 60m
87330dc call functions registered with atexit on SIGTERM
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
The upstream project switched from master to main, so we add
an explicit branch specification to avoid fetch errors (as
the deafult of master no longer works).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping crun to version 0.20.1-7-g7ef74c9, which comprises the following commits:
b07c389 criu: fix error check
09401bb linux: fix unitialized variable
b222968 cgroup: fix a memory leak
1182975 cgroup: honor memory swappiness set to 0
38271d1 NEWS: tag 0.20.1
923447b container: ignore resetting keyring SELinux label
b26493f Dockerfile: install required python3-jinja2 package
0d42f11 NEWS: tag 0.20
9042ac5 seccomp: drop SECCOMP_FILTER_FLAG_LOG by default
0f4156f cgroup: Refactor libcrun-cgroup-destory to support picking subsystems dynamically and clean custom controllers.
d6be344 cgroup: ignore devices errors in a userns
6e187fb cgroup: do not join empty controller
badb23d seccomp: report correct action in error message
5201956 container: apply SELinux label to keyring
4b664e9 linux: attempt to open existing dev file first
dd1c419 libocispec: sync from upstream
5f74e2a Makefile.am: make sure libocispec uses main branch
f0c76e1 utils: close_range fallbacks to close on EPERM
1596ab1 Update crun manual with recently added flags
1d84d62 Fix type for LinuxDeviceCgroup.linux.resources.devices.allow in default Spec
62d251d container: call prestart hooks before rootfs is RO
48bc33d Exec: Add --process-label and --apparmor to allow modifying selinux_label and apparmor_profile
0e53e87 Exec: Add --no-new-privs to and adhere if noNewPriviledges is false in basespec config
2de8b43 Fix SIGSEGV for rootless container caused by case when def->linux is defined but def->linux->cgroups_path is NULL
54e77c2 Add support for spec --bundle
ae11886 cgroup: fix regression in mode detection
194b72d kill: fix race condition with pidfd_open
2910d9b cgroup: add custom annotation run.oci.delegate-cgroup
407eef9 cgroup: drop argument from function
0485de6 cgroup: report error if the cgroup path was set
bf5020a cgroup: improve error message
a131715 cgroup: fix recursive cleanup
6e95060 cgroup: kill procs in cgroup on EBUSY
0274d6f tests: disable go modules
1272eaf tests: skip podman create --pull
04f1a6a container: read the error from the init process
29afcd6 Update README.md
9863a8e Update README.md
55f5ed5 utils: use /proc/self/fd to open unix socket
fa40930 contrib: fix warning from the rust compiler
1535fed NEWS: tag 0.19.1
227e0be spec: add cgroup ns if on cgroup v2
3fbe777 libcrun: add const to spec_file
eb34661 libcrun: annotate cgroup_mode < 0 checks
92bcc81 tests: add fuzzing tests
af3509d cgroup: support array of strings
9effaeb On exec, honor additional_gids from the process spec, not the container definition
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
The upstream project has moved from master to main, so we adjust
our recipe accordingly.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping libpod to version v3.2.1-2-gab4d0cf90, which comprises the following commits:
60752b320 Bump to v3.2.2-dev
152952fe6 Bump to v3.2.1
c5d9c0a6f Updated release notes for v3.2.1
4f56f7f13 Fix network connect race with docker-compose
e42d727a9 Revert "Ensure minimum API version is set correctly in tests"
f69789155 Fall back to string for dockerfile parameter
5a158563c remote events: fix --stream=false
38fbd2cb9 [CI:DOCS] fix incorrect network remove api doc
26eae3bf8 remote: always send resize before the container starts
c751544fa remote events: support labels
c28f442b2 remote pull: cancel pull when connection is closed
2993bdf1e Fix network prune api docs
8ba0c92e6 Improve systemd-resolved detection
c3f6ef63a logs: k8s-file: fix race
f1e7a0747 Fix image prune --filter cmd behavior
5ddd76edd Several shell completion fixes
2afb5eeab podman-remote build should handle -f option properly
6beae86f0 System tests: deal with crun 0.20.1
80362b34c Fix build tags for pkg/machine...
c85b6b3fe Fix pre-checkpointing
b61701acb container: ignore named hierarchies
e0dcffa8d [v3.2] vendor containers/common@v0.38.9
d46deca8c rootless: fix fast join userns path
f2b3da502 [v3.2] vendor containers/common@v0.38.7
78430ee1d [v3.2] vendor containers/common@v0.38.6
b6ef7cf21 Correct qemu options for Intel macs
9647d8844 Ensure minimum API version is set correctly in tests
72455ece4 Bump to v3.2.1-dev
0281ef262 Bump to v3.2.0
cff73766f Fix network create macvlan with subnet option
8688f54ea Final release notes updates for v3.2.0
f62c6bf6e add ipv6 nameservers only when the container has ipv6 enabled
4b8ca6303 Use request context instead of background
ce5c3b554 [v.3.2] events: support disjunctive filters
dd83f5c0c System tests: add :Z to volume mounts
32927f5d6 generate systemd: make mounts portable
abb57e5cf vendor containers/storage@v1.31.3
1e4563182 vendor containers/common@v0.38.5
fbf8b78a3 Bump to v3.2.0-dev
684729482 Bump to v3.2.0-RC3
f49023031 Update release notes for v3.2.0-RC3
ee5dd0603 Fix race on podman start --all
6c9de9382 Fix race condition in running ls container in a pod
69bae4774 docs: --cert-dir: point to containers-certs.d(5)
934f36df5 Handle hard links in different directories
5eecc2761 Improve OCI Runtime error
ba884865c Handle hard links in remote builds
c53638e9f Podman info add support for status of cgroup controllers
ac8b7ddd8 Drop container does not exist on removal to debugf
18e917cdc Downgrade API service routing table logging
efa15b96c add libimage events
a9108ab25 docs: generate systemd: XDG_RUNTIME_DIR
bb589bec2 Fix problem copying files when container is in host pid namespace
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Synchronize the 'runc-docker' with the opencontainers variant. This
allows the common patch to be used once again, and we refresh our docker
specific patch to the new content.
Bumping runc to version v1.0.0-rc95-28-gbfcbc947, which comprises the following commits:
37767c05 ci: lint: show all errors in PRs
07ca0be0 *: clean up remaining golangci-lint failures
00119c85 integration: add repeated "runc update" test
d0f2c25f cgroup2: devices: replace all existing filters when attaching
98a3c0e4 cgroup2: devices: switch to emulator for cgroupv1 parity
dcc1cf7c devices: add emulator.Rules shorthand
54904516 libcontainer: fix integration failure in "make test"
c7c70ce8 *: clean t.Skip messages
a95237f8 libctr/cg/systemd: export rangeToBits
df0206a6 errcheck: utils
0c65f833 errcheck: signals
3b31e3ea errcheck: tty
b45fbd43 errcheck: libcontainer
463ee5e1 errcheck: libcontainer/nsenter
7e7ff872 errcheck: libcontainer/configs
a8995053 errcheck: libcontainer/integration
b93666eb libct/cg/fs2: setFreezer: wait until frozen
1069e4e9 libct/cg/fs2: optimize setFreezer more
5d193188 libct/cg/fs2: optimize setFreezer
8a7a374f VERSION: back to development
b9ee9c63 VERSION: release v1.0.0-rc95
0ca91f44 rootfs: add mount destination validation
c61f6062 libcontainer: honor seccomp defaultErrnoRet
d519da5e Dockerfile, Vagrantfile.centos7, .github: bats 1.3.0
bdad2859 Dockerfile, Vagrantfile.centos7: use go 1.16
f96530f2 EMERITUS: recognise previous maintainers
c73a6626 VERSION: back to development
2c7861bc VERSION: release v1.0.0-rc94
12e9cac9 Vagrantfile.fedora: set Delegate=yes
ac70a9a1 tests/int: run rootless_cgroup tests for v2+systemd
601cf582 tests/int/cgroups: don't check for hugetlb
40b97919 tests/int: enable/use requires cgroups_<ctrl>
44fcbfd6 tests/int/helpers: generalize require cgroups_freezer
353f2ad1 tests/int/update.bats: don't set cpuset in setup
4f8ccc5f libct/cg/sd/v2: call initPath from Path
0ed1f802 tests/int/helpers: rm old code
af2e03c5 ci/gha: bump shellcheck 0.7.1 -> 0.7.2
2d1bb91d ci/gha: bump shfmt 3.2.0 -> 3.2.4
a7feb423 libct/int: add TestFdLeaksSystemd
c7f847ed libct/cg/sd: use global dbus connection
99c5c504 libct/cg/sd: introduce and use getManagerProperty
0fabed76 libct/int/checkpoint_test: use kill(0) for pid check
7eb1405b libct/int/checkpoint_test: use waitProcess helper
72d7a824 libct/int/checkpoint_test: use t.Helper
bcca7968 libct/int: simplify/fix showing errors
524abc59 freezer: add delay after freeze
e1d842cf libct/intelrdt: fix unit test
541fc19e Makefile: allow overriding go command by environment
06a9ea36 script/release.sh: add -a to force rebuild
91b01682 Update golang.org/x/sys to add linux/ppc support
ee4612bc CI: enable Go 1.13 again
e2dd9220 go.mod: demote to Go 1.13
45f49e8f libcontainer: avoid using t.Cleanup
1a659bc6 Revert "Makefile: rm go 1.13 workaround"
abf12ce0 libc/cg: improve Manager docs
3f659467 libct/cg: make Set accept configs.Resources
af0710a0 libct/cg/sd/v2: fix Set argument
850b2c47 libct/cg/fscommon.OpenFile: speed up ro case
71a8aee8 cgroups/systemd: replace deprecated dbus functions
47ef9a10 libct/cg/sd: retry on dbus disconnect
6122bc8b Privatize NewUserSystemDbus
15fee989 libct/cg/sd: add renew dbus connection
bacfc2c2 libct/cg/sd: add isDbusError
cdbed6f0 libct/cg/sd: add dbus manager
9efd8466 libct/cg/fscommon.OpenFile: reverse checks order
0bee5e0b libct/cg/fs: add GetStats benchmark
7e7eb1c3 CI: update Fedora to 34
d3cee12a cloned_binary: switch from #error to #warning for SYS_memfd_create
23e3794d checkpoint: validate parent path
fcd7fe85 libct/cg/fs/freezer: make sure to thaw on failure
0216716c tests/int: add a case for cgroupv2 mount
5ffcc568 tests/int: use bfq test with rootless
ff692f28 Fix cgroup2 mount for rootless case
3826db19 libct/rootfs/mountCgroupV2: minor refactor
1e476578 libct/rootfs: introduce and use mountConfig
deb8a8dd libct/newInitConfig: nit
2192670a libct/configs/validate: validate mounts
1f1e91b1 libct/specconv: check mount destination is absolute
73f22e7f libcontainer/cgroups/systemd: replace use of deprecated dbus.New()
aa622723 tiny fix iterative checkpoint test case
ee3b563d Add cfs throttle stats to cgroup v2
6faed0e4 libct/int: use ok(t, err)
af3c5699 libct/int: remove unused code
7b802a7d libct/int: better test container names
9f3d7534 logging: enable file/line info if --debug is set
ef9922c2 libct/cg: don't return OOMKillCount error when rootless
5cdd9022 libct/cg/fs[2]: fix comments about m.rootless
31dd1e49 tests/int: add rootless + host pidns test case
a2050ea4 runc run: fix start for rootless + host pidns
2f1a3ed3 Fix vendored dependencies
d15c7bb0 go.mod: github.com/cilium/ebpf v0.5.0
f28a8cc2 ebpf: replace deprecated prog.Attach/prog.Detach
928ef7af libct/nsenter: add json msg escaping
52390d68 Ignore kernel memory settings
b7c315ad vendor: bump containerd/console to 1.0.2
b6cdb8ae fix a typo
64bb59f5 nsenter: improve debug logging
6ce2d63a libct/init_linux: retry chdir to fix EPERM
c5029c00 tests: fix hello-world tarball name in testdata for arm64
289a3045 go.mod: github.com/moby/sys/mountinfo v0.4.1
4316df8b libcontainer/system: move userns utilities to separate package
e7fd383b libcontainer/system: un-export UIDMapInUserNS()
249356a1 libcontainer/system: remove unused GetParentNSeuid()
dc52ed25 libcontainer/user: remove outdated MAINTAINERS file
72ecf59c libcontainer/user: fix windows compile error
2515b0c2 libct/user: rm windows code
0596f6e1 libcontainer/devices/device_windows.go: rm
b1deba8c libcontainer/configs/config_windows_test.go: rm
f1586dbd libcontainer/configs/validate: make Validate() less DRY
4126b807 libcontainer/configs: add missing type for hooknames
48125179 go.mod: github.com/cilium/ebpf v0.4.0
44611630 docs/systemd: add
27bb1bd5 libct/specconv/CreateCgroupConfig: don't set c.Parent default
d748280a make release: build/include libseccomp
aa6da82c script/release.sh: fix shellcheck warnings
3eb46d89 ci: make static built binary available
f0dec0b4 libct/specconv/CreateCgroupConfig: nit
36fe3cc2 tests/int/cpt: fix lazy-pages flakiness
2dd62b3d libct/checkCriuFeatures: rm excessive debug
0e089002 tests/int/checkpoint: close lazy_r fd
b09030a5 tests/int/checkpoint: close fds in check_pipes
e63df1e6 tests/int: really randomize cgroup/unit names
6e4c5b6e tests/int/cgroups: don't use BUSYBOX_BUNDLE
adf733fa vendor: update go-systemd and godbus
f09a3e1b tests/int: don't set/use CGROUP_XXX variables
4ecff8d9 start: don't kill runc init too early
b1184302 libct/configs/validator: add some cgroup support
0f8d2b6b libct/cg/fs2.Stat: don't look for available controllers
85416b87 libct/cg/fs2.statPids: fall back directly
10f9a982 libct/cg/fs2/getPidsWithoutController: optimize
6121f8b6 libct/cg/fs2.Stat: always call statCpu
9455395b libct/cg/fs2/memory.Stat: add usage for root cgroup
a9c47fe7 libct/cg/fs[2]/getMemoryData[V2]: optimize
b99ca25a libct/cg/fs2/memory: fix swap reporting
79a8647b libct/int: add TestFdLeaks
b3be2b0b libct: close execFifo after start
08b52797 Make test specific to disassembleFilter function
7b3e0bcf Ensure the scratch pipe is read during ExportBPF
62f1f0e4 tests/int/checkpoint: check all logs for errors
346cb359 Revert "tests/checkpoint: show full log lazy pages cpt"
c9b3787b script/check-config.sh: add SELinux and AppArmor
5fb831a0 capabilities: WARN, not ERROR, for unknown / unavailable capabilities
e49d5da2 go.mod: OCI runtime-spec v1.0.3-0.20210326190908-1c3f411f0417
2726146b runc --debug: more tests
201d60c5 runc run/start/exec: fix init log forwarding race
c06f999b libct/logs/test: refactor
688ea99e runc init: fix double call to ConfigureLogs
dd6c8d76 main: cast Chmod argument to os.FileMode
69ec21a1 libct/logs.ForwardLogs: use bufio.Scanner
0300299a tests/int/debug.bats: fixups
d38d1f9f libcontainer/logs: use int for Config.LogPipeFd
ac93746c libct/seccomp: rm IsEnabled
9b2f1e6f runc version: don't use seccomp.IsEnabled
c8e0486f Fix oss-fuzz build
d76309f9 script/check-config.sh: add CONFIG_SECCOMP_FILTER
997e8942 capabilities.Caps: use a map for capability-types
41f466d8 nsexec.c: fix formatting for netlink defines
522bd641 Fix checking C code formatting
1948b4ce cloned_binary.c: rm redundant comments
b67deb56 nsexec.c: rm a block
513d89ee capabilities: use BOUNDING/AMBIENT instead of their alias
dd2caace go.mod: runtime-spec v1.0.3-0.20210316141917-a8c4a9ee0f6b
a608b7e7 libcontainer/apparmor: use sync.Once for AppArmor detection
d6e89248 Fix build-tags in libcontainer/devices
f585cec7 libct/cg/v2: always enable TasksAccounting
8c7ece1e fs2: fallback to setting io.weight if io.bfq.weight
74299a1c CI: cache ~/.vagrant.d/boxes
97f2e351 go.mod, libct: bump go-criu to v5, use google.golang.org/protobuf
db025aba libct: criuSwrk: only iterate over CriuOpts if debug is set
051646a3 tests: test nested bind mount restore
705b6cc7 Re-create mountpoints during restore
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping k3s to version v1.21.1+k3s1-10-geac48f69bc, which comprises the following commits:
eac48f69bc Add kubernetes.default.svc to serving certs
16ae282c7a Fix RBAC cloud-controller-manager name 3308 (#3388) (#3408)
ff54d8c96d Add a path for wireguard's privatekey
1932979f44 Update flannel version
8fd180e0d9 move object channel defer close to goroutine
69795277be add retention default and wire in s3 prune
58649c5e85 add etcd snapshot save subcommand
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
6b18f7e bump to v2.0.28
dd63dcb Cirrus: Update VM Images
096e2c1 conmon: do not chown /dev/null
3efab3e Add Kubernetes e2e tests as GitHub action
0114f3c move integration to gh actions
186038c run make vendor
31c5a2e add tests running a runtime
c53c155 always set container pid file
1955f59 write runtime stderr to journal on error
af1f3c4 some small cleanups
6c38b5a Use less resources
355dbf1 conn_sock: fix potential segfault
4587294 ci/gha: bump runc to rc93
92867a7 Add Podman integration test GitHub action
1ec43d9 bump to v2.0.28-dev
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Updating to the latest runc, which includes the following commits:
37767c05 ci: lint: show all errors in PRs
07ca0be0 *: clean up remaining golangci-lint failures
00119c85 integration: add repeated "runc update" test
d0f2c25f cgroup2: devices: replace all existing filters when attaching
98a3c0e4 cgroup2: devices: switch to emulator for cgroupv1 parity
dcc1cf7c devices: add emulator.Rules shorthand
54904516 libcontainer: fix integration failure in "make test"
c7c70ce8 *: clean t.Skip messages
a95237f8 libctr/cg/systemd: export rangeToBits
df0206a6 errcheck: utils
0c65f833 errcheck: signals
3b31e3ea errcheck: tty
b45fbd43 errcheck: libcontainer
463ee5e1 errcheck: libcontainer/nsenter
7e7ff872 errcheck: libcontainer/configs
a8995053 errcheck: libcontainer/integration
b93666eb libct/cg/fs2: setFreezer: wait until frozen
1069e4e9 libct/cg/fs2: optimize setFreezer more
5d193188 libct/cg/fs2: optimize setFreezer
8a7a374f VERSION: back to development
b9ee9c63 VERSION: release v1.0.0-rc95
0ca91f44 rootfs: add mount destination validation
c61f6062 libcontainer: honor seccomp defaultErrnoRet
d519da5e Dockerfile, Vagrantfile.centos7, .github: bats 1.3.0
bdad2859 Dockerfile, Vagrantfile.centos7: use go 1.16
f96530f2 EMERITUS: recognise previous maintainers
c73a6626 VERSION: back to development
2c7861bc VERSION: release v1.0.0-rc94
12e9cac9 Vagrantfile.fedora: set Delegate=yes
ac70a9a1 tests/int: run rootless_cgroup tests for v2+systemd
601cf582 tests/int/cgroups: don't check for hugetlb
40b97919 tests/int: enable/use requires cgroups_<ctrl>
44fcbfd6 tests/int/helpers: generalize require cgroups_freezer
353f2ad1 tests/int/update.bats: don't set cpuset in setup
4f8ccc5f libct/cg/sd/v2: call initPath from Path
0ed1f802 tests/int/helpers: rm old code
af2e03c5 ci/gha: bump shellcheck 0.7.1 -> 0.7.2
2d1bb91d ci/gha: bump shfmt 3.2.0 -> 3.2.4
a7feb423 libct/int: add TestFdLeaksSystemd
c7f847ed libct/cg/sd: use global dbus connection
99c5c504 libct/cg/sd: introduce and use getManagerProperty
0fabed76 libct/int/checkpoint_test: use kill(0) for pid check
7eb1405b libct/int/checkpoint_test: use waitProcess helper
72d7a824 libct/int/checkpoint_test: use t.Helper
bcca7968 libct/int: simplify/fix showing errors
524abc59 freezer: add delay after freeze
e1d842cf libct/intelrdt: fix unit test
541fc19e Makefile: allow overriding go command by environment
06a9ea36 script/release.sh: add -a to force rebuild
91b01682 Update golang.org/x/sys to add linux/ppc support
ee4612bc CI: enable Go 1.13 again
e2dd9220 go.mod: demote to Go 1.13
45f49e8f libcontainer: avoid using t.Cleanup
1a659bc6 Revert "Makefile: rm go 1.13 workaround"
abf12ce0 libc/cg: improve Manager docs
3f659467 libct/cg: make Set accept configs.Resources
af0710a0 libct/cg/sd/v2: fix Set argument
850b2c47 libct/cg/fscommon.OpenFile: speed up ro case
71a8aee8 cgroups/systemd: replace deprecated dbus functions
47ef9a10 libct/cg/sd: retry on dbus disconnect
6122bc8b Privatize NewUserSystemDbus
15fee989 libct/cg/sd: add renew dbus connection
bacfc2c2 libct/cg/sd: add isDbusError
cdbed6f0 libct/cg/sd: add dbus manager
9efd8466 libct/cg/fscommon.OpenFile: reverse checks order
0bee5e0b libct/cg/fs: add GetStats benchmark
7e7eb1c3 CI: update Fedora to 34
d3cee12a cloned_binary: switch from #error to #warning for SYS_memfd_create
23e3794d checkpoint: validate parent path
fcd7fe85 libct/cg/fs/freezer: make sure to thaw on failure
0216716c tests/int: add a case for cgroupv2 mount
5ffcc568 tests/int: use bfq test with rootless
ff692f28 Fix cgroup2 mount for rootless case
3826db19 libct/rootfs/mountCgroupV2: minor refactor
1e476578 libct/rootfs: introduce and use mountConfig
deb8a8dd libct/newInitConfig: nit
2192670a libct/configs/validate: validate mounts
1f1e91b1 libct/specconv: check mount destination is absolute
73f22e7f libcontainer/cgroups/systemd: replace use of deprecated dbus.New()
aa622723 tiny fix iterative checkpoint test case
ee3b563d Add cfs throttle stats to cgroup v2
6faed0e4 libct/int: use ok(t, err)
af3c5699 libct/int: remove unused code
7b802a7d libct/int: better test container names
9f3d7534 logging: enable file/line info if --debug is set
31dd1e49 tests/int: add rootless + host pidns test case
a2050ea4 runc run: fix start for rootless + host pidns
0f8d2b6b libct/cg/fs2.Stat: don't look for available controllers
85416b87 libct/cg/fs2.statPids: fall back directly
10f9a982 libct/cg/fs2/getPidsWithoutController: optimize
6121f8b6 libct/cg/fs2.Stat: always call statCpu
9455395b libct/cg/fs2/memory.Stat: add usage for root cgroup
a9c47fe7 libct/cg/fs[2]/getMemoryData[V2]: optimize
b99ca25a libct/cg/fs2/memory: fix swap reporting
c8e0486f Fix oss-fuzz build
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Updating skopeo to the 1.3.x series. Along with the version bump, we
patch the Makefile to stop using gpgme-config and instead using
pkg-config, since OE taints gpgme-config and the build will break if
we call it directly.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We update to the latest 1.21 commits, and we refresh our patch for
context changes.
eb0faebe Bump google.golang.org/grpc from 1.37.1 to 1.38.0
1d34ea0c Add global handler for Interrupt signal
d2c028aa Bump k8s.io/cri-api from 0.21.0 to 0.21.1
cac74d4f Bump k8s.io/apimachinery from 0.21.0 to 0.21.1
0e4c365c Bump k8s.io/api from 0.21.0 to 0.21.1
4b956efa Bump k8s.io/kubectl from 0.21.0 to 0.21.1
b3bc7d45 Update golangci-lint to v1.40.1 and fix lints
a72896da Bump google.golang.org/grpc from 1.37.0 to 1.37.1
09df93a2 Bump github.com/opencontainers/selinux from 1.8.0 to 1.8.1
8a28583f Clone cri-dockerd from permanent repo
29c6b21e Bump github.com/onsi/gomega from 1.11.0 to 1.12.0
50a297dc Bump github.com/onsi/ginkgo from 1.16.1 to 1.16.2
15eee85f Mention deb/rpm packages hosted on OBS in README
6ead47bd Trim build paths for binaries
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Updating to the released 1.5.x containerd.
We also add a patch to fix the following:
Since our oe-core go infrastructure insists on both -pie and static
builds (for the most part), and that is not recommended by many
packages, we end up with errors like:
cannot find package runtime/cgo (using -importcfg)
...
recipe-sysroot-native/usr/lib/aarch64-poky-linux/go/pkg/tool/linux_amd64/link:
cannot open file : open : no such file or directory
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
docker:
41cf01fa93 pkg/signal.CatchAll: ignore SIGURG on Linux
56541eca9a [20.10] update containerd binary to v1.4.6
fb179ff098 update runc binary to v1.0.0-rc95
4c801fdb7d integration: remove KernelMemory tests
6174e3cf22 Update runc binary to v1.0.0-rc94
afbb1277a3 Swarm config: use absolute paths for mount destination strings
94c1890d39 builder-next: relax second cache key requirements for schema1
01f734cb4f [20.10] update containerd binary to v1.4.5
21391bb7f7 hack/dind: fix cgroup v2 evacuation with `docker run --init`
12b03bcb27 Error string match: do not match command path
8a7f77cb2f dockerd-rootless.sh: use `command -v` instead of `which`
9ca66776fa bump up rootlesskit to v0.14.2
08b27e45d8 Dockerfile: update yamllint to v1.26.1 to fix build
404ede5737 Bump hcsshim for error details fix
cli:
f291a49ba Swap "LABEL maintainer" for the OCI pre-defined "org.opencontainers.image.authors"
78fcd905c docs: Fix broken jump link
12e2f94eb printServerWarningsLegacy: silence "No oom kill disable support" on cgroup v2
00755d7db printServerWarningsLegacy: silence "No kernel memory limit support"
8264f5be8 docs: dockerd: fix broken link and markdown touch-ups
4fbdf3f36 docs: document log-opts for "dual logging" cache
1ff45aac4 Update stop.md
ed71df1b9 docs: cleanup / refactor cli doc
ee20fa1ec docs: add reference for "docker config" commands
ffe40dc6b docs: update some examples for proxy configuration
fbbf1be52 docs: remove experimental ipvlan docs, as they were migrated
3de2cc6ef docs/reference/builder: update "syntax" section
234036d10 docs/reference/builder: update example output, and some rephrasing
0c442dc17 docs/reference/builder: remove outdated example Dockerfiles
6b48c7867 docs/reference/builder: touch-up code-hints and some minor changes
network:
56654e71 vendor: github.com/ishidawataru/sctp f2269e66cdee387bd321445d5d300893449805be
7b9c2905 fix port forwarding with ipv6.disable=1
c4ea04e0 enforce order of lock acquisitions on network/controller, fixes #2632
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Updating to the lastest moby commits, which comprise the following
commits:
moby:
41cf01fa93 pkg/signal.CatchAll: ignore SIGURG on Linux
56541eca9a [20.10] update containerd binary to v1.4.6
fb179ff098 update runc binary to v1.0.0-rc95
4c801fdb7d integration: remove KernelMemory tests
6174e3cf22 Update runc binary to v1.0.0-rc94
afbb1277a3 Swarm config: use absolute paths for mount destination strings
94c1890d39 builder-next: relax second cache key requirements for schema1
01f734cb4f [20.10] update containerd binary to v1.4.5
21391bb7f7 hack/dind: fix cgroup v2 evacuation with `docker run --init`
12b03bcb27 Error string match: do not match command path
9ca66776fa bump up rootlesskit to v0.14.2
404ede5737 Bump hcsshim for error details fix
cli:
f291a49ba Swap "LABEL maintainer" for the OCI pre-defined "org.opencontainers.image.authors"
78fcd905c docs: Fix broken jump link
12e2f94eb printServerWarningsLegacy: silence "No oom kill disable support" on cgroup v2
00755d7db printServerWarningsLegacy: silence "No kernel memory limit support"
8264f5be8 docs: dockerd: fix broken link and markdown touch-ups
4fbdf3f36 docs: document log-opts for "dual logging" cache
1ff45aac4 Update stop.md
ed71df1b9 docs: cleanup / refactor cli doc
ee20fa1ec docs: add reference for "docker config" commands
ffe40dc6b docs: update some examples for proxy configuration
fbbf1be52 docs: remove experimental ipvlan docs, as they were migrated
3de2cc6ef docs/reference/builder: update "syntax" section
234036d10 docs/reference/builder: update example output, and some rephrasing
0c442dc17 docs/reference/builder: remove outdated example Dockerfiles
6b48c7867 docs/reference/builder: touch-up code-hints and some minor changes
network:
56654e71 vendor: github.com/ishidawataru/sctp f2269e66cdee387bd321445d5d300893449805be
7b9c2905 fix port forwarding with ipv6.disable=1
c4ea04e0 enforce order of lock acquisitions on network/controller, fixes #2632
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
crun has renamed master -> main, so we adjust our fetching to
match.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
We now have use cases for sloci that can run on the target itself,
or have it used in a nativesdk scenario.
To avoid the awkwardly named "nativesdk-sloci-image-native" or
.inc files, we rename the recipe sloci-image_git and use
BBCLASSEXTEND for native/nativesdk support
This is similar to the change sent by: Hongxu Jia <hongxu.jia@windriver.com>,
but is updated to the current sloci-image recipe contents.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
This reverts commit dda5ae36b44c61e61439341ea3153e6be5cb015e.
binutils gold linker was fixed with:
https://git.openembedded.org/openembedded-core/commit/?id=d07d4d739ae17787017f771dd2068fda0e836722
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
We need to use different build architecture and flags for the
native variant, so add a specific do_compile for it. The settings
are taken from the kubernetes recipes native go build.
We also switch to the umoci.static for -native, since patchelf is
breaking our executable if we leave it dynamic.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* just a work around for internal error in binutils-2.36 gold:
http://errors.yoctoproject.org/Errors/Details/580099/
CGO_ENABLED=1 x86_64-oe-linux-go build -trimpath -tags "seccomp seccomp netgo osusergo" -ldflags "-w -extldflags -static -X main.gitCommit="fce58ab2d5c488bc573d02712db476a6daa9a60c-dirty" -X main.version=1.0.0-rc93+dev " -o runc .
TOPDIR/tmp-glibc/work/core2-64-oe-linux/runc-opencontainers/1.0.0-rc93+gitAUTOINC+fce58ab2d5-r0/recipe-sysroot-native/usr/bin/x86_64-oe-linux/../../libexec/x86_64-oe-linux/gcc/x86_64-oe-linux/11.0.1/ld: internal error in format_file_lineno, at ../../gold/dwarf_reader.cc:2278
collect2: error: ld returned 1 exit status
* it fails like this only together with gcc-11, with gcc-10.3 it
builds fine even with gold
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In preparation for using umoci along side of sloci as to
construct multi later oci images, we need a -native variant.
For now, we don't need skopeo on the host side, so we clear
it from the class-native RDEPENDS. Skopeo has significant
dependencies, so we'd rather avoid ever needing it as a
-native tool.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
Updating to the latest 0.4.7 release and updating the build
and fetch directories to the opencontainers github.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
| |
Importing umoci from meta-overc
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Allows the yocto cve-checker to flag CVEs, which would otherwise go
unreported due to the package name not matching NIST NVD data.
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Allows the yocto cve-checker to flag CVEs, which would otherwise go
unreported due to the package name not matching NIST NVD data.
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Allows the yocto cve-checker to flag CVEs, which would otherwise go
unreported due to the package name not matching NIST NVD data.
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adding the following commits into our containerd build:
3187b6dc8 tests: Adds consumed memory stats test
969ec8949 Specify seccomp target arch for CC
c19b7b64d RELEASES.md: recommend alternatives for deprecated features
8a62aa1c3 Deprecate built-in aufs snapshotter
4e7915f80 CI: allow Go 1.13 for Docker/Moby compatibility
8e589e873 Vagrantfile: update to Fedora 34
5847340a7 tests: Refactors container image usage
9f43eade6 Prepare v1.5.0-rc.3 release notes
4c7b960cb prow needs some additional setup for docker buildx
2e4c1d4b7 Use the multi-arch version of the test images
4e00c4b65 integration tests needs lsof
177273680 Add script to build test images
1b5d59dfe Add multi-arch support for test images
78e529727 add integration tests
2b0e6cdd4 Separate jobs for build and test for openlab/arm64
cdd075853 Release artifacts for Linux ARM64
efcb18742 Add unit tests for PID NamespaceMode_TARGET validation
b48f27df6 Support PID NamespaceMode_TARGET
909660ea9 process: use the unbuffered channel as the done signal
0f332dadd Update cgroups for regenerated protos
391b123a5 adds quiet option for ref
ab1654d0e Fix PushHandler cannot push image that contains duplicated blobs
00f8d32ef add not found debug out for check cmd; update usage
55734b1c5 Prepare 1.5.0-rc.2 release notes
3ef337ae3 Update containerd vendors to tags
fbe1e140f Update Go to 1.16.3
c1d1edbad gha: use sudo -E in some places to prevent dropping env-vars
7966a6652 Cleanup code
5d79d3adb go.mod: update kubernetes to v1.20.6
1c03c377e go.mod: github.com/containerd/fifo v1.0.0
12a2a2108 go.mod: github.com/google/uuid v1.2.0
3292ea586 pkg/seccomp: use sync.Once to speed up IsEnabled
00b5c99b1 pkg/seccomp: simplify IsEnabled, update doc
6dd29c25f go.mod: github.com/containerd/aufs
330a2a809 go.mod: github.com/containerd/zfs
34780d67a runtime/shim: check the namespace flag first
c3dde8c4b freebsd: add zfs to the default plugins
b431fe4fc freebsd: don't run shim delete in deleted dir
1f4192daf freebsd: exclude v1 runtimes
cb1580937 metadata: improve deleting a non-empty namespace's error message
5bf84034d Remove junit test result processor
b83d04f91 Add variable names to runtime's interface definitions
993b86399 Add shim start opts
8a4cbabc6 Reimport windows layers when comitting snapshots
af1e2af72 ci: upload junit formatted test results
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
By the docker-packaging repository and https://docs.docker.com/engine/install/centos/#installation-methods
docker is packaged by most distros with a split between the engine and the CLI.
We do the same here, by introducing the -cli package
But to keep existing use cases working, we also create a RDEPENDS between the main
docker package (the engine) and the cli, so existing "docker" package installs will
continue to work the same way. To have separate and non-redepending packages created
set the DOCKER_UNIFIED_PACKAGE variable to False
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that docker-ce is being built from the same repos as docker-moby,
the only unique things in the recipes are the SRCREVs.
We move the common packaging, compile/install routines and configuration
to the .inc files.
We also move the patches to the generic 'files' directory, so they
can be shared.
If we there are SRCREV bumps in the future that diverge moby and
docker, we'll hold patches in their named directorys and tweak
the compile/install routines as necessary.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
For whatever reason, the -ce recipe has _git and the moby variant
doesn't. When in reality, the _git is more significant for moby
than for -ce.
Renaming the recipe to normalize the recipe naming.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Updating docker-ce to 20.10.6, we also restructure the recipe to build
as mentioned in: https://github.com/docker/docker-ce
This now makes the docker-ce recipe virtually identical to the moby
variant, with only SRCREV differences being signficant. The docker-ce
recipe will build the tags as identified by the docker-packaging
repository.
We keep this as a separate recipe for this update, so we can backport
the 20.10.6 change to older branches (for CVEs, etc), but the moby
and docker-ce recipes will (re)unify in following updates.
root@qemux86-64:~# docker --version
Docker version 20.10.6-ce, build 370c28948e
root@qemux86-64:~# docker pull alpine
Using default tag: latest
latest: Pulling from library/alpine
540db60ca938: Pull complete
Digest:
sha256:69e70a79f2d41ab5d637de98c1e0b055206ba40a8145e7bddb55ccc04e13cf8f
Status: Downloaded newer image for alpine:latest
docker.io/library/alpine:latest
root@qemux86-64:~# docker run -it alpine /bin/sh
[ 4099.428945] docker0: port 1(veth33cc29a) entered blocking state
[ 4099.430548] docker0: port 1(veth33cc29a) entered disabled state
[ 4099.434641] device veth33cc29a entered promiscuous mode
[ 4100.219415] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation
[ 4100.739037] eth0: renamed from vethe948f63
[ 4100.746450] IPv6: ADDRCONF(NETDEV_CHANGE): veth33cc29a: link becomes ready
[ 4100.748508] docker0: port 1(veth33cc29a) entered blocking state
[ 4100.750150] docker0: port 1(veth33cc29a) entered forwarding state
[ 4100.754370] IPv6: ADDRCONF(NETDEV_CHANGE): docker0: link becomes ready
/ # cat /etc/issue
Welcome to Alpine Linux 3.13
Kernel \r on an \m (\l)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Grabbing the following (minor) commits:
8a7f77cb2f dockerd-rootless.sh: use `command -v` instead of `which`
08b27e45d8 Dockerfile: update yamllint to v1.26.1 to fix build
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping the SRCREV to pick up the following commits:
3b8193b399 Upgrade Docker Scan plugin to v0.8.0
9303aa4b6b Add John Howard to our alumni
ba87f9abb5 dockerd-rootless.sh: use `command -v` instead of `which`
efe9ca44fe Prepare tests for Windows containerd support
ed269a15ff vendor: github.com/docker/swarmkit 5a5494a9a7b408b790533a5e4e1cb43ca1c32aad
62761e5710 vendor: github.com/coreos/etcd v3.3.25
07de8d8bea vendor: github.com/containerd/containerd 19ee068f93c91f7b9b2a858457f1af2cabc7bc06
2ee09a228a vendor: github.com/gogo/protobuf v1.3.2
ce1125b768 Remove needless check
5c7fa82d85 Remove lowenna (aka jhowardmsft) from maintainters
0d83bab69a bump up rootlesskit to v0.14.2
fc17485819 Dockerfile: update yamllint to v1.26.1 to fix build
03ac69b517 Error string match: do not match command path
d1b9bc135d Update contrib/nuke-graph-directory.sh
b39a1ca16b Fixes subvol delete on a non-btrfs volume
618c440ae3 Bump hcsshim to get some fixes.
a0fa96c25b Update stop.md
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
libseccomp has moved to oe-core, so we can drop our checks and
blacklisting of packages if meta-security is not in the layer
configuration.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
crun has a hard dependency on systemd, we need to add it to the
recipe to avoid failing package QA checks.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Added kernel modules kernel-module-xt-masquerade and
kernel-module-xt-comment to RRECOMMENDS, to avoid iptables
errors with podman
Signed-off-by: Nathan Dunne <Nathan.Dunne@arm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
Original URL: https://github.com/lxc/lxc/pull/3623
Signed-off-by: RameshkrishnanX Geddy Sekar <rameshkrishnanx.geddy.sekar@intel.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
