openSUSE Build Service

Sebastian Wagner (sebix) committed over 4 years ago (revision 24)

- Update to version 0.4.1:
 * retcode: fix return code with syncfd and no event_fd
 * Ensure we're always clearing the cap bounding set
 * tests: Update output patterns for libcap >= 2.29
 * Don't rely on geteuid() to know when to switch back from setuid root
 * Don't support --userns2 in setuid mode
 * fixes CVE-2020-5291
 * fixes bsc#1168291

buildservice-autocommit accepted request 759115 from

Bjørn Lie (iznogood) almost 5 years ago (revision 23)

baserev update by copy to link target

Sebastian Wagner (sebix) committed almost 5 years ago (revision 22)

remove empty line from specfile

Sebastian Wagner (sebix) accepted request 758651 from

Bjørn Lie (iznogood) almost 5 years ago (revision 21)

- Update to version 0.4.0:
  + The biggest feature in this release is the support for joining
    existing user and pid namespaces. This doesn't work in the
    setuid mode (at the moment).
  + Other changes:
    - Stores namespace info in status json.
    - In setuid mode pid 1 is now marked dumpable.
    - Now builds with musl libc.

buildservice-autocommit accepted request 713457 from

Sebastian Wagner (sebix) over 5 years ago (revision 20)

baserev update by copy to link target

Sebastian Wagner (sebix) accepted request 713456 from

Antonio Larrosa (alarrosa) over 5 years ago (revision 19)

- Use /bin/bash instead of /usr/bin/bash in SLE12

buildservice-autocommit accepted request 706819 from

Sebastian Wagner (sebix) over 5 years ago (revision 18)

baserev update by copy to link target

Sebastian Wagner (sebix) committed over 5 years ago (revision 17)

- Update to version 0.3.3:
 - This release is the same as 0.3.2 but the version number in configure.ac
   was accidentally still set to 0.3.1
- Update to version 0.3.2:
 - fixes boo#1136958 / CVE-2019-12439
  This release fixes a mostly theoretical security issue in unusual/broken
  setups where `$XDG_RUNTIME_DIR` is unset.
  There are some other smaller fixes, as well as an addition to the JSON
  API that allows reading the inner process exit code, separately from
  the `bwrap` exit code.
  - Print "Out of memory" on stderr, not stdout
  - bwrap: add option json-status-fd to show child exit code
  - bwrap: Report COMMAND exit code in json-status-fd
  - man page: Describe --chdir, not nonexistent --cwd
  - Don't create our own temporary mount point for pivot_root
  - Make lockdata long enough on 32-bit with 64-bit file pointers.

buildservice-autocommit accepted request 641812 from

Sebastian Wagner (sebix) about 6 years ago (revision 16)

baserev update by copy to link target

Sebastian Wagner (sebix) accepted request 641328 from

Antonio Larrosa (alarrosa) about 6 years ago (revision 15)

- update to version 0.3.1:
  * New feature in this release is --bind-try (as well as --dev-bind-try
    and --ro-bind-try) which works like the regular versions if the source
    exists, but does nothing if it doesn't exist.
  * The mount type for the root tmpfs was also changed to "tmpfs" instead
    of being empty, as the later could cause problems with some programs
    when parsing the mountinfo files in /proc.

  * The biggest feature from this release is that bwrap
    now supports being invoked recursively (from other container
    runtimes such as Docker/podman/runc as well as bwrap itself)
    when user namespaces are enabled, and the outer container manager
    allows it (Docker's default seccomp policy doesn't).
  * This is useful for testing scenarios; for example a project
    uses Kubernetes for its CI, but inside build the project wants to run
    each unit test in their own pid namespace, without going out
    and creating a new pod for every single unit test.
  * Similarly, rpm-ostree compose tree uses bwrap internally for scripts,
    and we want to support running rpm-ostree inside a container as well.
  * Another feature is bwrap now supports -- to terminate argument
    parsing. To detect availablity of this, you could parse bwrap --version.

buildservice-autocommit accepted request 624477 from

Factory Maintainer (factory-maintainer) over 6 years ago (revision 14)

baserev update by copy to link target

Sebastian Wagner (sebix) committed over 6 years ago (revision 13)

- update to version 0.3.0:
 * no upstream changelog available

buildservice-autocommit accepted request 612511 from

Sebastian Wagner (sebix) over 6 years ago (revision 12)

baserev update by copy to link target

Sebastian Wagner (sebix) committed over 6 years ago (revision 11)

- update to version 0.2.1:
 * All the demos are included
 * bugfixes for the demo files
 * There was an issue with mkdir when running bubblewrap on an NFS
   filesystem that has been fixed, so flatpak now works on NFS shares.
 * Some leaks have been fixed, including a file descriptor leak.

buildservice-autocommit accepted request 532853 from

Sebastian Wagner (sebix) about 7 years ago (revision 10)

baserev update by copy to link target

Sebastian Wagner (sebix) committed about 7 years ago (revision 9)

- update to version 0.2.0

buildservice-autocommit accepted request 527016 from

Sebastian Wagner (sebix) about 7 years ago (revision 8)

baserev update by copy to link target

Sebastian Wagner (sebix) committed about 7 years ago (revision 7)

- add group

buildservice-autocommit accepted request 510257 from

Factory Maintainer (factory-maintainer) over 7 years ago (revision 6)

baserev update by copy to link target

Sebastian Wagner (sebix) committed over 7 years ago (revision 5)

- fix build macro with rpm < 4.12 (non-Factory currently)

Places

Revisions of bubblewrap

Places