Request 907285: Submit runc - openSUSE Build Service

This request supersedes: request 906870 (Show diff)

Overview

Request 907285 accepted

- Update to runc v1.0.1. Upstream changelog is available from
https://github.com/opencontainers/runc/releases/tag/v1.0.1

* Fixed occasional runc exec/run failure ("interrupted system call") on an
Azure volume.
* Fixed "unable to find groups ... token too long" error with /etc/group
containing lines longer than 64K characters.
* cgroup/systemd/v1: fix leaving cgroup frozen after Set if a parent cgroup is
frozen. This is a regression in 1.0.0, not affecting runc itself but some
of libcontainer users (e.g Kubernetes).
* cgroupv2: bpf: Ignore inaccessible existing programs in case of
permission error when handling replacement of existing bpf cgroup
programs. This fixes a regression in 1.0.0, where some SELinux
policies would block runc from being able to run entirely.
* cgroup/systemd/v2: don't freeze cgroup on Set.
* cgroup/systemd/v1: avoid unnecessary freeze on Set.

- Remove upstreamed patches:
+ boo1187704-0001-cgroupv2-ebpf-ignore-inaccessible-existing-programs.patch

Created by cyphar almost 3 years ago
In state accepted
Package maintainer: cyphar
Supersedes 906870

Submit runc

Comments for request 907285 0

Login required, please login in order to comment

Request History

cyphar created request almost 3 years ago

- Update to runc v1.0.1. Upstream changelog is available from
https://github.com/opencontainers/runc/releases/tag/v1.0.1

* Fixed occasional runc exec/run failure ("interrupted system call") on an
Azure volume.
* Fixed "unable to find groups ... token too long" error with /etc/group
containing lines longer than 64K characters.
* cgroup/systemd/v1: fix leaving cgroup frozen after Set if a parent cgroup is
frozen. This is a regression in 1.0.0, not affecting runc itself but some
of libcontainer users (e.g Kubernetes).
* cgroupv2: bpf: Ignore inaccessible existing programs in case of
permission error when handling replacement of existing bpf cgroup
programs. This fixes a regression in 1.0.0, where some SELinux
policies would block runc from being able to run entirely.
* cgroup/systemd/v2: don't freeze cgroup on Set.
* cgroup/systemd/v1: avoid unnecessary freeze on Set.

- Remove upstreamed patches:
+ boo1187704-0001-cgroupv2-ebpf-ignore-inaccessible-existing-programs.patch

cyphar accepted request almost 3 years ago

LGTM.

openSUSE Build Service is sponsored by