From 1871a978373d5deffd1a24f51e60b9470aa5f746 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Thu, 10 Jun 2021 03:51:00 -0400 Subject: [PATCH] import conmon-2.0.26-3.module+el8.4.0+11311+9da8acfb --- SOURCES/conmon-1961682.patch | 41 ++++++++++++++++++++++++++++++++++++ SPECS/conmon.spec | 26 ++++++++++++++++++++++- 2 files changed, 66 insertions(+), 1 deletion(-) create mode 100644 SOURCES/conmon-1961682.patch diff --git a/SOURCES/conmon-1961682.patch b/SOURCES/conmon-1961682.patch new file mode 100644 index 0000000..68a30d0 --- /dev/null +++ b/SOURCES/conmon-1961682.patch @@ -0,0 +1,41 @@ +From 096e2c1954f8b910c8cc4a4fa41f8325fd7ab84c Mon Sep 17 00:00:00 2001 +From: Giuseppe Scrivano +Date: Tue, 20 Apr 2021 18:46:58 +0200 +Subject: [PATCH] conmon: do not chown /dev/null + +skip the fchmod for the standard input files when /dev/null is used. + +Signed-off-by: Giuseppe Scrivano +--- + src/conmon.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/conmon.c b/src/conmon.c +index 0878ae5..2e0f23e 100644 +--- a/src/conmon.c ++++ b/src/conmon.c +@@ -223,21 +223,21 @@ int main(int argc, char *argv[]) + workerfd_stdin = dev_null_r; + if (dup2(workerfd_stdin, STDIN_FILENO) < 0) + _pexit("Failed to dup over stdin"); +- if (fchmod(STDIN_FILENO, 0777) < 0) ++ if (workerfd_stdin != dev_null_r && fchmod(STDIN_FILENO, 0777) < 0) + nwarn("Failed to chown stdin"); + + if (workerfd_stdout < 0) + workerfd_stdout = dev_null_w; + if (dup2(workerfd_stdout, STDOUT_FILENO) < 0) + _pexit("Failed to dup over stdout"); +- if (fchmod(STDOUT_FILENO, 0777) < 0) ++ if (workerfd_stdout != dev_null_w && fchmod(STDOUT_FILENO, 0777) < 0) + nwarn("Failed to chown stdout"); + + if (workerfd_stderr < 0) + workerfd_stderr = workerfd_stdout; + if (dup2(workerfd_stderr, STDERR_FILENO) < 0) + _pexit("Failed to dup over stderr"); +- if (fchmod(STDERR_FILENO, 0777) < 0) ++ if (workerfd_stderr != dev_null_w && fchmod(STDERR_FILENO, 0777) < 0) + nwarn("Failed to chown stderr"); + + /* If LISTEN_PID env is set, we need to set the LISTEN_PID diff --git a/SPECS/conmon.spec b/SPECS/conmon.spec index f92f3fb..d50d951 100644 --- a/SPECS/conmon.spec +++ b/SPECS/conmon.spec @@ -10,11 +10,14 @@ Name: conmon Epoch: 2 Version: 2.0.26 -Release: 1%{?dist} +Release: 3%{?dist} Summary: OCI container runtime monitor License: ASL 2.0 URL: %{git0} Source0: %{git0}/archive/v%{version}.tar.gz +# related bug: https://bugzilla.redhat.com/show_bug.cgi?id=1961682 +# patch: https://github.com/containers/conmon/pull/257.patch +Patch0: conmon-1961682.patch # https://fedoraproject.org/wiki/PackagingDrafts/Go#Go_Language_Architectures #ExclusiveArch: %%{go_arches} # still use arch exclude as the macro above still refers %%{ix86} in RHEL8.4: @@ -51,6 +54,27 @@ export LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now" %{_mandir}/man8/* %changelog +* Tue May 18 2021 Jindrich Novy - 2:2.0.26-3 +- fix "Permission on /dev/null are changing from 666 to 777 after running podman as root [rhel-8.4.0.z]" +- Resolves: #1961682 + +* Thu May 13 2021 Jindrich Novy - 2:2.0.26-2 +- revert back to the state of 3.0-8.4.0 +- Related: #1954702 + +* Mon May 10 2021 Jindrich Novy - 2:2.0.27-3 +- upload new source tarball +- Related: #1954702 + +* Mon May 10 2021 Jindrich Novy - 2:2.0.27-2 +- switch to master branch to fix /dev/null ownership issues + (https://github.com/containers/conmon/commit/372fa19211cfeabdb2bad52a4ab8a4d1b0b0063c) +- Related: #1954702 + +* Thu Apr 29 2021 Jindrich Novy - 2:2.0.27-1 +- update to https://github.com/containers/conmon/releases/tag/v2.0.27 +- Related: #1954702 + * Thu Feb 04 2021 Jindrich Novy - 2:2.0.26-1 - update to https://github.com/containers/conmon/releases/tag/v2.0.26 - Related: #1883490