Compare commits
No commits in common. "c8s-stream-3.0" and "c8-stream-2.0" have entirely different histories.
c8s-stream
...
c8-stream-
@ -1 +1 @@
|
|||||||
ed12565698e4906511465d51df9914ea601e2c27 SOURCES/v2.0.26.tar.gz
|
30cdc2273b6edc5fa16cbf676bb53ae7d6e240f9 SOURCES/conmon-1bddbf7.tar.gz
|
||||||
|
2
.gitignore
vendored
2
.gitignore
vendored
@ -1 +1 @@
|
|||||||
SOURCES/v2.0.26.tar.gz
|
SOURCES/conmon-1bddbf7.tar.gz
|
||||||
|
@ -1,93 +0,0 @@
|
|||||||
diff --git a/src/cli.c b/src/cli.c
|
|
||||||
index 8e788f9..5761dde 100644
|
|
||||||
--- a/src/cli.c
|
|
||||||
+++ b/src/cli.c
|
|
||||||
@@ -38,6 +38,7 @@ gchar **opt_log_path = NULL;
|
|
||||||
char *opt_exit_dir = NULL;
|
|
||||||
int opt_timeout = 0;
|
|
||||||
int64_t opt_log_size_max = -1;
|
|
||||||
+int64_t opt_log_global_size_max = -1;
|
|
||||||
char *opt_socket_path = DEFAULT_SOCKET_PATH;
|
|
||||||
gboolean opt_no_new_keyring = FALSE;
|
|
||||||
char *opt_exit_command = NULL;
|
|
||||||
@@ -70,6 +71,7 @@ GOptionEntry opt_entries[] = {
|
|
||||||
{"log-level", 0, 0, G_OPTION_ARG_STRING, &opt_log_level, "Print debug logs based on log level", NULL},
|
|
||||||
{"log-path", 'l', 0, G_OPTION_ARG_STRING_ARRAY, &opt_log_path, "Log file path", NULL},
|
|
||||||
{"log-size-max", 0, 0, G_OPTION_ARG_INT64, &opt_log_size_max, "Maximum size of log file", NULL},
|
|
||||||
+ {"log-global-size-max", 0, 0, G_OPTION_ARG_INT64, &opt_log_global_size_max, "Maximum size of all log files", NULL},
|
|
||||||
{"log-tag", 0, 0, G_OPTION_ARG_STRING, &opt_log_tag, "Additional tag to use for logging", NULL},
|
|
||||||
{"name", 'n', 0, G_OPTION_ARG_STRING, &opt_name, "Container name", NULL},
|
|
||||||
{"no-new-keyring", 0, 0, G_OPTION_ARG_NONE, &opt_no_new_keyring, "Do not create a new session keyring for the container", NULL},
|
|
||||||
@@ -180,5 +182,5 @@ void process_cli()
|
|
||||||
if (opt_container_pid_file == NULL)
|
|
||||||
opt_container_pid_file = g_strdup_printf("%s/pidfile-%s", cwd, opt_cid);
|
|
||||||
|
|
||||||
- configure_log_drivers(opt_log_path, opt_log_size_max, opt_cid, opt_name, opt_log_tag);
|
|
||||||
+ configure_log_drivers(opt_log_path, opt_log_size_max, opt_log_global_size_max, opt_cid, opt_name, opt_log_tag);
|
|
||||||
}
|
|
||||||
diff --git a/src/ctr_logging.c b/src/ctr_logging.c
|
|
||||||
index c3fd5d2..8581783 100644
|
|
||||||
--- a/src/ctr_logging.c
|
|
||||||
+++ b/src/ctr_logging.c
|
|
||||||
@@ -32,6 +32,9 @@ static const char *const JOURNALD_FILE_STRING = "journald";
|
|
||||||
/* Max log size for any log file types */
|
|
||||||
static int64_t log_size_max = -1;
|
|
||||||
|
|
||||||
+/* Max total log size for any log file types */
|
|
||||||
+static int64_t log_global_size_max = -1;
|
|
||||||
+
|
|
||||||
/* k8s log file parameters */
|
|
||||||
static int k8s_log_fd = -1;
|
|
||||||
static char *k8s_log_path = NULL;
|
|
||||||
@@ -77,9 +80,10 @@ static void reopen_k8s_file(void);
|
|
||||||
* (currently just k8s log file), it will also open the log_fd for that specific
|
|
||||||
* log file.
|
|
||||||
*/
|
|
||||||
-void configure_log_drivers(gchar **log_drivers, int64_t log_size_max_, char *cuuid_, char *name_, char *tag)
|
|
||||||
+void configure_log_drivers(gchar **log_drivers, int64_t log_size_max_, int64_t log_global_size_max_, char *cuuid_, char *name_, char *tag)
|
|
||||||
{
|
|
||||||
log_size_max = log_size_max_;
|
|
||||||
+ log_global_size_max = log_global_size_max_;
|
|
||||||
if (log_drivers == NULL)
|
|
||||||
nexit("Log driver not provided. Use --log-path");
|
|
||||||
for (int driver = 0; log_drivers[driver]; ++driver) {
|
|
||||||
@@ -284,6 +288,7 @@ static int write_k8s_log(stdpipe_t pipe, const char *buf, ssize_t buflen)
|
|
||||||
writev_buffer_t bufv = {0};
|
|
||||||
static int64_t bytes_written = 0;
|
|
||||||
int64_t bytes_to_be_written = 0;
|
|
||||||
+ static int64_t total_bytes_written = 0;
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Use the same timestamp for every line of the log in this buffer.
|
|
||||||
@@ -307,6 +312,10 @@ static int write_k8s_log(stdpipe_t pipe, const char *buf, ssize_t buflen)
|
|
||||||
bytes_to_be_written += 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
+ /* If the caller specified a global max, enforce it before writing */
|
|
||||||
+ if (log_global_size_max > 0 && total_bytes_written >= log_global_size_max)
|
|
||||||
+ break;
|
|
||||||
+
|
|
||||||
/*
|
|
||||||
* We re-open the log file if writing out the bytes will exceed the max
|
|
||||||
* log size. We also reset the state so that the new file is started with
|
|
||||||
@@ -360,6 +369,7 @@ static int write_k8s_log(stdpipe_t pipe, const char *buf, ssize_t buflen)
|
|
||||||
}
|
|
||||||
|
|
||||||
bytes_written += bytes_to_be_written;
|
|
||||||
+ total_bytes_written += bytes_to_be_written;
|
|
||||||
next:
|
|
||||||
/* Update the head of the buffer remaining to output. */
|
|
||||||
buf += line_len;
|
|
||||||
diff --git a/src/ctr_logging.h b/src/ctr_logging.h
|
|
||||||
index 1b63cd7..9b1f693 100644
|
|
||||||
--- a/src/ctr_logging.h
|
|
||||||
+++ b/src/ctr_logging.h
|
|
||||||
@@ -7,7 +7,7 @@
|
|
||||||
|
|
||||||
void reopen_log_files(void);
|
|
||||||
bool write_to_logs(stdpipe_t pipe, char *buf, ssize_t num_read);
|
|
||||||
-void configure_log_drivers(gchar **log_drivers, int64_t log_size_max_, char *cuuid_, char *name_, char *tag);
|
|
||||||
+void configure_log_drivers(gchar **log_drivers, int64_t log_size_max_, int64_t log_global_size_max_, char *cuuid_, char *name_, char *tag);
|
|
||||||
void sync_logs(void);
|
|
||||||
|
|
||||||
#endif /* !defined(CTR_LOGGING_H) */
|
|
@ -1,42 +1,43 @@
|
|||||||
|
%global with_debug 0
|
||||||
%global with_check 0
|
%global with_check 0
|
||||||
|
|
||||||
|
%if 0%{?with_debug}
|
||||||
%global _find_debuginfo_dwz_opts %{nil}
|
%global _find_debuginfo_dwz_opts %{nil}
|
||||||
%global _dwz_low_mem_die_limit 0
|
%global _dwz_low_mem_die_limit 0
|
||||||
|
%else
|
||||||
|
%global debug_package %{nil}
|
||||||
|
%endif
|
||||||
|
|
||||||
|
%global provider github
|
||||||
|
%global provider_tld com
|
||||||
|
%global project containers
|
||||||
|
%global repo conmon
|
||||||
# https://github.com/containers/conmon
|
# https://github.com/containers/conmon
|
||||||
%global import_path github.com/containers/%{name}
|
%global import_path %{provider}.%{provider_tld}/%{project}/%{repo}
|
||||||
|
%global commit0 1bddbf7051a973f4a4fecf06faa0c48e82f1e9e1
|
||||||
|
%global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
|
||||||
%global git0 https://%{import_path}
|
%global git0 https://%{import_path}
|
||||||
|
|
||||||
Name: conmon
|
Name: %{repo}
|
||||||
Epoch: 2
|
Epoch: 2
|
||||||
Version: 2.0.26
|
Version: 2.0.15
|
||||||
Release: 3%{?dist}
|
Release: 1%{?dist}
|
||||||
Summary: OCI container runtime monitor
|
Summary: OCI container runtime monitor
|
||||||
License: ASL 2.0
|
License: ASL 2.0
|
||||||
URL: %{git0}
|
URL: %{git0}
|
||||||
Source0: %{git0}/archive/v%{version}.tar.gz
|
Source0: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
|
||||||
Patch0: CVE-2022-1708.patch
|
|
||||||
# https://fedoraproject.org/wiki/PackagingDrafts/Go#Go_Language_Architectures
|
|
||||||
#ExclusiveArch: %%{go_arches}
|
|
||||||
# still use arch exclude as the macro above still refers %%{ix86} in RHEL8.4:
|
|
||||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1905383
|
|
||||||
ExcludeArch: %{ix86}
|
|
||||||
BuildRequires: gcc
|
BuildRequires: gcc
|
||||||
BuildRequires: git
|
BuildRequires: git
|
||||||
BuildRequires: glib2-devel
|
BuildRequires: glib2-devel
|
||||||
BuildRequires: systemd-devel
|
BuildRequires: systemd-devel
|
||||||
BuildRequires: golang >= 1.12.12-4
|
|
||||||
BuildRequires: go-md2man
|
|
||||||
|
|
||||||
%description
|
%description
|
||||||
%{summary}.
|
%{summary}.
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%autosetup -Sgit
|
%autosetup -Sgit -n %{name}-%{commit0}
|
||||||
|
|
||||||
%build
|
%build
|
||||||
export CFLAGS="%{optflags} -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64"
|
|
||||||
export LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now"
|
|
||||||
%{__make} all
|
%{__make} all
|
||||||
|
|
||||||
%install
|
%install
|
||||||
@ -49,88 +50,13 @@ export LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now"
|
|||||||
%license LICENSE
|
%license LICENSE
|
||||||
%doc README.md
|
%doc README.md
|
||||||
%{_bindir}/%{name}
|
%{_bindir}/%{name}
|
||||||
%{_mandir}/man8/*
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Thu Jul 14 2022 Jindrich Novy <jnovy@redhat.com> - 2:2.0.26-3
|
|
||||||
- amend CVE-2022-1708
|
|
||||||
- Related: #2093390
|
|
||||||
|
|
||||||
* Mon Jun 06 2022 Jindrich Novy <jnovy@redhat.com> - 2:2.0.26-2
|
|
||||||
- fix CVE-2022-1708 - thanks to Peter Hunt
|
|
||||||
- Related: #2061390
|
|
||||||
|
|
||||||
* Thu Feb 04 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.0.26-1
|
|
||||||
- update to https://github.com/containers/conmon/releases/tag/v2.0.26
|
|
||||||
- Related: #1883490
|
|
||||||
|
|
||||||
* Thu Jan 21 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.0.25-1
|
|
||||||
- update to https://github.com/containers/conmon/releases/tag/v2.0.25
|
|
||||||
- Related: #1883490
|
|
||||||
|
|
||||||
* Fri Jan 15 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.0.24-1
|
|
||||||
- update to https://github.com/containers/conmon/releases/tag/v2.0.24
|
|
||||||
- Related: #1883490
|
|
||||||
|
|
||||||
* Mon Jan 04 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.0.22-3
|
|
||||||
- exclude i686 as golang is not suppoerted there
|
|
||||||
- Related: #1883490
|
|
||||||
|
|
||||||
* Sat Dec 26 2020 Jindrich Novy <jnovy@redhat.com> - 2:2.0.22-2
|
|
||||||
- add BR: golang, go-md2man
|
|
||||||
- add man pages
|
|
||||||
- Related: #1883490
|
|
||||||
|
|
||||||
* Mon Dec 21 2020 Jindrich Novy <jnovy@redhat.com> - 2:2.0.22-1
|
|
||||||
- update to https://github.com/containers/conmon/releases/tag/v2.0.22
|
|
||||||
- Related: #1883490
|
|
||||||
|
|
||||||
* Tue Dec 08 2020 Jindrich Novy <jnovy@redhat.com> - 2:2.0.21-3
|
|
||||||
- simplify spec
|
|
||||||
- Related: #1883490
|
|
||||||
|
|
||||||
* Mon Nov 09 2020 Jindrich Novy <jnovy@redhat.com> - 2:2.0.21-2
|
|
||||||
- be sure to harden the linked binary
|
|
||||||
- compile with debuginfo enabled
|
|
||||||
- Related: #1883490
|
|
||||||
|
|
||||||
* Wed Oct 21 2020 Jindrich Novy <jnovy@redhat.com> - 2:2.0.21-1
|
|
||||||
- synchronize with stream-container-tools-rhel8
|
|
||||||
- Related: #1883490
|
|
||||||
|
|
||||||
* Tue Aug 11 2020 Jindrich Novy <jnovy@redhat.com> - 2:2.0.20-2
|
|
||||||
- use proper CFLAGS
|
|
||||||
- Related: #1821193
|
|
||||||
|
|
||||||
* Wed Jul 29 2020 Jindrich Novy <jnovy@redhat.com> - 2:2.0.20-1
|
|
||||||
- update to https://github.com/containers/conmon/releases/tag/v2.0.20
|
|
||||||
- Related: #1821193
|
|
||||||
|
|
||||||
* Wed Jul 15 2020 Jindrich Novy <jnovy@redhat.com> - 2:2.0.19-1
|
|
||||||
- update to https://github.com/containers/conmon/releases/tag/v2.0.19
|
|
||||||
- Related: #1821193
|
|
||||||
|
|
||||||
* Tue Jun 16 2020 Jindrich Novy <jnovy@redhat.com> - 2:2.0.18-1
|
|
||||||
- update to https://github.com/containers/conmon/releases/tag/v2.0.18
|
|
||||||
- Related: #1821193
|
|
||||||
|
|
||||||
* Tue May 26 2020 Jindrich Novy <jnovy@redhat.com> - 2:2.0.17-1
|
|
||||||
- update to https://github.com/containers/conmon/releases/tag/v2.0.17
|
|
||||||
- Related: #1821193
|
|
||||||
|
|
||||||
* Wed May 13 2020 Jindrich Novy <jnovy@redhat.com> - 2:2.0.16-1
|
|
||||||
- update to https://github.com/containers/conmon/releases/tag/v2.0.16
|
|
||||||
- Related: #1821193
|
|
||||||
|
|
||||||
* Tue May 12 2020 Jindrich Novy <jnovy@redhat.com> - 2:2.0.15-2
|
|
||||||
- synchronize containter-tools 8.3.0 with 8.2.1
|
|
||||||
- Related: #1821193
|
|
||||||
|
|
||||||
* Mon Apr 06 2020 Jindrich Novy <jnovy@redhat.com> - 2:2.0.15-1
|
* Mon Apr 06 2020 Jindrich Novy <jnovy@redhat.com> - 2:2.0.15-1
|
||||||
- update to 2.0.15
|
- update to 2.0.15
|
||||||
- Related: #1821193
|
- Related: #1821193
|
||||||
|
|
||||||
* Wed Dec 11 2019 Jindrich Novy <jnovy@redhat.com> - 2:2.0.6-1
|
* Thu Dec 12 2019 Jindrich Novy <jnovy@redhat.com> - 2:2.0.6-1
|
||||||
- update to 2.0.6
|
- update to 2.0.6
|
||||||
- Related: RHELPLAN-25139
|
- Related: RHELPLAN-25139
|
||||||
|
|
||||||
@ -138,14 +64,10 @@ export LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now"
|
|||||||
- update to 2.0.5
|
- update to 2.0.5
|
||||||
- Related: RHELPLAN-25139
|
- Related: RHELPLAN-25139
|
||||||
|
|
||||||
* Mon Dec 09 2019 Jindrich Novy <jnovy@redhat.com> - 2:2.0.4-1
|
* Tue Dec 10 2019 Jindrich Novy <jnovy@redhat.com> - 2:2.0.4-1
|
||||||
- update to 2.0.4 bugfix release
|
- update to 2.0.4 bugfix release
|
||||||
- Related: RHELPLAN-25139
|
- Related: RHELPLAN-25139
|
||||||
|
|
||||||
* Mon Nov 25 2019 Jindrich Novy <jnovy@redhat.com> - 2:2.0.3-2.giteb5fa88
|
|
||||||
- BR: systemd-devel
|
|
||||||
- Related: RHELPLAN-25139
|
|
||||||
|
|
||||||
* Wed Nov 20 2019 Jindrich Novy <jnovy@redhat.com> - 2:2.0.3-1.giteb5fa88
|
* Wed Nov 20 2019 Jindrich Novy <jnovy@redhat.com> - 2:2.0.3-1.giteb5fa88
|
||||||
- update to 2.0.3
|
- update to 2.0.3
|
||||||
- Related: RHELPLAN-25139
|
- Related: RHELPLAN-25139
|
||||||
|
Loading…
Reference in New Issue
Block a user