From 172bad95bde25562b6c8cc2f4a3cc4dbc7b22712 Mon Sep 17 00:00:00 2001 From: DistroBaker Date: Mon, 30 Nov 2020 20:33:53 +0000 Subject: [PATCH] Merged update from upstream sources This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/skopeo.git#f5aa131e4c43b90b8dd01a70e3d8b0eec965b7c5 --- .gitignore | 4 ++++ containers.conf | 4 +++- seccomp.json | 1 - skopeo.spec | 30 +++++++++++++++++++++++++++--- sources | 2 +- 5 files changed, 35 insertions(+), 6 deletions(-) diff --git a/.gitignore b/.gitignore index 675b156..b3ca221 100644 --- a/.gitignore +++ b/.gitignore @@ -210,3 +210,7 @@ /skopeo-12ab19f.tar.gz /skopeo-bbd800f.tar.gz /skopeo-77293ff.tar.gz +/skopeo-8151b89.tar.gz +/skopeo-44beab6.tar.gz +/skopeo-6dabefa.tar.gz +/skopeo-d8bc8b6.tar.gz diff --git a/containers.conf b/containers.conf index acae3dc..1abf943 100644 --- a/containers.conf +++ b/containers.conf @@ -60,6 +60,7 @@ # the default capabilities defined in the container engine will be added. # default_capabilities = [ + "AUDIT_WRITE", "CHOWN", "DAC_OVERRIDE", "FOWNER", @@ -69,6 +70,7 @@ default_capabilities = [ "SETGID", "SETPCAP", "SETUID", + "SYS_CHROOT" ] # A list of sysctls to be set in containers by default, @@ -76,7 +78,7 @@ default_capabilities = [ # for example:"net.ipv4.ping_group_range = 0 1000". # default_sysctls = [ - "net.ipv4.ping_group_range=0 65536", + "net.ipv4.ping_group_range=0 1", ] # A list of ulimits to be set in containers by default, specified as diff --git a/seccomp.json b/seccomp.json index 9b537db..07cdd6c 100644 --- a/seccomp.json +++ b/seccomp.json @@ -101,7 +101,6 @@ "fchdir", "fchmod", "fchmodat", - "fchmodat2", "fchown", "fchown32", "fchownat", diff --git a/skopeo.spec b/skopeo.spec index c2f125d..878b8e5 100644 --- a/skopeo.spec +++ b/skopeo.spec @@ -28,7 +28,7 @@ %global provider_prefix %{provider}.%{provider_tld}/%{project}/%{repo} %global import_path %{provider_prefix} %global git0 https://%{import_path} -%global commit0 77293ff9c42a9c8d3db36a6c02fe26c70b232ec9 +%global commit0 d8bc8b62e90912db24d090a1eca8b4fa46cba084 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # Used for comparing with latest upstream tag @@ -45,8 +45,8 @@ Epoch: 1 %else Epoch: 2 %endif -Version: 1.1.1 -Release: 47.dev.git%{shortcommit0}%{?dist} +Version: 1.2.1 +Release: 4.dev.git%{shortcommit0}%{?dist} Summary: Inspect container images and repositories on registries License: ASL 2.0 URL: %{git0} @@ -447,6 +447,30 @@ export GOPATH=%{buildroot}/%{gopath}:$(pwd)/vendor:%{gopath} %{_datadir}/%{name}/test %changelog +* Fri Oct 2 2020 RH Container Bot - 1:1.2.1-4.dev.gitd8bc8b6 +- autobuilt d8bc8b6 + +* Wed Sep 30 2020 RH Container Bot - 1:1.2.1-3.dev.git6dabefa +- autobuilt 6dabefa + +* Fri Sep 25 2020 RH Container Bot - 1:1.2.1-2.dev.git44beab6 +- bump to 1.2.1 +- autobuilt 44beab6 + +* Fri Sep 25 2020 Dan Walsh - 1:1.1.1-51.dev.git5d5756c +- Modify the range of groups used in net.ipv4.ping_group_range to be 1 so that +- it will work more easily with User Namespaces +- Also turn back on AUDIT_WRITE until seccomp.json file is fixed + +* Mon Sep 21 18:12:41 UTC 2020 RH Container Bot - 1:1.1.1-50.dev.git8151b89 +- autobuilt 8151b89 + +* Mon Sep 21 2020 Dan Walsh - 1:1.1.1-49.dev.git5d5756c +- Add SYS_CHROOT back into default capabilities + +* Mon Sep 21 2020 Dan Walsh - 1:1.1.1-48.dev.git5d5756c +- Remove fchmodat2 from seccomp.json (This syscall does not exist yet) + * Fri Sep 18 20:12:04 UTC 2020 RH Container Bot - 1:1.1.1-47.dev.git77293ff - autobuilt 77293ff diff --git a/sources b/sources index 559ba08..5b466dd 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (skopeo-77293ff.tar.gz) = 7ebcca67cff46e846407d15556a310988dc47640c2b0faee2b73a7c44ec78601debdba322020d6c388d1b338c2432944c4972614b42337e80b308d31520ec917 +SHA512 (skopeo-d8bc8b6.tar.gz) = 04c3fcb4a61df01aad6fb2c938009524cce3476759d868c75b24641013a998db3c7f8a910b2a350f84d74c1bc5471fc20c5ea7939175faa25dccf17353d57823