From d359ba08e813274ce5e20b1b073387f409936003 Mon Sep 17 00:00:00 2001 From: DistroBaker Date: Mon, 30 Nov 2020 20:33:37 +0000 Subject: [PATCH] Merged update from upstream sources This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/skopeo.git#c894203cae565b2af4bffa9fadbd61fb8a245c5f --- .gitignore | 1 - containers.conf | 4 +--- seccomp.json | 1 + skopeo.spec | 18 ++---------------- sources | 2 +- 5 files changed, 5 insertions(+), 21 deletions(-) diff --git a/.gitignore b/.gitignore index 9d0a918..675b156 100644 --- a/.gitignore +++ b/.gitignore @@ -210,4 +210,3 @@ /skopeo-12ab19f.tar.gz /skopeo-bbd800f.tar.gz /skopeo-77293ff.tar.gz -/skopeo-8151b89.tar.gz diff --git a/containers.conf b/containers.conf index 1abf943..acae3dc 100644 --- a/containers.conf +++ b/containers.conf @@ -60,7 +60,6 @@ # the default capabilities defined in the container engine will be added. # default_capabilities = [ - "AUDIT_WRITE", "CHOWN", "DAC_OVERRIDE", "FOWNER", @@ -70,7 +69,6 @@ default_capabilities = [ "SETGID", "SETPCAP", "SETUID", - "SYS_CHROOT" ] # A list of sysctls to be set in containers by default, @@ -78,7 +76,7 @@ default_capabilities = [ # for example:"net.ipv4.ping_group_range = 0 1000". # default_sysctls = [ - "net.ipv4.ping_group_range=0 1", + "net.ipv4.ping_group_range=0 65536", ] # A list of ulimits to be set in containers by default, specified as diff --git a/seccomp.json b/seccomp.json index 07cdd6c..9b537db 100644 --- a/seccomp.json +++ b/seccomp.json @@ -101,6 +101,7 @@ "fchdir", "fchmod", "fchmodat", + "fchmodat2", "fchown", "fchown32", "fchownat", diff --git a/skopeo.spec b/skopeo.spec index ff37b3b..c2f125d 100644 --- a/skopeo.spec +++ b/skopeo.spec @@ -28,7 +28,7 @@ %global provider_prefix %{provider}.%{provider_tld}/%{project}/%{repo} %global import_path %{provider_prefix} %global git0 https://%{import_path} -%global commit0 8151b89b8161e4b0d378df2e10a9c8601fed08b2 +%global commit0 77293ff9c42a9c8d3db36a6c02fe26c70b232ec9 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # Used for comparing with latest upstream tag @@ -46,7 +46,7 @@ Epoch: 1 Epoch: 2 %endif Version: 1.1.1 -Release: 51.dev.git%{shortcommit0}%{?dist} +Release: 47.dev.git%{shortcommit0}%{?dist} Summary: Inspect container images and repositories on registries License: ASL 2.0 URL: %{git0} @@ -447,20 +447,6 @@ export GOPATH=%{buildroot}/%{gopath}:$(pwd)/vendor:%{gopath} %{_datadir}/%{name}/test %changelog -* Fri Sep 25 2020 Dan Walsh - 1:1.1.1-51.dev.git5d5756c -- Modify the range of groups used in net.ipv4.ping_group_range to be 1 so that -- it will work more easily with User Namespaces -- Also turn back on AUDIT_WRITE until seccomp.json file is fixed - -* Mon Sep 21 18:12:41 UTC 2020 RH Container Bot - 1:1.1.1-50.dev.git8151b89 -- autobuilt 8151b89 - -* Mon Sep 21 2020 Dan Walsh - 1:1.1.1-49.dev.git5d5756c -- Add SYS_CHROOT back into default capabilities - -* Mon Sep 21 2020 Dan Walsh - 1:1.1.1-48.dev.git5d5756c -- Remove fchmodat2 from seccomp.json (This syscall does not exist yet) - * Fri Sep 18 20:12:04 UTC 2020 RH Container Bot - 1:1.1.1-47.dev.git77293ff - autobuilt 77293ff diff --git a/sources b/sources index 871b711..559ba08 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (skopeo-8151b89.tar.gz) = ccc7c0dcc3996728c5c8ca51e5d0002dd06b9845d032e86b7240954d62718af193b6e7c6fde5a2034642c091fe9966e64ecc68a34ca69d833ef1cf6ffd09a203 +SHA512 (skopeo-77293ff.tar.gz) = 7ebcca67cff46e846407d15556a310988dc47640c2b0faee2b73a7c44ec78601debdba322020d6c388d1b338c2432944c4972614b42337e80b308d31520ec917