File libcontainers-common.changes of Package libcontainers-common.12794

-------------------------------------------------------------------
Mon Sep 23 15:28:02 UTC 2019 - Richard Brown <rbrown@suse.com>

- Update to image 1.4.4
  - Hard-code the kernel keyring use to be disabled for now
- Update to libpod 1.5.1
  - The hostname of pods is now set to the pod's name
  - Minor bugfixes
- Update to storage 1.12.16
  - Ignore ro mount options in btrfs and windows drivers

-------------------------------------------------------------------
Mon Sep 23 12:01:53 UTC 2019 - Richard Brown <rbrown@suse.com>

- Check /var/lib/containers if possible before setting btrfs backend (bsc#1151028)

-------------------------------------------------------------------
Wed Aug  7 10:35:07 UTC 2019 - Sascha Grunert <sgrunert@suse.com>

- Add missing licenses to spec file

-------------------------------------------------------------------
Tue Aug  6 11:42:17 UTC 2019 - Marco Vedovati <mvedovati@suse.com>

- Add a default registries.d configuration file, used to specify images 
  signatures storage location.

-------------------------------------------------------------------
Fri Aug  2 09:46:10 UTC 2019 - Sascha Grunert <sgrunert@suse.com>

- Update to image v3.0.0
  - Add "Env" to ImageInspectInfo
  - Add API function TryUpdatingCache
  - Add ability to install man pages
  - Add user registry auth to kernel keyring
  - Fix policy.json.md -> containers-policy.json.5.md references
  - Fix typo in docs/containers-registries.conf.5.md
  - Remove pkg/sysregistries
  - Touch up transport man page
  - Try harder in storageImageDestination.TryReusingBlob
  - Use the same HTTP client for contacting the bearer token server and the
    registry
  - ci: change GOCACHE to a writeable path
  - config.go: improve debug message
  - config.go: log where credentials come from
  - docker client: error if registry is blocked
  - docker: allow deleting OCI images
  - docker: delete: support all MIME types
  - ostree: default is no OStree support
  - ostree: improve error message
  - progress bar: use spinners for unknown blob sizes
  - use 'containers_image_ostree' as build tag
  - use keyring when authfile empty
- Update to storage v1.12.16
  - Add cirrus vendor check
  - Add storage options to IgnoreChownErrors
  - Add support for UID as well as UserName in /etc/subuid files.
  - Add support for ignoreChownErrors to vfs
  - Add support for installing man pages
  - Fix cross-compilation
  - Keep track of the UIDs and GIDs used in applied layers
  - Move lockfiles to their own package
  - Remove merged directory when it is unmounted
  - Switch to go modules
  - Switch to golangci-lint
  - Update generated files
  - Use same variable name on both commands
  - cirrus: ubuntu: try removing cryptsetup-initramfs
  - compression: add support for the zstd algorithm
  - getLockfile(): use the absolute path
  - loadMounts(): reset counts before merging just-loaded data
  - lockfile: don't bother releasing a lock when closing a file
  - locking test updates
  - locking: take read locks on read-only stores
  - make local-cross more reliable for CI
  - overlay: cache the results of supported/using-metacopy/use-naive-diff
    feature tests
  - overlay: fix small piece of repeated work
  - utils: fix check for missing conf file
  - zstd: use github.com/klauspost/compress directly

-------------------------------------------------------------------
Mon Jul  8 13:18:20 UTC 2019 - Sascha Grunert <sgrunert@suse.com>

- Update to libpod v1.4.4
  - Fixed a bug where rootless Podman would attempt to use the
    entire root configuration if no rootless configuration was
    present for the user, breaking rootless Podman for new
    installations
  - Fixed a bug where rootless Podman's pause process would block
    SIGTERM, preventing graceful system shutdown and hanging until
    the system's init send SIGKILL
  - Fixed a bug where running Podman as root with sudo -E would not
    work after running rootless Podman at least once
  - Fixed a bug where options for tmpfs volumes added with the
    --tmpfs flag were being ignored
  - Fixed a bug where images with no layers could not properly be
    displayed and removed by Podman
  - Fixed a bug where locks were not properly freed on failure to
    create a container or pod
  - Podman now has greatly improved support for containers using
    multiple OCI runtimes. Containers now remember if they were
    created with a different runtime using --runtime and will
    always use that runtime
  - The cached and delegated options for volume mounts are now
    allowed for Docker compatability (#3340)
  - The podman diff command now supports the --latest flag
  - Fixed a bug where podman cp on a single file would create a
    directory at the target and place the file in it (#3384)
  - Fixed a bug where podman inspect --format '{{.Mounts}}' would
    print a hexadecimal address instead of a container's mounts
  - Fixed a bug where rootless Podman would not add an entry to
    container's /etc/hosts files for their own hostname (#3405)
  - Fixed a bug where podman ps --sync would segfault (#3411)
  - Fixed a bug where podman generate kube would produce an invalid
    ports configuration (#3408)
  - Podman now performs much better on systems with heavy I/O load
  - The --cgroup-manager flag to podman now shows the correct
    default setting in help if the default was overridden by
    libpod.conf
  - For backwards compatability, setting --log-driver=json-file in
    podman run is now supported as an alias for
    --log-driver=k8s-file. This is considered deprecated, and
    json-file will be moved to a new implementation in the future
    ([#3363](https://github.com/containers/libpod/issues/3363))
  - Podman's default libpod.conf file now allows the crun OCI
    runtime to be used if it is installed
  - Fixed a bug where Podman could not run containers using an
    older version of Systemd as init (#3295)
  - Updated vendored Buildah to v1.9.0 to resolve a critical bug
    with Dockerfile RUN instructions
  - The error message for running podman kill on containers that
    are not running has been improved
  - The Podman remote client can now log to a file if syslog is not
    available
  - The MacOS dmg file is experimental, use at your own risk.
  - The podman exec command now sets its error code differently
    based on whether the container does not exist, and the command
    in the container does not exist
  - The podman inspect command on containers now outputs Mounts
    JSON that matches that of docker inspect, only including
    user-specified volumes and differentiating bind mounts and
    named volumes
  - The podman inspect command now reports the path to a
    container's OCI spec with the OCIConfigPath key (only included
    when the container is initialized or running)
  - The podman run --mount command now supports the
    bind-nonrecursive option for bind mounts (#3314)
  - Fixed a bug where podman play kube would fail to create
    containers due to an unspecified log driver
  - Fixed a bug where Podman would fail to build with musl libc
    (#3284)
  - Fixed a bug where rootless Podman using slirp4netns networking
    in an environment with no nameservers on the host other than
    localhost would result in nonfunctional networking (#3277)
  - Fixed a bug where podman import would not properly set
    environment variables, discarding their values and retaining
    only keys
  - Fixed a bug where Podman would fail to run when built with
    Apparmor support but run on systems without the Apparmor kernel
    module loaded (#3331)
  - Remote Podman will now default the username it uses to log in
    to remote systems to the username of the current user
  - Podman now uses JSON logging with OCI runtimes that support it,
    allowing for better error reporting
  - Updated vendored Buildah to v1.8.4
  - Updated vendored containers/image to v2.0
- Update to image v2.0.0
  - Add registry mirror support
  - Include missing man pages (bsc#1139526)
- Update to storage v1.12.10
  - Add support for UID as well as UserName in /etc/subuid files.
  - utils: fix check for missing conf file
  - compression: add support for the zstd algorithm
  - overlay: cache the results of
    supported/using-metacopy/use-naive-diff feature tests

-------------------------------------------------------------------
Tue Jun 11 07:06:13 UTC 2019 - Sascha Grunert <sgrunert@suse.com>

- Update to libpod v1.4.0
  - The podman checkpoint and podman restore commands can now be
    used to migrate containers between Podman installations on
    different systems
  - The podman cp command now supports a pause flag to pause
    containers while copying into them
  - The remote client now supports a configuration file for
    pre-configuring connections to remote Podman installations
  - Fixed CVE-2019-10152 - The podman cp command improperly
    dereferenced symlinks in host context
  - Fixed a bug where podman commit could improperly set
    environment variables that contained = characters
  - Fixed a bug where rootless Podman would sometimes fail to start
    containers with forwarded ports
  - Fixed a bug where podman version on the remote client could
    segfault
  - Fixed a bug where podman container runlabel would use
    /proc/self/exe instead of the path of the Podman command when
    printing the command being executed
  - Fixed a bug where filtering images by label did not work
  - Fixed a bug where specifying a bing mount or tmpfs mount over
    an image volume would cause a container to be unable to start
  - Fixed a bug where podman generate kube did not work with
    containers with named volumes
  - Fixed a bug where rootless Podman would receive permission
    denied errors accessing conmon.pid
  - Fixed a bug where podman cp with a folder specified as target
    would replace the folder, as opposed to copying into it
  - Fixed a bug where rootless Podman commands could double-unlock
    a lock, causing a crash
  - Fixed a bug where Podman incorrectly set tmpcopyup on /dev/
    mounts, causing errors when using the Kata containers runtime
  - Fixed a bug where podman exec would fail on older kernels
  - The podman commit command is now usable with the Podman remote
    client
  - The --signature-policy flag (used with several image-related
    commands) has been deprecated
  - The podman unshare command now defines two environment
    variables in the spawned shell: CONTAINERS_RUNROOT and
    CONTAINERS_GRAPHROOT, pointing to temporary and permanent
    storage for rootless containers
  - Updated vendored containers/storage and containers/image
    libraries with numerous bugfixes
  - Updated vendored Buildah to v1.8.3
  - Podman now requires Conmon v0.2.0
  - The podman cp command is now aliased as podman container cp
  - Rootless Podman will now default init_path using root Podman's
    configuration files (/etc/containers/libpod.conf and
    /usr/share/containers/libpod.conf) if not overridden in the
    rootless configuration
- Update to image v1.5.1
  - Vendor in latest containers/storage
  - docker/docker_client: Drop redundant Domain(ref.ref) call
  - pkg/blobinfocache: Split implementations into subpackages
  - copy: progress bar: show messages on completion
  - docs: rename manpages to *.5.command
  - add container-certs.d.md manpage
  - pkg/docker/config: Bring auth tests from
    docker/docker_client_test
  - Don't allocate a sync.Mutex separately
- Update to storage v1.12.10
  - Add function to parse out mount options from graphdriver
  - Merge the disparate parts of all of the Unix-like lockfiles
  - Fix unix-but-not-Linux compilation
  - Return XDG_RUNTIME_DIR as RootlessRuntimeDir if set
  - Cherry-pick moby/moby #39292 for CVE-2018-15664 fixes
  - lockfile: add RecursiveLock() API
  - Update generated files
  - Fix crash on tesing of aufs code
  - Let consumers know when Layers and Images came from read-only stores
  - chown: do not change owner for the mountpoint
  - locks: correctly mark updates to the layers list
  - CreateContainer: don't worry about mapping layers unless necessary
  - docs: fix manpage for containers-storage.conf
  - docs: sort configuration options alphabetically
  - docs: document OSTree file deduplication
  - Add missing options to man page for containers-storage
  - overlay: use the layer idmapping if present
  - vfs: prefer layer custom idmappings
  - layers: propagate down the idmapping settings
  - Recreate symlink when not found
  - docs: fix manpage for configuration file
  - docs: add special handling for manpages in sect 5
  - overlay: fix single-lower test
  - Recreate symlink when not found
  - overlay: propagate errors from mountProgram
  - utils: root in a userns uses global conf file
  - Fix handling of additional stores
  - Correctly check permissions on rootless directory
  - Fix possible integer overflow on 32bit builds
  - Evaluate device path for lvm
  - lockfile test: make concurrent RW test determinisitc
  - lockfile test: make concurrent read tests deterministic
  - drivers.DirCopy: fix filemode detection
  - storage: move the logic to detect rootless into utils.go
  - Don't set (struct flock).l_pid
  - Improve documentation of getLockfile
  - Rename getLockFile to createLockerForPath, and document it
  - Add FILES section to containers-storage.5 man page
  - add digest locks
  - drivers/copy: add a non-cgo fallback
- Add default SLES mounts for container-suseconnect usage

-------------------------------------------------------------------
Tue Jun  4 14:27:15 UTC 2019 - Richard Brown <rbrown@suse.com>

- Add util-linux and grep as Requires(post) to ensure btrfs config gets made correctly

-------------------------------------------------------------------
Mon Apr  1 14:24:17 UTC 2019 - Richard Brown <rbrown@suse.com>

- Update to libpod v1.2.0
  * Rootless Podman can now be used with a single UID and GID, without requiring a full 65536 UIDs/GIDs to be allocated in /etc/subuid and /etc/subgid
  * Move pkg/util default storage functions from libpod to containers/storage
- Update to image v1.5
  * Minor behind the scene bugfixes, no user facing changes
- Update to storage v1.12.1
  * Move pkg/util default storage functions from libpod to containers/storage
  * containers/storage no longer depends on containers/image
- Version 20190401

-------------------------------------------------------------------
Wed Feb 27 14:51:55 UTC 2019 - Richard Brown <rbrown@suse.com>

- Update to libpod v1.1.0
   * Rootless Podman can now forward ports into containers (using the same -p and -P flags as root Podman)
   * Rootless Podman will now pull some configuration options (for example, OCI runtime path) from the default root libpod.conf if they are not explicitly set in the user's own libpod.conf

-------------------------------------------------------------------
Tue Feb 19 15:34:54 UTC 2019 - Richard Brown <rbrown@suse.com>

- Upgrade to storage v1.10
  * enable parallel blob reads
  * Teach images to hold multiple manifests
  * Move structs for storage.conf to pkg/config
- Upgrade to libpod v1.0.1
  * Do not unmarshal into c.config.Spec
  * spec: add nosuid,noexec,nodev to ro bind mount

-------------------------------------------------------------------
Sat Feb  2 11:07:30 UTC 2019 - Richard Brown <rbrown@suse.com>

- Restore non-upstream storage.conf, needed by CRI-O

-------------------------------------------------------------------
Fri Jan 25 14:30:45 UTC 2019 - Richard Brown <rbrown@suse.com>

- Upgrade to storage v1.8
  * Check for the OS when setting btrfs/libdm/ostree tags
- Upgrade to image v1.3
  * vendor: use github.com/klauspost/pgzip instead of compress/gzip
  * vendor latest ostree
- Refactor specfile to use versioned tarballs
- Established package versioning scheme (ISODATE of change)
- Remove non-upstream storage.conf
- Set btrfs as default driver if /var/lib is on btrfs [boo#1123119]
- Version 20190125

-------------------------------------------------------------------
Thu Jan 17 14:20:49 UTC 2019 - Richard Brown <rbrown@suse.com>

- Upgrade to storage v1.6
  * Remove private mount from zfs driver
  * Update zfs driver to be closer to moby driver
  * Use mount options when mounting the chown layer.

-------------------------------------------------------------------
Sun Jan 13 15:39:42 UTC 2019 - Richard Brown <rbrown@suse.com>

- Upgrade to libpod v1.0.0
  * Fixed a bug where storage.conf was sometimes ignored for rootless containers

-------------------------------------------------------------------
Tue Jan  8 11:35:41 UTC 2019 - Richard Brown <rbrown@suse.com>

- Upgrade to libpod v0.12.1.2 and storage v1.4
  * No significant functional or packaging changes

-------------------------------------------------------------------
Sun Jan  6 22:11:02 UTC 2019 - Richard Brown <rbrown@suse.com>

- storage.conf - restore btrfs as the default driver

-------------------------------------------------------------------
Fri Dec  7 10:54:37 UTC 2018 - Richard Brown <rbrown@suse.com>

- Update to latest libpod and storage to support cri-o 1.13

-------------------------------------------------------------------
Wed Dec  5 14:45:37 UTC 2018 - Richard Brown <rbrown@suse.com>

- Use seccomp.json from github.com/containers/libpod, instead of
  installing the tar.xz on users systems (boo#1118444)

-------------------------------------------------------------------
Mon Nov 12 09:21:37 UTC 2018 - Valentin Rothberg <vrothberg@suse.com>

- Add oci-hooks(5) manpage from libpod.

-------------------------------------------------------------------
Mon Nov 12 08:14:08 UTC 2018 - Valentin Rothberg <vrothberg@suse.com>

- Use seccomp.json from github.com/containers/libpod to align with the
  upstream defaults.

- Update to the latest image and storage to pull in improvements to the
  manpages.

-------------------------------------------------------------------
Mon Aug 27 14:24:51 UTC 2018 - vrothberg@suse.com

- storage.conf: comment out options that are not supported by btrfs.
  This simplifies switching the driver as it avoids the whack-a-mole
  of commenting out "unsupported" options.

-------------------------------------------------------------------
Mon Aug 27 08:48:16 UTC 2018 - vrothberg@suse.com

- Consolidate libcontainers-{common,image,storage} into one package,
  libcontainers-common. That's the way upstream intended all libraries from
  github.com/containers to be packaged. It facilitates updating and maintaining
  the package, as all configs and manpages come from a central source.

  Note that the `storage` binary that previously has been provided by the
  libcontainers-storage package is not provided anymore as, despite the claims
  in the manpages, it is not intended for production use.

-------------------------------------------------------------------
Mon Aug 13 11:44:31 UTC 2018 - vrothberg@suse.com

- Make libcontainers-common arch independent.

- Add LICENSE.

-------------------------------------------------------------------
Thu Apr 12 09:36:39 UTC 2018 - fcastelli@suse.com

- Added /usr/share/containers/oci/hooks.d and /etc/containers/oci/hooks.d
  to the package. These are used by tools like cri-o and podman to store
  custom hooks.

-------------------------------------------------------------------
Mon Mar  5 09:30:12 UTC 2018 - vrothberg@suse.com

- Configuration files should generally be tagged as %config(noreplace) in order
  to keep the modified config files and to avoid losing data when the package
  is being updated.

  feature#crio

-------------------------------------------------------------------
Thu Feb  8 13:07:24 UTC 2018 - vrothberg@suse.com

- Add libcontainers-common package.