Bump github.com/containers/common from 0.36.0 to 0.37.0

Bumps [github.com/containers/common](https://github.com/containers/common) from 0.36.0 to 0.37.0.
- [Release notes](https://github.com/containers/common/releases)
- [Commits](https://github.com/containers/common/compare/v0.36.0...v0.37.0)

Signed-off-by: dependabot[bot] <support@github.com>

go.mod

@@ -11,7 +11,7 @@ require (
 	github.com/containernetworking/cni v0.8.1
 	github.com/containernetworking/plugins v0.9.1
 	github.com/containers/buildah v1.20.1-0.20210402144408-36a37402d0c8
-	github.com/containers/common v0.36.0
+	github.com/containers/common v0.37.0
 	github.com/containers/conmon v2.0.20+incompatible
 	github.com/containers/image/v5 v5.11.1
 	github.com/containers/ocicrypt v1.1.1

go.sum

@@ -193,8 +193,8 @@ github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRD
 github.com/containers/buildah v1.20.1-0.20210402144408-36a37402d0c8 h1:RlqbDlfE3+qrq4bNTZG7NVPqCDzfZrgE/yicu0VAykQ=
 github.com/containers/buildah v1.20.1-0.20210402144408-36a37402d0c8/go.mod h1:iowyscoAC5jwNDhs3c5CLGdBZ9FJk5UOoN2I5TdmXFs=
 github.com/containers/common v0.35.4/go.mod h1:rMzxgD7nMGw++cEbsp+NZv0UJO4rgXbm7F7IbJPTwIE=
-github.com/containers/common v0.36.0 h1:7/0GM3oi2ROmKAg/8pDWJ8BU2BXdbmy7Gk2/SFCTV38=
+github.com/containers/common v0.37.0 h1:RRyR8FITTJXfrF7J9KXKSplywY4zsXoA2kuQXMaUaNo=
-github.com/containers/common v0.36.0/go.mod h1:rMzxgD7nMGw++cEbsp+NZv0UJO4rgXbm7F7IbJPTwIE=
+github.com/containers/common v0.37.0/go.mod h1:dgbJcccCPTmncqxhma56+XW+6d5VzqGF6jtkMHyu3v0=
 github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg=
 github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I=
 github.com/containers/image/v5 v5.10.5/go.mod h1:SgIbWEedCNBbn2FI5cH0/jed1Ecy2s8XK5zTxvJTzII=
@@ -213,6 +213,7 @@ github.com/containers/storage v1.23.5/go.mod h1:ha26Q6ngehFNhf3AWoXldvAvwI4jFe3E
 github.com/containers/storage v1.24.8/go.mod h1:YC+2pY8SkfEAcZkwycxYbpK8EiRbx5soPPwz9dxe4IQ=
 github.com/containers/storage v1.28.0/go.mod h1:ixAwO7Bj31cigqPEG7aCz+PYmxkDxbIFdUFioYdxbzI=
 github.com/containers/storage v1.28.1/go.mod h1:5bwiMh2LkrN3AWIfDFMH7A/xbVNLcve+oeXYvHvW8cc=
+github.com/containers/storage v1.29.0/go.mod h1:u84RU4CCufGeJBNTRNwMB+FoE+AiFeFw4SsMoqAOeCM=
 github.com/containers/storage v1.30.0 h1:KS6zmoPyy0Qcx1HCCiseQ0ysSckRvtiuoVpIGh9iwQA=
 github.com/containers/storage v1.30.0/go.mod h1:M/xn0pg6ReYFrLtWl5YELI/a4Xjq+Z3e5GJxQrJCcDI=
 github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk=

vendor/github.com/containers/common/pkg/auth/auth.go

@@ -5,6 +5,7 @@ import (
 	"context"
 	"fmt"
 	"os"
+	"path/filepath"
 	"strings"
 
 	"github.com/containers/image/v5/docker"
@@ -13,19 +14,21 @@ import (
 	"github.com/containers/image/v5/types"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
-	"golang.org/x/crypto/ssh/terminal"
+	terminal "golang.org/x/term"
 )
 
 // GetDefaultAuthFile returns env value REGISTRY_AUTH_FILE as default
 // --authfile path used in multiple --authfile flag definitions
 // Will fail over to DOCKER_CONFIG if REGISTRY_AUTH_FILE environment is not set
 func GetDefaultAuthFile() string {
-	authfile := os.Getenv("REGISTRY_AUTH_FILE")
+	if authfile := os.Getenv("REGISTRY_AUTH_FILE"); authfile != "" {
-	if authfile == "" {
-		authfile = os.Getenv("DOCKER_CONFIG")
-	}
 		return authfile
 	}
+	if auth_env := os.Getenv("DOCKER_CONFIG"); auth_env != "" {
+		return filepath.Join(auth_env, "config.json")
+	}
+	return ""
+}
 
 // CheckAuthFile validates filepath given by --authfile
 // used by command has --authfile flag
@@ -34,7 +37,7 @@ func CheckAuthFile(authfile string) error {
 		return nil
 	}
 	if _, err := os.Stat(authfile); err != nil {
-		return errors.Wrapf(err, "error checking authfile path %s", authfile)
+		return errors.Wrap(err, "checking authfile")
 	}
 	return nil
 }
@@ -70,11 +73,11 @@ func Login(ctx context.Context, systemContext *types.SystemContext, opts *LoginO
 		err    error
 	)
 	if len(args) > 1 {
-		return errors.Errorf("login accepts only one registry to login to")
+		return errors.New("login accepts only one registry to login to")
 	}
 	if len(args) == 0 {
 		if !opts.AcceptUnspecifiedRegistry {
-			return errors.Errorf("please provide a registry to login to")
+			return errors.New("please provide a registry to login to")
 		}
 		if server, err = defaultRegistryWhenUnspecified(systemContext); err != nil {
 			return err
@@ -85,7 +88,7 @@ func Login(ctx context.Context, systemContext *types.SystemContext, opts *LoginO
 	}
 	authConfig, err := config.GetCredentials(systemContext, server)
 	if err != nil {
-		return errors.Wrapf(err, "error reading auth file")
+		return errors.Wrap(err, "reading auth file")
 	}
 	if opts.GetLoginSet {
 		if authConfig.Username == "" {
@@ -95,17 +98,17 @@ func Login(ctx context.Context, systemContext *types.SystemContext, opts *LoginO
 		return nil
 	}
 	if authConfig.IdentityToken != "" {
-		return errors.Errorf("currently logged in, auth file contains an Identity token")
+		return errors.New("currently logged in, auth file contains an Identity token")
 	}
 
 	password := opts.Password
 	if opts.StdinPassword {
 		var stdinPasswordStrBuilder strings.Builder
 		if opts.Password != "" {
-			return errors.Errorf("Can't specify both --password-stdin and --password")
+			return errors.New("Can't specify both --password-stdin and --password")
 		}
 		if opts.Username == "" {
-			return errors.Errorf("Must provide --username with --password-stdin")
+			return errors.New("Must provide --username with --password-stdin")
 		}
 		scanner := bufio.NewScanner(opts.Stdin)
 		for scanner.Scan() {
@@ -126,7 +129,7 @@ func Login(ctx context.Context, systemContext *types.SystemContext, opts *LoginO
 
 	username, password, err := getUserAndPass(opts, password, authConfig.Username)
 	if err != nil {
-		return errors.Wrapf(err, "error getting username and password")
+		return errors.Wrap(err, "getting username and password")
 	}
 
 	if err = docker.CheckAuth(ctx, systemContext, username, password, server); err == nil {
@@ -143,7 +146,7 @@ func Login(ctx context.Context, systemContext *types.SystemContext, opts *LoginO
 		logrus.Debugf("error logging into %q: %v", server, unauthorized)
 		return errors.Errorf("error logging into %q: invalid username/password", server)
 	}
-	return errors.Wrapf(err, "error authenticating creds for %q", server)
+	return errors.Wrapf(err, "authenticating creds for %q", server)
 }
 
 // getRegistryName scrubs and parses the input to get the server name
@@ -172,7 +175,7 @@ func getUserAndPass(opts *LoginOptions, password, userFromAuthFile string) (user
 		}
 		username, err = reader.ReadString('\n')
 		if err != nil {
-			return "", "", errors.Wrapf(err, "error reading username")
+			return "", "", errors.Wrap(err, "reading username")
 		}
 		// If the user just hit enter, use the displayed user from the
 		// the authentication file.  This allows to do a lazy
@@ -186,7 +189,7 @@ func getUserAndPass(opts *LoginOptions, password, userFromAuthFile string) (user
 		fmt.Fprint(opts.Stdout, "Password: ")
 		pass, err := terminal.ReadPassword(0)
 		if err != nil {
-			return "", "", errors.Wrapf(err, "error reading password")
+			return "", "", errors.Wrap(err, "reading password")
 		}
 		password = string(pass)
 		fmt.Fprintln(opts.Stdout)
@@ -206,11 +209,11 @@ func Logout(systemContext *types.SystemContext, opts *LogoutOptions, args []stri
 		err    error
 	)
 	if len(args) > 1 {
-		return errors.Errorf("logout accepts only one registry to logout from")
+		return errors.New("logout accepts only one registry to logout from")
 	}
 	if len(args) == 0 && !opts.All {
 		if !opts.AcceptUnspecifiedRegistry {
-			return errors.Errorf("please provide a registry to logout from")
+			return errors.New("please provide a registry to logout from")
 		}
 		if server, err = defaultRegistryWhenUnspecified(systemContext); err != nil {
 			return err
@@ -219,7 +222,7 @@ func Logout(systemContext *types.SystemContext, opts *LogoutOptions, args []stri
 	}
 	if len(args) != 0 {
 		if opts.All {
-			return errors.Errorf("--all takes no arguments")
+			return errors.New("--all takes no arguments")
 		}
 		server = getRegistryName(args[0])
 	}
@@ -240,7 +243,7 @@ func Logout(systemContext *types.SystemContext, opts *LogoutOptions, args []stri
 	case config.ErrNotLoggedIn:
 		authConfig, err := config.GetCredentials(systemContext, server)
 		if err != nil {
-			return errors.Wrapf(err, "error reading auth file")
+			return errors.Wrap(err, "reading auth file")
 		}
 		authInvalid := docker.CheckAuth(context.Background(), systemContext, authConfig.Username, authConfig.Password, server)
 		if authConfig.Username != "" && authConfig.Password != "" && authInvalid == nil {
@@ -249,7 +252,7 @@ func Logout(systemContext *types.SystemContext, opts *LogoutOptions, args []stri
 		}
 		return errors.Errorf("Not logged into %s\n", server)
 	default:
-		return errors.Wrapf(err, "error logging out of %q", server)
+		return errors.Wrapf(err, "logging out of %q", server)
 	}
 }
 
@@ -258,10 +261,10 @@ func Logout(systemContext *types.SystemContext, opts *LogoutOptions, args []stri
 func defaultRegistryWhenUnspecified(systemContext *types.SystemContext) (string, error) {
 	registriesFromFile, err := sysregistriesv2.UnqualifiedSearchRegistries(systemContext)
 	if err != nil {
-		return "", errors.Wrapf(err, "error getting registry from registry.conf, please specify a registry")
+		return "", errors.Wrap(err, "getting registry from registry.conf, please specify a registry")
 	}
 	if len(registriesFromFile) == 0 {
-		return "", errors.Errorf("no registries found in registries.conf, a registry must be provided")
+		return "", errors.New("no registries found in registries.conf, a registry must be provided")
 	}
 	return registriesFromFile[0], nil
 }

vendor/github.com/containers/common/pkg/chown/chown_unix.go

@@ -16,7 +16,7 @@ func ChangeHostPathOwnership(path string, recursive bool, uid, gid int) error {
 	// Validate if host path can be chowned
 	isDangerous, err := DangerousHostPath(path)
 	if err != nil {
-		return errors.Wrapf(err, "failed to validate if host path is dangerous")
+		return errors.Wrap(err, "failed to validate if host path is dangerous")
 	}
 
 	if isDangerous {
@@ -42,13 +42,13 @@ func ChangeHostPathOwnership(path string, recursive bool, uid, gid int) error {
 		})
 
 		if err != nil {
-			return errors.Wrapf(err, "failed to chown recursively host path")
+			return errors.Wrap(err, "failed to chown recursively host path")
 		}
 	} else {
 		// Get host path info
 		f, err := os.Lstat(path)
 		if err != nil {
-			return errors.Wrapf(err, "failed to get host path information")
+			return errors.Wrap(err, "failed to get host path information")
 		}
 
 		// Get current ownership
@@ -57,7 +57,7 @@ func ChangeHostPathOwnership(path string, recursive bool, uid, gid int) error {
 
 		if uid != currentUID || gid != currentGID {
 			if err := os.Lchown(path, uid, gid); err != nil {
-				return errors.Wrapf(err, "failed to chown host path")
+				return errors.Wrap(err, "failed to chown host path")
 			}
 		}
 	}

vendor/github.com/containers/common/pkg/chown/chown_windows.go

@@ -7,5 +7,5 @@ import (
 // ChangeHostPathOwnership changes the uid and gid ownership of a directory or file within the host.
 // This is used by the volume U flag to change source volumes ownership
 func ChangeHostPathOwnership(path string, recursive bool, uid, gid int) error {
-	return errors.Errorf("windows not supported")
+	return errors.New("windows not supported")
 }

vendor/github.com/containers/common/pkg/config/config.go

@@ -465,16 +465,17 @@ func NewConfig(userConfigPath string) (*Config, error) {
 	// Now, gather the system configs and merge them as needed.
 	configs, err := systemConfigs()
 	if err != nil {
-		return nil, errors.Wrapf(err, "error finding config on system")
+		return nil, errors.Wrap(err, "finding config on system")
 	}
 	for _, path := range configs {
 		// Merge changes in later configs with the previous configs.
 		// Each config file that specified fields, will override the
 		// previous fields.
 		if err = readConfigFromFile(path, config); err != nil {
-			return nil, errors.Wrapf(err, "error reading system config %q", path)
+			return nil, errors.Wrapf(err, "reading system config %q", path)
 		}
-		logrus.Debugf("Merged system config %q: %+v", path, config)
+		logrus.Debugf("Merged system config %q", path)
+		logrus.Tracef("%+v", config)
 	}
 
 	// If the caller specified a config path to use, then we read it to
@@ -484,9 +485,10 @@ func NewConfig(userConfigPath string) (*Config, error) {
 		// readConfigFromFile reads in container config in the specified
 		// file and then merge changes with the current default.
 		if err = readConfigFromFile(userConfigPath, config); err != nil {
-			return nil, errors.Wrapf(err, "error reading user config %q", userConfigPath)
+			return nil, errors.Wrapf(err, "reading user config %q", userConfigPath)
 		}
-		logrus.Debugf("Merged user config %q: %+v", userConfigPath, config)
+		logrus.Debugf("Merged user config %q", userConfigPath)
+		logrus.Tracef("%+v", config)
 	}
 	config.addCAPPrefix()
 
@@ -502,9 +504,9 @@ func NewConfig(userConfigPath string) (*Config, error) {
 // default config. If the path, only specifies a few fields in the Toml file
 // the defaults from the config parameter will be used for all other fields.
 func readConfigFromFile(path string, config *Config) error {
-	logrus.Debugf("Reading configuration file %q", path)
+	logrus.Tracef("Reading configuration file %q", path)
 	if _, err := toml.DecodeFile(path, config); err != nil {
-		return errors.Wrapf(err, "unable to decode configuration %v", path)
+		return errors.Wrapf(err, "decode configuration %v", path)
 	}
 	return nil
 }
@@ -517,7 +519,7 @@ func systemConfigs() ([]string, error) {
 	path := os.Getenv("CONTAINERS_CONF")
 	if path != "" {
 		if _, err := os.Stat(path); err != nil {
-			return nil, errors.Wrapf(err, "failed to stat of %s from CONTAINERS_CONF environment variable", path)
+			return nil, errors.Wrap(err, "CONTAINERS_CONF file")
 		}
 		return append(configs, path), nil
 	}
@@ -554,7 +556,7 @@ func (c *Config) CheckCgroupsAndAdjustConfig() {
 		hasSession = err == nil
 	}
 
-	if !hasSession {
+	if !hasSession && unshare.GetRootlessUID() != 0 {
 		logrus.Warningf("The cgroupv2 manager is set to systemd but there is no systemd user session available")
 		logrus.Warningf("For using systemd, you may need to login using an user session")
 		logrus.Warningf("Alternatively, you can enable lingering with: `loginctl enable-linger %d` (possibly as root)", unshare.GetRootlessUID())
@@ -579,7 +581,7 @@ func (c *Config) addCAPPrefix() {
 func (c *Config) Validate() error {
 
 	if err := c.Containers.Validate(); err != nil {
-		return errors.Wrapf(err, " error validating containers config")
+		return errors.Wrap(err, "validating containers config")
 	}
 
 	if !c.Containers.EnableLabeling {
@@ -587,11 +589,11 @@ func (c *Config) Validate() error {
 	}
 
 	if err := c.Engine.Validate(); err != nil {
-		return errors.Wrapf(err, "error validating engine configs")
+		return errors.Wrap(err, "validating engine configs")
 	}
 
 	if err := c.Network.Validate(); err != nil {
-		return errors.Wrapf(err, "error validating network configs")
+		return errors.Wrap(err, "validating network configs")
 	}
 
 	return nil
@@ -606,7 +608,7 @@ func (c *EngineConfig) findRuntime() string {
 			}
 		}
 		if path, err := exec.LookPath(name); err == nil {
-			logrus.Warningf("Found default OCIruntime %s path which is missing from [engine.runtimes] in containers.conf", path)
+			logrus.Debugf("Found default OCI runtime %s path via PATH environment variable", path)
 			return name
 		}
 	}
@@ -1001,7 +1003,7 @@ func (c *Config) Write() error {
 	}
 	configFile, err := os.OpenFile(path, os.O_CREATE|os.O_RDWR|os.O_TRUNC, 0600)
 	if err != nil {
-		return errors.Wrapf(err, "cannot open %s", path)
+		return err
 	}
 	defer configFile.Close()
 	enc := toml.NewEncoder(configFile)

vendor/github.com/containers/common/pkg/config/default.go

@@ -331,10 +331,10 @@ func defaultTmpDir() (string, error) {
 
 	if err := os.Mkdir(libpodRuntimeDir, 0700|os.ModeSticky); err != nil {
 		if !os.IsExist(err) {
-			return "", errors.Wrapf(err, "cannot mkdir %s", libpodRuntimeDir)
+			return "", err
 		} else if err := os.Chmod(libpodRuntimeDir, 0700|os.ModeSticky); err != nil {
 			// The directory already exist, just set the sticky bit
-			return "", errors.Wrapf(err, "could not set sticky bit on %s", libpodRuntimeDir)
+			return "", errors.Wrap(err, "set sticky bit on")
 		}
 	}
 	return filepath.Join(libpodRuntimeDir, "tmp"), nil

vendor/github.com/containers/common/pkg/config/util_supported.go

@@ -40,7 +40,7 @@ func getRuntimeDir() (string, error) {
 		if runtimeDir == "" {
 			tmpDir := filepath.Join("/run", "user", uid)
 			if err := os.MkdirAll(tmpDir, 0700); err != nil {
-				logrus.Debugf("unable to make temp dir %s", tmpDir)
+				logrus.Debugf("unable to make temp dir: %v", err)
 			}
 			st, err := os.Stat(tmpDir)
 			if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && st.Mode().Perm() == 0700 {
@@ -50,7 +50,7 @@ func getRuntimeDir() (string, error) {
 		if runtimeDir == "" {
 			tmpDir := filepath.Join(os.TempDir(), fmt.Sprintf("run-%s", uid))
 			if err := os.MkdirAll(tmpDir, 0700); err != nil {
-				logrus.Debugf("unable to make temp dir %s", tmpDir)
+				logrus.Debugf("unable to make temp dir %v", err)
 			}
 			st, err := os.Stat(tmpDir)
 			if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && st.Mode().Perm() == 0700 {
@@ -65,7 +65,7 @@ func getRuntimeDir() (string, error) {
 			}
 			resolvedHome, err := filepath.EvalSymlinks(home)
 			if err != nil {
-				rootlessRuntimeDirError = errors.Wrapf(err, "cannot resolve %s", home)
+				rootlessRuntimeDirError = errors.Wrap(err, "cannot resolve home")
 				return
 			}
 			runtimeDir = filepath.Join(resolvedHome, "rundir")

vendor/github.com/containers/common/pkg/parse/parse.go

@@ -138,11 +138,11 @@ func isValidDeviceMode(mode string) bool {
 // ValidateVolumeHostDir validates a volume mount's source directory
 func ValidateVolumeHostDir(hostDir string) error {
 	if hostDir == "" {
-		return errors.Errorf("host directory cannot be empty")
+		return errors.New("host directory cannot be empty")
 	}
 	if filepath.IsAbs(hostDir) {
 		if _, err := os.Stat(hostDir); err != nil {
-			return errors.Wrapf(err, "error checking path %q", hostDir)
+			return err
 		}
 	}
 	// If hostDir is not an absolute path, that means the user wants to create a
@@ -153,7 +153,7 @@ func ValidateVolumeHostDir(hostDir string) error {
 // ValidateVolumeCtrDir validates a volume mount's destination directory.
 func ValidateVolumeCtrDir(ctrDir string) error {
 	if ctrDir == "" {
-		return errors.Errorf("container directory cannot be empty")
+		return errors.New("container directory cannot be empty")
 	}
 	if !filepath.IsAbs(ctrDir) {
 		return errors.Errorf("invalid container path %q, must be an absolute path", ctrDir)

vendor/github.com/containers/common/pkg/parse/parse_unix.go

@@ -22,7 +22,7 @@ func DeviceFromPath(device string) ([]devices.Device, error) {
 	}
 	srcInfo, err := os.Stat(src)
 	if err != nil {
-		return nil, errors.Wrapf(err, "error getting info of source device %s", src)
+		return nil, err
 	}
 
 	if !srcInfo.IsDir() {

vendor/github.com/containers/common/pkg/seccomp/default_linux.go

@@ -299,6 +299,7 @@ func DefaultProfile() *Seccomp {
 				"sendmmsg",
 				"sendmsg",
 				"sendto",
+				"setns",
 				"set_robust_list",
 				"set_thread_area",
 				"set_tid_address",

vendor/github.com/containers/common/pkg/seccomp/seccomp.json

@@ -303,6 +303,7 @@
 				"sendmmsg",
 				"sendmsg",
 				"sendto",
+				"setns",
 				"set_robust_list",
 				"set_thread_area",
 				"set_tid_address",

vendor/github.com/containers/common/pkg/subscriptions/subscriptions.go

@@ -225,7 +225,7 @@ func addSubscriptionsFromMountsFile(filePath, mountLabel, containerWorkingDir st
 				logrus.Warnf("Path %q from %q doesn't exist, skipping", hostDirOrFile, filePath)
 				continue
 			}
-			return nil, errors.Wrapf(err, "failed to stat %q", hostDirOrFile)
+			return nil, err
 		}
 
 		ctrDirOrFileOnHost := filepath.Join(containerWorkingDir, ctrDirOrFile)
@@ -246,11 +246,11 @@ func addSubscriptionsFromMountsFile(filePath, mountLabel, containerWorkingDir st
 			switch mode := fileInfo.Mode(); {
 			case mode.IsDir():
 				if err = os.MkdirAll(ctrDirOrFileOnHost, mode.Perm()); err != nil {
-					return nil, errors.Wrapf(err, "making container directory %q failed", ctrDirOrFileOnHost)
+					return nil, errors.Wrap(err, "making container directory")
 				}
 				data, err := getHostSubscriptionData(hostDirOrFile, mode.Perm())
 				if err != nil {
-					return nil, errors.Wrapf(err, "getting host subscription data failed")
+					return nil, errors.Wrap(err, "getting host subscription data")
 				}
 				for _, s := range data {
 					if err := s.saveTo(ctrDirOrFileOnHost); err != nil {
@@ -260,7 +260,7 @@ func addSubscriptionsFromMountsFile(filePath, mountLabel, containerWorkingDir st
 			case mode.IsRegular():
 				data, err := readFileOrDir("", hostDirOrFile, mode.Perm())
 				if err != nil {
-					return nil, errors.Wrapf(err, "error reading file %q", hostDirOrFile)
+					return nil, err
 
 				}
 				for _, s := range data {
@@ -268,7 +268,7 @@ func addSubscriptionsFromMountsFile(filePath, mountLabel, containerWorkingDir st
 						return nil, err
 					}
 					if err := ioutil.WriteFile(ctrDirOrFileOnHost, s.data, s.mode); err != nil {
-						return nil, errors.Wrapf(err, "error saving data to container filesystem on host %q", ctrDirOrFileOnHost)
+						return nil, errors.Wrap(err, "saving data to container filesystem")
 					}
 				}
 			default:
@@ -285,7 +285,7 @@ func addSubscriptionsFromMountsFile(filePath, mountLabel, containerWorkingDir st
 				}
 			}
 		} else if err != nil {
-			return nil, errors.Wrapf(err, "error getting status of %q", ctrDirOrFileOnHost)
+			return nil, err
 		}
 
 		m := rspec.Mount{
@@ -309,10 +309,10 @@ func addFIPSModeSubscription(mounts *[]rspec.Mount, containerWorkingDir, mountPo
 	ctrDirOnHost := filepath.Join(containerWorkingDir, subscriptionsDir)
 	if _, err := os.Stat(ctrDirOnHost); os.IsNotExist(err) {
 		if err = idtools.MkdirAllAs(ctrDirOnHost, 0755, uid, gid); err != nil { //nolint
-			return errors.Wrapf(err, "making container directory %q on host failed", ctrDirOnHost)
+			return err
 		}
 		if err = label.Relabel(ctrDirOnHost, mountLabel, false); err != nil {
-			return errors.Wrapf(err, "error applying correct labels on %q", ctrDirOnHost)
+			return errors.Wrapf(err, "applying correct labels on %q", ctrDirOnHost)
 		}
 	}
 	fipsFile := filepath.Join(ctrDirOnHost, "system-fips")
@@ -320,7 +320,7 @@ func addFIPSModeSubscription(mounts *[]rspec.Mount, containerWorkingDir, mountPo
 	if _, err := os.Stat(fipsFile); os.IsNotExist(err) {
 		file, err := os.Create(fipsFile)
 		if err != nil {
-			return errors.Wrapf(err, "error creating system-fips file in container for FIPS mode")
+			return errors.Wrap(err, "creating system-fips file in container for FIPS mode")
 		}
 		defer file.Close()
 	}
@@ -342,7 +342,7 @@ func addFIPSModeSubscription(mounts *[]rspec.Mount, containerWorkingDir, mountPo
 		if os.IsNotExist(err) {
 			return nil
 		}
-		return errors.Wrapf(err, "failed to stat FIPS Backend directory %q", ctrDirOnHost)
+		return errors.Wrap(err, "FIPS Backend directory")
 	}
 
 	if !mountExists(*mounts, destDir) {

vendor/github.com/containers/common/version/version.go

@@ -1,4 +1,4 @@
 package version
 
 // Version is the version of the build.
-const Version = "0.36.0"
+const Version = "0.37.0"

vendor/modules.txt

@@ -93,7 +93,7 @@ github.com/containers/buildah/pkg/parse
 github.com/containers/buildah/pkg/rusage
 github.com/containers/buildah/pkg/supplemented
 github.com/containers/buildah/util
-# github.com/containers/common v0.36.0
+# github.com/containers/common v0.37.0
 github.com/containers/common/pkg/apparmor
 github.com/containers/common/pkg/apparmor/internal/supported
 github.com/containers/common/pkg/auth