containers
/
podman
mirror of https://github.com/containers/podman.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Dockerfile, .cirrus.yml: update runc commit 

we need to inherit this change from runc.

commit 869add33186caff4a22e3e11a7472a2d48d77889:

rootless: fix running with /proc/self/setgroups set to deny

    This is a regression from 06f789cf26774dd64cb2a9cc0b3c6a6ff832733b
    when the user namespace was configured without a privileged helper.
    To allow a single mapping in an user namespace, it is necessary to set
    /proc/self/setgroups to "deny".

    For a simple reproducer, the user namespace can be created with
    "unshare -r".

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano 2018-11-30 11:31:56 +01:00
parent 1d2e1eece5
commit 2dfb7c02b1
No known key found for this signature in database
GPG Key ID: E4730F97F60286ED
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.cirrus.yml
View File

@ -20,7 +20,7 @@ env:
CNI_COMMIT: "7480240de9749f9a0a5c8614b17f1f03e0c06ab9" CNI_COMMIT: "7480240de9749f9a0a5c8614b17f1f03e0c06ab9"
CRIO_COMMIT: "7a283c391abb7bd25086a8ff91dbb36ebdd24466" CRIO_COMMIT: "7a283c391abb7bd25086a8ff91dbb36ebdd24466"
CRIU_COMMIT: "c74b83cd49c00589c0c0468ba5fe685b67fdbd0a" CRIU_COMMIT: "c74b83cd49c00589c0c0468ba5fe685b67fdbd0a"
RUNC_COMMIT: "78ef28e63bec2ee4c139b5e3e0d691eb9bdc748d" RUNC_COMMIT: "869add33186caff4a22e3e11a7472a2d48d77889"
# File to update in home-dir with task-specific env. var values # File to update in home-dir with task-specific env. var values
ENVLIB: ".bash_profile" ENVLIB: ".bash_profile"
# Overrides default location (/tmp/cirrus) for repo clone # Overrides default location (/tmp/cirrus) for repo clone

2
Dockerfile
View File

@ -52,7 +52,7 @@ ADD . /go/src/github.com/containers/libpod
RUN set -x && cd /go/src/github.com/containers/libpod && make install.libseccomp.sudo RUN set -x && cd /go/src/github.com/containers/libpod && make install.libseccomp.sudo
# Install runc # Install runc
ENV RUNC_COMMIT 78ef28e63bec2ee4c139b5e3e0d691eb9bdc748d ENV RUNC_COMMIT 869add33186caff4a22e3e11a7472a2d48d77889
RUN set -x \ RUN set -x \
&& export GOPATH="$(mktemp -d)" \ && export GOPATH="$(mktemp -d)" \
&& git clone https://github.com/opencontainers/runc.git "$GOPATH/src/github.com/opencontainers/runc" \ && git clone https://github.com/opencontainers/runc.git "$GOPATH/src/github.com/opencontainers/runc" \