opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-12-02 02:58:03 +08:00
Code Issues Packages Projects Releases Wiki Activity

Dockerfile, .cirrus.yml: update runc commit

Browse Source 
we need to inherit this change from runc.

commit 869add33186caff4a22e3e11a7472a2d48d77889:

rootless: fix running with /proc/self/setgroups set to deny

    This is a regression from 06f789cf26774dd64cb2a9cc0b3c6a6ff832733b
    when the user namespace was configured without a privileged helper.
    To allow a single mapping in an user namespace, it is necessary to set
    /proc/self/setgroups to "deny".

    For a simple reproducer, the user namespace can be created with
    "unshare -r".

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano
2018-11-30 11:31:56 +01:00
parent 1d2e1eece5
commit 2dfb7c02b1
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Dockerfile
View File

@@ -52,7 +52,7 @@ ADD . /go/src/github.com/containers/libpod
RUN set -x && cd /go/src/github.com/containers/libpod && make install.libseccomp.sudo
# Install runc
ENV RUNC_COMMIT 78ef28e63bec2ee4c139b5e3e0d691eb9bdc748d
ENV RUNC_COMMIT 869add33186caff4a22e3e11a7472a2d48d77889
RUN set -x \
&& export GOPATH="$(mktemp -d)" \
&& git clone https://github.com/opencontainers/runc.git "$GOPATH/src/github.com/opencontainers/runc" \