vendor: update containers/{common,storage,image,buildah}

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>

vendor/github.com/containers/buildah/run_freebsd.go

@@ -156,7 +156,11 @@ func (b *Builder) Run(command []string, options RunOptions) error {
 
 	containerName := Package + "-" + filepath.Base(path)
 	if configureNetwork {
-		g.AddAnnotation("org.freebsd.parentJail", containerName+"-vnet")
+		if jail.NeedVnetJail() {
+			g.AddAnnotation("org.freebsd.parentJail", containerName+"-vnet")
+		} else {
+			g.AddAnnotation("org.freebsd.jail.vnet", "new")
+		}
 	}
 
 	homeDir, err := b.configureUIDGID(g, mountPoint, options)
@@ -247,9 +251,11 @@ func (b *Builder) Run(command []string, options RunOptions) error {
 
 	defer b.cleanupTempVolumes()
 
-	// If we are creating a network, make the vnet here so that we
-	// can execute the OCI runtime inside it.
-	if configureNetwork {
+	// If we are creating a network, make the vnet here so that we can
+	// execute the OCI runtime inside it. For FreeBSD-13.3 and later, we can
+	// configure the container network settings from outside the jail, which
+	// removes the need for a separate jail to manage the vnet.
+	if configureNetwork && jail.NeedVnetJail() {
 		mynetns := containerName + "-vnet"
 
 		jconf := jail.NewConfig()
@@ -426,7 +432,12 @@ func (b *Builder) runConfigureNetwork(pid int, isolation define.Isolation, optio
 	}
 	logrus.Debugf("configureNetworks: %v", configureNetworks)
 
-	mynetns := containerName + "-vnet"
+	var mynetns string
+	if jail.NeedVnetJail() {
+		mynetns = containerName + "-vnet"
+	} else {
+		mynetns = containerName
+	}
 
 	networks := make(map[string]nettypes.PerNetworkOptions, len(configureNetworks))
 	for i, network := range configureNetworks {