opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-11-30 18:18:18 +08:00
Code Issues Packages Projects Releases Wiki Activity

Bump to Buildah 1.16.0-dev in upstream

Browse Source 
Bump Buildah to v1.16.0-dev in the upstream branch
of Podman.  This will allow us to get a number of new
issues into the upstream branch for use.  The version of
Buildah will need to be bumped to v1.16.0 and then
vendored into Podman before we release Podman v2.0

Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
This commit is contained in:
TomSweeneyRedHat
2020-08-03 14:34:20 -04:00
parent 1709335cf0
commit 47c91097f7
42 changed files with 2175 additions and 1303 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
vendor/github.com/containers/buildah/chroot/run.go generated vendored
View File

@@ -7,6 +7,7 @@ import (
"encoding/json"
"fmt"
"io"
"io/ioutil"
"os"
"os/exec"
"path/filepath"
@@ -741,10 +742,13 @@ func runUsingChrootExecMain() {
os.Exit(1)
}
} else {
logrus.Debugf("clearing supplemental groups")
if err = syscall.Setgroups([]int{}); err != nil {
fmt.Fprintf(os.Stderr, "error clearing supplemental groups list: %v", err)
os.Exit(1)
setgroups, _ := ioutil.ReadFile("/proc/self/setgroups")
if strings.Trim(string(setgroups), "\n") != "deny" {
logrus.Debugf("clearing supplemental groups")
if err = syscall.Setgroups([]int{}); err != nil {
fmt.Fprintf(os.Stderr, "error clearing supplemental groups list: %v", err)
os.Exit(1)
}
}
}
@@ -1093,7 +1097,8 @@ func setupChrootBindMounts(spec *specs.Spec, bundlePath string) (undoBinds func(
}
subSys := filepath.Join(spec.Root.Path, m.Mountpoint)
if err := unix.Mount(m.Mountpoint, subSys, "bind", sysFlags, ""); err != nil {
return undoBinds, errors.Wrapf(err, "error bind mounting /sys from host into mount namespace")
logrus.Warningf("could not bind mount %q, skipping: %v", m.Mountpoint, err)
continue
}
if err := makeReadOnly(subSys, sysFlags); err != nil {
return undoBinds, err
@@ -1101,10 +1106,6 @@ func setupChrootBindMounts(spec *specs.Spec, bundlePath string) (undoBinds func(
}
logrus.Debugf("bind mounted %q to %q", "/sys", filepath.Join(spec.Root.Path, "/sys"))
// Add /sys/fs/selinux to the set of masked paths, to ensure that we don't have processes
// attempting to interact with labeling, when they aren't allowed to do so.
spec.Linux.MaskedPaths = append(spec.Linux.MaskedPaths, "/sys/fs/selinux")
// Bind mount in everything we've been asked to mount.
for _, m := range spec.Mounts {
// Skip anything that we just mounted.