Recommended update for libcontainers-common
Announcement ID: | SUSE-RU-2019:2880-1 |
---|---|
Rating: | moderate |
References: | |
Affected Products: |
|
An update that has three fixes can now be installed.
Description:
This update for libcontainers-common fixes the following issues:
Update to image 1.4.4:
- Hard-code the kernel keyring use to be disabled for now
Update to libpod 1.5.1:
- The hostname of pods is now set to the pod's name
- Minor bugfixes
Update to storage 1.12.16:
-
Ignore ro mount options in btrfs and windows drivers
-
Check /var/lib/containers if possible before setting btrfs backend (bsc#1151028)
-
Add a default registries.d configuration file, used to specify images signatures storage location.
Update to image v3.0.0:
- Add "Env" to ImageInspectInfo
- Add API function TryUpdatingCache
- Add ability to install man pages
- Add user registry auth to kernel keyring
- Fix policy.json.md -> containers-policy.json.5.md references
- Fix typo in docs/containers-registries.conf.5.md
- Remove pkg/sysregistries
- Touch up transport man page
- Try harder in storageImageDestination.TryReusingBlob
- Use the same HTTP client for contacting the bearer token server and the registry
- ci: change GOCACHE to a writeable path
- config.go: improve debug message
- config.go: log where credentials come from
- docker client: error if registry is blocked
- docker: allow deleting OCI images
- docker: delete: support all MIME types
- ostree: default is no OStree support
- ostree: improve error message
- progress bar: use spinners for unknown blob sizes
- use 'containers_image_ostree' as build tag
- use keyring when authfile empty
- Update to storage v1.12.16
- Add cirrus vendor check
- Add storage options to IgnoreChownErrors
- Add support for UID as well as UserName in /etc/subuid files.
- Add support for ignoreChownErrors to vfs
- Add support for installing man pages
- Fix cross-compilation
- Keep track of the UIDs and GIDs used in applied layers
- Move lockfiles to their own package
- Remove merged directory when it is unmounted
- Switch to go modules
- Switch to golangci-lint
- Update generated files
- Use same variable name on both commands
- cirrus: ubuntu: try removing cryptsetup-initramfs
- compression: add support for the zstd algorithm
- getLockfile(): use the absolute path
- loadMounts(): reset counts before merging just-loaded data
- lockfile: don't bother releasing a lock when closing a file
- locking test updates
- locking: take read locks on read-only stores
- make local-cross more reliable for CI
- overlay: cache the results of supported/using-metacopy/use-naive-diff feature tests
- overlay: fix small piece of repeated work
- utils: fix check for missing conf file
- zstd: use github.com/klauspost/compress directly
Update to libpod v1.4.4:
- Fixed a bug where rootless Podman would attempt to use the entire root configuration if no rootless configuration was present for the user, breaking rootless Podman for new installations
- Fixed a bug where rootless Podman's pause process would block SIGTERM, preventing graceful system shutdown and hanging until the system's init send SIGKILL
- Fixed a bug where running Podman as root with sudo -E would not work after running rootless Podman at least once
- Fixed a bug where options for tmpfs volumes added with the --tmpfs flag were being ignored
- Fixed a bug where images with no layers could not properly be displayed and removed by Podman
- Fixed a bug where locks were not properly freed on failure to create a container or pod
- Podman now has greatly improved support for containers using multiple OCI runtimes. Containers now remember if they were created with a different runtime using --runtime and will always use that runtime
- The cached and delegated options for volume mounts are now allowed for Docker compatability (#3340)
- The podman diff command now supports the --latest flag
- Fixed a bug where podman cp on a single file would create a directory at the target and place the file in it (#3384)
- Fixed a bug where podman inspect --format '{{.Mounts}}' would print a hexadecimal address instead of a container's mounts
- Fixed a bug where rootless Podman would not add an entry to container's /etc/hosts files for their own hostname (#3405)
- Fixed a bug where podman ps --sync would segfault (#3411)
- Fixed a bug where podman generate kube would produce an invalid ports configuration (#3408)
- Podman now performs much better on systems with heavy I/O load
- The --cgroup-manager flag to podman now shows the correct default setting in help if the default was overridden by libpod.conf
- For backwards compatability, setting --log-driver=json-file in podman run is now supported as an alias for --log-driver=k8s-file. This is considered deprecated, and json-file will be moved to a new implementation in the future (#3363)
- Podman's default libpod.conf file now allows the crun OCI runtime to be used if it is installed
- Fixed a bug where Podman could not run containers using an older version of Systemd as init (#3295)
- Updated vendored Buildah to v1.9.0 to resolve a critical bug with Dockerfile RUN instructions
- The error message for running podman kill on containers that are not running has been improved
- The Podman remote client can now log to a file if syslog is not available
- The MacOS dmg file is experimental, use at your own risk.
- The podman exec command now sets its error code differently based on whether the container does not exist, and the command in the container does not exist
- The podman inspect command on containers now outputs Mounts JSON that matches that of docker inspect, only including user-specified volumes and differentiating bind mounts and named volumes
- The podman inspect command now reports the path to a container's OCI spec with the OCIConfigPath key (only included when the container is initialized or running)
- The podman run --mount command now supports the bind-nonrecursive option for bind mounts (#3314)
- Fixed a bug where podman play kube would fail to create containers due to an unspecified log driver
- Fixed a bug where Podman would fail to build with musl libc (#3284)
- Fixed a bug where rootless Podman using slirp4netns networking in an environment with no nameservers on the host other than localhost would result in nonfunctional networking (#3277)
- Fixed a bug where podman import would not properly set environment variables, discarding their values and retaining only keys
- Fixed a bug where Podman would fail to run when built with Apparmor support but run on systems without the Apparmor kernel module loaded (#3331)
- Remote Podman will now default the username it uses to log in to remote systems to the username of the current user
- Podman now uses JSON logging with OCI runtimes that support it, allowing for better error reporting
Updated vendored Buildah to v1.8.4
Updated vendored containers/image to v2.0
Update to image v2.0.0:
- Add registry mirror support
- Include missing man pages (bsc#1139526)
Update to storage v1.12.10:
- Add support for UID as well as UserName in /etc/subuid files.
- utils: fix check for missing conf file
- compression: add support for the zstd algorithm
- overlay: cache the results of supported/using-metacopy/use-naive-diff feature tests
Update to libpod v1.4.0
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
Basesystem Module 15-SP1
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2019-2880=1
Package List:
-
Basesystem Module 15-SP1 (noarch)
- libcontainers-common-20190923-3.6.1