Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package lxc for openSUSE:Factory checked in at 2024-09-24 17:34:46 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/lxc (Old) and /work/SRC/openSUSE:Factory/.lxc.new.29891 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "lxc" Tue Sep 24 17:34:46 2024 rev:109 rq:1202911 version:6.0.2 Changes: -------- --- /work/SRC/openSUSE:Factory/lxc/lxc.changes 2024-07-16 22:03:12.355581153 +0200 +++ /work/SRC/openSUSE:Factory/.lxc.new.29891/lxc.changes 2024-09-24 17:35:12.953951136 +0200 @@ -1,0 +2,19 @@ +Sat Sep 21 16:20:13 UTC 2024 - Johannes Kastl <[email protected]> + +- update to 6.0.2: + The LXC team is pleased to announce the release of LXC 6.0.2! + This is the second bugfix release for LXC 6.0 which is supported + until June 2029. + As usual this bugfix releases focus on stability and hardening. + * Some of the highlights for this release are: + - Reduced log level on some common messages + - Fix compilation error on aarch64 + * Detailed changelog + - Remove unused function + - idmap: Lower logging level of newXidmap tools to INFO + - Exit 0 when there's no error + - doc: Fix definitions of get_config_path and set_config_path + - README: Update security contact + - fix possible clang compile error in AARCH + +------------------------------------------------------------------- Old: ---- lxc-6.0.1.tar.gz lxc-6.0.1.tar.gz.asc New: ---- lxc-6.0.2.tar.gz lxc-6.0.2.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ lxc.spec ++++++ --- /var/tmp/diff_new_pack.lUSjJs/_old 2024-09-24 17:35:13.577977260 +0200 +++ /var/tmp/diff_new_pack.lUSjJs/_new 2024-09-24 17:35:13.581977427 +0200 @@ -18,7 +18,7 @@ %define shlib_version 1 Name: lxc -Version: 6.0.1 +Version: 6.0.2 Release: 0 URL: http://linuxcontainers.org/ Summary: Userspace tools for Linux kernel containers ++++++ lxc-6.0.1.tar.gz -> lxc-6.0.2.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-6.0.1/README.md new/lxc-6.0.2/README.md --- old/lxc-6.0.1/README.md 2024-06-27 06:43:29.000000000 +0200 +++ new/lxc-6.0.2/README.md 2024-09-16 17:52:57.000000000 +0200 @@ -128,11 +128,7 @@ The LXC project has a good reputation in handling security issues quickly and efficiently. If you think you've found a potential security issue, please -report it by e-mail to all of the following persons: - -- serge (at) hallyn (dot) com -- stgraber (at) ubuntu (dot) com -- brauner (at) kernel (dot) org +report it by e-mail to security (at) linuxcontainers (dot) org. For further details please have a look at diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-6.0.1/meson.build new/lxc-6.0.2/meson.build --- old/lxc-6.0.1/meson.build 2024-06-27 06:43:29.000000000 +0200 +++ new/lxc-6.0.2/meson.build 2024-09-16 17:52:57.000000000 +0200 @@ -4,7 +4,7 @@ project( 'lxc', 'c', - version: '6.0.1', + version: '6.0.2', license: 'LGPLv2+', default_options: [ 'b_lto=true', @@ -30,7 +30,7 @@ version_data = configuration_data() version_data.set('LXC_VERSION_MAJOR', '6') version_data.set('LXC_VERSION_MINOR', '0') -version_data.set('LXC_VERSION_MICRO', '1') +version_data.set('LXC_VERSION_MICRO', '2') version_data.set('LXC_VERSION_BETA', '') version_data.set('LXC_ABI', liblxc_version) version_data.set('LXC_DEVEL', '0') @@ -503,7 +503,11 @@ } ''' -have_func_strerror_r_char_p = cc.compiles(code, name : 'strerror_r() returns char *') + if cc.get_id() == 'clang' + have_func_strerror_r_char_p = cc.compiles(code, args : '-Wno-error=unused-command-line-argument', name : 'strerror_r() returns char *') + else + have_func_strerror_r_char_p = cc.compiles(code, name : 'strerror_r() returns char *') + endif endif srcconf.set10('STRERROR_R_CHAR_P', have_func_strerror_r_char_p) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-6.0.1/src/lxc/idmap_utils.c new/lxc-6.0.2/src/lxc/idmap_utils.c --- old/lxc-6.0.1/src/lxc/idmap_utils.c 2024-06-27 06:43:29.000000000 +0200 +++ new/lxc-6.0.2/src/lxc/idmap_utils.c 2024-09-16 17:52:57.000000000 +0200 @@ -162,13 +162,13 @@ */ uidmap = idmaptool_on_path_and_privileged("newuidmap", CAP_SETUID); if (uidmap == -ENOENT) - WARN("newuidmap binary is missing"); + INFO("newuidmap binary is missing"); else if (!uidmap) WARN("newuidmap is lacking necessary privileges"); gidmap = idmaptool_on_path_and_privileged("newgidmap", CAP_SETGID); if (gidmap == -ENOENT) - WARN("newgidmap binary is missing"); + INFO("newgidmap binary is missing"); else if (!gidmap) WARN("newgidmap is lacking necessary privileges"); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-6.0.1/src/lxc/lxccontainer.h new/lxc-6.0.2/src/lxc/lxccontainer.h --- old/lxc-6.0.1/src/lxc/lxccontainer.h 2024-06-27 06:43:29.000000000 +0200 +++ new/lxc-6.0.2/src/lxc/lxccontainer.h 2024-09-16 17:52:57.000000000 +0200 @@ -496,7 +496,7 @@ bool (*set_cgroup_item)(struct lxc_container *c, const char *subsys, const char *value); /*! - * \brief Determine full path to the containers configuration file. + * \brief Determine full path to the containers configuration directory. * Each container can have a custom configuration path. However * by default it will be set to either the \c LXCPATH configure * variable, or the lxcpath value in the \c LXC_GLOBAL_CONF configuration @@ -506,19 +506,17 @@ * * \param c Container. * - * \return Static string representing full path to configuration - * file. + * \return Static string representing full path to configuration directory. * * \note Returned string must not be freed. */ const char *(*get_config_path)(struct lxc_container *c); /*! - * \brief Set the full path to the containers configuration - * file. + * \brief Set the full path to the containers configuration directory. * * \param c Container. - * \param path Full path to configuration file. + * \param path Full path to configuration directory. * * \return \c true on success, else \c false. */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-6.0.1/src/lxc/utils.c new/lxc-6.0.2/src/lxc/utils.c --- old/lxc-6.0.1/src/lxc/utils.c 2024-06-27 06:43:29.000000000 +0200 +++ new/lxc-6.0.2/src/lxc/utils.c 2024-09-16 17:52:57.000000000 +0200 @@ -974,101 +974,6 @@ return NULL; } -/* historically lxc-init has been under /usr/lib/lxc and under - * /usr/lib/$ARCH/lxc. It now lives as $prefix/sbin/init.lxc. - */ -char *choose_init(const char *rootfs) -{ - char *retv = NULL; - const char *empty = "", - *tmp; - int ret, env_set = 0; - - if (!getenv("PATH")) { - if (setenv("PATH", "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", 0)) - SYSERROR("Failed to setenv"); - - env_set = 1; - } - - retv = on_path("init.lxc", rootfs); - - if (env_set) - if (unsetenv("PATH")) - SYSERROR("Failed to unsetenv"); - - if (retv) - return retv; - - retv = malloc(PATH_MAX); - if (!retv) - return NULL; - - if (rootfs) - tmp = rootfs; - else - tmp = empty; - - ret = strnprintf(retv, PATH_MAX, "%s/%s/%s", tmp, SBINDIR, "/init.lxc"); - if (ret < 0) { - ERROR("The name of path is too long"); - goto out1; - } - - if (access(retv, X_OK) == 0) - return retv; - - ret = strnprintf(retv, PATH_MAX, "%s/%s/%s", tmp, LXCINITDIR, "/lxc/lxc-init"); - if (ret < 0) { - ERROR("The name of path is too long"); - goto out1; - } - - if (access(retv, X_OK) == 0) - return retv; - - ret = strnprintf(retv, PATH_MAX, "%s/usr/lib/lxc/lxc-init", tmp); - if (ret < 0) { - ERROR("The name of path is too long"); - goto out1; - } - - if (access(retv, X_OK) == 0) - return retv; - - ret = strnprintf(retv, PATH_MAX, "%s/sbin/lxc-init", tmp); - if (ret < 0) { - ERROR("The name of path is too long"); - goto out1; - } - - if (access(retv, X_OK) == 0) - return retv; - - /* - * Last resort, look for the statically compiled init.lxc which we - * hopefully bind-mounted in. - * If we are called during container setup, and we get to this point, - * then the init.lxc.static from the host will need to be bind-mounted - * in. So we return NULL here to indicate that. - */ - if (rootfs) - goto out1; - - ret = strnprintf(retv, PATH_MAX, "/init.lxc.static"); - if (ret < 0) { - WARN("Nonsense - name /lxc.init.static too long"); - goto out1; - } - - if (access(retv, X_OK) == 0) - return retv; - -out1: - free(retv); - return NULL; -} - /* * Given the '-t' template option to lxc-create, figure out what to * do. If the template is a full executable path, use that. If it diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-6.0.1/src/lxc/utils.h new/lxc-6.0.2/src/lxc/utils.h --- old/lxc-6.0.1/src/lxc/utils.h 2024-06-27 06:43:29.000000000 +0200 +++ new/lxc-6.0.2/src/lxc/utils.h 2024-09-16 17:52:57.000000000 +0200 @@ -141,7 +141,6 @@ __hidden extern int detect_shared_rootfs(void); __hidden extern bool detect_ramfs_rootfs(void); __hidden extern char *on_path(const char *cmd, const char *rootfs); -__hidden extern char *choose_init(const char *rootfs); __hidden extern bool switch_to_ns(pid_t pid, const char *ns); __hidden extern char *get_template_path(const char *t); __hidden extern int safe_mount(const char *src, const char *dest, const char *fstype, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lxc-6.0.1/templates/lxc-download.in new/lxc-6.0.2/templates/lxc-download.in --- old/lxc-6.0.1/templates/lxc-download.in 2024-06-27 06:43:29.000000000 +0200 +++ new/lxc-6.0.2/templates/lxc-download.in 2024-09-16 17:52:57.000000000 +0200 @@ -147,7 +147,7 @@ while :; do case "$1" in - -h|--help) usage && exit 1;; + -h|--help) usage && exit 0;; -l|--list) DOWNLOAD_LIST_IMAGES="true"; shift 1;; -d|--dist) DOWNLOAD_DIST="$2"; shift 2;; -r|--release) DOWNLOAD_RELEASE="$2"; shift 2;; @@ -247,7 +247,7 @@ echo "---" if [ "${DOWNLOAD_LIST_IMAGES}" = "true" ]; then - exit 1 + exit 0 fi # Interactive mode
