summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--go.mod2
-rw-r--r--go.sum6
-rw-r--r--test/e2e/login_logout_test.go6
-rw-r--r--vendor/github.com/containers/common/libimage/runtime.go5
-rw-r--r--vendor/github.com/containers/common/libnetwork/cni/cni_conversion.go13
-rw-r--r--vendor/github.com/containers/common/libnetwork/cni/cni_exec.go1
-rw-r--r--vendor/github.com/containers/common/libnetwork/cni/cni_types.go1
-rw-r--r--vendor/github.com/containers/common/libnetwork/cni/config.go5
-rw-r--r--vendor/github.com/containers/common/libnetwork/cni/network.go1
-rw-r--r--vendor/github.com/containers/common/libnetwork/cni/run.go1
-rw-r--r--vendor/github.com/containers/common/libnetwork/internal/util/bridge.go4
-rw-r--r--vendor/github.com/containers/common/libnetwork/internal/util/validate.go2
-rw-r--r--vendor/github.com/containers/common/libnetwork/netavark/config.go4
-rw-r--r--vendor/github.com/containers/common/libnetwork/netavark/const.go1
-rw-r--r--vendor/github.com/containers/common/libnetwork/netavark/exec.go1
-rw-r--r--vendor/github.com/containers/common/libnetwork/netavark/ipam.go3
-rw-r--r--vendor/github.com/containers/common/libnetwork/netavark/network.go1
-rw-r--r--vendor/github.com/containers/common/libnetwork/netavark/run.go11
-rw-r--r--vendor/github.com/containers/common/libnetwork/network/interface.go7
-rw-r--r--vendor/github.com/containers/common/libnetwork/types/const.go1
-rw-r--r--vendor/github.com/containers/common/libnetwork/util/filters.go2
-rw-r--r--vendor/github.com/containers/common/pkg/apparmor/apparmor_linux.go1
-rw-r--r--vendor/github.com/containers/common/pkg/apparmor/apparmor_linux_template.go1
-rw-r--r--vendor/github.com/containers/common/pkg/apparmor/apparmor_unsupported.go1
-rw-r--r--vendor/github.com/containers/common/pkg/auth/auth.go50
-rw-r--r--vendor/github.com/containers/common/pkg/cgroups/cgroups_supported.go1
-rw-r--r--vendor/github.com/containers/common/pkg/cgroups/cgroups_unsupported.go1
-rw-r--r--vendor/github.com/containers/common/pkg/cgroupv2/cgroups_unsupported.go1
-rw-r--r--vendor/github.com/containers/common/pkg/chown/chown_unix.go1
-rw-r--r--vendor/github.com/containers/common/pkg/config/config.go4
-rw-r--r--vendor/github.com/containers/common/pkg/config/config_local.go1
-rw-r--r--vendor/github.com/containers/common/pkg/config/config_remote.go1
-rw-r--r--vendor/github.com/containers/common/pkg/config/config_unsupported.go1
-rw-r--r--vendor/github.com/containers/common/pkg/config/containers.conf6
-rw-r--r--vendor/github.com/containers/common/pkg/config/default.go2
-rw-r--r--vendor/github.com/containers/common/pkg/config/default_linux.go10
-rw-r--r--vendor/github.com/containers/common/pkg/config/default_unsupported.go12
-rw-r--r--vendor/github.com/containers/common/pkg/config/default_windows.go12
-rw-r--r--vendor/github.com/containers/common/pkg/config/nosystemd.go1
-rw-r--r--vendor/github.com/containers/common/pkg/config/systemd.go1
-rw-r--r--vendor/github.com/containers/common/pkg/parse/parse_unix.go1
-rw-r--r--vendor/github.com/containers/common/pkg/retry/retry_unsupported.go1
-rw-r--r--vendor/github.com/containers/common/pkg/seccomp/default_linux.go10
-rw-r--r--vendor/github.com/containers/common/pkg/seccomp/errno_list.go1
-rw-r--r--vendor/github.com/containers/common/pkg/seccomp/filter.go1
-rw-r--r--vendor/github.com/containers/common/pkg/seccomp/seccomp.json10
-rw-r--r--vendor/github.com/containers/common/pkg/seccomp/seccomp_unsupported.go1
-rw-r--r--vendor/github.com/containers/common/pkg/seccomp/supported.go1
-rw-r--r--vendor/github.com/containers/common/pkg/seccomp/validate.go1
-rw-r--r--vendor/github.com/containers/common/pkg/signal/signal_linux.go4
-rw-r--r--vendor/github.com/containers/common/pkg/signal/signal_linux_mipsx.go1
-rw-r--r--vendor/github.com/containers/common/pkg/signal/signal_unsupported.go1
-rw-r--r--vendor/github.com/containers/common/pkg/sysinfo/numcpu.go1
-rw-r--r--vendor/github.com/containers/common/pkg/sysinfo/numcpu_linux.go1
-rw-r--r--vendor/github.com/containers/common/pkg/sysinfo/numcpu_windows.go1
-rw-r--r--vendor/github.com/containers/common/pkg/sysinfo/nummem_linux.go1
-rw-r--r--vendor/github.com/containers/common/pkg/sysinfo/nummem_unsupported.go3
-rw-r--r--vendor/github.com/containers/common/pkg/sysinfo/sysinfo_solaris.go1
-rw-r--r--vendor/github.com/containers/common/pkg/sysinfo/sysinfo_unix.go1
-rw-r--r--vendor/github.com/containers/common/pkg/sysinfo/sysinfo_windows.go1
-rw-r--r--vendor/github.com/containers/common/pkg/umask/umask_unix.go1
-rw-r--r--vendor/github.com/containers/common/pkg/umask/umask_unsupported.go1
-rw-r--r--vendor/github.com/containers/common/pkg/util/util_supported.go11
-rw-r--r--vendor/github.com/containers/common/pkg/util/util_windows.go1
-rw-r--r--vendor/modules.txt2
65 files changed, 187 insertions, 58 deletions
diff --git a/go.mod b/go.mod
index 7043e7b3e..b78bd83b3 100644
--- a/go.mod
+++ b/go.mod
@@ -12,7 +12,7 @@ require (
github.com/containernetworking/cni v1.0.1
github.com/containernetworking/plugins v1.1.1
github.com/containers/buildah v1.24.3-0.20220310160415-5ec70bf01ea5
- github.com/containers/common v0.47.5-0.20220228211119-9880eb424fde
+ github.com/containers/common v0.47.5-0.20220318125043-0ededd18a1f9
github.com/containers/conmon v2.0.20+incompatible
github.com/containers/image/v5 v5.20.1-0.20220310094651-0d8056ee346f
github.com/containers/ocicrypt v1.1.2
diff --git a/go.sum b/go.sum
index 10283b859..ae45625bd 100644
--- a/go.sum
+++ b/go.sum
@@ -285,7 +285,6 @@ github.com/containerd/containerd v1.5.1/go.mod h1:0DOxVqwDy2iZvrZp2JUx/E+hS0UNTV
github.com/containerd/containerd v1.5.7/go.mod h1:gyvv6+ugqY25TiXxcZC3L5yOeYgEw0QMhscqVp1AR9c=
github.com/containerd/containerd v1.5.8/go.mod h1:YdFSv5bTFLpG2HIYmfqDpSYYTDX+mc5qtSuYx1YUb/s=
github.com/containerd/containerd v1.5.9/go.mod h1:fvQqCfadDGga5HZyn3j4+dx56qj2I9YwBrlSdalvJYQ=
-github.com/containerd/containerd v1.6.0/go.mod h1:1nJz5xCZPusx6jJU8Frfct988y0NpumIq9ODB0kLtoE=
github.com/containerd/containerd v1.6.1 h1:oa2uY0/0G+JX4X7hpGCYvkp9FjUancz56kSNnb1sG3o=
github.com/containerd/containerd v1.6.1/go.mod h1:1nJz5xCZPusx6jJU8Frfct988y0NpumIq9ODB0kLtoE=
github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y=
@@ -350,14 +349,13 @@ github.com/containernetworking/cni v1.0.1/go.mod h1:AKuhXbN5EzmD4yTNtfSsX3tPcmtr
github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHVlzhJpcY6TQxn/fUyDDM=
github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRDjeJr6FLK6vuiUwoH7P8=
github.com/containernetworking/plugins v1.0.1/go.mod h1:QHCfGpaTwYTbbH+nZXKVTxNBDZcxSOplJT5ico8/FLE=
-github.com/containernetworking/plugins v1.1.0/go.mod h1:Sr5TH/eBsGLXK/h71HeLfX19sZPp3ry5uHSkI4LPxV8=
github.com/containernetworking/plugins v1.1.1 h1:+AGfFigZ5TiQH00vhR8qPeSatj53eNGz0C1d3wVYlHE=
github.com/containernetworking/plugins v1.1.1/go.mod h1:Sr5TH/eBsGLXK/h71HeLfX19sZPp3ry5uHSkI4LPxV8=
github.com/containers/buildah v1.24.3-0.20220310160415-5ec70bf01ea5 h1:RMJG1wCPQqZX7o9xGzpmR0U7NppgquSQunTi8qmP9Do=
github.com/containers/buildah v1.24.3-0.20220310160415-5ec70bf01ea5/go.mod h1:C5+kt1nmYVf1N+/pk4WepycLD+m4lEIRgJQ0eXqhADo=
github.com/containers/common v0.47.4/go.mod h1:HgX0mFXyB0Tbe2REEIp9x9CxET6iSzmHfwR6S/t2LZc=
-github.com/containers/common v0.47.5-0.20220228211119-9880eb424fde h1:zLBqM8I+wiIgzmQhJ+n2zrB+cpxdGmzA/HkCxJbmGok=
-github.com/containers/common v0.47.5-0.20220228211119-9880eb424fde/go.mod h1:pksCYxGMnUwntsUMdsq/eClGsASoDsdDOZz+YxDxAJY=
+github.com/containers/common v0.47.5-0.20220318125043-0ededd18a1f9 h1:+uNhZTl7nBm4GLCKb4Np8BDhw2uMmC8+D/KuH8nIjGA=
+github.com/containers/common v0.47.5-0.20220318125043-0ededd18a1f9/go.mod h1:j1nTHtSRoBgVqAoV6X13EGIrTU5jP1GYyEsE4N9DXng=
github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg=
github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I=
github.com/containers/image/v5 v5.19.1/go.mod h1:ewoo3u+TpJvGmsz64XgzbyTHwHtM94q7mgK/pX+v2SE=
diff --git a/test/e2e/login_logout_test.go b/test/e2e/login_logout_test.go
index 1280b3e83..77549a9a8 100644
--- a/test/e2e/login_logout_test.go
+++ b/test/e2e/login_logout_test.go
@@ -417,12 +417,12 @@ var _ = Describe("Podman login and logout", func() {
Expect(authInfo).NotTo(HaveKey(testRepos[1]))
})
- It("podman login with repository invalid arguments", func() {
+ It("podman login with http{s} prefix", func() {
authFile := filepath.Join(podmanTest.TempDir, "auth.json")
for _, invalidArg := range []string{
"https://" + server + "/podmantest",
- server + "/podmantest/image:latest",
+ "http://" + server + "/podmantest/image:latest",
} {
session := podmanTest.Podman([]string{
"login",
@@ -432,7 +432,7 @@ var _ = Describe("Podman login and logout", func() {
invalidArg,
})
session.WaitWithDefaultTimeout()
- Expect(session).Should(ExitWithError())
+ Expect(session).To(Exit(0))
}
})
diff --git a/vendor/github.com/containers/common/libimage/runtime.go b/vendor/github.com/containers/common/libimage/runtime.go
index 559a9a6a6..2191e3c4a 100644
--- a/vendor/github.com/containers/common/libimage/runtime.go
+++ b/vendor/github.com/containers/common/libimage/runtime.go
@@ -592,6 +592,8 @@ type RemoveImagesOptions struct {
// containers using a specific image. By default, all containers in
// the local containers storage will be removed (if Force is set).
RemoveContainerFunc RemoveContainerFunc
+ // Ignore if a specified image does not exist and do not throw an error.
+ Ignore bool
// IsExternalContainerFunc allows for checking whether the specified
// container is an external one (when containers=external filter is
// used). The definition of an external container can be set by
@@ -677,6 +679,9 @@ func (r *Runtime) RemoveImages(ctx context.Context, names []string, options *Rem
for _, name := range names {
img, resolvedName, err := r.LookupImage(name, lookupOptions)
if err != nil {
+ if options.Ignore && errors.Is(err, storage.ErrImageUnknown) {
+ continue
+ }
appendError(err)
continue
}
diff --git a/vendor/github.com/containers/common/libnetwork/cni/cni_conversion.go b/vendor/github.com/containers/common/libnetwork/cni/cni_conversion.go
index 5574b2b1c..8c4eeff9d 100644
--- a/vendor/github.com/containers/common/libnetwork/cni/cni_conversion.go
+++ b/vendor/github.com/containers/common/libnetwork/cni/cni_conversion.go
@@ -1,3 +1,4 @@
+//go:build linux
// +build linux
package cni
@@ -128,15 +129,21 @@ func findPluginByName(plugins []*libcni.NetworkConfig, name string) bool {
// It returns an array of subnets and an extra bool if dhcp is configured.
func convertIPAMConfToNetwork(network *types.Network, ipam *ipamConfig, confPath string) error {
if ipam.PluginType == types.DHCPIPAMDriver {
- network.IPAMOptions["driver"] = types.DHCPIPAMDriver
+ network.IPAMOptions[types.Driver] = types.DHCPIPAMDriver
return nil
}
if ipam.PluginType != types.HostLocalIPAMDriver {
- return errors.Errorf("unsupported ipam plugin %s in %s", ipam.PluginType, confPath)
+ // This is not an error. While we only support certain ipam drivers, we
+ // cannot make it fail for unsupported ones. CNI is still able to use them,
+ // just our translation logic cannot convert this into a Network.
+ // For the same reason this is not warning, it would just be annoying for
+ // everyone using a unknown ipam driver.
+ logrus.Infof("unsupported ipam plugin %q in %s", ipam.PluginType, confPath)
+ return nil
}
- network.IPAMOptions["driver"] = types.HostLocalIPAMDriver
+ network.IPAMOptions[types.Driver] = types.HostLocalIPAMDriver
for _, r := range ipam.Ranges {
for _, ipam := range r {
s := types.Subnet{}
diff --git a/vendor/github.com/containers/common/libnetwork/cni/cni_exec.go b/vendor/github.com/containers/common/libnetwork/cni/cni_exec.go
index c66e7ef5d..6bfa8d63b 100644
--- a/vendor/github.com/containers/common/libnetwork/cni/cni_exec.go
+++ b/vendor/github.com/containers/common/libnetwork/cni/cni_exec.go
@@ -16,6 +16,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.
+//go:build linux
// +build linux
package cni
diff --git a/vendor/github.com/containers/common/libnetwork/cni/cni_types.go b/vendor/github.com/containers/common/libnetwork/cni/cni_types.go
index fbfcd49ad..9ee159886 100644
--- a/vendor/github.com/containers/common/libnetwork/cni/cni_types.go
+++ b/vendor/github.com/containers/common/libnetwork/cni/cni_types.go
@@ -1,3 +1,4 @@
+//go:build linux
// +build linux
package cni
diff --git a/vendor/github.com/containers/common/libnetwork/cni/config.go b/vendor/github.com/containers/common/libnetwork/cni/config.go
index e801e1469..8b300a03b 100644
--- a/vendor/github.com/containers/common/libnetwork/cni/config.go
+++ b/vendor/github.com/containers/common/libnetwork/cni/config.go
@@ -1,3 +1,4 @@
+//go:build linux
// +build linux
package cni
@@ -197,12 +198,12 @@ func createIPMACVLAN(network *types.Network) error {
}
}
if len(network.Subnets) == 0 {
- network.IPAMOptions["driver"] = types.DHCPIPAMDriver
+ network.IPAMOptions[types.Driver] = types.DHCPIPAMDriver
if network.Internal {
return errors.New("internal is not supported with macvlan and dhcp ipam driver")
}
} else {
- network.IPAMOptions["driver"] = types.HostLocalIPAMDriver
+ network.IPAMOptions[types.Driver] = types.HostLocalIPAMDriver
}
return nil
}
diff --git a/vendor/github.com/containers/common/libnetwork/cni/network.go b/vendor/github.com/containers/common/libnetwork/cni/network.go
index 29866062e..82b9cbd2e 100644
--- a/vendor/github.com/containers/common/libnetwork/cni/network.go
+++ b/vendor/github.com/containers/common/libnetwork/cni/network.go
@@ -1,3 +1,4 @@
+//go:build linux
// +build linux
package cni
diff --git a/vendor/github.com/containers/common/libnetwork/cni/run.go b/vendor/github.com/containers/common/libnetwork/cni/run.go
index af05d9d9d..8bea87893 100644
--- a/vendor/github.com/containers/common/libnetwork/cni/run.go
+++ b/vendor/github.com/containers/common/libnetwork/cni/run.go
@@ -1,3 +1,4 @@
+//go:build linux
// +build linux
package cni
diff --git a/vendor/github.com/containers/common/libnetwork/internal/util/bridge.go b/vendor/github.com/containers/common/libnetwork/internal/util/bridge.go
index d81b78a6f..5a4752e2b 100644
--- a/vendor/github.com/containers/common/libnetwork/internal/util/bridge.go
+++ b/vendor/github.com/containers/common/libnetwork/internal/util/bridge.go
@@ -27,7 +27,7 @@ func CreateBridge(n NetUtil, network *types.Network, usedNetworks []*net.IPNet,
}
}
- if network.IPAMOptions["driver"] != types.DHCPIPAMDriver {
+ if network.IPAMOptions[types.Driver] != types.DHCPIPAMDriver {
if len(network.Subnets) == 0 {
freeSubnet, err := GetFreeIPv4NetworkSubnet(usedNetworks, subnetPools)
if err != nil {
@@ -63,7 +63,7 @@ func CreateBridge(n NetUtil, network *types.Network, usedNetworks []*net.IPNet,
network.Subnets = append(network.Subnets, *freeSubnet)
}
}
- network.IPAMOptions["driver"] = types.HostLocalIPAMDriver
+ network.IPAMOptions[types.Driver] = types.HostLocalIPAMDriver
}
return nil
}
diff --git a/vendor/github.com/containers/common/libnetwork/internal/util/validate.go b/vendor/github.com/containers/common/libnetwork/internal/util/validate.go
index ac3934f8d..4dd44110a 100644
--- a/vendor/github.com/containers/common/libnetwork/internal/util/validate.go
+++ b/vendor/github.com/containers/common/libnetwork/internal/util/validate.go
@@ -109,7 +109,7 @@ func validatePerNetworkOpts(network *types.Network, netOpts *types.PerNetworkOpt
if netOpts.InterfaceName == "" {
return errors.Errorf("interface name on network %s is empty", network.Name)
}
- if network.IPAMOptions["driver"] == types.HostLocalIPAMDriver {
+ if network.IPAMOptions[types.Driver] == types.HostLocalIPAMDriver {
outer:
for _, ip := range netOpts.StaticIPs {
for _, s := range network.Subnets {
diff --git a/vendor/github.com/containers/common/libnetwork/netavark/config.go b/vendor/github.com/containers/common/libnetwork/netavark/config.go
index d42062927..99b4e0308 100644
--- a/vendor/github.com/containers/common/libnetwork/netavark/config.go
+++ b/vendor/github.com/containers/common/libnetwork/netavark/config.go
@@ -1,3 +1,4 @@
+//go:build linux
// +build linux
package netavark
@@ -130,6 +131,7 @@ func (n *netavarkNetwork) networkCreate(newNetwork *types.Network, defaultNet bo
if err != nil {
return nil, err
}
+ defer f.Close()
enc := json.NewEncoder(f)
enc.SetIndent("", " ")
err = enc.Encode(newNetwork)
@@ -154,7 +156,7 @@ func createMacvlan(network *types.Network) error {
if len(network.Subnets) == 0 {
return errors.Errorf("macvlan driver needs at least one subnet specified, DHCP is not supported with netavark")
}
- network.IPAMOptions["driver"] = types.HostLocalIPAMDriver
+ network.IPAMOptions[types.Driver] = types.HostLocalIPAMDriver
// validate the given options, we do not need them but just check to make sure they are valid
for key, value := range network.Options {
diff --git a/vendor/github.com/containers/common/libnetwork/netavark/const.go b/vendor/github.com/containers/common/libnetwork/netavark/const.go
index 9709315c6..29a7b4f2a 100644
--- a/vendor/github.com/containers/common/libnetwork/netavark/const.go
+++ b/vendor/github.com/containers/common/libnetwork/netavark/const.go
@@ -1,3 +1,4 @@
+//go:build linux
// +build linux
package netavark
diff --git a/vendor/github.com/containers/common/libnetwork/netavark/exec.go b/vendor/github.com/containers/common/libnetwork/netavark/exec.go
index 1812b9084..ac87c5438 100644
--- a/vendor/github.com/containers/common/libnetwork/netavark/exec.go
+++ b/vendor/github.com/containers/common/libnetwork/netavark/exec.go
@@ -1,3 +1,4 @@
+//go:build linux
// +build linux
package netavark
diff --git a/vendor/github.com/containers/common/libnetwork/netavark/ipam.go b/vendor/github.com/containers/common/libnetwork/netavark/ipam.go
index f99d099ca..c0535515a 100644
--- a/vendor/github.com/containers/common/libnetwork/netavark/ipam.go
+++ b/vendor/github.com/containers/common/libnetwork/netavark/ipam.go
@@ -1,3 +1,4 @@
+//go:build linux
// +build linux
package netavark
@@ -361,7 +362,7 @@ func (n *netavarkNetwork) deallocIPs(opts *types.NetworkOptions) error {
// it checks the ipam driver and if subnets are set
func requiresIPAMAlloc(network *types.Network) bool {
// only do host allocation when driver is set to HostLocalIPAMDriver or unset
- switch network.IPAMOptions["driver"] {
+ switch network.IPAMOptions[types.Driver] {
case "", types.HostLocalIPAMDriver:
default:
return false
diff --git a/vendor/github.com/containers/common/libnetwork/netavark/network.go b/vendor/github.com/containers/common/libnetwork/netavark/network.go
index d20947cfd..166d5e31a 100644
--- a/vendor/github.com/containers/common/libnetwork/netavark/network.go
+++ b/vendor/github.com/containers/common/libnetwork/netavark/network.go
@@ -1,3 +1,4 @@
+//go:build linux
// +build linux
package netavark
diff --git a/vendor/github.com/containers/common/libnetwork/netavark/run.go b/vendor/github.com/containers/common/libnetwork/netavark/run.go
index 0a9dc3704..c5aa181fd 100644
--- a/vendor/github.com/containers/common/libnetwork/netavark/run.go
+++ b/vendor/github.com/containers/common/libnetwork/netavark/run.go
@@ -1,3 +1,4 @@
+//go:build linux
// +build linux
package netavark
@@ -44,6 +45,16 @@ func (n *netavarkNetwork) Setup(namespacePath string, options types.SetupOptions
return nil, errors.Wrap(err, "failed to convert net opts")
}
+ // Warn users if one or more networks have dns enabled
+ // but aardvark-dns binary is not configured
+ for _, network := range netavarkOpts.Networks {
+ if network != nil && network.DNSEnabled && n.aardvarkBinary == "" {
+ // this is not a fatal error we can still use container without dns
+ logrus.Warnf("aardvark-dns binary not found, container dns will not be enabled")
+ break
+ }
+ }
+
// trace output to get the json
if logrus.IsLevelEnabled(logrus.TraceLevel) {
b, err := json.Marshal(&netavarkOpts)
diff --git a/vendor/github.com/containers/common/libnetwork/network/interface.go b/vendor/github.com/containers/common/libnetwork/network/interface.go
index 2c8c59432..9278d7773 100644
--- a/vendor/github.com/containers/common/libnetwork/network/interface.go
+++ b/vendor/github.com/containers/common/libnetwork/network/interface.go
@@ -1,3 +1,4 @@
+//go:build linux
// +build linux
package network
@@ -61,11 +62,7 @@ func NetworkBackend(store storage.Store, conf *config.Config, syslog bool) (type
return "", nil, err
}
- aardvarkBin, err := conf.FindHelperBinary(aardvarkBinary, false)
- if err != nil {
- // this is not a fatal error we can still use netavark without dns
- logrus.Warnf("%s binary not found, container dns will not be enabled", aardvarkBin)
- }
+ aardvarkBin, _ := conf.FindHelperBinary(aardvarkBinary, false)
confDir := conf.Network.NetworkConfigDir
if confDir == "" {
diff --git a/vendor/github.com/containers/common/libnetwork/types/const.go b/vendor/github.com/containers/common/libnetwork/types/const.go
index b2d4a4538..5690a6058 100644
--- a/vendor/github.com/containers/common/libnetwork/types/const.go
+++ b/vendor/github.com/containers/common/libnetwork/types/const.go
@@ -11,6 +11,7 @@ const (
IPVLANNetworkDriver = "ipvlan"
// IPAM drivers
+ Driver = "driver"
// HostLocalIPAMDriver store the ip
HostLocalIPAMDriver = "host-local"
// DHCPIPAMDriver get subnet and ip from dhcp server
diff --git a/vendor/github.com/containers/common/libnetwork/util/filters.go b/vendor/github.com/containers/common/libnetwork/util/filters.go
index b27ca1f9a..58d79d25b 100644
--- a/vendor/github.com/containers/common/libnetwork/util/filters.go
+++ b/vendor/github.com/containers/common/libnetwork/util/filters.go
@@ -29,7 +29,7 @@ func createFilterFuncs(key string, filterValues []string) (types.FilterFunc, err
return util.StringMatchRegexSlice(net.Name, filterValues)
}, nil
- case "driver":
+ case types.Driver:
// matches network driver
return func(net types.Network) bool {
return util.StringInSlice(net.Driver, filterValues)
diff --git a/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux.go b/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux.go
index 735d19493..c864a189e 100644
--- a/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux.go
+++ b/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux.go
@@ -1,3 +1,4 @@
+//go:build linux && apparmor
// +build linux,apparmor
package apparmor
diff --git a/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux_template.go b/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux_template.go
index 021e32571..667fa9f26 100644
--- a/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux_template.go
+++ b/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux_template.go
@@ -1,3 +1,4 @@
+//go:build linux && apparmor
// +build linux,apparmor
package apparmor
diff --git a/vendor/github.com/containers/common/pkg/apparmor/apparmor_unsupported.go b/vendor/github.com/containers/common/pkg/apparmor/apparmor_unsupported.go
index 13469f1b6..dacfc2f48 100644
--- a/vendor/github.com/containers/common/pkg/apparmor/apparmor_unsupported.go
+++ b/vendor/github.com/containers/common/pkg/apparmor/apparmor_unsupported.go
@@ -1,3 +1,4 @@
+//go:build !linux || !apparmor
// +build !linux !apparmor
package apparmor
diff --git a/vendor/github.com/containers/common/pkg/auth/auth.go b/vendor/github.com/containers/common/pkg/auth/auth.go
index af3c8f803..6765c9e5b 100644
--- a/vendor/github.com/containers/common/pkg/auth/auth.go
+++ b/vendor/github.com/containers/common/pkg/auth/auth.go
@@ -4,6 +4,7 @@ import (
"bufio"
"context"
"fmt"
+ "net/url"
"os"
"path/filepath"
"strings"
@@ -165,20 +166,21 @@ func Login(ctx context.Context, systemContext *types.SystemContext, opts *LoginO
// parseCredentialsKey turns the provided argument into a valid credential key
// and computes the registry part.
func parseCredentialsKey(arg string, acceptRepositories bool) (key, registry string, err error) {
- if !acceptRepositories {
- registry = getRegistryName(arg)
- key = registry
- return key, registry, nil
+ // URL arguments are replaced with their host[:port] parts.
+ key, err = replaceURLByHostPort(arg)
+ if err != nil {
+ return "", "", err
}
- key = trimScheme(arg)
- if key != arg {
- return "", "", errors.New("credentials key has https[s]:// prefix")
+ split := strings.Split(key, "/")
+ registry = split[0]
+
+ if !acceptRepositories {
+ return registry, registry, nil
}
- registry = getRegistryName(key)
+ // Return early if the key isn't namespaced or uses an http{s} prefix.
if registry == key {
- // The key is not namespaced
return key, registry, nil
}
@@ -202,24 +204,18 @@ func parseCredentialsKey(arg string, acceptRepositories bool) (key, registry str
return key, registry, nil
}
-// getRegistryName scrubs and parses the input to get the server name
-func getRegistryName(server string) string {
- // removes 'http://' or 'https://' from the front of the
- // server/registry string if either is there. This will be mostly used
- // for user input from 'Buildah login' and 'Buildah logout'.
- server = trimScheme(server)
- // gets the registry from the input. If the input is of the form
- // quay.io/myuser/myimage, it will parse it and just return quay.io
- split := strings.Split(server, "/")
- return split[0]
-}
-
-// trimScheme removes the HTTP(s) scheme from the provided repository.
-func trimScheme(repository string) string {
- // removes 'http://' or 'https://' from the front of the
- // server/registry string if either is there. This will be mostly used
- // for user input from 'Buildah login' and 'Buildah logout'.
- return strings.TrimPrefix(strings.TrimPrefix(repository, "https://"), "http://")
+// If the specified string starts with http{s} it is replaced with it's
+// host[:port] parts; everything else is stripped. Otherwise, the string is
+// returned as is.
+func replaceURLByHostPort(repository string) (string, error) {
+ if !strings.HasPrefix(repository, "https://") && !strings.HasPrefix(repository, "http://") {
+ return repository, nil
+ }
+ u, err := url.Parse(repository)
+ if err != nil {
+ return "", fmt.Errorf("trimming http{s} prefix: %v", err)
+ }
+ return u.Host, nil
}
// getUserAndPass gets the username and password from STDIN if not given
diff --git a/vendor/github.com/containers/common/pkg/cgroups/cgroups_supported.go b/vendor/github.com/containers/common/pkg/cgroups/cgroups_supported.go
index c1fe194b2..edb28ad18 100644
--- a/vendor/github.com/containers/common/pkg/cgroups/cgroups_supported.go
+++ b/vendor/github.com/containers/common/pkg/cgroups/cgroups_supported.go
@@ -1,3 +1,4 @@
+//go:build linux
// +build linux
package cgroups
diff --git a/vendor/github.com/containers/common/pkg/cgroups/cgroups_unsupported.go b/vendor/github.com/containers/common/pkg/cgroups/cgroups_unsupported.go
index 95d424170..b3dcb2d33 100644
--- a/vendor/github.com/containers/common/pkg/cgroups/cgroups_unsupported.go
+++ b/vendor/github.com/containers/common/pkg/cgroups/cgroups_unsupported.go
@@ -1,3 +1,4 @@
+//go:build !linux
// +build !linux
package cgroups
diff --git a/vendor/github.com/containers/common/pkg/cgroupv2/cgroups_unsupported.go b/vendor/github.com/containers/common/pkg/cgroupv2/cgroups_unsupported.go
index 61b3653e5..f61bd3bb2 100644
--- a/vendor/github.com/containers/common/pkg/cgroupv2/cgroups_unsupported.go
+++ b/vendor/github.com/containers/common/pkg/cgroupv2/cgroups_unsupported.go
@@ -1,3 +1,4 @@
+//go:build !linux
// +build !linux
package cgroupv2
diff --git a/vendor/github.com/containers/common/pkg/chown/chown_unix.go b/vendor/github.com/containers/common/pkg/chown/chown_unix.go
index 921927de4..ea8f5963e 100644
--- a/vendor/github.com/containers/common/pkg/chown/chown_unix.go
+++ b/vendor/github.com/containers/common/pkg/chown/chown_unix.go
@@ -1,3 +1,4 @@
+//go:build !windows
// +build !windows
package chown
diff --git a/vendor/github.com/containers/common/pkg/config/config.go b/vendor/github.com/containers/common/pkg/config/config.go
index a1d6f259a..8bf62800f 100644
--- a/vendor/github.com/containers/common/pkg/config/config.go
+++ b/vendor/github.com/containers/common/pkg/config/config.go
@@ -249,6 +249,10 @@ type EngineConfig struct {
// EventsLogFilePath is where the events log is stored.
EventsLogFilePath string `toml:"events_logfile_path,omitempty"`
+ // EventsLogFileMaxSize sets the maximum size for the events log. When the limit is exceeded,
+ // the logfile is rotated and the old one is deleted.
+ EventsLogFileMaxSize uint64 `toml:"events_logfile_max_size,omitempty"`
+
// EventsLogger determines where events should be logged.
EventsLogger string `toml:"events_logger,omitempty"`
diff --git a/vendor/github.com/containers/common/pkg/config/config_local.go b/vendor/github.com/containers/common/pkg/config/config_local.go
index 21dab043f..bfb967582 100644
--- a/vendor/github.com/containers/common/pkg/config/config_local.go
+++ b/vendor/github.com/containers/common/pkg/config/config_local.go
@@ -1,3 +1,4 @@
+//go:build !remote
// +build !remote
package config
diff --git a/vendor/github.com/containers/common/pkg/config/config_remote.go b/vendor/github.com/containers/common/pkg/config/config_remote.go
index 7fd9202bb..bff869efa 100644
--- a/vendor/github.com/containers/common/pkg/config/config_remote.go
+++ b/vendor/github.com/containers/common/pkg/config/config_remote.go
@@ -1,3 +1,4 @@
+//go:build remote
// +build remote
package config
diff --git a/vendor/github.com/containers/common/pkg/config/config_unsupported.go b/vendor/github.com/containers/common/pkg/config/config_unsupported.go
index 6563fd317..64e4fcfcd 100644
--- a/vendor/github.com/containers/common/pkg/config/config_unsupported.go
+++ b/vendor/github.com/containers/common/pkg/config/config_unsupported.go
@@ -1,3 +1,4 @@
+//go:build !linux
// +build !linux
package config
diff --git a/vendor/github.com/containers/common/pkg/config/containers.conf b/vendor/github.com/containers/common/pkg/config/containers.conf
index 03de59943..1db2d704a 100644
--- a/vendor/github.com/containers/common/pkg/config/containers.conf
+++ b/vendor/github.com/containers/common/pkg/config/containers.conf
@@ -371,6 +371,12 @@ default_sysctls = [
# Define where event logs will be stored, when events_logger is "file".
#events_logfile_path=""
+# Sets the maximum size for events_logfile_path in bytes. When the limit is exceeded,
+# the logfile will be rotated and the old one will be deleted.
+# If the maximum size is set to 0, then no limit will be applied,
+# and the logfile will not be rotated.
+#events_logfile_max_size = 0
+
# Selects which logging mechanism to use for container engine events.
# Valid values are `journald`, `file` and `none`.
#
diff --git a/vendor/github.com/containers/common/pkg/config/default.go b/vendor/github.com/containers/common/pkg/config/default.go
index e4344e8be..3255cff9d 100644
--- a/vendor/github.com/containers/common/pkg/config/default.go
+++ b/vendor/github.com/containers/common/pkg/config/default.go
@@ -276,7 +276,7 @@ func defaultConfigFromMemory() (*EngineConfig, error) {
storeOpts.GraphRoot = _defaultGraphRoot
}
c.graphRoot = storeOpts.GraphRoot
- c.ImageCopyTmpDir = "/var/tmp"
+ c.ImageCopyTmpDir = getDefaultTmpDir()
c.StaticDir = filepath.Join(storeOpts.GraphRoot, "libpod")
c.VolumePath = filepath.Join(storeOpts.GraphRoot, "volumes")
diff --git a/vendor/github.com/containers/common/pkg/config/default_linux.go b/vendor/github.com/containers/common/pkg/config/default_linux.go
index cc2d0fe3e..d6ea4359c 100644
--- a/vendor/github.com/containers/common/pkg/config/default_linux.go
+++ b/vendor/github.com/containers/common/pkg/config/default_linux.go
@@ -3,6 +3,7 @@ package config
import (
"fmt"
"io/ioutil"
+ "os"
"strconv"
"strings"
@@ -48,3 +49,12 @@ func getDefaultProcessLimits() []string {
}
return defaultLimits
}
+
+// getDefaultTmpDir for linux
+func getDefaultTmpDir() string {
+ // first check the TMPDIR env var
+ if path, found := os.LookupEnv("TMPDIR"); found {
+ return path
+ }
+ return "/var/tmp"
+}
diff --git a/vendor/github.com/containers/common/pkg/config/default_unsupported.go b/vendor/github.com/containers/common/pkg/config/default_unsupported.go
index 1aa7f6ef3..4be826755 100644
--- a/vendor/github.com/containers/common/pkg/config/default_unsupported.go
+++ b/vendor/github.com/containers/common/pkg/config/default_unsupported.go
@@ -1,7 +1,10 @@
+//go:build !linux && !windows
// +build !linux,!windows
package config
+import "os"
+
// getDefaultMachineImage returns the default machine image stream
// On Linux/Mac, this returns the FCOS stream
func getDefaultMachineImage() string {
@@ -22,3 +25,12 @@ func isCgroup2UnifiedMode() (isUnified bool, isUnifiedErr error) {
func getDefaultProcessLimits() []string {
return []string{}
}
+
+// getDefaultTmpDir for linux
+func getDefaultTmpDir() string {
+ // first check the TMPDIR env var
+ if path, found := os.LookupEnv("TMPDIR"); found {
+ return path
+ }
+ return "/var/tmp"
+}
diff --git a/vendor/github.com/containers/common/pkg/config/default_windows.go b/vendor/github.com/containers/common/pkg/config/default_windows.go
index 28f102f1c..db230dfb2 100644
--- a/vendor/github.com/containers/common/pkg/config/default_windows.go
+++ b/vendor/github.com/containers/common/pkg/config/default_windows.go
@@ -1,5 +1,7 @@
package config
+import "os"
+
// getDefaultImage returns the default machine image stream
// On Windows this refers to the Fedora major release number
func getDefaultMachineImage() string {
@@ -20,3 +22,13 @@ func isCgroup2UnifiedMode() (isUnified bool, isUnifiedErr error) {
func getDefaultProcessLimits() []string {
return []string{}
}
+
+// getDefaultTmpDir for windows
+func getDefaultTmpDir() string {
+ // first check the Temp env var
+ // https://answers.microsoft.com/en-us/windows/forum/all/where-is-the-temporary-folder/44a039a5-45ba-48dd-84db-fd700e54fd56
+ if val, ok := os.LookupEnv("TEMP"); ok {
+ return val
+ }
+ return os.Getenv("LOCALAPPDATA") + "\\Temp"
+}
diff --git a/vendor/github.com/containers/common/pkg/config/nosystemd.go b/vendor/github.com/containers/common/pkg/config/nosystemd.go
index f64b2dfc6..352fddf92 100644
--- a/vendor/github.com/containers/common/pkg/config/nosystemd.go
+++ b/vendor/github.com/containers/common/pkg/config/nosystemd.go
@@ -1,3 +1,4 @@
+//go:build !systemd || !cgo
// +build !systemd !cgo
package config
diff --git a/vendor/github.com/containers/common/pkg/config/systemd.go b/vendor/github.com/containers/common/pkg/config/systemd.go
index 186e8b343..f17a84304 100644
--- a/vendor/github.com/containers/common/pkg/config/systemd.go
+++ b/vendor/github.com/containers/common/pkg/config/systemd.go
@@ -1,3 +1,4 @@
+//go:build systemd && cgo
// +build systemd,cgo
package config
diff --git a/vendor/github.com/containers/common/pkg/parse/parse_unix.go b/vendor/github.com/containers/common/pkg/parse/parse_unix.go
index ce4446a1b..d087c4a02 100644
--- a/vendor/github.com/containers/common/pkg/parse/parse_unix.go
+++ b/vendor/github.com/containers/common/pkg/parse/parse_unix.go
@@ -1,3 +1,4 @@
+//go:build linux || darwin
// +build linux darwin
package parse
diff --git a/vendor/github.com/containers/common/pkg/retry/retry_unsupported.go b/vendor/github.com/containers/common/pkg/retry/retry_unsupported.go
index 676980975..901e28a5d 100644
--- a/vendor/github.com/containers/common/pkg/retry/retry_unsupported.go
+++ b/vendor/github.com/containers/common/pkg/retry/retry_unsupported.go
@@ -1,3 +1,4 @@
+//go:build !linux
// +build !linux
package retry
diff --git a/vendor/github.com/containers/common/pkg/seccomp/default_linux.go b/vendor/github.com/containers/common/pkg/seccomp/default_linux.go
index d196384f0..fbf10ca31 100644
--- a/vendor/github.com/containers/common/pkg/seccomp/default_linux.go
+++ b/vendor/github.com/containers/common/pkg/seccomp/default_linux.go
@@ -236,6 +236,7 @@ func DefaultProfile() *Seccomp {
"lstat64",
"madvise",
"mbind",
+ "membarrier",
"memfd_create",
"memfd_secret",
"mincore",
@@ -249,6 +250,7 @@ func DefaultProfile() *Seccomp {
"mmap",
"mmap2",
"mount",
+ "mount_setattr",
"move_mount",
"mprotect",
"mq_getsetattr",
@@ -293,6 +295,7 @@ func DefaultProfile() *Seccomp {
"preadv",
"preadv2",
"prlimit64",
+ "process_mrelease",
"pselect6",
"pselect6_time64",
"pwrite64",
@@ -388,10 +391,15 @@ func DefaultProfile() *Seccomp {
"shmdt",
"shmget",
"shutdown",
+ "sigaction",
"sigaltstack",
+ "signal",
"signalfd",
"signalfd4",
+ "sigpending",
+ "sigprocmask",
"sigreturn",
+ "sigsuspend",
"socketcall",
"socketpair",
"splice",
@@ -405,6 +413,7 @@ func DefaultProfile() *Seccomp {
"sync",
"sync_file_range",
"syncfs",
+ "syscall",
"sysinfo",
"syslog",
"tee",
@@ -417,6 +426,7 @@ func DefaultProfile() *Seccomp {
"timer_gettime64",
"timer_settime",
"timer_settime64",
+ "timerfd",
"timerfd_create",
"timerfd_gettime",
"timerfd_gettime64",
diff --git a/vendor/github.com/containers/common/pkg/seccomp/errno_list.go b/vendor/github.com/containers/common/pkg/seccomp/errno_list.go
index a1009012d..87ac2ab77 100644
--- a/vendor/github.com/containers/common/pkg/seccomp/errno_list.go
+++ b/vendor/github.com/containers/common/pkg/seccomp/errno_list.go
@@ -1,3 +1,4 @@
+//go:build linux && seccomp
// +build linux,seccomp
package seccomp
diff --git a/vendor/github.com/containers/common/pkg/seccomp/filter.go b/vendor/github.com/containers/common/pkg/seccomp/filter.go
index 90da99f0a..5c278574c 100644
--- a/vendor/github.com/containers/common/pkg/seccomp/filter.go
+++ b/vendor/github.com/containers/common/pkg/seccomp/filter.go
@@ -1,3 +1,4 @@
+//go:build seccomp
// +build seccomp
// NOTE: this package has originally been copied from
diff --git a/vendor/github.com/containers/common/pkg/seccomp/seccomp.json b/vendor/github.com/containers/common/pkg/seccomp/seccomp.json
index 9314eb3cc..793f9bdac 100644
--- a/vendor/github.com/containers/common/pkg/seccomp/seccomp.json
+++ b/vendor/github.com/containers/common/pkg/seccomp/seccomp.json
@@ -243,6 +243,7 @@
"lstat64",
"madvise",
"mbind",
+ "membarrier",
"memfd_create",
"memfd_secret",
"mincore",
@@ -256,6 +257,7 @@
"mmap",
"mmap2",
"mount",
+ "mount_setattr",
"move_mount",
"mprotect",
"mq_getsetattr",
@@ -300,6 +302,7 @@
"preadv",
"preadv2",
"prlimit64",
+ "process_mrelease",
"pselect6",
"pselect6_time64",
"pwrite64",
@@ -395,10 +398,15 @@
"shmdt",
"shmget",
"shutdown",
+ "sigaction",
"sigaltstack",
+ "signal",
"signalfd",
"signalfd4",
+ "sigpending",
+ "sigprocmask",
"sigreturn",
+ "sigsuspend",
"socketcall",
"socketpair",
"splice",
@@ -412,6 +420,7 @@
"sync",
"sync_file_range",
"syncfs",
+ "syscall",
"sysinfo",
"syslog",
"tee",
@@ -424,6 +433,7 @@
"timer_gettime64",
"timer_settime",
"timer_settime64",
+ "timerfd",
"timerfd_create",
"timerfd_gettime",
"timerfd_gettime64",
diff --git a/vendor/github.com/containers/common/pkg/seccomp/seccomp_unsupported.go b/vendor/github.com/containers/common/pkg/seccomp/seccomp_unsupported.go
index 8b23ee2c0..da5230c56 100644
--- a/vendor/github.com/containers/common/pkg/seccomp/seccomp_unsupported.go
+++ b/vendor/github.com/containers/common/pkg/seccomp/seccomp_unsupported.go
@@ -1,3 +1,4 @@
+//go:build !linux || !seccomp
// +build !linux !seccomp
// SPDX-License-Identifier: Apache-2.0
diff --git a/vendor/github.com/containers/common/pkg/seccomp/supported.go b/vendor/github.com/containers/common/pkg/seccomp/supported.go
index 86e1b66bb..f8a20e536 100644
--- a/vendor/github.com/containers/common/pkg/seccomp/supported.go
+++ b/vendor/github.com/containers/common/pkg/seccomp/supported.go
@@ -1,3 +1,4 @@
+//go:build linux && seccomp
// +build linux,seccomp
package seccomp
diff --git a/vendor/github.com/containers/common/pkg/seccomp/validate.go b/vendor/github.com/containers/common/pkg/seccomp/validate.go
index 1c5c4edc6..669ab04a2 100644
--- a/vendor/github.com/containers/common/pkg/seccomp/validate.go
+++ b/vendor/github.com/containers/common/pkg/seccomp/validate.go
@@ -1,3 +1,4 @@
+//go:build seccomp
// +build seccomp
package seccomp
diff --git a/vendor/github.com/containers/common/pkg/signal/signal_linux.go b/vendor/github.com/containers/common/pkg/signal/signal_linux.go
index 305b9d21f..21e09c9fe 100644
--- a/vendor/github.com/containers/common/pkg/signal/signal_linux.go
+++ b/vendor/github.com/containers/common/pkg/signal/signal_linux.go
@@ -1,5 +1,5 @@
-// +build linux
-// +build !mips,!mipsle,!mips64,!mips64le
+//go:build linux && !mips && !mipsle && !mips64 && !mips64le
+// +build linux,!mips,!mipsle,!mips64,!mips64le
// Signal handling for Linux only.
package signal
diff --git a/vendor/github.com/containers/common/pkg/signal/signal_linux_mipsx.go b/vendor/github.com/containers/common/pkg/signal/signal_linux_mipsx.go
index 45c9d5af1..52b07aaf4 100644
--- a/vendor/github.com/containers/common/pkg/signal/signal_linux_mipsx.go
+++ b/vendor/github.com/containers/common/pkg/signal/signal_linux_mipsx.go
@@ -1,3 +1,4 @@
+//go:build linux && (mips || mipsle || mips64 || mips64le)
// +build linux
// +build mips mipsle mips64 mips64le
diff --git a/vendor/github.com/containers/common/pkg/signal/signal_unsupported.go b/vendor/github.com/containers/common/pkg/signal/signal_unsupported.go
index 9d1733c02..0e8685a7c 100644
--- a/vendor/github.com/containers/common/pkg/signal/signal_unsupported.go
+++ b/vendor/github.com/containers/common/pkg/signal/signal_unsupported.go
@@ -1,3 +1,4 @@
+//go:build !linux
// +build !linux
// Signal handling for Linux only.
diff --git a/vendor/github.com/containers/common/pkg/sysinfo/numcpu.go b/vendor/github.com/containers/common/pkg/sysinfo/numcpu.go
index aeb1a3a80..d9d8cfb3e 100644
--- a/vendor/github.com/containers/common/pkg/sysinfo/numcpu.go
+++ b/vendor/github.com/containers/common/pkg/sysinfo/numcpu.go
@@ -1,3 +1,4 @@
+//go:build !linux && !windows
// +build !linux,!windows
package sysinfo
diff --git a/vendor/github.com/containers/common/pkg/sysinfo/numcpu_linux.go b/vendor/github.com/containers/common/pkg/sysinfo/numcpu_linux.go
index 2b664c7f8..0adf58358 100644
--- a/vendor/github.com/containers/common/pkg/sysinfo/numcpu_linux.go
+++ b/vendor/github.com/containers/common/pkg/sysinfo/numcpu_linux.go
@@ -1,3 +1,4 @@
+//go:build linux
// +build linux
package sysinfo
diff --git a/vendor/github.com/containers/common/pkg/sysinfo/numcpu_windows.go b/vendor/github.com/containers/common/pkg/sysinfo/numcpu_windows.go
index 1d89dd550..94160ad57 100644
--- a/vendor/github.com/containers/common/pkg/sysinfo/numcpu_windows.go
+++ b/vendor/github.com/containers/common/pkg/sysinfo/numcpu_windows.go
@@ -1,3 +1,4 @@
+//go:build windows
// +build windows
package sysinfo
diff --git a/vendor/github.com/containers/common/pkg/sysinfo/nummem_linux.go b/vendor/github.com/containers/common/pkg/sysinfo/nummem_linux.go
index 1fc4e6d19..859791e36 100644
--- a/vendor/github.com/containers/common/pkg/sysinfo/nummem_linux.go
+++ b/vendor/github.com/containers/common/pkg/sysinfo/nummem_linux.go
@@ -1,3 +1,4 @@
+//go:build linux
// +build linux
package sysinfo
diff --git a/vendor/github.com/containers/common/pkg/sysinfo/nummem_unsupported.go b/vendor/github.com/containers/common/pkg/sysinfo/nummem_unsupported.go
index e3c851fe6..c9e4184aa 100644
--- a/vendor/github.com/containers/common/pkg/sysinfo/nummem_unsupported.go
+++ b/vendor/github.com/containers/common/pkg/sysinfo/nummem_unsupported.go
@@ -1,4 +1,5 @@
-// +build windows, osx
+//go:build (windows && ignore) || osx
+// +build windows,ignore osx
package sysinfo
diff --git a/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_solaris.go b/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_solaris.go
index 7463cdd8f..801db8c80 100644
--- a/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_solaris.go
+++ b/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_solaris.go
@@ -1,3 +1,4 @@
+//go:build solaris && cgo
// +build solaris,cgo
package sysinfo
diff --git a/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_unix.go b/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_unix.go
index 45f3ef1c6..4aa9401f6 100644
--- a/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_unix.go
+++ b/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_unix.go
@@ -1,3 +1,4 @@
+//go:build !linux && !solaris && !windows
// +build !linux,!solaris,!windows
package sysinfo
diff --git a/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_windows.go b/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_windows.go
index 4e6255bc5..455a8892f 100644
--- a/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_windows.go
+++ b/vendor/github.com/containers/common/pkg/sysinfo/sysinfo_windows.go
@@ -1,3 +1,4 @@
+//go:build windows
// +build windows
package sysinfo
diff --git a/vendor/github.com/containers/common/pkg/umask/umask_unix.go b/vendor/github.com/containers/common/pkg/umask/umask_unix.go
index bb589f7ac..e59d7bea7 100644
--- a/vendor/github.com/containers/common/pkg/umask/umask_unix.go
+++ b/vendor/github.com/containers/common/pkg/umask/umask_unix.go
@@ -1,3 +1,4 @@
+//go:build linux || darwin
// +build linux darwin
package umask
diff --git a/vendor/github.com/containers/common/pkg/umask/umask_unsupported.go b/vendor/github.com/containers/common/pkg/umask/umask_unsupported.go
index 9041d5f20..cf76ea1d3 100644
--- a/vendor/github.com/containers/common/pkg/umask/umask_unsupported.go
+++ b/vendor/github.com/containers/common/pkg/umask/umask_unsupported.go
@@ -1,3 +1,4 @@
+//go:build !linux && !darwin
// +build !linux,!darwin
package umask
diff --git a/vendor/github.com/containers/common/pkg/util/util_supported.go b/vendor/github.com/containers/common/pkg/util/util_supported.go
index 422e28742..284f3ffdd 100644
--- a/vendor/github.com/containers/common/pkg/util/util_supported.go
+++ b/vendor/github.com/containers/common/pkg/util/util_supported.go
@@ -1,3 +1,4 @@
+//go:build linux || darwin
// +build linux darwin
package util
@@ -19,6 +20,12 @@ var (
rootlessRuntimeDir string
)
+// isWriteableOnlyByOwner checks that the specified permission mask allows write
+// access only to the owner.
+func isWriteableOnlyByOwner(perm os.FileMode) bool {
+ return (perm & 0722) == 0700
+}
+
// GetRuntimeDir returns the runtime directory
func GetRuntimeDir() (string, error) {
var rootlessRuntimeDirError error
@@ -43,7 +50,7 @@ func GetRuntimeDir() (string, error) {
logrus.Debugf("unable to make temp dir: %v", err)
}
st, err := os.Stat(tmpDir)
- if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && st.Mode().Perm() == 0700 {
+ if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && isWriteableOnlyByOwner(st.Mode().Perm()) {
runtimeDir = tmpDir
}
}
@@ -53,7 +60,7 @@ func GetRuntimeDir() (string, error) {
logrus.Debugf("unable to make temp dir %v", err)
}
st, err := os.Stat(tmpDir)
- if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && st.Mode().Perm() == 0700 {
+ if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && isWriteableOnlyByOwner(st.Mode().Perm()) {
runtimeDir = tmpDir
}
}
diff --git a/vendor/github.com/containers/common/pkg/util/util_windows.go b/vendor/github.com/containers/common/pkg/util/util_windows.go
index 2add712f1..1cffb21fc 100644
--- a/vendor/github.com/containers/common/pkg/util/util_windows.go
+++ b/vendor/github.com/containers/common/pkg/util/util_windows.go
@@ -1,3 +1,4 @@
+//go:build windows
// +build windows
package util
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 9f4d8eff3..c3dae287f 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -109,7 +109,7 @@ github.com/containers/buildah/pkg/rusage
github.com/containers/buildah/pkg/sshagent
github.com/containers/buildah/pkg/util
github.com/containers/buildah/util
-# github.com/containers/common v0.47.5-0.20220228211119-9880eb424fde
+# github.com/containers/common v0.47.5-0.20220318125043-0ededd18a1f9
## explicit
github.com/containers/common/libimage
github.com/containers/common/libimage/manifests