aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--go.mod2
-rw-r--r--go.sum5
-rw-r--r--vendor/github.com/containers/common/pkg/auth/auth.go49
-rw-r--r--vendor/github.com/containers/common/pkg/chown/chown_unix.go8
-rw-r--r--vendor/github.com/containers/common/pkg/chown/chown_windows.go2
-rw-r--r--vendor/github.com/containers/common/pkg/config/config.go30
-rw-r--r--vendor/github.com/containers/common/pkg/config/default.go4
-rw-r--r--vendor/github.com/containers/common/pkg/config/util_supported.go6
-rw-r--r--vendor/github.com/containers/common/pkg/parse/parse.go6
-rw-r--r--vendor/github.com/containers/common/pkg/parse/parse_unix.go2
-rw-r--r--vendor/github.com/containers/common/pkg/seccomp/default_linux.go1
-rw-r--r--vendor/github.com/containers/common/pkg/seccomp/seccomp.json1
-rw-r--r--vendor/github.com/containers/common/pkg/subscriptions/subscriptions.go20
-rw-r--r--vendor/github.com/containers/common/version/version.go2
-rw-r--r--vendor/modules.txt2
15 files changed, 74 insertions, 66 deletions
diff --git a/go.mod b/go.mod
index 3d95342f0..6d5a78111 100644
--- a/go.mod
+++ b/go.mod
@@ -11,7 +11,7 @@ require (
github.com/containernetworking/cni v0.8.1
github.com/containernetworking/plugins v0.9.1
github.com/containers/buildah v1.20.1-0.20210402144408-36a37402d0c8
- github.com/containers/common v0.36.0
+ github.com/containers/common v0.37.0
github.com/containers/conmon v2.0.20+incompatible
github.com/containers/image/v5 v5.11.1
github.com/containers/ocicrypt v1.1.1
diff --git a/go.sum b/go.sum
index 88138792d..cf467c3f6 100644
--- a/go.sum
+++ b/go.sum
@@ -193,8 +193,8 @@ github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRD
github.com/containers/buildah v1.20.1-0.20210402144408-36a37402d0c8 h1:RlqbDlfE3+qrq4bNTZG7NVPqCDzfZrgE/yicu0VAykQ=
github.com/containers/buildah v1.20.1-0.20210402144408-36a37402d0c8/go.mod h1:iowyscoAC5jwNDhs3c5CLGdBZ9FJk5UOoN2I5TdmXFs=
github.com/containers/common v0.35.4/go.mod h1:rMzxgD7nMGw++cEbsp+NZv0UJO4rgXbm7F7IbJPTwIE=
-github.com/containers/common v0.36.0 h1:7/0GM3oi2ROmKAg/8pDWJ8BU2BXdbmy7Gk2/SFCTV38=
-github.com/containers/common v0.36.0/go.mod h1:rMzxgD7nMGw++cEbsp+NZv0UJO4rgXbm7F7IbJPTwIE=
+github.com/containers/common v0.37.0 h1:RRyR8FITTJXfrF7J9KXKSplywY4zsXoA2kuQXMaUaNo=
+github.com/containers/common v0.37.0/go.mod h1:dgbJcccCPTmncqxhma56+XW+6d5VzqGF6jtkMHyu3v0=
github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg=
github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I=
github.com/containers/image/v5 v5.10.5/go.mod h1:SgIbWEedCNBbn2FI5cH0/jed1Ecy2s8XK5zTxvJTzII=
@@ -213,6 +213,7 @@ github.com/containers/storage v1.23.5/go.mod h1:ha26Q6ngehFNhf3AWoXldvAvwI4jFe3E
github.com/containers/storage v1.24.8/go.mod h1:YC+2pY8SkfEAcZkwycxYbpK8EiRbx5soPPwz9dxe4IQ=
github.com/containers/storage v1.28.0/go.mod h1:ixAwO7Bj31cigqPEG7aCz+PYmxkDxbIFdUFioYdxbzI=
github.com/containers/storage v1.28.1/go.mod h1:5bwiMh2LkrN3AWIfDFMH7A/xbVNLcve+oeXYvHvW8cc=
+github.com/containers/storage v1.29.0/go.mod h1:u84RU4CCufGeJBNTRNwMB+FoE+AiFeFw4SsMoqAOeCM=
github.com/containers/storage v1.30.0 h1:KS6zmoPyy0Qcx1HCCiseQ0ysSckRvtiuoVpIGh9iwQA=
github.com/containers/storage v1.30.0/go.mod h1:M/xn0pg6ReYFrLtWl5YELI/a4Xjq+Z3e5GJxQrJCcDI=
github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk=
diff --git a/vendor/github.com/containers/common/pkg/auth/auth.go b/vendor/github.com/containers/common/pkg/auth/auth.go
index 88028d9f8..a9ad60f43 100644
--- a/vendor/github.com/containers/common/pkg/auth/auth.go
+++ b/vendor/github.com/containers/common/pkg/auth/auth.go
@@ -5,6 +5,7 @@ import (
"context"
"fmt"
"os"
+ "path/filepath"
"strings"
"github.com/containers/image/v5/docker"
@@ -13,18 +14,20 @@ import (
"github.com/containers/image/v5/types"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
- "golang.org/x/crypto/ssh/terminal"
+ terminal "golang.org/x/term"
)
// GetDefaultAuthFile returns env value REGISTRY_AUTH_FILE as default
// --authfile path used in multiple --authfile flag definitions
// Will fail over to DOCKER_CONFIG if REGISTRY_AUTH_FILE environment is not set
func GetDefaultAuthFile() string {
- authfile := os.Getenv("REGISTRY_AUTH_FILE")
- if authfile == "" {
- authfile = os.Getenv("DOCKER_CONFIG")
+ if authfile := os.Getenv("REGISTRY_AUTH_FILE"); authfile != "" {
+ return authfile
+ }
+ if auth_env := os.Getenv("DOCKER_CONFIG"); auth_env != "" {
+ return filepath.Join(auth_env, "config.json")
}
- return authfile
+ return ""
}
// CheckAuthFile validates filepath given by --authfile
@@ -34,7 +37,7 @@ func CheckAuthFile(authfile string) error {
return nil
}
if _, err := os.Stat(authfile); err != nil {
- return errors.Wrapf(err, "error checking authfile path %s", authfile)
+ return errors.Wrap(err, "checking authfile")
}
return nil
}
@@ -70,11 +73,11 @@ func Login(ctx context.Context, systemContext *types.SystemContext, opts *LoginO
err error
)
if len(args) > 1 {
- return errors.Errorf("login accepts only one registry to login to")
+ return errors.New("login accepts only one registry to login to")
}
if len(args) == 0 {
if !opts.AcceptUnspecifiedRegistry {
- return errors.Errorf("please provide a registry to login to")
+ return errors.New("please provide a registry to login to")
}
if server, err = defaultRegistryWhenUnspecified(systemContext); err != nil {
return err
@@ -85,7 +88,7 @@ func Login(ctx context.Context, systemContext *types.SystemContext, opts *LoginO
}
authConfig, err := config.GetCredentials(systemContext, server)
if err != nil {
- return errors.Wrapf(err, "error reading auth file")
+ return errors.Wrap(err, "reading auth file")
}
if opts.GetLoginSet {
if authConfig.Username == "" {
@@ -95,17 +98,17 @@ func Login(ctx context.Context, systemContext *types.SystemContext, opts *LoginO
return nil
}
if authConfig.IdentityToken != "" {
- return errors.Errorf("currently logged in, auth file contains an Identity token")
+ return errors.New("currently logged in, auth file contains an Identity token")
}
password := opts.Password
if opts.StdinPassword {
var stdinPasswordStrBuilder strings.Builder
if opts.Password != "" {
- return errors.Errorf("Can't specify both --password-stdin and --password")
+ return errors.New("Can't specify both --password-stdin and --password")
}
if opts.Username == "" {
- return errors.Errorf("Must provide --username with --password-stdin")
+ return errors.New("Must provide --username with --password-stdin")
}
scanner := bufio.NewScanner(opts.Stdin)
for scanner.Scan() {
@@ -126,7 +129,7 @@ func Login(ctx context.Context, systemContext *types.SystemContext, opts *LoginO
username, password, err := getUserAndPass(opts, password, authConfig.Username)
if err != nil {
- return errors.Wrapf(err, "error getting username and password")
+ return errors.Wrap(err, "getting username and password")
}
if err = docker.CheckAuth(ctx, systemContext, username, password, server); err == nil {
@@ -143,7 +146,7 @@ func Login(ctx context.Context, systemContext *types.SystemContext, opts *LoginO
logrus.Debugf("error logging into %q: %v", server, unauthorized)
return errors.Errorf("error logging into %q: invalid username/password", server)
}
- return errors.Wrapf(err, "error authenticating creds for %q", server)
+ return errors.Wrapf(err, "authenticating creds for %q", server)
}
// getRegistryName scrubs and parses the input to get the server name
@@ -172,7 +175,7 @@ func getUserAndPass(opts *LoginOptions, password, userFromAuthFile string) (user
}
username, err = reader.ReadString('\n')
if err != nil {
- return "", "", errors.Wrapf(err, "error reading username")
+ return "", "", errors.Wrap(err, "reading username")
}
// If the user just hit enter, use the displayed user from the
// the authentication file. This allows to do a lazy
@@ -186,7 +189,7 @@ func getUserAndPass(opts *LoginOptions, password, userFromAuthFile string) (user
fmt.Fprint(opts.Stdout, "Password: ")
pass, err := terminal.ReadPassword(0)
if err != nil {
- return "", "", errors.Wrapf(err, "error reading password")
+ return "", "", errors.Wrap(err, "reading password")
}
password = string(pass)
fmt.Fprintln(opts.Stdout)
@@ -206,11 +209,11 @@ func Logout(systemContext *types.SystemContext, opts *LogoutOptions, args []stri
err error
)
if len(args) > 1 {
- return errors.Errorf("logout accepts only one registry to logout from")
+ return errors.New("logout accepts only one registry to logout from")
}
if len(args) == 0 && !opts.All {
if !opts.AcceptUnspecifiedRegistry {
- return errors.Errorf("please provide a registry to logout from")
+ return errors.New("please provide a registry to logout from")
}
if server, err = defaultRegistryWhenUnspecified(systemContext); err != nil {
return err
@@ -219,7 +222,7 @@ func Logout(systemContext *types.SystemContext, opts *LogoutOptions, args []stri
}
if len(args) != 0 {
if opts.All {
- return errors.Errorf("--all takes no arguments")
+ return errors.New("--all takes no arguments")
}
server = getRegistryName(args[0])
}
@@ -240,7 +243,7 @@ func Logout(systemContext *types.SystemContext, opts *LogoutOptions, args []stri
case config.ErrNotLoggedIn:
authConfig, err := config.GetCredentials(systemContext, server)
if err != nil {
- return errors.Wrapf(err, "error reading auth file")
+ return errors.Wrap(err, "reading auth file")
}
authInvalid := docker.CheckAuth(context.Background(), systemContext, authConfig.Username, authConfig.Password, server)
if authConfig.Username != "" && authConfig.Password != "" && authInvalid == nil {
@@ -249,7 +252,7 @@ func Logout(systemContext *types.SystemContext, opts *LogoutOptions, args []stri
}
return errors.Errorf("Not logged into %s\n", server)
default:
- return errors.Wrapf(err, "error logging out of %q", server)
+ return errors.Wrapf(err, "logging out of %q", server)
}
}
@@ -258,10 +261,10 @@ func Logout(systemContext *types.SystemContext, opts *LogoutOptions, args []stri
func defaultRegistryWhenUnspecified(systemContext *types.SystemContext) (string, error) {
registriesFromFile, err := sysregistriesv2.UnqualifiedSearchRegistries(systemContext)
if err != nil {
- return "", errors.Wrapf(err, "error getting registry from registry.conf, please specify a registry")
+ return "", errors.Wrap(err, "getting registry from registry.conf, please specify a registry")
}
if len(registriesFromFile) == 0 {
- return "", errors.Errorf("no registries found in registries.conf, a registry must be provided")
+ return "", errors.New("no registries found in registries.conf, a registry must be provided")
}
return registriesFromFile[0], nil
}
diff --git a/vendor/github.com/containers/common/pkg/chown/chown_unix.go b/vendor/github.com/containers/common/pkg/chown/chown_unix.go
index 82342f6af..921927de4 100644
--- a/vendor/github.com/containers/common/pkg/chown/chown_unix.go
+++ b/vendor/github.com/containers/common/pkg/chown/chown_unix.go
@@ -16,7 +16,7 @@ func ChangeHostPathOwnership(path string, recursive bool, uid, gid int) error {
// Validate if host path can be chowned
isDangerous, err := DangerousHostPath(path)
if err != nil {
- return errors.Wrapf(err, "failed to validate if host path is dangerous")
+ return errors.Wrap(err, "failed to validate if host path is dangerous")
}
if isDangerous {
@@ -42,13 +42,13 @@ func ChangeHostPathOwnership(path string, recursive bool, uid, gid int) error {
})
if err != nil {
- return errors.Wrapf(err, "failed to chown recursively host path")
+ return errors.Wrap(err, "failed to chown recursively host path")
}
} else {
// Get host path info
f, err := os.Lstat(path)
if err != nil {
- return errors.Wrapf(err, "failed to get host path information")
+ return errors.Wrap(err, "failed to get host path information")
}
// Get current ownership
@@ -57,7 +57,7 @@ func ChangeHostPathOwnership(path string, recursive bool, uid, gid int) error {
if uid != currentUID || gid != currentGID {
if err := os.Lchown(path, uid, gid); err != nil {
- return errors.Wrapf(err, "failed to chown host path")
+ return errors.Wrap(err, "failed to chown host path")
}
}
}
diff --git a/vendor/github.com/containers/common/pkg/chown/chown_windows.go b/vendor/github.com/containers/common/pkg/chown/chown_windows.go
index ad6039a90..0c4b8e1b5 100644
--- a/vendor/github.com/containers/common/pkg/chown/chown_windows.go
+++ b/vendor/github.com/containers/common/pkg/chown/chown_windows.go
@@ -7,5 +7,5 @@ import (
// ChangeHostPathOwnership changes the uid and gid ownership of a directory or file within the host.
// This is used by the volume U flag to change source volumes ownership
func ChangeHostPathOwnership(path string, recursive bool, uid, gid int) error {
- return errors.Errorf("windows not supported")
+ return errors.New("windows not supported")
}
diff --git a/vendor/github.com/containers/common/pkg/config/config.go b/vendor/github.com/containers/common/pkg/config/config.go
index 4a98c7e92..1629bea29 100644
--- a/vendor/github.com/containers/common/pkg/config/config.go
+++ b/vendor/github.com/containers/common/pkg/config/config.go
@@ -465,16 +465,17 @@ func NewConfig(userConfigPath string) (*Config, error) {
// Now, gather the system configs and merge them as needed.
configs, err := systemConfigs()
if err != nil {
- return nil, errors.Wrapf(err, "error finding config on system")
+ return nil, errors.Wrap(err, "finding config on system")
}
for _, path := range configs {
// Merge changes in later configs with the previous configs.
// Each config file that specified fields, will override the
// previous fields.
if err = readConfigFromFile(path, config); err != nil {
- return nil, errors.Wrapf(err, "error reading system config %q", path)
+ return nil, errors.Wrapf(err, "reading system config %q", path)
}
- logrus.Debugf("Merged system config %q: %+v", path, config)
+ logrus.Debugf("Merged system config %q", path)
+ logrus.Tracef("%+v", config)
}
// If the caller specified a config path to use, then we read it to
@@ -484,9 +485,10 @@ func NewConfig(userConfigPath string) (*Config, error) {
// readConfigFromFile reads in container config in the specified
// file and then merge changes with the current default.
if err = readConfigFromFile(userConfigPath, config); err != nil {
- return nil, errors.Wrapf(err, "error reading user config %q", userConfigPath)
+ return nil, errors.Wrapf(err, "reading user config %q", userConfigPath)
}
- logrus.Debugf("Merged user config %q: %+v", userConfigPath, config)
+ logrus.Debugf("Merged user config %q", userConfigPath)
+ logrus.Tracef("%+v", config)
}
config.addCAPPrefix()
@@ -502,9 +504,9 @@ func NewConfig(userConfigPath string) (*Config, error) {
// default config. If the path, only specifies a few fields in the Toml file
// the defaults from the config parameter will be used for all other fields.
func readConfigFromFile(path string, config *Config) error {
- logrus.Debugf("Reading configuration file %q", path)
+ logrus.Tracef("Reading configuration file %q", path)
if _, err := toml.DecodeFile(path, config); err != nil {
- return errors.Wrapf(err, "unable to decode configuration %v", path)
+ return errors.Wrapf(err, "decode configuration %v", path)
}
return nil
}
@@ -517,7 +519,7 @@ func systemConfigs() ([]string, error) {
path := os.Getenv("CONTAINERS_CONF")
if path != "" {
if _, err := os.Stat(path); err != nil {
- return nil, errors.Wrapf(err, "failed to stat of %s from CONTAINERS_CONF environment variable", path)
+ return nil, errors.Wrap(err, "CONTAINERS_CONF file")
}
return append(configs, path), nil
}
@@ -554,7 +556,7 @@ func (c *Config) CheckCgroupsAndAdjustConfig() {
hasSession = err == nil
}
- if !hasSession {
+ if !hasSession && unshare.GetRootlessUID() != 0 {
logrus.Warningf("The cgroupv2 manager is set to systemd but there is no systemd user session available")
logrus.Warningf("For using systemd, you may need to login using an user session")
logrus.Warningf("Alternatively, you can enable lingering with: `loginctl enable-linger %d` (possibly as root)", unshare.GetRootlessUID())
@@ -579,7 +581,7 @@ func (c *Config) addCAPPrefix() {
func (c *Config) Validate() error {
if err := c.Containers.Validate(); err != nil {
- return errors.Wrapf(err, " error validating containers config")
+ return errors.Wrap(err, "validating containers config")
}
if !c.Containers.EnableLabeling {
@@ -587,11 +589,11 @@ func (c *Config) Validate() error {
}
if err := c.Engine.Validate(); err != nil {
- return errors.Wrapf(err, "error validating engine configs")
+ return errors.Wrap(err, "validating engine configs")
}
if err := c.Network.Validate(); err != nil {
- return errors.Wrapf(err, "error validating network configs")
+ return errors.Wrap(err, "validating network configs")
}
return nil
@@ -606,7 +608,7 @@ func (c *EngineConfig) findRuntime() string {
}
}
if path, err := exec.LookPath(name); err == nil {
- logrus.Warningf("Found default OCIruntime %s path which is missing from [engine.runtimes] in containers.conf", path)
+ logrus.Debugf("Found default OCI runtime %s path via PATH environment variable", path)
return name
}
}
@@ -1001,7 +1003,7 @@ func (c *Config) Write() error {
}
configFile, err := os.OpenFile(path, os.O_CREATE|os.O_RDWR|os.O_TRUNC, 0600)
if err != nil {
- return errors.Wrapf(err, "cannot open %s", path)
+ return err
}
defer configFile.Close()
enc := toml.NewEncoder(configFile)
diff --git a/vendor/github.com/containers/common/pkg/config/default.go b/vendor/github.com/containers/common/pkg/config/default.go
index 4c55af5c1..72744bb12 100644
--- a/vendor/github.com/containers/common/pkg/config/default.go
+++ b/vendor/github.com/containers/common/pkg/config/default.go
@@ -331,10 +331,10 @@ func defaultTmpDir() (string, error) {
if err := os.Mkdir(libpodRuntimeDir, 0700|os.ModeSticky); err != nil {
if !os.IsExist(err) {
- return "", errors.Wrapf(err, "cannot mkdir %s", libpodRuntimeDir)
+ return "", err
} else if err := os.Chmod(libpodRuntimeDir, 0700|os.ModeSticky); err != nil {
// The directory already exist, just set the sticky bit
- return "", errors.Wrapf(err, "could not set sticky bit on %s", libpodRuntimeDir)
+ return "", errors.Wrap(err, "set sticky bit on")
}
}
return filepath.Join(libpodRuntimeDir, "tmp"), nil
diff --git a/vendor/github.com/containers/common/pkg/config/util_supported.go b/vendor/github.com/containers/common/pkg/config/util_supported.go
index 326e7973a..417e3a375 100644
--- a/vendor/github.com/containers/common/pkg/config/util_supported.go
+++ b/vendor/github.com/containers/common/pkg/config/util_supported.go
@@ -40,7 +40,7 @@ func getRuntimeDir() (string, error) {
if runtimeDir == "" {
tmpDir := filepath.Join("/run", "user", uid)
if err := os.MkdirAll(tmpDir, 0700); err != nil {
- logrus.Debugf("unable to make temp dir %s", tmpDir)
+ logrus.Debugf("unable to make temp dir: %v", err)
}
st, err := os.Stat(tmpDir)
if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && st.Mode().Perm() == 0700 {
@@ -50,7 +50,7 @@ func getRuntimeDir() (string, error) {
if runtimeDir == "" {
tmpDir := filepath.Join(os.TempDir(), fmt.Sprintf("run-%s", uid))
if err := os.MkdirAll(tmpDir, 0700); err != nil {
- logrus.Debugf("unable to make temp dir %s", tmpDir)
+ logrus.Debugf("unable to make temp dir %v", err)
}
st, err := os.Stat(tmpDir)
if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && st.Mode().Perm() == 0700 {
@@ -65,7 +65,7 @@ func getRuntimeDir() (string, error) {
}
resolvedHome, err := filepath.EvalSymlinks(home)
if err != nil {
- rootlessRuntimeDirError = errors.Wrapf(err, "cannot resolve %s", home)
+ rootlessRuntimeDirError = errors.Wrap(err, "cannot resolve home")
return
}
runtimeDir = filepath.Join(resolvedHome, "rundir")
diff --git a/vendor/github.com/containers/common/pkg/parse/parse.go b/vendor/github.com/containers/common/pkg/parse/parse.go
index 882953309..1a25957d6 100644
--- a/vendor/github.com/containers/common/pkg/parse/parse.go
+++ b/vendor/github.com/containers/common/pkg/parse/parse.go
@@ -138,11 +138,11 @@ func isValidDeviceMode(mode string) bool {
// ValidateVolumeHostDir validates a volume mount's source directory
func ValidateVolumeHostDir(hostDir string) error {
if hostDir == "" {
- return errors.Errorf("host directory cannot be empty")
+ return errors.New("host directory cannot be empty")
}
if filepath.IsAbs(hostDir) {
if _, err := os.Stat(hostDir); err != nil {
- return errors.Wrapf(err, "error checking path %q", hostDir)
+ return err
}
}
// If hostDir is not an absolute path, that means the user wants to create a
@@ -153,7 +153,7 @@ func ValidateVolumeHostDir(hostDir string) error {
// ValidateVolumeCtrDir validates a volume mount's destination directory.
func ValidateVolumeCtrDir(ctrDir string) error {
if ctrDir == "" {
- return errors.Errorf("container directory cannot be empty")
+ return errors.New("container directory cannot be empty")
}
if !filepath.IsAbs(ctrDir) {
return errors.Errorf("invalid container path %q, must be an absolute path", ctrDir)
diff --git a/vendor/github.com/containers/common/pkg/parse/parse_unix.go b/vendor/github.com/containers/common/pkg/parse/parse_unix.go
index c07471c93..ce4446a1b 100644
--- a/vendor/github.com/containers/common/pkg/parse/parse_unix.go
+++ b/vendor/github.com/containers/common/pkg/parse/parse_unix.go
@@ -22,7 +22,7 @@ func DeviceFromPath(device string) ([]devices.Device, error) {
}
srcInfo, err := os.Stat(src)
if err != nil {
- return nil, errors.Wrapf(err, "error getting info of source device %s", src)
+ return nil, err
}
if !srcInfo.IsDir() {
diff --git a/vendor/github.com/containers/common/pkg/seccomp/default_linux.go b/vendor/github.com/containers/common/pkg/seccomp/default_linux.go
index 24077778e..f86f3e2ba 100644
--- a/vendor/github.com/containers/common/pkg/seccomp/default_linux.go
+++ b/vendor/github.com/containers/common/pkg/seccomp/default_linux.go
@@ -299,6 +299,7 @@ func DefaultProfile() *Seccomp {
"sendmmsg",
"sendmsg",
"sendto",
+ "setns",
"set_robust_list",
"set_thread_area",
"set_tid_address",
diff --git a/vendor/github.com/containers/common/pkg/seccomp/seccomp.json b/vendor/github.com/containers/common/pkg/seccomp/seccomp.json
index 48420905c..8d799fd02 100644
--- a/vendor/github.com/containers/common/pkg/seccomp/seccomp.json
+++ b/vendor/github.com/containers/common/pkg/seccomp/seccomp.json
@@ -303,6 +303,7 @@
"sendmmsg",
"sendmsg",
"sendto",
+ "setns",
"set_robust_list",
"set_thread_area",
"set_tid_address",
diff --git a/vendor/github.com/containers/common/pkg/subscriptions/subscriptions.go b/vendor/github.com/containers/common/pkg/subscriptions/subscriptions.go
index 6aa66b0c8..4b7253b31 100644
--- a/vendor/github.com/containers/common/pkg/subscriptions/subscriptions.go
+++ b/vendor/github.com/containers/common/pkg/subscriptions/subscriptions.go
@@ -225,7 +225,7 @@ func addSubscriptionsFromMountsFile(filePath, mountLabel, containerWorkingDir st
logrus.Warnf("Path %q from %q doesn't exist, skipping", hostDirOrFile, filePath)
continue
}
- return nil, errors.Wrapf(err, "failed to stat %q", hostDirOrFile)
+ return nil, err
}
ctrDirOrFileOnHost := filepath.Join(containerWorkingDir, ctrDirOrFile)
@@ -246,11 +246,11 @@ func addSubscriptionsFromMountsFile(filePath, mountLabel, containerWorkingDir st
switch mode := fileInfo.Mode(); {
case mode.IsDir():
if err = os.MkdirAll(ctrDirOrFileOnHost, mode.Perm()); err != nil {
- return nil, errors.Wrapf(err, "making container directory %q failed", ctrDirOrFileOnHost)
+ return nil, errors.Wrap(err, "making container directory")
}
data, err := getHostSubscriptionData(hostDirOrFile, mode.Perm())
if err != nil {
- return nil, errors.Wrapf(err, "getting host subscription data failed")
+ return nil, errors.Wrap(err, "getting host subscription data")
}
for _, s := range data {
if err := s.saveTo(ctrDirOrFileOnHost); err != nil {
@@ -260,7 +260,7 @@ func addSubscriptionsFromMountsFile(filePath, mountLabel, containerWorkingDir st
case mode.IsRegular():
data, err := readFileOrDir("", hostDirOrFile, mode.Perm())
if err != nil {
- return nil, errors.Wrapf(err, "error reading file %q", hostDirOrFile)
+ return nil, err
}
for _, s := range data {
@@ -268,7 +268,7 @@ func addSubscriptionsFromMountsFile(filePath, mountLabel, containerWorkingDir st
return nil, err
}
if err := ioutil.WriteFile(ctrDirOrFileOnHost, s.data, s.mode); err != nil {
- return nil, errors.Wrapf(err, "error saving data to container filesystem on host %q", ctrDirOrFileOnHost)
+ return nil, errors.Wrap(err, "saving data to container filesystem")
}
}
default:
@@ -285,7 +285,7 @@ func addSubscriptionsFromMountsFile(filePath, mountLabel, containerWorkingDir st
}
}
} else if err != nil {
- return nil, errors.Wrapf(err, "error getting status of %q", ctrDirOrFileOnHost)
+ return nil, err
}
m := rspec.Mount{
@@ -309,10 +309,10 @@ func addFIPSModeSubscription(mounts *[]rspec.Mount, containerWorkingDir, mountPo
ctrDirOnHost := filepath.Join(containerWorkingDir, subscriptionsDir)
if _, err := os.Stat(ctrDirOnHost); os.IsNotExist(err) {
if err = idtools.MkdirAllAs(ctrDirOnHost, 0755, uid, gid); err != nil { //nolint
- return errors.Wrapf(err, "making container directory %q on host failed", ctrDirOnHost)
+ return err
}
if err = label.Relabel(ctrDirOnHost, mountLabel, false); err != nil {
- return errors.Wrapf(err, "error applying correct labels on %q", ctrDirOnHost)
+ return errors.Wrapf(err, "applying correct labels on %q", ctrDirOnHost)
}
}
fipsFile := filepath.Join(ctrDirOnHost, "system-fips")
@@ -320,7 +320,7 @@ func addFIPSModeSubscription(mounts *[]rspec.Mount, containerWorkingDir, mountPo
if _, err := os.Stat(fipsFile); os.IsNotExist(err) {
file, err := os.Create(fipsFile)
if err != nil {
- return errors.Wrapf(err, "error creating system-fips file in container for FIPS mode")
+ return errors.Wrap(err, "creating system-fips file in container for FIPS mode")
}
defer file.Close()
}
@@ -342,7 +342,7 @@ func addFIPSModeSubscription(mounts *[]rspec.Mount, containerWorkingDir, mountPo
if os.IsNotExist(err) {
return nil
}
- return errors.Wrapf(err, "failed to stat FIPS Backend directory %q", ctrDirOnHost)
+ return errors.Wrap(err, "FIPS Backend directory")
}
if !mountExists(*mounts, destDir) {
diff --git a/vendor/github.com/containers/common/version/version.go b/vendor/github.com/containers/common/version/version.go
index 67f454c9a..d9e7ffec7 100644
--- a/vendor/github.com/containers/common/version/version.go
+++ b/vendor/github.com/containers/common/version/version.go
@@ -1,4 +1,4 @@
package version
// Version is the version of the build.
-const Version = "0.36.0"
+const Version = "0.37.0"
diff --git a/vendor/modules.txt b/vendor/modules.txt
index f647ea8f2..77dcb9744 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -93,7 +93,7 @@ github.com/containers/buildah/pkg/parse
github.com/containers/buildah/pkg/rusage
github.com/containers/buildah/pkg/supplemented
github.com/containers/buildah/util
-# github.com/containers/common v0.36.0
+# github.com/containers/common v0.37.0
github.com/containers/common/pkg/apparmor
github.com/containers/common/pkg/apparmor/internal/supported
github.com/containers/common/pkg/auth