summaryrefslogtreecommitdiff
path: root/vendor/github.com/opencontainers
Commit message (Collapse)AuthorAge
* Vendor in latest opencontainers/selinuxDaniel J Walsh2019-01-18
| | | | | | | | | | | This will now verify labels passed in by the user. Will also prevent users from accidently relabeling their homedir. podman run -ti -v ~/home/user:Z fedora sh Is not a good idea. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* vendor: update everythingValentin Rothberg2019-01-11
| | | | | | | | * If possible, update each dependency to the latest available version. * Use releases over commit IDs and avoid vendoring branches. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #2082 from rhatdan/runcOpenShift Merge Robot2019-01-06
|\ | | | | Update vendor of runc
| * Update vendor of runcDaniel J Walsh2019-01-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Updating the vendor or runc to pull in some fixes that we need. In order to get this vendor to work, we needed to update the vendor of docker/docker, which causes all sorts of issues, just to fix the docker/pkg/sysinfo. Rather then doing this, I pulled in pkg/sysinfo into libpod and fixed the code locally. I then switched the use of docker/pkg/sysinfo to libpod/pkg/sysinfo. I also switched out the docker/pkg/mount to containers/storage/pkg/mount Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Vendor in latest containers/buildah codeDaniel J Walsh2019-01-05
|/ | | | | | | | | This should improve the speed of podman build. Has fixes from containres/image for parallell pull. Also vendor containers/storage and containers/image Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Set Socket label for contianerDaniel J Walsh2018-12-12
| | | | | | | This will allow container processes to write to the CRIU socket that gets injected into the container. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* vendor: update selinuxGiuseppe Scrivano2018-11-28
| | | | | | | inherit a change for not failing a recursive relabelling if the file is removed between the directory is read and the lsetxattr syscall. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Vendor in latest containers/storage opencontainers/selinuxDaniel J Walsh2018-10-23
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Vendor in latest opencontainers/runtime-toolsDaniel J Walsh2018-09-19
| | | | | | | | | | This will cause /proc inside of the container to match the mount options of the host. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1511 Approved by: baude
* vendor containerd/cgroupsbaude2018-09-06
| | | | | | | | | | | We need to vendor in the latest containerd/cgroups for a fix related to slice delegation and systemd <= 239. The opencontainer/runtime-spec is brought along for the ride. Signed-off-by: baude <bbaude@redhat.com> Closes: #1414 Approved by: mheon
* vendor: update buildah versionGiuseppe Scrivano2018-08-15
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1269 Approved by: rhatdan
* Update vendored version of runc,buildah,containers/imageDaniel J Walsh2018-07-27
| | | | | | | | | | | | | | | There is a compiler warning that has been fixed in the upstream, so I figured we should update to fix. Also vendor in latest buildah to get better support for running builds in rootless mode. Vendor in latest containers/image to allow daemon support to be pluggable. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1169 Approved by: mheon
* AppArmor: runtime check if it's enabled on the hostValentin Rothberg2018-07-23
| | | | | | | | | Check at runtime if AppArmor is enabled on the host. Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1128 Approved by: mheon
* vendor in selinux and buildah for darwin compilationbaude2018-07-02
| | | | | | | Signed-off-by: baude <bbaude@redhat.com> Closes: #1037 Approved by: baude
* Vendor in latest runtime-toolsbaude2018-06-27
| | | | | | | | | Newer runtime tools separates syscalls by OS so we can build darwin. Signed-off-by: baude <bbaude@redhat.com> Closes: #1007 Approved by: baude
* Vendor in go-selinux againDaniel J Walsh2018-06-26
| | | | | | Baude found an error in non linux bindings. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Update the vendoring of github.com/opencontainers/selinuxDaniel J Walsh2018-06-26
| | | | | | | | | THis should make libpod easier to build on non linux platforms. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1000 Approved by: mheon
* Vendor in latest go-selinuxDaniel J Walsh2018-06-19
| | | | | | | | | | This should fix the issue with iptables being denied execution on container cleanup Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #966 Approved by: mheon
* Remove unused runc filesMatthew Heon2018-03-01
| | | | | | | | | | We no longer use runc code to read network I/O usage. This lets us remove a lot of vendored code. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #425 Approved by: rhatdan
* Privileged containers should inherit host devicesbaude2018-02-15
| | | | | | | | | | When running a privileged container, it should inherit the same devices the host has. Signed-off-by: baude <bbaude@redhat.com> Closes: #330 Approved by: mheon
* Add support for shm-size.Daniel J Walsh2018-01-11
| | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #206 Approved by: TomSweeneyRedHat
* Add support for adding devices to containerDaniel J Walsh2017-12-19
| | | | | | | | | | Also add --quiet option to kpod create/run since this will help with writing tests. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #140 Approved by: TomSweeneyRedHat
* Vendor in latest storage, image and runtime-toolsDaniel J Walsh2017-12-18
| | | | | | | | | | | Need to pull in the latest containers/storage and containers/image to fix lots of issues. Also want to update runtime-tools to take advantage of newer generate code. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #152 Approved by: rhatdan
* Initial checkin from CRI-O repoMatthew Heon2017-11-01
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>