From a42c131c80fc8c7220687c56cf4384a224572ca0 Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@redhat.com>
Date: Mon, 25 Oct 2021 07:22:11 -0400
Subject: Update vendor github.com/opencontainers/runtime-tools

This will change mount of /dev within container to noexec, making
containers slightly more secure.

[NO NEW TESTS NEEDED]

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
---
 libpod/container_internal_linux.go | 5 +++--
 libpod/options.go                  | 2 +-
 libpod/runtime_ctr.go              | 2 +-
 3 files changed, 5 insertions(+), 4 deletions(-)

(limited to 'libpod')

diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index 27cc318b4..d3151f7e0 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -322,7 +322,7 @@ func (c *Container) generateSpec(ctx context.Context) (*spec.Spec, error) {
 		return nil, err
 	}
 
-	g := generate.Generator{Config: c.config.Spec}
+	g := generate.NewFromSpec(c.config.Spec)
 
 	// If network namespace was requested, add it now
 	if c.config.CreateNetNS {
@@ -1219,7 +1219,8 @@ func (c *Container) importCheckpoint(input string) error {
 	}
 
 	// Make sure the newly created config.json exists on disk
-	g := generate.Generator{Config: c.config.Spec}
+	g := generate.NewFromSpec(c.config.Spec)
+
 	if err := c.saveSpec(g.Config); err != nil {
 		return errors.Wrap(err, "saving imported container specification for restore failed")
 	}
diff --git a/libpod/options.go b/libpod/options.go
index 9762de67e..135b2f363 100644
--- a/libpod/options.go
+++ b/libpod/options.go
@@ -969,7 +969,7 @@ func WithUserNSFrom(nsCtr *Container) CtrCreateOption {
 		if err := JSONDeepCopy(nsCtr.IDMappings(), &ctr.config.IDMappings); err != nil {
 			return err
 		}
-		g := generate.Generator{Config: ctr.config.Spec}
+		g := generate.NewFromSpec(ctr.config.Spec)
 
 		g.ClearLinuxUIDMappings()
 		for _, uidmap := range nsCtr.config.IDMappings.UIDMap {
diff --git a/libpod/runtime_ctr.go b/libpod/runtime_ctr.go
index 2256ba57c..0a7db33f1 100644
--- a/libpod/runtime_ctr.go
+++ b/libpod/runtime_ctr.go
@@ -389,7 +389,7 @@ func (r *Runtime) setupContainer(ctx context.Context, ctr *Container) (_ *Contai
 	if ctr.restoreFromCheckpoint {
 		// Remove information about bind mount
 		// for new container from imported checkpoint
-		g := generate.Generator{Config: ctr.config.Spec}
+		g := generate.NewFromSpec(ctr.config.Spec)
 		g.RemoveMount("/dev/shm")
 		ctr.config.ShmDir = ""
 		g.RemoveMount("/etc/resolv.conf")
-- 
cgit v1.2.3-54-g00ecf