From 641046a79e1ccd9d9c16d6603070b755b7096050 Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Fri, 18 Dec 2020 09:18:11 +0000
Subject: Bump github.com/containers/common from 0.31.0 to 0.31.1

Bumps [github.com/containers/common](https://github.com/containers/common) from 0.31.0 to 0.31.1.
- [Release notes](https://github.com/containers/common/releases)
- [Commits](https://github.com/containers/common/compare/v0.31.0...v0.31.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
---
 .../containers/common/pkg/config/config.go         | 16 ++++++++++++++++
 .../containers/common/pkg/config/containers.conf   | 22 +++++++++++-----------
 .../containers/common/pkg/config/default.go        | 22 ++++++++++++----------
 .../containers/common/pkg/seccomp/default_linux.go |  3 +++
 .../containers/common/pkg/seccomp/seccomp.json     |  3 +++
 .../containers/common/version/version.go           |  2 +-
 6 files changed, 46 insertions(+), 22 deletions(-)

(limited to 'vendor/github.com')

diff --git a/vendor/github.com/containers/common/pkg/config/config.go b/vendor/github.com/containers/common/pkg/config/config.go
index 320d5e0e5..ea08ab6ad 100644
--- a/vendor/github.com/containers/common/pkg/config/config.go
+++ b/vendor/github.com/containers/common/pkg/config/config.go
@@ -586,6 +586,22 @@ func (c *Config) Validate() error {
 	return nil
 }
 
+func (c *EngineConfig) findRuntime() string {
+	// Search for crun first followed by runc and kata
+	for _, name := range []string{"crun", "runc", "kata"} {
+		for _, v := range c.OCIRuntimes[name] {
+			if _, err := os.Stat(v); err == nil {
+				return name
+			}
+		}
+		if path, err := exec.LookPath(name); err == nil {
+			logrus.Warningf("Found default OCIruntime %s path which is missing from [engine.runtimes] in containers.conf", path)
+			return name
+		}
+	}
+	return ""
+}
+
 // Validate is the main entry point for Engine configuration validation
 // It returns an `error` on validation failure, otherwise
 // `nil`.
diff --git a/vendor/github.com/containers/common/pkg/config/containers.conf b/vendor/github.com/containers/common/pkg/config/containers.conf
index 12fbecc22..483727da0 100644
--- a/vendor/github.com/containers/common/pkg/config/containers.conf
+++ b/vendor/github.com/containers/common/pkg/config/containers.conf
@@ -425,18 +425,8 @@ default_sysctls = [
 #     Path to file containing ssh identity key
 #     identity = "~/.ssh/id_rsa"
 
-# Paths to look for a valid OCI runtime (runc, runv, kata, etc)
+# Paths to look for a valid OCI runtime (crun, runc, kata, etc)
 [engine.runtimes]
-# runc = [
-#        "/usr/bin/runc",
-#        "/usr/sbin/runc",
-#        "/usr/local/bin/runc",
-#        "/usr/local/sbin/runc",
-#        "/sbin/runc",
-#        "/bin/runc",
-#        "/usr/lib/cri-o-runc/sbin/runc",
-# ]
-
 # crun = [
 #            "/usr/bin/crun",
 #            "/usr/sbin/crun",
@@ -447,6 +437,16 @@ default_sysctls = [
 #            "/run/current-system/sw/bin/crun",
 # ]
 
+# runc = [
+#        "/usr/bin/runc",
+#        "/usr/sbin/runc",
+#        "/usr/local/bin/runc",
+#        "/usr/local/sbin/runc",
+#        "/sbin/runc",
+#        "/bin/runc",
+#        "/usr/lib/cri-o-runc/sbin/runc",
+# ]
+
 # kata = [
 #            "/usr/bin/kata-runtime",
 #            "/usr/sbin/kata-runtime",
diff --git a/vendor/github.com/containers/common/pkg/config/default.go b/vendor/github.com/containers/common/pkg/config/default.go
index 2b3a098a7..e3a7a8e76 100644
--- a/vendor/github.com/containers/common/pkg/config/default.go
+++ b/vendor/github.com/containers/common/pkg/config/default.go
@@ -242,7 +242,6 @@ func defaultConfigFromMemory() (*EngineConfig, error) {
 	c.ImageDefaultTransport = _defaultTransport
 	c.StateType = BoltDBStateStore
 
-	c.OCIRuntime = "crun"
 	c.ImageBuildFormat = "oci"
 
 	c.CgroupManager = defaultCgroupManager()
@@ -250,6 +249,15 @@ func defaultConfigFromMemory() (*EngineConfig, error) {
 
 	c.Remote = isRemote()
 	c.OCIRuntimes = map[string][]string{
+		"crun": {
+			"/usr/bin/crun",
+			"/usr/sbin/crun",
+			"/usr/local/bin/crun",
+			"/usr/local/sbin/crun",
+			"/sbin/crun",
+			"/bin/crun",
+			"/run/current-system/sw/bin/crun",
+		},
 		"runc": {
 			"/usr/bin/runc",
 			"/usr/sbin/runc",
@@ -260,15 +268,6 @@ func defaultConfigFromMemory() (*EngineConfig, error) {
 			"/usr/lib/cri-o-runc/sbin/runc",
 			"/run/current-system/sw/bin/runc",
 		},
-		"crun": {
-			"/usr/bin/crun",
-			"/usr/sbin/crun",
-			"/usr/local/bin/crun",
-			"/usr/local/sbin/crun",
-			"/sbin/crun",
-			"/bin/crun",
-			"/run/current-system/sw/bin/crun",
-		},
 		"kata": {
 			"/usr/bin/kata-runtime",
 			"/usr/sbin/kata-runtime",
@@ -280,6 +279,9 @@ func defaultConfigFromMemory() (*EngineConfig, error) {
 			"/usr/bin/kata-fc",
 		},
 	}
+	// Needs to be called after populating c.OCIRuntimes
+	c.OCIRuntime = c.findRuntime()
+
 	c.ConmonEnvVars = []string{
 		"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
 	}
diff --git a/vendor/github.com/containers/common/pkg/seccomp/default_linux.go b/vendor/github.com/containers/common/pkg/seccomp/default_linux.go
index 09629724d..a127571b5 100644
--- a/vendor/github.com/containers/common/pkg/seccomp/default_linux.go
+++ b/vendor/github.com/containers/common/pkg/seccomp/default_linux.go
@@ -75,6 +75,7 @@ func DefaultProfile() *Seccomp {
 				"clock_nanosleep_time64",
 				"clone",
 				"close",
+				"close_range",
 				"connect",
 				"copy_file_range",
 				"creat",
@@ -226,6 +227,8 @@ func DefaultProfile() *Seccomp {
 				"openat2",
 				"pause",
 				"pidfd_getfd",
+				"pidfd_open",
+				"pidfd_send_signal",
 				"pipe",
 				"pipe2",
 				"pivot_root",
diff --git a/vendor/github.com/containers/common/pkg/seccomp/seccomp.json b/vendor/github.com/containers/common/pkg/seccomp/seccomp.json
index bb5956418..8fb509345 100644
--- a/vendor/github.com/containers/common/pkg/seccomp/seccomp.json
+++ b/vendor/github.com/containers/common/pkg/seccomp/seccomp.json
@@ -77,6 +77,7 @@
 				"clock_nanosleep_time64",
 				"clone",
 				"close",
+				"close_range",
 				"connect",
 				"copy_file_range",
 				"creat",
@@ -227,6 +228,8 @@
 				"openat2",
 				"pause",
 				"pidfd_getfd",
+				"pidfd_open",
+				"pidfd_send_signal",
 				"pipe",
 				"pipe2",
 				"pivot_root",
diff --git a/vendor/github.com/containers/common/version/version.go b/vendor/github.com/containers/common/version/version.go
index 8df453484..3d671171f 100644
--- a/vendor/github.com/containers/common/version/version.go
+++ b/vendor/github.com/containers/common/version/version.go
@@ -1,4 +1,4 @@
 package version
 
 // Version is the version of the build.
-const Version = "0.31.0"
+const Version = "0.31.2-dev"
-- 
cgit v1.2.3-54-g00ecf