diff --git a/lxc-3.0.4-cgroups-fix-cpuset-init.patch b/lxc-3.0.4-cgroups-fix-cpuset-init.patch deleted file mode 100644 index 4aee19a..0000000 --- a/lxc-3.0.4-cgroups-fix-cpuset-init.patch +++ /dev/null @@ -1,60 +0,0 @@ -From b9071a6dab43631d65ccf7cbb9c6f39769c86f09 Mon Sep 17 00:00:00 2001 -From: Christian Brauner -Date: Wed, 3 Jul 2019 17:57:48 +0200 -Subject: [PATCH] cgroups: hande cpuset initialization race - -Signed-off-by: Christian Brauner ---- - src/lxc/cgroups/cgfsng.c | 6 ++---- - 1 file changed, 2 insertions(+), 4 deletions(-) - -diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c -index 95a87d5aa9..a6e2d51b11 100644 ---- a/src/lxc/cgroups/cgfsng.c -+++ b/src/lxc/cgroups/cgfsng.c -@@ -612,10 +612,8 @@ static bool cg_legacy_handle_cpuset_hierarchy(struct hierarchy *h, char *cgname) - } - - /* Already set for us by someone else. */ -- if (v == '1') { -- DEBUG("\"cgroup.clone_children\" was already set to \"1\""); -- return true; -- } -+ if (v == '1') -+ TRACE("\"cgroup.clone_children\" was already set to \"1\""); - - /* copy parent's settings */ - if (!copy_parent_file(cgpath, "cpuset.mems")) { -From a29e5dc592481e7fc76a6c97ee62b4f9ef6f8b0e Mon Sep 17 00:00:00 2001 -From: Christian Brauner -Date: Sun, 28 Jul 2019 23:13:26 +0200 -Subject: [PATCH] cgroups: initialize cpuset properly - -Closes #3108. -Signed-off-by: Christian Brauner ---- - src/lxc/cgroups/cgfsng.c | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c -index a6e2d51b11..f341f06332 100644 ---- a/src/lxc/cgroups/cgfsng.c -+++ b/src/lxc/cgroups/cgfsng.c -@@ -496,12 +496,12 @@ static bool cg_legacy_filter_and_set_cpus(char *path, bool am_initialized) - } - - if (!flipped_bit) { -- DEBUG("No isolated or offline cpus present in cpuset"); -- return true; -+ cpulist = lxc_cpumask_to_cpulist(possmask, maxposs); -+ TRACE("No isolated or offline cpus present in cpuset"); -+ } else { -+ cpulist = move_ptr(posscpus); -+ TRACE("Removed isolated or offline cpus from cpuset"); - } -- DEBUG("Removed isolated or offline cpus from cpuset"); -- -- cpulist = lxc_cpumask_to_cpulist(possmask, maxposs); - if (!cpulist) { - ERROR("Failed to create cpu list"); - return false; diff --git a/lxc.spec b/lxc.spec index 91cf1e5..7bb43d5 100644 --- a/lxc.spec +++ b/lxc.spec @@ -10,17 +10,14 @@ %endif Name: lxc -Version: 3.0.4 -Release: 2%{?dist} +Version: 3.2.1 +Release: 1%{?dist} Summary: Linux Resource Containers License: LGPLv2+ and GPLv2 URL: http://linuxcontainers.org/lxc Source0: http://linuxcontainers.org/downloads/%{name}-%{version}.tar.gz Patch0: lxc-2.0.7-fix-init.patch Patch1: lxc-2.0.6-fix-lxc-net.patch -# upstream commits b9071a6 and a29e5dc -# see also https://github.com/lxc/lxc/issues/3118 -Patch2: lxc-3.0.4-cgroups-fix-cpuset-init.patch BuildRequires: docbook2X BuildRequires: doxygen BuildRequires: kernel-headers @@ -29,6 +26,8 @@ BuildRequires: libselinux-devel BuildRequires: pkgconfig(libseccomp) %endif # with_seccomp BuildRequires: libcap-devel +BuildRequires: pam-devel +BuildRequires: openssl-devel BuildRequires: libtool BuildRequires: systemd BuildRequires: pkgconfig(bash-completion) @@ -124,6 +123,9 @@ autoreconf -vif --disable-static \ --disable-apparmor \ --enable-selinux \ + --enable-capabilities \ + --enable-pam \ + --enable-openssl \ %if 0%{?with_seccomp} --enable-seccomp \ %endif # with_seccomp @@ -226,6 +228,7 @@ make check %{_unitdir}/%{name}@.service %{_unitdir}/%{name}-net.service %dir %{_localstatedir}/cache/%{name} +/%{_lib}/security/pam_cgfs.so %files templates @@ -248,6 +251,11 @@ make check %changelog +* Sun Dec 15 2019 Thomas Moschny - 3.2.1-1 +- Update to 3.2.1. +- Include pam_cgfs. +- Use OpenSSL. + * Mon Sep 9 2019 Thomas Moschny - 3.0.4-2 - Add patches to fix cgroups cpuset initialization (rhbz#1750031). diff --git a/sources b/sources index 7983f18..ca18116 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (lxc-3.0.4.tar.gz) = 6e58a2822abb2709c9d37aa4d741f98231a89387c48f81d4c7205648a5792f984b9d3e8e25bee530dcaf524f0c5716357d25c2b8024345a9507a2bc69134cb14 +SHA512 (lxc-3.2.1.tar.gz) = 4b3046fc6c4aa497fb26bd45839e60de503184af86d3966e796d14e619203536b9a9ed67bdcd8a108cf1a548f8d095fb46dff53094a08abd8d268c866db685c0