Packages changed: btrfsprogs gpgme libcontainers-common podman (1.5.1 -> 1.6.1) systemd === Details === ==== btrfsprogs ==== Subpackages: btrfsprogs-udev-rules libbtrfs0 - Enable build of python-bindings for libbtrfsutil ==== gpgme ==== - Build qt bindings separately to avoid build cycle with samba/libsoup. ==== libcontainers-common ==== - Update to image 4.0.0 - Add http response to log - Add tests for parsing OpenShift kubeconfig files - Compress: define some consts for the compression algos - Compression: add support for the zstd - Compression: allow to specify the compression format - Copy: add nil checks - Copy: compression: default to gzip - Copy: don't lose annotations of BlobInfo - Copy: fix options.DestinationCtx nil check - Copy: use a bigger buffer for the compression - Fix cross-compilation by vendoring latest c/storage - Internal/testing/explicitfilepath-tmpdir: handle unset TMPDIR - Keyctl: clean up after tests - Make container tools work with go+openssl - Make test-skopeo: replace c/image module instead of copying code - Media type checks - Move keyctl to internal & func remove auth from keyring - Replace vendor.conf by go.mod - Update dependencies - Update test certificates - Update to mergo v0.3.5 - Vendor.conf: update reference for containers/storage - Update to storage 1.13.4 - Update generated files - ImageBigData: distinguish between no-such-image and no-such-item - ImageSize: don't get tripped up by images with no layers - tarlogger: disable raw accouting - Update to libpod 1.6.0 - Nothing changed regarding the OCI hooks documentation provided by this package ==== podman ==== Version update (1.5.1 -> 1.6.1) Subpackages: podman-cni-config - Update podman to v1.6.1 * Features - The podman network create, podman network rm, podman network inspect, and podman network ls commands have been added to manage CNI networks used by Podman - The podman volume create command can now create and mount volumes with options, allowing volumes backed by NFS, tmpfs, and many other filesystems - Podman can now run containers without CGroups for better integration with systemd by using the --cgroups=disabled flag with podman create and podman run. This is presently only supported with the crun OCI runtime - The podman volume rm and podman volume inspect commands can now refer to volumes by an unambiguous partial name, in addition to full name (e.g. podman volume rm myvol to remove a volume named myvolume) (#3891) - The podman run and podman create commands now support the - -pull flag to allow forced re-pulling of images (#3734) - Mounting volumes into a container using --volume, --mount, and - -tmpfs now allows the suid, dev, and exec mount options (the inverse of nosuid, nodev, noexec) (#3819) - Mounting volumes into a container using --mount now allows the relabel=Z and relabel=z options to relabel mounts. - The podman push command now supports the --digestfile option to save a file containing the pushed digest - Pods can now have their hostname set via podman pod create - -hostname or providing Pod YAML with a hostname set to podman play kube (#3732) - The podman image sign command now supports the --cert-dir flag - The podman run and podman create commands now support the - -security-opt label=filetype:$LABEL flag to set the SELinux label for container files - The remote Podman client now supports healthchecks * Bugfixes - Fixed a bug where remote podman pull would panic if a Varlink connection was not available (#4013) - Fixed a bug where podman exec would not properly set terminal size when creating a new exec session (#3903) - Fixed a bug where podman exec would not clean up socket symlinks on the host (#3962) - Fixed a bug where Podman could not run systemd in containers that created a CGroup namespace - Fixed a bug where podman prune -a would attempt to prune images used by Buildah and CRI-O, causing errors (#3983) - Fixed a bug where improper permissions on the ~/.config directory could cause rootless Podman to use an incorrect directory for storing some files - Fixed a bug where the bash completions for podman import threw errors - Fixed a bug where Podman volumes created with podman volume create would not copy the contents of their mountpoint the first time they were mounted into a container (#3945) - Fixed a bug where rootless Podman could not run podman exec when the container was not run inside a CGroup owned by the user (#3937) - Fixed a bug where podman play kube would panic when given Pod YAML without a securityContext (#3956) - Fixed a bug where Podman would place files incorrectly when storage.conf configuration items were set to the empty string (#3952) - Fixed a bug where podman build did not correctly inherit Podman's CGroup configuration, causing crashed on CGroups V2 systems (#3938) - Fixed a bug where podman cp would improperly copy files on the host when copying a symlink in the container that included a glob operator (#3829) - Fixed a bug where remote podman run --rm would exit before the container was completely removed, allowing race conditions when removing container resources (#3870) - Fixed a bug where rootless Podman would not properly handle changes to /etc/subuid and /etc/subgid after a container was launched - Fixed a bug where rootless Podman could not include some devices in a container using the --device flag (#3905) - Fixed a bug where the commit Varlink API would segfault if provided incorrect arguments (#3897) - Fixed a bug where temporary files were not properly cleaned up after a build using remote Podman (#3869) - Fixed a bug where podman remote cp crashed instead of reporting it was not yet supported (#3861) - Fixed a bug where podman exec would run as the wrong user when execing into a container was started from an image with Dockerfile USER (or a user specified via podman run --user) (#3838) - Fixed a bug where images pulled using the oci: transport would be improperly named - Fixed a bug where podman varlink would hang when managed by systemd due to SD_NOTIFY support conflicting with Varlink (#3572) - Fixed a bug where mounts to the same destination would sometimes not trigger a conflict, causing a race as to which was actually mounted - Fixed a bug where podman exec --preserve-fds caused Podman to hang (#4020) - Fixed a bug where removing an unmounted container that was unmounted might sometimes not properly clean up the container (#4033) - Fixed a bug where the Varlink server would freeze when run in a systemd unit file (#4005) - Fixed a bug where Podman would not properly set the $HOME environment variable when the OCI runtime did not set it - Fixed a bug where rootless Podman would incorrectly print warning messages when an OCI runtime was not found (#4012) - Fixed a bug where named volumes would conflict with, instead of overriding, tmpfs filesystems added by the --read-only-tmpfs flag to podman create and podman run - Fixed a bug where podman cp would incorrectly make the target directory when copying to a symlink which pointed to a nonexistent directory (#3894) - Fixed a bug where remote Podman would incorrectly read STDIN when the -i flag was not set (#4095) - Fixed a bug where podman play kube would create an empty pod when given an unsupported YAML type (#4093) - Fixed a bug where podman import --change improperly parsed CMD (#4000) - Fixed a bug where rootless Podman on systems using CGroups V2 would not function with the cgroupfs CGroups manager - Fixed a bug where rootless Podman could not correctly identify the DBus session address, causing containers to fail to start (#4162) - Fixed a bug where rootless Podman with slirp4netns networking would fail to start containers due to mount leaks * Misc - Significant changes were made to Podman volumes in this release. If you have pre-existing volumes, it is strongly recommended to run podman system renumber after upgrading. - Version 0.8.1 or greater of the CNI Plugins is now required for Podman - Version 2.0.1 or greater of Conmon is strongly recommended - Updated vendored Buildah to v1.11.2 - Updated vendored containers/storage library to v1.13.4 - Improved error messages when trying to create a pod with no name via podman play kube - Improved error messages when trying to run podman pause or podman stats on a rootless container on a system without CGroups V2 enabled - TMPDIR has been set to /var/tmp by default to better handle large temporary files - podman wait has been optimized to detect stopped containers more rapidly - Podman containers now include a ContainerManager annotation indicating they were created by libpod - The podman info command now includes information about slirp4netns and fuse-overlayfs if they are available - Podman no longer sets a default size of 65kb for tmpfs filesystems - The default Podman CNI network has been renamed in an attempt to prevent conflicts with CRI-O when both are run on the same system. This should only take effect on system restart - The output of podman volume inspect has been more closely matched to docker volume inspect ==== systemd ==== Subpackages: libsystemd0 libudev1 systemd-logger systemd-sysvinit udev - Add 0001-compat-rules-escape-when-used-for-shell-expansion.patch (bsc#1153648) Added to the quaratine area to avoid uploading a new tar ball just for that single change. It will be dropped during the next import. - don't package locales in -mini package - Import commit 428b937f917ae177f2315e8469800941885e441a 0026b58744 pid1: fix DefaultTasksMax initialization - Import commit ed81f69153488279957268e247a5c81b678da491 (changes from v243-stable) fab6f010ac dhcp6: use unaligned_read_be32() f2d9af4322 dhcp6: add missing option length check ccf797511e ndisc: make first solicit delayed randomly f2275b6e12 dhcp6: read OPTION_INFORMATION_REFRESH_TIME option 6dfbe58ee7 l10n: update Czech Translation d4cd0e9d32 sd-radv: if lifetime < SD_RADV_DEFAULT_MAX_TIMEOUT_USEC, adjust timeout (#13491) dbefe59259 polkit: fix typo a321507476 sd-netlink: fix invalid assertion 45dca7fe86 network: do not enter failed state if device's sysfs entry does not exist yet dd83d58796 network: add missing link->network checks b294305888 path: stop watching path specs once we triggered the target unit 2cd636c437 hwdb: add Medion Akoya E2292 (#13498) d133bdd1fa po: update Brazilian Portuguese translation 530e09b594 po: update Polish translation 0c5c3e34c1 polkit: change "revert settings" to "reset settings" 73e0f372d8 man: fix description of ARPIntervalSec= units 5412cc54a1 hwdb: axis override for Dell 9360 touchpad 9d4e658529 test: drop the missed || exit 1 expression 7ed7ea82f6 udevadm: use usec_add() 477bf86c91 udevadm: missing initialization of descriptor 19ac31c989 networkd: unbreak routing_policy_rule_compare_func() a20a2157a8 core: coldplug possible nop_job eb55241742 tty-ask-pwd-agent: fix message forwarded to wall(1) 1a3c53c06c core: Fix setting StatusUnitFormat from config files 91db81e4dd network DHCP4: Dont mislead the logs. 6af590838b Update m4 for selective utmp support. modified: tmpfiles.d/systemd.conf.m4 6823c907cf core: restore initialization of u->source_mtime 29308bcc13 mount-setup: relabel items mentioned directly in relabel-extra.d 8ca1e56165 Call getgroups() to know size of supplementary groups array to allocate 5d84a7ad1c test: add test cases for empty string match 1536348cc8 udev: fix multi match 3ccafef0ad man: move TimeoutCleanSec= entry from .service to .exec 8c0c30a820 zsh: udpate bootctl completions 0556c247a2 resolved: fix abort when recv() returns 0 9a25d75520 man: remove repeated words be3be29347 hwdb: Also mark lis3lv02d sensors in "HP" laptops as being in the base 4b92ffccaa udev: also logs file permission 75a2845e5a udev: add missing flag for OPTIONS=static_node 19e9fc4262 network: do not abort execution when a config file cannot be loaded 3e1267cf50 fileio: update warning message 1b3156edd2 pstore: fix use after free f500d2fa81 journal: Make the output of --update-catalog deterministic 64d0f7042d travis: protect the systemd organization on Fuzzit from forks 4247938ee1 hwdb: Mark lis3lv02d sensors in HP laptops as being in the base 379158684a po: update Japanese translation 31e1bbd1ca docs: fix push recipe in RELEASE.md f06530d86b man/systemctl.xml: fix missing "not" 22aba2b969 docs: fix typo in boot loader doc 000e08ca70 pstore: fix typo in error message - directoy -> directory f7f9c69ac5 Fix typo in comment: overide -> override ca8ba8f8c0 po: update Polish translation