222 lines
6.2 KiB
RPMSpec
222 lines
6.2 KiB
RPMSpec
%global goipath github.com/containerd/containerd
|
|
%global debug_package %{nil}
|
|
Version: 1.2.0
|
|
Name: containerd
|
|
Release: 317
|
|
Summary: An industry-standard container runtime
|
|
License: ASL 2.0
|
|
URL: https://containerd.io
|
|
Source0: https://github.com/containerd/containerd/archive/v1.2.0.zip
|
|
Source1: patch.tar.gz
|
|
Source2: apply-patch
|
|
Source3: series.conf
|
|
Source4: git-commit
|
|
Source5: gen-commit.sh
|
|
Source6: net.tar.gz
|
|
Source7: sys.tar.gz
|
|
|
|
BuildRequires: golang glibc-static make btrfs-progs-devel git
|
|
|
|
%description
|
|
containerd is an industry-standard container runtime with an emphasis on
|
|
simplicity, robustness and portability. It is available as a daemon for Linux
|
|
and Windows, which can manage the complete container lifecycle of its host
|
|
system: image transfer and storage, container execution and supervision,
|
|
low-level storage and network attachments, etc.
|
|
|
|
%prep
|
|
cp %{SOURCE0} .
|
|
cp %{SOURCE1} .
|
|
cp %{SOURCE2} .
|
|
cp %{SOURCE3} .
|
|
cp %{SOURCE4} .
|
|
|
|
%build
|
|
echo %{VERSION}.%{RELEASE} > containerd_version
|
|
bash ./apply-patch
|
|
%ifarch loongarch64
|
|
rm -rf vendor/golang.org/x/sys
|
|
rm -rf vendor/golang.org/x/net
|
|
tar -xf %{SOURCE6} -C vendor/golang.org/x/
|
|
tar -xf %{SOURCE7} -C vendor/golang.org/x/
|
|
%endif
|
|
|
|
%ifarch sw_64
|
|
cp -af %{_prefix}/lib/golang/src/cmd/vendor/golang.org/x/sys vendor/golang.org/x/
|
|
sed -i '/AAFS_MAGIC/aTIOCSWINSZ = 0x80087467' vendor/golang.org/x/sys/unix/zerrors_linux_sw64.go
|
|
sed -i '/SIGABRT /aSIGSTKFLT = syscall.Signal(0x10)' vendor/golang.org/x/sys/unix/zerrors_linux_sw64.go
|
|
%endif
|
|
|
|
GO_BUILD_PATH=$PWD/_build
|
|
install -m 0755 -vd $(dirname $GO_BUILD_PATH/src/%{goipath})
|
|
ln -fs $PWD $GO_BUILD_PATH/src/%{goipath}
|
|
cd $GO_BUILD_PATH/src/%{goipath}
|
|
export GO111MODULE=off
|
|
export GOPATH=$GO_BUILD_PATH:%{gopath}
|
|
export BUILDTAGS="no_btrfs no_cri"
|
|
%ifarch sw_64
|
|
sed -i 's/-buildmode=pie/-buildmode=exe/g' `grep buildmode=pie -rl .`
|
|
%endif
|
|
make
|
|
strip ./bin/containerd ./bin/containerd-shim ./bin/ctr
|
|
|
|
%install
|
|
install -d $RPM_BUILD_ROOT/%{_bindir}
|
|
install -p -m 755 bin/containerd $RPM_BUILD_ROOT/%{_bindir}/containerd
|
|
install -p -m 755 bin/containerd-shim $RPM_BUILD_ROOT/%{_bindir}/containerd-shim
|
|
install -p -m 755 bin/ctr $RPM_BUILD_ROOT/%{_bindir}/ctr
|
|
|
|
%files
|
|
%{_bindir}/containerd
|
|
%{_bindir}/containerd-shim
|
|
%{_bindir}/ctr
|
|
|
|
%changelog
|
|
* Tue Feb 06 2024 zhongjiawei<zhongjiawei1@huawei.com> - 1.2.0-317
|
|
- Type:bugfix
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC:update vendored golang.org/x/net
|
|
|
|
* Tue Jan 30 2024 zhongjiawei<zhongjiawei1@huawei.com> - 1.2.0-316
|
|
- Type:CVE
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC:fix CVE-2023-39325
|
|
|
|
* Thu Dec 21 2023 zhongjiawei<zhongjiawei1@huawei.com> - 1.2.0-315
|
|
- Type:bugfix
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC:sync some patches
|
|
|
|
* Wed Nov 08 2023 zhongjiawei<zhongjiawei1@huawei.com> - 1.2.0-314
|
|
- Type:bugfix
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC:bump ttrpc to fix containerd-shim socket connect increase leak after restart docker
|
|
|
|
* Tue Sep 19 2023 zhongjiawei<zhongjiawei1@huawei.com> - 1.2.0-313
|
|
- Type:bugfix
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC:sync some patches
|
|
|
|
* Thu Aug 10 2023 herengui <herengui@kylinsec.com.cn> - 1.2.0-312
|
|
- Type:bugfix
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC:add sw_64 support
|
|
|
|
* Sat Jun 17 2023 zhongjiawei<zhongjiawei1@huawei.com> - 1.2.0-311
|
|
- Type:bugfix
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC:fix journald stop container shim log stuck bug
|
|
|
|
* Tue Apr 18 2023 yangchenguang <yangchenguang@kylinsec.com.cn> - 1.2.0-310
|
|
- Sync 2203 loongarch support for containerd patch file
|
|
|
|
* Mon Feb 27 2023 zhongjiawei<zhongjiawei1@huawei.com> - 1.2.0-309
|
|
- Type:CVE
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC:fix CVE-2023-25153 and CVE-2023-25173
|
|
|
|
* Thu Dec 16 2022 zhongjiawei<zhongjiawei1@huawei.com> - 1.2.0-308
|
|
- Type:bugfix
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC:fix k8s build fail without import context
|
|
|
|
* Tue Dec 13 2022 zhongjiawei<zhongjiawei1@huawei.com> - 1.2.0-307
|
|
- Type:bugfix
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC: Fix goroutine leak in Exec
|
|
|
|
* Wed Nov 16 2022 zhongjiawei<zhongjiawei1@huawei.com> - 1.2.0-306
|
|
- Type:bugfix
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC: add ctr binary into package
|
|
|
|
* Wed Nov 16 2022 zhongjiawei<zhongjiawei1@huawei.com> - 1.2.0-305
|
|
- Type:bugfix
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC: fix version number wrong
|
|
|
|
* Thu Sep 22 2022 zhongjiawei<zhongjiawei1@huawei.com> - 1.2.0-304
|
|
- Type:bugfix
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC: bugfix and add CGO security build option
|
|
|
|
* Mon Jul 4 2022 zhongjiawei<zhongjiawei1@huawei.com> - 1.2.0-303
|
|
- Type:bugfix
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC: Limit the response size of ExecSync to fix CVE-2022-31030
|
|
|
|
* Wed Jun 22 2022 zhangsong234<zhangsong34@huawei.com> - 1.2.0-302
|
|
- Type:bugfix
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC:put get pid lock after set process exited to avoid deadlock
|
|
|
|
* Tue May 10 2022 Vanient<xiadanni1@huawei.com> - 1.2.0-301
|
|
- Type:bugfix
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC:Use fs.RootPath when mounting volumes for bundle dir to fix CVE-2022-23648
|
|
|
|
* Sat Jan 22 2022 songyanting<songyanting@huawei.com> - 1.2.0-300
|
|
- Type:bugfix
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC:sync bugfix, include
|
|
1. add check in spec
|
|
2. kill container init process if runc start returns error
|
|
3. fix containerd-shim residual when kill containerd durin
|
|
4. fix deadlock on commit error
|
|
5. backport upstream & ttrpc patches
|
|
6. fix exec event missing due to pid reuse
|
|
7. fix dm left when pause container and kill shim
|
|
8. add CGO security build options
|
|
9. fix start container failed with id exists
|
|
10. drop opt package
|
|
11. fix race access for mobySubscribed
|
|
12. improve log for debugging
|
|
13. reduce permission for bundle dir
|
|
14. fix publish command wait block forever
|
|
|
|
* Mon Jan 10 2022 xiadanni<xiadanni1@huawei.com> - 1.2.0-109
|
|
- Type:bugfix
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC:disable go module build
|
|
|
|
* Thu Mar 18 2021 xiadanni<xiadanni1@huawei.com> - 1.2.0-108
|
|
- Type:bugfix
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC:compile option compliance
|
|
|
|
* Thu Mar 18 2021 xiadanni<xiadanni1@huawei.com> - 1.2.0-107
|
|
- Type:bugfix
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC:sync bugfix, include
|
|
1. check task list to avoid unnecessary cleanup.
|
|
2. fix dead loop
|
|
3. cleanup dangling shim by brand new context
|
|
4. fix potential panic for task in unknown state
|
|
|
|
* Fri Dec 11 2020 yangyanchao <yangyanchao6@huawei.com> 1.2.0-106
|
|
- Type:requirement
|
|
- ID:NA
|
|
- CVE:NA
|
|
- SUG:restart
|
|
- DESC:containerd:vendor:add some symbol to support riscv
|