%global with_debug 1
%global with_check 0
%bcond_without varlink
%if 0%{?with_debug}
%global _find_debuginfo_dwz_opts %{nil}
%global _dwz_low_mem_die_limit 0
%else
%global debug_package %{nil}
%endif
%if 0%{?rhel} <= 7 && ! 0%{?fedora}
%define gobuild(o:) scl enable go-toolset-1.12 -- go build -buildmode pie -compiler gc -tags="rpm_crashtraceback libtrust_openssl ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-} -compressdwarf=false -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '%__global_ldflags'" -a -v %{?**};
%define gogenerate(o:) scl enable go-toolset-1.12 -- go generate %{?**};
%else
%define gobuild(o:) go build -buildmode pie -compiler gc -tags="rpm_crashtraceback libtrust_openssl ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-} -compressdwarf=false -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '%__global_ldflags'" -a -v %{?**};
%global gogenerate go generate
%endif
%global provider github
%global provider_tld com
%global project containers
%global repo libpod
# https://github.com/containers/libpod
%global provider_prefix %{provider}.%{provider_tld}/%{project}/%{repo}
%global import_path %{provider_prefix}
%global git0 https://%{provider}.%{provider_tld}/%{project}/%{repo}
%global commit0 5cc92849f7fc9dd734ca2fd8f3ae8830b9a7eb26
%global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
Name: podman
Version: 1.6.4
Release: 27%{?dist}
Summary: Manage Pods, Containers and Container Images
ExcludeArch: %{ix86} s390 ppc ppc64
License: ASL 2.0
URL: https://%{name}.io/
Source0: %{git0}/archive/%{commit0}/%{repo}-%{shortcommit0}.tar.gz
Patch0: podman-1792243.patch
Patch1: https://patch-diff.githubusercontent.com/raw/containers/libpod/pull/5085.patch
Patch2: podman-CVE-2020-1726.patch
# related bug: https://bugzilla.redhat.com/show_bug.cgi?id=1784950
# backported: https://patch-diff.githubusercontent.com/raw/containers/buildah/pull/2031.patch
Patch3: podman-1784950.patch
# related bug: https://bugzilla.redhat.com/show_bug.cgi?id=1805212
# backported: https://github.com/containers/libpod/pull/5348/commits/6c97e0d5c140d587e5477d478159e91b8adcfd15.patch
Patch4: podman-1805212.patch
# related bug: https://bugzilla.redhat.com/show_bug.cgi?id=1807379
# patch: https://github.com/containers/libpod/pull/4818.patch
Patch5: podman-1807379.patch
# related bug: https://bugzilla.redhat.com/show_bug.cgi?id=1775647
# patch: https://patch-diff.githubusercontent.com/raw/containers/libpod/pull/4493.patch
Patch6: podman-1775647.patch
# related bug: https://bugzilla.redhat.com/show_bug.cgi?id=1807310
# patch: https://github.com/containers/libpod/pull/5349.patch
Patch7: podman-1807310.patch
# related bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1702
# patch: https://patch-diff.githubusercontent.com/raw/containers/libpod/pull/5096.patch
Patch8: podman-CVE-2020-1702.patch
# tracker bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10696
# backported: https://github.com/containers/buildah/commit/c61925b8936e93a5e900f91b653a846f7ea3a9ed.patch
Patch9: podman-CVE-2020-10696.patch
# tracker bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-8945
# backported: https://github.com/containers/skopeo/pull/825.patch
Patch10: podman-CVE-2020-8945.patch
# related bug: https://bugzilla.redhat.com/show_bug.cgi?id=1853326
Patch11: 0001-bump-github.com-containers-buildah-to-v1.11.5.patch
# related bug: https://bugzilla.redhat.com/show_bug.cgi?id=1860506
# backported: https://github.com/containers/podman/pull/7306.patch
Patch12: podman-1860506.patch
# tracker bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14040
# backported: https://github.com/containers/podman/commit/9c7c476cc49687e9f6aa34c7ef0524753e0ec30a.patch
Patch13: podman-CVE-2020-14040.patch
# related bug: https://bugzilla.redhat.com/show_bug.cgi?id=1877699
# patch: https://github.com/containers/podman/commit/b65de0f71c33ae1d3558132261f159e321c8edf1.patch
Patch14: podman-1877699.patch
# tracker bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14370
# patch: 0001-Fix-CVE-2020-14370.patch
Patch15: podman-CVE-2020-14370.patch
Patch16: podman-1895027.patch
Provides: %{name}-manpages = %{version}-%{release}
Obsoletes: %{name}-manpages < %{version}-%{release}
%if 0%{?rhel} <= 7 && ! 0%{?fedora}
BuildRequires: go-toolset-1.12
%else
BuildRequires: golang >= 1.12.12-4
%endif
BuildRequires: glib2-devel
BuildRequires: glibc-devel
BuildRequires: glibc-static
BuildRequires: git
BuildRequires: go-md2man
BuildRequires: gpgme-devel
BuildRequires: libassuan-devel
BuildRequires: libgpg-error-devel
BuildRequires: libseccomp-devel
BuildRequires: libselinux-devel
BuildRequires: ostree-devel
BuildRequires: pkgconfig
BuildRequires: make
BuildRequires: systemd
BuildRequires: systemd-devel
Requires: containers-common >= 0.1.29-3
Requires: containernetworking-plugins >= 0.8.1-1
Requires: iptables
Requires: nftables
Requires: libseccomp
Requires: conmon
Requires: container-selinux
Requires: slirp4netns >= 0.4.0-1
Requires: runc >= 1.0.0-57
Requires: fuse-overlayfs
# vendored libraries
# awk '{print "Provides: bundled(golang("$1")) = "$2}' vendor.conf | sort
# [thanks to Carl George <carl@george.computer> for containerd.spec]
Provides: bundled(golang(github.com/Azure/go-ansiterm)) = 19f72df4d05d31cbe1c56bfc8045c96babff6c7e
Provides: bundled(golang(github.com/blang/semver)) = v3.5.0
Provides: bundled(golang(github.com/boltdb/bolt)) = master
Provides: bundled(golang(github.com/buger/goterm)) = 2f8dfbc7dbbff5dd1d391ed91482c24df243b2d3
Provides: bundled(golang(github.com/BurntSushi/toml)) = v0.2.0
Provides: bundled(golang(github.com/containerd/cgroups)) = 58556f5ad8448d99a6f7bea69ea4bdb7747cfeb0
Provides: bundled(golang(github.com/containerd/continuity)) = master
#Provides: bundled(golang(github.com/containernetworking/cni)) = v0.7.0-alpha1
Provides: bundled(golang(github.com/containernetworking/plugins)) = 1562a1e60ed101aacc5e08ed9dbeba8e9f3d4ec1
Provides: bundled(golang(github.com/containers/image)) = 85d7559d44fd71f30e46e43d809bfbf88d11d916
Provides: bundled(golang(github.com/containers/psgo)) = 5dde6da0bc8831b35243a847625bcf18183bd1ee
Provides: bundled(golang(github.com/containers/storage)) = 243c4cd616afdf06b4a975f18c4db083d26b1641
Provides: bundled(golang(github.com/coreos/go-iptables)) = 25d087f3cffd9aedc0c2b7eff25f23cbf3c20fe1
Provides: bundled(golang(github.com/coreos/go-systemd)) = v14
Provides: bundled(golang(github.com/cri-o/ocicni)) = master
Provides: bundled(golang(github.com/cyphar/filepath-securejoin)) = v0.2.1
Provides: bundled(golang(github.com/davecgh/go-spew)) = v1.1.0
Provides: bundled(golang(github.com/docker/distribution)) = 7a8efe719e55bbfaff7bc5718cdf0ed51ca821df
Provides: bundled(golang(github.com/docker/docker)) = 86f080cff0914e9694068ed78d503701667c4c00
Provides: bundled(golang(github.com/docker/docker-credential-helpers)) = d68f9aeca33f5fd3f08eeae5e9d175edf4e731d1
Provides: bundled(golang(github.com/docker/go-connections)) = 3ede32e2033de7505e6500d6c868c2b9ed9f169d
Provides: bundled(golang(github.com/docker/go-units)) = v0.3.2
Provides: bundled(golang(github.com/docker/libtrust)) = aabc10ec26b754e797f9028f4589c5b7bd90dc20
Provides: bundled(golang(github.com/docker/spdystream)) = ed496381df8283605c435b86d4fdd6f4f20b8c6e
Provides: bundled(golang(github.com/fatih/camelcase)) = f6a740d52f961c60348ebb109adde9f4635d7540
Provides: bundled(golang(github.com/fsnotify/fsnotify)) = 7d7316ed6e1ed2de075aab8dfc76de5d158d66e1
Provides: bundled(golang(github.com/fsouza/go-dockerclient)) = master
Provides: bundled(golang(github.com/ghodss/yaml)) = 04f313413ffd65ce25f2541bfd2b2ceec5c0908c
Provides: bundled(golang(github.com/godbus/dbus)) = a389bdde4dd695d414e47b755e95e72b7826432c
Provides: bundled(golang(github.com/gogo/protobuf)) = c0656edd0d9eab7c66d1eb0c568f9039345796f7
Provides: bundled(golang(github.com/golang/glog)) = 23def4e6c14b4da8ac2ed8007337bc5eb5007998
Provides: bundled(golang(github.com/golang/groupcache)) = b710c8433bd175204919eb38776e944233235d03
Provides: bundled(golang(github.com/golang/protobuf)) = 4bd1920723d7b7c925de087aa32e2187708897f7
Provides: bundled(golang(github.com/googleapis/gnostic)) = 0c5108395e2debce0d731cf0287ddf7242066aba
Provides: bundled(golang(github.com/google/gofuzz)) = 44d81051d367757e1c7c6a5a86423ece9afcf63c
Provides: bundled(golang(github.com/gorilla/context)) = v1.1
Provides: bundled(golang(github.com/gorilla/mux)) = v1.3.0
Provides: bundled(golang(github.com/hashicorp/errwrap)) = 7554cd9344cec97297fa6649b055a8c98c2a1e55
Provides: bundled(golang(github.com/hashicorp/golang-lru)) = 0a025b7e63adc15a622f29b0b2c4c3848243bbf6
Provides: bundled(golang(github.com/hashicorp/go-multierror)) = 83588e72410abfbe4df460eeb6f30841ae47d4c4
Provides: bundled(golang(github.com/imdario/mergo)) = 0.2.2
Provides: bundled(golang(github.com/json-iterator/go)) = 1.0.0
Provides: bundled(golang(github.com/kr/pty)) = v1.0.0
Provides: bundled(golang(github.com/mailru/easyjson)) = 03f2033d19d5860aef995fe360ac7d395cd8ce65
Provides: bundled(golang(github.com/mattn/go-runewidth)) = v0.0.1
Provides: bundled(golang(github.com/Microsoft/go-winio)) = 78439966b38d69bf38227fbf57ac8a6fee70f69a
Provides: bundled(golang(github.com/Microsoft/hcsshim)) = 43f9725307998e09f2e3816c2c0c36dc98f0c982
Provides: bundled(golang(github.com/mistifyio/go-zfs)) = v2.1.1
Provides: bundled(golang(github.com/mrunalp/fileutils)) = master
Provides: bundled(golang(github.com/mtrmac/gpgme)) = b2432428689ca58c2b8e8dea9449d3295cf96fc9
Provides: bundled(golang(github.com/Nvveen/Gotty)) = master
#Provides: bundled(golang(github.com/opencontainers/go-digest)) = v1.0.0-rc0
Provides: bundled(golang(github.com/opencontainers/image-spec)) = v1.0.0
Provides: bundled(golang(github.com/opencontainers/runc)) = b4e2ecb452d9ee4381137cc0a7e6715b96bed6de
Provides: bundled(golang(github.com/opencontainers/runtime-spec)) = d810dbc60d8c5aeeb3d054bd1132fab2121968ce
Provides: bundled(golang(github.com/opencontainers/runtime-tools)) = master
Provides: bundled(golang(github.com/opencontainers/selinux)) = b6fa367ed7f534f9ba25391cc2d467085dbb445a
Provides: bundled(golang(github.com/openshift/imagebuilder)) = master
Provides: bundled(golang(github.com/ostreedev/ostree-go)) = master
Provides: bundled(golang(github.com/pkg/errors)) = v0.8.0
Provides: bundled(golang(github.com/pmezard/go-difflib)) = 792786c7400a136282c1664665ae0a8db921c6c2
Provides: bundled(golang(github.com/pquerna/ffjson)) = d49c2bc1aa135aad0c6f4fc2056623ec78f5d5ac
Provides: bundled(golang(github.com/projectatomic/buildah)) = af5bbde0180026ae87b7fc81c2dc124aa73ec959
Provides: bundled(golang(github.com/seccomp/containers-golang)) = master
Provides: bundled(golang(github.com/seccomp/libseccomp-golang)) = v0.9.0
Provides: bundled(golang(github.com/sirupsen/logrus)) = v1.0.0
Provides: bundled(golang(github.com/spf13/pflag)) = 9ff6c6923cfffbcd502984b8e0c80539a94968b7
Provides: bundled(golang(github.com/stretchr/testify)) = 4d4bfba8f1d1027c4fdbe371823030df51419987
Provides: bundled(golang(github.com/syndtr/gocapability)) = e7cb7fa329f456b3855136a2642b197bad7366ba
Provides: bundled(golang(github.com/tchap/go-patricia)) = v2.2.6
Provides: bundled(golang(github.com/ulikunitz/xz)) = v0.5.4
Provides: bundled(golang(github.com/ulule/deepcopier)) = master
Provides: bundled(golang(github.com/urfave/cli)) = 934abfb2f102315b5794e15ebc7949e4ca253920
Provides: bundled(golang(github.com/varlink/go)) = master
Provides: bundled(golang(github.com/vbatts/tar-split)) = v0.10.2
Provides: bundled(golang(github.com/vishvananda/netlink)) = master
Provides: bundled(golang(github.com/vishvananda/netns)) = master
Provides: bundled(golang(github.com/xeipuuv/gojsonpointer)) = master
Provides: bundled(golang(github.com/xeipuuv/gojsonreference)) = master
Provides: bundled(golang(github.com/xeipuuv/gojsonschema)) = master
Provides: bundled(golang(golang.org/x/crypto)) = 81e90905daefcd6fd217b62423c0908922eadb30
Provides: bundled(golang(golang.org/x/net)) = c427ad74c6d7a814201695e9ffde0c5d400a7674
Provides: bundled(golang(golang.org/x/sys)) = master
Provides: bundled(golang(golang.org/x/text)) = f72d8390a633d5dfb0cc84043294db9f6c935756
Provides: bundled(golang(golang.org/x/time)) = f51c12702a4d776e4c1fa9b0fabab841babae631
Provides: bundled(golang(google.golang.org/grpc)) = v1.0.4
Provides: bundled(golang(gopkg.in/cheggaaa/pb.v1)) = v1.0.7
Provides: bundled(golang(gopkg.in/inf.v0)) = v0.9.0
Provides: bundled(golang(gopkg.in/mgo.v2)) = v2
Provides: bundled(golang(gopkg.in/square/go-jose.v2)) = v2.1.3
Provides: bundled(golang(gopkg.in/yaml.v2)) = v2
Provides: bundled(golang(k8s.io/api)) = 5ce4aa0bf2f097f6021127b3d879eeda82026be8
Provides: bundled(golang(k8s.io/apiextensions-apiserver)) = 1b31e26d82f1ec2e945c560790e98f34bb5f2e63
Provides: bundled(golang(k8s.io/apimachinery)) = 616b23029fa3dc3e0ccefd47963f5651a6543d94
Provides: bundled(golang(k8s.io/apiserver)) = 4d1163080139f1f9094baf8a3a6099e85e1867f6
Provides: bundled(golang(k8s.io/client-go)) = 7cd1d3291b7d9b1e2d54d4b69eb65995eaf8888e
Provides: bundled(golang(k8s.io/kube-openapi)) = 275e2ce91dec4c05a4094a7b1daee5560b555ac9
Provides: bundled(golang(k8s.io/utils)) = 258e2a2fa64568210fbd6267cf1d8fd87c3cb86e
%description
%{name} (Pod Manager) is a fully featured container engine that is a simple daemonless tool. %{name} provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=%{name}. Most %{name} commands can be run as a regular user, without requiring additional privileges.
%{name} uses Buildah(1) internally to create container images. Both tools share image (not container) storage, hence each can use or manipulate images (but not containers) created by the other.
%{summary}
%{repo} Simple management tool for pods, containers and images
%package docker
Summary: Emulate Docker CLI using %{name}
BuildArch: noarch
Requires: %{name} = %{version}-%{release}
Conflicts: docker
Conflicts: docker-latest
Conflicts: docker-ce
Conflicts: docker-ee
Conflicts: moby-engine
%description docker
This package installs a script named docker that emulates the Docker CLI by
executes %{name} commands, it also creates links between all Docker CLI man
pages and %{name}.
%package remote
Summary: (Experimental) Remote client for managing %{name} containers
%description remote
Remote client for managing %{name} containers.
This experimental remote client is under heavy development. Please do not
run %{name}-remote in production.
%{name}-remote uses the varlink connection to connect to a %{name} client to
manage pods, containers and container images. %{name}-remote supports ssh
connections as well.
%package tests
Summary: Tests for %{name}
Requires: %{name} = %{version}-%{release}
#Requires: bats (which RHEL8 doesn't have. If it ever does, un-comment this)
Requires: jq
%description tests
%{summary}
This package contains system tests for %{name}
%prep
%autosetup -Sgit -n %{repo}-%{commit0}
sed -i 's/install.bin: podman/install.bin:/' Makefile
sed -i 's/install.man: docs/install.man:/' Makefile
sed -i 's/install.remote: podman-remote/install.remote:/' Makefile
mv pkg/hooks/README.md pkg/hooks/README-hooks.md
%build
export GO111MODULE=off
export GOPATH=$(pwd):$(pwd)/_build
mkdir -p $(pwd)/_build
pushd $(pwd)/_build
mkdir -p src/%{provider}.%{provider_tld}/%{project}
ln -s ../../../../ src/%{import_path}
popd
ln -s vendor src
rm -rf vendor/github.com/containers/storage/drivers/register/register_btrfs.go
%gogenerate ./cmd/%{name}/varlink/...
# build %%{name}
export BUILDTAGS="varlink systemd selinux seccomp btrfs_noversion exclude_graphdriver_devicemapper $(hack/libdm_tag.sh)"
%gobuild -o bin/%{name} %{import_path}/cmd/%{name}
# build %%{name}-remote
export BUILDTAGS="remoteclient $BUILDTAGS"
%gobuild -o bin/%{name}-remote %{import_path}/cmd/%{name}
%{__make} docs
./docs/dckrman.sh ./docs/build/man/*
%install
install -dp %{buildroot}%{_unitdir}
PODMAN_VERSION=%{version} %{__make} PREFIX=%{buildroot}%{_prefix} ETCDIR=%{buildroot}%{_sysconfdir} \
install.bin \
install.remote \
install.man \
install.cni \
install.systemd \
install.completions
# install libpod.conf
install -dp %{buildroot}%{_datadir}/containers
install -m 644 %{repo}.conf %{buildroot}%{_datadir}/containers
# install docker-docs
install -dp %{buildroot}%{_mandir}/man1
install -m 644 docs/build/man/docker*.1 -t %{buildroot}%{_mandir}/man1
# install docker symlink
install -m 755 docker %{buildroot}%{_bindir}
# install test stuff
ln -s ./ ./vendor/src # ./vendor/src -> ./vendor
install -d -p %{buildroot}/%{_datadir}/%{name}/test/system
cp -pav test/system %{buildroot}/%{_datadir}/%{name}/test/
# do not include docker and podman-remote man pages in main package
for file in `find %{buildroot}%{_mandir}/man[15] -type f | sed "s,%{buildroot},," | grep -v -e remote -e docker`; do
echo "$file*" >> podman.file-list
done
%check
%if 0%{?with_check}
# Since we aren't packaging up the vendor directory we need to link
# back to it somehow. Hack it up so that we can add the vendor
# directory from BUILD dir as a gopath to be searched when executing
# tests from the BUILDROOT dir.
ln -s ./ ./vendor/src # ./vendor/src -> ./vendor
export GOPATH=%{buildroot}/%{gopath}:$(pwd)/vendor:%{gopath}
%if ! 0%{?gotest:1}
%global gotest go test
%endif
%gotest %{import_path}/cmd/%{name}
%gotest %{import_path}/libkpod
%gotest %{import_path}/libpod
%gotest %{import_path}/pkg/registrar
%endif
%triggerpostun -- %{name} < 1.1
%{_bindir}/%{name} system renumber
exit 0
#define license tag if not already defined
%{!?_licensedir:%global license %doc}
%files -f podman.file-list
%license LICENSE
%doc README.md CONTRIBUTING.md pkg/hooks/README-hooks.md install.md code-of-conduct.md transfer.md
%{_bindir}/%{name}
%{_datadir}/bash-completion/completions/*
# By "owning" the site-functions dir, we don't need to Require zsh
%{_datadir}/zsh/site-functions
%{_datadir}/zsh/site-functions/*
%config(noreplace) %{_sysconfdir}/cni/net.d/87-%{name}-bridge.conflist
%{_datadir}/containers/%{repo}.conf
%{_unitdir}/io.%{name}.service
%{_unitdir}/io.%{name}.socket
%{_userunitdir}/io.%{name}.service
%{_userunitdir}/io.%{name}.socket
%{_usr}/lib/tmpfiles.d/%{name}.conf
%files docker
%{_bindir}/docker
%{_mandir}/man1/docker*.1*
%files remote
%{_bindir}/%{name}-remote
%{_mandir}/man1/%{name}-remote*.1*
%files tests
%license LICENSE
%{_datadir}/%{name}/test
%changelog
* Thu Dec 10 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-27
- fix podman-buildah mounting issue
- Resolves: #1895027
* Tue Sep 22 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-26
- fix "CVE-2020-14370 podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API [rhel-7]"
- Resolves: #1881062
* Wed Sep 16 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-25
- use proper patch to address "podman does not use $TMPDIR loading a tar file."
- Resolves: #1877699
* Fri Sep 11 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-24
- fix "podman does not use $TMPDIR loading a tar file."
- Resolves: #1877699
* Fri Sep 11 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-23
- fix "CVE-2020-14040 podman: golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash [rhel-7]"
- Resolves: #1854715
* Sun Aug 30 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-22
- revert regressions introduced by 0001-bump-github.com-containers-buildah-to-v1.11.5.patch
regressed bugzilla list follows:
- Related: #1817743, #1792243, #1784950
* Mon Aug 17 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-21
- fix "podman launches a container with systemd instance inside - bind mounts of systemd cgroup entries are being leaked in host mount namespace"
- Resolves: #1860506
* Thu Jul 30 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-20
- rebuilt
* Wed Jul 29 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-19
- fix "podman segfault upon doing buildah operations due to error handling message"
- Resolves: #1853326
* Fri Apr 03 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-18
- fix "CVE-2020-8945 proglottis/gpgme: Use-after-free in GPGME bindings during container image pull"
- Resolves: #1806940
* Tue Mar 31 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-17
- fix "CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process"
- Resolves: #1817743
* Wed Mar 25 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-16
- use the full PR 5348 to fix "no route to host from inside container"
- Resolves: #1806895
* Tue Mar 17 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-15
- update fix for "podman (1.6.4) rhel 8.1 no route to host from inside container"
- Resolves: #1806895
* Mon Mar 16 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-14
- fix "CVE-2020-1702 podman: containers/image: Container images read entire image manifest into memory"
- Resolves: #1810614
* Sat Feb 29 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-13
- fix "[FJ8.2 Bug]: [REG]The "--group-add" option of "podman create" doesn't function."
- Resolves: #1808702
* Wed Feb 26 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-12
- fix "Podman can't reuse a container name, even if the container that was using it is no longer around"
- Resolves: #1807437
* Wed Feb 26 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-11
- fix "podman exec does not reads from stdin"
- Resolves: #1807586
* Tue Feb 25 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-10
- fix "podman (1.6.4) rhel 8.1 no route to host from inside container"
- Resolves: #1806895
* Wed Feb 19 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-9
- fix "Podman support for FIPS Mode requires a bind mount inside the container"
- Resolves: #1804189
* Thu Feb 13 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-8
- Fix CVE-2020-1726
- Resolves: #1801825
* Fri Feb 07 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-7
- allow colon be present in tarball name (#1797599)
* Fri Jan 24 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-6
- resurrect s390x arch as kernel there now has the renameat2 syscall (#1773504)
* Mon Jan 20 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-5
- Fix thread safety of gpgme (#1792243)
* Wed Jan 15 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-4
- temporary disable s390x arch due to #1773504 causing fuse-overlayfs
failing to build - podman requires it
* Tue Jan 14 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-3
- drop libvarlink and hard libseccomp deps: we don't have these in RHEL7.8
* Wed Jan 08 2020 Jindrich Novy <jnovy@redhat.com> - 1.6.4-2
- merge podman-manpages with podman package and put man pages for
podman-remote to its dedicated subpackage
Resolves: #1788549
* Thu Dec 12 2019 Jindrich Novy <jnovy@redhat.com> - 1.6.4-1
- update to 1.6.4
- split podman and conmon packages
* Thu Sep 12 2019 Jindrich Novy <jnovy@redhat.com> - 1.4.4-5
- Fix CVE-2019-10214.
* Wed Aug 14 2019 Lokesh Mandvekar <lsm5@redhat.com> - 1.4.4-4
- Resolves: #1741264 - remove unnecessary dep on atomic-registries
* Fri Aug 02 2019 Jindrich Novy <jnovy@redhat.com> - 1.4.4-3
- use 1.4.4 in RHEL7u7
* Tue Jul 23 2019 Lokesh Mandvekar <lsm5@redhat.com> - 1.4.4-2
- Resolves: #1728242
* Thu Jul 04 2019 Lokesh Mandvekar <lsm5@redhat.com> - 1.4.4-1
- bump to v1.4.4
* Thu Jun 27 2019 Lokesh Mandvekar <lsm5@redhat.com> - 1.4.3-1
- bump to v1.4.3
* Tue Jun 25 2019 Lokesh Mandvekar <lsm5@redhat.com> - 1.4.1-1
- bump to v1.4.1
- bump conmon to v0.3.0
* Sat Jun 08 2019 Lokesh Mandvekar <lsm5@redhat.com> - 1.4.0-2
- build only supported arches
* Sat Jun 08 2019 Lokesh Mandvekar <lsm5@redhat.com> - 1.4.0-1
- rebase to v1.4.0
- use conmon v0.2.0
* Wed May 29 2019 Lokesh Mandvekar <lsm5@redhat.com> - 1.3.2-1.git14fdcd0
- Resolves: #1714700
- bump to v1.3.2
* Thu May 23 2019 Lokesh Mandvekar <lsm5@redhat.com> - 1.3.1-1.git7210727
- Resolves: #1710265
- bump to v1.3.1
* Tue May 14 2019 Lokesh Mandvekar <lsm5@redhat.com> - 1.3.0-1.git139afa7
- Resolves: #1701922, #1689862, #1418418, #1418422, #1649044, #1534505
- BR: systemd-devel
* Tue Apr 02 2019 Lokesh Mandvekar <lsm5@redhat.com> - 1.2.0-3.git3bd528e
- Ensure correct upstream version number
* Mon Apr 01 2019 Frantisek Kluknavsky <fkluknav@redhat.com> - 1.2-2.git3bd528e
- rebase
* Wed Mar 06 2019 Lokesh Mandvekar <lsm5@redhat.com> - 1.1.2-2.git0ad9b6b
- system renumber when upgrading from version lower than 1.1
- centos build envs don't have make by default
* Wed Mar 06 2019 Lokesh Mandvekar <lsm5@redhat.com> - 1.1.2-1.git0ad9b6b
- bump to v1.1.2
* Fri Feb 15 2019 Frantisek Kluknavsky <fkluknav@redhat.com> - 1.0.1-2.git921f98f
- last rebase was to version 1.0.1 actually
* Mon Feb 11 2019 Frantisek Kluknavsky <fkluknav@redhat.com> - 1.0.0-3.git921f98f
- rebase
* Mon Feb 11 2019 Frantisek Kluknavsky <fkluknav@redhat.com> - 1.0.0-2.git6d7d90e
- rebase
* Tue Jan 15 2019 Frantisek Kluknavsky <fkluknav@redhat.com> - 1.0.0-1.git82e8011
- rebase to v1, yay!
- rebase conmon to 9b1f0a08285a7f74b21cc9b6bfd98a48905a7ba2
* Fri Dec 14 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 0.12.1.2-2.git9551f6b
- rebase
* Mon Dec 10 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 0.11.1.1-5.git594495d
- varlink not in rhel7, remove unitfiles. https://bugzilla.redhat.com/show_bug.cgi?id=1657303
* Wed Nov 21 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 0.11.1.1-4.git594495d
- openssl-devel needed only with scl go toolset
* Thu Nov 15 2018 Lokesh Mandvekar <lsm5@redhat.com> - 0.11.1.1-3.git594495d
- correctly generate debuginfo by updating gobuild def
* Thu Nov 15 2018 Lokesh Mandvekar <lsm5@redhat.com> - 0.11.1.1-2.git594495d
- enable debuginfo for conmon
* Thu Nov 15 2018 Lokesh Mandvekar <lsm5@redhat.com> - 0.11.1.1-1.git594495d
- Resolves: #1649563, #1648429
- bump to v0.11.1.1
- built libpod commit 594495d
* Wed Nov 14 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 0.11.1-2.gita4adfe5
- fix conflicts with docker and docker-common
* Tue Nov 13 2018 Lokesh Mandvekar <lsm5@redhat.com> - 0.11.1-1.gita4adfe5
- bump to v0.11.1
- subpackage podman-docker
- built libpod commit a4adfe5
- built conmon from cri-o commit 464dba6
* Fri Nov 02 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 0.10.1.3-4.gitee513cc
- rpm macro for centos
* Wed Oct 31 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 0.10.1.3-3.gitee513cc
- rebase
* Fri Oct 26 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 0.10.1.3-2.git6e1aeb0
- rebase to 6e1aeb06f86bfed7045be19c8e8b09c1bf5ba55f
- rebase cri-o to 1.12
* Thu Oct 18 2018 Lokesh Mandvekar <lsm5@redhat.com> - 0.10.1.3-1.gitdb08685
- Resolves: #1640342 - update vendored buildah to allow building when there are
containers running
* Wed Oct 17 2018 Lokesh Mandvekar <lsm5@redhat.com> - 0.10.1.2-1.git2b4f8d1
- Resolves: #1627891
- bump to v0.10.1.2
- built podman commit 2b4f8d1
* Tue Oct 16 2018 Lokesh Mandvekar <lsm5@redhat.com> - 0.10.1.1-1.git4bea3e9
- bump podman to v0.10.1.1
- built podman commit 4bea3e9
- built conmon from cri-o commit a30f93c
* Wed Oct 03 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 0.9.3.1-4.gita3c4ce6
- rebased cri-o to 1.11.6
* Wed Oct 03 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 0.9.3.1-3.gita3c4ce6
- rebase
* Wed Sep 26 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 0.9.3.1-2.git1cd906d
- rebase
* Tue Sep 25 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 0.9.3-2.gita723353
- rebase
* Mon Sep 17 2018 Dan Walsh <dwalsh@redhat.com> - 0.9.2.1-1.git19cb754
- Merge in fixes for podman build, to handle symbolic links and running sudo in Dockerfile
* Mon Sep 17 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 0.9.2-5.git37a2afe
- rebase to podman 0.9.2
- rebase to cri-o 0.11.4
* Fri Sep 14 2018 dwalsh <dwalsh@redhat.com> - 0.9.1-4.gitaba58d1
- podman no longer requires oci-systemd-hook
* Sun Sep 09 2018 baude <bbaude@redhat.com> - 0.9.1-3.gitaba58d1
- Grab correct commit for podman-0.9.1
* Wed Sep 05 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 0.8.5-3.gitdc5a711
- rebased cri-o to 1.11.2
* Tue Sep 04 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 0.8.5-2.gitdc5a711
- rebase
* Tue Sep 04 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 0.8.4-3.git9f9b8cf
- depend on oci-systemd-hook
* Thu Aug 30 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 0.8.4-2.git9f9b8cf
- rebase
* Sun Aug 12 2018 Dan Walsh <dwalsh@redhat.com> - 0.8.2.1-1.git7a526bb
- Upstream 0.8.2.1 release
* Sat Aug 4 2018 Dan Walsh <dwalsh@redhat.com> - 0.8.1-1.git6b4ab2a
- Bump to v0.8.1
* Sat Jul 21 2018 Dan Walsh <dwalsh@redhat.com> - 0.7.3-2.git079121
- Turn on ostree support
- Upstream 0.7.3
* Sat Jul 14 2018 Dan Walsh <dwalsh@redhat.com> - 0.7.2-2.git4ca4c5f
- Upstream 0.7.2 release
* Wed Jul 11 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 0.7.1-3.git84cfdb2
- rebuilt
* Wed Jul 11 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 0.7.1-2.git84cfdb2
- rebase to 84cfdb2
* Sun Jul 08 2018 Dan Walsh <dwalsh@redhat.com> - 0.7.1-1.git802d4f2
- Upstream 0.7.1 release
* Mon Jun 25 2018 Lokesh Mandvekar <lsm5@redhat.com> - 0.6.4-2.gitd5beb2f
- disable devel and unittest subpackages
- include conditionals for rhel-8.0
* Fri Jun 22 2018 Dan Walsh <dwalsh@redhat.com> - 0.6.4-1.gitd5beb2f
- do not compress debuginfo with dwz to support delve debugger
* Mon Jun 04 2018 Lokesh Mandvekar <lsm5@redhat.com> - 0.6.1-3.git3e0ff12
- do not compress debuginfo with dwz to support delve debugger
* Mon Jun 04 2018 Lokesh Mandvekar <lsm5@redhat.com> - 0.6.1-2.git3e0ff12
- bash completion shouldn't have shebang
* Mon Jun 04 2018 Lokesh Mandvekar <lsm5@redhat.com> - 0.6.1-1.git3e0ff12
- Resolves: #1584429 - drop capabilities when running a container as non-root
- bump to v0.6.1
- built podman commit 3e0ff12
- built conmon from cri-o commit 1c0c3b0
- drop containernetworking-plugins subpackage, it's now split out into a standalone
package
* Fri Apr 27 2018 Lokesh Mandvekar <lsm5@redhat.com> - 0.4.1-4.gitb51d327
- Resolves: #1572538 - build host-device and portmap plugins
* Thu Apr 12 2018 Lokesh Mandvekar <lsm5@redhat.com> - 0.4.1-3.gitb51d327
- correct dep on containernetworking-plugins
* Thu Apr 12 2018 Lokesh Mandvekar <lsm5@redhat.com> - 0.4.1-2.gitb51d327
- add containernetworking-plugins v0.7.0 as a subpackage (podman dep)
- release tag for the containernetworking-plugins is actually gotten from
podman release tag.
* Wed Apr 11 2018 Lokesh Mandvekar <lsm5@redhat.com> - 0.4.1-1.gitb51d327
- bump to v0.4.1
- built commit b51d327
* Wed Mar 14 2018 Lokesh Mandvekar <lsm5@fedoraproject.org> - 0.3.3-1.dev.gitbc358eb
- built podman commit bc358eb
- built conmon from cri-o commit 712f3b8
* Fri Mar 09 2018 baude <bbaude@redhat.com> - 0.3.2-1.gitf79a39a
- Release 0.3.2-1
* Sun Mar 04 2018 baude <bbaude@redhat.com> - 0.3.1-2.git98b95ff
- Correct RPM version
* Fri Mar 02 2018 baude <bbaude@redhat.com> - 0.3.1-1-gitc187538
- Release 0.3.1-1
* Sun Feb 25 2018 Peter Robinson <pbrobinson@fedoraproject.org> 0.2.2-2.git525e3b1
- Build on ARMv7 too (Fedora supports containers on that arch too)
* Fri Feb 23 2018 baude <bbaude@redhat.com> - 0.2.2-1.git525e3b1
- Release 0.2.2
* Fri Feb 16 2018 baude <bbaude@redhat.com> - 0.2.1-1.git3d0100b
- Release 0.2.1
* Wed Feb 14 2018 baude <bbaude@redhat.com> - 0.2-3.git3d0100b
- Add dep for atomic-registries
* Tue Feb 13 2018 baude <bbaude@redhat.com> - 0.2-2.git3d0100b
- Add more 64bit arches
- Add containernetworking-cni dependancy
- Add iptables dependancy
* Mon Feb 12 2018 baude <bbaude@redhat.com> - 0-2.1.git3d0100
- Release 0.2
* Tue Feb 06 2018 Lokesh Mandvekar <lsm5@fedoraproject.org> - 0-0.3.git367213a
- Resolves: #1541554 - first official build
- built commit 367213a
* Fri Feb 02 2018 Lokesh Mandvekar <lsm5@fedoraproject.org> - 0-0.2.git0387f69
- built commit 0387f69
* Wed Jan 10 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 0-0.1.gitc1b2278
- First package for Fedora