Blob Blame History Raw
%global with_debug 1
%global with_check 0

%bcond_without varlink
%global gogenerate go generate

%if 0%{?with_debug}
%global _find_debuginfo_dwz_opts %{nil}
%global _dwz_low_mem_die_limit 0
%global debug_package   %{nil}

%if 0%{?rhel} > 7 && ! 0%{?fedora}
%define gobuild(o:) \
go build -buildmode pie -compiler gc -tags="rpm_crashtraceback libtrust_openssl ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-} -compressdwarf=false -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '%__global_ldflags'" -a -v -x %{?**};

%global provider github
%global provider_tld com
%global project containers
%global repo libpod
%global provider_prefix %{provider}.%{provider_tld}/%{project}/%{repo}
%global import_path %{provider_prefix}
%global git0 https://%{provider}.%{provider_tld}/%{project}/%{repo}

Name: podman
Version: 1.9.3
Release: 2%{?dist}
Summary: Manage Pods, Containers and Container Images
License: ASL 2.0
URL: https://%{name}.io/
Source0: %{git0}/archive/v%{version}.tar.gz
# related bug:
# patch:
Patch0: podman-1829061.patch
Provides: %{name}-manpages = %{version}-%{release}
Obsoletes: %{name}-manpages < %{version}-%{release}
BuildRequires: golang >= 1.12.12-4
BuildRequires: glib2-devel
BuildRequires: glibc-devel
BuildRequires: glibc-static
BuildRequires: git
BuildRequires: go-md2man
BuildRequires: gpgme-devel
BuildRequires: libassuan-devel
BuildRequires: libgpg-error-devel
BuildRequires: libseccomp-devel
BuildRequires: libselinux-devel
BuildRequires: ostree-devel
BuildRequires: pkgconfig
BuildRequires: make
BuildRequires: systemd
BuildRequires: systemd-devel
Requires: containers-common >= 0.1.29-3
Requires: containernetworking-plugins >= 0.8.1-1
Requires: iptables
Requires: nftables
Obsoletes: oci-systemd-hook < 1
Requires: libseccomp >= 2.4.1
Requires: conmon
Recommends: container-selinux
Requires: slirp4netns >= 0.4.0-1
Requires: runc >= 1.0.0-57
Requires: fuse-overlayfs
Requires: libvarlink

%{name} (Pod Manager) is a fully featured container engine that is a simple
daemonless tool.  %{name} provides a Docker-CLI comparable command line that
eases the transition from other container engines and allows the management of
pods, containers and images.  Simply put: alias docker=%{name}.
Most %{name} commands can be run as a regular user, without requiring
additional privileges.

%{name} uses Buildah(1) internally to create container images.
Both tools share image (not container) storage, hence each can use or
manipulate images (but not containers) created by the other.

%{repo} Simple management tool for pods, containers and images

%package docker
Summary: Emulate Docker CLI using %{name}
BuildArch: noarch
Requires: %{name} = %{version}-%{release}
Conflicts: docker
Conflicts: docker-latest
Conflicts: docker-ce
Conflicts: docker-ee
Conflicts: moby-engine

%description docker
This package installs a script named docker that emulates the Docker CLI by
executes %{name} commands, it also creates links between all Docker CLI man
pages and %{name}.

%package remote
Summary: (Experimental) Remote client for managing %{name} containers

%description remote
Remote client for managing %{name} containers.

This experimental remote client is under heavy development. Please do not
run %{name}-remote in production.

%{name}-remote uses the varlink connection to connect to a %{name} client to
manage pods, containers and container images. %{name}-remote supports ssh
connections as well.

%package tests
Summary: Tests for %{name}
Requires: %{name} = %{version}-%{release}
#Requires: bats  (which RHEL8 doesn't have. If it ever does, un-comment this)
Requires: jq

%description tests

This package contains system tests for %{name}

%autosetup -Sgit -n %{repo}-%{version}

sed -i 's/install.bin: podman/install.bin:/' Makefile
sed -i 's/ docs/' Makefile
sed -i 's/install.remote: podman-remote/install.remote:/' Makefile
mv pkg/hooks/ pkg/hooks/

# this is shipped by skopeo: containers-common subpackage
rm -rf docs/source/markdown/

export GO111MODULE=off
export GOPATH=$(pwd):$(pwd)/_build

mkdir -p $(pwd)/_build
pushd $(pwd)/_build
mkdir -p src/%{provider}.%{provider_tld}/%{project}
ln -s ../../../../ src/%{import_path}
ln -s vendor src

rm -rf vendor/
%gogenerate ./pkg/varlink/...

# build %%{name}
export BUILDTAGS="varlink systemd selinux seccomp btrfs_noversion exclude_graphdriver_devicemapper $(hack/"
%gobuild -o bin/%{name} %{import_path}/cmd/%{name}

# build %%{name}-remote
export BUILDTAGS="remoteclient $BUILDTAGS"
%gobuild -o bin/%{name}-remote %{import_path}/cmd/%{name}

%{__make} docs
./docs/ ./docs/build/man/*

install -dp %{buildroot}%{_unitdir}
PODMAN_VERSION=%{version} %{__make} PREFIX=%{buildroot}%{_prefix} ETCDIR=%{buildroot}%{_sysconfdir} \
        install.bin \
        install.remote \ \
        install.cni \
        install.systemd \
        install.completions \

# install libpod.conf
install -dp %{buildroot}%{_datadir}/containers
install -m 644 %{repo}.conf %{buildroot}%{_datadir}/containers

# install docker-docs
install -dp %{buildroot}%{_mandir}/man1
install -m 644 docs/build/man/docker*.1 -t %{buildroot}%{_mandir}/man1

# install docker symlink
install -m 755 docker %{buildroot}%{_bindir}

# install test stuff
ln -s ./ ./vendor/src # ./vendor/src -> ./vendor
install -d -p %{buildroot}/%{_datadir}/%{name}/test/system
cp -pav test/system %{buildroot}/%{_datadir}/%{name}/test/

# do not include docker and podman-remote man pages in main package
for file in `find %{buildroot}%{_mandir}/man[15] -type f | sed "s,%{buildroot},," | grep -v -e remote -e docker`; do
    echo "$file*" >> podman.file-list

%if 0%{?with_check}
# Since we aren't packaging up the vendor directory we need to link
# back to it somehow. Hack it up so that we can add the vendor
# directory from BUILD dir as a gopath to be searched when executing
# tests from the BUILDROOT dir.
ln -s ./ ./vendor/src # ./vendor/src -> ./vendor

export GOPATH=%{buildroot}/%{gopath}:$(pwd)/vendor:%{gopath}

%if ! 0%{?gotest:1}
%global gotest go test

%gotest %{import_path}/cmd/%{name}
%gotest %{import_path}/libkpod
%gotest %{import_path}/libpod
%gotest %{import_path}/pkg/registrar

%triggerpostun -- %{name} < 1.1
%{_bindir}/%{name} system renumber
exit 0

#define license tag if not already defined
%{!?_licensedir:%global license %doc}

%files -f podman.file-list
%license LICENSE
%doc pkg/hooks/
# By "owning" the site-functions dir, we don't need to Require zsh
%dir %{_datadir}/zsh/site-functions
%config(noreplace) %{_sysconfdir}/cni/net.d/87-%{name}-bridge.conflist

%files docker

%files remote

%files tests
%license LICENSE

* Mon Jun 01 2020 Jindrich Novy <> - 1.9.3-2
- fix "Signature verification incorrectly uses mirror’s references"
- Resolves: #1829061

* Mon May 25 2020 Jindrich Novy <> - 1.9.3-1
- update to
- Related: RHELPLAN-39206

* Wed May 20 2020 Jindrich Novy <> - 1.9.2-3
- fix "Podman support for FIPS Mode requires a bind mount inside the container"
- version the oci-systemd-hook obsolete
- Related: #1784950
- Related: #1836180

* Tue May 19 2020 Jindrich Novy <> - 1.9.2-2
- obsolete oci-systemd-hook package
- Resolves: #1836180

* Thu May 14 2020 Jindrich Novy <> - 1.9.2-1
- update to
- Related: RHELPLAN-39206

* Fri May 01 2020 Jindrich Novy <> - 1.9.1-2
- make container-selinux a soft dependency
- Related: #1806044

* Wed Apr 29 2020 Jindrich Novy <> - 1.9.1-1
- update to
- Related: RHELPLAN-39206

* Fri Apr 17 2020 Jindrich Novy <> - 1.9.0-2
- remove containers-mounts.conf man page, this is shipped by skopeo: containers-common subpackage
- Related: RHELPLAN-39206

* Fri Apr 17 2020 Jindrich Novy <> - 1.9.0-1
- update to
- Related: RHELPLAN-39206

* Wed Apr 01 2020 Jindrich Novy <> - 1.6.4-11
- fix "CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process"
- Resolves: #1819812

* Thu Mar 19 2020 Jindrich Novy <> - 1.6.4-10
- use the full PR 5348 to fix "no route to host from inside container"
- Resolves: #1806901

* Fri Mar 06 2020 Jindrich Novy <> - 1.6.4-9
- update fix for "podman (1.6.4) rhel 8.1 no route to host from inside container"
- Resolves: #1806901

* Fri Mar 06 2020 Jindrich Novy <> - 1.6.4-8
- fix "[FJ8.2 Bug]: [REG]The "--group-add" option of "podman create" doesn't function."
- Resolves: #1808707

* Thu Feb 27 2020 Jindrich Novy <> - 1.6.4-7
- fix "podman (1.6.4) rhel 8.1 no route to host from inside container"
- Resolves: #1806901

* Fri Feb 21 2020 Jindrich Novy <> - 1.6.4-6
- fix CVE-2020-1726
- Resolves: #1801571

* Wed Feb 19 2020 Jindrich Novy <> - 1.6.4-5
- fix "Podman support for FIPS Mode requires a bind mount inside the container"
- Resolves: #1804195

* Mon Feb 17 2020 Jindrich Novy <> - 1.6.4-4
- fix CVE-2020-1702
- Resolves: #1801924

* Wed Jan 08 2020 Jindrich Novy <>
- merge podman-manpages with podman package and put man pages for
  podman-remote to its dedicated subpackage
Resolves: #1788539

* Fri Jan 03 2020 Jindrich Novy <> - 1.6.4-2
- apply fix for #1757845
- Related: RHELPLAN-25139

* Wed Dec 11 2019 Jindrich Novy <> - 1.6.4-1
- update to 1.6.4
- Related: RHELPLAN-25139

* Sat Dec 07 2019 Jindrich Novy <> - 1.6.3-6
- remove BR: device-mapper-devel, minor spec file changes
- Related: RHELPLAN-25139

* Tue Dec 03 2019 Jindrich Novy <> - 1.6.3-5
- Ensure volumes reacquire locks on state refresh (thanks Matt Heon)
- Related: RHELPLAN-25139

* Fri Nov 29 2019 Jindrich Novy <> - 1.6.3-4
- use the file events logger backend if systemd isn't available
  (thanks to Giuseppe Scrivano)
- Related: RHELPLAN-25139

* Thu Nov 21 2019 Jindrich Novy <> - 1.6.3-3
- require slirp4netns >= 0.4.0-1
- Resolves: #1766774

* Tue Nov 19 2019 Jindrich Novy <> - 1.6.3-2
- apply fix to not to fail gating tests:
  don't parse the config for cgroup-manager default
- don't hang while on podman run --rm - bug 1767663
- Related: RHELPLAN-25139

* Mon Nov 18 2019 Jindrich Novy <> - 1.6.3-1
- update to podman 1.6.3
- addresses CVE-2019-18466
- Related: RHELPLAN-25139

* Fri Nov 08 2019 Jindrich Novy <> - 1.6.2-6
- fix %%gobuild macro to not to ignore BUILDTAGS
- Related: RHELPLAN-25139

* Tue Nov 05 2019 Jindrich Novy <> - 1.6.2-5
- use btrfs_noversion to really disable BTRFS support
- amend/reuse BUILDTAGS
- still keep device-mapper-devel BR otherwise build fails
  despite dm support being disabled (build scripting invokes
  pkg-config for devmapper which is shipped by the dm-devel
- Related: RHELPLAN-25139

* Mon Nov 04 2019 Jindrich Novy <> - 1.6.2-4
- disable BTRFS support
- Related: RHELPLAN-25139

* Mon Nov 04 2019 Jindrich Novy <> - 1.6.2-3
- split podman and conmon packages
- drop BR: device-mapper-devel and update BRs in general
- Related: RHELPLAN-25139

* Fri Nov 01 2019 Jindrich Novy <> - 1.6.2-2
- drop oci-systemd-hook requirement
- drop upstreamed CVE-2019-10214 patch
- Related: RHELPLAN-25139

* Tue Oct 29 2019 Jindrich Novy <> - 1.6.2-1
- update to podman 1.6.2

* Wed Oct 16 2019 Jindrich Novy <> - 1.4.2-6
- fix build with --nocheck (#1721394)
- escape commented out macros

* Thu Sep 12 2019 Jindrich Novy <> - 1.4.2-5
- Fix CVE-2019-10214 (#1734649).

* Tue Sep 03 2019 Jindrich Novy <> - 1.4.2-4
- update to latest conmon (Resolves: #1743685)

* Wed Aug 28 2019 Jindrich Novy <> - 1.4.2-3
- update to v1.4.2-stable1
- Resolves: #1741157

* Wed Jun 19 2019 Lokesh Mandvekar <> - 1.4.2-2
- Resolves: #1669197, #1705763, #1737077, #1671622, #1723879, #1730281,
- Resolves: #1731117
- built libpod v1.4.2-stable1

* Wed Jun 19 2019 Lokesh Mandvekar <> - 1.4.2-1
- Resolves: #1721638
- bump to v1.4.2

* Mon Jun 17 2019 Lokesh Mandvekar <> - 1.4.1-4
- Resolves: #1720654 - update dep on libvarlink
- Resolves: #1721247 - enable fips mode

* Mon Jun 17 2019 Lokesh Mandvekar <> - 1.4.1-3
- Resolves: #1720654 - podman requires podman-manpages
- update dep on cni plugins >= 0.8.1-1

* Sat Jun 15 2019 Lokesh Mandvekar <> - 1.4.1-2
- Resolves: #1720654 - podman-manpages obsoletes podman < 1.4.1-2

* Sat Jun 15 2019 Lokesh Mandvekar <> - 1.4.1-1
- Resolves: #1720654 - bump to v1.4.1
- bump conmon to v0.3.0

* Fri Jun 14 2019 Lokesh Mandvekar <> - 1.4.0-1
- Resolves: #1720654 - bump to v1.4.0

* Fri Jun 07 2019 Lokesh Mandvekar <> - 1.3.2-2
- Resolves: #1683217 - tests subpackage requires slirp4netns

* Fri May 31 2019 Lokesh Mandvekar <> - 1.3.2-1
- Resolves: #1707220 - bump to v1.3.2
- built conmon v0.2.0

* Wed Apr  3 2019 Eduardo Santiago <> - 1.2.0-1.git3bd528e5
- package system tests, zsh completion. Update CI tests to use new -tests pkg

* Thu Feb 28 2019 Lokesh Mandvekar <> - 1.1.0-1.git006206a
- bump to v1.1.0

* Fri Feb 22 2019 Lokesh Mandvekar <> - 1.0.1-1.git2c74edd
- bump to v1.0.1

* Mon Feb 11 2019 Frantisek Kluknavsky <> - 1.0.0-2.git921f98f
- rebase

* Tue Jan 15 2019 Frantisek Kluknavsky <> - 1.0.0-1.git82e8011
- rebase to v1, yay!
- rebase conmon to 9b1f0a08285a7f74b21cc9b6bfd98a48905a7ba2
- Resolves:#1623282
- python interface removed, moved to

* Tue Dec 18 2018 Frantisek Kluknavsky <> -
- re-enable debuginfo

* Mon Dec 17 2018 Frantisek Kluknavsky <> -
- python libraries added
- resolves: #1657180

* Mon Dec 17 2018 Frantisek Kluknavsky <> -
- rebase

* Mon Dec 17 2018 Frantisek Kluknavsky <> -
- go tools not in scl anymore

* Mon Nov 19 2018 Frantisek Kluknavsky <> -
- fedora-like buildrequires go toolset

* Sat Nov 17 2018 Lokesh Mandvekar <> -
- Resolves: #1636230 - build with FIPS enabled golang toolchain
- bump to v0.11.1.1
- built commit 594495d

* Fri Nov 16 2018 Frantisek Kluknavsky <> - 0.11.1-3.gita4adfe5
- podman-docker provides docker
- Resolves: #1650355

* Thu Nov 15 2018 Lumír Balhar <> - 0.11.1-2.gita4adfe5
- Require platform-python-setuptools instead of python3-setuptools
- Resolves: rhbz#1650144

* Tue Nov 13 2018 Lokesh Mandvekar <> - 0.11.1-1.gita4adfe5
- bump to v0.11.1
- built libpod commit a4adfe5
- built conmon from cri-o commit 464dba6

* Fri Oct 19 2018 Lokesh Mandvekar <> -
- Resolves: #1625384 - keep BR: device-mapper-devel but don't build with it
- not having device-mapper-devel seems to have brew not recognize %%{_unitdir}

* Thu Oct 18 2018 Lokesh Mandvekar <> -
- Resolves: #1625384 - correctly add buildtags to remove devmapper

* Thu Oct 18 2018 Lokesh Mandvekar <> -
- Resolves: #1625384 - build without device-mapper-devel (no podman support) and lvm2

* Wed Oct 17 2018 Lokesh Mandvekar <> -
- Resolves: #1625384 - depend on lvm2

* Wed Oct 17 2018 Lokesh Mandvekar <> -
- Resolves: #1640298 - update vendored buildah to allow building when there are
running containers
- bump to v0.10.1.3
- built podman commit db08685

* Wed Oct 17 2018 Lokesh Mandvekar <> -
- Resolves: #1625378
- bump to v0.10.1.2
- built podman commit 2b4f8d1

* Tue Oct 16 2018 Lokesh Mandvekar <> -
- bump to v0.10.1.1
- built podman commit 4bea3e9

* Thu Oct 11 2018 Lokesh Mandvekar <> - 0.10.1-1.gite4a1553
- bump podman to v0.10.1
- built podman commit e4a1553
- built conmon from cri-o commit a30f93c

* Tue Oct 09 2018 Frantisek Kluknavsky <> -
- rebased cri-o to 1.11.6

* Wed Sep 26 2018 Frantisek Kluknavsky <> -
- rebase

* Tue Sep 18 2018 Frantisek Kluknavsky <> - 0.9.2-2.git37a2afe
- rebase to podman 0.9.2
- rebase to cri-o 0.11.4

* Tue Sep 11 2018 Frantisek Kluknavsky <> -
- rebase

* Mon Aug 27 2018 Lokesh Mandvekar <> - 0.8.4-1.git9f9b8cf
- bump to v0.8.4
- built commit 9f9b8cf
- upstream username changed from projectatomic to containers
- use containernetworking-plugins >= 0.7.3-5

* Mon Aug 13 2018 Lokesh Mandvekar <> -
- Resolves: #1615607 - rebuild with gobuild tag 'no_openssl'

* Sun Aug 12 2018 Dan Walsh <> -
- Upstream release
- Add support for podman-docker
Resolves: rhbz#1615104

* Fri Aug 10 2018 Lokesh Mandvekar <> -
- Resolves: #1614710 - podman search name includes registry
- bump to v0.8.2-dev
- built libpod commit 8b2d38e
- built conmon from cri-o commit acc0ee7

* Wed Aug 8 2018 Dan Walsh <> - 0.8.1-2.git6b4ab2a
- Add recommends for slirp4netns and container-selinux

* Tue Aug 07 2018 Lokesh Mandvekar <> - 0.8.1-2.git6b4ab2a
- bump to v0.8.1
- use %%go{build,generate} instead of go build and go generate
- update go deps to use scl-ized builds
- No need for Makefile patch for python installs

* Sat Aug 4 2018 Dan Walsh <> - 0.8.1-1.git6b4ab2a
- Bump to v0.8.1

* Wed Aug 1 2018 Dan Walsh <> - 0.7.4-2.git079121
- podman should not require atomic-registries

* Tue Jul 24 2018 Lokesh Mandvekar <> -
- bump to v0.7.4-dev
- built commit 9a18681

* Sat Jul 21 2018 Dan Walsh <> - 0.7.3-2.git079121
- Turn on ostree support
- Upstream 0.7.3

* Sat Jul 14 2018 Dan Walsh <> - 0.7.2-2.git4ca4c5f
- Upstream 0.7.2 release

* Wed Jul 11 2018 Frantisek Kluknavsky <> - 0.7.1-3.git84cfdb2
- rebuilt

* Wed Jul 11 2018 Frantisek Kluknavsky <> - 0.7.1-2.git84cfdb2
- rebase to 84cfdb2

* Sun Jul 08 2018 Dan Walsh <> - 0.7.1-1.git802d4f2
- Upstream 0.7.1 release

* Mon Jun 25 2018 Lokesh Mandvekar <> - 0.6.4-2.gitd5beb2f
- disable devel and unittest subpackages
- include conditionals for rhel-8.0

* Fri Jun 22 2018 Dan Walsh <> - 0.6.4-1.gitd5beb2f
- do not compress debuginfo with dwz to support delve debugger

* Mon Jun 04 2018 Lokesh Mandvekar <> - 0.6.1-3.git3e0ff12
- do not compress debuginfo with dwz to support delve debugger

* Mon Jun 04 2018 Lokesh Mandvekar <> - 0.6.1-2.git3e0ff12
- bash completion shouldn't have shebang

* Mon Jun 04 2018 Lokesh Mandvekar <> - 0.6.1-1.git3e0ff12
- Resolves: #1584429 - drop capabilities when running a container as non-root
- bump to v0.6.1
- built podman commit 3e0ff12
- built conmon from cri-o commit 1c0c3b0
- drop containernetworking-plugins subpackage, it's now split out into a standalone

* Fri Apr 27 2018 Lokesh Mandvekar <> - 0.4.1-4.gitb51d327
- Resolves: #1572538 - build host-device and portmap plugins

* Thu Apr 12 2018 Lokesh Mandvekar <> - 0.4.1-3.gitb51d327
- correct dep on containernetworking-plugins

* Thu Apr 12 2018 Lokesh Mandvekar <> - 0.4.1-2.gitb51d327
- add containernetworking-plugins v0.7.0 as a subpackage (podman dep)
- release tag for the containernetworking-plugins is actually gotten from
podman release tag.

* Wed Apr 11 2018 Lokesh Mandvekar <> - 0.4.1-1.gitb51d327
- bump to v0.4.1
- built commit b51d327

* Wed Mar 14 2018 Lokesh Mandvekar <> -
- built podman commit bc358eb
- built conmon from cri-o commit 712f3b8

* Fri Mar 09 2018 baude <> - 0.3.2-1.gitf79a39a
- Release 0.3.2-1

* Sun Mar 04 2018 baude <> - 0.3.1-2.git98b95ff
- Correct RPM version

* Fri Mar 02 2018 baude <> - 0.3.1-1-gitc187538
- Release 0.3.1-1

* Sun Feb 25 2018 Peter Robinson <> 0.2.2-2.git525e3b1
- Build on ARMv7 too (Fedora supports containers on that arch too)

* Fri Feb 23 2018 baude <> - 0.2.2-1.git525e3b1
- Release 0.2.2

* Fri Feb 16 2018 baude <> - 0.2.1-1.git3d0100b
- Release 0.2.1

* Wed Feb 14 2018 baude <> - 0.2-3.git3d0100b
- Add dep for atomic-registries

* Tue Feb 13 2018 baude <> - 0.2-2.git3d0100b
- Add more 64bit arches
- Add containernetworking-cni dependancy
- Add iptables dependancy

* Mon Feb 12 2018 baude <> - 0-2.1.git3d0100
- Release 0.2

* Tue Feb 06 2018 Lokesh Mandvekar <> - 0-0.3.git367213a
- Resolves: #1541554 - first official build
- built commit 367213a

* Fri Feb 02 2018 Lokesh Mandvekar <> - 0-0.2.git0387f69
- built commit 0387f69

* Wed Jan 10 2018 Frantisek Kluknavsky <> - 0-0.1.gitc1b2278
- First package for Fedora