047484
%global with_check 0
047484
047484
%global _find_debuginfo_dwz_opts %{nil}
047484
%global _dwz_low_mem_die_limit 0
047484
047484
%if 0%{?rhel} > 7 && ! 0%{?fedora}
047484
%define gobuild(o:) \
ec9411
go build -buildmode pie -compiler gc -tags="rpm_crashtraceback libtrust_openssl ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-} -linkmode=external -compressdwarf=false -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '%__global_ldflags'" -a -v %{?**};
ec9411
%else
ec9411
%if ! 0%{?gobuild:1}
ec9411
%define gobuild(o:) GO111MODULE=off go build -buildmode pie -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-} -linkmode=external -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '-Wl,-z,relro -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld '" -a -v %{?**};
ec9411
%endif
683a70
%endif
047484
047484
%global provider github
047484
%global provider_tld com
047484
%global project opencontainers
047484
%global repo runc
047484
# https://github.com/opencontainers/runc
047484
%global import_path %{provider}.%{provider_tld}/%{project}/%{repo}
047484
%global git0 https://%{import_path}
047484
984f42
Epoch: 1
047484
Name: %{repo}
984f42
Version: 1.0.3
984f42
Release: 2%{?dist}
047484
Summary: CLI for running Open Containers
ec9411
# https://fedoraproject.org/wiki/PackagingDrafts/Go#Go_Language_Architectures
ec9411
#ExclusiveArch: %%{go_arches}
ec9411
# still use arch exclude as the macro above still refers %%{ix86} in RHEL8.4:
ec9411
# https://bugzilla.redhat.com/show_bug.cgi?id=1905383
047484
ExcludeArch: %{ix86}
047484
License: ASL 2.0
047484
URL: %{git0}
60a871
Source0: %{git0}/archive/v%{version}.tar.gz
60a871
Provides: oci-runtime
683a70
BuildRequires: golang >= 1.12.12-4
047484
BuildRequires: git
047484
BuildRequires: go-md2man
047484
BuildRequires: libseccomp-devel
047484
Requires: criu
047484
047484
%description
047484
The runc command can be used to start containers which are packaged
047484
in accordance with the Open Container Initiative's specifications,
047484
and to manage containers running under runc.
047484
047484
%prep
60a871
%autosetup -Sgit
047484
sed -i '/\#\!\/bin\/bash/d' contrib/completions/bash/%{name}
047484
047484
%build
047484
mkdir -p GOPATH
047484
pushd GOPATH
047484
    mkdir -p src/%{provider}.%{provider_tld}/%{project}
047484
    ln -s $(dirs +1 -l) src/%{import_path}
047484
popd
047484
047484
pushd GOPATH/src/%{import_path}
60a871
export GO111MODULE=off
047484
export GOPATH=%{gopath}:$(pwd)/GOPATH
ec9411
export CGO_CFLAGS="%{optflags} -D_GNU_SOURCE -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64"
047484
export BUILDTAGS="selinux seccomp"
60a871
export LDFLAGS="-X main.gitCommit= -X main.version=%{version}"
683a70
%gobuild -o %{name} %{import_path}
047484
047484
pushd man
047484
./md2man-all.sh
047484
popd
047484
047484
%install
60a871
make install install-man install-bash DESTDIR=$RPM_BUILD_ROOT PREFIX=%{_prefix} LIBDIR=%{_libdir} BINDIR=%{_bindir}
047484
047484
%check
047484
047484
#define license tag if not already defined
047484
%{!?_licensedir:%global license %doc}
047484
047484
%files
047484
%license LICENSE
047484
%doc MAINTAINERS_GUIDE.md PRINCIPLES.md README.md CONTRIBUTING.md
047484
%{_bindir}/%{name}
047484
%{_mandir}/man8/%{name}*
047484
%{_datadir}/bash-completion/completions/%{name}
047484
047484
%changelog
984f42
* Wed Feb 16 2022 Jindrich Novy <jnovy@redhat.com> - 1.0.3-2
984f42
- rollback to 1.0.3 due to gating test issues
984f42
- Related: #2001445
984f42
984f42
* Tue Jan 18 2022 Jindrich Novy <jnovy@redhat.com> - 1.1.0-1
984f42
- update to https://github.com/opencontainers/runc/releases/tag/v1.1.0
984f42
- Related: #2001445
984f42
984f42
* Mon Dec 06 2021 Jindrich Novy <jnovy@redhat.com> - 1.0.3-1
984f42
- update to https://github.com/opencontainers/runc/releases/tag/v1.0.3
984f42
- Related: #2001445
984f42
60a871
* Wed Aug 25 2021 Jindrich Novy <jnovy@redhat.com> - 1.0.2-1
60a871
- update to https://github.com/opencontainers/runc/releases/tag/v1.0.2
60a871
- Related: #1934415
60a871
60a871
* Fri Aug 06 2021 Jindrich Novy <jnovy@redhat.com> - 1.0.1-5
60a871
- do not use versioned provide
60a871
- Related: #1934415
60a871
60a871
* Thu Jul 29 2021 Jindrich Novy <jnovy@redhat.com> - 1.0.1-4
60a871
- fix "unknown version" displayed by runc -v
60a871
- Related: #1934415
60a871
60a871
* Mon Jul 26 2021 Jindrich Novy <jnovy@redhat.com> - 1.0.1-3
60a871
- be sure to compile runc binaries the right way
60a871
- Related: #1934415
60a871
60a871
* Mon Jul 26 2021 Jindrich Novy <jnovy@redhat.com> - 1.0.1-2
60a871
- use Makefile
60a871
- Related: #1934415
60a871
60a871
* Wed Jul 21 2021 Jindrich Novy <jnovy@redhat.com> - 1.0.1-1
60a871
- update to https://github.com/opencontainers/runc/releases/tag/v1.0.1
60a871
- Related: #1934415
60a871
60a871
* Thu May 20 2021 Jindrich Novy <jnovy@redhat.com> - 1.0.0-76.rc95
60a871
- updated to rc95 to fix CVE-2021-30465
60a871
- Related: #1934415
60a871
60a871
* Tue May 18 2021 Jindrich Novy <jnovy@redhat.com> - 1.0.0-75.rc94
60a871
- set GO111MODULE=off to fix build
60a871
- Related: #1934415
60a871
60a871
* Fri May 14 2021 Jindrich Novy <jnovy@redhat.com> - 1.0.0-74.rc94
60a871
- update to https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc94
60a871
- Related: #1934415
60a871
60a871
* Tue May 11 2021 Jindrich Novy <jnovy@redhat.com> - 1.0.0-73.rc93
60a871
- fix CVE-2021-30465
60a871
- Related: #1934415
60a871
60a871
* Tue Mar 30 2021 Jindrich Novy <jnovy@redhat.com> - 1.0.0-72.rc93
60a871
- upload rc93 tarball
60a871
- Related: #1934415
60a871
60a871
* Tue Mar 30 2021 Jindrich Novy <jnovy@redhat.com> - 1.0.0-71.rc93
60a871
- update to rc93
60a871
- Related: #1934415
60a871
ec9411
* Fri Jan 29 2021 Jindrich Novy <jnovy@redhat.com> - 1.0.0-70.rc92
ec9411
- add missing Provides: oci-runtime = 1
ec9411
- Related: #1883490
ec9411
ec9411
* Tue Dec 08 2020 Jindrich Novy <jnovy@redhat.com> - 1.0.0-69.rc92
ec9411
- still use ExcludeArch as go_arches macro is broken for 8.4
ec9411
- Related: #1883490
ec9411
ec9411
* Tue Aug 11 2020 Jindrich Novy <jnovy@redhat.com> - 1.0.0-68.rc92
ec9411
- update to https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc92
ec9411
- propagate proper CFLAGS to CGO_CFLAGS to assure code hardening and optimization
ec9411
- Related: #1821193
ec9411
ec9411
* Thu Jul 02 2020 Jindrich Novy <jnovy@redhat.com> - 1.0.0-67.rc91
ec9411
- update to https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc91
ec9411
- Related: #1821193
ec9411
230108
* Tue May 12 2020 Jindrich Novy <jnovy@redhat.com> - 1.0.0-66.rc10
230108
- synchronize containter-tools 8.3.0 with 8.2.1
230108
- Related: #1821193
230108
230108
* Wed Feb 12 2020 Jindrich Novy <jnovy@redhat.com> - 1.0.0-65.rc10
230108
- address CVE-2019-19921 by updating to rc10
230108
- Resolves: #1801887
230108
683a70
* Wed Dec 11 2019 Jindrich Novy <jnovy@redhat.com> - 1.0.0-64.rc9
683a70
- use no_openssl in BUILDTAGS (no vendored crypto in runc)
683a70
- Related: RHELPLAN-25139
683a70
683a70
* Mon Dec 09 2019 Jindrich Novy <jnovy@redhat.com> - 1.0.0-63.rc9
683a70
- be sure to use golang >= 1.12.12-4
683a70
- Related: RHELPLAN-25139
683a70
683a70
* Thu Nov 28 2019 Jindrich Novy <jnovy@redhat.com> - 1.0.0-62.rc9
683a70
- rebuild because of CVE-2019-9512 and CVE-2019-9514
683a70
- Resolves: #1766331, #1766303
683a70
683a70
* Thu Nov 21 2019 Jindrich Novy <jnovy@redhat.com> - 1.0.0-61.rc9
683a70
- update to runc 1.0.0-rc9 release
683a70
- amend golang deps
683a70
- fixes CVE-2019-16884
683a70
- Resolves: #1759651
683a70
047484
* Mon Jun 17 2019 Lokesh Mandvekar <lsm5@redhat.com> - 1.0.0-60.rc8
047484
- Resolves: #1721247 - enable fips mode
047484
047484
* Mon Jun 17 2019 Lokesh Mandvekar <lsm5@redhat.com> - 1.0.0-59.rc8
047484
- Resolves: #1720654 - rebase to v1.0.0-rc8
047484
047484
* Thu Apr 11 2019 Eduardo Santiago <santiago@redhat.com> - 1.0.0-57.rc5.dev.git2abd837
047484
- Resolves: #1693424 - podman rootless: cannot specify gid= mount options
047484
047484
* Wed Feb 27 2019 Lokesh Mandvekar <lsm5@redhat.com> - 1.0.0-56.rc5.dev.git2abd837
047484
- change-default-root patch not needed as there's no docker on rhel8
047484
047484
* Tue Feb 12 2019 Lokesh Mandvekar <lsm5@redhat.com> - 1.0.0-55.rc5.dev.git2abd837
047484
- Resolves: CVE-2019-5736
047484
047484
* Tue Dec 18 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 1.0.0-54.rc5.dev.git2abd837
047484
- re-enable debuginfo
047484
047484
* Mon Dec 17 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 1.0.0-53.rc5.dev.git2abd837
047484
- go toolset not in scl anymore
047484
047484
* Wed Sep 26 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 1.0.0-52.rc5.dev.git2abd837
047484
- rebase
047484
047484
* Fri Aug 31 2018 Dan Walsh <dwalsh@redhat.name> - 2:1.0.0-51.dev.gitfdd8055
047484
- Fix handling of tmpcopyup
047484
047484
* Fri Aug 24 2018 Lokesh Mandvekar <lsm5@redhat.com> - 2:1.0.0-49.rc5.dev.gitb4e2ecb
047484
- %%gobuild uses no_openssl
047484
- remove unused devel and unit-test subpackages
047484
047484
* Tue Aug 07 2018 Lokesh Mandvekar <lsm5@redhat.com> - 2:1.0.0-48.rc5.dev.gitad0f525
047484
- build with %%gobuild
047484
- exlude i686 temporarily because of go-toolset issues
047484
047484
* Mon Jul 30 2018 Florian Weimer <fweimer@redhat.com> - 1.0.0-47.dev.gitb4e2ecb
047484
- Rebuild with fixed binutils
047484
047484
* Fri Jul 27 2018 Dan Walsh <dwalsh@redhat.name> - 2:1.0.0-46.dev.gitb4e2ecb
047484
- Add patch https://github.com/opencontainers/runc/pull/1807 to allow
047484
- runc and podman to work with sd_notify
047484
047484
* Wed Jul 18 2018 Dan Walsh <dwalsh@redhat.com> - 2:1.0.0-40.rc5.dev.gitad0f525
047484
- Remove sysclt handling, not needed in RHEL8
047484
- Make sure package built with seccomp flags
047484
- Remove rectty
047484
- Add completions
047484
047484
* Fri Jun 15 2018 Dan Walsh <dwalsh@redhat.com> - 2:1.0.0-36.rc5.dev.gitad0f525
047484
- Better handling of user namespace
047484
047484
* Tue May 1 2018 Dan Walsh <dwalsh@redhat.name> - 2:1.0.0-31.rc5.git0cbfd83
047484
- Fix issues between SELinux and UserNamespace
047484
047484
* Tue Apr 17 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 1.0.0-27.rc5.dev.git4bb1fe4
047484
- rebuilt, placed missing changelog entry back
047484
047484
* Tue Feb 27 2018 Dan Walsh <dwalsh@redhat.name> - 2:1.0.0-26.rc5.git4bb1fe4
047484
- release v1.0.0~rc5
047484
047484
* Wed Jan 24 2018 Dan Walsh <dwalsh@redhat.name> - 1.0.0-26.rc4.git9f9c962
047484
- Bump to the latest from upstream
047484
047484
* Mon Dec 18 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.0.0-25.rc4.gite6516b3
047484
- built commit e6516b3
047484
047484
* Fri Dec 15 2017 Frantisek Kluknavsky <fkluknav@redhat.com> - 1.0.0-24.rc4.dev.gitc6e4a1e.1
047484
- rebase to c6e4a1ebeb1a72b529c6f1b6ee2b1ae5b868b14f
047484
- https://github.com/opencontainers/runc/pull/1651
047484
047484
* Tue Dec 12 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.0.0-23.rc4.git1d3ab6d
047484
- Resolves: #1524654
047484
047484
* Sun Dec 10 2017 Dan Walsh <dwalsh@redhat.name> - 1.0.0-22.rc4.git1d3ab6d
047484
- Many Stability fixes
047484
- Many fixes for rootless containers
047484
- Many fixes for static builds
047484
047484
* Thu Nov 09 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.0.0-21.rc4.dev.gitaea4f21
047484
- enable debuginfo and include -buildmode=pie for go build
047484
047484
* Tue Nov 07 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.0.0-20.rc4.dev.gitaea4f21
047484
- use Makefile
047484
047484
* Tue Nov 07 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.0.0-19.rc4.dev.gitaea4f21
047484
- disable debuginfo temporarily
047484
047484
* Fri Nov 03 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.0.0-18.rc4.dev.gitaea4f21
047484
- enable debuginfo
047484
047484
* Wed Oct 25 2017 Dan Walsh <dwalsh@redhat.name> - 1.0.0-17.rc4.gitaea4f21
047484
- Add container-selinux prerequires to make sure runc is labeled correctly
047484
047484
* Thu Oct 19 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.0.0-16.rc4.dev.gitaea4f21
047484
- correct the release tag "rc4dev" -> "rc4.dev" cause I'm OCD
047484
047484
* Mon Oct 16 2017 Dan Walsh <dwalsh@redhat.com> - 1.0.0-15.rc4dev.gitaea4f21
047484
- Use the same checkout as Fedora for lates CRI-O
047484
047484
* Fri Sep 22 2017 Frantisek Kluknavsky <fkluknav@redhat.com> - 1.0.0-14.rc4dev.git84a082b
047484
- rebase to 84a082bfef6f932de921437815355186db37aeb1
047484
047484
* Tue Jun 13 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.0.0-13.rc3.gitd40db12
047484
- Resolves: #1479489
047484
- built commit d40db12
047484
047484
* Tue Jun 13 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.0.0-12.1.gitf8ce01d
047484
- disable s390x temporarily because of indefinite wait times on brew
047484
047484
* Tue Jun 13 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.0.0-11.1.gitf8ce01d
047484
- correct previous bogus date :\
047484
047484
* Mon Jun 12 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.0.0-10.1.gitf8ce01d
047484
- Resolves: #1441737 - run sysctl_apply for sysctl knob
047484
047484
* Tue May 09 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.0.0-9.1.gitf8ce01d
047484
- Resolves: #1447078 - change default root path
047484
- add commit e800860 from runc @projectatomic/change-root-path
047484
047484
* Fri May 05 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.0.0-8.1.gitf8ce01d
047484
- Resolves: #1441737 - enable kernel sysctl knob /proc/sys/fs/may_detach_mounts
047484
047484
* Thu Apr 13 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.0.0-7.1.gitf8ce01d
047484
- Resolves: #1429675
047484
- built @opencontainers/master commit f8ce01d
047484
047484
* Thu Mar 16 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.0.0-4.1.gitee992e5
047484
- built @projectatomic/master commit ee992e5
047484
047484
* Fri Feb 24 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.0.0-3.rc2
047484
- Resolves: #1426674
047484
- built projectatomic/runc_rhel_7 commit 5d93f81
047484
047484
* Mon Feb 06 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.0.0-2.rc2
047484
- Resolves: #1419702 - rebase to latest upstream master
047484
- built commit b263a43
047484
047484
* Wed Jan 11 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.0.0-1.rc2
047484
- Resolves: #1412239 - *CVE-2016-9962* - set init processes as non-dumpable,
047484
runc patch from Michael Crosby <crosbymichael@gmail.com>
047484
047484
* Wed Sep 07 2016 Lokesh Mandvekar <lsm5@redhat.com> - 0.1.1-6
047484
- Resolves: #1373980 - rebuild for 7.3.0
047484
047484
* Sat Jun 25 2016 Lokesh Mandvekar <lsm5@redhat.com> - 0.1.1-5
047484
- build with golang >= 1.6.2
047484
047484
* Tue May 31 2016 Lokesh Mandvekar <lsm5@redhat.com> - 0.1.1-4
047484
- release tags were inconsistent in the previous build
047484
047484
* Tue May 31 2016 Lokesh Mandvekar <lsm5@redhat.com> - 0.1.1-1
047484
- Resolves: #1341267 - rebase runc to v0.1.1
047484
047484
* Tue May 03 2016 Lokesh Mandvekar <lsm5@redhat.com> - 0.1.0-3
047484
- add selinux build tag
047484
- add BR: libseccomp-devel
047484
047484
* Tue May 03 2016 Lokesh Mandvekar <lsm5@redhat.com> - 0.1.0-2
047484
- Resolves: #1328970 - add seccomp buildtag
047484
047484
* Tue Apr 19 2016 Lokesh Mandvekar <lsm5@redhat.com> - 0.1.0-1
047484
- Resolves: rhbz#1328616 - rebase to v0.1.0
047484
047484
* Tue Mar 08 2016 Lokesh Mandvekar <lsm5@redhat.com> - 0.0.8-1.git4155b68
047484
- Resolves: rhbz#1277245 - bump to 0.0.8
047484
- Resolves: rhbz#1302363 - criu is a runtime dep
047484
- Resolves: rhbz#1302348 - libseccomp-golang is bundled in Godeps
047484
- manpages included
047484
047484
* Wed Nov 25 2015 jchaloup <jchaloup@redhat.com> - 1:0.0.5-0.1.git97bc9a7
047484
- Update to 0.0.5, introduce Epoch for Fedora due to 0.2 version instead of 0.0.2
047484
047484
* Fri Aug 21 2015 Jan Chaloupka <jchaloup@redhat.com> - 0.2-0.2.git90e6d37
047484
- First package for Fedora
047484
  resolves: #1255179