diff --git a/LICENSES-AND-NOTICES/SPECS/data/licenses.json b/LICENSES-AND-NOTICES/SPECS/data/licenses.json index 589ef5d081d..8c1041157f8 100644 --- a/LICENSES-AND-NOTICES/SPECS/data/licenses.json +++ b/LICENSES-AND-NOTICES/SPECS/data/licenses.json @@ -147,6 +147,7 @@ "cpufrequtils", "cpuid", "criu", + "crun", "crypto-policies", "cryptsetup", "cscope", diff --git a/SPECS-EXTENDED/criu/001-upstream-pr-2653.patch b/SPECS-EXTENDED/criu/001-upstream-pr-2653.patch new file mode 100644 index 00000000000..bcb96fd1df3 --- /dev/null +++ b/SPECS-EXTENDED/criu/001-upstream-pr-2653.patch @@ -0,0 +1,134 @@ +From 22fdffbdde9476b27988b3ee0a4013a4453784c9 Mon Sep 17 00:00:00 2001 +From: Andrei Vagin +Date: Mon, 21 Apr 2025 06:33:41 +0000 +Subject: [PATCH] net: nftables: avoid restore failure if the CRIU nft table + already exist + +CRIU locks the network during restore in an "empty" network namespace. +However, "empty" in this context means CRIU isn't restoring the +namespace. This network namespace can be the same namespace where +processes have been dumped and so the network is already locked in it. + +Fixes #2650 + +Signed-off-by: Andrei Vagin +--- + criu/cr-restore.c | 2 +- + criu/include/net.h | 2 +- + criu/net.c | 30 +++++++++++++++++------------- + 3 files changed, 19 insertions(+), 15 deletions(-) + +diff --git a/criu/cr-restore.c b/criu/cr-restore.c +index 583b446e0b..30932f60a2 100644 +--- a/criu/cr-restore.c ++++ b/criu/cr-restore.c +@@ -2119,7 +2119,7 @@ static int restore_root_task(struct pstree_item *init) + * the '--empty-ns net' mode no iptables C/R is done and we + * need to return these rules by hands. + */ +- ret = network_lock_internal(); ++ ret = network_lock_internal(/* restore = */ true); + if (ret) + goto out_kill; + } +diff --git a/criu/include/net.h b/criu/include/net.h +index 5e8a848620..7c5ede21e1 100644 +--- a/criu/include/net.h ++++ b/criu/include/net.h +@@ -31,7 +31,7 @@ extern int collect_net_namespaces(bool for_dump); + + extern int network_lock(void); + extern void network_unlock(void); +-extern int network_lock_internal(void); ++extern int network_lock_internal(bool restore); + + extern struct ns_desc net_ns_desc; + +diff --git a/criu/net.c b/criu/net.c +index ee46f1c495..300df480b0 100644 +--- a/criu/net.c ++++ b/criu/net.c +@@ -3206,12 +3206,12 @@ static inline FILE *redirect_nftables_output(struct nft_ctx *nft) + } + #endif + +-static inline int nftables_lock_network_internal(void) ++static inline int nftables_lock_network_internal(bool restore) + { + #if defined(CONFIG_HAS_NFTABLES_LIB_API_0) || defined(CONFIG_HAS_NFTABLES_LIB_API_1) + cleanup_file FILE *fp = NULL; + struct nft_ctx *nft; +- int ret = 0; ++ int ret = 0, exit_code = -1; + char table[32]; + char buf[128]; + +@@ -3224,11 +3224,16 @@ static inline int nftables_lock_network_internal(void) + + fp = redirect_nftables_output(nft); + if (!fp) +- goto out; ++ goto err2; + + snprintf(buf, sizeof(buf), "create table %s", table); +- if (NFT_RUN_CMD(nft, buf)) ++ ret = NFT_RUN_CMD(nft, buf); ++ if (ret) { ++ /* The network has been locked on dump. */ ++ if (restore && errno == EEXIST) ++ return 0; + goto err2; ++ } + + snprintf(buf, sizeof(buf), "add chain %s output { type filter hook output priority 0; policy drop; }", table); + if (NFT_RUN_CMD(nft, buf)) +@@ -3246,17 +3251,16 @@ static inline int nftables_lock_network_internal(void) + if (NFT_RUN_CMD(nft, buf)) + goto err1; + +- goto out; +- ++ exit_code = 0; ++out: ++ nft_ctx_free(nft); ++ return exit_code; + err1: + snprintf(buf, sizeof(buf), "delete table %s", table); + NFT_RUN_CMD(nft, buf); + err2: +- ret = -1; + pr_err("Locking network failed using nftables\n"); +-out: +- nft_ctx_free(nft); +- return ret; ++ goto out; + #else + pr_err("CRIU was built without libnftables support\n"); + return -1; +@@ -3288,7 +3292,7 @@ static int iptables_network_lock_internal(void) + return ret; + } + +-int network_lock_internal(void) ++int network_lock_internal(bool restore) + { + int ret = 0, nsret; + +@@ -3301,7 +3305,7 @@ int network_lock_internal(void) + if (opts.network_lock_method == NETWORK_LOCK_IPTABLES) + ret = iptables_network_lock_internal(); + else if (opts.network_lock_method == NETWORK_LOCK_NFTABLES) +- ret = nftables_lock_network_internal(); ++ ret = nftables_lock_network_internal(restore); + + if (restore_ns(nsret, &net_ns_desc)) + ret = -1; +@@ -3427,7 +3431,7 @@ int network_lock(void) + if (run_scripts(ACT_NET_LOCK)) + return -1; + +- return network_lock_internal(); ++ return network_lock_internal(false); + } + + void network_unlock(void) diff --git a/SPECS-EXTENDED/criu/criu.signatures.json b/SPECS-EXTENDED/criu/criu.signatures.json index 31dcbf81e54..1068f5f56b3 100644 --- a/SPECS-EXTENDED/criu/criu.signatures.json +++ b/SPECS-EXTENDED/criu/criu.signatures.json @@ -1,6 +1,6 @@ { "Signatures": { - "criu-3.15.tar.bz2": "447cc1f350da94d190bcfda753695bf34ce91eee969df8263fcc33d08990a025", + "criu-4.1.1.tar.gz": "a5338fe696395843543e6e09c85ccaf36614bf172c26fe8506191b7b930d2dae", "criu-tmpfiles.conf": "d40c7153756d170c4d68ac57598236a011c177ac41a1125813f8b2e16dc15c1a" } -} +} \ No newline at end of file diff --git a/SPECS-EXTENDED/criu/criu.spec b/SPECS-EXTENDED/criu/criu.spec index adfa656e4e7..287c4d965ea 100644 --- a/SPECS-EXTENDED/criu/criu.spec +++ b/SPECS-EXTENDED/criu/criu.spec @@ -4,54 +4,45 @@ Distribution: Azure Linux %global py_prefix python3 %global py_binary %{py_prefix} - - - - # With annobin enabled, CRIU does not work anymore. It seems CRIU's # parasite code breaks if annobin is enabled. %undefine _annotated_build -Name: criu -Version: 3.15 -Release: 3%{?dist} -Provides: crtools = %{version}-%{release} -Obsoletes: crtools <= 1.0-2 -Summary: Tool for Checkpoint/Restore in User-space -License: GPLv2 -URL: http://criu.org/ -Source0: http://download.openvz.org/criu/criu-%{version}.tar.bz2 - -Patch0: unifying_struct_names.patch - -%if 0%{?rhel} && 0%{?rhel} <= 7 -BuildRequires: perl -# RHEL has no asciidoc; take man-page from Fedora 26 -# zcat /usr/share/man/man8/criu.8.gz > criu.8 -Source1: criu.8 -Source2: crit.1 -Source3: compel.1 -# The patch aio-fix.patch is needed as RHEL7 -# doesn't do "nr_events *= 2" in ioctx_alloc(). -Patch100: aio-fix.patch -%endif - -Source4: criu-tmpfiles.conf - -BuildRequires: gcc -BuildRequires: systemd -BuildRequires: libnet-devel -BuildRequires: protobuf-devel protobuf-c-devel %{py_prefix}-devel libnl3-devel libcap-devel - -BuildRequires: asciidoc xmlto -BuildRequires: perl-interpreter -BuildRequires: libselinux-devel -BuildRequires: gnutls-devel -BuildRequires: nftables-devel -BuildRequires: git +Name: criu +Version: 4.1.1 +Release: 1%{?dist} +Provides: crtools = %{version}-%{release} +Obsoletes: crtools <= 1.0-2 +Summary: Tool for Checkpoint/Restore in User-space +License: GPLv2 +URL: http://criu.org/ +Source0: https://github.com/checkpoint-restore/criu/archive/v%{version}/criu-%{version}.tar.gz + +Patch0: 001-upstream-pr-2653.patch + +Source5: criu-tmpfiles.conf + +BuildRequires: gcc +BuildRequires: systemd +BuildRequires: libnet-devel +BuildRequires: protobuf-devel protobuf-c-devel %{py_prefix}-devel libnl3-devel libcap-devel +BuildRequires: %{py_prefix}-pip +BuildRequires: %{py_prefix}-setuptools +BuildRequires: %{py_prefix}-wheel +BuildRequires: %{py_prefix}-protobuf +BuildRequires: asciidoc +BuildRequires: perl-interpreter +BuildRequires: libselinux-devel +BuildRequires: gnutls-devel +BuildRequires: libdrm-devel +BuildRequires: libuuid-devel +BuildRequires: libbsd-devel +BuildRequires: nftables-devel +BuildRequires: make +BuildRequires: git +BuildRequires: xmlto # Checkpointing containers with a tmpfs requires tar -Recommends: tar -BuildRequires: libbsd-devel +Recommends: tar # user-space and kernel changes are only available for x86_64, arm, @@ -65,102 +56,99 @@ criu is the user-space part of Checkpoint/Restore in User-space Linux in user-space. -%package devel -Summary: Header files and libraries for %{name} -Requires: %{name} = %{version}-%{release} +%package devel +Summary: Header files and libraries for %{name} +Requires: %{name} = %{version}-%{release} +Requires: %{name}-libs = %{version}-%{release} -%description devel +%description devel This package contains header files and libraries for %{name}. -%package libs -Summary: Libraries for %{name} -Requires: %{name} = %{version}-%{release} +%package libs +Summary: Libraries for %{name} +Requires: %{name} = %{version}-%{release} -%description libs +%description libs This package contains the libraries for %{name} - -%package -n %{py_prefix}-%{name} +%package amdgpu-plugin +Summary: AMD GPU plugin for %{name} +Requires: %{name} = %{version}-%{release} + +%description amdgpu-plugin +This package contains the AMD GPU plugin for %{name} + +%package cuda-plugin +Summary: CUDA plugin for %{name} +Requires: %{name} = %{version}-%{release} + +%description cuda-plugin +This package contains the CUDA plugin for %{name} + +%package -n %{py_prefix}-%{name} %{?python_provide:%python_provide %{py_prefix}-%{name}} -Summary: Python bindings for %{name} -%if 0%{?rhel} && 0%{?rhel} <= 7 -Requires: protobuf-python -Requires: %{name} = %{version}-%{release} %{py_prefix}-ipaddr -%else -Requires: protobuf-%{py_prefix} -Obsoletes: python2-criu < 3.10-1 -%endif - +Summary: Python bindings for %{name} +Requires: %{py_prefix}-protobuf + %description -n %{py_prefix}-%{name} %{py_prefix}-%{name} contains Python bindings for %{name}. - -%package -n crit -Summary: CRIU image tool -Requires: %{py_prefix}-%{name} = %{version}-%{release} - + +%package -n crit +Summary: CRIU image tool +Requires: %{py_prefix}-%{name} = %{version}-%{release} + %description -n crit crit is a tool designed to decode CRIU binary dump files and show their content in human-readable form. - + +%package -n criu-ns +Summary: Tool to run CRIU in different namespaces +Requires: %{name} = %{version}-%{release} + +%description -n criu-ns +The purpose of the criu-ns wrapper script is to enable restoring a process +tree that might require a specific PID that is already used on the system. +This script can help to workaround the so called "PID mismatch" problem. %prep -%setup -q -%patch 0 -p1 - -%if 0%{?rhel} && 0%{?rhel} <= 7 -%patch 100 -p1 -%endif +%autosetup -p1 %build -# A small part of the build makes direct calls to "ld" instead of GCC and "LDFLAGS-MASK" -# is used to cut out parts of "LDFLAGS", which "ld" doesn't understand. -# "LDFLAGS-MASK" didn't expect the "-specs" argument Mariner contains -# in the hardening flags and all direct calls to "ld" were crashing. -sed -i -E "s/(LDFLAGS-MASK.*:= -Wl,%)/\1 -specs=%/" scripts/nmk/scripts/build.mk -CFLAGS=`echo "$CFLAGS" | sed -e 's,-fstack-protector\S*,,g'` %make_build V=1 WERROR=0 RUNDIR=/run/criu PYTHON=%{py_binary} - +# This package calls LD directly without specifying the LTO plugins. Until +# that is fixed, disable LTO. +%define _lto_cflags %{nil} + +# %{?_smp_mflags} does not work +# -fstack-protector breaks build +LDFLAGS='-Wl,-z,relro -Wl,--as-needed -Wl,-z,now ' +export LDFLAGS +make V=1 WERROR=0 PREFIX=%{_prefix} RUNDIR=/run/criu PYTHON=%{py_binary} PLUGINDIR=%{_libdir}/criu NETWORK_LOCK_DEFAULT=NETWORK_LOCK_NFTABLES +make V=1 WERROR=0 PREFIX=%{_prefix} PLUGINDIR=%{_libdir}/criu amdgpu_plugin make docs V=1 - %install -make install-criu DESTDIR=$RPM_BUILD_ROOT PREFIX=%{_prefix} LIBDIR=%{_libdir} -make install-lib DESTDIR=$RPM_BUILD_ROOT PREFIX=%{_prefix} LIBDIR=%{_libdir} PYTHON=%{py_binary} - -# only install documentation on Fedora as it requires asciidoc, -# which is not available on RHEL7 +sed -e "s,--upgrade --ignore-installed,--no-index --no-deps -v --no-build-isolation,g" -i lib/Makefile -i crit/Makefile +make install-criu DESTDIR=$RPM_BUILD_ROOT PREFIX=%{_prefix} LIBDIR=%{_libdir} BINDIR=%{_bindir} SBINDIR=%{_sbindir} +make install-lib DESTDIR=$RPM_BUILD_ROOT PREFIX=%{_prefix} LIBDIR=%{_libdir} PYTHON=%{py_binary} PIPFLAGS="--no-build-isolation --no-index --no-deps --progress-bar off --upgrade --ignore-installed" +make install-amdgpu_plugin DESTDIR=$RPM_BUILD_ROOT PREFIX=%{_prefix} LIBDIR=%{_libdir} PLUGINDIR=%{_libdir}/criu +make install-cuda_plugin DESTDIR=$RPM_BUILD_ROOT PREFIX=%{_prefix} LIBDIR=%{_libdir} PLUGINDIR=%{_libdir}/criu +make install-crit DESTDIR=$RPM_BUILD_ROOT PREFIX=%{_prefix} LIBDIR=%{_libdir} BINDIR=%{_bindir} SBINDIR=%{_sbindir} PYTHON=%{py_binary} PIPFLAGS="--no-build-isolation --no-index --no-deps --progress-bar off --upgrade --ignore-installed" make install-man DESTDIR=$RPM_BUILD_ROOT PREFIX=%{_prefix} LIBDIR=%{_libdir} - - - - - - +rm -f $RPM_BUILD_ROOT%{_mandir}/man1/compel.1 + mkdir -p %{buildroot}%{_tmpfilesdir} -install -m 0644 %{SOURCE4} %{buildroot}%{_tmpfilesdir}/%{name}.conf +install -m 0644 %{SOURCE5} %{buildroot}%{_tmpfilesdir}/%{name}.conf install -d -m 0755 %{buildroot}/run/%{name}/ -%if 0%{?rhel} -# remove devel and libs packages -rm -rf $RPM_BUILD_ROOT%{_includedir}/criu -rm $RPM_BUILD_ROOT%{_libdir}/*.so* -rm -rf $RPM_BUILD_ROOT%{_libdir}/pkgconfig -rm -rf $RPM_BUILD_ROOT%{_libexecdir}/%{name} -%endif - -# remove static lib -rm -f $RPM_BUILD_ROOT%{_libdir}/libcriu.a - %files +%license COPYING +%doc README.md %{_sbindir}/%{name} %doc %{_mandir}/man8/criu.8* -%doc %{_mandir}/man1/compel.1* - %{_libexecdir}/%{name} - %dir /run/%{name} %{_tmpfilesdir}/%{name}.conf -%doc README.md COPYING %files devel @@ -170,23 +158,37 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/libcriu.a %files libs %{_libdir}/*.so.* - - +%{_libdir}/*.a + +%files amdgpu-plugin +%{_libdir}/%{name}/amdgpu_plugin.so +%doc %{_mandir}/man1/criu-amdgpu-plugin.1* + +%files cuda-plugin +%{_libdir}/%{name}/cuda_plugin.so +%doc plugins/cuda/README.md + %files -n %{py_prefix}-%{name} -%if 0%{?rhel} && 0%{?rhel} <= 7 -%{python2_sitelib}/pycriu/* -%{python2_sitelib}/*egg-info -%else -%{python3_sitelib}/pycriu/* -%{python3_sitelib}/*egg-info -%endif - +%{python3_sitelib}/pycriu* + %files -n crit %{_bindir}/crit +%{python3_sitelib}/crit-%{version}.dist-info/ +%{python3_sitelib}/crit %doc %{_mandir}/man1/crit.1* + +%files -n criu-ns +%{_sbindir}/criu-ns +%doc %{_mandir}/man1/criu-ns.1* +%post +%tmpfiles_create %{name}.conf %changelog +* Fri Nov 07 2025 Sandeep Karambelkar - 4.1.1-1 +- Upgrade to 4.1.1 ref from Fedora 42 +- License verified + * Tue Sep 21 2021 Pawel Winogrodzki - 3.15-3 - Added a patch to fix build errors by unifying struct names across the source code. - Removed the "-fstack-protector" flag breaking the build. diff --git a/SPECS-EXTENDED/crun/crun.signatures.json b/SPECS-EXTENDED/crun/crun.signatures.json new file mode 100644 index 00000000000..a3a523b62ed --- /dev/null +++ b/SPECS-EXTENDED/crun/crun.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "crun-1.24.tar.gz": "90b6e33a6400ba5355eed6efc46a4c890e48e6c96d99d2bbc7fe92803bdfce52" + } +} \ No newline at end of file diff --git a/SPECS-EXTENDED/crun/crun.spec b/SPECS-EXTENDED/crun/crun.spec new file mode 100644 index 00000000000..a39ba637862 --- /dev/null +++ b/SPECS-EXTENDED/crun/crun.spec @@ -0,0 +1,186 @@ +%global krun_opts %{nil} +%global wasmedge_opts %{nil} +%global yajl_opts %{nil} + +%if %{defined copr_username} +%define copr_build 1 +%endif + +# krun and wasm support not yet provided in azurelinux +%global yajl_opts --enable-embedded-yajl + +Summary: OCI runtime written in C +Name: crun +Version: 1.24 +Release: 1%{?dist} +Vendor: Microsoft Corporation +Distribution: Azure Linux +URL: https://github.com/containers/%{name} +Source0: %{url}/releases/download/%{version}/%{name}-%{version}.tar.gz +License: GPL-2.0-only +BuildRequires: autoconf +BuildRequires: automake +BuildRequires: gcc +BuildRequires: git-core +BuildRequires: gperf +BuildRequires: libcap-devel + +%if %{defined krun_support} +BuildRequires: libkrun-devel +%endif + +BuildRequires: systemd-devel + +%if %{defined system_yajl} +BuildRequires: yajl-devel +%endif + +BuildRequires: libseccomp-devel +#BuildRequires: python3-libmount +BuildRequires: libtool +BuildRequires: protobuf-c-devel +BuildRequires: criu-devel >= 3.17.1-2 +Recommends: criu >= 3.17.1 +Recommends: criu-libs + +%if %{defined wasmedge_support} +BuildRequires: wasmedge-devel +%endif + +BuildRequires: python +BuildRequires: glibc-static >= 2.38-16%{?dist} +Provides: oci-runtime + +%description +%{name} is a OCI runtime + +%if %{defined krun_support} +%package krun +Summary: %{name} with libkrun support +Requires: libkrun +Requires: %{name} = %{?epoch:%{epoch}:}%{version}-%{release} +Provides: krun = %{?epoch:%{epoch}:}%{version}-%{release} + +%description krun +krun is a symlink to the %{name} binary, with libkrun as an additional dependency. +%endif + +%if %{defined wasm_support} +%package wasm +Summary: %{name} with wasm support +Requires: %{name} = %{?epoch:%{epoch}:}%{version}-%{release} +# wasm packages are not present on RHEL yet and are currently a PITA to test +# Best to only include wasmedge as weak dep on rhel +%if %{defined fedora} +Requires: wasm-library +%endif +Recommends: wasmedge + +%description wasm +%{name}-wasm is a symlink to the %{name} binary, with wasm as an additional dependency. +%endif + +%prep +%autosetup -p1 -n %{name}-%{version} + +%build +./autogen.sh +./configure --disable-silent-rules %{krun_opts} %{wasmedge_opts} %{yajl_opts} +%make_build + +%install +%make_install prefix=%{_prefix} +rm -rf %{buildroot}%{_prefix}/lib* + +# Placeholder check to silence rpmlint +%check + +%files +%license COPYING +%{_bindir}/%{name} +%{_mandir}/man1/%{name}.1.gz + +%if %{defined krun_support} +%files krun +%license COPYING +%{_bindir}/krun +%{_mandir}/man1/krun.1.gz +%endif + +%if %{defined wasm_support} +%files wasm +%license COPYING +%{_bindir}/%{name}-wasm +%endif + +%changelog +* Fri Nov 07 2025 Sandeep Karambelkar - 1.24-1 +- Initial Azure Linux import from Fedora 42 (license: MIT). +- Modified for building in azurelinux +- License verified + +* Thu Jul 31 2025 Packit - 1.23.1-1 +- Update to 1.23.1 upstream release + +* Thu Jul 24 2025 Packit - 1.23-1 +- Update to 1.23 upstream release + +* Fri Jun 27 2025 Packit - 1.22-1 +- Update to 1.22 upstream release + +* Fri Mar 28 2025 Packit - 1.21-1 +- Update to 1.21 upstream release + +* Mon Feb 10 2025 Lokesh Mandvekar - 1.20-2 +- fix gating config + +* Wed Feb 05 2025 Packit - 1.20-1 +- Update to 1.20 upstream release + +* Thu Jan 16 2025 Fedora Release Engineering - 1.19.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + +* Wed Jan 15 2025 Lokesh Mandvekar - 1.19.1-3 +- TMT: use prepare conditionals + +* Thu Dec 26 2024 Lokesh Mandvekar - 1.19.1-2 +- TMT: sync tests from upstream + +* Tue Dec 17 2024 Packit - 1.19.1-1 +- Update to 1.19.1 upstream release + +* Fri Dec 06 2024 Packit - 1.19-1 +- Update to 1.19 upstream release + +* Thu Oct 31 2024 Packit - 1.18.2-1 +- Update to 1.18.2 upstream release + +* Wed Oct 30 2024 Packit - 1.18.1-1 +- Update to 1.18.1 upstream release + +* Tue Oct 22 2024 Packit - 1.18-1 +- Update to 1.18 upstream release + +* Mon Oct 21 2024 Yaakov Selkowitz - 1.17-3 +- Use embedded yajl in RHEL builds + +* Thu Sep 26 2024 David Abdurachmanov - 1.17-2 +- Disable criu support on riscv64 + +* Tue Sep 10 2024 Lokesh Mandvekar - 1.17-1 +- bump to 1.17 + +* Wed Jul 17 2024 Fedora Release Engineering - 1.15-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Thu May 02 2024 Packit - 1.15-1 +- Update to 1.15 upstream release + +* Wed Mar 27 2024 Lokesh Mandvekar - 1.14.4-5 +- wasmedge should stay enabled for official fedora + +* Wed Mar 27 2024 Lokesh Mandvekar - 1.14.4-4 +- remove eln macro + +* Tue Mar 05 2024 Giuseppe Scrivano - 1.14.4-3 +- Revert "Add riscv64 support." diff --git a/SPECS-EXTENDED/podman/podman.spec b/SPECS-EXTENDED/podman/podman.spec index f5773c60a8e..32e407c9e79 100644 --- a/SPECS-EXTENDED/podman/podman.spec +++ b/SPECS-EXTENDED/podman/podman.spec @@ -68,7 +68,7 @@ BuildRequires: ostree-devel BuildRequires: systemd BuildRequires: systemd-devel Requires: catatonit -Requires: conmon >= 2:2.1.7-2 +Requires: conmon >= 2.1.7-2 Requires: libcontainers-common Provides: %{name}-quadlet = %{epoch}:%{version}-%{release} @@ -89,6 +89,7 @@ Summary: Emulate Docker CLI using %{name} BuildArch: noarch Requires: %{name} = %{epoch}:%{version}-%{release} Conflicts: docker +Conflicts: docker-cli Conflicts: docker-latest Conflicts: docker-ce Conflicts: docker-ee @@ -114,6 +115,8 @@ Requires: slirp4netns Requires: buildah Requires: gnupg Requires: xfsprogs +Requires: crun +Requires: netavark %description tests %{summary} diff --git a/SPECS/kubevirt/kubevirt.spec b/SPECS/kubevirt/kubevirt.spec index 6bd6fd3741a..d010ff0a055 100644 --- a/SPECS/kubevirt/kubevirt.spec +++ b/SPECS/kubevirt/kubevirt.spec @@ -269,9 +269,12 @@ install -p -m 0644 cmd/virt-launcher/qemu.conf %{buildroot}%{_datadir}/kube-virt %{_bindir}/virt-tests %changelog +<<<<<<< HEAD +======= * Thu Nov 27 2025 Aditya Singh - 1.5.3-3 - Added patch for CVE-2025-64435. +>>>>>>> 3.0-dev * Mon Nov 24 2025 Andrew Phelps - 1.5.3-2 - Bump to rebuild with updated glibc diff --git a/SPECS/util-linux/util-linux.spec b/SPECS/util-linux/util-linux.spec index 349c9d6263a..f24f57c5ba4 100644 --- a/SPECS/util-linux/util-linux.spec +++ b/SPECS/util-linux/util-linux.spec @@ -1,8 +1,11 @@ +%global pypkg python3 +%global pyver 3 + %define majminorver %(echo %{version} | cut -d. -f1-2) Summary: Utilities for file systems, consoles, partitions, and messages Name: util-linux Version: 2.40.2 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Vendor: Microsoft Corporation Distribution: Azure Linux @@ -63,6 +66,17 @@ Group: Development/Libraries %description libs These are library files of util-linux. +%package -n %{pypkg}-libmount +Summary: Python bindings for the libmount library +Requires: %{name}-libs = %{version}-%{release} +License: LGPL-2.1-or-later + +%description -n %{pypkg}-libmount +The libmount-python package contains a module that permits applications +written in the Python programming language to use the interface +supplied by the libmount library to work with mount tables (fstab, +mountinfo, etc) and mount filesystems. + %prep %autosetup -p1 sed -i -e 's@etc/adjtime@var/lib/hwclock/adjtime@g' $(grep -rl '%{_sysconfdir}/adjtime' .) @@ -78,7 +92,7 @@ autoreconf -fi --disable-static \ --disable-use-tty-group \ --disable-liblastlog2 \ - --without-python \ + --with-python=%{pyver} \ --with-selinux \ --with-audit make %{?_smp_mflags} @@ -143,6 +157,10 @@ rm -rf %{buildroot}/lib/systemd/system /lib/libsmartcols.so.* /lib/libfdisk.so.* +%files -n %{pypkg}-libmount +%license Documentation/licenses/COPYING.LGPL-2.1-or-later +%{_libdir}/python*/site-packages/libmount/ + %files devel %defattr(-,root,root) %license Documentation/licenses/COPYING.LGPL-2.1-or-later libsmartcols/COPYING @@ -152,6 +170,10 @@ rm -rf %{buildroot}/lib/systemd/system %{_mandir}/man3/* %changelog +* Mon Nov 10 2025 Sandeep Karambelkar - 2.40.2-2 +- Compiled with python +- Added the package python3-libmount + * Wed Sep 18 2024 Vince Perri - 2.40.2-1 - Upgrade to 2.40.2: - Added --disable-liblastlog2 to avoid building new liblastlog2 libraries diff --git a/cgmanifest.json b/cgmanifest.json index 4c5fd1c6727..8746825c365 100644 --- a/cgmanifest.json +++ b/cgmanifest.json @@ -2297,8 +2297,18 @@ "type": "other", "other": { "name": "criu", - "version": "3.15", - "downloadUrl": "http://download.openvz.org/criu/criu-3.15.tar.bz2" + "version": "4.1.1", + "downloadUrl": "https://github.com/checkpoint-restore/criu/archive/v4.1.1/criu-4.1.1.tar.gz" + } + } + }, + { + "component": { + "type": "other", + "other": { + "name": "crun", + "version": "1.24", + "downloadUrl": "https://github.com/containers/crun/releases/download/1.24/crun-1.24.tar.gz" } } }, diff --git a/toolkit/resources/manifests/package/pkggen_core_aarch64.txt b/toolkit/resources/manifests/package/pkggen_core_aarch64.txt index 3fce2c3be63..d5ef5a64e09 100644 --- a/toolkit/resources/manifests/package/pkggen_core_aarch64.txt +++ b/toolkit/resources/manifests/package/pkggen_core_aarch64.txt @@ -70,9 +70,9 @@ make-4.4.1-2.azl3.aarch64.rpm patch-2.7.6-9.azl3.aarch64.rpm libcap-ng-0.8.4-1.azl3.aarch64.rpm libcap-ng-devel-0.8.4-1.azl3.aarch64.rpm -util-linux-2.40.2-1.azl3.aarch64.rpm -util-linux-devel-2.40.2-1.azl3.aarch64.rpm -util-linux-libs-2.40.2-1.azl3.aarch64.rpm +util-linux-2.40.2-2.azl3.aarch64.rpm +util-linux-devel-2.40.2-2.azl3.aarch64.rpm +util-linux-libs-2.40.2-2.azl3.aarch64.rpm tar-1.35-2.azl3.aarch64.rpm xz-5.4.4-2.azl3.aarch64.rpm xz-devel-5.4.4-2.azl3.aarch64.rpm diff --git a/toolkit/resources/manifests/package/pkggen_core_x86_64.txt b/toolkit/resources/manifests/package/pkggen_core_x86_64.txt index b5d4a4c0266..06f99d38014 100644 --- a/toolkit/resources/manifests/package/pkggen_core_x86_64.txt +++ b/toolkit/resources/manifests/package/pkggen_core_x86_64.txt @@ -70,9 +70,9 @@ make-4.4.1-2.azl3.x86_64.rpm patch-2.7.6-9.azl3.x86_64.rpm libcap-ng-0.8.4-1.azl3.x86_64.rpm libcap-ng-devel-0.8.4-1.azl3.x86_64.rpm -util-linux-2.40.2-1.azl3.x86_64.rpm -util-linux-devel-2.40.2-1.azl3.x86_64.rpm -util-linux-libs-2.40.2-1.azl3.x86_64.rpm +util-linux-2.40.2-2.azl3.x86_64.rpm +util-linux-devel-2.40.2-2.azl3.x86_64.rpm +util-linux-libs-2.40.2-2.azl3.x86_64.rpm tar-1.35-2.azl3.x86_64.rpm xz-5.4.4-2.azl3.x86_64.rpm xz-devel-5.4.4-2.azl3.x86_64.rpm diff --git a/toolkit/resources/manifests/package/toolchain_aarch64.txt b/toolkit/resources/manifests/package/toolchain_aarch64.txt index 7ea1b70f3e5..6d3bf81a9e5 100644 --- a/toolkit/resources/manifests/package/toolchain_aarch64.txt +++ b/toolkit/resources/manifests/package/toolchain_aarch64.txt @@ -542,6 +542,7 @@ python3-flit-core-3.9.0-1.azl3.noarch.rpm python3-gpg-1.23.2-2.azl3.aarch64.rpm python3-jinja2-3.1.2-3.azl3.noarch.rpm python3-libcap-ng-0.8.4-1.azl3.aarch64.rpm +python3-libmount-2.40.2-2.azl3.aarch64.rpm python3-libs-3.12.9-6.azl3.aarch64.rpm python3-libxml2-2.11.5-7.azl3.aarch64.rpm python3-lxml-4.9.3-1.azl3.aarch64.rpm @@ -598,11 +599,11 @@ texinfo-7.0.3-1.azl3.aarch64.rpm texinfo-debuginfo-7.0.3-1.azl3.aarch64.rpm unzip-6.0-22.azl3.aarch64.rpm unzip-debuginfo-6.0-22.azl3.aarch64.rpm -util-linux-2.40.2-1.azl3.aarch64.rpm -util-linux-debuginfo-2.40.2-1.azl3.aarch64.rpm -util-linux-devel-2.40.2-1.azl3.aarch64.rpm -util-linux-lang-2.40.2-1.azl3.aarch64.rpm -util-linux-libs-2.40.2-1.azl3.aarch64.rpm +util-linux-2.40.2-2.azl3.aarch64.rpm +util-linux-debuginfo-2.40.2-2.azl3.aarch64.rpm +util-linux-devel-2.40.2-2.azl3.aarch64.rpm +util-linux-lang-2.40.2-2.azl3.aarch64.rpm +util-linux-libs-2.40.2-2.azl3.aarch64.rpm which-2.21-8.azl3.aarch64.rpm which-debuginfo-2.21-8.azl3.aarch64.rpm xz-5.4.4-2.azl3.aarch64.rpm diff --git a/toolkit/resources/manifests/package/toolchain_x86_64.txt b/toolkit/resources/manifests/package/toolchain_x86_64.txt index a529d95a088..df6b2723deb 100644 --- a/toolkit/resources/manifests/package/toolchain_x86_64.txt +++ b/toolkit/resources/manifests/package/toolchain_x86_64.txt @@ -550,6 +550,7 @@ python3-flit-core-3.9.0-1.azl3.noarch.rpm python3-gpg-1.23.2-2.azl3.x86_64.rpm python3-jinja2-3.1.2-3.azl3.noarch.rpm python3-libcap-ng-0.8.4-1.azl3.x86_64.rpm +python3-libmount-2.40.2-2.azl3.x86_64.rpm python3-libs-3.12.9-6.azl3.x86_64.rpm python3-libxml2-2.11.5-7.azl3.x86_64.rpm python3-lxml-4.9.3-1.azl3.x86_64.rpm @@ -606,11 +607,11 @@ texinfo-7.0.3-1.azl3.x86_64.rpm texinfo-debuginfo-7.0.3-1.azl3.x86_64.rpm unzip-6.0-22.azl3.x86_64.rpm unzip-debuginfo-6.0-22.azl3.x86_64.rpm -util-linux-2.40.2-1.azl3.x86_64.rpm -util-linux-debuginfo-2.40.2-1.azl3.x86_64.rpm -util-linux-devel-2.40.2-1.azl3.x86_64.rpm -util-linux-lang-2.40.2-1.azl3.x86_64.rpm -util-linux-libs-2.40.2-1.azl3.x86_64.rpm +util-linux-2.40.2-2.azl3.x86_64.rpm +util-linux-debuginfo-2.40.2-2.azl3.x86_64.rpm +util-linux-devel-2.40.2-2.azl3.x86_64.rpm +util-linux-lang-2.40.2-2.azl3.x86_64.rpm +util-linux-libs-2.40.2-2.azl3.x86_64.rpm which-2.21-8.azl3.x86_64.rpm which-debuginfo-2.21-8.azl3.x86_64.rpm xz-5.4.4-2.azl3.x86_64.rpm