diff --git a/VERSION-openeuler b/VERSION-openeuler index 58ea706..c7fdce6 100644 --- a/VERSION-openeuler +++ b/VERSION-openeuler @@ -1 +1 @@ -0.9.6-4 +0.9.6-5 diff --git a/git-commit b/git-commit index 1ddb98c..9ddc646 100644 --- a/git-commit +++ b/git-commit @@ -1 +1 @@ -505d5b5e92ce12031f2c253bc850a2692fb25e7f +72af9798974345d587fe8f3ea2c121adc1696651 diff --git a/isula-build.spec b/isula-build.spec index 8d75140..594ea68 100644 --- a/isula-build.spec +++ b/isula-build.spec @@ -2,7 +2,7 @@ Name: isula-build Version: 0.9.6 -Release: 4 +Release: 5 Summary: A tool to build container images License: Mulan PSL V2 URL: https://gitee.com/openeuler/isula-build @@ -85,6 +85,12 @@ fi /usr/share/bash-completion/completions/isula-build %changelog +* Thu Jan 13 2022 DCCooper <1866858@gmail.com> - 0.9.6-5 +- Type:enhancement +- CVE:NA +- SUG:restart +- DESC:add syscall "statx" in seccomp + * Fri Dec 31 2021 jingxiaolu - 0.9.6-4 - Type:enhancement - CVE:NA diff --git a/patch/0100-Add-syscall-statx-in-seccomp-to-fix-Operation-not-pe.patch b/patch/0100-Add-syscall-statx-in-seccomp-to-fix-Operation-not-pe.patch new file mode 100644 index 0000000..b1e3003 --- /dev/null +++ b/patch/0100-Add-syscall-statx-in-seccomp-to-fix-Operation-not-pe.patch @@ -0,0 +1,25 @@ +From f4d69303103c5b043a104d8eb7361ce6f5848a02 Mon Sep 17 00:00:00 2001 +From: DCCooper <1866858@gmail.com> +Date: Thu, 13 Jan 2022 16:54:24 +0800 +Subject: [PATCH] Add syscall "statx" in seccomp to fix Operation not permitted + +Signed-off-by: DCCooper <1866858@gmail.com> +--- + .../opencontainers/runtime-tools/generate/seccomp/seccomp_default.go | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/vendor/github.com/opencontainers/runtime-tools/generate/seccomp/seccomp_default.go b/vendor/github.com/opencontainers/runtime-tools/generate/seccomp/seccomp_default.go +index 5fee5a3..fd16b6c 100644 +--- a/vendor/github.com/opencontainers/runtime-tools/generate/seccomp/seccomp_default.go ++++ b/vendor/github.com/opencontainers/runtime-tools/generate/seccomp/seccomp_default.go +@@ -303,6 +303,7 @@ func DefaultProfile(rs *specs.Spec) *rspec.LinuxSeccomp { + "stat64", + "statfs", + "statfs64", ++ "statx", + "symlink", + "symlinkat", + "sync", +-- +1.8.3.1 + diff --git a/series.conf b/series.conf index 125a78e..1865fe5 100644 --- a/series.conf +++ b/series.conf @@ -8,3 +8,4 @@ patch/0096-fix-some-little-mistakes-in-manual_zh.md.patch patch/0097-fix-the-message-is-not-rational-when-not-appoint-Doc.patch patch/0098-utils-remove-unused-PBKDF2-and-AES-related.patch patch/0099-Refactor-refactor-image-separator-related.patch +patch/0100-Add-syscall-statx-in-seccomp-to-fix-Operation-not-pe.patch