%define gobuild(o:) GO111MODULE=off go build -buildmode pie -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '-Wl,-z,relro -Wl,-z,now -specs=/usr/lib/rpm/generic-hardened-ld '" -a -v -x %{?**}; Name: podman Version: 3.4.4 Release: 2 Summary: A daemonless container engine for managing Containers Epoch: 1 License: ASL 2.0 URL: https://podman.io/ Source0: https://github.com/containers/podman/archive/v3.4.4.tar.gz Source1: https://github.com/containers/dnsname/archive/18822f9a4fb35d1349eb256f4cd2bfd372474d84/dnsname-18822f9.tar.gz Source2: https://github.com/containers/podman-machine-cni/archive/0749884b8d1a455c68da30789e37811ec0809d51/podman-machine-cni-0749884.tar.gz Source3: https://github.com/containers/gvisor-tap-vsock/archive/4ee84d66bd86668f011733d8873989b5862bcd07/gvisor-tap-vsock-4ee84d6.tar.gz Source4: https://github.com/cpuguy83/go-md2man/archive/v1.0.10.tar.gz BuildRequires: golang btrfs-progs-devel glib2-devel glibc-devel glibc-static BuildRequires: gpgme-devel libassuan-devel libgpg-error-devel libseccomp-devel BuildRequires: libselinux-devel ostree-devel pkgconfig make Requires: crun containers-common containernetworking-plugins >= 0.7.3-2 iptables nftables conmon Requires: (container-selinux if selinux-policy) Recommends: %{name}-plugins = %{epoch}:%{version}-%{release} Recommends: slirp4netns catatonit Provides: bundled(golang(github.com/BurntSushi/toml)) = v0.3.1 Provides: bundled(golang(github.com/containernetworking/cni)) = v0.8.0 Provides: bundled(golang(github.com/containernetworking/plugins)) = v0.8.7 Provides: bundled(golang(github.com/containers/image/v5)) = v5.5.2 Provides: bundled(golang(github.com/containers/psgo)) = v1.5.1 Provides: bundled(golang(github.com/containers/storage)) = v1.23.2 Provides: bundled(golang(github.com/coreos/go-systemd/v22)) = v22.1.0 Provides: bundled(golang(github.com/cri-o/ocicni)) = v0.2.0 Provides: bundled(golang(github.com/cyphar/filepath-securejoin)) = v0.2.2 Provides: bundled(golang(github.com/davecgh/go-spew)) = v1.1.1 Provides: bundled(golang(github.com/docker/distribution)) = v2.7.1+incompatible Provides: bundled(golang(github.com/docker/go-connections)) = v0.4.0 Provides: bundled(golang(github.com/docker/go-units)) = v0.4.0 Provides: bundled(golang(github.com/fsnotify/fsnotify)) = v1.4.9 Provides: bundled(golang(github.com/ghodss/yaml)) = v1.0.0 Provides: bundled(golang(github.com/godbus/dbus/v5)) = v5.0.3 Provides: bundled(golang(github.com/google/uuid)) = v1.1.2 Provides: bundled(golang(github.com/gorilla/mux)) = v1.7.4 Provides: bundled(golang(github.com/gorilla/schema)) = v1.2.0 Provides: bundled(golang(github.com/hashicorp/go-multierror)) = v1.1.0 Provides: bundled(golang(github.com/hpcloud/tail)) = v1.0.0 Provides: bundled(golang(github.com/json-iterator/go)) = v1.1.10 Provides: bundled(golang(github.com/onsi/ginkgo)) = v1.14.0 Provides: bundled(golang(github.com/onsi/gomega)) = v1.10.1 Provides: bundled(golang(github.com/opencontainers/go-digest)) = v1.0.0 Provides: bundled(golang(github.com/opencontainers/runtime-tools)) = v0.9.0 Provides: bundled(golang(github.com/opencontainers/selinux)) = v1.6.0 Provides: bundled(golang(github.com/opentracing/opentracing-go)) = v1.2.0 Provides: bundled(golang(github.com/pkg/errors)) = v0.9.1 Provides: bundled(golang(github.com/pmezard/go-difflib)) = v1.0.0 Provides: bundled(golang(github.com/rootless-containers/rootlesskit)) = v0.10.0 Provides: bundled(golang(github.com/sirupsen/logrus)) = v1.6.0 Provides: bundled(golang(github.com/spf13/cobra)) = v0.0.7 Provides: bundled(golang(github.com/spf13/pflag)) = v1.0.5 Provides: bundled(golang(github.com/stretchr/testify)) = v1.6.1 Provides: bundled(golang(github.com/uber/jaeger-client-go)) = v2.25.0+incompatible Provides: bundled(golang(github.com/uber/jaeger-lib)) = v2.2.0+incompatible Provides: bundled(golang(github.com/vishvananda/netlink)) = v1.1.0 Provides: bundled(golang(go.etcd.io/bbolt)) = v1.3.5 Provides: bundled(golang(k8s.io/api)) = v0.18.8 Provides: bundled(golang(k8s.io/apimachinery)) = v0.19.0 Patch1: 0001-Fix-the-invalid-memory-address-reference.patch %description Podman manages the entire container ecosystem which includes pods, containers, container images, and container volumes using the libpod library. %package docker Summary: Docker CLI emulator for podman BuildArch: noarch Requires: %{name} = %{epoch}:%{version}-%{release} Conflicts: docker docker-latest docker-ce docker-ee moby-engine %description docker This package installs a script named docker, which emulates the Docker CLI through podman command. %package tests Summary: Tests for %{name} Requires: %{name} = %{epoch}:%{version}-%{release} Requires: bats Requires: jq Requires: skopeo Requires: nmap-ncat Requires: httpd-tools Requires: openssl Requires: socat Requires: buildah Requires: gnupg %description tests %{summary} This package contains system tests for %{name} %package remote Summary: (Experimental) Remote client for managing %{name} containers %description remote Remote client for managing %{name} containers. This experimental remote client is under heavy development. Please do not run %{name}-remote in production. %{name}-remote uses the version 2 API to connect to a %{name} client to manage pods, containers and container images. %{name}-remote supports ssh connections as well. %package plugins Summary: Plugins for %{name} Requires: dnsmasq Recommends: %{name}-gvproxy = %{epoch}:%{version}-%{release} %description plugins This plugin sets up the use of dnsmasq on a given CNI network so that Pods can resolve each other by name. When configured, the pod and its IP address are added to a network specific hosts file that dnsmasq will read in. Similarly, when a pod is removed from the network, it will remove the entry from the hosts file. Each CNI network will have its own dnsmasq instance. %package gvproxy Summary: Go replacement for libslirp and VPNKit %description gvproxy A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. %package help Summary: Help document for the podman package Conflicts: docker docker-latest docker-ce docker-ee moby-engine %description help Help document for the podman package %prep %autosetup -Sgit -n %{name}-%{version} # untar dnsname tar zxf %{SOURCE1} # untar %%{name}-machine-cni tar zxf %{SOURCE2} # untar %%{name}-gvproxy tar zxf %{SOURCE3} tar -xf %SOURCE4 %build GO_MD2MAN_PATH="$(pwd)%{_bindir}" mkdir -p _buildgo2man/bin $GO_MD2MAN_PATH cd go-md2man-* go build -mod=vendor -o ../_buildgo2man/bin/go-md2man . cp ../_buildgo2man/bin/go-md2man $GO_MD2MAN_PATH/go-md2man export PATH=$GO_MD2MAN_PATH:$PATH cd - %set_build_flags export GO111MODULE=off export GOPATH=$(pwd)/_build:$(pwd) export CGO_CFLAGS=$CFLAGS # These extra flags present in $CFLAGS have been skipped for now as they break the build CGO_CFLAGS=$(echo $CGO_CFLAGS | sed 's/-flto=auto//g') CGO_CFLAGS=$(echo $CGO_CFLAGS | sed 's/-Wp,D_GLIBCXX_ASSERTIONS//g') CGO_CFLAGS=$(echo $CGO_CFLAGS | sed 's/-specs=\/usr\/lib\/rpm\/redhat\/redhat-annobin-cc1//g') %ifarch x86_64 export CGO_CFLAGS+=" -m64 -mtune=generic -fcf-protection=full" %endif mkdir _build pushd _build mkdir -p src/github.com/containers ln -s ../../../../ src/github.com/containers/podman popd ln -s vendor src # build %%{name} export BUILDTAGS="seccomp exclude_graphdriver_devicemapper $(hack/btrfs_installed_tag.sh) $(hack/btrfs_tag.sh) $(hack/libdm_tag.sh) $(hack/selinux_tag.sh) $(hack/systemd_tag.sh)" # build date. FIXME: Makefile uses '/v2/libpod', that doesn't work here? LDFLAGS="-X github.com/containers/podman/libpod/define.buildInfo=$(date +%s)" %gobuild -o bin/%{name} github.com/containers/podman/cmd/%{name} # build %%{name}-remote export BUILDTAGS+=" exclude_graphdriver_btrfs btrfs_noversion remote" %gobuild -o bin/%{name}-remote github.com/containers/podman/cmd/%{name} pushd dnsname-18822f9a4fb35d1349eb256f4cd2bfd372474d84 mkdir _build pushd _build mkdir -p src/github.com/containers ln -s ../../../../ src/github.com/containers/dnsname popd ln -s vendor src export GOPATH=$(pwd)/_build:$(pwd) %gobuild -o bin/dnsname github.com/containers/dnsname/plugins/meta/dnsname popd pushd podman-machine-cni-0749884b8d1a455c68da30789e37811ec0809d51 mkdir _build pushd _build mkdir -p src/github.com/containers ln -s ../../../../ src/github.com/containers/podman-machine-cni popd ln -s vendor src export GOPATH=$(pwd)/_build:$(pwd) %gobuild -o bin/%{name}-machine github.com/containers/podman-machine-cni/plugins/meta/%{name}-machine popd pushd gvisor-tap-vsock-4ee84d66bd86668f011733d8873989b5862bcd07 mkdir _build pushd _build mkdir -p src/github.com/containers ln -s ../../../../ src/github.com/containers/gvisor-tap-vsock popd ln -s vendor src export GOPATH=$(pwd)/_build:$(pwd) %gobuild -o bin/gvproxy github.com/containers/gvisor-tap-vsock/cmd/gvproxy popd BUILDTAGS=$BUILDTAGS make docs docker-docs %install install -dp %{buildroot}%{_unitdir} make PREFIX=%{buildroot}%{_prefix} ETCDIR=%{buildroot}%{_sysconfdir} \ install.bin-nobuild install.man-nobuild install.systemd install.completions install.docker install.docker-docs-nobuild install.remote-nobuild install -Z -m 644 contrib/systemd/auto-update/podman-auto-update.service %{buildroot}%{_userunitdir}/podman-auto-update.service install -Z -m 644 contrib/systemd/auto-update/podman-auto-update.timer %{buildroot}%{_userunitdir}/podman-auto-update.timer install -Z -m 644 contrib/systemd/user/podman.socket %{buildroot}%{_userunitdir}/podman.socket install -Z -m 644 contrib/systemd/user/podman.service %{buildroot}%{_userunitdir}/podman.service install -Z -m 644 contrib/systemd/user/podman-restart.service %{buildroot}%{_userunitdir}/podman-restart.service install -Z -m 644 contrib/systemd/auto-update/podman-auto-update.service %{buildroot}%{_unitdir}/podman-auto-update.service install -Z -m 644 contrib/systemd/auto-update/podman-auto-update.timer %{buildroot}%{_unitdir}/podman-auto-update.timer install -Z -m 644 contrib/systemd/system/podman.socket %{buildroot}%{_unitdir}/podman.socket install -Z -m 644 contrib/systemd/system/podman.service %{buildroot}%{_unitdir}/podman.service install -Z -m 644 contrib/systemd/system/podman-restart.service %{buildroot}%{_unitdir}/podman-restart.service mv pkg/hooks/README.md pkg/hooks/README-hooks.md # install dnsname plugin pushd dnsname-18822f9a4fb35d1349eb256f4cd2bfd372474d84 %{__make} PREFIX=%{_prefix} DESTDIR=%{buildroot} install popd # install machine-cni plugin pushd podman-machine-cni-0749884b8d1a455c68da30789e37811ec0809d51 %{__make} PREFIX=%{_prefix} DESTDIR=%{buildroot} install popd # install gvproxy pushd gvisor-tap-vsock-4ee84d66bd86668f011733d8873989b5862bcd07 install -dp %{buildroot}%{_libexecdir}/%{name} install -p -m0755 bin/gvproxy %{buildroot}%{_libexecdir}/%{name} popd # do not include docker and podman-remote man pages in main package for file in `find %{buildroot}%{_mandir}/man[15] -type f | sed "s,%{buildroot},," | grep -v -e remote -e docker`; do echo "$file*" >> podman.file-list done %global license %doc %files %license LICENSE %doc README.md CONTRIBUTING.md pkg/hooks/README-hooks.md install.md transfer.md %{_bindir}/%{name} %{_datadir}/bash-completion/completions/%{name} %dir %{_datadir}/zsh/site-functions %{_datadir}/zsh/site-functions/_%{name} %dir %{_datadir}/fish/vendor_completions.d %{_datadir}/fish/vendor_completions.d/%{name}.fish %{_unitdir}/%{name}-auto-update.service %{_unitdir}/%{name}-auto-update.timer %{_unitdir}/%{name}.service %{_unitdir}/%{name}.socket %{_unitdir}/%{name}-restart.service %{_userunitdir}/%{name}-auto-update.service %{_userunitdir}/%{name}-auto-update.timer %{_userunitdir}/%{name}.service %{_userunitdir}/%{name}.socket %{_userunitdir}/%{name}-restart.service %{_usr}/lib/tmpfiles.d/%{name}.conf %files docker %{_bindir}/docker %{_usr}/lib/tmpfiles.d/%{name}-docker.conf %files help %{_mandir}/man1/{docker*.1*,podman*.1*} %{_mandir}/man5/*.5* %files remote %license LICENSE %{_bindir}/%{name}-remote %{_mandir}/man1/%{name}-remote*.* %{_datadir}/bash-completion/completions/%{name}-remote %dir %{_datadir}/fish/vendor_completions.d %{_datadir}/fish/vendor_completions.d/%{name}-remote.fish %dir %{_datadir}/zsh/site-functions %{_datadir}/zsh/site-functions/_%{name}-remote %files plugins %license dnsname-18822f9a4fb35d1349eb256f4cd2bfd372474d84/LICENSE %doc dnsname-18822f9a4fb35d1349eb256f4cd2bfd372474d84/{README.md,README_PODMAN.md} %dir %{_libexecdir}/cni %{_libexecdir}/cni/dnsname %{_libexecdir}/cni/%{name}-machine %files gvproxy %license gvisor-tap-vsock-4ee84d66bd86668f011733d8873989b5862bcd07/LICENSE %doc gvisor-tap-vsock-4ee84d66bd86668f011733d8873989b5862bcd07/README.md %dir %{_libexecdir}/%{name} %{_libexecdir}/%{name}/gvproxy %changelog * Tue Jul 26 2022 laokz - 1:3.4.4-2 - remove redundant patch2 * Tue Jul 05 2022 fushanqing - 1:3.4.4-1 - update to 3.4.4 * Thu Apr 14 2022 wangkai - 0.10.1-12 - Fix build error * Fri Jul 30 2021 chenyanpanHW - 0.10.1-11 - DESC: delete -Sgit from %autosetup, and delete BuildRequires git * Wed Mar 31 2021 maminjie - 1:0.10.1-10 - Eat signal 23 in signal proxy - Require container-selinux only when selinux-policy is installed * Sat Mar 13 2021 maminjie - 1:0.10.1-9 - Fix the invalid memory address reference * Wed Mar 3 2021 wangxiao - 1:0.10.1-8 - Fix CVE-2021-20188 * Thu Feb 18 2021 lingsheng - 1:0.10.1-7 - Resolve go-md2man dependency * Mon Feb 8 2021 lingsheng - 1:0.10.1-6 - Change BuildRequires to golang * Sat Jan 9 2021 Shengjing Wei - 1:0.10.1-5 - Fixed podman pull failed with issue I2BF99 * Wed Sep 9 2020 Guoshuai Sun - 1:0.10.1-4 - Add conflicts with docker-engine for help package * Thu Mar 12 2020 Ling Yang - 1:0.10.1-3 - Fixed install fail * Mon Dec 2 2019 shijian - 1:0.10.1-2 - Package init