From 32c785c209ab85d4b56efeda767d871110c3d33e Mon Sep 17 00:00:00 2001 From: zhongjiawei Date: Fri, 9 Jun 2023 11:20:29 +0800 Subject: [PATCH] runc:modify runc make command to satisfy the compile options --- git-commit | 2 +- ...-make-command-to-satisfy-the-compile.patch | 43 +++++++++++++++++++ runc.spec | 8 +++- series.conf | 1 + 4 files changed, 52 insertions(+), 2 deletions(-) create mode 100644 patch/0040-runc-modify-runc-make-command-to-satisfy-the-compile.patch diff --git a/git-commit b/git-commit index 1b8e0d3..cfd2d47 100644 --- a/git-commit +++ b/git-commit @@ -1 +1 @@ -d8a55778488f67c6f7f58db882e43164feda5ca0 +1b26f86af8e3288668d096f778e0d33a0ecfcb03 diff --git a/patch/0040-runc-modify-runc-make-command-to-satisfy-the-compile.patch b/patch/0040-runc-modify-runc-make-command-to-satisfy-the-compile.patch new file mode 100644 index 0000000..d271f82 --- /dev/null +++ b/patch/0040-runc-modify-runc-make-command-to-satisfy-the-compile.patch @@ -0,0 +1,43 @@ +From e6f2993d5dd72e20728512b8829b5e679b1a26a6 Mon Sep 17 00:00:00 2001 +From: zhongjiawei +Date: Thu, 8 Jun 2023 19:16:45 +0800 +Subject: [PATCH] runc:modify runc make command to satisfy the compile options + +--- + Makefile | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/Makefile b/Makefile +index 34b5347d..564ad70a 100644 +--- a/Makefile ++++ b/Makefile +@@ -25,7 +25,7 @@ ifeq ($(shell $(GO) env GOOS),linux) + endif + GO_BUILD := $(GO) build -trimpath $(GO_BUILDMODE) $(EXTRA_FLAGS) -tags "$(BUILDTAGS)" \ + -ldflags "-X main.gitCommit=$(COMMIT) -X main.version=$(VERSION) $(EXTRA_LDFLAGS)" +-GO_BUILD_STATIC := $(GO) build -trimpath $(EXTRA_FLAGS) -tags "$(BUILDTAGS) static_build cgo netgo osusergo" ++GO_BUILD_STATIC := $(GO) build -buildmode=pie -trimpath $(EXTRA_FLAGS) -tags "$(BUILDTAGS) static_build cgo netgo osusergo" + + GPG_KEYID ?= asarai@suse.de + +@@ -41,7 +41,7 @@ recvtty sd-helper seccompagent: + $(GO_BUILD) $(BEP_FLAG) -buildid=IdByIsula -o contrib/cmd/$@/$@ ./contrib/cmd/$@ + + LD_FLAGS='-buildid=none -tmpdir=/tmp/bep-runc -linkmode=external -extldflags=-Wl,-z,relro,-z,now \ +- -extldflags -static -X main.gitCommit=$(COMMIT) -X main.version=$(VERSION) $(EXTRA_LDFLAGS) \ ++ -X main.gitCommit=$(COMMIT) -X main.version=$(VERSION) $(EXTRA_LDFLAGS) \ + ' + + static: +@@ -51,7 +51,7 @@ static: + CGO_CPPFLAGS="-fstack-protector-strong -fPIE -D_FORTIFY_SOURCE=2 -O2" \ + CGO_LDFLAGS_ALLOW='-Wl,-z,relro,-z,now' \ + CGO_LDFLAGS="-Wl,-z,relro,-z,now -Wl,-z,noexecstack" \ +- $(GO_BUILD_STATIC) -buildmode=pie -ldflags $(LD_FLAGS) -o runc . ++ $(GO_BUILD_STATIC) -ldflags '-extldflags=-static' -ldflags $(LD_FLAGS) -o runc . + + releaseall: RELEASE_ARGS := "-a arm64 -a armel -a armhf -a ppc64le -a s390x" + releaseall: release +-- +2.33.0 + diff --git a/runc.spec b/runc.spec index 748a704..f9e0785 100644 --- a/runc.spec +++ b/runc.spec @@ -3,7 +3,7 @@ Name: docker-runc Version: 1.1.3 -Release: 14 +Release: 15 Summary: runc is a CLI tool for spawning and running containers according to the OCI specification. License: ASL 2.0 @@ -58,6 +58,12 @@ install -p -m 755 runc $RPM_BUILD_ROOT/%{_bindir}/runc %{_bindir}/runc %changelog +* Fri Jun 09 2023 zhongjiawei - 1.1.3-15 +- Type:bugfix +- CVE:NA +- SUG:NA +- DESC:modify runc make command to satisfy the compile options + * Mon Apr 3 2023 zhongjiawei - 1.1.3-14 - Type:bugfix - CVE:NA diff --git a/series.conf b/series.conf index e4d2732..ab519b6 100644 --- a/series.conf +++ b/series.conf @@ -35,3 +35,4 @@ patch/0036-runc-libcontainer-skip-chown-of-dev-null-caused-by-fd-red.patch patch/0037-runc-Fixed-init-state-error-variable.patch patch/0038-runc-rootless-fix-sys-fs-cgroup-mounts.patch patch/0039-runc-Prohibit-proc-and-sys-to-be-symlinks.patch +patch/0040-runc-modify-runc-make-command-to-satisfy-the-compile.patch