runc:modify and complement patch information
This commit is contained in:
zhongjiawei
parent
3b4936397d
commit
d5a90ae6a3
@ -1 +1 @@
|
||||
90276301321bbf6ef9a2ea85b06d3e2cf0ccb7bd
|
||||
d35711ce9c5492f1455036424a306c2a5b2d3735
|
||||
|
||||
@ -1,8 +1,12 @@
|
||||
From 37103dc157e2946d688e8076b5b500ac11403863 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 24 Jul 2023 15:30:32 +0800
|
||||
From: yangshukui <yangshukui@huawei.com>
|
||||
Date: Tue, 18 Apr 2017 19:35:30 +0800
|
||||
Subject: [PATCH] runc:add timeout for syscall.Exec
|
||||
|
||||
Openat will be blocked until the fifo on the other side is opened, but in some
|
||||
abnomal scenario(e.g. containerd is killed), Openat maybe be blocked all the time.
|
||||
|
||||
Signed-off-by: yangshukui <yangshukui@huawei.com>
|
||||
---
|
||||
libcontainer/standard_init_linux.go | 29 ++++++++++++++++++++++-------
|
||||
1 file changed, 22 insertions(+), 7 deletions(-)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
From 4af918d51e8cca1da7780b1fe7419f22077fb9fe Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 24 Jul 2023 15:55:56 +0800
|
||||
From: Deng Guangxing <dengguangxing@huawei.com>
|
||||
Date: Wed, 6 Sep 2017 15:04:47 +0800
|
||||
Subject: [PATCH] runc: update state eariler to avoid cgroup leak when process
|
||||
failed
|
||||
|
||||
|
||||
@ -1,8 +1,13 @@
|
||||
From 6cb95facf78e07863b671adf6f3073101babe896 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 24 Jul 2023 16:12:50 +0800
|
||||
From: dengguangxing <dengguangxing@huawei.com>
|
||||
Date: Thu, 18 Jan 2018 11:47:04 +0800
|
||||
Subject: [PATCH] runc: print cgroup info if cpuset missing occurs
|
||||
|
||||
[Changelog]: print cgroup info if cpuset missing occurs
|
||||
[Author]:Shukui Yang
|
||||
|
||||
Change-Id: I3f8af2b57b441f5f2b4d38cb89d6826a7f24e24b
|
||||
Signed-off-by: dengguangxing <dengguangxing@huawei.com>
|
||||
---
|
||||
libcontainer/cgroups/fs/cpuset.go | 22 ++++++++++++++++++++++
|
||||
1 file changed, 22 insertions(+)
|
||||
|
||||
@ -1,8 +1,13 @@
|
||||
From 2795e097bcd1842e750abf3af22a5ee69a702400 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 24 Jul 2023 16:16:50 +0800
|
||||
From: dengguangxing <dengguangxing@huawei.com>
|
||||
Date: Mon, 22 Jan 2018 20:27:37 +0800
|
||||
Subject: [PATCH] runc: add more specific log for hooks
|
||||
|
||||
[Changelog]: add more specific log for hooks
|
||||
[Author]:Shukui Yang
|
||||
|
||||
Change-Id: I317232b42a5fd6bc16773fe4aa0a376d8b9b6806
|
||||
Signed-off-by: dengguangxing <dengguangxing@huawei.com>
|
||||
---
|
||||
libcontainer/configs/config.go | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
@ -1,8 +1,13 @@
|
||||
From d055603a252ab9cf6b36b5369045ebf4a384c5b8 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 24 Jul 2023 16:27:44 +0800
|
||||
From: liruilin4 <liruilin4@huawei.com>
|
||||
Date: Mon, 9 Jul 2018 12:02:33 +0800
|
||||
Subject: [PATCH] runc: reduce max number of retries to 10
|
||||
|
||||
[Changelog]:when killing containers in D state, now runc will do
|
||||
100 retries, which leads that containerd blocks for 10 seconds.
|
||||
[Author]:Ruilin Li
|
||||
|
||||
Change-Id: I1e08ef23ad065f5e3b88506726530187d2ccc797
|
||||
---
|
||||
delete.go | 4 ++--
|
||||
init.go | 2 ++
|
||||
|
||||
@ -1,8 +1,11 @@
|
||||
From 5516836a74e12756161cd3a6ef7e05c7e89c378c Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 24 Jul 2023 16:40:27 +0800
|
||||
From: panwenxiang <panwenxiang@huawei.com>
|
||||
Date: Wed, 22 Aug 2018 17:06:01 +0800
|
||||
Subject: [PATCH] runc: ignore exec.fifo removing not exist error
|
||||
|
||||
[Changelog]:cherry-pick from vtwrse <4af7ee1635962fe3bd86ac87064fdcd7e60c1135>
|
||||
Change-Id: I34a30672fb92c974965b3a53cfb8ccc75932e6d8
|
||||
Signed-off-by: jiangpengfei9 <jiangpengfei9@huawei.com>
|
||||
---
|
||||
libcontainer/container_linux.go | 5 ++++-
|
||||
1 file changed, 4 insertions(+), 1 deletion(-)
|
||||
|
||||
@ -1,8 +1,16 @@
|
||||
From becb372e9a80ba49dd742f130478e93f17e27329 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 24 Jul 2023 16:48:05 +0800
|
||||
From: yangshukui <yangshukui@huawei.com>
|
||||
Date: Mon, 18 Sep 2017 17:25:30 +0800
|
||||
Subject: [PATCH] runc:Add file fds limit
|
||||
|
||||
With the patch(https://lwn.net/Articles/604129/),we can limit the
|
||||
num of open files in container.
|
||||
Conflicts:
|
||||
events.go
|
||||
vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
|
||||
|
||||
Change-Id: I8264c0dd398227ebbd95b7dd9dae4688d76dee9b
|
||||
Signed-off-by: yangshukui <yangshukui@huawei.com>
|
||||
---
|
||||
events.go | 3 +
|
||||
libcontainer/cgroups/fs/files.go | 79 +++++++++++++++++++
|
||||
|
||||
@ -1,8 +1,16 @@
|
||||
From 10536f71def2026279285999779023d98f505e56 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 24 Jul 2023 17:20:38 +0800
|
||||
From: panwenxing <panwenxing@huawei.com>
|
||||
Date: Fri, 19 Oct 2018 15:00:34 +0800
|
||||
Subject: [PATCH] runc: runc logs forwarding to syslog
|
||||
|
||||
reason:runc logs forwarding to syslog and using the config "--log-level" to control the number of logs
|
||||
|
||||
Change-Id: Ia93f6f5c56131ea8558c4b7b7e5c4bec827a1bad
|
||||
|
||||
Conflicts:
|
||||
libcontainer/container_linux.go
|
||||
libcontainer/process_linux.go
|
||||
libcontainer/state_linux.go
|
||||
---
|
||||
create.go | 2 +-
|
||||
libcontainer/configs/config.go | 70 +++++++++---
|
||||
|
||||
@ -1,9 +1,19 @@
|
||||
From 0d04d291e8b9dcee0fcdf4b757e41d0e77b1491f Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 24 Jul 2023 17:25:43 +0800
|
||||
From: zhangsong34 <zhangsong34@huawei.com>
|
||||
Date: Fri, 19 Oct 2018 10:53:33 +0800
|
||||
Subject: [PATCH] runc:support namespaced kernel params can be changed in
|
||||
system container
|
||||
|
||||
reason:support namespaced kernel files can be written in container,
|
||||
when docker run a system container specify '--ns-change-opt' param,
|
||||
net or ipc namespaced kernel params can be changed in this container.
|
||||
|
||||
Conflicts:
|
||||
libcontainer/rootfs_linux.go
|
||||
script/runc-euleros.spec
|
||||
|
||||
Change-Id: I051b274117abd9745a27577e14a23c906ff7cca3
|
||||
Signed-off-by: jingrui <jingrui@huawei.com>
|
||||
---
|
||||
libcontainer/rootfs_linux.go | 26 ++++++++++++++++++++++++++
|
||||
libcontainer/standard_init_linux.go | 7 +++++++
|
||||
|
||||
@ -1,8 +1,12 @@
|
||||
From 8b9b5e2615b1952a062f09476c53ff0a536df1ac Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 24 Jul 2023 19:15:52 +0800
|
||||
From: panwenxing <panwenxing@huawei.com>
|
||||
Date: Sat, 3 Nov 2018 12:42:49 +0800
|
||||
Subject: [PATCH] runc:make hooks log more userful and fix syslog hook bug
|
||||
|
||||
reason:changed some log infomation.
|
||||
|
||||
Change-Id: Ib6cda4b8a0ef3a441c45f6c435fe11430f8eada8
|
||||
Signed-off-by: panwenxiang <panwenxiang@huawei.com>
|
||||
---
|
||||
libcontainer/configs/config.go | 17 ++++++++++++++---
|
||||
main.go | 26 ++++++++++++++++++++++++--
|
||||
|
||||
@ -1,8 +1,14 @@
|
||||
From 8094649c861a0b6ca408caa38611f3e235378206 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 24 Jul 2023 19:25:06 +0800
|
||||
From: zhangsong34 <zhangsong34@huawei.com>
|
||||
Date: Mon, 5 Mar 2018 21:15:15 +0800
|
||||
Subject: [PATCH] runc:do not setup sysctl in runc when userns enable
|
||||
|
||||
reason:when userns enabled, runc will run as normal user, it has
|
||||
no rights to setup sysctl even the ipcns sysctl. let docker-hooks do this job.
|
||||
|
||||
Change-Id: Ia77b8c1bf4255973736f04c0962eae722ed9683e
|
||||
Signed-off-by: gus.gao <gus.gao@huawei.com>
|
||||
Signed-off-by: zhangsong34 <zhangsong34@huawei.com>
|
||||
---
|
||||
libcontainer/standard_init_linux.go | 10 ++++++----
|
||||
1 file changed, 6 insertions(+), 4 deletions(-)
|
||||
|
||||
@ -1,8 +1,13 @@
|
||||
From 3e1db51b4dc547a7c9bfd251357e2661dc773952 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 24 Jul 2023 19:39:28 +0800
|
||||
From: zhangsong34 <zhangsong34@huawei.com>
|
||||
Date: Wed, 30 Jan 2019 15:33:44 +0800
|
||||
Subject: [PATCH] runc: support set seccomp priority
|
||||
|
||||
reason:support set seccomp priority
|
||||
|
||||
Change-Id: I73ea0ca4ce5dc7af975c62b56edbae03f9721e76
|
||||
Signed-off-by: gus.gao <gus.gao@huawei.com>
|
||||
Signed-off-by: zhangsong34 <zhangsong34@huawei.com>
|
||||
---
|
||||
libcontainer/configs/config.go | 1 +
|
||||
libcontainer/seccomp/seccomp_linux.go | 2 +-
|
||||
|
||||
@ -1,8 +1,12 @@
|
||||
From 0cbdce649f9086adc2e8c50734d37c2d31b45234 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Mon, 24 Jul 2023 20:31:00 +0800
|
||||
From: zhangsong34 <zhangsong34@huawei.com>
|
||||
Date: Wed, 13 Mar 2019 15:40:12 +0800
|
||||
Subject: [PATCH] runc:do not kill container if poststart hooks execute failed
|
||||
|
||||
reason:do not kill container if poststart hooks execute failed.
|
||||
|
||||
Change-Id: Ieb1e1e7eeefe4bbd3cdb38fbba5a2a003297a5b3
|
||||
Signed-off-by: zhangsong34 <zhangsong34@huawei.com>
|
||||
---
|
||||
libcontainer/container_linux.go | 5 +----
|
||||
1 file changed, 1 insertion(+), 4 deletions(-)
|
||||
|
||||
@ -1,8 +1,11 @@
|
||||
From 318779ab775bfe878cac0636c9e610b9951e1335 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Tue, 25 Jul 2023 19:53:00 +0800
|
||||
From: zhangsong34 <zhangsong34@huawei.com>
|
||||
Date: Mon, 6 May 2019 19:29:40 +0800
|
||||
Subject: [PATCH] runc:add sysctl kernel.pid_max to whitelist
|
||||
|
||||
reason:add sysctl kernel.pid_max to whitelist
|
||||
|
||||
Signed-off-by: zhangsong34 <zhangsong34@huawei.com>
|
||||
---
|
||||
libcontainer/configs/validate/validator.go | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
@ -1,8 +1,10 @@
|
||||
From d98901af66768560f0e352db72bb32d216aa9040 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Wed, 26 Jul 2023 11:04:05 +0800
|
||||
From: jingrui <jingrui@huawei.com>
|
||||
Date: Mon, 8 Jul 2019 19:49:24 +0800
|
||||
Subject: [PATCH] runc:disable core dump during exec
|
||||
|
||||
Change-Id: If649738854616c1f448a148aef1f2cc414715616
|
||||
Signed-off-by: jingrui <jingrui@huawei.com>
|
||||
---
|
||||
libcontainer/process_linux.go | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
From 92c51d606acb92a5fb58eed2d238ad3cb2c69291 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Wed, 26 Jul 2023 11:11:23 +0800
|
||||
From: xiadanni1 <xiadanni1@huawei.com>
|
||||
Date: Tue, 20 Aug 2019 02:40:45 +0800
|
||||
Subject: [PATCH] runc:fix exec problem caused by libseccomp updating
|
||||
|
||||
reason: libseccomp updating causes runc exec performance
|
||||
|
||||
@ -1,8 +1,14 @@
|
||||
From 436b642d42680fd76903307748df0237e8cd0cd1 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Wed, 26 Jul 2023 11:21:06 +0800
|
||||
From: zhangtianyang <zhangtianyang2@huawei.com>
|
||||
Date: Fri, 18 Oct 2019 19:59:21 +0800
|
||||
Subject: [PATCH] runc:add log message for cgroup file check
|
||||
|
||||
reason:docker report "no such file" when try to write cpuset.mems,
|
||||
not sure weather is deleted or not generated by kernel. so add
|
||||
cgroup file check messages for further maintainance.
|
||||
|
||||
Change-Id: I4c835f62547b0404a9cffeda643fe028f1b4aa0f
|
||||
Signed-off-by: zhangtianyang <zhangtianyang2@huawei.com>
|
||||
---
|
||||
libcontainer/cgroups/file.go | 7 ++++++-
|
||||
libcontainer/cgroups/fs/cpuset.go | 31 +++++++++++++++++++++++--------
|
||||
|
||||
@ -1,8 +1,12 @@
|
||||
From da50f7d9ddf912a6e4ad8714e5aff01e85c09b21 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Wed, 26 Jul 2023 11:37:21 +0800
|
||||
From: Vanient <xiadanni1@huawei.com>
|
||||
Date: Sat, 7 May 2022 09:39:57 +0800
|
||||
Subject: [PATCH] runc:support set cpuset.prefer_cpus using --cpuset-cpus
|
||||
|
||||
we need to set cpuset.prefer_cpus for performance. Using "+" as
|
||||
separator, the cpuset value after separator is the prefer_cpus value.
|
||||
|
||||
Signed-off-by: Vanient <xiadanni1@huawei.com>
|
||||
---
|
||||
libcontainer/cgroups/fs/cpuset.go | 118 +++++++++++++++++++++++++++++-
|
||||
1 file changed, 114 insertions(+), 4 deletions(-)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
From 8071a31f5fd66638bda75d371f62d6df9155b00b Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Wed, 26 Jul 2023 14:18:00 +0800
|
||||
From: Vanient <xiadanni1@huawei.com>
|
||||
Date: Mon, 9 May 2022 20:32:24 +0800
|
||||
Subject: [PATCH] runc:add DT for cpuset.preferred_cpus setting
|
||||
|
||||
---
|
||||
|
||||
@ -1,8 +1,22 @@
|
||||
From 7746fa7839dc6780379cb732c7122efaa07834f7 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
Date: Wed, 26 Jul 2023 15:37:48 +0800
|
||||
From: wangfengtu <wangfentu@huawei.com>
|
||||
Date: Fri, 21 Dec 2018 15:02:16 +0800
|
||||
Subject: [PATCH] runc:support specify umask
|
||||
|
||||
reason:support specify umask.
|
||||
Umask can be 0022 or 0027(default) by specify umask when
|
||||
start container by command `docker create/run` or start
|
||||
daemon by command `dockerd`. For example:
|
||||
$ dockerd --annotation native.umask=normal
|
||||
$ dockerd --annotation native.umask=secure
|
||||
$ docker run --exec-opt native.umask=normal
|
||||
$ docker run --exec-opt native.umask=secure
|
||||
`normal` reparent umask is 0022, `secure`
|
||||
reparent umask is 0027.
|
||||
|
||||
Change-Id: I49166759ad42dca0ac1f9755f85592e93951c249
|
||||
Signed-off-by: lujingxiao <lujingxiao@huawei.com>
|
||||
Signed-off-by: wangfengtu <wangfengtu@huawei.com>
|
||||
---
|
||||
libcontainer/rootfs_linux.go | 6 ++++++
|
||||
libcontainer/setns_init_linux.go | 7 +++++++
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
From 43126d0dca0b76f8c07cff1d09c5fc013d5c3450 Mon Sep 17 00:00:00 2001
|
||||
From: zhongjiawei <zhongjiawei1@huawei.com>
|
||||
From: Kir Kolyshkin <kolyshkin@gmail.com>
|
||||
Date: Wed, 26 Jul 2023 16:52:56 +0800
|
||||
Subject: [PATCH] libct: fix shared pidns detection
|
||||
|
||||
|
||||
10
runc.spec
10
runc.spec
@ -3,7 +3,7 @@
|
||||
|
||||
Name: docker-runc
|
||||
Version: 1.1.8
|
||||
Release: 2
|
||||
Release: 3
|
||||
Summary: runc is a CLI tool for spawning and running containers according to the OCI specification.
|
||||
|
||||
License: ASL 2.0
|
||||
@ -54,7 +54,13 @@ install -p -m 755 runc $RPM_BUILD_ROOT/%{_bindir}/runc
|
||||
%{_bindir}/runc
|
||||
|
||||
%changelog
|
||||
* Wed July 26 2023 vegbir<yangjiaqi16@huawei.com> - 1.1.8-2
|
||||
* Wed Sep 6 2023 zhongjiawei<zhongjiawei1@huawei.com> - 1.1.8-3
|
||||
- Type:bugfix
|
||||
- ID:NA
|
||||
- SUG:NA
|
||||
- DESC:modify and complement patch information
|
||||
|
||||
* Wed July 26 2023 zhongjiawei<zhongjiawei1@huawei.com> - 1.1.8-2
|
||||
- Type:bugfix
|
||||
- ID:NA
|
||||
- SUG:NA
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user