From 856b5e22c255337ddc591d3a3b00440ad8716a94 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Tue, 16 Apr 2024 18:08:35 +0200 Subject: Adding debian version 4.9.3+ds1-1. Signed-off-by: Daniel Baumann --- debian/.gitlab-ci.yml | 14 + debian/NEWS | 37 + debian/README.Debian | 45 + debian/changelog | 904 +++++++++++++++++++++ debian/clean | 4 + debian/control | 247 ++++++ debian/copyright | 137 ++++ debian/etc/containers/libpod.conf | 149 ++++ .../examples/cni/net.d/87-podman-bridge.conflist | 37 + .../cni/net.d/87-podman-bridge_l2.conflist | 24 + debian/examples/cni/net.d/87-podman-ptp.conflist | 31 + debian/examples/registries.conf | 11 + debian/expand.go | 102 +++ debian/fill.copyright.blanks.yml | 14 + debian/fix.scanned.copyright | 11 + debian/gbp.conf | 4 + .../downgrade-checkpoint-restore-criu.patch | 54 ++ debian/patches/pkg-fileserver-buildtags.patch | 25 + debian/patches/revert-newer-docker.patch | 149 ++++ debian/patches/revert-newer-docker2.patch | 96 +++ debian/patches/series | 6 + debian/patches/sigstore-tests.patch | 40 + debian/patches/system-goimports.patch | 13 + debian/podman-docker.install | 3 + debian/podman-docker.manpages | 1 + debian/podman-remote.bash-completion | 1 + debian/podman-remote.docs | 1 + debian/podman-remote.install | 2 + debian/podman-remote.manpages | 1 + debian/podman.bash-completion | 1 + debian/podman.dirs | 2 + debian/podman.docs | 9 + debian/podman.examples | 2 + debian/podman.install | 11 + debian/podman.links | 3 + debian/podman.manpages | 2 + debian/podman.postinst | 31 + debian/podman.tmpfiles | 1 + debian/rules | 124 +++ debian/source/format | 1 + debian/source/lintian-overrides | 1 + debian/tests/builtin-tests | 18 + debian/tests/control | 16 + debian/upstream/metadata | 5 + debian/watch | 12 + 45 files changed, 2402 insertions(+) create mode 100644 debian/.gitlab-ci.yml create mode 100644 debian/NEWS create mode 100644 debian/README.Debian create mode 100644 debian/changelog create mode 100644 debian/clean create mode 100644 debian/control create mode 100644 debian/copyright create mode 100644 debian/etc/containers/libpod.conf create mode 100644 debian/examples/cni/net.d/87-podman-bridge.conflist create mode 100644 debian/examples/cni/net.d/87-podman-bridge_l2.conflist create mode 100644 debian/examples/cni/net.d/87-podman-ptp.conflist create mode 100644 debian/examples/registries.conf create mode 100644 debian/expand.go create mode 100644 debian/fill.copyright.blanks.yml create mode 100644 debian/fix.scanned.copyright create mode 100644 debian/gbp.conf create mode 100644 debian/patches/downgrade-checkpoint-restore-criu.patch create mode 100644 debian/patches/pkg-fileserver-buildtags.patch create mode 100644 debian/patches/revert-newer-docker.patch create mode 100644 debian/patches/revert-newer-docker2.patch create mode 100644 debian/patches/series create mode 100644 debian/patches/sigstore-tests.patch create mode 100644 debian/patches/system-goimports.patch create mode 100644 debian/podman-docker.install create mode 100644 debian/podman-docker.manpages create mode 120000 debian/podman-remote.bash-completion create mode 100644 debian/podman-remote.docs create mode 100644 debian/podman-remote.install create mode 100644 debian/podman-remote.manpages create mode 120000 debian/podman.bash-completion create mode 100644 debian/podman.dirs create mode 100644 debian/podman.docs create mode 100644 debian/podman.examples create mode 100644 debian/podman.install create mode 100644 debian/podman.links create mode 100644 debian/podman.manpages create mode 100644 debian/podman.postinst create mode 120000 debian/podman.tmpfiles create mode 100755 debian/rules create mode 100644 debian/source/format create mode 100644 debian/source/lintian-overrides create mode 100644 debian/tests/builtin-tests create mode 100644 debian/tests/control create mode 100644 debian/upstream/metadata create mode 100644 debian/watch diff --git a/debian/.gitlab-ci.yml b/debian/.gitlab-ci.yml new file mode 100644 index 0000000..00014e4 --- /dev/null +++ b/debian/.gitlab-ci.yml @@ -0,0 +1,14 @@ +# cf. https://salsa.debian.org/salsa-ci-team/pipeline/ +--- +include: + - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/salsa-ci.yml + - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/pipeline-jobs.yml + +variables: + SALSA_CI_DISABLE_APTLY: 1 + # make pipeline work for experimental, remove when all deps are in unstable + RELEASE: experimental + SALSA_CI_DISABLE_AUTOPKGTEST: 1 + SALSA_CI_DISABLE_REPROTEST: 1 + SALSA_CI_DISABLE_CROSSBUILD_ARM64: 1 + diff --git a/debian/NEWS b/debian/NEWS new file mode 100644 index 0000000..63ececb --- /dev/null +++ b/debian/NEWS @@ -0,0 +1,37 @@ +libpod (4.6.2+ds1-1) unstable; urgency=medium + + Podman 4.6 changes the default storage driver from vfs to overlay. + The overlay driver has been available for some time, but it had to be + enabled explicitly in the Debian version of podman. The overlay driver + is generally much faster and uses less disk space than the vfs driver. + + To take advantage of overlay, it's necessary to delete the local + container storage, destroying any containers you may currently + have. Make sure to save or export any images, containers and volumes + before doing so, or you will lose them! + + Some helpful commands: + + # save the filesystem of a container + podman export -o important-container.tar important_container + # save a volume + podman volume export -o important-volume.tar important_volume + # save all container images + podman save -o images.tar + + # delete ~/.local/share/containers (!!!) + + # check that podman is using the overlay driver (!) + podman info | grep graphDriverName + + # re-import all container images + podman load -i images.tar + # re-import a saved container filesystem as a container image + podman import important-container.tar + # re-import a volume + podman volume import important_volume important-volume.tar + + Notes gracefully provided by Gregor Riepl + + -- Reinhard Tartler Mon, 18 Sep 2023 17:43:52 -0400 + diff --git a/debian/README.Debian b/debian/README.Debian new file mode 100644 index 0000000..82e8137 --- /dev/null +++ b/debian/README.Debian @@ -0,0 +1,45 @@ +Troubleshooting rootless mode +============================= + +> Error processing tar file(exit status 1): there might not be enough IDs +> available in the namespace (requested 0:42 for /etc/gshadow): +> lchown/etc/gshadow: invalid argument + +This probably means that _subuid_ range is not defined in the "/etc/subuid" +file. On up-to-date system subuid/subgid ranges are automatically assigned +when a new user is added (e.g. `adduser {USER}`) but on systems upgraded +from prior Debian releases {USER} created in old environment before upgrade +may not have _subuid_ mapping. + +"usermod" command have "--add-subuids" and "--add-subgids" options but it +does not check "/etc/login.defs" for ranges. +An awkward solution may be to add a new temporary user, apply her ranges to +{USER} (in "/etc/subuid" and in "/etc/subgid") then remove a temporary user +(e.g. `deluser --remove-home {USER}`). + +The following command show the subuids and subgids of the current user: + + grep $USER /etc/s*id + +Configuration +============= + +Podman configuration files are in "/etc/containers". + +Please review "/etc/containers/policy.json" (provided by package "buildah") +and check the corresponding man page for details: + + containers-policy.json(5) + + +Kernel options +============== + +We higly recommended to add "swapaccount=1" to default Linux boot options +(e.g. "/etc/default/grub" :: "GRUB_CMDLINE_LINUX_DEFAULT"). + + sudo dpkg-reconfigure grub-pc + +Then add "swapaccount=1" to "Linux default command line". + + -- Reinhard Tartler , Sun, 28 Jan 2024 07:38:28 -0500 diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..2828261 --- /dev/null +++ b/debian/changelog @@ -0,0 +1,904 @@ +libpod (4.9.3+ds1-1) unstable; urgency=medium + + * New upstream release + + -- Reinhard Tartler Tue, 13 Feb 2024 20:52:08 -0500 + +libpod (4.9.2+ds1-2) unstable; urgency=medium + + * Upload to unstable + + -- Reinhard Tartler Tue, 06 Feb 2024 19:05:37 -0500 + +libpod (4.9.2+ds1-1) experimental; urgency=medium + + * New Upstream release, Closes: #1062529 + - Fixes: CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653. + * Tighten dependencies on containers/{image,common,buildah} + + -- Reinhard Tartler Tue, 06 Feb 2024 11:17:43 -0500 + +libpod (4.9.0+ds1-2) unstable; urgency=medium + + * Upload to unstable + + -- Reinhard Tartler Thu, 25 Jan 2024 06:47:15 -0500 + +libpod (4.9.0+ds1-1) experimental; urgency=medium + + * New upstream release, closes: #1061383 + * Build against buildah 1.33.3 + + -- Reinhard Tartler Tue, 23 Jan 2024 18:14:02 -0500 + +libpod (4.8.3+ds1-2) unstable; urgency=medium + + * Upload to unstable + + -- Reinhard Tartler Sun, 21 Jan 2024 17:27:25 -0500 + +libpod (4.8.3+ds1-1) experimental; urgency=medium + + * New upstream release, Closes: #1057618 + + -- Reinhard Tartler Sun, 21 Jan 2024 08:42:13 -0500 + +libpod (4.7.2+ds1-2) unstable; urgency=medium + + * upload to unstable + + -- Reinhard Tartler Fri, 03 Nov 2023 06:16:15 -0400 + +libpod (4.7.2+ds1-1) experimental; urgency=medium + + [ Faidon Liambotis ] + * Remove a superfluous stanza from d/copyright. + * Drop fuse-overlayfs Suggests, as the kernel overlayfs driver can be used + with rootless containers since Linux v5.13 and is now recommended. + * Remove versioned Depends/Recommends/Breaks for versions that predate + oldstable (bullseye). + * Ship the new podmansh login shell. See podmansh(1) for a detailed + description of this new tool. Note that this is still considered a + technology preview by upstream. + + [ Reinhard Tartler ] + * New upstream release + * Drop all vendored libraries, but a single file that is copied in. + - Fixed https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p + + -- Reinhard Tartler Thu, 02 Nov 2023 17:57:39 -0400 + +libpod (4.7.1+ds4-5) unstable; urgency=medium + + * avoid file conflict with podman-compose + + -- Reinhard Tartler Fri, 27 Oct 2023 14:58:33 -0400 + +libpod (4.7.1+ds4-4) unstable; urgency=medium + + * Upload to unstable + * Build against golang-github-checkpoint-restore-go-criu-dev v6 + * drop patches merged upstream + * drop disable-sigstore.patch + * avoid file conflicts with docker-compose (Closes: #1054460) + + -- Reinhard Tartler Fri, 27 Oct 2023 14:01:53 -0400 + +libpod (4.7.1+ds4-3) experimental; urgency=medium + + * align test invocation with upstream makefile to fix FTBFS + + -- Reinhard Tartler Mon, 23 Oct 2023 09:39:59 -0400 + +libpod (4.7.1+ds4-2) experimental; urgency=medium + + * more reliable way to build podman-machine + + -- Reinhard Tartler Mon, 23 Oct 2023 06:58:01 -0400 + +libpod (4.7.1+ds4-1) experimental; urgency=medium + + * New upstream release (Closes: #1053131) + * Refresh patches + * Tighten dependencies + + -- Reinhard Tartler Mon, 16 Oct 2023 08:37:48 -0400 + +libpod (4.6.2+ds1-4) unstable; urgency=medium + + [ Anthony Fok ] + * [backport] libpod: move oom_score_adj clamp to init + + -- Reinhard Tartler Sun, 22 Oct 2023 17:24:16 -0400 + +libpod (4.6.2+ds1-3) unstable; urgency=medium + + [ Konstantin Demin ] + * [backport] fix mount of cgroup without a netns + + [ Reinhard Tartler ] + * [backport] linux, rootless: clamp oom_score_adj if it is too low + * podman: Add passt as recommends (Closes: #1052449) + + -- Reinhard Tartler Sun, 15 Oct 2023 15:09:22 -0400 + +libpod (4.6.2+ds1-2) unstable; urgency=medium + + * Upload to unstable + * Add migration notes for vfs to overlay migration. Wording provided by: + Gregor Riepl , Closes: #1050993 + + -- Reinhard Tartler Wed, 20 Sep 2023 13:00:37 -0400 + +libpod (4.6.2+ds1-1) experimental; urgency=medium + + * New upstream release. + * Tighten dependencies + * Refresh patches + * drop remove-uber-jaeger-client-go.patch, merged upstream + * add revert-newer-docker2.patch, additional work to avoid dependency + on newer docker + + -- Reinhard Tartler Sun, 17 Sep 2023 10:20:03 -0400 + +libpod (4.5.1+ds1-2) unstable; urgency=medium + + * Upload to unstable + + -- Reinhard Tartler Sat, 09 Sep 2023 18:52:10 -0400 + +libpod (4.5.1+ds1-1) experimental; urgency=medium + + [ Faidon Liambotis ] + * New upstream release. + * Backport an upstream patch from v4.6.0 to remove the uber/jaeger-client-go + dependency, and unvendor the code. + * Add debian/copyright stanzas for the three remaining vendored libraries. + + [ Reinhard Tartler ] + * Upload to experimental + + -- Reinhard Tartler Thu, 07 Sep 2023 18:14:11 -0400 + +libpod (4.5.0+ds2-1) experimental; urgency=medium + + [ Reinhard Tartler ] + * New upstream release + - Prefers overlay storage driver over vfs, Closes: #1050993, 1038414 + - which makes non-standard vfs options unnecessary, Closes: #1002997 + * Install quadlet, Closes: #1034539 + * Move fuse-overlayfs to Suggests, Closes: #1041050 + * Unvendor some additional sources + * Build against vbauerster/mpb8, and drop patch vbauerster_mbp_7 + * Disable ostree support + + [ Faidon Liambotis ] + * Add myself to Uploaders. + * Update long description using upstream's latest verbiage. + * Bump Standards-Version to 4.6.2, no changes needed. + * Drop upstream patches: + - test--skip-issue-17366, as the underlying issue was fixed upstream. + - generate-crash, as it was unused, and a backport of a v4.0 commit. + * Call "make clean" during clean, to clean up generated documentation files + and restore the source tree to its pristine form, Closes: #1045188 + * Install usr/share/user-tmpfiles.d/podman-docker.conf, Closes: #1034026 + * Pass --no-source to dh_auto_build, and re-enable dh_missing + --fail-missing. + * Ship podman-remote's documentation, i.e. the podman-remote.1 manpage and + remote_client.md, in the podman-remote package. + * Ship podman-remote's bash completion. + * Move rootlessport and quadlet from /usr/lib/ to /usr/libexec/. + * Ship an empty /etc/containers/systemd directory, where container files can + be written for the systemd generator (quadlet) to pick them up. + * debian/copyright: + - Update to recent sources and remove obsolete entries and comments. + - Remove stanzas for now un-vendored code. + - Remove unused license stanzas: ISC and BSD-3-clause. + - Update debian/ copyright to latest authors + - Use "podman" in Upstream-Name and Source, to reflect an upstream change. + * debian/upstream/metadata: + - Replace invalid "Homepage" field by Repository/Repository-Browse. + - Add the Changelog field, pointing to the upstream release notes. + * Update debian/watch to point to /tags rather than /releases, as GitHub's + releases page now requires JavaScript. + * Rename the builtin_tests autopkgtest name to builtin-tests, as underscores + are invalid in test names (addresses illegal-runtime-test-name warning). + * Add a debian/gbp.conf config file, allowing to use standardized + git-buildpackage tools to update to newer versions. + * Resort and wrap debian/control using wrap-and-sort -ast. + * Remove unused source-includes-file-in-files-excluded lintian override. + * Add an absolute-symbolic-link-target-in-source lintian override, for the + "containerignore-symlink" e2e test, as that is harmless and clearly + intentional. + + -- Reinhard Tartler Tue, 05 Sep 2023 21:33:43 -0400 + +libpod (4.4.0+ds1-2) experimental; urgency=medium + + [ Norbert Lange ] + * Build and install podman-remote, Closes: #1020540 + + -- Reinhard Tartler Wed, 12 Apr 2023 07:07:55 -0400 + +libpod (4.4.0+ds1-1) experimental; urgency=medium + + * New upstream version + * Disable failing test, cf. https://github.com/containers/podman/issues/17366 + * disable sigstore functionalty, will be reenabled when the packages enters + Debian + * bump dependency on containers/{image,common,buildah} + + -- Reinhard Tartler Sat, 04 Feb 2023 14:31:59 -0500 + +libpod (4.3.1+ds1-8) unstable; urgency=medium + + * [upstream] unbreak using docker as client + * debian/control: tighten dependencies against buildah (Closes: #1034871) + * [upstream] system reset: show graphRoot/runRoot before removal + + -- Reinhard Tartler Sun, 30 Apr 2023 08:19:54 -0400 + +libpod (4.3.1+ds1-7) unstable; urgency=medium + + * [upstream] volume,container: chroot to source before exporting content + (Closes: #1032099), Fixes: CVE-2023-0778 + + -- Reinhard Tartler Mon, 10 Apr 2023 18:39:24 -0400 + +libpod (4.3.1+ds1-6) unstable; urgency=medium + + * Team upload + + [ Reinhard Tartler ] + * Re-enable builtin tests, but mark as flaky + + [ Shengjing Zhu ] + * Replace golang-github-uber-go-atomic-dev with golang-go.uber-atomic-dev + * Drop unused golang-github-{influxdata,hpcloud}-tail-dev in Build-Depends + * Replace golang-ginkgo-dev with golang-github-onsi-ginkgo-dev + + -- Shengjing Zhu Sun, 26 Feb 2023 21:41:30 +0800 + +libpod (4.3.1+ds1-5) unstable; urgency=medium + + * Drop golang-github-containers-libpod-dev + * Add a simple smoketest + + -- Reinhard Tartler Sun, 27 Nov 2022 12:25:39 -0500 + +libpod (4.3.1+ds1-4) unstable; urgency=medium + + * upload to unstable + + -- Reinhard Tartler Thu, 24 Nov 2022 15:35:49 -0500 + +libpod (4.3.1+ds1-3) experimental; urgency=medium + + * debian/rules: make the previous change to build machine/qemu only + on supported architecture actually work + + -- Reinhard Tartler Tue, 22 Nov 2022 17:49:12 -0500 + +libpod (4.3.1+ds1-2) experimental; urgency=medium + + * Build machine/qemu only on amd64, arm64, fixes FTBFS + + -- Reinhard Tartler Mon, 14 Nov 2022 07:33:14 -0500 + +libpod (4.3.1+ds1-1) experimental; urgency=medium + + * New upstream release + - Add container GID to additional groups, + fixes CVE-2022-2989, closes: #1019591 + * Bugfix: Subordinate UID/GID ranges not fetched from libsubid, + Thanks to Sam Morris for the patch, closes: #1019929 + + -- Reinhard Tartler Sun, 13 Nov 2022 12:27:53 -0500 + +libpod (4.2.0+ds1-3) experimental; urgency=medium + + * Force using golang-go to avoid compilation failures with gcc-go + * Confirmed updated components allow podman to work, thanks to + Bastian Blank (Closes: #1012053), and is compiled against a + containers/common that is more mindful regarding foreign-arch + images (Closes: #1009376) + * Confirmed fix: "starting rootless container fails with: can't get final + child's PID from pipe: EOF", code change likely already in 4.1 + thanks to Gabriel Filion (Closes: #1007022). + * Make podman recommend 'dbus-user-session', Closes: #1009747 + + -- Reinhard Tartler Fri, 19 Aug 2022 09:43:54 +0200 + +libpod (4.2.0+ds1-2) experimental; urgency=medium + + * tighten dependency on golang-github-opencontainers-runc-dev + + -- Reinhard Tartler Wed, 17 Aug 2022 18:51:09 +0200 + +libpod (4.2.0+ds1-1) experimental; urgency=medium + + * New upstream release + * drop patches merged upstream + * add distro patch to use system 'goimports' utility + * tighten dependencies + * hooks/docs no longer provides section 5 manpages + + -- Reinhard Tartler Wed, 17 Aug 2022 15:37:36 +0200 + +libpod (4.1.1+ds1-3) experimental; urgency=medium + + * reorganize dependencies for networking stack + + -- Reinhard Tartler Fri, 05 Aug 2022 20:47:56 +0200 + +libpod (4.1.1+ds1-2) experimental; urgency=medium + + * organize GOLANG_EXCLUDES and GOLANG_TEST_EXCLUDES + * add patches fix-test-TestEnvVarValue-NN.patch, fixes + Test failures for !amd64, !arm64 Closes: #1014309 + + -- Reinhard Tartler Mon, 04 Jul 2022 12:07:31 -0400 + +libpod (4.1.1+ds1-1) experimental; urgency=medium + + * New upstream release + + -- Reinhard Tartler Sun, 03 Jul 2022 17:33:34 -0400 + +libpod (4.1.0+ds2-2) experimental; urgency=medium + + * Avoid building podman/pkg/machine/e2e on all architectures + + -- Reinhard Tartler Thu, 19 May 2022 16:31:29 -0400 + +libpod (4.1.0+ds2-1) experimental; urgency=medium + + * New upstream release + + -- Reinhard Tartler Thu, 19 May 2022 06:42:45 -0400 + +libpod (4.0.3+ds1-1) experimental; urgency=medium + + [ Antonio Terceiro ] + * Stop installing systemd socket units under /usr/lib, Closes: #1009374 + + [ Reinhard Tartler ] + * New upstream release + * Skip installation of podman-remote(1), Closes: #1000521 + + -- Reinhard Tartler Sat, 16 Apr 2022 06:41:11 -0400 + +libpod (4.0.1+ds1-3) experimental; urgency=medium + + * Fix installation of systemd units + + -- Reinhard Tartler Sun, 06 Mar 2022 17:16:32 -0500 + +libpod (4.0.1+ds1-2) experimental; urgency=medium + + * Install rootlessport, Closes: #1006426 + + -- Reinhard Tartler Fri, 25 Feb 2022 12:47:27 -0500 + +libpod (4.0.1+ds1-1) experimental; urgency=medium + + * New upstream release + + -- Reinhard Tartler Wed, 23 Feb 2022 21:43:55 -0500 + +libpod (4.0.0~rc5+ds1-1) experimental; urgency=medium + + * New upstream release, closes: #1003486 + * Bug fix: "podman-restart missing from podman package", thanks to Jelle + van der Waa (Closes: #1001780). + + -- Reinhard Tartler Mon, 21 Feb 2022 20:44:22 -0500 + +libpod (3.4.7+ds1-3) unstable; urgency=medium + + * backport upstream patch to avoid runtime crash, + Closes: #1010000 for real this time. + + -- Reinhard Tartler Sun, 24 Apr 2022 08:07:13 -0400 + +libpod (3.4.7+ds1-2) unstable; urgency=medium + + * Rebuild against opencontainers/runtime-tools >> 0.9.0+git20220423, + Closes: #1010000 + + -- Reinhard Tartler Sat, 23 Apr 2022 10:19:28 -0400 + +libpod (3.4.7+ds1-1) unstable; urgency=medium + + * New upstream release. + - Fixes: CVE-2022-1227 + + -- Reinhard Tartler Thu, 21 Apr 2022 16:09:59 -0400 + +libpod (3.4.6+ds1-1) unstable; urgency=medium + + * New upstream release + - Fixes: CVE-2022-27191, CVE-2022-27649 + * Fix installation of systemd units + + [ Antonio Terceiro ] + * Stop installing systemd socket units under /usr/lib (Closes: #1009374) + + -- Reinhard Tartler Thu, 14 Apr 2022 07:11:33 -0400 + +libpod (3.4.4+ds1-1) unstable; urgency=medium + + * New upstream release + Confirming that CVE-2021-4024 is fixed in 3.4.3, Closes: #1000844 + + -- Reinhard Tartler Sat, 25 Dec 2021 19:48:14 -0500 + +libpod (3.4.3+ds1-1) unstable; urgency=medium + + * New upstream release, Closes: #1001321 + - podman machine spawns gvproxy with port binded to all IPs, + Closes: #1000844 + + -- Reinhard Tartler Fri, 24 Dec 2021 14:40:01 -0500 + +libpod (3.4.2+ds1-1) unstable; urgency=medium + + * New upstream release + * Compile against system github.com/dtylman/scp + * Revert upstream commit that requires newer godbus than we currently + have in unstable + + -- Reinhard Tartler Wed, 17 Nov 2021 14:30:31 -0500 + +libpod (3.4.1+ds1-2) unstable; urgency=medium + + * Upload to unstable + * podman: Install tmpfiles.d/podman.conf, Closes: #995586 + + -- Reinhard Tartler Tue, 26 Oct 2021 18:20:56 -0400 + +libpod (3.4.1+ds1-1) experimental; urgency=medium + + * New upstream release + + -- Reinhard Tartler Mon, 25 Oct 2021 13:58:58 -0400 + +libpod (3.4.0+ds1-1) experimental; urgency=medium + + * New upstream release + + -- Reinhard Tartler Fri, 08 Oct 2021 16:19:40 -0400 + +libpod (3.3.1+ds2-1) unstable; urgency=medium + + * New upstream release + - drop coreos/{go-iptables,go-systemd} + * Drop unneeded dependency on golang-github-openshift-api-dev + * Bump Standards-Version, no changes needed + + -- Reinhard Tartler Tue, 07 Sep 2021 11:53:40 +0200 + +libpod (3.3.0+ds2-2) unstable; urgency=medium + + * Apply missing patches that were forgotten in the last merge + from experimental: + - Prefer crun over runc + - Add depends in iptables + * Upstream improved documentation on requirements for rootless, + Closes: #983395 + + -- Reinhard Tartler Sat, 04 Sep 2021 18:57:31 +0200 + +libpod (3.3.0+ds2-1) unstable; urgency=medium + + * New upstream release, Closes: #992138, #992142 + + -- Reinhard Tartler Mon, 30 Aug 2021 12:37:34 +0200 + +libpod (3.2.3+ds1-1) experimental; urgency=medium + + * New upstream releases, Closes: #991197 + * Bump dependency on golang-github-containers-common,buildah + + -- Reinhard Tartler Tue, 20 Jul 2021 18:22:50 -0400 + +libpod (3.2.2+ds1-1) experimental; urgency=medium + + * New upstream releases, Closes: #990333 + * Bump dependency on golang-github-containers-common + + -- Reinhard Tartler Mon, 28 Jun 2021 08:15:51 -0400 + +libpod (3.2.1+ds1-2) experimental; urgency=medium + + * Provide 'podman-docker' package, Closes: #984770 + * Tighten build dependency on golang-golang-x-net-dev + + -- Reinhard Tartler Tue, 15 Jun 2021 13:41:46 -0400 + +libpod (3.2.1+ds1-1) experimental; urgency=medium + + * New upstream release + * Tighten build-depends on golang-github-containers-common-dev + and golang-github-containers-buildah-dev + + -- Reinhard Tartler Mon, 14 Jun 2021 14:08:01 -0400 + +libpod (3.2.0+ds5-2) experimental; urgency=medium + + * Add patch from upstream to fix FTBFS on !(arm64, amd64) + + -- Reinhard Tartler Sat, 12 Jun 2021 07:07:45 -0400 + +libpod (3.2.0+ds5-1) experimental; urgency=medium + + * New upstream release + * Install zsh completions (Closes: #989411) + * Disable LTO, cf. https://wiki.debian.org/ToolChain/LTO + + -- Reinhard Tartler Tue, 08 Jun 2021 17:33:43 -0400 + +libpod (3.1.2+ds1-2) experimental; urgency=medium + + * add missing vendored files included in tarball + * (explicitly) build-depend on golang-github-moby-term-dev + + -- Reinhard Tartler Mon, 31 May 2021 09:55:52 -0400 + +libpod (3.1.2+ds1-1) experimental; urgency=medium + + * New upstream release + * Drop dependency on golang-github-seccomp-containers-golang-dev, + Closes: #988445 + + -- Reinhard Tartler Fri, 28 May 2021 17:57:28 -0400 + +libpod (3.1.0+ds1-1) experimental; urgency=medium + + * New upstream release + * Reorganized git source layout. Drop a number of vendored libraries + (in favor of versions from the Debian archive) + - github.com/go-logr/logr + - github.com/moby/term + - github.com/nxadm/tail + - github.com/willf/bitset + - go.etcd.io/bbolt + - google.golang.org/protobuf + + -- Reinhard Tartler Sat, 03 Apr 2021 16:28:54 -0400 + +libpod (3.0.1+dfsg1-3) unstable; urgency=medium + + * Add networking-lookup-child-IP-in-networks.patch, fixes rootless + connection issue "Connection reset by peer", Closes: #989803 + + -- Reinhard Tartler Sun, 13 Jun 2021 18:28:49 -0400 + +libpod (3.0.1+dfsg1-2) unstable; urgency=medium + + * Prefer crun over runc, Closes: #985379 + * Add depends in iptables, Closes: #987207 + + -- Reinhard Tartler Wed, 21 Apr 2021 17:36:07 -0400 + +libpod (3.0.1+dfsg1-1) unstable; urgency=medium + + * New upstream release + * debian/control: tighten dependencies + * drop inspect-volume-data.patch, merged upstream + * Use packaged version of ocicrypt + + -- Reinhard Tartler Wed, 24 Feb 2021 06:46:17 -0500 + +libpod (3.0.0+dfsg1-2) unstable; urgency=medium + + * Adjust dependencies on containers/{storage,image,common,buildah} + as discussed with upstream + + -- Reinhard Tartler Fri, 12 Feb 2021 08:42:39 -0500 + +libpod (3.0.0+dfsg1-1) unstable; urgency=medium + + * New upstream release + + -- Reinhard Tartler Fri, 12 Feb 2021 06:12:02 -0500 + +libpod (3.0.0~rc3+dfsg1-1) experimental; urgency=medium + + * New upstream release + * Cleanup varlink service, closes: #981708 + * Tighten dependency on buildah to pickup fix for caching bug, + closes: #982467 + + -- Reinhard Tartler Wed, 10 Feb 2021 06:54:28 -0500 + +libpod (3.0.0~rc2+dfsg1-2) unstable; urgency=medium + + * Upload to unstable + + -- Reinhard Tartler Tue, 02 Feb 2021 17:21:00 -0500 + +libpod (3.0.0~rc2+dfsg1-1) experimental; urgency=medium + + * New upstream release + * Install auto-update systemd units + * debian/copyright: more updates + * Install auto-update systemd units + * systemd: Don't enable podman-auto-update.service in default.target + (Closes: #981097) + * Pass buildtags also go test invocation to unbreak autopkgtests when + run as root + + -- Reinhard Tartler Sat, 30 Jan 2021 22:17:33 -0500 + +libpod (3.0.0~rc1+dfsg1-1) experimental; urgency=medium + + * New upstream version + * Drop varlink references, dropped upstream + * Remove confusing line (Closes: #980480) + + -- Reinhard Tartler Sun, 24 Jan 2021 11:16:44 -0500 + +libpod (2.2.1+dfsg1-1) experimental; urgency=medium + + * New upstream version + * drop cobra-spf13-api.patch, no longer needed + * Rely on upstream's build scripts to install manpages (Closes: #977502) + * Remove conflicting manpage container-mounts(5), Closes: #977502 + * drop old-docker-api.patch, no longer needed + + -- Reinhard Tartler Fri, 18 Dec 2020 07:16:27 -0500 + +libpod (2.2.0+dfsg1-1) experimental; urgency=medium + + * debian/changelog: Bump to libpod 2.2.0 + * Refresh distro patches + * debian/control: Tighten build-dependency on buildah + * add cobra-spf13-api.patch + * debian/copyright: manual updates + * podman: Add depends on golang-github-containernetworking-plugin-dnsname + + -- Reinhard Tartler Tue, 08 Dec 2020 15:45:22 -0500 + +libpod (2.1.1+dfsg1-7) unstable; urgency=medium + + * Pass buildtags also go test invocation to unbreak autopkgtests + on machines that run as real root. + + -- Reinhard Tartler Mon, 01 Feb 2021 06:43:56 -0500 + +libpod (2.1.1+dfsg1-6) unstable; urgency=medium + + * debian/rules: Remove confusing line (Closes: #980480) + * systemd: Don't enable podman-auto-update.service in default.target + (Closes: #981097) + + -- Reinhard Tartler Tue, 26 Jan 2021 21:51:00 -0500 + +libpod (2.1.1+dfsg1-5) unstable; urgency=medium + + * Install auto-update systemd units + + -- Reinhard Tartler Mon, 25 Jan 2021 07:49:44 -0500 + +libpod (2.1.1+dfsg1-4) unstable; urgency=medium + + * Ignore containers.conf sysctl when namespaces set to host + (Closes: #979313) + + -- Reinhard Tartler Wed, 06 Jan 2021 20:48:36 -0500 + +libpod (2.1.1+dfsg1-3) unstable; urgency=medium + + [ Dmitry Smirnov ] + * Tightened versioned dependency on "containernetworking-plugins". + + [ Reinhard Tartler ] + * debian/copyright: various cleanups + * Fix handling of Ambient/Inheritable caps for non root user, Closes: #977717 + * Rely on upstream's build scripts to install manpages + * Remove conflicting manpage container-mounts(5), Closes: #977502 + + -- Reinhard Tartler Tue, 22 Dec 2020 13:00:57 -0500 + +libpod (2.1.1+dfsg1-2) unstable; urgency=medium + + [ Reinhard Tartler ] + * Install runc by default, Closes: #971253 + * Builds against structured-merge-diff/v4, Closes: #976410 + + [ Antonio Terceiro ] + * Recommend catatonit before the other inits (Closes: #971815) + + -- Reinhard Tartler Mon, 07 Dec 2020 06:56:09 -0500 + +libpod (2.1.1+dfsg1-1) unstable; urgency=medium + + [ Reinhard Tartler ] + * New upstream release: 2.1.1 + * golang-github-containers-libpod-dev: expose golang sources + * debian/copyright: update using cme update dpkg-copyright + + [ Arnaud Rebillout ] + * Unvendor sigs.k8s.io/yaml + + -- Reinhard Tartler Fri, 27 Nov 2020 12:45:58 -0500 + +libpod (2.0.6+dfsg1-2) unstable; urgency=medium + + * Restored io.podman/varlink interface, which is still in use by + nomad-driver-podman. + + -- Dmitry Smirnov Thu, 22 Oct 2020 21:33:07 +1100 + +libpod (2.0.6+dfsg1-1) unstable; urgency=medium + + * New upstream release + * debian/copyright: cleanups + * drop malformed lintian override + * Bump standard version, no changes needed + + -- Reinhard Tartler Mon, 14 Sep 2020 15:35:01 -0400 + +libpod (2.0.4+dfsg2-5) unstable; urgency=medium + + * Team upload. + * Upload to unstable + + -- Shengjing Zhu Sun, 23 Aug 2020 02:42:00 +0800 + +libpod (2.0.4+dfsg2-4) experimental; urgency=medium + + * Team upload. + * Tighten buildah Build-Depends version + + -- Shengjing Zhu Thu, 20 Aug 2020 02:54:27 +0800 + +libpod (2.0.4+dfsg2-3) experimental; urgency=medium + + * Team upload. + + [ Reinhard Tartler ] + * Add more notes on how to get started with Debian kernels + + [ Shengjing Zhu ] + * Add patch to fix build with new runc + + -- Shengjing Zhu Thu, 20 Aug 2020 01:00:02 +0800 + +libpod (2.0.4+dfsg2-2) unstable; urgency=medium + + [ Martin Pitt ] + * Bump conmon dependency + + [ Dmitry Smirnov ] + * Harmonize repacksuffix to fix CI. + * Tighten recommendation on fuse-overlayfs (>= 1.0.0~). + + [ Reinhard Tartler ] + * Bug fix: "Breaks docker", thanks to Jan Hudec (Closes: #968207). + - No longer create symlink /run/docker.sock to avoid interfering + with the docker daemon. Users that wish to replace the docker + daemon with podman are advised to install the symlink themselves + and arrange appropriate permissions for podman.sock. + + -- Reinhard Tartler Tue, 11 Aug 2020 07:41:44 -0400 + +libpod (2.0.4+dfsg2-1) unstable; urgency=medium + + * Vendor in protobuf 3 to workaround #961814 + * Remove "insanity workaround" related to protobuf + * Hand in forgotten changelog entry in 2.0.4+dfsg1-1 + + -- Reinhard Tartler Mon, 03 Aug 2020 07:20:45 -0400 + +libpod (2.0.4+dfsg1-1) unstable; urgency=medium + + * New upstream release + * No longer install /etc/containers/libpod.conf (Closes: #961016) + This file is deprecated in version 2.0 and is superseeded by + /etc/containers/containers.conf, which is provided by the + golang-github-containers-common package. The old file hardcodes + a default OCI runtime that breaks in default installations. + * Fixed REST API regression (Closes: #966501) + + -- Reinhard Tartler Thu, 30 Jul 2020 07:12:41 -0400 + +libpod (2.0.3+dfsg1-1) unstable; urgency=medium + + * Team upload. + * New upstream release + * Install systemd helper files in favor of varlink (Closes: #966118) + + -- Reinhard Tartler Sun, 26 Jul 2020 10:53:39 -0400 + +libpod (2.0.2+dfsg1-3) unstable; urgency=medium + + * Team upload. + * Upload to unstable. + + -- Reinhard Tartler Mon, 20 Jul 2020 10:18:00 -0400 + +libpod (2.0.2+dfsg1-2) experimental; urgency=medium + + * Team upload. + * debian/rules: Add XDG_RUNTIME_DIR settings on build + - Based on debian/rules from the ibus package, unbreaks + testsuite on many buildds + + -- Reinhard Tartler Fri, 17 Jul 2020 06:56:20 -0400 + +libpod (2.0.2+dfsg1-1) experimental; urgency=medium + + * Team upload. + * New upstream version, Closes: #964378 + + -- Reinhard Tartler Thu, 16 Jul 2020 18:06:15 -0400 + +libpod (1.6.4+dfsg1-4) unstable; urgency=medium + + * Team upload. + * Rename golang-x-text-dev to golang-golang-x-text-dev + + -- Shengjing Zhu Sun, 12 Jul 2020 18:51:51 +0800 + +libpod (1.6.4+dfsg1-3) unstable; urgency=high + + * Team upload. + * Do not copy up when volume is not empty + CVE-2020-1726, Closes: #961421 + + -- Reinhard Tartler Thu, 28 May 2020 17:24:41 -0400 + +libpod (1.6.4+dfsg1-2) unstable; urgency=medium + + * Un-vendored "golang-github-checkpoint-restore-go-criu-dev". + * Tightened dependency: "conmon (>= 2.0.2~)". + * rules: + + Golang insanity workaround. + + Removed obsolete "containers_image_ostree" build tag. + + -- Dmitry Smirnov Tue, 14 Jan 2020 10:56:58 +1100 + +libpod (1.6.4+dfsg-1) unstable; urgency=medium + + * New upstream release. + * Install "seccomp.json". + * Install tutorials. + * Un-vendored "openshift/api" library. + * Build-Depends: + - golang-github-boltdb-bolt-dev + + golang-github-coreos-bbolt-dev (>= 1.3.3~) + - golang-github-containerd-continuity-dev + = golang-github-containers-buildah-dev (>= 1.11.6~) + = golang-github-containers-image-dev (>= 5.0.0~) + + golang-github-openshift-api-dev + + -- Dmitry Smirnov Fri, 03 Jan 2020 08:36:51 +1100 + +libpod (1.6.2+dfsg-3) unstable; urgency=medium + + * Install annotated CNI examples. + * Replaced default CNI "bridge" policy with "ptp". + + -- Dmitry Smirnov Tue, 31 Dec 2019 12:07:07 +1100 + +libpod (1.6.2+dfsg-2) unstable; urgency=medium + + * Added note about "swapaccount" to README.Debian. + * libpod.conf: prefer "crun" over "runc". + * Tightened "fuse-overlayfs" dependency. + * Only install "registries.conf" example but not conf file. + * Use "tini-static" for "init_path" built-in default instead of + "catatonit". + * Added "buildah" to Recommends since it provides "containers/image" man + pages. + * Standards-Version: 4.4.1 + + -- Dmitry Smirnov Sun, 29 Dec 2019 20:49:01 +1100 + +libpod (1.6.2+dfsg-1) unstable; urgency=medium + + * Initial release (Closes: #930440). + + -- Dmitry Smirnov Tue, 12 Nov 2019 13:29:33 +1100 diff --git a/debian/clean b/debian/clean new file mode 100644 index 0000000..115bb8c --- /dev/null +++ b/debian/clean @@ -0,0 +1,4 @@ +.gopathok +docs/build/man/*.1 +docs/*.5 +pkg/hooks/docs/oci-hooks.5 diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..cfda2de --- /dev/null +++ b/debian/control @@ -0,0 +1,247 @@ +Source: libpod +Section: admin +Priority: optional +Standards-Version: 4.6.2 +Maintainer: Debian Go Packaging Team +Uploaders: + Dmitry Smirnov , + Reinhard Tartler , + Faidon Liambotis , +Build-Depends: + debhelper-compat (= 13), + bash-completion, + conmon, + dh-golang, + go-md2man, + golang-dbus-dev, + golang-ginkgo-dev, + golang-github-shirou-gopsutil-dev, + golang-github-mdlayher-vsock-dev, + golang-github-appc-cni-dev, + golang-github-buger-goterm-dev, + golang-github-checkpoint-restore-checkpointctl-dev, + golang-github-checkpoint-restore-go-criu-dev (>> 6), + golang-github-container-orchestrated-devices-container-device-interface-dev, + golang-github-containerd-cgroups-dev, + golang-github-containers-buildah-dev (>= 1.33.5), + golang-github-containers-common-dev (>= 0.57.4), + golang-github-containers-conmon-dev, + golang-github-containers-image-dev (>= 5.29.2~), + golang-github-containers-ocicrypt-dev, + golang-github-containers-psgo-dev, + golang-github-containers-storage-dev (>= 1.51), + golang-github-containers-gvisor-tap-vsocks-dev, + golang-github-coreos-bbolt-dev, + golang-github-coreos-go-iptables-dev, + golang-github-coreos-go-systemd-dev, + golang-github-coreos-stream-metadata-go-dev, + golang-github-cyphar-filepath-securejoin-dev, + golang-github-digitalocean-go-libvirt-dev, + golang-github-digitalocean-go-qemu-dev, + golang-github-docker-distribution-dev, + golang-github-docker-docker-dev, + golang-github-docker-go-connections-dev, + golang-github-docker-go-plugins-helpers-dev, + golang-github-docker-go-units-dev, + golang-github-docker-spdystream-dev, + golang-github-dtylman-scp-dev, + golang-github-fullsailor-pkcs7-dev, + golang-github-ghodss-yaml-dev, + golang-github-go-logr-logr-dev, + golang-github-google-shlex-dev, + golang-github-google-uuid-dev, + golang-github-gorilla-schema-dev, + golang-github-hashicorp-go-multierror-dev, + golang-github-json-iterator-go-dev, + golang-github-mattn-go-sqlite3-dev, + golang-github-moby-sys-dev, + golang-github-moby-term-dev, + golang-github-mrunalp-fileutils-dev, + golang-github-nxadm-tail-dev, + golang-github-opencontainers-go-digest-dev, + golang-github-opencontainers-image-spec-dev, + golang-github-opencontainers-runc-dev (>= 1.1.3+ds1-6), + golang-github-opencontainers-runtime-tools-dev (>= 0.9.0+dfsg-3~), + golang-github-opencontainers-selinux-dev (>= 1.11~), + golang-github-openshift-imagebuilder-dev, + golang-github-pkg-errors-dev, + golang-github-pkg-profile-dev, + golang-github-rootless-containers-rootlesskit-dev, + golang-github-seccomp-libseccomp-golang-dev, + golang-github-sirupsen-logrus-dev, + golang-github-stretchr-testify-dev, + golang-github-ulikunitz-xz-dev, + golang-github-vbatts-tar-split-dev, + golang-github-vbauerster-mpb-dev (>= 8), + golang-github-vishvananda-netlink-dev, + golang-github-vividcortex-ewma-dev, + golang-go, + golang-go-zfs-dev, + golang-go.opencensus-dev, + golang-golang-x-crypto-dev, + golang-golang-x-net-dev, + golang-golang-x-sys-dev, + golang-golang-x-text-dev, + golang-golang-x-tools, + golang-golang-x-xerrors-dev, + golang-gomega-dev, + golang-google-genproto-dev, + golang-google-grpc-dev, + golang-gopkg-inf.v0-dev, + golang-gopkg-square-go-jose.v2-dev, + golang-gopkg-yaml.v3-dev, + golang-k8s-klog-dev, + golang-k8s-sigs-structured-merge-diff-dev, + golang-k8s-sigs-yaml-dev, + golang-toml-dev, + libapparmor-dev, + libbtrfs-dev, + libdevmapper-dev, + libglib2.0-dev, + libsubid-dev, +Homepage: https://github.com/containers/podman +Vcs-Browser: https://salsa.debian.org/debian/libpod +Vcs-Git: https://salsa.debian.org/debian/libpod.git +XS-Go-Import-Path: github.com/containers/podman + +Package: podman +Architecture: any +Built-Using: + ${misc:Built-Using}, +Depends: + conmon, + crun | runc, + golang-github-containers-common, + ${misc:Depends}, + ${shlibs:Depends}, +Recommends: + buildah (>= 1.31), + catatonit | tini | dumb-init, + dbus-user-session, + passt, + slirp4netns, + uidmap, + ${misc:Recommends}, +Suggests: + containers-storage, + docker-compose, + iptables, + ${misc:Suggests}, +Description: tool to manage containers and pods + Podman (the POD MANager) is a tool for managing containers and images, volumes + mounted into those containers, and pods made from groups of containers. + . + At a high level, the scope of Podman and libpod is the following: + * Support for multiple container image formats, including OCI and Docker + images. + * Full management of those images, including pulling from various sources + (including trust and verification), creating (built via Containerfile or + Dockerfile or committed from a container), and pushing to registries and + other storage backends. + * Full management of container lifecycle, including creation (both from an + image and from an exploded root filesystem), running, checkpointing and + restoring (via CRIU), and removal. + * Full management of container networking, using Netavark. + * Support for pods, groups of containers that share resources and are managed + together. + * Support for running containers and pods without root or other elevated + privileges. + * Resource isolation of containers and pods. + * Support for a Docker-compatible CLI interface, which can both run + containers locally and on remote systems. + * No manager daemon, for improved security and lower resource utilization at + idle. + * Support for a REST API providing both a Docker-compatible interface and an + improved interface exposing advanced Podman functionality. + * Support for running on Windows and Mac via virtual machines run by podman + machine. + . + Podman is a daemon-less alternative to Docker. + +Package: podman-docker +Architecture: any +Built-Using: + ${misc:Built-Using}, +Depends: + podman, + ${misc:Depends}, + ${shlibs:Depends}, +Conflicts: + docker.io, + docker-ce-cli, +Recommends: + docker-compose, +Description: tool to manage containers and pods (Docker CLI) + Podman (the POD MANager) is a tool for managing containers and images, volumes + mounted into those containers, and pods made from groups of containers. + . + At a high level, the scope of Podman and libpod is the following: + * Support for multiple container image formats, including OCI and Docker + images. + * Full management of those images, including pulling from various sources + (including trust and verification), creating (built via Containerfile or + Dockerfile or committed from a container), and pushing to registries and + other storage backends. + * Full management of container lifecycle, including creation (both from an + image and from an exploded root filesystem), running, checkpointing and + restoring (via CRIU), and removal. + * Full management of container networking, using Netavark. + * Support for pods, groups of containers that share resources and are managed + together. + * Support for running containers and pods without root or other elevated + privileges. + * Resource isolation of containers and pods. + * Support for a Docker-compatible CLI interface, which can both run + containers locally and on remote systems. + * No manager daemon, for improved security and lower resource utilization at + idle. + * Support for a REST API providing both a Docker-compatible interface and an + improved interface exposing advanced Podman functionality. + * Support for running on Windows and Mac via virtual machines run by podman + machine. + . + Podman is a daemon-less alternative to Docker. + . + This package installs a Docker-compatible CLI interface, capable of running + containers locally and on remote systems. + +Package: podman-remote +Architecture: any +Built-Using: + ${misc:Built-Using}, +Depends: + ${misc:Depends}, + ${shlibs:Depends}, +Description: tool to manage containers and pods (remote CLI) + Podman (the POD MANager) is a tool for managing containers and images, volumes + mounted into those containers, and pods made from groups of containers. + . + At a high level, the scope of Podman and libpod is the following: + * Support for multiple container image formats, including OCI and Docker + images. + * Full management of those images, including pulling from various sources + (including trust and verification), creating (built via Containerfile or + Dockerfile or committed from a container), and pushing to registries and + other storage backends. + * Full management of container lifecycle, including creation (both from an + image and from an exploded root filesystem), running, checkpointing and + restoring (via CRIU), and removal. + * Full management of container networking, using Netavark. + * Support for pods, groups of containers that share resources and are managed + together. + * Support for running containers and pods without root or other elevated + privileges. + * Resource isolation of containers and pods. + * Support for a Docker-compatible CLI interface, which can both run + containers locally and on remote systems. + * No manager daemon, for improved security and lower resource utilization at + idle. + * Support for a REST API providing both a Docker-compatible interface and an + improved interface exposing advanced Podman functionality. + * Support for running on Windows and Mac via virtual machines run by podman + machine. + . + Podman is a daemon-less alternative to Docker. + . + This package provides a smaller executable, a local client to interact with a + Podman backend node through a RESTful API tunneled through an SSH connection. diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..af04a40 --- /dev/null +++ b/debian/copyright @@ -0,0 +1,137 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: podman +Source: https://github.com/containers/podman +Files-Excluded: + vendor + test/tools/vendor + +Files: * +Copyright: 2016-2023, Red Hat, Inc. +License: Apache-2.0 + +Files: contrib/snapcraft/* +Copyright: 2017, Snapcrafters +License: Expat + +Files: debian/* +Copyright: 2023, Faidon Liambotis + 2020-2023, Reinhard Tartler + 2018-2020, Dmitry Smirnov +License: Apache-2.0 + +Files: debian/expand.go +Copyright: 2009, The Go Authors. +License: BSD-3-clause + +Files: hack/fork_exec_snoop.bt +Copyright: 2023, Paul Wallrabe + 2022, Nicolas Hillegeer +License: Apache-2.0 + +Files: libpod/networking_pasta_linux.go +Copyright: 2022, Red Hat GmbH +License: Apache-2.0 + +Files: pkg/* +Copyright: 2013-2018, Docker, Inc. +License: Apache-2.0 + +Files: pkg/k8s.io/* +Copyright: belongs to the Kubernetes Authors and is licensed under Apache-2.0, also check the license headers in the files. +License: Apache-2.0 + +Files: pkg/k8s.io/api/apps/* +Copyright: 2014-2017, 2020, The Kubernetes Authors. +License: Apache-2.0 + +Files: pkg/k8s.io/api/core/* +Copyright: 2014-2017, 2020, The Kubernetes Authors. +License: Apache-2.0 + +Files: pkg/k8s.io/apimachinery/pkg/* +Copyright: 2014-2017, 2020, The Kubernetes Authors. +License: Apache-2.0 + +Files: pkg/systemd/parser/unitfile_test.go +Copyright: no-info-found +License: LGPL-2.1+ + +Files: pkg/util/camelcase/* +Copyright: 2015, Fatih Arslan +License: Expat + +Files: test/system/505-networking-pasta.bats +Copyright: 2022, Red Hat GmbH +License: Apache-2.0 + +License: Apache-2.0 + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + . + http://www.apache.org/licenses/LICENSE-2.0 + . + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + . + On Debian systems, the complete text of the Apache version 2.0 license + can be found in "/usr/share/common-licenses/Apache-2.0". + +License: BSD-3-clause + The BSD License + . + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are + met: + . + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + . + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + . + * Neither the name of the copyright holder nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + . + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR + CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +License: Expat + Permission is hereby granted, free of charge, to any person obtaining a copy of + this software and associated documentation files (the "Software"), to deal in + the Software without restriction, including without limitation the rights to + use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + the Software, and to permit persons to whom the Software is furnished to do so, + subject to the following conditions: + . + The above copyright notice and this permission notice shall be included in all + copies or substantial portions of the Software. + . + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +License: LGPL-2.1+ + This program is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published by the + Free Software Foundation; version 2.1 of the License, or (at + your option) any later version. + On Debian systems, the complete text of version 2.1 of the GNU Lesser + General Public License can be found in '/usr/share/common-licenses/LGPL-2.1'. diff --git a/debian/etc/containers/libpod.conf b/debian/etc/containers/libpod.conf new file mode 100644 index 0000000..17f7939 --- /dev/null +++ b/debian/etc/containers/libpod.conf @@ -0,0 +1,149 @@ +# libpod.conf(5) is the default configuration file for all tools using +# libpod to manage containers + +# Default transport method for pulling and pushing for images +image_default_transport = "docker://" + +# Paths to look for the conmon container manager binary. +# If the paths are empty or no valid path was found, then the `$PATH` +# environment variable will be used as the fallback. +conmon_path = [ + "/usr/bin/conmon", + "/usr/sbin/conmon", + "/usr/libexec/podman/conmon", + "/usr/local/libexec/crio/conmon", + "/usr/lib/podman/bin/conmon", + "/usr/libexec/crio/conmon", + "/usr/lib/crio/bin/conmon" +] + +# Environment variables to pass into conmon +conmon_env_vars = [ + "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +] + +# CGroup Manager - valid values are "systemd" and "cgroupfs" +cgroup_manager = "systemd" + +# Container init binary +#init_path = "/usr/bin/tini" +#init_path = "/usr/bin/tini-static" +#init_path = "/usr/bin/dumb-init" +#init_path = "/usr/bin/catatonit" + + +# Directory for persistent libpod files (database, etc) +# By default, this will be configured relative to where containers/storage +# stores containers +# Uncomment to change location from this default +#static_dir = "/var/lib/containers/storage/libpod" + +# Directory for temporary files. Must be tmpfs (wiped after reboot) +tmp_dir = "/var/run/libpod" + +# Maximum size of log files (in bytes) +# -1 is unlimited +max_log_size = -1 + +# Whether to use chroot instead of pivot_root in the runtime +no_pivot_root = false + +# Directory containing CNI plugin configuration files +cni_config_dir = "/etc/cni/net.d/" + +# Directories where the CNI plugin binaries may be located +cni_plugin_dir = [ + "/usr/lib/cni", + "/usr/local/lib/cni", + "/opt/cni/bin" +] + +# Default CNI network for libpod. +# If multiple CNI network configs are present, libpod will use the network with +# the name given here for containers unless explicitly overridden. +# The default here is set to the name we set in the +# 87-podman-bridge.conflist included in the repository. +# Not setting this, or setting it to the empty string, will use normal CNI +# precedence rules for selecting between multiple networks. +cni_default_network = "podman" + +# Default libpod namespace +# If libpod is joined to a namespace, it will see only containers and pods +# that were created in the same namespace, and will create new containers and +# pods in that namespace. +# The default namespace is "", which corresponds to no namespace. When no +# namespace is set, all containers and pods are visible. +#namespace = "" + +# Default infra (pause) image name for pod infra containers +infra_image = "k8s.gcr.io/pause:3.1" + +# Default command to run the infra container +infra_command = "/pause" + +# Determines whether libpod will reserve ports on the host when they are +# forwarded to containers. When enabled, when ports are forwarded to containers, +# they are held open by conmon as long as the container is running, ensuring that +# they cannot be reused by other programs on the host. However, this can cause +# significant memory usage if a container has many ports forwarded to it. +# Disabling this can save memory. +#enable_port_reservation = true + +# Default libpod support for container labeling +# label=true + +# The locking mechanism to use +lock_type = "shm" + +# Number of locks available for containers and pods. +# If this is changed, a lock renumber must be performed (e.g. with the +# 'podman system renumber' command). +num_locks = 2048 + +# Directory for libpod named volumes. +# By default, this will be configured relative to where containers/storage +# stores containers. +# Uncomment to change location from this default. +#volume_path = "/var/lib/containers/storage/volumes" + +# Selects which logging mechanism to use for Podman events. Valid values +# are `journald` or `file`. +# events_logger = "journald" + +# Specify the keys sequence used to detach a container. +# Format is a single character [a-Z] or a comma separated sequence of +# `ctrl-`, where `` is one of: +# `a-z`, `@`, `^`, `[`, `\`, `]`, `^` or `_` +# +# detach_keys = "ctrl-p,ctrl-q" + +# Default OCI runtime +runtime = "crun" +#runtime = "runc" + +# List of the OCI runtimes that support --format=json. When json is supported +# libpod will use it for reporting nicer errors. +runtime_supports_json = ["crun", "runc"] + +# List of all the OCI runtimes that support --cgroup-manager=disable to disable +# creation of CGroups for containers. +runtime_supports_nocgroups = ["crun"] + +# Paths to look for a valid OCI runtime (runc, runv, etc) +# If the paths are empty or no valid path was found, then the `$PATH` +# environment variable will be used as the fallback. +[runtimes] + +runc = [ + "/usr/sbin/runc", +] + +crun = [ + "/usr/bin/crun" +] + +# The [runtimes] table MUST be the last thing in this file. +# (Unless another table is added) +# TOML does not provide a way to end a table other than a further table being +# defined, so every key hereafter will be part of [runtimes] and not the main +# config. diff --git a/debian/examples/cni/net.d/87-podman-bridge.conflist b/debian/examples/cni/net.d/87-podman-bridge.conflist new file mode 100644 index 0000000..f65895a --- /dev/null +++ b/debian/examples/cni/net.d/87-podman-bridge.conflist @@ -0,0 +1,37 @@ +{ + "cniVersion": "0.4.0", + "name": "podman", + "plugins": [ + { + "type": "bridge", + "Documentation": "/usr/share/doc/containernetworking-plugins/main_bridge.md", + "bridge": "cni-podman0", + "isGateway": true, + "ipMasq": true, + "ipam": { + "type": "host-local", + "Documentation": "/usr/share/doc/containernetworking-plugins/ipam_host-local.md", + "routes": [ + { "dst": "0.0.0.0/0" } + ], + "ranges": [ + [ + { "subnet": "10.88.0.0/16", "gateway": "10.88.0.1" } + ] + ] + } + }, + + { + "type": "portmap", + "Documentation": "/usr/share/doc/containernetworking-plugins/meta_portmap.md", + "capabilities": { "portMappings": true } + }, + + { + "type": "firewall", + "Documentation": "/usr/share/doc/containernetworking-plugins/meta_firewall.md", + "backend": "iptables" + } + ] +} diff --git a/debian/examples/cni/net.d/87-podman-bridge_l2.conflist b/debian/examples/cni/net.d/87-podman-bridge_l2.conflist new file mode 100644 index 0000000..fc09944 --- /dev/null +++ b/debian/examples/cni/net.d/87-podman-bridge_l2.conflist @@ -0,0 +1,24 @@ +{ + "cniVersion": "0.4.0", + "name": "podman", + "plugins": [ + { + "type": "bridge", + "Documentation": "/usr/share/doc/containernetworking-plugins/main_bridge.md", + "bridge": "br0", + "ipam": { } + }, + + { + "type": "portmap", + "Documentation": "/usr/share/doc/containernetworking-plugins/meta_portmap.md", + "capabilities": { "portMappings": true } + }, + + { + "type": "firewall", + "Documentation": "/usr/share/doc/containernetworking-plugins/meta_firewall.md", + "backend": "iptables" + } + ] +} diff --git a/debian/examples/cni/net.d/87-podman-ptp.conflist b/debian/examples/cni/net.d/87-podman-ptp.conflist new file mode 100644 index 0000000..f458b0c --- /dev/null +++ b/debian/examples/cni/net.d/87-podman-ptp.conflist @@ -0,0 +1,31 @@ +{ + "cniVersion": "0.4.0", + "name": "podman", + "plugins": [ + { + "type": "ptp", + "Documentation": "/usr/share/doc/containernetworking-plugins/main_ptp.md", + "ipMasq": true, + "ipam": { + "type": "host-local", + "Documentation": "/usr/share/doc/containernetworking-plugins/ipam_host-local.md", + "subnet": "172.16.16.0/24", + "routes": [ + { "dst": "0.0.0.0/0" } + ] + } + }, + + { + "type": "portmap", + "Documentation": "/usr/share/doc/containernetworking-plugins/meta_portmap.md", + "capabilities": { "portMappings": true } + }, + + { + "type": "firewall", + "Documentation": "/usr/share/doc/containernetworking-plugins/meta_firewall.md", + "backend": "iptables" + } + ] +} diff --git a/debian/examples/registries.conf b/debian/examples/registries.conf new file mode 100644 index 0000000..dc771ed --- /dev/null +++ b/debian/examples/registries.conf @@ -0,0 +1,11 @@ +## containers-registries.conf(5): System Registry Configuration File + +[registries.search] +registries = ['docker.io', 'registry.fedoraproject.org'] + +[registries.insecure] +registries = [] + +#blocked (docker only) +[registries.block] +registries = [] diff --git a/debian/expand.go b/debian/expand.go new file mode 100644 index 0000000..6bf0ea8 --- /dev/null +++ b/debian/expand.go @@ -0,0 +1,102 @@ +package expansion + +import ( + "bytes" +) + +const ( + operator = '$' + referenceOpener = '(' + referenceCloser = ')' +) + +// syntaxWrap returns the input string wrapped by the expansion syntax. +func syntaxWrap(input string) string { + return string(operator) + string(referenceOpener) + input + string(referenceCloser) +} + +// MappingFuncFor returns a mapping function for use with Expand that +// implements the expansion semantics defined in the expansion spec; it +// returns the input string wrapped in the expansion syntax if no mapping +// for the input is found. +func MappingFuncFor(context ...map[string]string) func(string) string { + return func(input string) string { + for _, vars := range context { + val, ok := vars[input] + if ok { + return val + } + } + + return syntaxWrap(input) + } +} + +// Expand replaces variable references in the input string according to +// the expansion spec using the given mapping function to resolve the +// values of variables. +func Expand(input string, mapping func(string) string) string { + var buf bytes.Buffer + checkpoint := 0 + for cursor := 0; cursor < len(input); cursor++ { + if input[cursor] == operator && cursor+1 < len(input) { + // Copy the portion of the input string since the last + // checkpoint into the buffer + buf.WriteString(input[checkpoint:cursor]) + + // Attempt to read the variable name as defined by the + // syntax from the input string + read, isVar, advance := tryReadVariableName(input[cursor+1:]) + + if isVar { + // We were able to read a variable name correctly; + // apply the mapping to the variable name and copy the + // bytes into the buffer + buf.WriteString(mapping(read)) + } else { + // Not a variable name; copy the read bytes into the buffer + buf.WriteString(read) + } + + // Advance the cursor in the input string to account for + // bytes consumed to read the variable name expression + cursor += advance + + // Advance the checkpoint in the input string + checkpoint = cursor + 1 + } + } + + // Return the buffer and any remaining unwritten bytes in the + // input string. + return buf.String() + input[checkpoint:] +} + +// tryReadVariableName attempts to read a variable name from the input +// string and returns the content read from the input, whether that content +// represents a variable name to perform mapping on, and the number of bytes +// consumed in the input string. +// +// The input string is assumed not to contain the initial operator. +func tryReadVariableName(input string) (string, bool, int) { + switch input[0] { + case operator: + // Escaped operator; return it. + return input[0:1], false, 1 + case referenceOpener: + // Scan to expression closer + for i := 1; i < len(input); i++ { + if input[i] == referenceCloser { + return input[1:i], true, i + 1 + } + } + + // Incomplete reference; return it. + return string(operator) + string(referenceOpener), false, 1 + default: + // Not the beginning of an expression, ie, an operator + // that doesn't begin an expression. Return the operator + // and the first rune in the string. + return (string(operator) + string(input[0])), false, 1 + } +} diff --git a/debian/fill.copyright.blanks.yml b/debian/fill.copyright.blanks.yml new file mode 100644 index 0000000..4581c0b --- /dev/null +++ b/debian/fill.copyright.blanks.yml @@ -0,0 +1,14 @@ +--- +vendor/github.com/uber/jaeger-client-go/: + license: Apache-2.0 + 'override-copyright': 2017,2018 Uber Technologies, Inc. + +vendor/github.com/uber/jaeger-lib/metrics/histogram.go: + skip: 1 + +vendor/google.golang.org/protobuf: + skip: 1 + +vendor/github.com/gorilla/schema*: + 'override-copyright': 2012, Rodrigo Moraes + license: BSD-3-clause diff --git a/debian/fix.scanned.copyright b/debian/fix.scanned.copyright new file mode 100644 index 0000000..0c08a31 --- /dev/null +++ b/debian/fix.scanned.copyright @@ -0,0 +1,11 @@ +! Copyright License:"Expat" +! Copyright License:"Apache-2.0" + +! Files:"pkg/util/camelcase/*" + Copyright="2015, Fatih Arslan" + License short_name=Expat + full_license~ + +! Files:"vendor/github.com/gorilla/schema/*" + Copyright="2012, Rodrigo Moraes" + License short_name=BSD-3-clause diff --git a/debian/gbp.conf b/debian/gbp.conf new file mode 100644 index 0000000..2d3c321 --- /dev/null +++ b/debian/gbp.conf @@ -0,0 +1,4 @@ +[DEFAULT] +debian-branch = debian/experimental +upstream-branch = upstream/latest +upstream-vcs-tag = v%(version%~%-)s diff --git a/debian/patches/downgrade-checkpoint-restore-criu.patch b/debian/patches/downgrade-checkpoint-restore-criu.patch new file mode 100644 index 0000000..2d1df85 --- /dev/null +++ b/debian/patches/downgrade-checkpoint-restore-criu.patch @@ -0,0 +1,54 @@ +Index: libpod/libpod/container_internal_common.go +=================================================================== +--- libpod.orig/libpod/container_internal_common.go ++++ libpod/libpod/container_internal_common.go +@@ -21,7 +21,7 @@ import ( + "time" + + metadata "github.com/checkpoint-restore/checkpointctl/lib" +- "github.com/checkpoint-restore/go-criu/v7/stats" ++ "github.com/checkpoint-restore/go-criu/v6/stats" + "github.com/containers/buildah" + "github.com/containers/buildah/pkg/chrootuser" + "github.com/containers/buildah/pkg/overlay" +Index: libpod/pkg/checkpoint/crutils/checkpoint_restore_utils.go +=================================================================== +--- libpod.orig/pkg/checkpoint/crutils/checkpoint_restore_utils.go ++++ libpod/pkg/checkpoint/crutils/checkpoint_restore_utils.go +@@ -10,7 +10,7 @@ import ( + "path/filepath" + + metadata "github.com/checkpoint-restore/checkpointctl/lib" +- "github.com/checkpoint-restore/go-criu/v7/stats" ++ "github.com/checkpoint-restore/go-criu/v6/stats" + "github.com/containers/storage/pkg/archive" + "github.com/opencontainers/selinux/go-selinux/label" + ) +Index: libpod/pkg/criu/criu_linux.go +=================================================================== +--- libpod.orig/pkg/criu/criu_linux.go ++++ libpod/pkg/criu/criu_linux.go +@@ -6,8 +6,8 @@ package criu + import ( + "fmt" + +- "github.com/checkpoint-restore/go-criu/v7" +- "github.com/checkpoint-restore/go-criu/v7/rpc" ++ "github.com/checkpoint-restore/go-criu/v6" ++ "github.com/checkpoint-restore/go-criu/v6/rpc" + + "google.golang.org/protobuf/proto" + ) +Index: libpod/test/e2e/checkpoint_test.go +=================================================================== +--- libpod.orig/test/e2e/checkpoint_test.go ++++ libpod/test/e2e/checkpoint_test.go +@@ -10,7 +10,7 @@ import ( + "strings" + "time" + +- "github.com/checkpoint-restore/go-criu/v7/stats" ++ "github.com/checkpoint-restore/go-criu/v6/stats" + "github.com/containers/podman/v4/pkg/checkpoint/crutils" + "github.com/containers/podman/v4/pkg/criu" + "github.com/containers/podman/v4/pkg/domain/entities" diff --git a/debian/patches/pkg-fileserver-buildtags.patch b/debian/patches/pkg-fileserver-buildtags.patch new file mode 100644 index 0000000..6b6f6d8 --- /dev/null +++ b/debian/patches/pkg-fileserver-buildtags.patch @@ -0,0 +1,25 @@ +From: Reinhard Tartler +Subject: avoid building pkg/fileserver implemenation + +The plan9 server is only relevant for the windows build + +Index: libpod/pkg/fileserver/plan9/serve.go +=================================================================== +--- libpod.orig/pkg/fileserver/plan9/serve.go ++++ libpod/pkg/fileserver/plan9/serve.go +@@ -1,3 +1,5 @@ ++//go:build windows ++// +build windows + package plan9 + + import ( +Index: libpod/pkg/fileserver/server_windows.go +=================================================================== +--- libpod.orig/pkg/fileserver/server_windows.go ++++ libpod/pkg/fileserver/server_windows.go +@@ -1,3 +1,5 @@ ++//go:build windows ++// +build windows + package fileserver + + import ( diff --git a/debian/patches/revert-newer-docker.patch b/debian/patches/revert-newer-docker.patch new file mode 100644 index 0000000..b8aee01 --- /dev/null +++ b/debian/patches/revert-newer-docker.patch @@ -0,0 +1,149 @@ +This patch reverts commit e308ba0215baa95be5e177533adc1e15029e0869 +Author: Miloslav Trmač +Date: Wed Jan 25 19:22:41 2023 +0100 + + Vendor c/image after https://github.com/containers/image/pull/1816 + + Also includes unreleased https://github.com/openshift/imagebuilder/pull/246 to work + with the updated docker/docker dependency. + + And updates some references to newly deprecated docker/docker symbols. + + [NO NEW TESTS NEEDED] + + Signed-off-by: Miloslav Trmač + +Index: libpod/pkg/api/handlers/compat/system.go +=================================================================== +--- libpod.orig/pkg/api/handlers/compat/system.go ++++ libpod/pkg/api/handlers/compat/system.go +@@ -11,7 +11,6 @@ import ( + "github.com/containers/podman/v4/pkg/domain/entities" + "github.com/containers/podman/v4/pkg/domain/infra/abi" + docker "github.com/docker/docker/api/types" +- "github.com/docker/docker/api/types/volume" + ) + + func GetDiskUsage(w http.ResponseWriter, r *http.Request) { +@@ -65,9 +64,9 @@ func GetDiskUsage(w http.ResponseWriter, + ctnrs[i] = &t + } + +- vols := make([]*volume.Volume, len(df.Volumes)) ++ vols := make([]*docker.Volume, len(df.Volumes)) + for i, o := range df.Volumes { +- t := volume.Volume{ ++ t := docker.Volume{ + CreatedAt: "", + Driver: "", + Labels: map[string]string{}, +@@ -76,7 +75,7 @@ func GetDiskUsage(w http.ResponseWriter, + Options: nil, + Scope: "local", + Status: nil, +- UsageData: &volume.UsageData{ ++ UsageData: &docker.VolumeUsageData{ + RefCount: int64(o.Links), + Size: o.Size, + }, +Index: libpod/pkg/api/handlers/compat/volumes.go +=================================================================== +--- libpod.orig/pkg/api/handlers/compat/volumes.go ++++ libpod/pkg/api/handlers/compat/volumes.go +@@ -55,14 +55,14 @@ func ListVolumes(w http.ResponseWriter, + utils.InternalServerError(w, err) + return + } +- volumeConfigs := make([]*docker_api_types_volume.Volume, 0, len(vols)) ++ volumeConfigs := make([]*docker_api_types.Volume, 0, len(vols)) + for _, v := range vols { + mp, err := v.MountPoint() + if err != nil { + utils.InternalServerError(w, err) + return + } +- config := docker_api_types_volume.Volume{ ++ config := docker_api_types.Volume{ + Name: v.Name(), + Driver: v.Driver(), + Mountpoint: mp, +@@ -73,7 +73,7 @@ func ListVolumes(w http.ResponseWriter, + } + volumeConfigs = append(volumeConfigs, &config) + } +- response := docker_api_types_volume.ListResponse{ ++ response := docker_api_types_volume.VolumeListOKBody{ + Volumes: volumeConfigs, + Warnings: []string{}, + } +@@ -94,7 +94,7 @@ func CreateVolume(w http.ResponseWriter, + return + } + // decode params from body +- input := docker_api_types_volume.CreateOptions{} ++ input := docker_api_types_volume.VolumeCreateBody{} + if err := json.NewDecoder(r.Body).Decode(&input); err != nil { + utils.Error(w, http.StatusInternalServerError, fmt.Errorf("Decode(): %w", err)) + return +@@ -121,7 +121,7 @@ func CreateVolume(w http.ResponseWriter, + utils.InternalServerError(w, err) + return + } +- response := docker_api_types_volume.Volume{ ++ response := docker_api_types.Volume{ + CreatedAt: existingVolume.CreatedTime().Format(time.RFC3339), + Driver: existingVolume.Driver(), + Labels: existingVolume.Labels(), +@@ -166,7 +166,7 @@ func CreateVolume(w http.ResponseWriter, + utils.InternalServerError(w, err) + return + } +- volResponse := docker_api_types_volume.Volume{ ++ volResponse := docker_api_types.Volume{ + Name: config.Name, + Driver: config.Driver, + Mountpoint: mp, +@@ -196,7 +196,7 @@ func InspectVolume(w http.ResponseWriter + utils.InternalServerError(w, err) + return + } +- volResponse := docker_api_types_volume.Volume{ ++ volResponse := docker_api_types.Volume{ + Name: vol.Name(), + Driver: vol.Driver(), + Mountpoint: mp, +Index: libpod/pkg/api/handlers/swagger/responses.go +=================================================================== +--- libpod.orig/pkg/api/handlers/swagger/responses.go ++++ libpod/pkg/api/handlers/swagger/responses.go +@@ -240,7 +240,7 @@ type containersList struct { + // swagger:response + type volumeInspect struct { + // in:body +- Body dockerVolume.Volume ++ Body dockerAPI.Volume + } + + // Volume prune +@@ -254,7 +254,7 @@ type volumePruneResponse struct { + // swagger:response + type volumeList struct { + // in:body +- Body dockerVolume.ListResponse ++ Body dockerVolume.VolumeListOKBody + } + + // Volume list +Index: libpod/test/apiv2/45-system.at +=================================================================== +--- libpod.orig/test/apiv2/45-system.at ++++ libpod/test/apiv2/45-system.at +@@ -7,7 +7,7 @@ + t POST 'libpod/system/prune?volumes=true&all=true' params='' 200 + + ## podman system df +-t GET system/df 200 '{"LayersSize":0,"Images":[],"Containers":[],"Volumes":[],"BuildCache":[]}' ++t GET system/df 200 '{"LayersSize":0,"Images":[],"Containers":[],"Volumes":[],"BuildCache":[],"BuilderSize":0}' + t GET libpod/system/df 200 '{"ImagesSize":0,"Images":[],"Containers":[],"Volumes":[]}' + + # Create volume. We expect df to report this volume next invocation of system/df diff --git a/debian/patches/revert-newer-docker2.patch b/debian/patches/revert-newer-docker2.patch new file mode 100644 index 0000000..7ce2457 --- /dev/null +++ b/debian/patches/revert-newer-docker2.patch @@ -0,0 +1,96 @@ +Author: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> +Date: Tue May 16 19:12:07 2023 +0000 +Subject: Revert 6b48e9962cfec5ffb89b40e9e924ccd80ba8df0a + + fix(deps): update module github.com/docker/docker to v24 + + Also reflect removed/deprecated fields in the compat API. + +Index: libpod/pkg/api/handlers/compat/auth.go +=================================================================== +--- libpod.orig/pkg/api/handlers/compat/auth.go ++++ libpod/pkg/api/handlers/compat/auth.go +@@ -15,11 +15,11 @@ import ( + "github.com/containers/podman/v4/pkg/api/handlers/utils" + api "github.com/containers/podman/v4/pkg/api/types" + "github.com/containers/podman/v4/pkg/domain/entities" +- "github.com/docker/docker/api/types/registry" ++ docker "github.com/docker/docker/api/types" + ) + + func Auth(w http.ResponseWriter, r *http.Request) { +- var authConfig registry.AuthConfig ++ var authConfig docker.AuthConfig + err := json.NewDecoder(r.Body).Decode(&authConfig) + if err != nil { + utils.Error(w, http.StatusInternalServerError, fmt.Errorf("failed to parse request: %w", err)) +Index: libpod/pkg/api/handlers/compat/info.go +=================================================================== +--- libpod.orig/pkg/api/handlers/compat/info.go ++++ libpod/pkg/api/handlers/compat/info.go +@@ -62,6 +62,8 @@ func GetInfo(w http.ResponseWriter, r *h + CPUSet: sysInfo.Cpuset, + CPUShares: sysInfo.CPUShares, + CgroupDriver: configInfo.Engine.CgroupManager, ++ ClusterAdvertise: "", ++ ClusterStore: "", + ContainerdCommit: docker.Commit{}, + Containers: infoData.Store.ContainerStore.Number, + ContainersPaused: stateInfo[define.ContainerStatePaused], +Index: libpod/pkg/auth/auth.go +=================================================================== +--- libpod.orig/pkg/auth/auth.go ++++ libpod/pkg/auth/auth.go +@@ -10,7 +10,7 @@ import ( + + imageAuth "github.com/containers/image/v5/pkg/docker/config" + "github.com/containers/image/v5/types" +- dockerAPITypes "github.com/docker/docker/api/types/registry" ++ dockerAPITypes "github.com/docker/docker/api/types" + "github.com/sirupsen/logrus" + ) + +Index: libpod/pkg/specgen/generate/kube/kube.go +=================================================================== +--- libpod.orig/pkg/specgen/generate/kube/kube.go ++++ libpod/pkg/specgen/generate/kube/kube.go +@@ -35,7 +35,7 @@ import ( + "github.com/containers/podman/v4/pkg/specgen/generate" + systemdDefine "github.com/containers/podman/v4/pkg/systemd/define" + "github.com/containers/podman/v4/pkg/util" +- "github.com/docker/docker/pkg/meminfo" ++ "github.com/docker/docker/pkg/system" + "github.com/docker/go-units" + spec "github.com/opencontainers/runtime-spec/specs-go" + "github.com/sirupsen/logrus" +@@ -1122,7 +1122,7 @@ func getContainerResources(container v1. + requests := container.Resources.Requests + + if limits == nil || limits.Memory().IsZero() { +- mi, err := meminfo.Read() ++ mi, err := system.ReadMemInfo() + if err != nil { + return result, err + } +Index: libpod/pkg/specgen/generate/kube/play_test.go +=================================================================== +--- libpod.orig/pkg/specgen/generate/kube/play_test.go ++++ libpod/pkg/specgen/generate/kube/play_test.go +@@ -15,7 +15,7 @@ import ( + v12 "github.com/containers/podman/v4/pkg/k8s.io/apimachinery/pkg/apis/meta/v1" + "github.com/containers/podman/v4/pkg/k8s.io/apimachinery/pkg/util/intstr" + "github.com/containers/podman/v4/pkg/specgen" +- "github.com/docker/docker/pkg/meminfo" ++ "github.com/docker/docker/pkg/system" + "github.com/stretchr/testify/assert" + "sigs.k8s.io/yaml" + ) +@@ -448,7 +448,7 @@ func TestEnvVarValue(t *testing.T) { + secretsManager := createSecrets(t, d) + stringNumCPUs := strconv.Itoa(runtime.NumCPU()) + +- mi, err := meminfo.Read() ++ mi, err := system.ReadMemInfo() + assert.Nil(t, err) + stringMemTotal := strconv.FormatInt(mi.MemTotal, 10) + diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 0000000..92a8c19 --- /dev/null +++ b/debian/patches/series @@ -0,0 +1,6 @@ +system-goimports.patch +downgrade-checkpoint-restore-criu.patch +revert-newer-docker.patch +revert-newer-docker2.patch +sigstore-tests.patch +pkg-fileserver-buildtags.patch diff --git a/debian/patches/sigstore-tests.patch b/debian/patches/sigstore-tests.patch new file mode 100644 index 0000000..96ab794 --- /dev/null +++ b/debian/patches/sigstore-tests.patch @@ -0,0 +1,40 @@ +Index: libpod/pkg/trust/policy_test.go +=================================================================== +--- libpod.orig/pkg/trust/policy_test.go ++++ libpod/pkg/trust/policy_test.go +@@ -49,11 +49,6 @@ func TestAddPolicyEntries(t *testing.T) + }, + { + Scope: "default", +- Type: "sigstoreSigned", +- PubKeyFiles: []string{}, // A key is missing +- }, +- { +- Scope: "default", + Type: "this-is-unknown", + PubKeyFiles: []string{}, + }, +@@ -78,12 +73,6 @@ func TestAddPolicyEntries(t *testing.T) + PubKeyFiles: []string{"/1.pub", "/2.pub"}, + }) + assert.NoError(t, err) +- err = AddPolicyEntries(policyPath, AddPolicyEntriesInput{ +- Scope: "quay.io/sigstore-signed", +- Type: "sigstoreSigned", +- PubKeyFiles: []string{"/1.pub", "/2.pub"}, +- }) +- assert.NoError(t, err) + + // Test that the outcome is consumable, and compare it with the expected values. + parsedPolicy, err := signature.NewPolicyFromFile(policyPath) +@@ -101,10 +90,6 @@ func TestAddPolicyEntries(t *testing.T) + xNewPRSignedByKeyPath(t, "/1.pub", signature.NewPRMMatchRepoDigestOrExact()), + xNewPRSignedByKeyPath(t, "/2.pub", signature.NewPRMMatchRepoDigestOrExact()), + }, +- "quay.io/sigstore-signed": { +- xNewPRSigstoreSignedKeyPath(t, "/1.pub", signature.NewPRMMatchRepoDigestOrExact()), +- xNewPRSigstoreSignedKeyPath(t, "/2.pub", signature.NewPRMMatchRepoDigestOrExact()), +- }, + }, + }, + }, parsedPolicy) diff --git a/debian/patches/system-goimports.patch b/debian/patches/system-goimports.patch new file mode 100644 index 0000000..1e51ec8 --- /dev/null +++ b/debian/patches/system-goimports.patch @@ -0,0 +1,13 @@ +Index: libpod/pkg/bindings/generator/generator.go +=================================================================== +--- libpod.orig/pkg/bindings/generator/generator.go ++++ libpod/pkg/bindings/generator/generator.go +@@ -170,7 +170,7 @@ func main() { + } + + // go import file +- goimport := exec.Command("../../../test/tools/build/goimports", "-w", out.Name()) ++ goimport := exec.Command("goimports", "-w", out.Name()) + goimport.Stderr = os.Stdout + if err := goimport.Run(); err != nil { + fmt.Println(err) diff --git a/debian/podman-docker.install b/debian/podman-docker.install new file mode 100644 index 0000000..b8b05fe --- /dev/null +++ b/debian/podman-docker.install @@ -0,0 +1,3 @@ +usr/bin/docker +usr/lib/tmpfiles.d/podman-docker.conf +usr/share/user-tmpfiles.d/podman-docker.conf diff --git a/debian/podman-docker.manpages b/debian/podman-docker.manpages new file mode 100644 index 0000000..a7613cb --- /dev/null +++ b/debian/podman-docker.manpages @@ -0,0 +1 @@ +usr/share/man/*/docker*.* diff --git a/debian/podman-remote.bash-completion b/debian/podman-remote.bash-completion new file mode 120000 index 0000000..fac8ea9 --- /dev/null +++ b/debian/podman-remote.bash-completion @@ -0,0 +1 @@ +../completions/bash/podman-remote \ No newline at end of file diff --git a/debian/podman-remote.docs b/debian/podman-remote.docs new file mode 100644 index 0000000..ea2ddd2 --- /dev/null +++ b/debian/podman-remote.docs @@ -0,0 +1 @@ +docs/tutorials/remote_client.md diff --git a/debian/podman-remote.install b/debian/podman-remote.install new file mode 100644 index 0000000..f2947d5 --- /dev/null +++ b/debian/podman-remote.install @@ -0,0 +1,2 @@ +usr/bin/podman-remote /usr/bin +completions/zsh/_podman-remote /usr/share/zsh/vendor-completions diff --git a/debian/podman-remote.manpages b/debian/podman-remote.manpages new file mode 100644 index 0000000..a36be7b --- /dev/null +++ b/debian/podman-remote.manpages @@ -0,0 +1 @@ +usr/share/man/*/podman-remote.* diff --git a/debian/podman.bash-completion b/debian/podman.bash-completion new file mode 120000 index 0000000..a821063 --- /dev/null +++ b/debian/podman.bash-completion @@ -0,0 +1 @@ +../completions/bash/podman \ No newline at end of file diff --git a/debian/podman.dirs b/debian/podman.dirs new file mode 100644 index 0000000..67d641b --- /dev/null +++ b/debian/podman.dirs @@ -0,0 +1,2 @@ +etc/containers/systemd +etc/containers/systemd/users diff --git a/debian/podman.docs b/debian/podman.docs new file mode 100644 index 0000000..97f3b7c --- /dev/null +++ b/debian/podman.docs @@ -0,0 +1,9 @@ +CONTRIBUTING.md +SECURITY.md +README* +RELEASE_NOTES* +commands*.md +rootless.md +transfer.md +troubleshooting.md +docs/tutorials/*_tutorial*.md diff --git a/debian/podman.examples b/debian/podman.examples new file mode 100644 index 0000000..09636eb --- /dev/null +++ b/debian/podman.examples @@ -0,0 +1,2 @@ +debian/examples/* +test/policy.json diff --git a/debian/podman.install b/debian/podman.install new file mode 100644 index 0000000..71df451 --- /dev/null +++ b/debian/podman.install @@ -0,0 +1,11 @@ +cni/87-podman-bridge.conflist /etc/cni/net.d/ +completions/zsh/_podman /usr/share/zsh/vendor-completions +debian/etc/containers/libpod.conf /etc/containers/ +usr/bin/podman /usr/bin +usr/bin/quadlet /usr/libexec/podman/ +usr/bin/rootlessport /usr/libexec/podman/ + +# These were "moved from canonical to aliased", i.e. from /usr/lib to /lib, +# during buster->bullseye (as reported by dumat). Moving them files back to +# /usr may cause more problems, though. +usr/lib/systemd /lib/ diff --git a/debian/podman.links b/debian/podman.links new file mode 100644 index 0000000..3ecedf1 --- /dev/null +++ b/debian/podman.links @@ -0,0 +1,3 @@ +usr/libexec/podman/quadlet lib/systemd/system-generators/podman-system-generator +usr/libexec/podman/quadlet lib/systemd/user-generators/podman-user-generator +usr/bin/podman usr/bin/podmansh diff --git a/debian/podman.manpages b/debian/podman.manpages new file mode 100644 index 0000000..1b657e2 --- /dev/null +++ b/debian/podman.manpages @@ -0,0 +1,2 @@ +usr/share/man/*/podman*.* +usr/share/man/*/quadlet* diff --git a/debian/podman.postinst b/debian/podman.postinst new file mode 100644 index 0000000..6ca8247 --- /dev/null +++ b/debian/podman.postinst @@ -0,0 +1,31 @@ +#!/bin/sh + +set -e + +# summary of how this script can be called: +# * `configure' +# * `abort-upgrade' +# * `abort-remove' `in-favour' +# +# * `abort-remove' +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see https://www.debian.org/doc/debian-policy/ or +# the debian-policy package + +case "$1" in + configure) + # Podman 3.0 dropped the varlink interface, so we need to cleanup + # the related systemd service, cf. #981708 + if dpkg --compare-versions "$2" le-nl '3.0.0~rc2+dfsg1-3'; then + deb-systemd-helper purge io.podman.service io.podman.socket >/dev/null || true + deb-systemd-helper unmask io.podman.service io.podman.socket >/dev/null || true + fi + ;; + + *) + ;; +esac + +#DEBHELPER# diff --git a/debian/podman.tmpfiles b/debian/podman.tmpfiles new file mode 120000 index 0000000..6700e8c --- /dev/null +++ b/debian/podman.tmpfiles @@ -0,0 +1 @@ +../contrib/tmpfile/podman.conf \ No newline at end of file diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..db5debb --- /dev/null +++ b/debian/rules @@ -0,0 +1,124 @@ +#!/usr/bin/make -f + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +include /usr/share/dpkg/pkg-info.mk + +# cf. https://wiki.debian.org/ToolChain/LTO and https://github.com/golang/go/issues/45275 +export DEB_BUILD_MAINT_OPTIONS=optimize=-lto + +export GO111MODULE=off + +export DH_GOLANG_GO_GENERATE := 1 + +export DH_GOLANG_INSTALL_EXTRA := cni utils/testdata test/e2e/testdata pkg/trust/testdata + +export DH_GOLANG_EXCLUDES := \ + contrib/perftest \ + dependencies \ + hack/podman-registry-go \ + cmd/podman/machine \ + pkg/bindings/test \ + podman/pkg/machine/e2e \ + test/e2e \ + test/endpoint \ + test/framework \ + test/goecho \ + test/testvol \ + test/utils \ + test/version + +# machine/qemu only works on amd64, arm64 +ifneq (,$(filter amd64 arm64,$(DEB_HOST_ARCH))) +export DH_GOLANG_EXCLUDES += pkg/machine/qemu +endif + + +export DH_GOLANG_TEST_EXCLUDES := $(DH_GOLANG_EXCLUDES) \ + hack \ + lock/file \ + network/cni \ + pkg/bindings \ + pkg/machine \ + podman/cmd/podman/common + + +export HOME=$(CURDIR)/debian/tmp + +## https://podman.io/getting-started/installation#build-tags +BUILDTAGS := apparmor,seccomp,selinux,systemd,libsubid +BUILDTAGS_REMOTE := remote,exclude_graphdriver_btrfs,btrfs_noversion,exclude_graphdriver_devicemapper,containers_image_openpgp + +# containers_image_openpgp + +%: + dh $@ --buildsystem=golang --with=golang,bash-completion --builddirectory=_output + +execute_after_dh_auto_clean: + # this is in addition to the golang cleanups, and cleans up docs among + # other things. Use bash, as there is a $(<.gitignore) bashism in there. + $(MAKE) clean SHELL=/bin/bash + +execute_after_dh_auto_configure: + # install extra source + install -Dv -t _output/src/github.com/containers/podman/vendor/k8s.io/kubernetes/third_party/forked/golang/expansion debian/expand.go + +override_dh_auto_build: + $(MAKE) docs docker-docs GOMD2MAN=/usr/bin/go-md2man + +# LDFLAGS_PODMAN="-X main.gitCommit=$(GIT_COMMIT)" +# upstream Makefile calls `go build ... -o bin/podman-remote ./cmd/podman` +# dont know how I get dh_auto_build to do that. + DH_GOLANG_BUILDPKG="github.com/containers/podman/cmd/podman" \ + dh_auto_build -v --builddirectory=_output -- -tags "$(BUILDTAGS_REMOTE)" \ + -ldflags "-X main.buildInfo=$(DEB_VERSION)" + mv _output/bin/podman _output/bin/podman-remote + DH_GOLANG_BUILDPKG="github.com/containers/podman/cmd/..." \ + dh_auto_build -v --builddirectory=_output -- -tags "$(BUILDTAGS)" \ + -ldflags "-X main.buildInfo=$(DEB_VERSION)" + +override_dh_auto_test: +ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS))) + # make test binaries available where the tests expect them + ln -sv ../../../../bin _output/src/github.com/containers/podman/bin + mkdir -p -m700 $(CURDIR)/debian/tmp-home/.cache + mkdir -p -m700 $(CURDIR)/debian/tmp-home/.config + mkdir -p -m700 $(CURDIR)/debian/tmp-home/.local/share + mkdir -p -m700 $(CURDIR)/debian/tmp-home/run + env \ + HOME=$(CURDIR)/debian/tmp-home/.cache \ + XDG_CACHE_HOME=$(CURDIR)/debian/tmp-home/.cache \ + XDG_CONFIG_HOME=$(CURDIR)/debian/tmp-home/.config \ + XDG_DATA_HOME=$(CURDIR)/debian/tmp-home/.local/share \ + XDG_RUNTIME_DIR=$(CURDIR)/debian/tmp-home/run \ + PATH="$(CURDIR)/_output/bin:$$PATH" \ + DH_GOLANG_EXCLUDES="$${DH_GOLANG_TEST_EXCLUDES}" \ + dh_auto_test -v --max-parallel=2 -- -tags "$(BUILDTAGS)" + rm -rf $(CURDIR)/debian/tmp-home +endif + +override_dh_auto_install: + dh_auto_install \ + --destdir=debian/tmp \ + --buildsystem=golang \ + --builddirectory=_output \ + -- \ + --no-source + # generate and install systemd unit files, manpages, etc. + make DESTDIR=debian/tmp PREFIX=/usr \ + install.systemd install.docker-full install.man + +execute_after_dh_installman: + # installed in the podman-remote package instead + rm -f --verbose $(CURDIR)/debian/podman/usr/share/man/man1/podman-remote.1* + # avoid file conflicts with the podman-compose/docker-compose packages, cf. #1054460 + rm -f --verbose $(CURDIR)/debian/podman/usr/share/man/man1/podman-compose.1* + rm -f --verbose $(CURDIR)/debian/podman-docker/usr/share/man/man1/docker-compose.1* + # don't ship "dockersh": podmansh is a podman-specific function + rm -f --verbose $(CURDIR)/debian/podman-docker/usr/share/man/man1/dockersh.1* + +override_dh_installsystemd: + dh_installsystemd + dh_installsystemd --name=podman-auto-update + dh_installsystemd --name=podman-restart diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 0000000..163aaf8 --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/debian/source/lintian-overrides b/debian/source/lintian-overrides new file mode 100644 index 0000000..5715def --- /dev/null +++ b/debian/source/lintian-overrides @@ -0,0 +1 @@ +libpod source: absolute-symbolic-link-target-in-source /tmp/private_file [test/e2e/build/containerignore-symlink/.dockerignore] diff --git a/debian/tests/builtin-tests b/debian/tests/builtin-tests new file mode 100644 index 0000000..0f191a1 --- /dev/null +++ b/debian/tests/builtin-tests @@ -0,0 +1,18 @@ +#!/bin/sh -ex + +export DH_GOLANG_EXCLUDES=" + contrib/perftest + dependencies + hack/podman-registry-go + pkg/bindings/test + podman/pkg/machine/e2e + test/e2e + test/endpoint + test/utils +" + +dh_auto_configure -O--buildsystem=golang -O--builddirectory=_build +dh_auto_build -O--buildsystem=golang -O--builddirectory=_build + +dh_auto_test -O--buildsystem=golang -O--builddirectory=_build --no-parallel -- -timeout 30m + diff --git a/debian/tests/control b/debian/tests/control new file mode 100644 index 0000000..0a28482 --- /dev/null +++ b/debian/tests/control @@ -0,0 +1,16 @@ +Test-Command: podman info +Restrictions: needs-root, allow-stderr + +Tests: builtin-tests +Depends: + @builddeps@, + @, + buildah, + catatonit, + containers-storage, + dbus-user-session, + fuse-overlayfs, + iptables, + slirp4netns, + uidmap, +Restrictions: allow-stderr, needs-root, flaky diff --git a/debian/upstream/metadata b/debian/upstream/metadata new file mode 100644 index 0000000..213bab8 --- /dev/null +++ b/debian/upstream/metadata @@ -0,0 +1,5 @@ +Repository: https://github.com/containers/libpod.git +Repository-Browse: https://github.com/containers/libpod +Changelog: https://github.com/containers/podman/blob/main/RELEASE_NOTES.md +Bug-Database: https://github.com/containers/libpod/issues +Bug-Submit: https://github.com/containers/libpod/issues/new diff --git a/debian/watch b/debian/watch new file mode 100644 index 0000000..f7f5d24 --- /dev/null +++ b/debian/watch @@ -0,0 +1,12 @@ +# uscan(1) configuration file. +version=4 + +opts="\ +pgpmode=none,\ +repacksuffix=+ds1,\ +repack,compression=xz,\ +dirversionmangle=s/-rc/~rc/,\ +uversionmangle=s/-rc/~rc/,\ +dversionmangle=s{[+~]ds\d*}{},\ +" https://github.com/containers/podman/tags \ + .*/v?@ANY_VERSION@@ARCHIVE_EXT@ -- cgit v1.2.3