v1.0.1 -- "If in doubt, Meriadoc, always follow your nose."
This is the first stable release in the 1.0 branch, fixing a few medium
and high priority issues with runc 1.0.0, including a few that affect
Kubernetes' usage of libcontainer.
Bugfixes:
* Fixed occasional runc exec/run failure ("interrupted system call") on an
Azure volume. (#3074)
* Fixed "unable to find groups ... token too long" error with /etc/group
containing lines longer than 64K characters. (#3079)
* cgroup/systemd/v1: fix leaving cgroup frozen after Set if a parent cgroup is
frozen. This is a regression in 1.0.0, not affecting runc itself but some
of libcontainer users (e.g Kubernetes). (#3085)
* cgroupv2: bpf: Ignore inaccessible existing programs in case of
permission error when handling replacement of existing bpf cgroup
programs. This fixes a regression in 1.0.0, where some SELinux
policies would block runc from being able to run entirely. (#3087)
* cgroup/systemd/v2: don't freeze cgroup on Set. (#3092)
* cgroup/systemd/v1: avoid unnecessary freeze on Set. (#3093)
Thanks to all of the contributors who made this release possible:
* Aleksa Sarai <cyphar@cyphar.com>
* Kir Kolyshkin <kolyshkin@gmail.com>
* Maksim An <maksiman@microsoft.com>
* Mrunal Patel <mrunal@me.com>
* Odin Ugedal <odin@uged.al>
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>