Commit ef422607 authored by Dmitry Smirnov's avatar Dmitry Smirnov

Transition to golang-github-opencontainers-selinux-dev (>= 1.3.0~)

parent 6cb98cd6
......@@ -89,7 +89,7 @@ Build-Depends: debhelper (>= 11~) ,dh-exec ,dh-golang (>= 1.14~)
,golang-github-opencontainers-image-spec-dev (>= 1.0.1~)
,golang-github-opencontainers-runc-dev (>= 1.0.0~rc6~)
,golang-github-opencontainers-runtime-tools-dev
,golang-github-opencontainers-selinux-dev
,golang-github-opencontainers-selinux-dev (>= 1.3.0~)
,golang-github-opencontainers-specs-dev (>= 1.0.1~)
,golang-github-opentracing-contrib-go-stdlib-dev
,golang-github-opentracing-opentracing-go-dev
......@@ -211,7 +211,7 @@ Depends: ${misc:Depends}
,golang-github-opencontainers-go-digest-dev
,golang-github-opencontainers-image-spec-dev
,golang-github-opencontainers-runc-dev (>= 1.0.0~rc6~)
,golang-github-opencontainers-selinux-dev
,golang-github-opencontainers-selinux-dev (>= 1.3.0~)
,golang-github-pkg-errors-dev
,golang-github-sirupsen-logrus-dev (>= 1.0.2~)
,golang-github-stretchr-testify-dev
......
Origin: upstream, https://github.com/containerd/cri/commit/7b397f03221df3777545597e081b9b52c165c35f
From 7b397f03221df3777545597e081b9b52c165c35f Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Wed, 27 Mar 2019 16:08:02 +0100
Subject: bump opencontainers/selinux to v1.2
--- a/containerd/vendor/github.com/containerd/cri/pkg/server/helpers.go
+++ b/containerd/vendor/github.com/containerd/cri/pkg/server/helpers.go
@@ -33,9 +33,8 @@
"github.com/docker/distribution/reference"
imagedigest "github.com/opencontainers/go-digest"
runtimespec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/opencontainers/runtime-tools/generate"
- "github.com/opencontainers/selinux/go-selinux"
"github.com/opencontainers/selinux/go-selinux/label"
"github.com/pkg/errors"
"golang.org/x/net/context"
runtime "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
@@ -342,9 +341,14 @@
selinuxOpt.GetUser(),
selinuxOpt.GetRole(),
selinuxOpt.GetType(),
selinuxOpt.GetLevel())
- return label.InitLabels(selinux.DupSecOpt(labelOpts))
+
+ options, err := label.DupSecOpt(labelOpts)
+ if err != nil {
+ return "", "", err
+ }
+ return label.InitLabels(options)
}
func checkSelinuxLevel(level string) (bool, error) {
if len(level) == 0 {
Origin: upstream, https://github.com/moby/moby/commit/f43826c43398b15513ab89d9350a50c8528464df
From: Sebastiaan van Stijn <github@gone.nl>
Date: Thu, 21 Mar 2019 09:58:13 +0100
Subject: bump opencontainers/selinux to v1.2
--- a/engine/daemon/create.go
+++ b/engine/daemon/create.go
@@ -225,9 +225,12 @@
c, err := daemon.GetContainer(ipcContainer)
if err != nil {
return nil, err
}
- ipcLabel = label.DupSecOpt(c.ProcessLabel)
+ ipcLabel, err = label.DupSecOpt(c.ProcessLabel)
+ if err != nil {
+ return nil, err
+ }
if pidContainer == "" {
return toHostConfigSelinuxLabels(ipcLabel), err
}
}
@@ -236,9 +239,12 @@
if err != nil {
return nil, err
}
- pidLabel = label.DupSecOpt(c.ProcessLabel)
+ pidLabel, err = label.DupSecOpt(c.ProcessLabel)
+ if err != nil {
+ return nil, err
+ }
if ipcContainer == "" {
return toHostConfigSelinuxLabels(pidLabel), err
}
}
......@@ -34,6 +34,9 @@ mips-fix-devnumber.patch
netlink_syscall.patch
selinux-containerd_cri.patch
selinux-docker.patch
test--disable-containerizedengine-update-test.patch
test--fix-test-errors.patch
test--skip-TestAdapterReadLogs.patch
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment