From 80fb84e7de7148c3a121fa8fffc5e158e524c373 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Mon, 20 Apr 2020 11:49:32 +0200 Subject: [PATCH] bump version to 4.0.2-1 Signed-off-by: Wolfgang Bumiller --- debian/changelog | 6 ++++++ ...xc.service-start-after-a-potential-syslo.patch | 7 ++----- ...-Config-deny-rw-mounting-of-sys-and-proc.patch | 7 ++----- ...0003-PVE-Config-attach-always-use-getent.patch | 15 ++++++--------- lxc | 2 +- 5 files changed, 17 insertions(+), 20 deletions(-) diff --git a/debian/changelog b/debian/changelog index bf3dedc..5a294f0 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +lxc-pve (4.0.2-1) pve; urgency=medium + + * update teo lxc-4.0.2 + + -- Proxmox Support Team Mon, 20 Apr 2020 11:48:54 +0200 + lxc-pve (4.0.0-2) pve; urgency=medium * update to include devices cgroup fixes for cgroup isolation diff --git a/debian/patches/pve/0001-PVE-Config-lxc.service-start-after-a-potential-syslo.patch b/debian/patches/pve/0001-PVE-Config-lxc.service-start-after-a-potential-syslo.patch index 2ac8754..a5b9779 100644 --- a/debian/patches/pve/0001-PVE-Config-lxc.service-start-after-a-potential-syslo.patch +++ b/debian/patches/pve/0001-PVE-Config-lxc.service-start-after-a-potential-syslo.patch @@ -1,7 +1,7 @@ -From 04922f2a329f7a8144efd38ac95aaf8c57c3f2fc Mon Sep 17 00:00:00 2001 +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Fri, 10 Feb 2017 09:13:40 +0100 -Subject: [PATCH lxc 1/3] PVE: [Config] lxc.service: start after a potential +Subject: [PATCH lxc] PVE: [Config] lxc.service: start after a potential syslog.service We could add this as a snippet from pve-container instead. @@ -23,6 +23,3 @@ index e3745dc2d..fbe46f1d7 100644 Wants=lxc-net.service Documentation=man:lxc-autostart man:lxc --- -2.20.1 - diff --git a/debian/patches/pve/0002-PVE-Config-deny-rw-mounting-of-sys-and-proc.patch b/debian/patches/pve/0002-PVE-Config-deny-rw-mounting-of-sys-and-proc.patch index d618120..cdcfaad 100644 --- a/debian/patches/pve/0002-PVE-Config-deny-rw-mounting-of-sys-and-proc.patch +++ b/debian/patches/pve/0002-PVE-Config-deny-rw-mounting-of-sys-and-proc.patch @@ -1,7 +1,7 @@ -From b27de3448f4e1254f8a91c9241877e8bb768b752 Mon Sep 17 00:00:00 2001 +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= Date: Wed, 9 Nov 2016 09:14:26 +0100 -Subject: [PATCH lxc 2/3] PVE: [Config] deny rw mounting of /sys and /proc +Subject: [PATCH lxc] PVE: [Config] deny rw mounting of /sys and /proc Note that we don't actually make use of this anymore, since we switched to the generated profiles which already do this. @@ -64,6 +64,3 @@ index 2606fb64c..3e61c62ea 100644 # allow paths to be made slave, shared, private or unbindable # FIXME: This currently doesn't work due to the apparmor parser treating those as allowing all mounts. # mount options=(rw,make-slave) -> **, --- -2.20.1 - diff --git a/debian/patches/pve/0003-PVE-Config-attach-always-use-getent.patch b/debian/patches/pve/0003-PVE-Config-attach-always-use-getent.patch index 4c7c83f..ce8960e 100644 --- a/debian/patches/pve/0003-PVE-Config-attach-always-use-getent.patch +++ b/debian/patches/pve/0003-PVE-Config-attach-always-use-getent.patch @@ -1,7 +1,7 @@ -From 580f2f5423b975f2d6a19004139788758a34359f Mon Sep 17 00:00:00 2001 +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 13 Aug 2019 13:57:22 +0200 -Subject: [PATCH lxc 3/3] PVE: [Config] attach: always use getent +Subject: [PATCH lxc] PVE: [Config] attach: always use getent In debian buster, some libnss plugins (if installed) can cause getpwent to segfault instead of erroring out cleanly. @@ -13,10 +13,10 @@ Signed-off-by: Wolfgang Bumiller 1 file changed, 2 insertions(+), 26 deletions(-) diff --git a/src/lxc/attach.c b/src/lxc/attach.c -index 406b8ec74..0a82c0a5d 100644 +index bbf95bd5b..de3a98cf9 100644 --- a/src/lxc/attach.c +++ b/src/lxc/attach.c -@@ -1454,12 +1454,8 @@ int lxc_attach_run_command(void *payload) +@@ -1456,12 +1456,8 @@ int lxc_attach_run_command(void *payload) int lxc_attach_run_shell(void* payload) { @@ -29,7 +29,7 @@ index 406b8ec74..0a82c0a5d 100644 int ret; /* Ignore payload parameter. */ -@@ -1467,32 +1463,13 @@ int lxc_attach_run_shell(void* payload) +@@ -1469,32 +1465,13 @@ int lxc_attach_run_shell(void* payload) uid = getuid(); @@ -63,7 +63,7 @@ index 406b8ec74..0a82c0a5d 100644 if (user_shell) execlp(user_shell, user_shell, (char *)NULL); -@@ -1502,8 +1479,7 @@ int lxc_attach_run_shell(void* payload) +@@ -1504,8 +1481,7 @@ int lxc_attach_run_shell(void* payload) execlp("/bin/sh", "/bin/sh", (char *)NULL); SYSERROR("Failed to execute shell"); @@ -73,6 +73,3 @@ index 406b8ec74..0a82c0a5d 100644 return -1; } --- -2.20.1 - diff --git a/lxc b/lxc index 51c8368..538337e 160000 --- a/lxc +++ b/lxc @@ -1 +1 @@ -Subproject commit 51c8368a374726485b7a99b7e4dff05f60b1872c +Subproject commit 538337ee9dc5ca385cc8d9b6faaac1575c014a1b -- 2.39.5