diff --git a/0003-eat-signal-23-in-signal-proxy.patch b/0003-eat-signal-23-in-signal-proxy.patch new file mode 100644 index 0000000000000000000000000000000000000000..ad307b577f9e98c92c9d6820d9a274abcde6b349 --- /dev/null +++ b/0003-eat-signal-23-in-signal-proxy.patch @@ -0,0 +1,29 @@ +From 7bb9c6b9d1f195391f50047447b8caec404b5c2a Mon Sep 17 00:00:00 2001 +From: maminjie +Date: Wed, 31 Mar 2021 11:22:39 +0800 +Subject: [PATCH] eat signal 23 in signal proxy + +reference to: https://github.com/containers/podman/pull/5496 +--- + cmd/podman/sigproxy.go | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/cmd/podman/sigproxy.go b/cmd/podman/sigproxy.go +index 16861ba..9bb104d 100644 +--- a/cmd/podman/sigproxy.go ++++ b/cmd/podman/sigproxy.go +@@ -19,7 +19,10 @@ func ProxySignals(ctr *libpod.Container) { + for s := range sigBuffer { + // Ignore SIGCHLD and SIGPIPE - these are mostly likely + // intended for the podman command itself. +- if s == signal.SIGCHLD || s == signal.SIGPIPE { ++ // SIGURG was added because of golang 1.14 and its preemptive changes ++ // causing more signals to "show up". ++ // https://github.com/containers/libpod/issues/5483 ++ if s == syscall.SIGCHLD || s == syscall.SIGPIPE || s == syscall.SIGURG { + continue + } + +-- +2.23.0 + diff --git a/podman.spec b/podman.spec index 9a731630ccd92bb168835a2bd9f833917170d2ac..4ee0aaec53a6a386ef5d09d6f4e98aaf23407c88 100644 --- a/podman.spec +++ b/podman.spec @@ -1,6 +1,6 @@ Name: podman Version: 0.10.1 -Release: 6 +Release: 7 Summary: A daemonless container engine for managing Containers Epoch: 1 License: ASL 2.0 @@ -10,7 +10,8 @@ BuildRequires: compiler(go-compiler) btrfs-progs-devel glib2-devel glibc-devel g BuildRequires: git go-md2man gpgme-devel libassuan-devel libgpg-error-devel libseccomp-devel BuildRequires: libselinux-devel ostree-devel pkgconfig make Requires: docker-runc containers-common containernetworking-plugins >= 0.7.3-2 iptables nftables conmon -Recommends: container-selinux >= 2:2.71 slirp4netns +Requires: (container-selinux if selinux-policy) +Recommends: slirp4netns Provides: bundled(golang(github.com/Azure/go-ansiterm)) = 19f72df4d05d31cbe1c56bfc8045c96babff6c7e Provides: bundled(golang(github.com/blang/semver)) = v3.5.0 @@ -114,6 +115,7 @@ Patch3: CVE-2021-20188-PRE2.patch Patch4: CVE-2021-20188-PRE3.patch Patch5: CVE-2021-20188.patch Patch6: 0002-Fix-the-invalid-memory-address-reference.patch +Patch7: 0003-eat-signal-23-in-signal-proxy.patch %description Podman manages the entire container ecosystem which includes pods, @@ -216,6 +218,10 @@ install -Dp -m644 libpod.conf %{buildroot}%{_datadir}/containers/libpod.conf %{_mandir}/man5/*.5* %changelog +* Wed Mar 31 2021 maminjie - 1:0.10.1-7 +- Eat signal 23 in signal proxy +- Require container-selinux only when selinux-policy is installed + * Sat Mar 13 2021 maminjie - 1:0.10.1-6 - Fix the invalid memory address reference