diff --git a/git-commit b/git-commit index 1dee8ae4059c80ac3dfa9913486a6ca989b59044..689627288a2137ff468d9b91a39765663b0d28bf 100644 --- a/git-commit +++ b/git-commit @@ -1 +1 @@ -b9ce44d97f26a1c92e3c96fc2cc7af475e24d20e +408f1a8482d8f9e4759d01b80ebd6d49b9c8b487 diff --git a/patch/0041-runc-libct-init-unify-init-fix-its-error-logic.patch b/patch/0041-runc-libct-init-unify-init-fix-its-error-logic.patch new file mode 100644 index 0000000000000000000000000000000000000000..7ea911da21a8a2bcf854530ba8c3b824c905242f --- /dev/null +++ b/patch/0041-runc-libct-init-unify-init-fix-its-error-logic.patch @@ -0,0 +1,45 @@ +From eecf5dd404208161292f0c10e6118eefea5e62f3 Mon Sep 17 00:00:00 2001 +From: Kir Kolyshkin +Date: Wed, 9 Aug 2023 12:04:26 +0900 +Subject: [PATCH] libct/init: unify init, fix its error logic + +Fix init error handling logic. + +The main issues at hand are: +- the "unable to convert _LIBCONTAINER_INITPIPE" error from + StartInitialization is never shown; +- errors from WriteSync and WriteJSON are never shown; + +Generally, our goals are: + - if there's any error, do our best to show it; + - but only show each error once; + +Signed-off-by: Kir Kolyshkin +--- + libcontainer/factory_linux.go | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/libcontainer/factory_linux.go b/libcontainer/factory_linux.go +index 39fc312..a4628b8 100644 +--- a/libcontainer/factory_linux.go ++++ b/libcontainer/factory_linux.go +@@ -288,13 +288,14 @@ func (l *LinuxFactory) StartInitialization() (err error) { + // We have an error during the initialization of the container's init, + // send it back to the parent process in the form of an initError. + if werr := writeSync(pipe, procError); werr != nil { +- fmt.Fprintln(os.Stderr, err) ++ fmt.Fprintln(os.Stderr, werr) + return + } + if werr := utils.WriteJSON(pipe, &initError{Message: err.Error()}); werr != nil { +- fmt.Fprintln(os.Stderr, err) ++ fmt.Fprintln(os.Stderr, werr) + return + } ++ err = nil + }() + + // Only init processes have FIFOFD. +-- +2.33.0 + diff --git a/runc.spec b/runc.spec index 08e9ec71c5662a88fc5453e923d0db70c502c705..a7bd43d72853aa0016c0f7dfbeeb6e1ffbb85900 100644 --- a/runc.spec +++ b/runc.spec @@ -3,7 +3,7 @@ Name: docker-runc Version: 1.1.3 -Release: 15 +Release: 16 Summary: runc is a CLI tool for spawning and running containers according to the OCI specification. License: ASL 2.0 @@ -54,6 +54,12 @@ install -p -m 755 runc $RPM_BUILD_ROOT/%{_bindir}/runc %{_bindir}/runc %changelog +* Mon Sep 18 2023 zhongjiawei - 1.1.3-16 +- Type:bugfix +- ID:NA +- SUG:NA +- DESC:fix init error return logic + * Wed Jun 21 2023 zhongjiawei - 1.1.3-15 - Type:bugfix - CVE:NA diff --git a/series.conf b/series.conf index ba173ddd9fc72276017913e5b62d684abd7d5ff5..a219b181caf46f9b5af1876c67c1837a5ec1bb84 100644 --- a/series.conf +++ b/series.conf @@ -38,3 +38,4 @@ patch/0037-runc-modify-runc-make-command-to-satisfy-the-compile.patch patch/0038-runc-libct-fix-shared-pidns-detection.patch patch/0039-runc-libct-fix-a-race-with-systemd-removal.patch patch/0040-runc-run-refuse-a-non-empty-cgroup.patch +patch/0041-runc-libct-init-unify-init-fix-its-error-logic.patch