Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Tags: githubclose2me/runc

Tags

v1.0.0-rc2

Toggle v1.0.0-rc2's commit message

Verified

This tag was signed with the committer’s verified signature.
cyphar Aleksa Sarai
GPG key ID: 9E18AA267DDB8DB4
Verified
Learn about vigilant mode 
runC 1.0.0-rc2

Features:
 + {create,run}: add --no-new-keyring flag so that a new session keyring
   is not created for the container and the calling process's keyring is
   inherited.
 + restore: add --empty-ns flag to tell CRIU to only create a network
   namespace for a container and not populate it (allowing higher levels
   to correctly handle re-creating the network namespace).
 + {create,start}: use a FIFO rather than signals to signal the starting
   of a container. This removes the Go version restriction, and also
   avoids potential issues with Go's signal handling.
 + exec: allow additional groups to be overridden.
 + delete: add --force flag.
 - exec: disable the subreaper option entirely, because the option
   causes many issues with reparenting in the context of containers.
   This is not a complete fix, which is intended to land for -rc3. Using
   the removed option will be silently ignored by runC.
 + {create,run}: add support for masking directories with MaskPaths.
 + delete: allow for the deletion of multiple containers in one cmdline.
 + build: add `make release` for distributions.

Fixes:
 * Major improvements and fixes to CLI handling. Now commands like
   `runc ps` and `runc exec` will act sanely when you're trying to use
   flags that are not meant to be parsed by runC.
 * Set the cp.rt_* cgroup options correctly so that runC running in
   SCHED_RR (realtime) mode can operate properly.
 * Massive improvements to kmem limit detection to ensure that we only
   attempt to change memory.kmem.* if it is safe to do so.
 * Part of a major cleanup of the nsenter code, with more intended to
   land before -rc3.
 * Restored containers now have a start time, which is the time that the
   new container was started (not when the original container was
   started).
 * Fix the default cgroupPath behaviour, so that we actually attach to
   subcgroups of all of the caller's current cgroups (rather than using
   the devices cgroup path for all other cgroups)
 + Support 32bit UIDs on i386 with the setuid32(2) syscall.
 + Add /proc/timer_list to the set of default masked paths.
 - Do not create /dev/fuse by default.
 * Parse cgroupPath correctly if it contains ':'.
 * Add some more debugging information for the test suite, along with
   fixes for race conditions and other issues. In addition, add more
   integration tests for edge conditions.
 * Improve check-config.sh script to handle more cases.
 * Fix incorrect type when setting of net_cls classid.
 * Lots of fixes to help pages and man pages.
 + *: append -dirty to the version if the git repo is unclean.
 * Fix the JSON tags for CpuRt* options.
 * Cleanups to the rootfs setup code.
 * Improve error messages related to SELinux.

Thanks to all of the contributors that made this release possible:

 * Akihiro Suda <[email protected]>
 * Aleksa Sarai <[email protected]>
 * Alexander Morozov <[email protected]>
 * Andrew Vagin <[email protected]>
 * Ben <[email protected]>
 * Buddha Prakash <[email protected]>
 * Carl Henrik Lunde <[email protected]>
 * Christian Brauner <[email protected]>
 * Dam Thomason <[email protected]>
 * Dan Walsh <[email protected]>
 * Daniel, Dao Quang Minh <[email protected]>
 * Davanum Srinivas <[email protected]>
 * Euan Kemp <[email protected]>
 * Guilherme Rezende <[email protected]>
 * Haiyan Meng <[email protected]>
 * Hushan Jia <[email protected]>
 * Jiuyue Ma <[email protected]>
 * Johnny Bieren <[email protected]>
 * Jonathan Boulle <[email protected]>
 * Justin Cormack <[email protected]>
 * Kenfe-Mickael Laventure <[email protected]>
 * Michael Crosby <[email protected]>
 * Mike Brown <[email protected]>
 * Mrunal Patel <[email protected]>
 * Peng Gao <[email protected]>
 * Petar Petrov <[email protected]>
 * Phil Estes <[email protected]>
 * Qiang Huang <[email protected]>
 * Serge Hallyn <[email protected]>
 * Seth Jennings <[email protected]>
 * Shukui Yang <[email protected]>
 * Tristan Cacqueray <[email protected]>
 * Vishnu kannan <[email protected]>
 * Wang Long <[email protected]>
 * Yang Hongyang <[email protected]>
 * Yen-Lin Chen <[email protected]>
 * Yuanhong Peng <[email protected]>
 * Zhang Wei <[email protected]>
 * Zhao Lei <[email protected]>
 * rajasec <[email protected]>
 * xiekeyang <[email protected]>

v1.0.0-rc1

Toggle v1.0.0-rc1's commit message 
Update runc version to 1.0.0-rc1

Signed-off-by: Michael Crosby <[email protected]>

v0.1.1

Toggle v0.1.1's commit message 
Bump to 0.1.1

This includes a fix for selinux mount labels in the spec.

Signed-off-by: Michael Crosby <[email protected]>

v0.1.0

Toggle v0.1.0's commit message 
Update runc to 0.1.0

Signed-off-by: Michael Crosby <[email protected]>

v0.0.9

Toggle v0.0.9's commit message 
Bump runc to 0.0.9

Signed-off-by: Michael Crosby <[email protected]>

v0.0.8

Toggle v0.0.8's commit message 
Merge pull request opencontainers#549 from crosbymichael/tty-close

Close tty on error before handler

v0.0.7

Toggle v0.0.7's commit message 
Merge pull request opencontainers#512 from LK4D4/bump_version

Bump runc version to 0.0.7

v0.0.6

Toggle v0.0.6's commit message 
Merge pull request opencontainers#336 from hqhq/hq_parent_cgroup_systemd

systemd: support cgroup parent with specified slice

v0.0.5

Toggle v0.0.5's commit message 
Release v0.0.5

It includes next changes:

* godeps: update go-systemd to v4 and godbus/dbus to v3
* libcontainer: configs: extend unsupported os
* Fix comment to be consistent with the code
* Userns container in containers
* static binary \o/
* adding support for --bundle -b to start, restore, and spec; fixes issue opencontainers#310
* Add seccomp trace support
* Change my email address
* Fix race setting process opts
* Integrate poststart hooks with spec
* Add Poststart hook to libcontainer config
* Validate process configuration for runc exec
* Add some comments about cgroup
* Refactor cgroupData
* Rename parent and data
* Windows: Refactor Container interface
* Add more context around some error cases
* Docker needs to know whether the user requested a relabel
* README.md: fix description for runc with systemd
* Windows: Refactor state struct
* Windows: Tidy libcontainer\devices
* Fixes build tags on cgroups\fs\*.go
* Windows: Refactor configs/cgroup.go
* Windows: Factor down criu_opts
* Add the conversion of architectures for seccomp config
* Fixing typo in the comment for exit
* Remove naked return
* Remove fatalf function; unused.
* libcontainer/SPEC.md: fix /dev/stdio symlinks
* Correct intuition for setupDev
* Unify behavior for memory cgroup
* Cgroup set order for systemd
* Use array instead of map for cgroup subsystems
* Add Name() to cgroup subsystems
* Set cpuset.cpus and cpuset.mems before join the cgroup
* Add ability to use json structured logging format.
* Reorder checks in Walk to avoid panics
* Get PIDs from cgroups recursively
* Add criu related debug output
* Add option to support criu manage cgroups mode for dump and restore
* Validate label options
* change named to names
* Fix for race from error on process start
* Add additional gids support
* Bump up github.com/opencontainers/specs to cf8dd12
* nsexec: Align clone child stack ptr to 16
* bump docker pkgs
* Fix name in MAINTAINERS list
* cgroups: Add name=systemd to list of subsystems
* cgroups: Add a name cgroup
* Allow numeric groups for containers without /etc/group
* change uid to gid in func HostGID
* Adjust runc to new opencontainers/specs version
* exec_test.go: Test case for rootfsPropagation="private"
* exec_test.go: Test cases for rootfsPropagation=rslave
* Make pivotDir rprivate
* Make parent mount of container root private if it is shared.
* Start parsing rootfsPropagation and make it effective
* Replace config.Privatefs with config.RootPropagation
* Fix reOpenDevNull
* Only remount if requested flags differ from current
* Run tests for all HugetlbSizes
* Systemd: Join perf_event cgroup
* Add memory reservation support for systemd
* Check for failure on /dev/mqueue and try again without labeling
* /proc and /sys do not support labeling
* Update github.com/syndtr/gocapability/capability to 2c00daeb6c3b45114c80ac44119e7b8801fdd852
* Move mount methods out of configs pkg
* Add version to HookState to make it json-compatible with spec State
* hooks: Integrate spec hooks with libcontainer
* Libcontainer: Add support for multiple architectures in Seccomp
* Change mount dest after resolving symlinks
* no need to use p.cmd.Process.Pid in function, use p.pid() instead.
* Ignore changing /dev/null permissions if used in STDIO
* script: test_Dockerfile: install criu from source
* Enter existing user namespace if present
* Cleanup unused func arguments
* README.md: Update the config example
* Fix STDIO permissions when container user not root
* Fix STDIO ownership for non-tty processes
* script: test_Dockerfile: update criu version
* update the command usage for `runc start`
* libcontainer: Allow passing mount propagation flags
* close config file after loaded
* simple refactor for the options of `runc spec`
* update the command usage of `runc`
* Update README for the CAP prefix change
* Add CAP prefix for capabilities
* Adjust runc to new opencontainers/specs version
* Add testing docs in README
* make localtest failure on removing seccomp flag
* Add all support build tags for runc features
* c/r: create cgroups to restore a container
* mount: don't read /proc/self/cgroup many times
* Rework ParseCgroupFile
* Remove old netlink library
* Use github.com/vishvananda/netlink for networking
* Minor comments fix
* Fixing checkpoint issue
* Always remount for bind mount
* Add Andrey Vagin as maintainer

v0.0.4