tag name | v0.4.0 (95af864069c846edc9a955e90636bf1f0f78fd8d) |
tag date | 2019-11-27 13:52:59 +0100 |
tagged by | Alexander Larsson <alexl@redhat.com> |
tagged object | commit 320c0a442c... |
download | bubblewrap-0.4.0.tar.gz |
---|
Release 0.4.0
The biggest feature in this release is the support for joining
existing user and pid namespaces. This doesn't work in the setuid
mode (at the moment).
Other changes:
- Stores namespace info in status json
- In setuid mode pid 1 is now marked dumpable
- Now builds with musl libc
Alexander Larsson (17):
Tests: Fix test count
setuid mode: Properly drop privs in monitor and pid1
Mark init process as dumpable so we can see stuff in its /proc
Add support for --userns and --userns2
tests: test --userns
utils: Add some utility function to pass pids over a socket
utils: Add fork_intermediate_child() helper
Add support for --pidns
Add tests for --pidns
tests: Better error message if assert_files_equal fails
Fix typo in comment
Drop cap bounding set also in --userns case
Allow --uid and --gid with --userns
tests: Fix --userns tests
--userns --uid: Only swtich user if needed
Merge pull request #338 from containers/reuse-namespaces
Bump 0.4.0
Christian Kellner (3):
bwrap: set opt_unshare_cgroup when _try succeeds
bwrap: include the pid namespace id in status/json
tests: check namespace info in json
Colin Walters (1):
Post-release version bump
Jonathan Lebon (1):
ci: Bump to fedora/29/atomic
shawrkbait (1):
Add work-around for TEMP_FAILURE_RETRY to support musl
Git-EVTag-v0-SHA512: d3f07f58b50c579b27470722edfc87b741465ca37ff4d40c9f715d610a69a80a6e6035a0dee678158c1dd77edb0b06bed3ffd6393a784d4ed975c092eb151952
-----BEGIN PGP SIGNATURE-----
iG8EABECAC8WIQRqKwZ/teF6Gj/IoNrrYhbdt2xw6QUCXd5xqxEcYWxleGxAcmVk
aGF0LmNvbQAKCRDrYhbdt2xw6YmdAJ4+Y88MgVBlhEpmu5KzRp5ff4eZWgCfbxp2
NXC6xvTl+UBh/TqJIlPZMZU=
=9O7C
-----END PGP SIGNATURE-----