diff options
author | Sebastiaan van Stijn <github@gone.nl> | 2023-04-13 19:55:23 +0200 |
---|---|---|
committer | Sebastiaan van Stijn <github@gone.nl> | 2023-04-13 19:55:23 +0200 |
commit | e6ac640d2e7e5da1c8b889fe79108e2bcb9e7f09 (patch) | |
tree | 49dcb08c41701df727fab250c2c0432658616ce1 /vendor.mod | |
parent | f531e3cf6995159064f9b54b18318367c39d72c5 (diff) | |
download | docker-e6ac640d2e7e5da1c8b889fe79108e2bcb9e7f09.tar.gz |
vendor: github.com/opencontainers/runc v1.1.6
release notes: https://github.com/opencontainers/runc/releases/tag/v1.1.6
full diff: https://github.com/opencontainers/runc/compare/v1.1.5...v1.1.6
This is the sixth patch release in the 1.1.z series of runc, which fixes
a series of cgroup-related issues.
Note that this release can no longer be built from sources using Go
1.16. Using a latest maintained Go 1.20.x or Go 1.19.x release is
recommended. Go 1.17 can still be used.
- systemd cgroup v1 and v2 drivers were deliberately ignoring UnitExist error
from systemd while trying to create a systemd unit, which in some scenarios
may result in a container not being added to the proper systemd unit and
cgroup.
- systemd cgroup v2 driver was incorrectly translating cpuset range from spec's
resources.cpu.cpus to systemd unit property (AllowedCPUs) in case of more
than 8 CPUs, resulting in the wrong AllowedCPUs setting.
- systemd cgroup v1 driver was prefixing container's cgroup path with the path
of PID 1 cgroup, resulting in inability to place PID 1 in a non-root cgroup.
- runc run/start may return "permission denied" error when starting a rootless
container when the file to be executed does not have executable bit set for
the user, not taking the CAP_DAC_OVERRIDE capability into account. This is
a regression in runc 1.1.4, as well as in Go 1.20 and 1.20.1
- cgroup v1 drivers are now aware of misc controller.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Diffstat (limited to 'vendor.mod')
-rw-r--r-- | vendor.mod | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/vendor.mod b/vendor.mod index dd94e12316..10455efffe 100644 --- a/vendor.mod +++ b/vendor.mod @@ -71,7 +71,7 @@ require ( github.com/morikuni/aec v1.0.0 github.com/opencontainers/go-digest v1.0.0 github.com/opencontainers/image-spec v1.1.0-rc2.0.20221005185240-3a7f492d3f1b - github.com/opencontainers/runc v1.1.5 + github.com/opencontainers/runc v1.1.6 github.com/opencontainers/runtime-spec v1.1.0-rc.1 github.com/opencontainers/selinux v1.11.0 github.com/pelletier/go-toml v1.9.5 |