Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

pam_cgfs-6.0.3-1.1 RPM for aarch64

From OpenSuSE Ports Tumbleweed for aarch64

Name: pam_cgfs Distribution: openSUSE Tumbleweed
Version: 6.0.3 Vendor: openSUSE
Release: 1.1 Build date: Fri Dec 20 06:52:32 2024
Group: System/Libraries Build host: reproducible
Size: 67568 Source RPM: lxc-6.0.3-1.1.src.rpm
Packager: http://bugs.opensuse.org
Url: http://linuxcontainers.org/
Summary: PAM module to provide unprivileged cgroupfs
When a user logs in, this PAM module will create cgroups which the user may
administer, either for all controllers or for any controllers listed on the
command line.

Provides

Requires

License

LGPL-2.1-only

Changelog

* Fri Dec 20 2024 Johannes Kastl <opensuse_buildservice@ojkastl.de>
  - update to 6.0.3:
    The LXC team is pleased to announce the release of LXC 6.0.3!
    This is the third bugfix release for LXC 6.0 which is supported
    until June 2029.
    As usual this bugfix releases focus on stability and hardening.
    * Changes
    - Added support for PuzzleFS images in lxc-oci
    - SIGHUP is now propagated through lxc.init
    - Reworked testsuite including support for 64-bit Arm
    * Detailed changelog
    - meson.build: add -ffat-lto-objects
    - meson.build: drop suggest-attribute=noreturn build option
    - Add suppport for PuzzleFS images in the oci template
    - create_run_template: don't use txtuid and txtguid out of
      scope
    - Avoid null pointer dereference when using shared rootfs.
      rootfs->storage not set by lxc_storage_prepare when using a
      shared rootfs.
    - meson: fix minor typo
    - lxc-net: Replace random IPv6 subnet
    - fix return code of recursive all of cgroup_tree_prune
    - lxccontainer: fix enter_net_ns helper to work when netns is
      inherited
    - lxc.init: Switch to sigaction
    - lxc.init: Ignore user signals coming from inside the
      contianer
    - lxc.init: Allow SIGHUP from outside the container
    - github: Update coverity workflow
    - github: Introduce shared build logic
    - github: Introduce shared testsuite logic
    - github: Rework test workflow
    - github: Cleanup OSS-fuzz
    - github: Improve progress reporting
* Sat Sep 21 2024 Johannes Kastl <opensuse_buildservice@ojkastl.de>
  - update to 6.0.2:
    The LXC team is pleased to announce the release of LXC 6.0.2!
    This is the second bugfix release for LXC 6.0 which is supported
    until June 2029.
    As usual this bugfix releases focus on stability and hardening.
    * Some of the highlights for this release are:
    - Reduced log level on some common messages
    - Fix compilation error on aarch64
    * Detailed changelog
    - Remove unused function
    - idmap: Lower logging level of newXidmap tools to INFO
    - Exit 0 when there's no error
    - doc: Fix definitions of get_config_path and set_config_path
    - README: Update security contact
    - fix possible clang compile error in AARCH
* Sat Jul 13 2024 Johannes Kastl <opensuse_buildservice@ojkastl.de>
  - update to 6.0.1:
    The LXC team is pleased to announce the release of LXC 6.0.1!
    This is the first bugfix release for LXC 6.0 which is supported
    until June 2029.
    As usual this bugfix releases focus on stability and hardening.
    * Highlights
    - Fixed some build tooling issues
    - Fixed startup failures on system without IPv6 support
    - Updated AppArmor rules to avoid potential warnings
    * Detailed changelog
    - meson: fix build on NixOS
    - github: test the lxc multicall binary builds too
    - lxc/network: handle non-existing sysctl /disable_ipv6
    - network: netdev_configure_server_veth: reduce scope of
      disable_ipv6_fd/path vars
    - Update lxc-attach.sgml.in
    - Update lxc-execute.sgml.in
    - Update lxc-{attach,execute}.sgml.in
    - Update lxc-execute.sgml.in
    - lxc-local: fix use of LXC_PATH before init
    - lxc-local: fix incorrect path to templates file
    - lxc-local: remove check for template existence before
      extraction
    - apparmor: fix rule path pattern specification syntax
    - apparmor: regenerate rules
    - apparmor: use /{,} instead of /
    - apparmor: regenerate rules
    - github: start using ubuntu-24.04
    - github: properly check apparmor profile changes
    - lxc/storage/zfs: ignore false-positive use-after-free warning
    - github: exclude clang & ubuntu-24.04 combination
    - meson: fix build with -Dtools-multicall=true on NixOS
* Sun Apr 14 2024 Johannes Kastl <opensuse_buildservice@ojkastl.de>
  - fix builds on 15.5 or 5.5
* Sun Apr 14 2024 Johannes Kastl <opensuse_buildservice@ojkastl.de>
  - update to 6.0.0:
    The LXC team is pleased to announce the release of LXC 6.0 LTS!
    This is the result of two years of work since the LXC 5.0 release
    and is the sixth LTS release for the LXC project. This release
    will be supported until June 2029.
    * New multi-call binary¶
      A new tools-multicall=true configuration option can be used to
      produce a single lxc binary which can then have all other
      lxc-XYZ commands be symlinked to.
      This allows for a massive disk space reduction, particularly
      useful for embedded platforms.
    * Add a set_timeout function to the library
      A new set_timeout function is available on the main
      lxc_container struct and allow for setting a global timeout for
      interactions with the LXC monitor.
      Prior to this, there was no timeout, leading to potential
      deadlocks as there's also no way to cancel an monitor request.
      As a result of adding this new symbol to the library, we have
      bumped the liblxc symbol version to 1.8.0.
    * LXC bridge now has IPV6 enabled
      The default lxcbr0 bridge now comes with IPv6 enabled by
      default, using an IPv6 ULA subnet.
      Support for uid/gid selection in lxc-usernsexec
      The lxc-usernsexec tool now has both -u and -g options to
      control what resulting UID and GID (respectively) the user
      wishes to use (defaulting to 0/0).
    * Improvements to lxc-checkconfig
      lxc-checkconfig now only shows the version if lxc-start is
      present (rather than failing).
      Additionally, it's seen a number of other cosmetic improvements
      as well as now listing the maximum number of allowed namespaces
      for every namespace type.
    * Support for squashfs OCI images
      The built-in oci container template can now handle squashfs
      compressed OCI images through the use of atomfs.
    * Switched from systemd's dbus to dbus-1
      LXC now uses libdbus-1 for DBus interactions with systemd
      rather than using libsystemd.
      The reason for this change is that libdbus-1 is readily
      available for static builds.
    * Removed Upstart support
      Support for the Upstart init system has finally been removed
      from LXC.
      This shouldn't really affect anyone at this stage and allowed
      for cleaning up some logic and config files from our
      repository.
* Mon Jul 31 2023 Dirk Müller <dmueller@suse.com>
  - update to 5.0.3:
    * Fix nftables syntax for IPv6 NAT
    * Added support for squashfs OCI images
    * Fixes when running LXC with io_uring
    + detailed changelog at https://discuss.linuxcontainers.org/t/lxc-5-0-3-lts-has-been-released/17708
* Tue May 02 2023 Dominique Leuenberger <dimstar@opensuse.org>
  - Update to version 5.0.2:
    + Fix a variety of build issues resulting from the switch to
      meson.
    + lxc-attach: Fix missing return codes.
    + core: Setup peer group for container's root.
    + checkconfig: Make output more useful on modern kernels.
    + lxc-user-nic: Fix issue resulting in leaking file existence to
      unprivileged users (CVE-2022-47952, boo#1206779).
  - Drop upstream fixed patches:
    + OPENSUSE-0001-meson.build-allow-explicit-distrosysconfdir.patch
    + OPENSUSE-0002-build-detect-where-struct-mount_attr-is-declared.patch
    + OPENSUSE-0003-build-detect-sys-pidfd.h-availability.patch
    + OPENSUSE-0004-cgroups-fix-Waddress-warning.patch
    + OPENSUSE-0005-build-fix-handling-of-dependancies-to-fix-build-on-o.patch
    + OPENSUSE-0006-build-only-build-init.lxc.static-if-libcap-is-static.patch
    + OPENSUSE-0007-build-drop-build-time-systemd-dependency.patch
    + UPSTREAM-4187.patch
* Mon Nov 07 2022 Guillaume GARDET <guillaume.gardet@opensuse.org>
  - Add patch to fix build on Arm:
    * UPSTREAM-4187.patch
  - Refresh OPENSUSE-0005-build-fix-handling-of-dependancies-to-fix-build-on-o.patch
    due to the new patch
* Fri Oct 28 2022 Aleksa Sarai <asarai@suse.com>
  - Update to LXC 5.0.1. boo#1204842
    Bugfixes:
    * Fixed a mount issue resulting in container startup failure when host
      bind-mounts were used
    * Various meson packaging fixes especially around libcap detection
    Major changes from LXC 5.0:
    * Switch to meson build tooling.
    * New cgroup configuration options.
    * Time namespace support.
    * VLAN support on veth devices.
    * Configurable tx/rx queues on veth devices.
  - Remove all of the missing_setuid warning logic -- all modern openSUSE
    versions have the necessary permissions configuration and thus we don't need
    to handle this case anymore.
  - Backport <https://github.com/lxc/lxc/pull/4215> in order to fix the build on
    openSUSE:
    + OPENSUSE-0001-meson.build-allow-explicit-distrosysconfdir.patch
    + OPENSUSE-0002-build-detect-where-struct-mount_attr-is-declared.patch
    + OPENSUSE-0003-build-detect-sys-pidfd.h-availability.patch
    + OPENSUSE-0004-cgroups-fix-Waddress-warning.patch
    + OPENSUSE-0005-build-fix-handling-of-dependancies-to-fix-build-on-o.patch
    + OPENSUSE-0006-build-only-build-init.lxc.static-if-libcap-is-static.patch
    + OPENSUSE-0007-build-drop-build-time-systemd-dependency.patch
  - Remove no longer needed backports:
    - 0001-Backport-Commit-build-detect-where-struct-mount_attr.patch
* Wed Oct 19 2022 Johannes Kastl <kastl@b1-systems.de>
  - re-enable FORTIFY_SOURCE=3
  - add patch 0001-Backport-Commit-build-detect-where-struct-mount_attr.patch
    This patch backports the fix from
    https://github.com/lxc/lxc/pull/4179/commits/c1115e1503bf955c97f4cf3b925a6a9f619764c3
    The patch fixes the code so builds are no longer failing
    due to gcc errors -Werror=implicit-function-declaration and
    - Werror=incompatible-pointer-types
* Wed Oct 19 2022 Aleksa Sarai <asarai@suse.com>
  - Always build with seccomp support on every architecture. boo#1199963
* Sun Sep 25 2022 Johannes Kastl <kastl@b1-systems.de>
  - fix build by using FORTIFY_SOURCE=2
* Sun Jun 05 2022 munix9@googlemail.com
  - Fix Tumbleweed build.
* Tue Feb 22 2022 Johannes Kastl <kastl@b1-systems.de>
  - update to 4.0.12:
    Bugfixes¶
    * Fixed CRIU restoration of containers with pre-created veth interfaces
    * Fixed issue with kernels lacking SMT support
    * Extended cgroup2 config options in lxc.mount.auto (cgroup2)
    * lxc-download now relies on HTTPS for validation (avoids GPG issues)
  - drop patch 0003-templates-lxc-download.in-use-GPG-option-receive-key.patch as
    upstream remove the GPG functionality
* Tue Feb 22 2022 Johannes Kastl <kastl@b1-systems.de>
  - update to 4.0.11:
    Bugfixes
    * Core scheduling support (lxc.sched.core)
    * riscv64 support in lxc.arch
    * Significantly improved bash completion profile
    * Greater use of the new VFS mount API (when supported by the kernel)
    * Fix containers with empty network namespaces
    * Handle kernels that lack TIOCGPTPEER
    * Improve CPU bitmask/id handling (handle skipped CPU numbers)
    * Reworked the tests to run offline
* Tue Oct 12 2021 Johannes Kastl <kastl@b1-systems.de>
  - use --withpamdir and use pam macros to fix UsrMerge problems
  - update to 4.0.10
    Bugfixes
    * Fix issues with less common architectures
    * Support for additional idmap mounts
    * nft support in lxc-net
    * Cleaner mount entries for sys:mixed
    * Switched GPG server to keyserver.ubuntu.com
* Mon May 31 2021 Johannes Kastl <kastl@b1-systems.de>
  - fix wrong Source URLs in spec
* Mon May 24 2021 Johannes Kastl <kastl@b1-systems.de>
  -update to 4.0.9:
    * You may have noticed the sudden jump from 4.0.6 to 4.0.9,
    that's because 4.0.7 and 4.0.8 both included regressions that were
    reported by early users and were considered bad enough to require a new release.
    * Testing improvements including fixes from oss-fuzz
    * Rework of the attach codepath
    * Cgroup handling rework
    * for full list of changes see
    https://discuss.linuxcontainers.org/t/lxc-4-0-9-lts-has-been-released/10999
* Mon May 24 2021 Johannes Kastl <kastl@b1-systems.de>
  - update to 4.0.6:
    * Improve handling for compatibility architectures for seccomp
    * Harden seccomp notifier implementation
    * Rework parsing of /proc/<pid>/mountinfo to handle kernel regression https://bugzilla.kernel.org/show_bug.cgi?id=209971
    * Improve network device restoration
    * Significantly cleanup and harden config file parsing
    * Support new capabilities CAP_PERFORM, CAP_BPF, and CAP_CHECKPOINT_RESTORE
    * Harden containers started without CAP_NET_ADMIN
    * for full list of changes see
    https://discuss.linuxcontainers.org/t/lxc-4-0-6-lts-has-been-released/9926

Files

/usr/lib64/security/pam_cgfs.so


Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Jan 24 23:52:04 2025