diff --git a/utils/podman/Makefile b/utils/podman/Makefile index 441082cb0f..961ffad076 100644 --- a/utils/podman/Makefile +++ b/utils/podman/Makefile @@ -1,18 +1,18 @@ include $(TOPDIR)/rules.mk PKG_NAME:=podman -PKG_VERSION:=4.4.2 +PKG_VERSION:=4.5.0 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/containers/podman/archive/v$(PKG_VERSION) -PKG_HASH:=59cec158438efa8a3e651b19e150d9afd90f7e3f07c30605a997e18b8c54b67c +PKG_HASH:=830a633630bf6e61f2b8d4ca00efdd9a173ef25cdd49d4a4364c293e088561df PKG_LICENSE:=Apache-2.0 PKG_LICENSE_FILES:=LICENSE PKG_MAINTAINER:=Oskari Rauta -PKG_BUILD_DEPENDS:=golang/host protobuf/host +PKG_BUILD_DEPENDS:=golang/host protobuf/host btrfs-progs PKG_BUILD_PARALLEL:=1 PKG_BUILD_FLAGS:=no-mips16 PKG_INSTALL:=1 @@ -39,7 +39,7 @@ define Package/podman CATEGORY:=Utilities TITLE:=Podman URL:=https://podman.io - DEPENDS:=$(GO_ARCH_DEPENDS) +conmon +cni +cni-plugins +btrfs-progs +glib2 +gnupg2 +uci-firewall +libgpg-error +libseccomp +libgpgme +nsenter +zoneinfo-simple +kmod-veth +PODMAN_SELINUX_SUPPORT:libselinux + DEPENDS:=$(GO_ARCH_DEPENDS) +conmon +libgpgme +libseccomp +nsenter +zoneinfo-simple +kmod-veth +slirp4netns +netavark +aardvark-dns +PODMAN_SELINUX_SUPPORT:libselinux endef define Package/podman/description @@ -53,10 +53,6 @@ define Package/podman/config bool "Enable SELinux support" default n - config PODMAN_IPTABLES_FW - bool "Add iptabels firewall options to default podman network" - default n - endmenu endef @@ -65,7 +61,7 @@ define Package/podman/conffiles /etc/containers/storage.conf /etc/containers/registries.conf /etc/containers/containers.conf -/etc/cni/net.d/87-podman-bridge.conflist +/etc/containers/networks/podman.json endef ifdef CONFIG_PODMAN_SELINUX_SUPPORT @@ -74,12 +70,6 @@ else GO_PKG_TAGS=seccomp,exclude_graphdriver_devicemapper,apparmor endif -ifdef CONFIG_PODMAN_IPTABLES_FW - CNIFILE:=87-podman-bridge-iptables.conflist -else - CNIFILE:=87-podman-bridge.conflist -endif - MAKE_VARS += \ GO_INSTALL_BIN_PATH="$(strip $(GO_PKG_INSTALL_BIN_PATH))" \ BUILD_DIR="$(PKG_BUILD_DIR)" \ @@ -126,8 +116,8 @@ define Package/podman/install $(INSTALL_DATA) $(DL_DIR)/registries.fedora-da9a9c8778 $(1)/etc/containers/registries.conf $(INSTALL_DATA) $(PKG_BUILD_DIR)/vendor/github.com/containers/storage/storage.conf $(1)/etc/containers/storage.conf $(INSTALL_DATA) ./files/containers.conf $(1)/etc/containers/containers.conf - $(INSTALL_DIR) $(1)/etc/cni/net.d - $(INSTALL_CONF) ./files/$(CNIFILE) $(1)/etc/cni/net.d/87-podman-bridge.conflist + $(INSTALL_DIR) $(1)/etc/containers/networks + $(INSTALL_CONF) ./files/podman.json $(1)/etc/containers/networks $(INSTALL_DIR) $(1)/usr/share/containers $(INSTALL_DATA) $(PKG_BUILD_DIR)/vendor/github.com/containers/common/pkg/seccomp/seccomp.json $(1)/usr/share/containers/ $(INSTALL_DIR) $(1)/etc/init.d diff --git a/utils/podman/files/87-podman-bridge-iptables.conflist b/utils/podman/files/87-podman-bridge-iptables.conflist deleted file mode 100644 index ef760a61be..0000000000 --- a/utils/podman/files/87-podman-bridge-iptables.conflist +++ /dev/null @@ -1,37 +0,0 @@ -{ - "cniVersion": "0.4.0", - "name": "podman", - "plugins": [ - { - "type": "bridge", - "bridge": "cni-podman0", - "isGateway": true, - "ipMasq": true, - "hairpinMode": true, - "ipam": { - "type": "host-local", - "routes": [{ "dst": "0.0.0.0/0" }], - "ranges": [ - [ - { - "subnet": "10.88.0.0/16", - "gateway": "10.88.0.1" - } - ] - ] - } - }, - { - "type": "portmap", - "capabilities": { - "portMappings": true - } - }, - { - "type": "firewall" - }, - { - "type": "tuning" - } - ] -} diff --git a/utils/podman/files/87-podman-bridge.conflist b/utils/podman/files/87-podman-bridge.conflist deleted file mode 100644 index 4665abdbae..0000000000 --- a/utils/podman/files/87-podman-bridge.conflist +++ /dev/null @@ -1,28 +0,0 @@ -{ - "cniVersion": "0.4.0", - "name": "podman", - "plugins": [ - { - "type": "bridge", - "bridge": "cni-podman0", - "isGateway": true, - "ipMasq": true, - "hairpinMode": true, - "ipam": { - "type": "host-local", - "routes": [{ "dst": "0.0.0.0/0" }], - "ranges": [ - [ - { - "subnet": "10.88.0.0/16", - "gateway": "10.88.0.1" - } - ] - ] - } - }, - { - "type": "tuning" - } - ] -} diff --git a/utils/podman/files/containers.conf b/utils/podman/files/containers.conf index 3dbaab15fa..13d3fb2955 100644 --- a/utils/podman/files/containers.conf +++ b/utils/podman/files/containers.conf @@ -30,10 +30,8 @@ default_sysctls = [ ] [network] -cni_plugin_dirs = [ - "/usr/lib/cni" -] -network_config_dir = "/etc/cni/net.d/" +network_backend = "netavark" +network_config_dir = "/etc/containers/networks/" default_network = "podman" [engine] diff --git a/utils/podman/files/podman.json b/utils/podman/files/podman.json new file mode 100644 index 0000000000..35e705579d --- /dev/null +++ b/utils/podman/files/podman.json @@ -0,0 +1,19 @@ +{ + "name": "podman", + "id": "5ef894788befd4d42498314b6e66282ca730aa2e1e82f9b9597bf4d1725ca074", + "driver": "bridge", + "network_interface": "podman0", + "created": "2023-02-20T08:56:34.652030952Z", + "subnets": [ + { + "subnet": "10.88.0.0/16", + "gateway": "10.88.0.1" + } + ], + "ipv6_enabled": false, + "internal": false, + "dns_enabled": true, + "ipam_options": { + "driver": "host-local" + } +} diff --git a/utils/podman/patches/010-do-not-build-docs.patch b/utils/podman/patches/010-do-not-build-docs.patch index 6f77e1b874..e678100528 100644 --- a/utils/podman/patches/010-do-not-build-docs.patch +++ b/utils/podman/patches/010-do-not-build-docs.patch @@ -1,6 +1,6 @@ --- a/Makefile +++ b/Makefile -@@ -206,7 +206,7 @@ GV_SHA=aab0ac9367fc5142f5857c36ac2352bcb +@@ -209,7 +209,7 @@ GV_SHA=aab0ac9367fc5142f5857c36ac2352bcb default: all .PHONY: all @@ -9,7 +9,7 @@ .PHONY: binaries ifeq ($(shell uname -s),FreeBSD) -@@ -797,7 +797,7 @@ package-install: package ## Install rpm +@@ -790,7 +790,7 @@ package-install: package ## Install rpm /usr/bin/podman info # will catch a broken conmon .PHONY: install