Subject: CVS commit: pkgsrc/sysutils/podman
From: Leonardo Taccari
Date: 2021-12-18 19:11:48
Message id: 20211218181148.AF5EDFAEC@cvs.NetBSD.org

Log Message:
podman: Update to 3.4.4

Changes:
[Bugfixes, misc and API changes were omitted due taking too much space and
probably not so interesting]

3.4.4
=====
3.4.4 is a bugfixes release.

3.4.3
=====
Security
  * This release addresses CVE-2021-4024, where the podman machine command
    opened the gvproxy API (used to forward ports to podman machine VMs) to the
    public internet on port 7777.
  * This release addresses CVE-2021-41190, where incomplete specification of
    behavior regarding image manifests could lead to inconsistent decoding on
    different clients.

Features
--------
  * The --secret type=mount option to podman create and podman run supports a
    new option, target=, which specifies where in the container the secret will
    be mounted (#12287).

Several misc, bugfixes and API changes.

3.4.2
=====
3.4.2 is a bugfixes release.

3.4.1
=====
3.4.1 is a misc and bugfixes release.

3.4.0
=====
Features
--------
  * Pods now support init containers! Init containers are containers which run
    before the rest of the pod starts. There are two types of init containers:
    "always", which always run before the pod is started, and \ 
"once", which
    only run the first time the pod starts and are subsequently removed. They
    can be added using the podman create command's --init-ctr option.
  * Support for init containers has also been added to podman play kube and
    podman generate kube - init containers contained in Kubernetes YAML will be
    created as Podman init containers, and YAML generated by Podman will
    include any init containers created.
  * The podman play kube command now supports building images. If the --build
    option is given and a directory with the name of the specified image exists
    in the current working directory and contains a valid Containerfile or
    Dockerfile, the image will be built and used for the container.
  * The podman play kube command now supports a new option, --down, which
    removes any pods and containers created by the given Kubernetes YAML.
  * The podman generate kube command now generates annotations for SELinux
    mount options on volume (:z and :Z) that are respected by the podman play
    kube command.
  * A new command has been added, podman pod logs, to return logs for all
    containers in a pod at the same time.
  * Two new commands have been added, podman volume export (to export a volume
    to a tar file) and podman volume import) (to populate a volume from a given
    tar file).
  * The podman auto-update command now supports simple rollbacks. If a
    container fails to start after an automatic update, it will be rolled back
    to the previous image and restarted again.
  * Pods now share their user namespace by default, and the podman pod create
    command now supports the --userns option. This allows rootless pods to be
    created with the --userns=keep-id option.
  * The podman pod ps command now supports a new filter with its --filter
    option, until, which returns pods created before a given timestamp.
  * The podman image scp command has been added. This command allows images to
    be transferred between different hosts.
  * The podman stats command supports a new option, --interval, to specify the
    amount of time before the information is refreshed.
  * The podman inspect command now includes ports exposed (but not published)
    by containers (e.g. ports from --expose when --publish-all is not
    specified).
  * The podman inspect command now has a new boolean value, Checkpointed, which
    indicates that a container was stopped as a result of a podman container
    checkpoint operation.
  * Volumes created by podman volume create now support setting quotas when run
    atop XFS. The size and inode options allow the maximum size and maximum
    number of inodes consumed by a volume to be limited.
  * The podman info command now outputs information on what log drivers,
    network drivers, and volume plugins are available for use (#11265).
  * The podman info command now outputs the current log driver in use, and the
    variant and codename of the distribution in use.
  * The parameters of the VM created by podman machine init (amount of disk
    space, memory, CPUs) can now be set in containers.conf.
  * The podman machine ls command now shows additional information (CPUs,
    memory, disk size) about VMs managed by podman machine.
  * The podman ps command now includes healthcheck status in container state
    for containers that have healthchecks (#11527).

Changes
-------
  * The podman build command has a new alias, podman buildx, to improve
    compatibility with Docker. We have already added support for many docker
    buildx flags to podman build and aim to continue to do so.
  * Cases where Podman is run without a user session or a writable temporary
    files directory will now produce better error messages.
  * The default log driver has been changed from file to journald. The file
    driver did not properly support log rotation, so this should lead to a
    better experience. If journald is not available on the system, Podman will
    automatically revert to the file.
  * Podman no longer depends on ip for removing networks (#11403).
  * The deprecated --macvlan flag to podman network create now warns when it is
    used. It will be removed entirely in the Podman 4.0 release.
  * The podman machine start command now prints a message when the VM is
    successfully started.
  * The podman stats command can now be used on containers that are paused.
  * The podman unshare command will now return the exit code of the command
    that was run in the user namespace (assuming the command was successfully
    run).
  * Successful healthchecks will no longer add a healthy line to the system log
    to reduce log spam.
  * As a temporary workaround for a lack of shortname prompts in the Podman
    remote client, VMs created by podman machine now default to only using the
    docker.io registry.

Several misc, bugfixes and API changes.

Files:
RevisionActionfile
1.3modifypkgsrc/sysutils/podman/Makefile
1.5modifypkgsrc/sysutils/podman/distinfo
1.2modifypkgsrc/sysutils/podman/patches/patch-vendor_github.com_containers_common_pkg_config_config__netbsd.go
1.1addpkgsrc/sysutils/podman/patches/patch-utils_utils__supported.go
1.1addpkgsrc/sysutils/podman/patches/patch-vendor_github.com_containers_storage_pkg_system_syscall__unix.go
1.1removepkgsrc/sysutils/podman/patches/patch-cmd_podman_machine_init.go
1.1removepkgsrc/sysutils/podman/patches/patch-cmd_podman_machine_list.go
1.1removepkgsrc/sysutils/podman/patches/patch-cmd_podman_machine_machine.go
1.1removepkgsrc/sysutils/podman/patches/patch-cmd_podman_machine_rm.go
1.1removepkgsrc/sysutils/podman/patches/patch-cmd_podman_machine_ssh.go
1.1removepkgsrc/sysutils/podman/patches/patch-cmd_podman_machine_start.go
1.1removepkgsrc/sysutils/podman/patches/patch-cmd_podman_machine_stop.go
1.1removepkgsrc/sysutils/podman/patches/patch-pkg_machine_config.go
1.1removepkgsrc/sysutils/podman/patches/patch-pkg_machine_connection.go
1.1removepkgsrc/sysutils/podman/patches/patch-pkg_machine_fcos.go
1.1removepkgsrc/sysutils/podman/patches/patch-pkg_machine_ignition.go
1.1removepkgsrc/sysutils/podman/patches/patch-pkg_machine_ignition__schema.go
1.1removepkgsrc/sysutils/podman/patches/patch-pkg_machine_keys.go
1.1removepkgsrc/sysutils/podman/patches/patch-pkg_machine_pull.go
1.1removepkgsrc/sysutils/podman/patches/patch-pkg_machine_qemu_config.go
1.1removepkgsrc/sysutils/podman/patches/patch-pkg_machine_qemu_machine.go
1.1removepkgsrc/sysutils/podman/patches/patch-pkg_util_utils__supported.go
1.1removepkgsrc/sysutils/podman/patches/patch-vendor_github.com_godbus_dbus_v5_transport__unixcred__netbsd.go