@@ -6,6 +6,77 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
66
77## [ Unreleased]
88
9+ ## [ 1.2.0-rc.1] - 2024-03-20
10+
11+ > How, dear sir, did you cross the flood? By not stopping, friend, and by not
12+ > straining I crossed the flood
13+
14+ This new runc release includes all the changes from the v1.1 patch releases up
15+ to v1.1.12.
16+
17+ ### Compatibility
18+
19+ * This release requires Go 1.20.x or Go 1.19.x (#3718 )
20+
21+ ### Breaking
22+
23+ * Several aspects of how mount options work has been adjusted in a way that
24+ could theoretically break users that have very strange mount option strings.
25+ This was necessary to fix glaring issues in how mount options were being
26+ treated. The key changes are:
27+
28+ - Mount options on bind-mounts that clear a mount flag are now always
29+ applied. Previously, if a user requested a bind-mount with only clearing
30+ options (such as ` rw,exec,dev ` ) the options would be ignored and the
31+ original bind-mount options would be set. Unfortunately this also means
32+ that container configurations which specified only clearing mount options
33+ will now actually get what they asked for, which could break existing
34+ containers (though it seems unlikely that a user who requested a specific
35+ mount option would consider it "broken" to get the mount options they
36+ asked foruser who requested a specific mount option would consider it
37+ "broken" to get the mount options they asked for). (#3967 )
38+
39+ - Container configurations using bind-mounts with superblock mount flags
40+ (i.e. filesystem-specific mount flags, referred to as "data" in
41+ ` mount(2) ` , as opposed to VFS generic mount flags like ` MS_NODEV ` ) will
42+ now return an error. This is because superblock mount flags will also
43+ affect the host mount (as the superblock is shared when bind-mounting),
44+ which is obviously not acceptable. Previously, these flags were silently
45+ ignored so this change simply tells users that runc cannot fulfil their
46+ request rather than just ignoring it. (#3990 )
47+
48+ If any of these changes cause problems in real-world workloads, please [ open
49+ an issue] ( https://github.com/opencontainers/runc/issues/new/choose ) so we
50+ can adjust the behaviour to avoid compatibility issues.
51+
52+ ### Added
53+
54+ * Support id-mapped mounts for bind-mounts. Other mount types are not
55+ currently supported. This feature requires ` MOUNT_ATTR_IDMAP ` kernel support
56+ (Linux 5.12 or newer) as well as kernel support for the underlying filesystem
57+ used for the bind-mount. See [ ` mount_setattr(2) ` ] [ mount_setattr.2 ] for a list of
58+ supported filesystems and other restrictions. (#3717 , #3985 )
59+ * Support for ` cgroup.kill ` to kill all processes inside a container. (#3135 ,
60+ #3825 )
61+ * Support to set a domainname as specified in the OCI runtime-spec v1.1.0.
62+ (#3600 )
63+ * Add support for umask when exec-ing into a container. (#3661 )
64+ * libct/cg: support SCHED_IDLE for runc cgroupfs. (#3377 )
65+ * checkpoint/restore: implement ` --manage-cgroups-mode ` ignore. (#3546 )
66+ * seccomp: refactor flags support; add flags to features, set SPEC_ALLOW by
67+ default. (#3588 )
68+ * libct/cg/sd: use systemd v240+ new ` MAJOR:* ` syntax. (#3843 )
69+ * Use github.com/checkpoint-restore/go-criu v6.3.0, which reduces the compiled
70+ binary file. (#3652 )
71+ * Expose MountExtensions (including idmap support) in the features subcommand. (#3993 )
72+ * Support CFS bandwidth burst for CPU. (#3749 , #3145 )
73+ * Support time namespace. (#3876 )
74+ * Build tag ` runc_nodmz ` , see also the ` memfd-bind ` binary in ` contrib/ ` in case you can't use
75+ ` runc-dmz ` and still want to reduce memory usage. (#3987 )
76+ * New "pidfd-socket" CLI flag. (#4045 )
77+
78+ [ mount_setattr.2 ] : https://man7.org/linux/man-pages/man2/mount_setattr.2.html
79+
980### Deprecated
1081
1182 * ` runc ` option ` --criu ` is now ignored (with a warning), and the option will
@@ -16,12 +87,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
1687 to kill a container (with SIGKILL) which does not have its own private PID
1788 namespace (so that runc would send SIGKILL to all processes). Now, this is
1889 done automatically. (#3864 , #3825 )
90+ * ` libcontainer/user ` is deprecated, use ` github.com/moby/sys/user ` instead. It
91+ will be removed in a future release. (#4017 )
1992
2093### Changed
2194
2295 * When Intel RDT feature is not available, its initialization is skipped,
2396 resulting in slightly faster ` runc exec ` and ` runc run ` . (#3306 )
24- * Enforce absolute paths for mounts . (#3020 , # 3717
97+ * The ` runc features ` command is no longer experimental . (#3861 )
2598 * libcontainer users that create and kill containers from a daemon process
2699 (so that the container init is a child of that process) must now implement
27100 a proper child reaper in case a container does not have its own private PID
@@ -35,6 +108,28 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
35108 For cgroupv1, ` Usage ` and ` Failcnt ` are set by subtracting memory usage
36109 from memory+swap usage. For cgroupv2, ` Usage ` , ` Limit ` , and ` MaxUsage `
37110 are set. (#4010 )
111+ * When running rootless or using a user namespace, a source filesystem mounted
112+ with ` nodev ` , ` nosuid ` or ` noexec ` can now be used as source of a bind mount
113+ without the same options being set for the mount. (#3805 , #3967 )
114+ * libcontainer users that create and kill containers from a daemon process
115+ (so that the container init is a child of that process) must now implement
116+ a proper child reaper in case a container does not have its own private PID
117+ namespace, as documented in ` container.Signal ` . (#3825 )
118+ * libcontainer: ` container.Signal ` no longer have the second ` all bool `
119+ argument; a need to kill all processes is now determined automatically.
120+ (#3825 , #3885 )
121+ * libct/cg: Remove function EnterPid with no users. (#3797 )
122+ * libct/seccomp: enable seccomp binary tree optimization. (#3405 )
123+ * runc run/exec: ignore SIGURG. (#3368 )
124+ * Remove tun/tap from the default device rules. (#3468 )
125+ * ` runc --root non-existent-dir list ` now reports an error for non-existent
126+ root directory. (#3374 )
127+ * libct: Mount: Remove {Pre,Post}mountCmds, were never used and are obsoleted
128+ by more generic container hooks. (#3350 )
129+ * When joining an existing time or user namespace, don't require configuration
130+ entries for them. If they are specified, they need to be consistent with the
131+ user namespace joining. In future minor releases an error will be thrown if
132+ they are specified, though. (#4133 )
38133
39134### Fixed
40135
@@ -46,6 +141,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
46141 code (this was due to how s390x does syscall multiplexing). (#3474 )
47142 * Remove tun/tap from the default device rules. (#3468 )
48143 * specconv: avoid mapping "acl" to MS_POSIXACL. (#3739 )
144+ * libcontainer: fix private PID namespace detection when killing the container.
145+ (#3866 , #3825 )
146+ * Fix ` READY ` notification sometimes not accepted by systemd. (#3291 , #3293 )
147+ * Reduce the number of mount/umount syscalls in the host mount namespace, remove the bindfd logic
148+ and move the memfd logic to go. (#3987 , #3599 , #2532 , #3931 )
49149
50150## [ 1.1.12] - 2024-01-31
51151
0 commit comments