This will release the MCS Label to be used again. Only do this if we
don't have another sandbox using the same label.
Also vendor in the latest selinux go bindings, which fixes a leak and
properly reserves the SELinux label we are going to use.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Kubelet can send cap add/drop ALL. Handle that in CRI-O as well.
Also, this PR is re-vendoring runtime-tools to fix capabilities add to
add caps to _all_ caps set **and** fix a shared memory issue (caps set
were initialized with the same slice, if one modifies one slice, it's
reflected on the other slices, the vendoring fixes this as well)
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
Add functions to go templates such as truncating a field. Also add
the table keyword, which, if placed at the beginning of a format string,
adds headers to the output
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
Need to mv to latest released and supported version of logrus
switch github.com/Sirupsen/logrus github.com/sirupsen/logrus
Also vendor in latest containers/storage and containers/image
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This update allows the creation of docker-archive files when the
destination does not exists or is empty. kpod save needs this functionality.
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Bump containers/image (pulling in its new dependency on ostree-go),
containers/storage, and updated image-spec.
This pulls in the OCI v1.0 specifications and code that allows us to
support 1.0 images.
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Update golang.org/x/sys to get newly added functions and constants which
will be used in successive commits.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Update the vendored commit for containers/image, because the previous
version did not include the function ListNames() in transports
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>