isula-build: add syscall "statx" in seccomp

Signed-off-by: DCCooper <1866858@gmail.com> (cherry picked from commit e3c4bf5285006cc3336cd541f8850db29b1ceece)
2022-01-13 17:09:45 +08:00 · 2022-01-13 17:09:45 +08:00 · cd6563bdaa
commit cd6563bdaa
parent 6fd176b4d2
5 changed files with 35 additions and 3 deletions
--- a/2
+++ b/2
@ -1 +1 @@
-0.9.5-25
+0.9.5-26
--- a/2
+++ b/2
@ -1 +1 @@
-ccece5d21f168013a2a5b6e712d1837ecb9bde37
+608966d1e89f11bccad80c960064390c26c02d03
--- a/isula-build.spec
+++ b/isula-build.spec
@ -2,7 +2,7 @@

 Name: isula-build
 Version: 0.9.5
-Release: 25
+Release: 26
 Summary: A tool to build container images
 License: Mulan PSL V2
 URL: https://gitee.com/openeuler/isula-build
@ -85,6 +85,12 @@ fi
 /usr/share/bash-completion/completions/isula-build

 %changelog
+* Thu Jan 13 2022 DCCooper <1866858@gmail.com> - 0.9.5-26
+- Type:enhancement
+- CVE:NA
+- SUG:restart
+- DESC:add syscall "statx" in seccomp
+
 * Wed Jan 12 2022 Lu Jingxiao <lujingxiao@huawei.com> - 0.9.5-25
 - Type:bugfix
 - CVE:NA
--- a/patch/0103-Add-syscall-statx-in-seccomp-to-fix-Operation-not-pe.patch
+++ b/patch/0103-Add-syscall-statx-in-seccomp-to-fix-Operation-not-pe.patch
@ -0,0 +1,25 @@
+From f4d69303103c5b043a104d8eb7361ce6f5848a02 Mon Sep 17 00:00:00 2001
+From: DCCooper <1866858@gmail.com>
+Date: Thu, 13 Jan 2022 16:54:24 +0800
+Subject: [PATCH] Add syscall "statx" in seccomp to fix Operation not permitted
+
+Signed-off-by: DCCooper <1866858@gmail.com>
+---
+ .../opencontainers/runtime-tools/generate/seccomp/seccomp_default.go     | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/vendor/github.com/opencontainers/runtime-tools/generate/seccomp/seccomp_default.go b/vendor/github.com/opencontainers/runtime-tools/generate/seccomp/seccomp_default.go
+index 5fee5a3..fd16b6c 100644
+--- a/vendor/github.com/opencontainers/runtime-tools/generate/seccomp/seccomp_default.go
+++ b/vendor/github.com/opencontainers/runtime-tools/generate/seccomp/seccomp_default.go
+@@ -303,6 +303,7 @@ func DefaultProfile(rs *specs.Spec) *rspec.LinuxSeccomp {
+ 				"stat64",
+ 				"statfs",
+ 				"statfs64",
+				"statx",
+ 				"symlink",
+ 				"symlinkat",
+ 				"sync",
+-- 
+1.8.3.1
+
--- a/series.conf
+++ b/series.conf
@ -65,3 +65,4 @@ patch/0099-fix-some-little-mistakes-in-manual_zh.md.patch
 patch/0100-fix-the-message-is-not-rational-when-not-appoint-Doc.patch
 patch/0101-utils-remove-unused-PBKDF2-and-AES-related.patch
 patch/0102-Refactor-refactor-image-separator-related.patch
+patch/0103-Add-syscall-statx-in-seccomp-to-fix-Operation-not-pe.patch
 @ -1 +1 @@
 .9.5-25
 .9.5-26