podman: Update to 3.4.4

[Leonardo Taccari <leot%NetBSD.org@localhost>]

Module Name:	pkgsrc-wip
Committed By:	Leonardo Taccari <leot%NetBSD.org@localhost>
Pushed By:	leot
Date:		Sat Dec 18 13:22:16 2021 +0100
Changeset:	16cfd9cb57524d4d0a476b11257188bdf7fce3b4

Modified Files:
	podman/Makefile
	podman/distinfo
Added Files:
	podman/patches/patch-vendor_github.com_containers_storage_pkg_system_syscall__unix.go
Removed Files:
	podman/patches/patch-vendor_github.com_godbus_dbus_v5_transport__unixcred__netbsd.go

Log Message:
podman: Update to 3.4.4

pkgsrc changes:
 - Remove patch-vendor_github.com_godbus_dbus_v5_transport__unixcred__netbsd.go,
   applied upstream

Changes:
3.4.4
=====
Bugfixes
--------
  * Fixed a bug where the podman exec command would, under some circumstances,
    print a warning message about failing to move conmon to the appropriate
    cgroup (#12535).
  * Fixed a bug where named volumes created as part of container creation (e.g.
    podman run --volume avolume:/a/mountpoint or similar) would be mounted with
    incorrect permissions (#12523).
  * Fixed a bug where the podman-remote create and podman-remote run commands
    did not properly handle the --entrypoint="" option (to clear the
    container's entrypoint) (#12521).

3.4.3
=====
Security
--------
  * This release addresses CVE-2021-4024, where the podman machine command
    opened the gvproxy API (used to forward ports to podman machine VMs) to the
    public internet on port 7777.
  * This release addresses CVE-2021-41190, where incomplete specification of
    behavior regarding image manifests could lead to inconsistent decoding on
    different clients.

Features
--------
  * The --secret type=mount option to podman create and podman run supports a
    new option, target=, which specifies where in the container the secret will
    be mounted (#12287).

Bugfixes
--------
  * Fixed a bug where rootless Podman would occasionally print warning messages
    about failing to move the pause process to a new cgroup (#12065).
  * Fixed a bug where the podman run and podman create commands would, when
    pulling images, still require TLS even with registries set to Insecure via
    config file (#11933).
  * Fixed a bug where the podman generate systemd command generated units that
    depended on multi-user.target, which has been removed from some
    distributions (#12438).
  * Fixed a bug where Podman could not run containers with images that had /etc
    / as a symlink (#12189).
  * Fixed a bug where the podman logs -f command would, when using the journald
    logs backend, exit immediately if the container had previously been
    restarted (#12263).
  * Fixed a bug where, in containers on VMs created by podman machine, the
    host.containers.internal name pointed to the VM, not the host system (#
    11642).
  * Fixed a bug where containers and pods created by the podman play kube
    command in VMs managed by podman machine would not automatically forward
    ports from the host machine (#12248).
  * Fixed a bug where podman machine init would fail on OS X when GNU Coreutils
    was installed (#12329).
  * Fixed a bug where podman machine start would exit before SSH on the started
    VM was accepting connections (#11532).
  * Fixed a bug where the podman run command with signal proxying (--sig-proxy)
    enabled could print an error if it attempted to send a signal to a
    container that had just exited (#8086).
  * Fixed a bug where the podman stats command would not return correct
    information for containers running Systemd as PID1 (#12400).
  * Fixed a bug where the podman image save command would fail on OS X when
    writing the image to STDOUT (#12402).
  * Fixed a bug where the podman ps command did not properly handle PS
    arguments which contained whitespace (#12452).
  * Fixed a bug where the podman-remote wait command could fail to detect that
    the container exited and return an error under some circumstances (#12457).
  * Fixed a bug where the Windows MSI installer for podman-remote would break
    the PATH environment variable by adding an extra " (#11416).

API
---
  * Updated the containers/image library to v5.17.0
  * The Libpod Play Kube endpoint now also accepts ConfigMap YAML as part of
    its payload, and will use provided any ConfigMap to configure provided pods
    and services.
  * Fixed a bug where the Compat Create endpoint for Containers would not
    always create the container's working directory if it did not exist (#11842
    ).
  * Fixed a bug where the Compat Create endpoint for Containers returned an
    incorrect error message with 404 errors when the requested image was not
    found (#12315).
  * Fixed a bug where the Compat Create endpoint for Containers did not
    properly handle the HostConfig.Mounts field (#12419).
  * Fixed a bug where the Compat Archive endpoint for Containers did not
    properly report errors when the operation failed (#12420).
  * Fixed a bug where the Compat Build endpoint for Images ignored the layers
    query parameter (for caching intermediate layers from the build) (#12378).
  * Fixed a bug where the Compat Build endpoint for Images did not report
    errors in a manner compatible with Docker (#12392).
  * Fixed a bug where the Compat Build endpoint for Images would fail to build
    if the context directory was a symlink (#12409).
  * Fixed a bug where the Compat List endpoint for Images included manifest
    lists (and not just images) in returned results (#12453).

Misc
----
  * Podman now builds by default with cgo enabled on OS X, resolving some
    issues with SSH (#10737).

3.4.2
=====
Bugfixes
--------
  * Fixed a bug where podman tag could not tag manifest lists (#12046).
  * Fixed a bug where built-in volumes specified by images would not be created
    correctly under some circumstances.
  * Fixed a bug where, when using Podman Machine on OS X, containers in pods
    did not have working port forwarding from the host (#12207).
  * Fixed a bug where the podman network reload command command on containers
    using the slirp4netns network mode and the rootlessport port forwarding
    driver would make an unnecessary attempt to restart rootlessport on
    containers that did not forward ports.
  * Fixed a bug where the podman generate kube command would generate YAML
    including some unnecessary (set to default) fields (e.g. empty SELinux and
    DNS configuration blocks, and the privileged flag when set to false) (#
    11995).
  * Fixed a bug where the podman pod rm command could, if interrupted at the
    right moment, leave a reference to an already-removed infra container
    behind (#12034).
  * Fixed a bug where the podman pod rm command would not remove pods with more
    than one container if all containers save for the infra container were
    stopped unless --force was specified (#11713).
  * Fixed a bug where the --memory flag to podman run and podman create did not
    accept a limit of 0 (which should specify unlimited memory) (#12002).
  * Fixed a bug where the remote Podman client's podman build command could
    attempt to build a Dockerfile in the working directory of the podman system
    service instance instead of the Dockerfile specified by the user (#12054).
  * Fixed a bug where the podman logs --tail command could function improperly
    (printing more output than requested) when the journald log driver was
    used.
  * Fixed a bug where containers run using the slirp4netns network mode with
    IPv6 enabled would not have IPv6 connectivity until several seconds after
    they started (#11062).
  * Fixed a bug where some Podman commands could cause an extra dbus-daemon
    process to be created (#9727).
  * Fixed a bug where rootless Podman would sometimes print warnings about a
    failure to move the pause process into a given CGroup (#12065).
  * Fixed a bug where the checkpointed field in podman inspect on a container
    was not set to false after a container was restored.
  * Fixed a bug where the podman system service command would print
    overly-verbose logs about request IDs (#12181).
  * Fixed a bug where Podman could, when creating a new container without a
    name explicitly specified by the user, sometimes use an auto-generated name
    already in use by another container if multiple containers were being
    created in parallel (#11735).

To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=16cfd9cb57524d4d0a476b11257188bdf7fce3b4

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

diffstat:
 podman/Makefile                                    |  2 +-
 podman/distinfo                                    |  8 ++++----
 ..._containers_storage_pkg_system_syscall__unix.go | 10 ++++++++++
 ...m_godbus_dbus_v5_transport__unixcred__netbsd.go | 22 ----------------------
 4 files changed, 15 insertions(+), 27 deletions(-)

diffs:
diff --git a/podman/Makefile b/podman/Makefile
index 66ef3f5710..bfef17fa5e 100644
--- a/podman/Makefile
+++ b/podman/Makefile
@@ -1,6 +1,6 @@
 # $NetBSD: Makefile,v 1.2 2021/09/04 21:14:15 leot Exp $
 
-DISTNAME=	podman-3.4.1
+DISTNAME=	podman-3.4.4
 GITHUB_TAG=	v${PKGVERSION_NOREV}
 CATEGORIES=	sysutils
 MASTER_SITES=	${MASTER_SITE_GITHUB:=containers/}
diff --git a/podman/distinfo b/podman/distinfo
index abcea6c8fb..9726423150 100644
--- a/podman/distinfo
+++ b/podman/distinfo
@@ -1,8 +1,8 @@
 $NetBSD: distinfo,v 1.2 2021/09/04 21:14:15 leot Exp $
 
-BLAKE2s (podman-3.4.1.tar.gz) = f1ba4ccc90f31e56fb29726b010c20c1e101be6716cea84e493d000ba619f021
-SHA512 (podman-3.4.1.tar.gz) = b8602464358ab73429a9003262c92c38c9a06e1133c776fd0c4ce65dae26639db66f8f5ad510528f3e6e7bc2fe692746fcf1d90d4e95d701d102006d9a83b27e
-Size (podman-3.4.1.tar.gz) = 10953738 bytes
+BLAKE2s (podman-3.4.4.tar.gz) = d9923d89d2c36269696e7e8a873cc789988b586121e53d9d8fcd32e156464501
+SHA512 (podman-3.4.4.tar.gz) = cfd295bf50ce86ea70741c3e663b409ed47b1e560c962bc579f319151a0fe2b24cdd3045667660083cce89449a9c5de1508c94a9a02375165a72ce7c16166666
+Size (podman-3.4.4.tar.gz) = 10945990 bytes
 SHA1 (patch-Makefile) = 5671f5452430d4b94af924defbb473eb91732281
 SHA1 (patch-cmd_podman_registry_config.go) = 6d32a7526cad5728a385de0029b2bbe5474e7f1b
 SHA1 (patch-pkg_machine_qemu_options__netbsd.go) = a256dcafceb70f29b4f7a1ed013b52b5d6b0f4ba
@@ -18,5 +18,5 @@ SHA1 (patch-vendor_github.com_containers_storage_pkg_directory_directory__unix.g
 SHA1 (patch-vendor_github.com_containers_storage_pkg_homedir_homedir__others.go) = afe76698c46e8ae015e7128958336a80016a53b7
 SHA1 (patch-vendor_github.com_containers_storage_pkg_lockfile_lockfile__unix.go) = 0d143dd2aaa21470bc31e260dc3413b2533208f9
 SHA1 (patch-vendor_github.com_containers_storage_pkg_system_stat__netbsd.go) = 37bae90c1b3d97f8b4166fca2c59d144c41f81f8
-SHA1 (patch-vendor_github.com_godbus_dbus_v5_transport__unixcred__netbsd.go) = ff256cc59025a279c613ad91d3d483cabfbbf8c8
+SHA1 (patch-vendor_github.com_containers_storage_pkg_system_syscall__unix.go) = 08d4335e2f9980c2d72b74a0abe4786403aa5b00
 SHA1 (patch-vendor_github.com_moby_sys_mount_flags__bsd.go) = 7261a1aee3334b7da676851851678a49a22559ae
diff --git a/podman/patches/patch-vendor_github.com_containers_storage_pkg_system_syscall__unix.go b/podman/patches/patch-vendor_github.com_containers_storage_pkg_system_syscall__unix.go
new file mode 100644
index 0000000000..f6fd2b8444
--- /dev/null
+++ b/podman/patches/patch-vendor_github.com_containers_storage_pkg_system_syscall__unix.go
@@ -0,0 +1,10 @@
+$NetBSD$
+
+--- vendor/github.com/containers/storage/pkg/system/syscall_unix.go.orig	2021-12-08 18:41:11.000000000 +0000
++++ vendor/github.com/containers/storage/pkg/system/syscall_unix.go
+@@ -1,4 +1,4 @@
+-// +build linux freebsd darwin
++// +build linux freebsd darwin netbsd
+ 
+ package system
+ 
diff --git a/podman/patches/patch-vendor_github.com_godbus_dbus_v5_transport__unixcred__netbsd.go b/podman/patches/patch-vendor_github.com_godbus_dbus_v5_transport__unixcred__netbsd.go
deleted file mode 100644
index 8ec650e139..0000000000
--- a/podman/patches/patch-vendor_github.com_godbus_dbus_v5_transport__unixcred__netbsd.go
+++ /dev/null
@@ -1,22 +0,0 @@
-$NetBSD: patch-vendor_github.com_godbus_dbus_v5_transport__unixcred__netbsd.go,v 1.1 2021/09/04 20:28:42 maya Exp $
-
-Add netbsd support (vendor code)
-Taken from openbsd example.
-
---- vendor/github.com/godbus/dbus/v5/transport_unixcred_netbsd.go.orig	2021-09-04 12:43:05.852290581 +0000
-+++ vendor/github.com/godbus/dbus/v5/transport_unixcred_netbsd.go
-@@ -0,0 +1,14 @@
-+package dbus
-+
-+import "io"
-+
-+func (t *unixTransport) SendNullByte() error {
-+	n, _, err := t.UnixConn.WriteMsgUnix([]byte{0}, nil, nil)
-+	if err != nil {
-+		return err
-+	}
-+	if n != 1 {
-+		return io.ErrShortWrite
-+	}
-+	return nil
-+}