2118aace8f
Bumping crun to version 1.14-19-g9d01392, which comprises the following commits:
3df8f0c Add force_no_cgroup & no_pivot arguments to make_context() Python function
b883e6c Make function arguments valid Python identifiers
e0027bc Add no_new_keyring argument to make_context() Python function
cb3ffb5 apparmor: Fix wrong determination whether crun is confined
adb912d linux: harden chdir()
f157e80 container: attempt to close all the files before execv(2)
ed1abf9 container: simplify statement
3aaadf3 ebpf: add fallback when bpf(2) fails with ENOSPC
f2ade60 ebpf: add fallback when bpf(2) fails
8b611f2 ebpf: try harder to bump RLIMIT_MEMLOCK
d88d77e build(deps): bump uraimo/run-on-arch-action from 2.6.0 to 2.7.1
f70fe0b cgroup, systemd: fix segfault if resources not specified
667e6eb NEWS: tag version 1.14
688f186 build(deps): bump actions/cache from 3 to 4
8d96f08 build: drop gcrypt dependency
5221ca8 seccomp: use blake3 instead of libgcrypt
6d9fa42 cpuset: don't clobber parent cgroup value
3873541 build: embed blake3 hashing function
4f1f3d4 seccomp: include default_errno_ret in cache digest
beb9565 utils: remove unneeded if statement
9306457 ebpf: do not require MEMLOCK for eBPF programs
87740ce linux: force umask(0)
5078ce6 apparmor: stack apparmor profiles if nnp and confined
c761349 NEWS: tag 1.13
cb53ac2 build(deps): bump actions/upload-artifact from 3 to 4
94a5950 cgroup: use "max" when pids limit < 0
3b819bc Improve error msg on idmap mounts
bace3a2 build(deps): bump github/codeql-action from 2 to 3
4ddf5e6 criu: remove unneeded if statement
8c27dea error: reset pointer after vasprintf failure
c5643c4 status: fix double free
ece4f9e utils: return a valid error if access fails
68a9487 list: initialize variable
ea27b13 libcrun: fix compile error without libseccomp and libcap
487ba3a fix checking of relative idmapped mount
49f439d ctx: drop no_subreaper bool
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|---|---|---|
| classes | ||
| conf | ||
| docs | ||
| dynamic-layers | ||
| files | ||
| lib/oeqa/runtime/cases | ||
| recipes-containers | ||
| recipes-core | ||
| recipes-demo | ||
| recipes-devtools | ||
| recipes-extended | ||
| recipes-graphics/xorg-xserver | ||
| recipes-kernel | ||
| recipes-networking | ||
| scripts | ||
| wic | ||
| .gitignore | ||
| COPYING.MIT | ||
| MAINTAINERS | ||
| meta-virt-roadmap.txt | ||
| README.md | ||
| SECURITY.md | ||
meta-virtualization
This layer provides support for building Xen, KVM, Libvirt, and associated packages necessary for constructing OE-based virtualized solutions.
The bbappend files for some recipes (e.g. linux-yocto) in this layer need to have 'virtualization' in DISTRO_FEATURES to have effect. To enable them, add in configuration file the following line.
DISTRO_FEATURES:append = " virtualization"
If meta-virtualization is included, but virtualization is not enabled as a distro feature a warning is printed at parse time:
You have included the meta-virtualization layer, but
'virtualization' has not been enabled in your DISTRO_FEATURES. Some bbappend files
may not take effect. See the meta-virtualization README for details on enabling
virtualization support.
If you know what you are doing, this warning can be disabled by setting the following variable in your configuration:
SKIP_META_VIRT_SANITY_CHECK = 1
Depending on your use case, there are other distro features in meta-virtualization that may also be enabled:
- xen: enables xen functionality in various packages (kernel, libvirt, etc)
- kvm: enables KVM configurations in the kernel and autoloads modules
- k8s: enables kubernets configurations in the kernel, tools and configuration
- aufs: enables aufs support in docker and linux-yocto
- x11: enable xen and libvirt functionality related to x11
- selinux: enables functionality in libvirt and lxc
- systemd: enable systemd services and unit files (for recipes for support)
- sysvinit: enable sysvinit scripts (for recipes with support)
- seccomp: enable seccomp support for packages that have the capability.
Dependencies
This layer depends on:
URI: git://github.com/openembedded/openembedded-core.git branch: master revision: HEAD prio: default
URI: git://github.com/openembedded/meta-openembedded.git branch: master revision: HEAD layers: meta-oe meta-networking meta-filesystems meta-python
BBFILE_PRIORITY_openembedded-layer = "4"
Required for Xen XSM policy: URI: git://git.yoctoproject.org/meta-selinux branch: master revision: HEAD prio: default
Required for Ceph: URI: git://git.yoctoproject.org/meta-cloud-services branch: master revision: HEAD prio: default
Required for cri-o: URI: git://git.yoctoproject.org/meta-selinux branch: master revision: HEAD prio: default
Community / Colaboration
Repository: https://git.yoctoproject.org/cgit/cgit.cgi/meta-virtualization/ Mailing list: https://lists.yoctoproject.org/g/meta-virtualization IRC: libera.chat #meta-virt channel
Maintenance
Send pull requests, patches, comments or questions to meta-virtualization@lists.yoctoproject.org
Maintainer: Bruce Ashfield bruce.ashfield@gmail.com see MAINTAINERS for more specific information
When sending single patches, please using something like: $ git send-email -1 -M --to meta-virtualization@lists.yoctoproject.org --subject-prefix='meta-virtualization][PATCH'
License
All metadata is MIT licensed unless otherwise stated. Source code included in tree for individual recipes is under the LICENSE stated in each recipe (.bb file) unless otherwise stated.