vendor: bump runc to 1.0.0 pre

This is to check if runc 1.0.0 (to be released shortly) works with k8s. The commands used were (roughly): hack/pin-dependency.sh github.com/opencontainers/runc v1.0.0 hack/lint-dependencies.sh # Follow its recommendations. hack/pin-dependency.sh github.com/cilium/ebpf v0.6.1 hack/pin-dependency.sh github.com/opencontainers/selinux v1.8.2 hack/pin-dependency.sh github.com/sirupsen/logrus v1.8.1 # Recheck. hack/lint-dependencies.sh GO111MODULE=on go mod edit -dropreplace github.com/willf/bitset hack/update-vendor.sh # Recheck. hack/lint-dependencies.sh hack/update-internal-modules.sh # Recheck. hack/lint-dependencies.sh [v2: rebased, updated runc 3a0234e1fe2e82 -> 2f8e8e9d977500] [v3: testing master + runc pr 3019] [v4: updated to 93a01cd4d0b7a0f08a] [v5: updated to f093cca13d3cf8a484] [v6: rebased] [v7: updated to runc v1.0.0] [v8: rebased] Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2021-06-06 20:13:57 -07:00
parent 642f42d62b
commit 4e7cf5413d
143 changed files with 2708 additions and 1172 deletions
--- a/vendor/github.com/opencontainers/runc/libcontainer/standard_init_linux.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/standard_init_linux.go
@@ -52,7 +52,7 @@ func (l *linuxStandardInit) Init() error {
 		if err := selinux.SetKeyLabel(l.config.ProcessLabel); err != nil {
 			return err
 		}
-		defer selinux.SetKeyLabel("")
+		defer selinux.SetKeyLabel("") //nolint: errcheck
 		ringname, keepperms, newperms := l.getSessionRingParams()

 		// Do not inherit the parent's session keyring.
@@ -151,7 +151,7 @@ func (l *linuxStandardInit) Init() error {
 	if err := selinux.SetExecLabel(l.config.ProcessLabel); err != nil {
 		return errors.Wrap(err, "set process label")
 	}
-	defer selinux.SetExecLabel("")
+	defer selinux.SetExecLabel("") //nolint: errcheck
 	// Without NoNewPrivileges seccomp is a privileged operation, so we need to
 	// do this before dropping capabilities; otherwise do it as late as possible
 	// just before execve so as few syscalls take place after it as possible.
@@ -183,7 +183,7 @@ func (l *linuxStandardInit) Init() error {
 	}
 	// Close the pipe to signal that we have completed our init.
 	logrus.Debugf("init: closing the pipe to signal completion")
-	l.pipe.Close()
+	_ = l.pipe.Close()

 	// Close the log pipe fd so the parent's ForwardLogs can exit.
 	if err := unix.Close(l.logFd); err != nil {
@@ -207,7 +207,7 @@ func (l *linuxStandardInit) Init() error {
 	// N.B. the core issue itself (passing dirfds to the host filesystem) has
 	// since been resolved.
 	// https://github.com/torvalds/linux/blob/v4.9/fs/exec.c#L1290-L1318
-	unix.Close(l.fifoFd)
+	_ = unix.Close(l.fifoFd)
 	// Set seccomp as close to execve as possible, so as few syscalls take
 	// place afterward (reducing the amount of syscalls that users need to
 	// enable in their seccomp profiles).