2 Commits

Author SHA1 Message Date
Lokesh Mandvekar 71b20b4753 Merge branch 'c9s-tmt-update' into 'c9s'
Draft: [c9s] TMT: fetch tests from upstream

See merge request redhat/centos-stream/rpms/conmon!45
2026-02-14 02:20:43 -05:00
Lokesh Mandvekar 01a00e7e18 TMT: fetch tests from upstream
Resolves: RHEL-69441

Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
2024-12-30 18:42:02 +05:30
6 changed files with 48 additions and 81 deletions
@@ -1,32 +0,0 @@
From 8596fc6462efa2bd0db47485931cfcd704ca0637 Mon Sep 17 00:00:00 2001
From: Jindrich Novy <jnovy@redhat.com>
Date: Thu, 21 May 2026 09:38:48 +0200
Subject: [PATCH] Reset create_pid after waitpid to prevent signaling unrelated
processes
After the synchronous waitpid(create_pid) succeeds, create_pid was
never reset to -1. If the PID was later reused by another process,
on_sig_exit() would send SIGTERM to that unrelated process.
Resolves: RHEL-178025
Signed-off-by: Jindrich Novy <jnovy@redhat.com>
---
src/conmon.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/conmon.c b/src/conmon.c
index 0abbd17d..24a7da18 100644
--- a/src/conmon.c
+++ b/src/conmon.c
@@ -360,6 +360,7 @@ int main(int argc, char *argv[])
}
pexitf("Failed to wait for `runtime %s`", opt_exec ? "exec" : "create");
}
+ create_pid = -1;
}
/* For exec operations, a non-zero runtime exit status reflects the exit status of the exec'd command,
--
2.49.0
+1 -7
View File
@@ -17,13 +17,11 @@ Name: conmon
Epoch: 3 Epoch: 3
Version: 2.2.1 Version: 2.2.1
License: Apache-2.0 License: Apache-2.0
Release: 2%{?dist} Release: 1%{?dist}
Summary: OCI container runtime monitor Summary: OCI container runtime monitor
URL: https://github.com/containers/%{name} URL: https://github.com/containers/%{name}
# Tarball fetched from upstream # Tarball fetched from upstream
Source0: %{url}/archive/v%{version}.tar.gz Source0: %{url}/archive/v%{version}.tar.gz
# https://github.com/containers/conmon/pull/659
Patch0001: 0001-Reset-create_pid-after-waitpid-to-prevent-signaling-.patch
%if %{with docs} %if %{with docs}
BuildRequires: go-md2man BuildRequires: go-md2man
%endif %endif
@@ -72,10 +70,6 @@ sed -i 's/install.bin: bin\/conmon/install.bin:/' Makefile
%endif %endif
%changelog %changelog
* Mon Jun 22 2026 Jindrich Novy <jnovy@redhat.com> - 3:2.2.1-2
- reset create_pid after waitpid to prevent signaling unrelated processes
- Resolves: RHEL-178025
* Thu Feb 12 2026 Jindrich Novy <jnovy@redhat.com> - 3:2.2.1-1 * Thu Feb 12 2026 Jindrich Novy <jnovy@redhat.com> - 3:2.2.1-1
- update to https://github.com/containers/conmon/releases/tag/v2.2.1 - update to https://github.com/containers/conmon/releases/tag/v2.2.1
- enable RELRO - enable RELRO
+4 -1
View File
@@ -1,7 +1,10 @@
--- !Policy --- !Policy
product_versions: product_versions:
- fedora-* - fedora-*
decision_context: bodhi_update_push_stable decision_contexts:
- bodhi_update_push_stable
- bodhi_update_push_testing
subject_type: koji_build
rules: rules:
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional} - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}
-27
View File
@@ -1,27 +0,0 @@
---
summary: Run conmon tests
description: Test plan for conmon
contact: Yuhui Jiang <yujiang@redhat.com>
provision:
how: container
prepare:
- name: Install packages
how: install
package: [crun, podman, podman-tests, git]
- name: Prepare bats
how: shell
script:
- rm -rf /tmp/bats-core-1.11.0
- curl -s -L https://github.com/bats-core/bats-core/archive/refs/tags/v1.11.0.tar.gz | tar xvz -C /tmp
- /tmp/bats-core-1.11.0/install.sh /usr
discover:
how: fmf
filter: 'tag: gate'
url: https://gitlab.com/yujiang1/conmon.git
ref: c9s
execute:
how: tmt
+43
View File
@@ -0,0 +1,43 @@
prepare:
- name: packages
how: install
package: [bats, iptables, podman-tests]
adjust:
- when: "initiator == packit"
because: "We need to test with updated packages from rhcontainerbot/podman-next copr"
prepare+:
how: shell
script: |
sed -i -n '/^priority=/!p;$apriority=1' /etc/yum.repos.d/*podman-next*.repo
dnf -y upgrade --allowerasing
# FIXME: Use epel10 once bats is available there
- when: distro == centos-stream-10 or distro == rhel-10
because: "bats isn't yet available on epel10"
prepare+:
how: install
copr: rhcontainerbot/bats-el10
package: bats
- when: distro == centos-stream-9 or distro == rhel-9
because: "bats is present on EPEL on rhel9 / c9s"
prepare+:
how: feature
epel: enabled
discover:
how: fmf
url: https://github.com/lsm5/podman
ref: "tmt-fedora-centos"
execute:
how: tmt
/system/local/root:
summary: Run podman system rootful tests
discover+:
filter: 'tag:local & tag:root'
/system/local/rootless:
summary: Run podman system rootless tests
discover+:
filter: 'tag:local & tag:rootless'
-14
View File
@@ -1,14 +0,0 @@
---
summary: conmon tests
description: Using podman system tests to test conmon
contact: Yuhui Jiang <yujiang@redhat.com>
framework: shell
require: [podman,conmon]
tag: 'gate'
test: |
/usr/bin/bats -t /usr/share/podman/test/system/030-run.bats
/usr/bin/bats -t /usr/share/podman/test/system/075-exec.bats
duration: 15m