From 709402d780bfee1e45db4a6a801c68e7598eacd1 Mon Sep 17 00:00:00 2001
From: Ian Campbell <ian.campbell@docker.com>
Date: Mon, 3 Apr 2017 16:40:10 +0100
Subject: [PATCH] Update to runc ef9a4b315558d31eae520725ff67383c2f79c3cb

This is compatible with containerd 8353da59c6ae7e1933aac2228df23541ef8b163f
which was picked up by d2caae4c1a81ebaabfccce08b5b4c438e8c82907.

This required jiggering with riddler output some more to update to new OCI
config.json format for capabilities.

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
---
 base/runc/Dockerfile                   | 2 +-
 examples/gcp.yml                       | 2 +-
 examples/sshd.yml                      | 2 +-
 examples/vmware.yml                    | 2 +-
 moby.yml                               | 2 +-
 pkg/init/Makefile                      | 2 +-
 src/cmd/moby/config.go                 | 2 +-
 test/ltp/test-ltp.yml                  | 2 +-
 test/test.yml                          | 2 +-
 test/virtsock/test-virtsock-server.yml | 2 +-
 tools/riddler/riddler.sh               | 3 ++-
 11 files changed, 12 insertions(+), 11 deletions(-)

diff --git a/base/runc/Dockerfile b/base/runc/Dockerfile
index 487161aaf..c3bdd9b59 100644
--- a/base/runc/Dockerfile
+++ b/base/runc/Dockerfile
@@ -10,7 +10,7 @@ RUN \
   linux-headers \
   make \
   && true
-ENV RUNC_COMMIT=31980a53ae7887b2c8f8715d13c3eb486c27b6cf
+ENV RUNC_COMMIT=ef9a4b315558d31eae520725ff67383c2f79c3cb
 RUN mkdir -p $GOPATH/src/github.com/opencontainers && \
   cd $GOPATH/src/github.com/opencontainers && \
   git clone https://github.com/opencontainers/runc.git
diff --git a/examples/gcp.yml b/examples/gcp.yml
index 5388bd0ef..524ba5986 100644
--- a/examples/gcp.yml
+++ b/examples/gcp.yml
@@ -1,7 +1,7 @@
 kernel:
   image: "mobylinux/kernel:4.9.x"
   cmdline: "console=ttyS0 page_poison=1"
-init: "mobylinux/init:83b229223adbdd5ae38f39b4754e61b951529664"
+init: "mobylinux/init:00c3a5bbfd9794f4a3187fcc4a9f0c826c46d474"
 system:
   - name: sysctl
     image: "mobylinux/sysctl:2cf2f9d5b4d314ba1bfc22b2fe931924af666d8c"
diff --git a/examples/sshd.yml b/examples/sshd.yml
index 3ffcba5b6..b40fb9218 100644
--- a/examples/sshd.yml
+++ b/examples/sshd.yml
@@ -1,7 +1,7 @@
 kernel:
   image: "mobylinux/kernel:4.9.x"
   cmdline: "console=ttyS0 page_poison=1"
-init: "mobylinux/init:83b229223adbdd5ae38f39b4754e61b951529664"
+init: "mobylinux/init:00c3a5bbfd9794f4a3187fcc4a9f0c826c46d474"
 system:
   - name: sysctl
     image: "mobylinux/sysctl:2cf2f9d5b4d314ba1bfc22b2fe931924af666d8c"
diff --git a/examples/vmware.yml b/examples/vmware.yml
index ec55b9cc4..0e26d8b1f 100644
--- a/examples/vmware.yml
+++ b/examples/vmware.yml
@@ -1,7 +1,7 @@
 kernel:
   image: "mobylinux/kernel:4.9.x"
   cmdline: "console=tty0 page_poison=1"
-init: "mobylinux/init:83b229223adbdd5ae38f39b4754e61b951529664"
+init: "mobylinux/init:00c3a5bbfd9794f4a3187fcc4a9f0c826c46d474"
 system:
   - name: sysctl
     image: "mobylinux/sysctl:2cf2f9d5b4d314ba1bfc22b2fe931924af666d8c"
diff --git a/moby.yml b/moby.yml
index 890409b82..68f0b6e10 100644
--- a/moby.yml
+++ b/moby.yml
@@ -1,7 +1,7 @@
 kernel:
   image: "mobylinux/kernel:4.9.x"
   cmdline: "console=ttyS0 console=tty0 page_poison=1"
-init: "mobylinux/init:83b229223adbdd5ae38f39b4754e61b951529664"
+init: "mobylinux/init:00c3a5bbfd9794f4a3187fcc4a9f0c826c46d474"
 system:
   - name: sysctl
     image: "mobylinux/sysctl:2cf2f9d5b4d314ba1bfc22b2fe931924af666d8c"
diff --git a/pkg/init/Makefile b/pkg/init/Makefile
index 2c098009e..363940806 100644
--- a/pkg/init/Makefile
+++ b/pkg/init/Makefile
@@ -1,7 +1,7 @@
 CONTAINERD_IMAGE=mobylinux/containerd:a688df6aee1e3700eb8d54dbc81070361df397a2@sha256:59ee3da05fe4dad4fbecff582c86fc30ce75e19a225eeeb07e203c9cc36fe34f
 CONTAINERD_BINARIES=usr/bin/containerd usr/bin/containerd-shim usr/bin/ctr usr/bin/dist
 
-RUNC_IMAGE=mobylinux/runc:94c54debf9a3ebb6d31311bdddb881ea07486dcd@sha256:13cabc1017c6448498e74bae9892ebc9dbad9e5d68f7df6b3855a15522e3a86b
+RUNC_IMAGE=mobylinux/runc:45884ad2bfad045cbf35f2b78b4c82f75fb19854@sha256:d7c4576405f2318d329f538f847927018d4e8497d7968bd3323ff047e2ffe257
 RUNC_BINARY=usr/bin/runc
 
 C_COMPILE=mobylinux/c-compile:81a6bd8ff45d769b60a2ee1acdaccda11ab835c8@sha256:eac250997a3b9784d3285a03c0c8311d4ca6fb63dc75164c987411ba93006487
diff --git a/src/cmd/moby/config.go b/src/cmd/moby/config.go
index 0f19c0514..de0966bff 100644
--- a/src/cmd/moby/config.go
+++ b/src/cmd/moby/config.go
@@ -51,7 +51,7 @@ type MobyImage struct {
 	ReadOnly     bool `yaml:"read_only"`
 }
 
-const riddler = "mobylinux/riddler:2b4051422b155f659019f9e3fef8cca04e153f5c@sha256:f4bb0c39f1e5c636ed52ebd3ed8ec447ca6c0dc554ffb5784cbeff423ac70d34"
+const riddler = "mobylinux/riddler:decf6c9e24b579175a038a76f9721e7aca507abd@sha256:9d24a7c48204b94b5d76cc3d6cf70f779d87d08d8a893169292c98d0e19ab579"
 
 // NewConfig parses a config file
 func NewConfig(config []byte) (*Moby, error) {
diff --git a/test/ltp/test-ltp.yml b/test/ltp/test-ltp.yml
index 90357b49c..ab8261c96 100644
--- a/test/ltp/test-ltp.yml
+++ b/test/ltp/test-ltp.yml
@@ -1,7 +1,7 @@
 kernel:
   image: "mobylinux/kernel:4.9.x"
   cmdline: "console=ttyS0"
-init: "mobylinux/init:83b229223adbdd5ae38f39b4754e61b951529664"
+init: "mobylinux/init:00c3a5bbfd9794f4a3187fcc4a9f0c826c46d474"
 system:
   - name: ltp
     image: "mobylinux/test-ltp-20170116:fdca2d1bb019b1d51e722e6032c82c7933d4b870"
diff --git a/test/test.yml b/test/test.yml
index 7d6ce45fd..e077eda33 100644
--- a/test/test.yml
+++ b/test/test.yml
@@ -1,7 +1,7 @@
 kernel:
   image: "mobylinux/kernel:4.9.x"
   cmdline: "console=ttyS0"
-init: "mobylinux/init:83b229223adbdd5ae38f39b4754e61b951529664"
+init: "mobylinux/init:00c3a5bbfd9794f4a3187fcc4a9f0c826c46d474"
 system:
   - name: binfmt
     image: "mobylinux/binfmt:bdb754f25a5d851b4f5f8d185a43dfcbb3c22d01"
diff --git a/test/virtsock/test-virtsock-server.yml b/test/virtsock/test-virtsock-server.yml
index 1b52c3c89..a150616cc 100644
--- a/test/virtsock/test-virtsock-server.yml
+++ b/test/virtsock/test-virtsock-server.yml
@@ -5,7 +5,7 @@ kernel:
   # image: "mobylinux/kernel:4.9.14-0"
   image: "mobylinux/kernel:4.9.x"
   cmdline: "console=ttyS0 page_poison=1"
-init: "mobylinux/init:83b229223adbdd5ae38f39b4754e61b951529664"
+init: "mobylinux/init:00c3a5bbfd9794f4a3187fcc4a9f0c826c46d474"
 system:
   - name: sysctl
     image: "mobylinux/sysctl:2cf2f9d5b4d314ba1bfc22b2fe931924af666d8c"
diff --git a/tools/riddler/riddler.sh b/tools/riddler/riddler.sh
index 594601b69..44935f526 100755
--- a/tools/riddler/riddler.sh
+++ b/tools/riddler/riddler.sh
@@ -42,7 +42,8 @@ cat config.json.orig | \
   jq 'del (.linux.resources.memory.swappiness)' | \
   jq 'del(.linux.uidMappings) | del(.linux.gidMappings) | .linux.namespaces = (.linux.namespaces|map(select(.type!="user")))' | \
   jq 'if .root.readonly==true then .mounts = (.mounts|map(if .destination=="/dev" then .options |= .+ ["ro"] else . end)) else . end' | \
-  jq '.mounts = if .process.capabilities | length != 38 then (.mounts|map(if .destination=="/sys" then .options |= .+ ["ro"] else . end)) else . end' \
+  jq '.mounts = if .process.capabilities | length != 38 then (.mounts|map(if .destination=="/sys" then .options |= .+ ["ro"] else . end)) else . end' | \
+  jq '.process.capabilities = { bounding: .process.capabilities, effective: .process.capabilities, ambient: .process.capabilities, inheritable: .process.capabilities, permitted: .process.capabilities }' \
   > config.json
 
 cat config.json