Commit Graph

5997 Commits

Author SHA1 Message Date
Akihiro Suda 6966e5da10 Merge pull request #3879 from kolyshkin/1.1-env-nul-byte
[1.1] init: do not print environment variable value
2023-05-24 13:02:32 +09:00
Aleksa Sarai 63af8b0069 init: do not print environment variable value
When given an environment variable that is invalid, it's not a good idea
to output the contents in case they are supposed to be private (though
such a container wouldn't start anyway so it seems unlikely there's a
real way to use this to exfiltrate environment variables you didn't
already know).

Reported-by: Carl Henrik Lunde <chlunde@ifi.uio.no>
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
(cherry picked from commit 20e38fb2b1)
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-05-22 14:52:57 -07:00
Aleksa Sarai b6109acd4d merge #3846 into release-1.1
Kir Kolyshkin (2):
  VERSION: back to development
  VERSION: release 1.1.7

LGTMs: AkihiroSuda cyphar
Closes #3846
2023-04-27 19:23:30 +10:00
Kir Kolyshkin f0ecf30ba5 VERSION: back to development
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-26 14:49:11 -07:00
Kir Kolyshkin 860f061b76 VERSION: release 1.1.7
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
v1.1.7
2023-04-26 14:49:01 -07:00
Akihiro Suda 2648033807 Merge pull request #3838 from cyphar/1.1-release-gpgkeys
[1.1] release: add runc.keyring file
2023-04-27 06:38:11 +09:00
Akihiro Suda f72cd0a686 Merge pull request #3845 from kolyshkin/1.1-rm-warning
[1.1] libct/cg/sd: use systemd version when generating dev props
2023-04-26 11:52:53 +09:00
Akihiro Suda c1063b1ce2 runc.keyring: add Akihiro Suda
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2023-04-26 08:03:14 +10:00
Aleksa Sarai b0fae8c44d scripts: keyring validate: print some more information
Add a little bit more diagnostic information to "make validate-keyring".

Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
2023-04-26 08:02:58 +10:00
Kir Kolyshkin 79a52b4349 libct/cg/sd: use systemd version when generating dev props
Commit 343951a22b added a call to os.Stat for the device path
when generating systemd device properties, to avoid systemd warning for
non-existing devices. The idea was, since systemd uses stat(2) to look
up device properties for a given path, it will fail anyway. In addition,
this allowed to suppress a warning like this from systemd:

> Couldn't stat device /dev/char/10:200

NOTE that this was done because:
 - systemd could not add the rule anyway;
 - runs puts its own set of rules on top of what systemd does.

Apparently, the above change broke some setups, resulting in inability
to use e.g. /dev/null inside a container. My guess is this is because
in cgroup v2 we add a second eBPF program, which is not used if the
first one (added by systemd) returns "access denied".

Next, commit 3b9582895b fixed that by adding a call to os.Stat for
"/sys/"+path (meaning, if "/dev/char/10:200" does not exist, we retry
with "/sys/dev/char/10:200", and if it exists, proceed with adding a
device rule with the original (non-"/sys") path).

How that second fix ever worked was a mystery, because the path we gave
to systemd still doesn't exist.

Well, I think now I know.

Since systemd v240 (commit 74c48bf5a8005f20) device access rules
specified as /dev/{block|char}/MM:mm are no longer looked up on the
filesystem, instead, if possible, those are parsed from the string.

So, we need to do different things, depending on systemd version:

 - for systemd >= v240, use the /dev/{char,block}/MM:mm as is, without
   doing stat() -- since systemd doesn't do stat() either;
 - for older version, check if the path exists, and skip passing it on
   to systemd otherwise.
 - the check for /sys/dev/{block,char}/MM:mm is not needed in either
   case.

Pass the systemd version to the function that generates the rules, and
fix it accordingly.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit d7208f5910)
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-25 09:38:05 -07:00
Kir Kolyshkin 6a806d4dc4 runc.keyring: add Kolyshkin
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-22 17:18:50 +10:00
Aleksa Sarai b6f686f2c6 keyring: add Aleksa's <cyphar@cyphar.com> signing key
keyid C9C370B246B09F6DBCFC744C34401015D1D2D386

This is my personal signing key, which I've used to sign the vast
majority of my commits on GitHub. While I usually sign releases using my
<asarai@suse.de> signing key, it doesn't hurt to include this key too.

Ref: https://keyserver.ubuntu.com/pks/lookup?search=C9C370B246B09F6DBCFC744C34401015D1D2D386&fingerprint=on&op=index
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
2023-04-22 17:18:24 +10:00
Aleksa Sarai 63355bf8e5 keyring: add Aleksa's <asarai@suse.com> signing key
keyid 5F36C6C61B5460124A75F5A69E18AA267DDB8DB4

This is the signing key I have used for all previous runc releases. You
can also verify that this is the key trusted by openSUSE for all of our
releases.

Ref: https://keyserver.ubuntu.com/pks/lookup?search=5F36C6C61B5460124A75F5A69E18AA267DDB8DB4&fingerprint=on&op=index
Ref: https://build.opensuse.org/package/view_file/openSUSE:Factory/runc/runc.keyring?expand=1&rev=54
Signed-off-by: Aleksa Sarai <asarai@suse.de>
2023-04-22 17:18:24 +10:00
Aleksa Sarai 3bdb63bf44 keyring: verify runc.keyring has legitimate maintainer keys
These checks ensure that all of the keys in the runc.keyring list are
actually the keys of the specified user and that the users themselves
are actually maintainers.

Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
2023-04-22 17:18:23 +10:00
Aleksa Sarai 853d5e38f7 scripts: release: add verification checks for signing keys
We need to make sure the release is being signed by a key that is
actually listed as a trusted signing key, and we also need to ask the
person cutting the release whether the list of trusted keys is
acceptable.

Also add some verification checks after a release is signed to make sure
everything was signed with the correct keys.

Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
2023-04-22 17:18:23 +10:00
Aleksa Sarai bd1d5370ef release: add runc.keyring file and script
In order to allow any of the maintainers to cut releases for runc,
create a keyring file that distributions can use to verify that releases
are signed by one of the maintainers.

The format matches the gpg-offline format used by openSUSE packaging,
but it can be easily imported with "gpg --import" so any distribution
should be able to handle this keyring format wtihout issues.

Each key includes the GitHub handle of the associated user. There isn't
any way for this information to be automatically verified (outside of
using something like keybase.io) but since all changes of this file need
to be approved by maintainers this is okay for now.

Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
2023-04-22 17:18:22 +10:00
Aleksa Sarai 6ccf104ab1 merge #3818 into release-1.1
Kir Kolyshkin (2):
  VERSION: go back to development
  VERSION: release 1.1.6

LGTMs: AkihiroSuda thaJeztah mrunalp hqhq cyphar
Closes #3818
2023-04-12 13:55:19 +10:00
Kir Kolyshkin 7cd72cc3d5 VERSION: go back to development
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-11 11:35:45 -07:00
Kir Kolyshkin 0f48801a0e VERSION: release 1.1.6
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
v1.1.6
2023-04-11 11:35:21 -07:00
Aleksa Sarai 0690c4ec55 merge #3823 into release-1.1
Kir Kolyshkin (1):
  libct/cg: add misc controller to v1 drivers

LGTMs: AkihiroSuda cyphar
Closes #3823
2023-04-11 14:39:03 +10:00
Kir Kolyshkin e4ce94e291 libct/cg: add misc controller to v1 drivers
This is just so that the container can join the misc controller.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit 611bbacb3b)
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-10 15:34:51 -07:00
Mrunal Patel 53333a55d9 Merge pull request #3811 from haircommander/root-cgroup-no-init-1.1
[1.1] libctr/cgroups: don't take init's cgroup into account
2023-04-07 08:05:30 -07:00
Peter Hunt~ 10cfd81631 libctr/cgroups: don't take init's cgroup into account
Sometimes, the init process is not in the root cgroup.
This can be noted by GetInitPath, which already scrubs the path of `init.scope`.

This was encountered when trying to patch the Kubelet to handle systemd being in a separate cpuset
from root (to allow load balance disabling for containers). At present, there's no way to have libcontainer or runc
manage cgroups in a hierarchy outside of the one init is in (unless the path contains `init.scope`, which is limiting)

Signed-off-by: Peter Hunt <pehunt@redhat.com>
(cherry picked from commit 54e20217a8)
2023-04-07 09:41:30 -04:00
Kir Kolyshkin 9c1c844660 Merge pull request #3817 from kolyshkin/1.1-user-exec
[1.1] Fix runc run "permission denied" when rootless

LGTMs: @AkihiroSuda, @mrunalp.
2023-04-06 18:32:52 -07:00
Kir Kolyshkin d30d240b45 tests/int: test for CAP_DAC_OVERRIDE
This is a test case for issue reported as #3715. In short, even if a
(non-root) user that the container is run as does not have execute
permission bit set for the executable, it should still work in case runc
has the CAP_DAC_OVERRIDE capability set.

Note that since the upstream golang is also broken (see [1]), this test
will fail for Go 1.20 and 1.20.1 (fix is in Go 1.20.2 as per [2]).

[1] https://go.dev/issue/58552
[2] https://go-review.googlesource.com/c/go/+/469956

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit 8293ef2e74)
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-06 18:07:03 -07:00
Kir Kolyshkin 840b95394b Fix runc run "permission denied" when rootless
Since commit 957d97bcf4 was made to fix issue [7],
a few things happened:

- a similar functionality appeared in go 1.20 [1], so the issue
  mentioned in the comment (being removed) is no longer true;
- a bug in runc was found [2], which also affects go [3];
- the bug was fixed in go 1.21 [4] and 1.20.2 [5];
- a similar fix was made to x/sys/unix.Faccessat [6].

The essense of [2] is, even if a (non-root) user that the container is
run as does not have execute permission bit set for the executable, it
should still work in case runc has the CAP_DAC_OVERRIDE capability set.

To fix this [2] without reintroducing the older bug [7]:
- drop own Eaccess implementation;
- use the one from x/sys/unix for Go 1.19 (depends on [6]);
- do not use anything when Go 1.20+ is used.

NOTE it is virtually impossible to fix the bug [2] when Go 1.20 or Go
1.20.1 is used because of [3].

A test case is added by a separate commit.

Fixes: #3715.

[1] https://go-review.googlesource.com/c/go/+/414824
[2] https://github.com/opencontainers/runc/issues/3715
[3] https://go.dev/issue/58552
[4] https://go-review.googlesource.com/c/go/+/468735
[5] https://go-review.googlesource.com/c/go/+/469956
[6] https://go-review.googlesource.com/c/sys/+/468877
[7] https://github.com/opencontainers/runc/issues/3520

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit 8491d33482)
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-06 18:07:03 -07:00
Mrunal Patel c7a72abaab Merge pull request #3808 from kolyshkin/1.1-cpuset-byte-order
[1.1] cgroups: cpuset: fix byte order while parsing cpuset range to bits
2023-04-06 18:03:32 -07:00
Chengen, Du 165d2323a0 tests/int: add a "update cpuset cpus range via v2 unified map" test
Add a test case for an issue fixed by the previous commit.
The env should has more than 8 core CPU to meet the test requirement.

Signed-off-by: Chengen, Du <chengen.du@canonical.com>
(cherry picked from commit 4a8750d93a)
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-06 15:34:31 -07:00
Chengen, Du 26a58fdb8b cgroups: cpuset: fix byte order while parsing cpuset range to bits
Runc parses cpuset range to bits in the case of cgroup v2 + systemd as cgroup driver.
The byte order representation differs from systemd expectation, which will set
different cpuset range in systemd transient unit if the length of parsed byte array exceeds one.

	# cat config.json
	...
	"resources": {
		...
		"cpu": {
			"cpus": "10-23"
		}
	},
	...
	# runc --systemd-cgroup run test
	# cat /run/systemd/transient/runc-test.scope.d/50-AllowedCPUs.conf
	# This is a drop-in unit file extension, created via "systemctl set-property"
	# or an equivalent operation. Do not edit.
	[Scope]
	AllowedCPUs=0-7 10-15

The cpuset.cpus in cgroup will also be set to wrong value after reloading systemd manager configuration.

	# systemctl daemon-reload
	# cat /sys/fs/cgroup/system.slice/runc-test.scope/cpuset.cpus
	0-7,10-15

Signed-off-by: seyeongkim <seyeong.kim@canonical.com>
Signed-off-by: Chengen, Du <chengen.du@canonical.com>
(cherry picked from commit 77cae9addc)
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-06 15:34:31 -07:00
Kir Kolyshkin add2f548fe Merge pull request #3791 from kolyshkin/1.1-refresh-ci
[1.1] refresh ci
2023-04-06 15:34:07 -07:00
Akihiro Suda c0647d3ac7 Merge pull request #3807 from kolyshkin/1.1-skip-flaky-ce7
[1.1] libct/cg/dev: skip flaky test of CentOS 7
2023-04-06 13:27:45 +09:00
Kir Kolyshkin 8d9d1d2502 libct/int: make TestFdLeaks more robust
The purpose of this test is to check that there are no extra file
descriptors left open after repeated calls to runContainer. In fact,
the first call to runContainer leaves a few file descriptors opened,
and this is by design.

Previously, this test relied on two things:
1. some other tests were run before it (and thus all such opened-once
   file descriptors are already opened);
2.  explicitly excluding fd opened to /sys/fs/cgroup.

Now, if we run this test separately, it will fail (because of 1 above).
The same may happen if the tests are run in a random order.

To fix this, add a container run before collection the initial fd list,
so those fds that are opened once are included and won't be reported.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit f2e71b085d)
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-05 10:26:27 -07:00
Kir Kolyshkin b66d6d56b9 libct/int: wording nits
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit be7e03940f)
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-05 10:26:08 -07:00
Kir Kolyshkin ddbb6d4145 libc/int: add/use runContainerOk wrapper
This is to de-duplicate the code that checks that err is nil
and that the exit code is zero.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit 7c75e84e22)
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-05 10:25:46 -07:00
Kir Kolyshkin 3531cc2d4e ci: add call to check-config.sh
This is done to make sure the script is working correctly in different
environments (distro and kernel versions). In addition, we can see in
test logs which kernel features are enabled.

Note that I didn't want to have a separate job for GHA CI, so I just
added this to the end of shellcheck one.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit cacc823724)
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-05 10:11:22 -07:00
Kir Kolyshkin ed9a0e1de7 ci/gha: bump actions/cache to v3
This corresponds to commit 6bf2c3b67e in main branch.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-05 10:11:22 -07:00
Kir Kolyshkin 7683e5085a ci/gha: switch to Go 1.19.x for validate
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-05 10:11:22 -07:00
Kir Kolyshkin 568d440756 ci/gha: bump golangci-lint to 1.48
This version works with go 1.19, i.e. it fixes
https://github.com/golangci/golangci-lint/issues/2922.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit 0f4bf2c840)
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-05 10:11:22 -07:00
Kir Kolyshkin 1f9e36c055 libct: fixes for godoc 1.19
Since Go 1.19, godoc recognizes lists, code blocks, headings etc. It
also reformats the sources making it more apparent that these features
are used.

Fix a few places where it misinterpreted the formatting (such as
indented vs unindented), and format the result using the gofumpt
from HEAD, which already incorporates gofmt 1.19 changes.

Some more fixes (and enhancements) might be required.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit 45cc290f02)
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-05 10:11:22 -07:00
Kir Kolyshkin 50f06554f2 ci: bump golangci-lint to 1.46
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit 7481c3c97b)
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-05 10:11:22 -07:00
Kir Kolyshkin 77472ef6e0 libct: fix staticcheck warning
A new version of staticcheck (included into golangci-lint 1.46.2) gives
this new warning:

> libcontainer/factory_linux.go:230:59: SA9008: e refers to the result of a failed type assertion and is a zero value, not the value that was being type-asserted (staticcheck)
> 				err = fmt.Errorf("panic from initialization: %v, %s", e, debug.Stack())
> 				                                                      ^
> libcontainer/factory_linux.go:226:7: SA9008(related information): this is the variable being read (staticcheck)
> 			if e, ok := e.(error); ok {
> 			   ^

Apparently, this is indeed a bug. Fix by using a different name for a
new variable, so we can access the old one under "else".

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit 6662570110)
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-05 10:11:22 -07:00
Kir Kolyshkin 9994fe3f19 libct: suppress strings.Title deprecation warning
Function strings.Title is deprecated as of Go 1.18, because it does not
handle some corner cases good enough. In this case, though, it is
perfectly fine to use it since we have a single ASCII word as an
argument, and strings.Title won't be removed until at least Go 2.0.

Suppress the deprecation warning.

The alternative is to not capitalize the namespace string; this will break
restoring of a container checkpointed by earlier version of runc.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit 7cec81e060)
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-05 10:11:22 -07:00
Kir Kolyshkin 403ea1f088 ci/gha: convert lint-extra from a job to a step
There is no need to parallelize lint and lint-extra jobs,
and they only differ with the arguments to golangci-lint.
Given that the longest time spent in these jobs is installing
libseccomp-dev, and that the second linter run can probably
benefit a lot from caching, it makes sense to merge them.

Move lint-extra from a separate job to a step in lint job.

The implementation is motivated by [1] and relies on the fact
that the last commit being fetched is the merge commit. So,
we need to set fetch-depth to 2 to be able to see the diff of
the merge commit -- and this is what golangci-lint is using.

[1] https://github.com/golangci/golangci-lint-action/issues/449#issuecomment-1096995821

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit fa83a17c57)
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-05 10:11:22 -07:00
Kir Kolyshkin d2c83bdf28 ci/gha: switch to Go 1.18.x for validate
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-05 10:11:22 -07:00
Kir Kolyshkin 03a631df4e ci: switch to golangci-lint 1.45
For release notes, see
https://github.com/golangci/golangci-lint/releases/tag/v1.45.0

Notably, it adds support for Go 1.18.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit fcab941e4d)
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-05 10:11:22 -07:00
Kir Kolyshkin e5a5522ab6 Add supported Go releases (1.19, 1.20)
- Dockerfile: use latest Go version (1.20.x) for release binaries
- .github/workflows: add Go 1.19.x, 1.20.x
- .cirrus.yml: switch to latest Go 1.19.x

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-05 10:10:53 -07:00
Kir Kolyshkin 3ce124834c Dockerfile: fix build wrt new git
With the updated git in golang:1.19-bullseye image, building fails with:

	make -C /go/src/github.com/opencontainers/runc PKG_CONFIG_PATH=/opt/libseccomp/lib/pkgconfig COMMIT_NO= EXTRA_FLAGS=-a 'EXTRA_LDFLAGS=-w -s -buildid=' static
	make[1]: Entering directory '/go/src/github.com/opencontainers/runc'
	fatal: detected dubious ownership in repository at '/go/src/github.com/opencontainers/runc'
	To add an exception for this directory, call:
		git config --global --add safe.directory /go/src/github.com/opencontainers/runc
	go build -trimpath -buildmode=pie -a -tags "seccomp urfave_cli_no_docs netgo osusergo" -ldflags "-X main.gitCommit= -X main.version=1.1.0+dev -linkmode external -extldflags --static-pie -w -s -buildid=" -o runc .
	error obtaining VCS status: exit status 128
		Use -buildvcs=false to disable VCS stamping.

This commit should fix it.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit 42dffaaa4e)
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-05 09:55:25 -07:00
Kir Kolyshkin bac06cf6be ci/gha: remove stable: when installing Go
Since the recent bump of actions/setup-go to v3 (commit
9d2268b9db), specifying "stable:" is no longer needed
when we want to try a beta or rc version of Go.

Remove it.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit 66be704d02)
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-05 09:55:25 -07:00
dependabot[bot] e74040e01f build(deps): bump actions/setup-go from 2 to 3
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 2 to 3.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v2...v3)
2023-04-05 09:55:25 -07:00
Kir Kolyshkin 55462355d6 Require Go 1.17, bump x/sys and x/net
1. bump golang.org/x/sys to v0.6.0;
2. bump golang.org/x/net to v0.8.0
3. require Go 1.17.

Newer x/sys is needed to fix [1].

Go 1.17 is needed because x/sys/unix is using unsafe.Slice which
requires go1.17 or later.

This reuses parts of main commit a0f8847e2a.

[1] https://github.com/opencontainers/runc/issues/3715

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-05 09:55:25 -07:00