git.99rst.org Git - openwrt-packages.git/commit

author	John Audia <redacted>
	Sun, 21 Jun 2026 10:18:22 +0000 (06:18 -0400)
committer	Josef Schlehofer <redacted>
	Sun, 21 Jun 2026 15:25:02 +0000 (17:25 +0200)
commit	e5b32b606d7581114ce294de0a0c0daf58fc331b
tree	c73d3fdb97c1ef8d8e43232fbc532ca94c453019	tree \| snapshot
parent	8262543989592b205210176eb91c4dcd935f336f	commit \| diff

lxc: update to 7.0.0

Swtich to upstream recommended 7.0 LTS branch[1] which includes a fix
for CVE-2026-39402. Full changelog: https://github.com/lxc/lxc/releases/tag/v7.0.0

- Removed patches/021-remove-legacy-cgroup-support.patch due upstream
deprecated CGroupV1 support.
- Modified files/lxc-auto.init to remove the boot() function which mounted
legacy cgroup1 stuff as well. This PR will superceed
https://github.com/openwrt/packages/pull/27757 as a result.
- Added a version check script for the CI.
- Fix another CI failure with -Dmemfd-rexec=false

Note this release adds the ability to introduce landlock-sandboxing the
monitor process but that would depend on CONFIG_SECURITY_LANDLOCK in the
kernel. This can be added in a future PR if there is interest.

1. https://discuss.linuxcontainers.org/t/lxc-7-0-lts-has-been-released/26612#p-90585-support-and-upgrade-8

Build system: x86/64
Build-tested: x86/64-glibc
Run-tested: x86/64-glibc

Signed-off-by: John Audia <redacted>

utils/lxc/Makefile		diff \| blob \| history
utils/lxc/files/lxc-auto.init		diff \| blob \| history
utils/lxc/patches/021-remove-legacy-cgroup-support.patch	[deleted file]	blob \| history
utils/lxc/patches/030-start-re-introduce-first-SET_DUMPABLE-call.patch		diff \| blob \| history
utils/lxc/test-version.sh	[new file with mode: 0755]	blob