[PR PATCH] Enable seccomp for podman and buildah

[PR PATCH] Enable seccomp for podman and buildah

[CameronNemo]

[-- Attachment #1: Type: text/plain, Size: 1372 bytes --]

There is a new pull request by CameronNemo against master on the void-packages repository

https://github.com/CameronNemo/void-packages containers-seccomp
https://github.com/void-linux/void-packages/pull/45097

Enable seccomp for podman and buildah
- New package: containers.common-0.55.2
- buildah: update to 1.31.0, enable seccomp
- podman: update to 4.5.1, enable seccomp

<!-- Uncomment relevant sections and delete options which are not applicable -->

#### Testing the changes
- I tested the changes in this PR: **YES**

<!--
#### New package
- This new package conforms to the [package requirements](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#package-requirements): **YES**|**NO**
-->

<!-- Note: If the build is likely to take more than 2 hours, please add ci skip tag as described in
https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->
<!--
#### Local build testing
- I built this PR locally for my native architecture, (ARCH-LIBC)
- I built this PR locally for these architectures (if supported. mark crossbuilds):
  - aarch64-musl
  - armv7l
  - armv6l-musl
-->


A patch file from https://github.com/void-linux/void-packages/pull/45097.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-containers-seccomp-45097.patch --]
[-- Type: text/x-diff, Size: 4662 bytes --]

From c39ea8b7c5d3c34dddf1b56b59d32097c8268835 Mon Sep 17 00:00:00 2001
From: Cameron Nemo <cam@nohom.org>
Date: Mon, 17 Jul 2023 18:21:15 -0700
Subject: [PATCH 1/3] New package: containers.common-0.55.2

---
 srcpkgs/containers.common/template | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 srcpkgs/containers.common/template

diff --git a/srcpkgs/containers.common/template b/srcpkgs/containers.common/template
new file mode 100644
index 000000000000..46e5fe613cec
--- /dev/null
+++ b/srcpkgs/containers.common/template
@@ -0,0 +1,20 @@
+# Template file for 'containers.common'
+pkgname=containers.common
+version=0.55.2
+revision=1
+hostmakedepends="go-md2man"
+short_desc="Docs and configs shared by podman, buildah, and skopeo"
+maintainer="Cameron Nemo <cam@nohom.org>"
+license="Apache-2.0"
+homepage="https://github.com/containers/common"
+distfiles="https://github.com/containers/common/archive/v${version}.tar.gz"
+checksum=997529c8aed1b6b71ff732d0cb75e67560222012402a3715ccab765b92ce0479
+
+do_build() {
+	DESTDIR=$DESTDIR make -C docs
+}
+
+do_install() {
+	DESTDIR=$DESTDIR make -C docs PREFIX=/usr install
+	vinstall pkg/seccomp/seccomp.json 0644 usr/share/containers
+}

From b8b6c9a2db37cf181220cf782bb1e6b38c0988b0 Mon Sep 17 00:00:00 2001
From: Cameron Nemo <cam@nohom.org>
Date: Mon, 17 Jul 2023 18:21:29 -0700
Subject: [PATCH 2/3] buildah: update to 1.31.0, enable seccomp

Depend on the containers.common package that provides the seccomp
profile shared with podman.
---
 srcpkgs/buildah/template | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/srcpkgs/buildah/template b/srcpkgs/buildah/template
index 59e63fd6cb7d..13729498b636 100644
--- a/srcpkgs/buildah/template
+++ b/srcpkgs/buildah/template
@@ -1,7 +1,7 @@
 # Template file for 'buildah'
 pkgname=buildah
-version=1.28.2
-revision=2
+version=1.31.0
+revision=1
 build_style=go
 go_import_path=github.com/containers/buildah
 go_package="${go_import_path}/cmd/buildah"
@@ -9,14 +9,14 @@ go_build_tags=containers_image_ostree_stub
 hostmakedepends="pkg-config go-md2man"
 makedepends="libostree-devel libbtrfs-devel device-mapper-devel gpgme-devel
  libassuan-devel libseccomp-devel"
-depends="runc containers.image containers.storage"
+depends="runc containers.image containers.storage containers.common"
 short_desc="Dockerfile compatible OCI image building tool"
 maintainer="Cameron Nemo <cam@nohom.org>"
 license="Apache-2.0"
 homepage="https://github.com/containers/buildah"
 changelog="https://github.com/containers/buildah/blob/master/CHANGELOG.md"
 distfiles="https://github.com/containers/buildah/archive/refs/tags/v${version}.tar.gz"
-checksum=2dc5b1686473f972fbfa15637ecd1a9e2aeefd057c86dd097d1f19e2a6959411
+checksum=c119921e8e4b2d7fd7e1041dfbcfdfac0882e3dea4f7dabdc5175f9bbc70d868
 
 post_build() {
 	make -C docs GOMD2MAN=go-md2man

From fe6826c93eb5adc839095bbb0ef2ce82cb41626d Mon Sep 17 00:00:00 2001
From: Cameron Nemo <cam@nohom.org>
Date: Mon, 17 Jul 2023 18:22:17 -0700
Subject: [PATCH 3/3] podman: update to 4.5.1, enable seccomp

Depend on the containers.common package that provides the seccomp
profile shared with buildah.
---
 srcpkgs/podman/template | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/srcpkgs/podman/template b/srcpkgs/podman/template
index 40cfa779ea4a..97ce80b69da8 100644
--- a/srcpkgs/podman/template
+++ b/srcpkgs/podman/template
@@ -1,22 +1,22 @@
 # Template file for 'podman'
 pkgname=podman
-version=4.4.4
-revision=2
+version=4.5.1
+revision=1
 build_style=go
 go_import_path="github.com/containers/podman/v4"
 go_package="${go_import_path}/cmd/podman ${go_import_path}/cmd/rootlessport"
 go_build_tags="seccomp apparmor containers_image_ostree_stub"
 hostmakedepends="pkg-config go-md2man python3"
 makedepends="gpgme-devel libseccomp-devel device-mapper-devel libbtrfs-devel"
-depends="runc conmon cni-plugins slirp4netns containers.image containers.storage
- fuse-overlayfs"
+depends="runc conmon cni-plugins slirp4netns fuse-overlayfs
+ containers.common containers.image containers.storage"
 short_desc="Simple management tool for containers and images"
 maintainer="Cameron Nemo <cam@nohom.org>"
 license="Apache-2.0"
 homepage="https://podman.io/"
 changelog="https://raw.githubusercontent.com/containers/podman/main/RELEASE_NOTES.md"
 distfiles="https://github.com/containers/podman/archive/v${version}.tar.gz"
-checksum=2dacfe7041b83e2cb05fda58bd1fbdae61348a427f5b9073b96b36154de894a1
+checksum=ee2c8b02b7fe301057f0382637b995a9c6c74e8d530692d6918e4c509ade6e39
 
 if [ "$CROSS_BUILD" ]; then
 	go_build_tags+=" containers_image_openpgp"

Re: Enable seccomp for podman and buildah

[Duncaen]

[-- Attachment #1: Type: text/plain, Size: 277 bytes --]

New comment by Duncaen on void-packages repository

https://github.com/void-linux/void-packages/pull/45097#issuecomment-1640717385

Comment:
The naming schema with `.` is weird, can we use `container-common` for the new package to match other packages and other distributions?

Re: Enable seccomp for podman and buildah

[Duncaen]

[-- Attachment #1: Type: text/plain, Size: 278 bytes --]

New comment by Duncaen on void-packages repository

https://github.com/void-linux/void-packages/pull/45097#issuecomment-1640717385

Comment:
The naming schema with `.` is weird, can we use `containers-common` for the new package to match other packages and other distributions?

Re: [PR REVIEW] Enable seccomp for podman and buildah

[Duncaen]

[-- Attachment #1: Type: text/plain, Size: 236 bytes --]

New review comment by Duncaen on void-packages repository

https://github.com/void-linux/void-packages/pull/45097#discussion_r1267144729

Comment:
Is there a reason to not use `build_style=gnu-makefile` with `make_build_args="-C docs"`

Re: [PR REVIEW] Enable seccomp for podman and buildah

[Duncaen]

[-- Attachment #1: Type: text/plain, Size: 270 bytes --]

New review comment by Duncaen on void-packages repository

https://github.com/void-linux/void-packages/pull/45097#discussion_r1267144729

Comment:
Is there a reason to not use `build_style=gnu-makefile` with `make_build_args="-C docs"` and `make_install_args="-C docs"`

Re: [PR PATCH] [Updated] Enable seccomp for podman and buildah

[CameronNemo]

[-- Attachment #1: Type: text/plain, Size: 1377 bytes --]

There is an updated pull request by CameronNemo against master on the void-packages repository

https://github.com/CameronNemo/void-packages containers-seccomp
https://github.com/void-linux/void-packages/pull/45097

Enable seccomp for podman and buildah
- New package: containers.common-0.55.2
- buildah: update to 1.31.0, enable seccomp
- podman: update to 4.5.1, enable seccomp

<!-- Uncomment relevant sections and delete options which are not applicable -->

#### Testing the changes
- I tested the changes in this PR: **YES**

<!--
#### New package
- This new package conforms to the [package requirements](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#package-requirements): **YES**|**NO**
-->

<!-- Note: If the build is likely to take more than 2 hours, please add ci skip tag as described in
https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->
<!--
#### Local build testing
- I built this PR locally for my native architecture, (ARCH-LIBC)
- I built this PR locally for these architectures (if supported. mark crossbuilds):
  - aarch64-musl
  - armv7l
  - armv6l-musl
-->


A patch file from https://github.com/void-linux/void-packages/pull/45097.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-containers-seccomp-45097.patch --]
[-- Type: text/x-diff, Size: 4641 bytes --]

From c3fac24dc8df93e2c556c02b5cccd180b6acf4d6 Mon Sep 17 00:00:00 2001
From: Cameron Nemo <cam@nohom.org>
Date: Mon, 17 Jul 2023 18:21:15 -0700
Subject: [PATCH 1/3] New package: containers.common-0.55.2

---
 srcpkgs/containers.common/template | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 srcpkgs/containers.common/template

diff --git a/srcpkgs/containers.common/template b/srcpkgs/containers.common/template
new file mode 100644
index 000000000000..b67a6e45c40e
--- /dev/null
+++ b/srcpkgs/containers.common/template
@@ -0,0 +1,18 @@
+# Template file for 'containers.common'
+pkgname=containers.common
+version=0.55.2
+revision=1
+build_style=gnu-makefile
+make_build_args="-C docs"
+make_install_args="-C docs"
+hostmakedepends="go-md2man"
+short_desc="Docs and configs shared by podman, buildah, and skopeo"
+maintainer="Cameron Nemo <cam@nohom.org>"
+license="Apache-2.0"
+homepage="https://github.com/containers/common"
+distfiles="https://github.com/containers/common/archive/v${version}.tar.gz"
+checksum=997529c8aed1b6b71ff732d0cb75e67560222012402a3715ccab765b92ce0479
+
+post_install() {
+	vinstall pkg/seccomp/seccomp.json 0644 usr/share/containers
+}

From 8bb97f25fe01fde1178d8a14f8f417c67c6932f2 Mon Sep 17 00:00:00 2001
From: Cameron Nemo <cam@nohom.org>
Date: Mon, 17 Jul 2023 18:21:29 -0700
Subject: [PATCH 2/3] buildah: update to 1.31.0, enable seccomp

Depend on the containers.common package that provides the seccomp
profile shared with podman.
---
 srcpkgs/buildah/template | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/srcpkgs/buildah/template b/srcpkgs/buildah/template
index 59e63fd6cb7d..13729498b636 100644
--- a/srcpkgs/buildah/template
+++ b/srcpkgs/buildah/template
@@ -1,7 +1,7 @@
 # Template file for 'buildah'
 pkgname=buildah
-version=1.28.2
-revision=2
+version=1.31.0
+revision=1
 build_style=go
 go_import_path=github.com/containers/buildah
 go_package="${go_import_path}/cmd/buildah"
@@ -9,14 +9,14 @@ go_build_tags=containers_image_ostree_stub
 hostmakedepends="pkg-config go-md2man"
 makedepends="libostree-devel libbtrfs-devel device-mapper-devel gpgme-devel
  libassuan-devel libseccomp-devel"
-depends="runc containers.image containers.storage"
+depends="runc containers.image containers.storage containers.common"
 short_desc="Dockerfile compatible OCI image building tool"
 maintainer="Cameron Nemo <cam@nohom.org>"
 license="Apache-2.0"
 homepage="https://github.com/containers/buildah"
 changelog="https://github.com/containers/buildah/blob/master/CHANGELOG.md"
 distfiles="https://github.com/containers/buildah/archive/refs/tags/v${version}.tar.gz"
-checksum=2dc5b1686473f972fbfa15637ecd1a9e2aeefd057c86dd097d1f19e2a6959411
+checksum=c119921e8e4b2d7fd7e1041dfbcfdfac0882e3dea4f7dabdc5175f9bbc70d868
 
 post_build() {
 	make -C docs GOMD2MAN=go-md2man

From 2330c0f410c1a9b9af0a4742a468ede510f0cbdb Mon Sep 17 00:00:00 2001
From: Cameron Nemo <cam@nohom.org>
Date: Mon, 17 Jul 2023 18:22:17 -0700
Subject: [PATCH 3/3] podman: update to 4.5.1, enable seccomp

Depend on the containers.common package that provides the seccomp
profile shared with buildah.
---
 srcpkgs/podman/template | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/srcpkgs/podman/template b/srcpkgs/podman/template
index 40cfa779ea4a..97ce80b69da8 100644
--- a/srcpkgs/podman/template
+++ b/srcpkgs/podman/template
@@ -1,22 +1,22 @@
 # Template file for 'podman'
 pkgname=podman
-version=4.4.4
-revision=2
+version=4.5.1
+revision=1
 build_style=go
 go_import_path="github.com/containers/podman/v4"
 go_package="${go_import_path}/cmd/podman ${go_import_path}/cmd/rootlessport"
 go_build_tags="seccomp apparmor containers_image_ostree_stub"
 hostmakedepends="pkg-config go-md2man python3"
 makedepends="gpgme-devel libseccomp-devel device-mapper-devel libbtrfs-devel"
-depends="runc conmon cni-plugins slirp4netns containers.image containers.storage
- fuse-overlayfs"
+depends="runc conmon cni-plugins slirp4netns fuse-overlayfs
+ containers.common containers.image containers.storage"
 short_desc="Simple management tool for containers and images"
 maintainer="Cameron Nemo <cam@nohom.org>"
 license="Apache-2.0"
 homepage="https://podman.io/"
 changelog="https://raw.githubusercontent.com/containers/podman/main/RELEASE_NOTES.md"
 distfiles="https://github.com/containers/podman/archive/v${version}.tar.gz"
-checksum=2dacfe7041b83e2cb05fda58bd1fbdae61348a427f5b9073b96b36154de894a1
+checksum=ee2c8b02b7fe301057f0382637b995a9c6c74e8d530692d6918e4c509ade6e39
 
 if [ "$CROSS_BUILD" ]; then
 	go_build_tags+=" containers_image_openpgp"

Re: [PR REVIEW] Enable seccomp for podman and buildah

[CameronNemo]

[-- Attachment #1: Type: text/plain, Size: 184 bytes --]

New review comment by CameronNemo on void-packages repository

https://github.com/void-linux/void-packages/pull/45097#discussion_r1267177433

Comment:
Not a good one. Made the change.

Re: [PR PATCH] [Updated] Enable seccomp for podman and buildah

[CameronNemo]

[-- Attachment #1: Type: text/plain, Size: 1377 bytes --]

There is an updated pull request by CameronNemo against master on the void-packages repository

https://github.com/CameronNemo/void-packages containers-seccomp
https://github.com/void-linux/void-packages/pull/45097

Enable seccomp for podman and buildah
- New package: containers.common-0.55.2
- buildah: update to 1.31.0, enable seccomp
- podman: update to 4.5.1, enable seccomp

<!-- Uncomment relevant sections and delete options which are not applicable -->

#### Testing the changes
- I tested the changes in this PR: **YES**

<!--
#### New package
- This new package conforms to the [package requirements](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#package-requirements): **YES**|**NO**
-->

<!-- Note: If the build is likely to take more than 2 hours, please add ci skip tag as described in
https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->
<!--
#### Local build testing
- I built this PR locally for my native architecture, (ARCH-LIBC)
- I built this PR locally for these architectures (if supported. mark crossbuilds):
  - aarch64-musl
  - armv7l
  - armv6l-musl
-->


A patch file from https://github.com/void-linux/void-packages/pull/45097.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-containers-seccomp-45097.patch --]
[-- Type: text/x-diff, Size: 4641 bytes --]

From a134fb8ade1230668a61fccda18198e2f4d46297 Mon Sep 17 00:00:00 2001
From: Cameron Nemo <cam@nohom.org>
Date: Mon, 17 Jul 2023 18:21:15 -0700
Subject: [PATCH 1/3] New package: containers.common-0.55.2

---
 srcpkgs/containers-common/template | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 srcpkgs/containers-common/template

diff --git a/srcpkgs/containers-common/template b/srcpkgs/containers-common/template
new file mode 100644
index 000000000000..f5d1a21e1d10
--- /dev/null
+++ b/srcpkgs/containers-common/template
@@ -0,0 +1,18 @@
+# Template file for 'containers-common'
+pkgname=containers-common
+version=0.55.2
+revision=1
+build_style=gnu-makefile
+make_build_args="-C docs"
+make_install_args="-C docs"
+hostmakedepends="go-md2man"
+short_desc="Docs and configs shared by podman, buildah, and skopeo"
+maintainer="Cameron Nemo <cam@nohom.org>"
+license="Apache-2.0"
+homepage="https://github.com/containers/common"
+distfiles="https://github.com/containers/common/archive/v${version}.tar.gz"
+checksum=997529c8aed1b6b71ff732d0cb75e67560222012402a3715ccab765b92ce0479
+
+post_install() {
+	vinstall pkg/seccomp/seccomp.json 0644 usr/share/containers
+}

From f619b16c2ad0f198deb827ed5a22d31dd32671bc Mon Sep 17 00:00:00 2001
From: Cameron Nemo <cam@nohom.org>
Date: Mon, 17 Jul 2023 18:21:29 -0700
Subject: [PATCH 2/3] buildah: update to 1.31.0, enable seccomp

Depend on the containers-common package that provides the seccomp
profile shared with podman.
---
 srcpkgs/buildah/template | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/srcpkgs/buildah/template b/srcpkgs/buildah/template
index 59e63fd6cb7d..6f84b078ac0a 100644
--- a/srcpkgs/buildah/template
+++ b/srcpkgs/buildah/template
@@ -1,7 +1,7 @@
 # Template file for 'buildah'
 pkgname=buildah
-version=1.28.2
-revision=2
+version=1.31.0
+revision=1
 build_style=go
 go_import_path=github.com/containers/buildah
 go_package="${go_import_path}/cmd/buildah"
@@ -9,14 +9,14 @@ go_build_tags=containers_image_ostree_stub
 hostmakedepends="pkg-config go-md2man"
 makedepends="libostree-devel libbtrfs-devel device-mapper-devel gpgme-devel
  libassuan-devel libseccomp-devel"
-depends="runc containers.image containers.storage"
+depends="runc containers.image containers.storage containers-common"
 short_desc="Dockerfile compatible OCI image building tool"
 maintainer="Cameron Nemo <cam@nohom.org>"
 license="Apache-2.0"
 homepage="https://github.com/containers/buildah"
 changelog="https://github.com/containers/buildah/blob/master/CHANGELOG.md"
 distfiles="https://github.com/containers/buildah/archive/refs/tags/v${version}.tar.gz"
-checksum=2dc5b1686473f972fbfa15637ecd1a9e2aeefd057c86dd097d1f19e2a6959411
+checksum=c119921e8e4b2d7fd7e1041dfbcfdfac0882e3dea4f7dabdc5175f9bbc70d868
 
 post_build() {
 	make -C docs GOMD2MAN=go-md2man

From cd19ef35af5f09237f3a3662094b395b746a9d02 Mon Sep 17 00:00:00 2001
From: Cameron Nemo <cam@nohom.org>
Date: Mon, 17 Jul 2023 18:22:17 -0700
Subject: [PATCH 3/3] podman: update to 4.5.1, enable seccomp

Depend on the containers-common package that provides the seccomp
profile shared with buildah.
---
 srcpkgs/podman/template | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/srcpkgs/podman/template b/srcpkgs/podman/template
index 40cfa779ea4a..bf19bf7577c4 100644
--- a/srcpkgs/podman/template
+++ b/srcpkgs/podman/template
@@ -1,22 +1,22 @@
 # Template file for 'podman'
 pkgname=podman
-version=4.4.4
-revision=2
+version=4.5.1
+revision=1
 build_style=go
 go_import_path="github.com/containers/podman/v4"
 go_package="${go_import_path}/cmd/podman ${go_import_path}/cmd/rootlessport"
 go_build_tags="seccomp apparmor containers_image_ostree_stub"
 hostmakedepends="pkg-config go-md2man python3"
 makedepends="gpgme-devel libseccomp-devel device-mapper-devel libbtrfs-devel"
-depends="runc conmon cni-plugins slirp4netns containers.image containers.storage
- fuse-overlayfs"
+depends="runc conmon cni-plugins slirp4netns fuse-overlayfs
+ containers-common containers.image containers.storage"
 short_desc="Simple management tool for containers and images"
 maintainer="Cameron Nemo <cam@nohom.org>"
 license="Apache-2.0"
 homepage="https://podman.io/"
 changelog="https://raw.githubusercontent.com/containers/podman/main/RELEASE_NOTES.md"
 distfiles="https://github.com/containers/podman/archive/v${version}.tar.gz"
-checksum=2dacfe7041b83e2cb05fda58bd1fbdae61348a427f5b9073b96b36154de894a1
+checksum=ee2c8b02b7fe301057f0382637b995a9c6c74e8d530692d6918e4c509ade6e39
 
 if [ "$CROSS_BUILD" ]; then
 	go_build_tags+=" containers_image_openpgp"

Re: Enable seccomp for podman and buildah

[CameronNemo]

[-- Attachment #1: Type: text/plain, Size: 361 bytes --]

New comment by CameronNemo on void-packages repository

https://github.com/void-linux/void-packages/pull/45097#issuecomment-1640808075

Comment:
Just saw your note on the package name. I changed it to containers-common. It is a little odd in the context of the other containers.<foo> packages, but oh well. It is consistent with other distros as you mentioned.

Re: Enable seccomp for podman and buildah

[CameronNemo]

[-- Attachment #1: Type: text/plain, Size: 213 bytes --]

New comment by CameronNemo on void-packages repository

https://github.com/void-linux/void-packages/pull/45097#issuecomment-1647108405

Comment:
Podman 4.6 is out. Not sure if I should update this branch or wait.

Re: [PR PATCH] [Closed]: Enable seccomp for podman and buildah

[Duncaen]

[-- Attachment #1: Type: text/plain, Size: 1202 bytes --]

There's a closed pull request on the void-packages repository

Enable seccomp for podman and buildah
https://github.com/void-linux/void-packages/pull/45097

Description:
- New package: containers.common-0.55.2
- buildah: update to 1.31.0, enable seccomp
- podman: update to 4.5.1, enable seccomp

<!-- Uncomment relevant sections and delete options which are not applicable -->

#### Testing the changes
- I tested the changes in this PR: **YES**

<!--
#### New package
- This new package conforms to the [package requirements](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#package-requirements): **YES**|**NO**
-->

<!-- Note: If the build is likely to take more than 2 hours, please add ci skip tag as described in
https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->
<!--
#### Local build testing
- I built this PR locally for my native architecture, (ARCH-LIBC)
- I built this PR locally for these architectures (if supported. mark crossbuilds):
  - aarch64-musl
  - armv7l
  - armv6l-musl
-->