This issue proposes a different approach than #38185 to the same underlying issue:
Long term (or hopefully not so long, depending how long the OCI hooks issue takes), the goal should IMO be to stop vendoring runc completely, and depend on it as a separate package - I believe this view is shared by @thaJeztah as well
I understand that before that happens, moby/containerd wants to tightly control which runc gets used to avoid regressions, which is fair enough. My point is that to achieve that control, runc should be vendored, but not provided (from the POV of deb/rpm spec). This will likely mean having to adapt the location/PATH where the installation puts it to somewhere private to moby/containerd, but should otherwise not have big repercussions...?
There are other projects that have their own requirements for runc (e.g. podman; in fact, @rhatdan asked me to open this issue in containers/podman#2887), and currently, it's not possible to install docker alongside them, or build one's own runc without having to play with PATH-variables.
Xref: the already merged conflict updates
This issue proposes a different approach than #38185 to the same underlying issue:
Long term (or hopefully not so long, depending how long the OCI hooks issue takes), the goal should IMO be to stop vendoring
runccompletely, and depend on it as a separate package - I believe this view is shared by @thaJeztah as wellI understand that before that happens, moby/containerd wants to tightly control which
runcgets used to avoid regressions, which is fair enough. My point is that to achieve that control,runcshould be vendored, but not provided (from the POV of deb/rpm spec). This will likely mean having to adapt the location/PATH where the installation puts it to somewhere private to moby/containerd, but should otherwise not have big repercussions...?There are other projects that have their own requirements for
runc(e.g. podman; in fact, @rhatdan asked me to open this issue in containers/podman#2887), and currently, it's not possible to install docker alongside them, or build one's ownruncwithout having to play with PATH-variables.Xref: the already merged conflict updates