0adeca917f
Merge pull request #18953 from justincormack/robust_list
...
Allow use of robust list syscalls in default seccomp policy
Upstream-commit: afdc4747dc16d4302ffd4f5dcb0fc537108862b7
Component: engine
2015-12-29 10:19:41 -08:00
f88929edd0
Merge pull request #18956 from justincormack/umount
...
Block original umount syscall in default seccomp filter
Upstream-commit: a32b06b067f847ee2cefe104430499c425c8fc2c
Component: engine
2015-12-29 10:19:04 -08:00
b2cbf3953e
Merge pull request #18950 from zhanghuanzhong/docker-fix-pull-image-log-info
...
Print the registry name while pulling an image
Upstream-commit: 3ec3597d58dd3c3d91465a03942e60c8e736a225
Component: engine
2015-12-29 10:16:05 -08:00
42db75c945
Merge pull request #18959 from justincormack/finit_module
...
Deny finit_module in default seccomp profile
Upstream-commit: ad8bce2ce4e27f7484fc65a3e6b9bf111793a263
Component: engine
2015-12-29 10:12:50 -08:00
00259400b7
Merge pull request #18961 from justincormack/clock_adjtime
...
Block clock_adjtime in default seccomp config
Upstream-commit: 8ac3d083a856729bc78adad3924e85d73d07173f
Component: engine
2015-12-29 10:08:45 -08:00
d07f5e2095
Merge pull request #18968 from justincormack/stime
...
Block stime in default seccomp profile
Upstream-commit: 294336a1af9d00c1a803c3318e092b1c1d0c5be9
Component: engine
2015-12-29 10:07:40 -08:00
bc8b9546fd
Merge pull request #18728 from hypriot/update-dockerfile-for-arm
...
update Dockerfile.arm to reflect latest changes in main Dockerfile
Upstream-commit: 31bd242cba2eea84b3690e7b0f00864dd780a1af
Component: engine
2015-12-29 09:24:29 -08:00
d33f2d3ddd
Block stime in default seccomp profile
...
The stime syscall is a legacy syscall on some architectures
to set the clock, should be blocked as time is not namespaced.
Signed-off-by: Justin Cormack <justin.cormack@unikernel.com >
Upstream-commit: 6300a08be905969b16197f6a82a3d0d99a3f99cd
Component: engine
2015-12-29 15:28:05 +00:00
55ebb7bfa4
Block clock_adjtime in default seccomp config
...
clock_adjtime is the new posix style version of adjtime allowing
a specific clock to be specified. Time is not namespaced, so do
not allow.
Signed-off-by: Justin Cormack <justin.cormack@unikernel.com >
Upstream-commit: 0e5c43cddad304301ca8a82f652e15f75ee68cfe
Component: engine
2015-12-29 12:48:16 +00:00
40aa142ae9
Deny finit_module in default seccomp profile
...
This is a new version of init_module that takes a file descriptor
rather than a file name.
Signed-off-by: Justin Cormack <justin.cormack@unikernel.com >
Upstream-commit: 0d5306a0b69c912a981f3a4bd41b80beb1207851
Component: engine
2015-12-29 12:31:33 +00:00
e02645b0cd
Block original umount syscall in default seccomp filter
...
The original umount syscall without flags argument needs to
be blocked too.
Signed-off-by: Justin Cormack <justin.cormack@unikernel.com >
Upstream-commit: 9be0d93cf74d1bb31c401f1154abc773af31cbd6
Component: engine
2015-12-29 11:57:16 +00:00
b5183e0bab
Allow use of robust list syscalls
...
The set_robust_list syscall sets the list of futexes which are
cleaned up on thread exit, and are needed to avoid mutexes
being held forever on thread exit.
See for example in Musl libc mutex handling:
http://git.musl-libc.org/cgit/musl/tree/src/thread/pthread_mutex_trylock.c#n22
Signed-off-by: Justin Cormack <justin.cormack@unikernel.com >
Upstream-commit: 7b133e7235593f8d46832045da339395e71e8148
Component: engine
2015-12-29 10:22:05 +00:00
bc484831ec
fix code comment
...
Signed-off-by: Jessica Frazelle <acidburn@docker.com >
Upstream-commit: b4c14a0bb846343c6d6d5dde6d9259c2c62a0b1e
Component: engine
2015-12-28 22:36:54 -08:00
ecf5a1e06e
print the registry name.
...
Signed-off-by: Huanzhong Zhang <zhanghuanzhong90@gmail.com >
Upstream-commit: 85e355605ac8f58452a712b160fdec51ff944aa2
Component: engine
2015-12-29 13:33:04 +08:00
f07bb00458
Merge pull request #18780 from jfrazelle/seccomp-default
...
set default seccomp profile
Upstream-commit: 78ce43bad85fdf97d7c836315e46b531901c8ae7
Component: engine
2015-12-28 16:46:30 -08:00
3f6acddbd7
Fixed /etc/defaults/docker to /etc/default/docker
...
/etc/default/docker is the correct file location in my system, and also according Docker's own documentation at https://github.com/docker/docker/blob/master/docs/articles/configuring.md#configuring-docker
Signed-off-by: J Bruni <contato@jbruni.com.br >
Upstream-commit: 153948ac46851397c9c4fd8117647c608f4d216a
Component: engine
2015-12-28 20:57:36 -02:00
5ec30c4d85
Merge pull request #18835 from dnephin/move_validate_context_dir
...
Move utils.ValidateContextDirectory to the one package that uses it
Upstream-commit: 6cd167386b0133600ea5bbcd0f93d464e6f89e0c
Component: engine
2015-12-28 22:06:13 +01:00
383605ec04
Merge pull request #18899 from cpswan/18898-fix-storage-driver-example
...
Fix --storage-driver example
Upstream-commit: 8c6ad0991e313805ea2c67275086f2c9130cceda
Component: engine
2015-12-28 21:58:43 +01:00
e2082c5e38
Merge pull request #18937 from cbalducci/patch-1
...
[mkimage-alpine.sh] Additional repo and container cleanup
Upstream-commit: 8b68853ef5015f5dea9fb5a06e6715d0876a1eef
Component: engine
2015-12-28 12:51:31 -08:00
4bf36f597c
Merge pull request #18905 from coolljt0725/fix_disconnect_not_save
...
Fix network disconnect does not save the config to disk
Upstream-commit: 1d4306d2fa73506ed101cd085fea3174a3edda8b
Component: engine
2015-12-28 12:38:16 -08:00
9a3edea8a4
Merge pull request #18942 from thaJeztah/move-vish-to-alumni
...
Move Vishnu to alumni
Upstream-commit: b6a251a551395dc727d458062fe49b9dc110529f
Component: engine
2015-12-28 12:31:18 -08:00
3849375325
Merge pull request #18715 from calavera/remove_is_paused_from_interface
...
Remove `IsPaused` from backend interface.
Upstream-commit: baee7ae045019d33e6833043bbf86bd76e1b9d41
Component: engine
2015-12-28 11:25:11 -08:00
3b4ed44ee4
Merge pull request #18897 from runcom/fix-net-none-build
...
integration-cli: fix --net=none build
Upstream-commit: 38440cadf3e27b32b3ee7b9011b1a0a87cbcca69
Component: engine
2015-12-28 10:51:18 -08:00
354272cd56
bump docker-py
...
Signed-off-by: Jessica Frazelle <acidburn@docker.com >
Upstream-commit: d34bbb66d5d5f2f07b8f0c1b63df5f058f20b436
Component: engine
2015-12-28 10:26:52 -08:00
3f03a2c89c
add docs and unconfined to run a container without the default seccomp profile
...
Signed-off-by: Jessica Frazelle <acidburn@docker.com >
Upstream-commit: 15674c5fb74df00d7560fb35619a5372ea2ee74e
Component: engine
2015-12-28 10:26:51 -08:00
aac8048807
add default seccomp profile tests
...
Signed-off-by: Jessica Frazelle <acidburn@docker.com >
Upstream-commit: a48fe6238494547f392b06adf9d48944b4dd8ac3
Component: engine
2015-12-28 10:26:48 -08:00
b5ffb5a2c4
set default seccomp profile
...
Signed-off-by: Jessica Frazelle <acidburn@docker.com >
Upstream-commit: 947293a28084cb5ee2e10e4d128c6e2b9d9da89d
Component: engine
2015-12-28 10:18:47 -08:00
1ce165db7f
Merge pull request #18923 from albers/completion-network-ls--filter
...
bash completion for `docker network ls --filter`
Upstream-commit: 00362f8ea28a1ae04be66372ccee55d80c4bb11c
Component: engine
2015-12-28 10:16:17 -08:00
ee65b7d001
Merge pull request #18939 from dnephin/dont_use_parse_from_builder
...
Remove the need for runconfig.Parse() in the builder
Upstream-commit: ad56c972b4dc07fa23ebdaf6a35735764503c415
Component: engine
2015-12-28 18:47:05 +01:00
e1e0c90deb
Merge pull request #18807 from FlorinAsavoaie/master
...
New features in mkimage-yum.sh script
Upstream-commit: 206046f0baed3476ed83211837202a1d7ce7ee69
Component: engine
2015-12-28 09:09:33 -08:00
3ae3fdb79c
Merge pull request #15078 from hqhq/hq_add_set_api_v2
...
Implement docker update command
Upstream-commit: 8669ea01ba93139a51783ac17658dedd47538b9c
Component: engine
2015-12-28 08:55:32 -08:00
73f5d740e8
Move ValidateContextDirectory to the one package that uses it.
...
Signed-off-by: Daniel Nephin <dnephin@docker.com >
Upstream-commit: 9e19b4839fe32d2935306a630305e7b821544c14
Component: engine
2015-12-28 11:22:39 -05:00
78e703beaa
Move Vishnu to alumni
...
Signed-off-by: Sebastiaan van Stijn <github@gone.nl >
Upstream-commit: 5facd0e94be0bce668a4d335b1b6bb284934df94
Component: engine
2015-12-28 16:30:05 +01:00
b147f556c5
Additional repo and container cleanup
...
- Added support for adding custom repo (defaults to community)
- Added cleanup of the test container (--rm)
- Added --text to grep in apkv() to avoid "Binary file matches" output on Fedora
Signed-off-by: Cristiano Balducci <cristiano.balducci@gmail.com >
Upstream-commit: 7fa40ef513aedffefce9237a7db30340be0b6696
Component: engine
2015-12-28 14:11:56 +01:00
c4af30652d
Implemet docker update command
...
It's used for updating properties of one or more containers, we only
support resource configs for now. It can be extended in the future.
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com >
Upstream-commit: 8799c4fc0feadede6ae60e77bd7d9dfd7cc72a79
Component: engine
2015-12-28 19:19:26 +08:00
753d6942df
Remove the need for runconfig.Parse() in the builder.
...
By using a container.Config directly.
Signed-off-by: Daniel Nephin <dnephin@docker.com >
Upstream-commit: 6dba0b5d89bfa262757493679788b171f23b891c
Component: engine
2015-12-27 19:58:51 -05:00
e18180f247
bash completion for docker network ls --filter
...
Signed-off-by: Harald Albers <github@albersweb.de >
Upstream-commit: f2ba1e4d80c6c811f2c0a6c905f5590d65e70812
Component: engine
2015-12-27 09:28:19 -08:00
88aefd745d
Merge pull request #18907 from mountkin/rm
...
ingnore the NotExist error when removing inexistent files
Upstream-commit: 603d488a00ea59ba7a7bd0e4cb0d6226e4b8cf03
Component: engine
2015-12-26 19:20:10 -08:00
6a84e60720
Specify that Docker requires x64
...
Adds this requirement to docker/docker. Already replicated in docker/tutorials
Resolves : #18401
Signed-off-by: Aditi Rajagopal <arajagopal@us.ibm.com >
Upstream-commit: 8134a562c603679a02bc7841f10676ddba6e4001
Component: engine
2015-12-26 19:02:20 -05:00
3dd9453e30
Merge pull request #18775 from mrjana/mh
...
libnetwork vendoring
Upstream-commit: d4270c1764bbebb2eaaafc86837970b62699865e
Component: engine
2015-12-26 11:42:55 +01:00
3ad8eda6ea
ingnore the NotExist error when removing inexistent files
...
Signed-off-by: Shijiang Wei <mountkin@gmail.com >
Upstream-commit: de7f6cf16be659cca9217ece6e5dc1221706d504
Component: engine
2015-12-25 15:19:48 +08:00
89492a4249
Fix network disconnect does not save the config to disk
...
Signed-off-by: Lei Jitang <leijitang@huawei.com >
Upstream-commit: c0bde4e92c1da26e206bfbcb8308bd9a5f037659
Component: engine
2015-12-25 02:09:37 -05:00
29a743c21a
Rename -dirty to -unsupported
...
Nightly and unofficial builds of Docker bear the suffix `-dirty` in the
version string. Change this suffix to `-unsupported` to make it explicit
that no support will be provided on such versions, and that it is for
example unnecessary to file an issue for it.
Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com >
Upstream-commit: 3e298c5928d0a2cbf5e1b374783ce59de2076637
Component: engine
2015-12-24 09:11:49 -08:00
d743d1334b
Fix --storage-driver example (and --graph)
...
Signed-off-by: Chris Swan <chris.swan@iee.org >
Upstream-commit: 5eef38d364c2d850bd98c70824a67178a44d94c0
Component: engine
2015-12-24 17:02:58 +00:00
b5eef30f35
Fix --storage-driver example
...
Signed-off-by: Chris Swan <chris.swan@iee.org >
Upstream-commit: b6be4acfcc1d8801dc4250acd3701a7d3325334f
Component: engine
2015-12-24 16:43:37 +00:00
602cbecb67
integration-cli: fix --net=none build
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com >
Upstream-commit: bb8e1dc8fa7bda27592b140b433b5ffabdb44917
Component: engine
2015-12-24 16:36:37 +01:00
70ad786bca
Merge pull request #18834 from dmcgowan/layerstore-refactor-rw-layer
...
Layerstore refactor rw layer
Upstream-commit: d08ac6e256933b50dc956abddac6d1fd5c750bf9
Component: engine
2015-12-24 08:02:15 -05:00
9b042e6617
Remove duplicated OomKilldisable
...
It's in Resources, but wrongly added back to HostConfig in
https://github.com/docker/docker/pull/18762
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com >
Upstream-commit: 2e02077e9f9608e1f5aa462be2bb88655763a113
Component: engine
2015-12-24 15:28:56 +08:00
a2f37707c9
Merge pull request #18878 from calavera/conditional_load_response
...
Make `docker load` to output json when the response content type is json.
Upstream-commit: b0be88c1116d4a3e12df42fb903456f608a19756
Component: engine
2015-12-24 01:11:54 +01:00
1d3ad033b8
Merge pull request #18810 from runcom/pkg-authz-fixes
...
pkg: authorization: do not register the same plugin
Upstream-commit: 914fad8b7d3426d9c637bfa07ccb47c141048163
Component: engine
2015-12-23 15:09:06 -08:00
