/tmp is often a tmpfs file system and large temporary files could cause
docker commands to fail. Also using /tmp potentially allows users on the
system to get access to content, or even attack the content. Moving the tmpdir to
/var/lib/container/tmp will protect the data.
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
Conflicts:
docker/docker.go
Upstream-commit: b4813f2841638be28208b7b1602f12750a46ece9
Component: engine
"docker logout [SERVER]" will remove the registry server' credentials from
.dockercfg file. If a server is not specified, it will log user out of the
default docker registry server
Docker-DCO-1.1-Signed-off-by: Daniel, Dao Quang Minh <dqminh89@gmail.com> (github: dqminh)
Upstream-commit: 06bc4e07529a93abede35ea8fcc2906c5963f2a3
Component: engine
We add a --device flag which can be used like:
docker run --device /dev/sda:/dev/xvda:rwm ubuntu /bin/bash
To allow the container to have read write permissions to access the host's /dev/sda via a node named /dev/xvda in the container.
Note: Much of this code was written by Dinesh Subhraveti dineshs@altiscale.com (github: dineshs-altiscale) and so he deserves a ton of credit.
Docker-DCO-1.1-Signed-off-by: Timothy <timothyhobbs@seznam.cz> (github: timthelion)
Upstream-commit: e855c4b92170534864b920ec1e267b3a815764f9
Component: engine
Currently the docker logs timestamp flag generates log entries like:
$ sudo docker logs -ft daemon_dave
[May 10 13:06:17.934] hello world
It uses Go's StampMilli timestamp to generate the timestamp. The entry
is also wrapped in [ ].
This is non-standard operational timestamp and one that will require
custom parsing.
The new timestamp is RFC3999Nano and generates entries like:
2014-05-10T17:42:14.999999999Z07:00 hello world
These are readily parsed by tools like ELK.
Docker-DCO-1.1-Signed-off-by: James Turnbull <james@lovedthanlost.net> (github: jamtur01)
Docker-DCO-1.1-Signed-off-by: Tibor Vass <teabee89@gmail.com> (github: tiborvass)
Upstream-commit: aa0eca03e6662c5f6b4f0f47190a45f49b61e357
Component: engine
The Docker btrfs graph driver does not interact well with SELinux at present.
If btrfs mounts the same file in several locations, the same SELinux label will
be applied to all mountpoints. In the context of the graph driver, things such
as shared libraries become inaccessible to containers due to SELInux, causing
all dynamically linked applications to fail when run in a container.
Consequently, error when we detect the daemon is being run with SELinux enabled
and the btrfs driver. Documentation has been added for this behavior.
Docker-DCO-1.1-Signed-off-by: Matthew Heon <mheon@redhat.com> (github: mheon)
Upstream-commit: 4318802f645cdd4fa63a894160f153a69a97af59
Component: engine
removing the exclaimation mark from our hello-world examples, some users...
Upstream-commit: a52d90a100938f18411f128369923326e13ba905
Component: engine
Initiates a pause before committing a container,
adds a pause option to the commit command, defaulting to 'true'.
Fixes bug: #6267
Fixes bug: #3675
Docker-DCO-1.1-Signed-off-by: Eric Windisch <ewindisch@docker.com> (github: ewindisch)
Upstream-commit: 17d870bed5ef997c30da1e8b9843f4e84202f8d4
Component: engine
Docker's --sig-proxy option sends all signals but one to a container. The
exception s SIGCHLD, which is deliberately ignored as it doesn't make sense to
send such a signal to a process in a container. Documentation updates will make
this less confusing if anyone does attempt to do this.
Docker-DCO-1.1-Signed-off-by: Matt Heon <mheon@redhat.com> (github: mheon)
Upstream-commit: be4f4599a6d2a517e615dc1f64527a3f2ad2f683
Component: engine
This will allow us to _know_ what the user's -H settings are, which may
be useful for debugging later.
Docker-DCO-1.1-Signed-off-by: Sven Dowideit <SvenDowideit@fosiki.com> (github: SvenDowideit)
Upstream-commit: f54823bf05af1d549aee4f0d1f56f9a8995eb268
Component: engine
This behavior changed from v0.9 to v0.10, so document it to prevent
any confusion.
Docker-DCO-1.1-Signed-off-by: Matthew Heon <mheon@redhat.com> (github: mheon)
Upstream-commit: d08c965e2c6ed223e10773ac77f95b7b6e273e0a
Component: engine
This lets you add storage specific options for the daemon.
Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
Upstream-commit: 822ea97ffcf10645720bb93108a60f8b9ce9931d
Component: engine
