098ea0f413
libcontainer: Don't use UsetCloseOnExec, it is racy
...
We can't keep file descriptors without close-on-exec except with
syscall.ForkLock held, as otherwise they could leak by accident into
other children from forks in other threads.
Instead we just use Cmd.ExtraFiles which handles all this for us.
This fixes https://github.com/dotcloud/docker/issues/4493
Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com > (github: alexlarsson)
Upstream-commit: 5c9b28db1853cccdf7a1037eeaad372d12cd68fa
Component: engine
2014-03-06 14:10:32 +01:00
50624219ad
Generate and load custom docker profile for apparmor
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com > (github: creack)
Upstream-commit: 920a6ca54ce98673d0c9a6a9502a469c1c225c75
Component: engine
2014-03-05 15:02:11 -08:00
c1e434e543
Add AppArmor support to native driver + change pipe/dup logic
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com > (github: creack)
Upstream-commit: cb4189a292dc181e26e0506a3a0dc67936c5401b
Component: engine
2014-03-05 13:08:24 -08:00
7cf0d3e449
Add missing -- when we run dockerinit from native
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <victor.vieux@docker.com > (github: vieux)
Upstream-commit: c987901f8d64ab2390409018074b2f93c1718e89
Component: engine
2014-03-05 20:26:48 +00:00
d321be3c28
Change veth prefix back to veth
...
Fixes #4453
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 0cdf10263844db0cb4d051ac9f79051104abe77f
Component: engine
2014-03-04 11:46:05 -08:00
4bb07a86b5
Ensure that ticker does not leak
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 44c3b7133218a66f44cb51b7563b7c0016583eda
Component: engine
2014-02-27 11:40:25 -08:00
49fbe66f4f
Allow child process to live if daemon dies
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: fdeea90fc806d8d2cccdc76a6ecb214dd03093ec
Component: engine
2014-02-27 09:33:36 -08:00
9c9bdcb0ef
Ensure that the container dir is remove on restore
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: a115ce797b80a14d268fcd96521cf05d1e1074c1
Component: engine
2014-02-27 08:28:55 -08:00
02cbc6e6b4
Code review updates
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: fb08b8b221a9a722910d63db678ffb5a8f91b517
Component: engine
2014-02-26 19:21:46 -08:00
3258d9a2a3
Make network a slice to support multiple types
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 70820b69ec2b82ab150af9b8829e37843f67f75a
Component: engine
2014-02-26 14:20:41 -08:00
bec84fb562
Merge branch 'master' into add-libcontainer
...
Conflicts:
execdriver/termconsole.go
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: ce08083f9cd23e8f5e44228b0b73884bcf2f3562
Component: engine
2014-02-26 12:55:24 -08:00
514380823f
Return error for lxc-conf when using native driver
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: bfdf07ac98e1a425892b787cf224109d5925a798
Component: engine
2014-02-25 17:13:00 -08:00
cdfec9fd8a
Ensure that the container's dir is remove from native driver on stop
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 5c67d2e6346d493e2b8b0469d453a64d41c22cb2
Component: engine
2014-02-25 16:27:07 -08:00
9248431c6a
Fix cross compile for make cross
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 93ed15075c43d521f05f4b8f96264efb7fe174e4
Component: engine
2014-02-25 15:19:13 -08:00
0cd1a2f6a4
Move container.json and pid file into a root specific driver dir
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 96e33a7646b3669632f48ed1071aeb61b8016be1
Component: engine
2014-02-25 12:41:31 -08:00
28bf2a10c1
Merge branch 'add-libcontainer' of https://github.com/crosbymichael/docker into add-libcontainer
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com > (github: creack)
Upstream-commit: ca42758368b7bd8e6b102411531c2c89356407ad
Component: engine
2014-02-25 11:42:15 -08:00
1bd3fbfadf
Address initial feedback from pr
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: de083400b8d7c2074d71a30a92e4f3c8bcd8bad8
Component: engine
2014-02-25 10:54:41 -08:00
a70a6bdd53
Better capability/namespace management
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com > (github: creack)
Upstream-commit: 91bf120c51dec3bae98a1974929e2ae8107340c0
Component: engine
2014-02-24 21:52:29 -08:00
9649d5107a
Remove container env var from libcontainer
...
Update tests to use native driver
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 431d510cae85bc1265c861028dd9751ae95088b2
Component: engine
2014-02-24 21:51:00 -08:00
cd79f65fb0
Move types around in native driver
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: 8db740a38e333158e613bc5b3a7acc2605131581
Component: engine
2014-02-24 21:21:35 -08:00
0460b2181f
Refactor and improve libcontainer and driver
...
Remove logging for now because it is complicating things
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: f8453cd0499a51f5d3ffd2c2a6012972aef7f69f
Component: engine
2014-02-24 21:11:52 -08:00
530d80759d
Fix exec driver flag, rename new driver to 'native'
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com > (github: crosbymichael)
Upstream-commit: d59c05a37c3e964cdeef818afc2e7c3a3e8d0cf1
Component: engine
2014-02-24 20:41:09 -08:00
