Correct parent chain in v2 push when v1Compatibility files on the disk are inconsistent
Upstream-commit: c00c64c20eb65152b8f379e7efaf9e014656bcdd
Component: engine
This fixes an issue where two images with the same filesystem contents
and configuration but different remote IDs could share a v1Compatibility
file, resulting in corrupted manifests.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Upstream-commit: 0ab6b1d9221f7a2a65c6565fed8f3d6f29fcec2d
Component: engine
Modified TestInspectApiCpusetInConfigPre120 and
TestContainerApiCreateWithCpuSharesCpuset for working on unicore cpu
environment.
Signed-off-by: Daehyeok Mun <daehyeok@gmail.com>
Upstream-commit: a9afebae6240cfd48a93c182cbbdff4f09d6a6a0
Component: engine
Also, plugin information in docker info output.
Signed-off-by: Kunal Kushwaha <kushwaha_kunal_v7@lab.ntt.co.jp>
Upstream-commit: aa7fd884e609d3d13df628600a1799e0e76444e9
Component: engine
The test case creates a mount point, starts the daemon with the
graph dir pointing to the mount and initates a pull request. We should
be able to check for the error message when the mount point gets filled
during pull.
Signed-off-by: Anil Belur <askb23@gmail.com>
Upstream-commit: 4699ef8f87cc270fdf9e18bad5582b6696d56fe4
Component: engine
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
Upstream-commit: 52021ac2a4f2b32a6ad7444b182b569c616e500e
Component: engine
This change will allow us to run SELinux in a container with
BTRFS back end. We continue to work on fixing the kernel/BTRFS
but this change will allow SELinux Security separation on BTRFS.
It basically relabels the content on container creation.
Just relabling -init directory in BTRFS use case. Everything looks like it
works. I don't believe tar/achive stores the SELinux labels, so we are good
as far as docker commit.
Tested Speed on startup with BTRFS on top of loopback directory. BTRFS
not on loopback should get even better perfomance on startup time. The
more inodes inside of the container image will increase the relabel time.
This patch will give people who care more about security the option of
runnin BTRFS with SELinux. Those who don't want to take the slow down
can disable SELinux either in individual containers or for all containers
by continuing to disable SELinux in the daemon.
Without relabel:
> time docker run --security-opt label:disable fedora echo test
test
real 0m0.918s
user 0m0.009s
sys 0m0.026s
With Relabel
test
real 0m1.942s
user 0m0.007s
sys 0m0.030s
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Upstream-commit: 1716d497a420f0cd4e53a99535704c6d215e38c7
Component: engine
The docker run commands in these tests uses the -m flag,
so the tests should require that it's supported to run.
Fixes 17215 (maybe)
Signed-off-by: Christy Perez <christy@linux.vnet.ibm.com>
Upstream-commit: e86b79fcccb23040feea079652fd9a7bf3458f1d
Component: engine
- Logic is broken when gateway ip falls in ip-range
and ip-range is not the first block in the network
Signed-off-by: Alessandro Boch <aboch@docker.com>
Upstream-commit: c7cd65962448888ceb1cec6a355fc7fd04f3be53
Component: engine
Closes#17781
This allows for env vars in EXPOSE to be parsed for spaces so that each
"word" is then treated independently instead of as a single word/arg.
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 6990f8c6162b5b05118ab54f155eb5d86c85f2d4
Component: engine
