We should warn users who use the `--dns` command line option to point
DNS to a localhost address, either IPv4 or IPv6. Unless they have
specifically set up the container as a DNS server or are using
--net=host (which is why this should be allowed, but warned on because
those are pretty unique cases) a localhost address as a resolver will
not reach what they might expect (e.g. expecting it will hit localhost
on the Docker daemon/host).
Added a test for the message, and fixed up tests to separate stdout and
stderr that were using `--dns=127.0.0.1` to test the options.
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
Upstream-commit: afa92a9af0f1a77ef25aab73b11aa855a1823666
Component: engine
cc: @jhowardmsft
Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
Upstream-commit: 8ba64b383dee8827c70f9c0a0d71aa61d0f0c595
Component: engine
This change modifies the chmod bits of build context archives built on
windows to preserve the execute bit and remove the r/w bits from
grp/others.
Also adjusted integ-cli tests to verify permissions based on the platform
the tests are running.
Fixes#11047.
Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
Upstream-commit: 1a22418f9f1573ca8521831d52c8e0562cb3ef8f
Component: engine
Currently TestBuildRenamedDockerfile fails since passing
custom dockerfile paths like:
docker build -f dir/file .
fails on windows because those are unix paths. Instead, on
windows accept windows style paths like:
docker build -f dir\file .
and convert them to unix style paths using the helper we
have in `pkg/archive` so that daemon can correctly locate
the path in the context.
Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
Upstream-commit: 5ecab9e831c6d39e649430013087a3e2a85fb949
Component: engine
estesp noticed that when $HOME is / the ~ substitutions messes up
becuase it tries to replace all paths that start with "/" with "~".
This fixes it so that it will only replace it when $HOME isn't "/".
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 116367eb07351125754aef01f7d3da152b018710
Component: engine
Fixes#10426
Because of the ability to easily overload the shell max argument list
length once the image count is several hundred, `docker load` will
start to fail because of this as it passes an excludes list of all
images in the graph. This patch uses an environment variable with the
json marshalled through it to get around the arg length limitation.
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
Upstream-commit: 743c9ba1fb1d946ac99bc86fb573341b2d5a0a8b
Component: engine
This makes use of `%USERPROFILE%` as a substitute for
`~` on Windows and prints shorter strings for default
cert paths etc.
Also removes string escaping/quotes around default
path values printed in `docker help` command as they
are not really necessary and adds double backslashes
(\\) on windows.
Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
Upstream-commit: 1c9b37cb965be459a93ce07539d7b2a53fbdbc6a
Component: engine
Currently pkg/archive stores nested windows files with
backslashes (e.g. `dir\`, `dir\file.txt`) and this causes
tar not being correctly extracted on Linux daemon.
This change assures we canonicalize all paths to unix
paths and add them to tar with that name independent of platform.
Fixes the following test cases for Windows CI:
- TestBuildAddFileWithWhitespace
- TestBuildCopyFileWithWhitespace
- TestBuildAddDirContentToRoot
- TestBuildAddDirContentToExistingDir
- TestBuildCopyDirContentToRoot
- TestBuildCopyDirContentToExistDir
- TestBuildDockerignore
- TestBuildEnvUsage
- TestBuildEnvUsage2
Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
Upstream-commit: 28842d3f093e69cf62a090a532aacba1e6ff6d1c
Component: engine
It turns out the back-to-back `D`s here were tripping people up because visually, it looks like a typo. This renames the variable to `BIND_DIR`, but allows `BINDDIR` to continue working for backwards-compatibility.
Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
Upstream-commit: 987050a52b0ce6d5ae77554a03af5923304bd3e5
Component: engine
Closes#9311 Handles container id/name collisions against daemon functionalities according to #8069
Upstream-commit: 34c804a139cc086e9fa6d3f99442f083b6d5e1e7
Component: engine
This test was written against
master(abdfb21e3a761efdd70614de42905ff7911c5372) as a failing test, but
works with this patch set.
Signed-off-by: Vincent Batts <vbatts@redhat.com>
Upstream-commit: 899a2dda097a57a12f8794ded4a706781173aa5d
Component: engine
sort changes found and exported.
Sorting the files before appending them to the tar archive
would mean a dependable ordering for types like hardlinks.
Also, combine sort logic used
Signed-off-by: Vincent Batts <vbatts@redhat.com>
Upstream-commit: 32d6d49539f5876e6ef75f00db917d8a3aaa0569
Component: engine
This modifies the "docker help" text so that it is no wider than 80 chars
and each description fits on one line. This will also try to use ~ when
possible
Added a test to make sure we don't go over 80 chars again.
Added a test to make sure we use ~
Applied rules/tests to all docker commands - not just main help text
Closes#10214
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 2203b37733e76d653cfe3b0ec5870786076adce7
Component: engine
Updates `image.StoreImage()` to always ensure that images
that are installed in Docker have a tarsum.v1 checksum.
Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
Upstream-commit: ba3bad66f92da057dba2a43ff9a512cf7ad72375
Component: engine
Due to the iptables package being `init`ed at start of the docker
runtime, this means the iptables --wait command listing all rules
is run, no matter if the command is simply "docker -h". It makes
more sense to both locate the iptables command and check for the
wait flag support at the time iptables is actually used, as it
may not be used at all if certain network support is off/configured
differently.
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
Upstream-commit: 5e8285b08120f674b12a34c3f146216f6854a173
Component: engine
