p4u1/docker-cli
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
30,083 Commits 2 Branches 295 Tags
c01c194858b427e19ddf929ce044105d4ea3ec99
Commit Graph

7 Commits

Author SHA1 Message Date
Brian Goff
aedb9451a5 Fix issue with cp to container volume dir 
In some cases, attempting to `docker cp` to a container's volume dir
would fail due to the volume mounts not existing after performing a
bind-mount on the container path prior to doing a pivot_root.

This does not seem to be effecting all systems, but was found to be a
problem on centos.
The solution is to use an `rbind` rather than `bind` so that any
existing mounts are carried over.

The `MakePrivate` on `path` is no longer neccessary since we are already
doing `MakeRPrivate` on `/`.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: e6eef7eb4911252c38c829775aa0d510a432476a
Component: engine
 2016-11-03 16:01:15 -04:00
Tonis Tiigi
f8d146b07d chroot: let root be cleaned up by kernel 
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Upstream-commit: 70dfea63ba2a8a6d8b367420039aeb6a1759c240
Component: engine
 2016-10-20 15:50:46 -07:00
Tonis Tiigi
253426676c chroot: remount everything as private in new mntns 
If parent of the destination path is shared, this
path will be unmounted from the parent ns even if
the path itself is private.

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Upstream-commit: b511d1f0cabd32ca30c87fa1bbc7ecac283dab39
Component: engine
 2016-10-20 15:29:23 -07:00
Phil Estes
4467c80b95 Use real chroot if daemon is running in a user namespace 
The namespace unshare+pivot root is not possible when running inside a
user namespace, so fallback to the original "real" chroot code.

Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
Upstream-commit: dc950567c105153c0a2f8b40d16b989bbddcdb3c
Component: engine
 2016-08-12 16:31:01 -04:00
Antonio Murdaca
6a3cd56f2e pkg: chrootarchive: chroot_linux: fix mount leak 
When pivot_root fails we need to unmount the bind mounted path we
previously mounted in preparation for pivot_root.

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
Upstream-commit: 7d22887b2c8f4de99c3da7c3a0394ca53fb1c4eb
Component: engine
 2016-06-11 00:07:41 +02:00
Antonio Murdaca
0bc559ba8a pkg: chrootarchive: chroot_linux: fix docker build 
The path we're trying to remove doesn't exist after a successful
chroot+chdir because a / is only appended after pivot_root is
successful and so we can't cleanup anymore with the old path.
Also fix leaking .pivot_root dirs under /var/lib/docker/tmp/docker-builder*
on error.

Fix https://github.com/docker/docker/issues/22587
Introduced by https://github.com/docker/docker/pull/22506

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
Upstream-commit: 5248f5c3d1d91ea4235ffe57962e38293af18f34
Component: engine
 2016-05-10 00:42:49 +02:00
Brian Goff
d7e08dc088 Use pivot_root instead of chroot for chrootarchive 
This fixes one issue with Docker running under a grsec kernel, which
denies chmod and mknod under chroot.

Note, if pivot_root fails it will still fallback to chroot.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: 85988b33d299697f410a3a92db5d537fdbee955b
Component: engine
 2016-05-04 19:55:34 -04:00