daemon/volumes.go
This SetFileCon call made no sense, it was changing the labels of any
directory mounted into the containers SELinux label. If it came from me,
then I apologize since it is a huge bug.
The Volumes Mount code should optionally do this, but it should not always
happen, and should never happen on a --privileged container.
The change to
daemon/graphdriver/vfs/driver.go, is a simplification since this it not
a relabel, it is only a setting of the shared label for docker volumes.
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
Upstream-commit: 4eb2fd169f8c9adbee4a9a0bd387f96b4e725963
Component: engine
See: https://github.com/docker/docker/issues/10867
While looking at #10867 I noticed that the error message generated for
a blank image ID wasn't very helpful so this fixes that.
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: eeb36c9348b7af339638936a98d66ee4f9be62ee
Component: engine
Add the file close operation before function return to advoid resource leaking
Upstream-commit: 82aa950f4e10dbd45b16ecfc144f8d4b450ad1ff
Component: engine
due to its dependency is tagged to multiple repositories
Signed-off-by: Lei Jitang <leijitang@huawei.com>
Upstream-commit: d9d9175507f3ac2d43fa27bc5f0710c79cd14cfc
Component: engine
Move the stats structs from the api/stats package into a new package
api/types that will contain all the api structs for docker's api request
and responses.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Upstream-commit: 7fed7d7eb4d7766d9342821f2667d160c5f958eb
Component: engine
In addition to config env, `commit` now will also accepts a `changes` env which
is a string contains new-line separated Dockerfile instructions.
`commit` will evaluate `changes` into `runconfig.Config` and merge it with
`config` env, and then finally commit a new image with the changed config
Docker-DCO-1.1-Signed-off-by: Daniel, Dao Quang Minh <dqminh89@gmail.com> (github: dqminh)
Docker-DCO-1.1-Signed-off-by: Daniel, Dao Quang Minh <dqminh89@gmail.com> (github: rhatdan)
Upstream-commit: b30257ccf96f646c6b008312d39544d6700f5cb1
Component: engine
Create container job could fail because a container specified with
`--volumes-from` does not exist. This error is not propagated to client
though. Instead it's recognized by higher levels as "image not found".
Client then tries to pull the image and launch the container again.
This patch changes the lower level error message so that it's not
recognized as "image not found" and thus it's propagated to client.
Signed-off-by: Michal Minar <miminar@redhat.com>
Upstream-commit: d96e8853145ed6a03529e093c49b91f0053472a6
Component: engine
Fixes#10685 panic in some cases.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: 7122b6643e4124db3d37b3b46f4741a97ba03611
Component: engine
NetworkManager updates resolve.conf by replacing the current file
with an updated one. This change enables docker to listen for these
events.
Signed-off-by: Sami Wagiaalla <swagiaal@redhat.com>
Upstream-commit: 11c7c9710a670ad1f49de8f2814caa51d2f7adb6
Component: engine
Currently when containers are linked the alias name (e.g. from `--link
name:alias`) is added to the parent container's `/etc/hosts` with a
reference to the IP of the linked container. Some software requires
using the official hostname or node name in operations that need to
match on those values, and it is therefore helpful if the parent
container can refer to the child/link using those same values and still
access the same IP.
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
Upstream-commit: 16aa64dc82b6434ec78878fa35eb96e4983b46f8
Component: engine
