debootstrap needs the suite as the second argument, for this the script
reorders arguments beginning with a minus but components separated by
space, as stated by the help message, is not handled and will lead to
the rootfs being passed as suite to debootstrap.
The poor mans solution is to fix the help message to pass the long
option as one argument.
Signed-off-by: Julian Taylor <jtaylor.debian@googlemail.com>
Upstream-commit: 34672240b4e69f5f50448e462540bb0259eecf31
Component: engine
Add --security-opts options to allow user to customize container labels and apparmor profile
Upstream-commit: d40ab6f1238c78ea84645e516f1f24d7991798b0
Component: engine
Now that the archive package does not depend on any docker-specific
packages, only those in pkg and vendor, it can be safely moved into pkg.
Signed-off-by: Rafe Colton <rafael.colton@gmail.com>
Upstream-commit: 30d5a42c1f24e26f681b7330249f04fec891aee9
Component: engine
This is the second of two steps to break the archive package's
dependence on utils so that archive may be moved into pkg. `Matches()`
is also a good candidate pkg in that it is small, concise, and not
specific to docker internals
Signed-off-by: Rafe Colton <rafael.colton@gmail.com>
Upstream-commit: 73f4bfed810b65943f1d9d038a8db9bd834067fa
Component: engine
This is the first of two steps to break the archive package's dependence
on utils so that archive may be moved into pkg. Also, the `Go()`
function is small, concise, and not specific to the docker internals, so
it is a good candidate for pkg.
Signed-off-by: Rafe Colton <rafael.colton@gmail.com>
Upstream-commit: b845a62149d5f4990462ac6c9167c5cfaa0e66cb
Component: engine
security-opts will allow you to customise the security subsystem.
For example the labeling system like SELinux will run on a container.
--security-opt="label:user:USER" : Set the label user for the container
--security-opt="label:role:ROLE" : Set the label role for the container
--security-opt="label:type:TYPE" : Set the label type for the container
--security-opt="label:level:LEVEL" : Set the label level for the container
--security-opt="label:disabled" : Turn off label confinement for the container
Since we are passing a list of string options instead of a space separated
string of options, I will change function calls to use InitLabels instead of
GenLabels. Genlabels interface is Depracated.
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
Upstream-commit: 87e732a0f3503517d7a66804bb9a7f74977347e5
Component: engine
This also removes dead code in the native driver for a past feature that
was never fully implemented.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Upstream-commit: 32dca1a7b0e800d796e54fc8f253818ba64fa075
Component: engine
Plus some edits as suggested by @jamtur01
Closes#3636
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 83f0f46b7c0475ae1da329cd97a8c0a67bdc2a6a
Component: engine
Changes summary:
* Added available USE flags table(description included).
* Added some tips regarding the use of docker in the Gentoo environment.
* Sorted out docker installation ways.
* Added information about the newly created Gentoo Docker team.
* Misc improvements
Signed-off-by: Pavlos Ratis <dastergon@gentoo.org>
Upstream-commit: f90d201d887028e21290a413046eb1af7fc8e609
Component: engine
This new version makes sure that the same context is used for the two
builds run in the test. If you don't use the same build then about 1/2 the
time the file copied into the container will look like a different file,
probably due to timestamp differences. But reusing the same context we
re-use the same file on disk and therefore avoid the change in timestamps,
and we use the cache on the 2nd build.
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 8b3fbac15c0579c1372f3e13f607c1001d149d16
Component: engine
