security-opts will allow you to customise the security subsystem.
For example the labeling system like SELinux will run on a container.
--security-opt="label:user:USER" : Set the label user for the container
--security-opt="label:role:ROLE" : Set the label role for the container
--security-opt="label:type:TYPE" : Set the label type for the container
--security-opt="label:level:LEVEL" : Set the label level for the container
--security-opt="label:disabled" : Turn off label confinement for the container
Since we are passing a list of string options instead of a space separated
string of options, I will change function calls to use InitLabels instead of
GenLabels. Genlabels interface is Depracated.
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
Upstream-commit: 87e732a0f3503517d7a66804bb9a7f74977347e5
Component: engine
builder: Fix handling of VOLUME command where multiple volumes are specified in a space delimited list.
Upstream-commit: d369612b416484301e172bfae3fc692e9c176faf
Component: engine
specified in a space delimited list.
Docker-DCO-1.1-Signed-off-by: Erik Hollensbe <github@hollensbe.org> (github: erikh)
Upstream-commit: a5ca549a18fb5c1006005cc220ab330eec3018de
Component: engine
Cleaned up and corrected some invalid "example responses".
Added some missing double-quotes for examples that resulted in invalid JSON.
Other general cleanup of stray characters and typos.
Docker-DCO-1.1-Signed-off-by: Ted M. Young <tedyoung@gmail.com> (github: SvenDowideit)
Upstream-commit: f304d4b190276939c9aff2090925342d16c7405e
Component: engine
Updated the documentation to to clarify random port mapping when using -...
Upstream-commit: 60f6b0299a11212f9562d7df0f126d517fd2d3a6
Component: engine
Part one of solution for issue #6820
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 05b8a1eb363ce03a9dfa3315fbac59c42af2df54
Component: engine
Docker-DCO-1.1-Signed-off-by: Frederick F. Kautz IV <fkautz@alumni.cmu.edu> (github: fkautz)
Signed-off-by: Alexandr Morozov <lk4d4@docker.com>
Upstream-commit: 3bb12d390a8a965e4dc680db7ecdab8c76f23990
Component: engine
Ordering all clients alphabetically, by language.
Including all available languages in `page_keywords`.
Signed-off-by: Abhinav Ajgonkar <abhinav316@gmail.com>
Upstream-commit: ad65930d0bda1026a02efd18e9f6c70dfdae4fb6
Component: engine
For the cases where --bip option is used it is sometimes best to disable
IP masquerading as the provided bridge IP range may be routable.
Signed-off-by: Eugene Yakubovich <eugene.yakubovich@coreos.com>
Upstream-commit: 4dc4d56db9797159e2e329845e0b94e3e0f780a0
Component: engine
Hi,
this is a small contribution to fix some slightly unprecise information about the `X-Registry-Auth` header required to pull from private registries through the remote API. After a lot of trial and I error I managed to find that the documentation indications had this issues:
* Apparently single quotes cannot be used and double quotes (regular JSON) is required.
* Also the `auth` key must be passed even if empty or a 403 will result.
* It was not clear what the `serveraddress` had to be.
I added some small clarifications for anyone taking a look at the docs to keep them from the problems I've encountered. Hope this is helpful.
Thanks to all the contributors for bringing so much awesomeness to the linux world. :)
Signed-off-by: David Pelaez Tamayo <hello@davidpelaez.me>
Upstream-commit: 8c2b170c6ef3f8ec40c3a1bd6fdfc37f9271852a
Component: engine
This adds a --add-host host:ip flag which appends lines to /etc/hosts. This is needed in places where you want the container to get a different name resolution than it would through DNS. This was submitted before as #5525, closed, and now I am re-opening. It has come up 2 or 3 times in the last couple days.
Signed-off-by: Tim Hockin <thockin@google.com>
Upstream-commit: 68e48b65a64df10fc797cbaa89d6caa2188eadc9
Component: engine
This exposes the already existing "create container" operation. It is
very similar to "docker run -d" except it doesn't actually start the
container, but just prepares it. It can then be manually started using
"docker start" at any point.
Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
Conflicts:
api/client/commands.go
runconfig/parse.go
server/container.go
Docker-DCO-1.1-Signed-off-by: Tibor Vass <teabee89@gmail.com> (github: tiborvass)
Upstream-commit: 3a90004f3c2d86ec849f4674c8046693ea061ed1
Component: engine
