p4u1/docker-cli
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3e0fab4d2ebbcfff69ef27d7733b0fc49e0f1f75
docker-cli/components/engine/daemon
History
Daniel J Walsh 3e0fab4d2e /dev should not be readonly with --readonly flag 
/dev is mounted on a tmpfs inside of a container.  Processes inside of containers
some times need to create devices nodes, or to setup a socket that listens on /dev/log
Allowing these containers to run with the --readonly flag makes sense.  Making a tmpfs
readonly does not add any security to the container, since there is plenty of places
where the container can write tmpfs content.

I have no idea why /dev was excluded.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Upstream-commit: 5f3bd2473ee2a1b9f37ba0130e934133d0e01f89
Component: engine
2017-11-02 10:28:51 -04:00
..
caps
cluster
Remove solaris build tag and `contrib/mkimage/solaris
2017-11-02 00:01:46 +00:00
config
Remove solaris build tag and `contrib/mkimage/solaris
2017-11-02 00:01:46 +00:00
discovery
Add ineffassign linter
2017-09-08 18:23:21 -04:00
events
Merge pull request #34985 from thaJeztah/remove-use-of-deprecated-filter-functions
2017-09-27 17:34:07 +02:00
exec
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
graphdriver
Remove solaris build tag and `contrib/mkimage/solaris
2017-11-02 00:01:46 +00:00
initlayer
Remove solaris files
2017-10-24 15:39:34 -04:00
links
use t.Fatal() to output the err message where the values used for formatting
2017-02-23 10:16:22 +08:00
listeners
Remove solaris build tag and `contrib/mkimage/solaris
2017-11-02 00:01:46 +00:00
logger
Remove solaris build tag and `contrib/mkimage/solaris
2017-11-02 00:01:46 +00:00
names
Move names to a more appropriate package.
2017-09-06 12:05:16 -04:00
network
Typo fixed and simple code.
2017-10-18 10:26:58 +08:00
stats
Remove solaris build tag and `contrib/mkimage/solaris
2017-11-02 00:01:46 +00:00
testdata
Remove libtrust dep from api
2017-09-06 12:05:19 -04:00
apparmor_default_unsupported.go
daemon: switch to 'ensure' workflow for AppArmor profiles
2016-12-07 08:47:28 +11:00
apparmor_default.go
apparmor: make pkg/aaparser work on read-only root
2017-05-18 00:05:13 +10:00
archive_tarcopyoptions_unix.go
Fix vfs unit test and port VFS to the new IDMappings
2017-06-07 11:44:34 -04:00
archive_tarcopyoptions_windows.go
daemon/archive.go: Fix copy routines to preserve UID.
2017-04-12 10:33:19 +00:00
archive_tarcopyoptions.go
Partial refactor of UID/GID usage to use a unified struct.
2017-06-07 11:44:33 -04:00
archive_unix.go
LCOW: API change JSON header to string POST parameter
2017-10-06 15:26:48 -07:00
archive_windows.go
Remove CopyOnBuild from the daemon.
2017-06-08 15:06:54 -04:00
archive.go
LCOW: Implemented support for docker cp + build
2017-09-14 12:07:52 -07:00
attach.go
Optimize some wrong usage and spelling
2017-09-07 09:44:08 +08:00
auth.go
bindmount_unix.go
build.go
LCOW: API: Add platform to /images/create and /build
2017-10-06 11:44:18 -07:00
cache.go
Update logrus to v1.0.1
2017-07-31 13:16:46 -07:00
changes.go
checkpoint.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
cluster.go
Fix race condition between swarm and libnetwork
2017-05-10 21:16:52 -07:00
commit.go
Remove solaris files
2017-10-24 15:39:34 -04:00
configs_linux.go
Add config support to executor backend
2017-05-11 10:08:21 -07:00
configs_unsupported.go
Add Windows configs support
2017-05-16 14:25:32 -07:00
configs_windows.go
Add Windows configs support
2017-05-16 14:25:32 -07:00
configs.go
Update logrus to v1.0.1
2017-07-31 13:16:46 -07:00
container_linux.go
Remove string checking in API error handling
2017-08-15 16:01:11 -04:00
container_operations_unix.go
fix panic on get container pid when live restore containers
2017-10-10 22:45:34 +08:00
container_operations_windows.go
Update logrus to v1.0.1
2017-07-31 13:16:46 -07:00
container_operations.go
Remove string checking in API error handling
2017-08-15 16:01:11 -04:00
container_windows.go
Added an apparmorEnabled boolean in the Daemon struct to indicate if AppArmor is enabled or not. It is set in NewDaemon using sysInfo information.
2017-01-30 16:23:23 +01:00
container.go
LCOW: API: Add platform to /images/create and /build
2017-10-06 11:44:18 -07:00
create_unix.go
LCOW: API: Add platform to /images/create and /build
2017-10-06 11:44:18 -07:00
create_windows.go
LCOW: API: Add platform to /images/create and /build
2017-10-06 11:44:18 -07:00
create.go
Remove solaris files
2017-10-24 15:39:34 -04:00
daemon_experimental.go
move plugins out of experimental
2016-11-10 15:51:32 -08:00
daemon_linux_test.go
use t.Fatal() to output the err message where the values used for formatting
2017-02-23 10:16:22 +08:00
daemon_linux.go
Update logrus to v1.0.1
2017-07-31 13:16:46 -07:00
daemon_test.go
Remove solaris build tag and `contrib/mkimage/solaris
2017-11-02 00:01:46 +00:00
daemon_unix_test.go
Remove solaris build tag and `contrib/mkimage/solaris
2017-11-02 00:01:46 +00:00
daemon_unix.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
daemon_unsupported.go
Remove solaris build tag and `contrib/mkimage/solaris
2017-11-02 00:01:46 +00:00
daemon_windows_test.go
Ensure Host Network Service exists
2017-09-25 11:07:44 -07:00
daemon_windows.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
daemon.go
Increase container default shutdown timeout on Windows
2017-10-23 10:31:31 -07:00
debugtrap_unix.go
Update logrus to v1.0.1
2017-07-31 13:16:46 -07:00
debugtrap_unsupported.go
Remove solaris build tag and `contrib/mkimage/solaris
2017-11-02 00:01:46 +00:00
debugtrap_windows.go
Fix startup logging
2017-10-19 11:09:29 -07:00
delete_test.go
Move ErrorContains to an internal package.
2017-08-25 12:04:58 -04:00
delete.go
Merge pull request #34999 from kolyshkin/wait-on-rm
2017-10-29 11:04:41 -07:00
dependency.go
Add config support to executor backend
2017-05-11 10:08:21 -07:00
disk_usage.go
Fix variable shadowing causing LayersSize to be reported as 0
2017-09-12 14:11:11 -03:00
errors.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
events_test.go
LCOW: Remove CommonContainer - just Container
2017-06-20 08:55:46 -07:00
events.go
Update logrus to v1.0.1
2017-07-31 13:16:46 -07:00
exec_linux.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
exec_solaris.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
exec_windows.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
exec.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
export.go
LCOW: API: Add platform to /images/create and /build
2017-10-06 11:44:18 -07:00
getsize_unix.go
Remove solaris build tag and `contrib/mkimage/solaris
2017-11-02 00:01:46 +00:00
health_test.go
Move checkpointing to the Container object
2017-06-23 07:52:32 -07:00
health.go
Add deadcode linter
2017-08-21 18:18:50 -04:00
image_delete.go
LCOW: API: Add platform to /images/create and /build
2017-10-06 11:44:18 -07:00
image_exporter.go
Move to a single tag-store
2017-08-18 17:09:27 -07:00
image_history.go
Move to a single tag-store
2017-08-18 17:09:27 -07:00
image_inspect.go
Move to a single tag-store
2017-08-18 17:09:27 -07:00
image_pull.go
Move to a single tag-store
2017-08-18 17:09:27 -07:00
image_push.go
Move to a single tag-store
2017-08-18 17:09:27 -07:00
image_tag.go
LCOW: API: Add platform to /images/create and /build
2017-10-06 11:44:18 -07:00
image.go
LCOW: API: Add platform to /images/create and /build
2017-10-06 11:44:18 -07:00
images.go
LCOW: API: Add platform to /images/create and /build
2017-10-06 11:44:18 -07:00
import.go
LCOW: API: Add platform to /images/create and /build
2017-10-06 11:44:18 -07:00
info_unix_test.go
Refactor "init" version parsing, and add unit-test
2017-04-08 11:28:37 +02:00
info_unix.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
info_windows.go
api: types: keep info.SecurityOptions a string slice
2016-11-19 13:21:16 +01:00
info.go
Add unconvert linter
2017-08-24 15:08:31 -04:00
inspect_solaris.go
Move platform specific mount data to Container
2017-06-23 07:22:47 -07:00
inspect_unix.go
Remove solaris build tag and `contrib/mkimage/solaris
2017-11-02 00:01:46 +00:00
inspect_windows.go
Move platform specific mount data to Container
2017-06-23 07:22:47 -07:00
inspect.go
Fix downlevel regression
2017-10-09 13:47:28 -07:00
keys_unsupported.go
change minor mistake of spelling
2016-12-20 21:05:19 +08:00
keys.go
kill.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
links.go
Remove links when remove container
2017-07-18 12:09:26 +08:00
list_unix.go
Remove solaris build tag and `contrib/mkimage/solaris
2017-11-02 00:01:46 +00:00
list_windows.go
stop grabbing container locks during ps
2017-06-23 07:52:31 -07:00
list.go
LCOW: API: Add platform to /images/create and /build
2017-10-06 11:44:18 -07:00
logdrivers_linux.go
logdrivers_windows.go
Windows: Enable fluentd logdriver
2016-11-08 19:54:57 -08:00
logs_test.go
logs.go
Remove string checking in API error handling
2017-08-15 16:01:11 -04:00
metrics_unix.go
Update logrus to v1.0.1
2017-07-31 13:16:46 -07:00
metrics_unsupported.go
Add support for metrics plugins
2017-05-12 00:30:09 -04:00
metrics.go
Add gosimple linter
2017-09-12 12:09:59 -04:00
monitor_linux.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
monitor_solaris.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
monitor_windows.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
monitor.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
mounts.go
Fix issue backporting mount spec to pre-1.13 obj
2017-05-11 12:31:53 -04:00
names.go
Fix conflicting container name producint 400 error instead of 409
2017-10-04 20:39:45 +02:00
network.go
Remove solaris files
2017-10-24 15:39:34 -04:00
oci_linux.go
/dev should not be readonly with --readonly flag
2017-11-02 10:28:51 -04:00
oci_windows.go
LCOW: API: Add platform to /images/create and /build
2017-10-06 11:44:18 -07:00
pause.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
prune.go
Merge pull request #34960 from sterchelen/34953-Prune-Volume-lack-event-entry
2017-10-12 09:24:26 -07:00
reload_test.go
Remove solaris build tag and `contrib/mkimage/solaris
2017-11-02 00:01:46 +00:00
reload.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
rename.go
Remove string checking in API error handling
2017-08-15 16:01:11 -04:00
resize.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
restart.go
Update logrus to v1.0.1
2017-07-31 13:16:46 -07:00
search_test.go
Remove redundant format
2016-12-27 21:46:52 +08:00
search.go
Replace uses of filters.ToParam(), FromParam() with filters.ToJSON(), FromJSON()
2017-09-26 13:59:45 +02:00
seccomp_disabled.go
seccomp_linux.go
Update logrus to v1.0.1
2017-07-31 13:16:46 -07:00
seccomp_unsupported.go
secrets_linux.go
secrets: secret management for swarm
2016-11-09 14:27:43 -05:00
secrets_unsupported.go
Add Windows secrets support
2017-05-16 11:30:06 -07:00
secrets_windows.go
Add Windows secrets support
2017-05-16 11:30:06 -07:00
secrets.go
Update logrus to v1.0.1
2017-07-31 13:16:46 -07:00
selinux_linux.go
Switch to using opencontainers/selinux for selinux bindings
2017-04-24 21:29:47 +02:00
selinux_unsupported.go
start_unix.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
start_windows.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
start.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
stats_collector.go
Extract daemon statsCollector to its own package
2017-01-04 18:18:30 +01:00
stats_unix.go
Remove string checking in API error handling
2017-08-15 16:01:11 -04:00
stats_windows.go
stats.go
Remove solaris files
2017-10-24 15:39:34 -04:00
stop.go
Optimize some wrong usage and spelling
2017-09-07 09:44:08 +08:00
top_unix_test.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
top_unix.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
top_windows.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
trustkey_test.go
Remove libtrust dep from api
2017-09-06 12:05:19 -04:00
trustkey.go
Remove libtrust dep from api
2017-09-06 12:05:19 -04:00
unpause.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
update_linux.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
update_solaris.go
update_windows.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
update.go
Update libcontainerd to use containerd 1.0
2017-10-20 07:11:37 -07:00
volumes_unit_test.go
Volume refactoring for LCOW
2017-09-14 12:33:31 -07:00
volumes_unix_test.go
Spelling fixes
2017-07-03 13:13:09 -07:00
volumes_unix.go
Remove solaris build tag and `contrib/mkimage/solaris
2017-11-02 00:01:46 +00:00
volumes_windows.go
Partial refactor of UID/GID usage to use a unified struct.
2017-06-07 11:44:33 -04:00
volumes.go
LCOW: API: Add platform to /images/create and /build
2017-10-06 11:44:18 -07:00
wait.go
Update ContainerWait API
2017-05-16 15:11:39 -07:00
workdir.go
Remove error return from RootPair
2017-06-07 11:45:33 -04:00