p4u1/docker-cli
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e7e4e933523dee91790f07b48120475fa6f67066
docker-cli/components/engine/daemon
History
Aleksa Sarai e7e4e93352 apparmor: make pkg/aaparser work on read-only root 
This is necessary because normally `apparmor_parser -r` will try to
create a temporary directory on the host (which is not allowed if the
host has a rootfs). However, the -K option bypasses saving things to the
cache (which avoids this issue).

  % apparmor_parser -r /tmp/docker-profile
  mkstemp: Read-only file system
  % apparmor_parser -Kr /tmp/docker-profile
  %

In addition, add extra information to the ensureDefaultAppArmorProfile
errors so that problems like this are easier to debug.

Fixes: 2f7596aaef3a ("apparmor: do not save profile to /etc/apparmor.d")
Signed-off-by: Aleksa Sarai <asarai@suse.de>
Upstream-commit: dd340c52cb37d29d8bae687fdc60e039341b4295
Component: engine
2017-05-18 00:05:13 +10:00
..
caps
cluster
Merge pull request #32237 from jlhawn/update_container_wait
2017-05-17 02:39:52 +02:00
config
Expose trust key path in config
2017-05-10 14:16:27 -07:00
discovery
The returned err should be printed
2017-03-29 09:00:50 +08:00
events
Use distribution reference
2017-02-07 11:08:37 -08:00
exec
Move StreamConfig out of runconfig
2016-11-14 15:15:09 -05:00
graphdriver
Do not remove containers from memory on error
2017-05-05 17:02:04 -04:00
initlayer
Implement content addressability for plugins
2016-12-23 13:29:58 -08:00
links
use t.Fatal() to output the err message where the values used for formatting
2017-02-23 10:16:22 +08:00
logger
Update comments describing new behaviour
2017-05-15 11:08:16 +12:00
network
Fix autostart for swarm scope connected containers
2016-09-13 14:21:58 -07:00
stats
Correct CPU usage calculation in presence of offline CPUs and newer Linux
2017-03-10 10:24:33 +00:00
apparmor_default_unsupported.go
daemon: switch to 'ensure' workflow for AppArmor profiles
2016-12-07 08:47:28 +11:00
apparmor_default.go
apparmor: make pkg/aaparser work on read-only root
2017-05-18 00:05:13 +10:00
archive_tarcopyoptions_unix.go
daemon/archive.go: Fix copy routines to preserve UID.
2017-04-12 10:33:19 +00:00
archive_tarcopyoptions_windows.go
daemon/archive.go: Fix copy routines to preserve UID.
2017-04-12 10:33:19 +00:00
archive_tarcopyoptions.go
daemon/archive.go: Fix copy routines to preserve UID.
2017-04-12 10:33:19 +00:00
archive_unix.go
Windows: Fail fs ops on running Hyper-V containers gracefully
2017-03-15 13:31:41 -07:00
archive_windows.go
Windows: Fail fs ops on running Hyper-V containers gracefully
2017-03-15 13:31:41 -07:00
archive.go
Expose a smaller interface for the Builder retrieving images from daemon
2017-05-10 17:58:57 -04:00
attach.go
Update ContainerWait API
2017-05-16 15:11:39 -07:00
auth.go
Add engine-api types to docker
2016-09-07 11:05:58 -07:00
bindmount_solaris.go
Add functional support for Docker sub commands on Solaris
2016-11-07 09:06:34 -08:00
bindmount_unix.go
Add functional support for Docker sub commands on Solaris
2016-11-07 09:06:34 -08:00
build.go
Refactor imageContexts into two different structs.
2017-05-10 17:59:30 -04:00
cache.go
Extract the daemon image cache to its own package
2017-01-03 19:19:27 +01:00
changes.go
Windows: support docker diff
2016-10-28 11:06:54 -07:00
checkpoint.go
check err and add print
2017-05-05 14:50:00 +08:00
cluster.go
Fix race condition between swarm and libnetwork
2017-05-10 21:16:52 -07:00
commit.go
Cleanup all the mutate + defer revert of b.runConfig in the builder
2017-05-01 18:36:53 -04:00
configs_linux.go
Add config support to executor backend
2017-05-11 10:08:21 -07:00
configs_unsupported.go
Add Windows configs support
2017-05-16 14:25:32 -07:00
configs_windows.go
Add Windows configs support
2017-05-16 14:25:32 -07:00
configs.go
Add config support to executor backend
2017-05-11 10:08:21 -07:00
container_linux.go
Added an apparmorEnabled boolean in the Daemon struct to indicate if AppArmor is enabled or not. It is set in NewDaemon using sysInfo information.
2017-01-30 16:23:23 +01:00
container_operations_solaris.go
Add functional support for Docker sub commands on Solaris
2016-11-07 09:06:34 -08:00
container_operations_unix.go
Update ContainerWait API
2017-05-16 15:11:39 -07:00
container_operations_windows.go
Add Windows configs support
2017-05-16 14:25:32 -07:00
container_operations.go
Do not error out on serv bind deactivation if no sbox is found
2017-04-10 09:13:41 -07:00
container_windows.go
Added an apparmorEnabled boolean in the Daemon struct to indicate if AppArmor is enabled or not. It is set in NewDaemon using sysInfo information.
2017-01-30 16:23:23 +01:00
container.go
set 1ms as container duration minimum value
2017-04-12 15:45:29 -07:00
create_unix.go
Switch to using opencontainers/selinux for selinux bindings
2017-04-24 21:29:47 +02:00
create_windows.go
Windows: Revert 27884
2016-11-16 13:38:45 -08:00
create.go
Merge pull request #29554 from cpuguy83/keep_running_count_of_states
2017-05-05 16:15:22 -04:00
daemon_experimental.go
move plugins out of experimental
2016-11-10 15:51:32 -08:00
daemon_linux_test.go
use t.Fatal() to output the err message where the values used for formatting
2017-02-23 10:16:22 +08:00
daemon_linux.go
Add Windows specific exec root for plugins.
2017-02-02 14:00:12 -08:00
daemon_solaris.go
Switch to using opencontainers/selinux for selinux bindings
2017-04-24 21:29:47 +02:00
daemon_test.go
rewrite reload code
2017-02-15 21:57:27 +08:00
daemon_unix_test.go
use t.Fatal() to output the err message where the values used for formatting
2017-02-23 10:16:22 +08:00
daemon_unix.go
Update moby to runc and oci 1.0 runtime final rc
2017-05-05 13:45:45 -07:00
daemon_unsupported.go
daemon_windows.go
Fix scaling of NanoCPUs on Hyper-V containers
2017-04-12 16:54:27 -07:00
daemon.go
Merge pull request #33075 from x1022as/stop
2017-05-17 09:27:47 -04:00
debugtrap_unix.go
Spew debugging
2016-11-03 10:05:11 -07:00
debugtrap_unsupported.go
Spew debugging
2016-11-03 10:05:11 -07:00
debugtrap_windows.go
Spew debugging
2016-11-03 10:05:11 -07:00
debugtrap.go
Reduce spew data dumped
2016-11-17 13:10:48 -05:00
delete_test.go
Use a test table in the daemon delete unit tests
2017-04-18 10:30:40 +03:00
delete.go
Update Container Wait Backend
2017-05-16 15:09:14 -07:00
dependency.go
Add config support to executor backend
2017-05-11 10:08:21 -07:00
disk_usage.go
Prevent multiple parallel SystemDiskUsage call
2017-04-24 09:11:29 -07:00
errors.go
Use distribution reference
2017-02-07 11:08:37 -08:00
events_test.go
use t.Fatal() to output the err message where the values used for formatting
2017-02-23 10:16:22 +08:00
events.go
Add engine-api types to docker
2016-09-07 11:05:58 -07:00
exec_linux.go
daemon: also ensureDefaultApparmorProfile in exec path
2017-03-13 15:20:05 +11:00
exec_solaris.go
exec_windows.go
Windows: Plumb through user
2016-11-08 17:41:56 -08:00
exec.go
Update ContainerWait API
2017-05-16 15:11:39 -07:00
export.go
pkg/archive: remove unnecessary Archive and Reader type
2016-10-20 19:31:24 -07:00
getsize_unix.go
Don’t hold container lock for size calculation
2017-02-18 18:11:48 -08:00
health_test.go
Added start period option to health check.
2017-04-06 12:35:34 +02:00
health.go
Added start period option to health check.
2017-04-06 12:35:34 +02:00
image_delete.go
Use distribution reference
2017-02-07 11:08:37 -08:00
image_exporter.go
image_history.go
Use distribution reference
2017-02-07 11:08:37 -08:00
image_inspect.go
Use distribution reference
2017-02-07 11:08:37 -08:00
image_pull.go
Expose a smaller interface for the Builder retrieving images from daemon
2017-05-10 17:58:57 -04:00
image_push.go
Use distribution reference
2017-02-07 11:08:37 -08:00
image_tag.go
Use distribution reference
2017-02-07 11:08:37 -08:00
image.go
Expose a smaller interface for the Builder retrieving images from daemon
2017-05-10 17:58:57 -04:00
images.go
Ignore layer does not exist error from docker images
2017-03-16 09:21:51 +08:00
import.go
Refacator pkg/streamformatter
2017-05-02 17:38:12 -04:00
info_unix_test.go
Refactor "init" version parsing, and add unit-test
2017-04-08 11:28:37 +02:00
info_unix.go
Fix missing Init Binary in docker info output
2017-04-10 16:54:07 +05:30
info_windows.go
api: types: keep info.SecurityOptions a string slice
2016-11-19 13:21:16 +01:00
info.go
Merge pull request #29554 from cpuguy83/keep_running_count_of_states
2017-05-05 16:15:22 -04:00
inspect_solaris.go
Add functional support for Docker sub commands on Solaris
2016-11-07 09:06:34 -08:00
inspect_unix.go
Don’t hold container lock for size calculation
2017-02-18 18:11:48 -08:00
inspect_windows.go
Add new HostConfig field, Mounts.
2016-09-13 09:55:35 -04:00
inspect.go
Update ContainerWait API
2017-05-16 15:11:39 -07:00
keys_unsupported.go
change minor mistake of spelling
2016-12-20 21:05:19 +08:00
keys.go
kill.go
Update ContainerWait API
2017-05-16 15:11:39 -07:00
links.go
Windows: Factor out sqlite
2016-12-01 09:38:08 -08:00
list_unix.go
list_windows.go
list.go
28722: List of containers with networkID filter is not working
2017-03-31 08:57:09 +00:00
logdrivers_linux.go
added logentries driver
2016-10-06 22:48:53 -03:00
logdrivers_windows.go
Windows: Enable fluentd logdriver
2016-11-08 19:54:57 -08:00
logs_test.go
Add engine-api types to docker
2016-09-07 11:05:58 -07:00
logs.go
Prevent ContainerLogs from hanging if container doesn't run for long
2017-04-20 12:27:51 +01:00
metrics_unix.go
Add support for metrics plugins
2017-05-12 00:30:09 -04:00
metrics_unsupported.go
Add support for metrics plugins
2017-05-12 00:30:09 -04:00
metrics.go
Add support for metrics plugins
2017-05-12 00:30:09 -04:00
monitor_linux.go
monitor_solaris.go
monitor_windows.go
Move stdio attach from libcontainerd backend to callback
2016-10-24 00:20:36 -07:00
monitor.go
Do not remove containers from memory on error
2017-05-05 17:02:04 -04:00
mounts.go
Fix issue backporting mount spec to pre-1.13 obj
2017-05-11 12:31:53 -04:00
names.go
Use quoted form of container name and container id
2017-01-17 08:26:05 +00:00
network.go
Fix race condition between swarm and libnetwork
2017-05-10 21:16:52 -07:00
oci_linux.go
Add config support to executor backend
2017-05-11 10:08:21 -07:00
oci_solaris.go
Add functional support for Docker sub commands on Solaris
2016-11-07 09:06:34 -08:00
oci_windows.go
Add Windows configs support
2017-05-16 14:25:32 -07:00
pause.go
prune.go
unexport error errPruneRunning
2017-05-16 23:37:30 +08:00
reload_test.go
Add daemon option to push foreign layers
2017-05-16 14:36:36 -07:00
reload.go
Add daemon option to push foreign layers
2017-05-16 14:36:36 -07:00
rename.go
Fix rename error when sid is empty
2017-01-11 21:35:59 +08:00
resize.go
restart.go
Allow providing a custom storage directory for docker checkpoints
2016-10-28 07:56:05 -04:00
search_test.go
Remove redundant format
2016-12-27 21:46:52 +08:00
search.go
Add engine-api types to docker
2016-09-07 11:05:58 -07:00
seccomp_disabled.go
Replace old oci specs import with runtime-specs
2016-08-17 09:38:34 -07:00
seccomp_linux.go
Update moby to runc and oci 1.0 runtime final rc
2017-05-05 13:45:45 -07:00
seccomp_unsupported.go
Fix seccomp output in docker info
2016-07-08 17:26:42 -07:00
secrets_linux.go
secrets: secret management for swarm
2016-11-09 14:27:43 -05:00
secrets_unsupported.go
Add Windows secrets support
2017-05-16 11:30:06 -07:00
secrets_windows.go
Add Windows secrets support
2017-05-16 11:30:06 -07:00
secrets.go
Add config support to executor backend
2017-05-11 10:08:21 -07:00
selinux_linux.go
Switch to using opencontainers/selinux for selinux bindings
2017-04-24 21:29:47 +02:00
selinux_unsupported.go
start_unix.go
daemon: honor default runtime when starting containers
2017-01-12 20:36:22 +01:00
start_windows.go
(*) Support --net:container:<containername/id> for windows
2017-02-28 20:03:43 -08:00
start.go
Fix some data races
2017-02-01 14:43:58 -05:00
stats_collector.go
Extract daemon statsCollector to its own package
2017-01-04 18:18:30 +01:00
stats_unix.go
Removed engine-api leftovers
2016-09-21 12:36:52 +02:00
stats_windows.go
Windows: stats support
2016-09-16 11:56:15 -07:00
stats.go
Send "Name" and "ID" when stating stopped containers
2017-02-09 09:46:59 +08:00
stop.go
Update ContainerWait API
2017-05-16 15:11:39 -07:00
top_unix_test.go
Fixing issue of docker top command failure when dealing with -m option
2017-03-10 02:50:21 +00:00
top_unix.go
Fixing issue of docker top command failure when dealing with -m option
2017-03-10 02:50:21 +00:00
top_windows.go
Convert ContainerTopOKResponse from swagger spec.
2017-01-03 11:47:47 -05:00
unpause.go
remove running judgement when unpause container
2016-08-29 10:16:18 +08:00
update_linux.go
Add --cpus support for docker update
2017-04-06 15:40:12 -07:00
update_solaris.go
Add engine-api types to docker
2016-09-07 11:05:58 -07:00
update_windows.go
Add engine-api types to docker
2016-09-07 11:05:58 -07:00
update.go
Remove ContainerUpdateCmdOnBuild, it does nothing.
2017-05-03 10:59:38 -04:00
volumes_unit_test.go
volumes_unix_test.go
Fix issue backporting mount spec to pre-1.13 obj
2017-05-11 12:31:53 -04:00
volumes_unix.go
close the file
2016-11-21 19:56:01 +08:00
volumes_windows.go
fix some typos from module contrib to man
2017-02-18 10:08:55 +08:00
volumes.go
Add continue on error in mountspec backport
2017-05-15 15:49:07 -04:00
wait.go
Update ContainerWait API
2017-05-16 15:11:39 -07:00
workdir.go
Ignore the daemon log config when building images.
2017-01-30 10:59:19 -05:00