Dump stack dumps to exec root instead of daemon root.
When no path is provided to the stack dumper, such is the case with
SIGQUIT, dump to stderr.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: 0bd720b28dc7b416fe2193bdafaca011ec24d032
Component: engine
change reading order from beginning at the end to beginning at a buffer start
added intergration tests for boundary cases
Removed whitespace
Signed-off-by: Shayne Wang <shaynexwang@gmail.com>
Upstream-commit: 63904eb6745d553573ffe8b7cef43dfc0b8a07cf
Component: engine
This seems clearer to me and avoids a miniscule amount of string formatting.
I have deliberately not changed the tests here to avoid the possibility of
changing both wrongly.
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
Upstream-commit: 3c233b13a01b9f44e31a158768a06b97a775f095
Component: engine
Although our use of ANSI codes here is rather simple it is generally good
practice to use terminfo in order to be portable to different terminal
emulators.
Vendor github.com/Nvveen/Gotty (actually my fork with a fix, see
https://github.com/Nvveen/Gotty/pull/1) and use that to parse the terminfo
files.
Note that "\e]2K" (clear entire line) is not covered by terminfo. We can
achieve the same end by first clearing from begining of line to cursor
(el1="\e]1K") and then clearing from cursor to end of line (el="\e]k").
Test suite has been updated and forces (either directly or by setting $TERM to
something highly unlikely to exist) the use of the non-terminfo fallbacks which
retains the same output behaviour as previously. This is preferable even to
relying on a well-known and relatively static terminfo (like vt102) since even
that in principal might have different terminfo encodings.
In case terminfo is not available at all for $TERM or doesn't expose the
specific capabilities which we use then fall back to the previous manual
escapes, with the exception that we avoid "\e]2K" as discussed above.
Tested with a manual docker pull with rxvt-unicode ($TERM=rxvt-unicode), xterm
($TERM=xterm), mlterm ($TERM=mlterm) and aterm ($TERM=kterm).
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
Upstream-commit: f02221a7941948017df68db8fd9a5de7f19453bf
Component: engine
When logging the failure of a case which involves control characters add line
feeds and spacing such that the expected and actual strings are aligned in the
same columns making comparisons easier.
Turns:
jsonmessage_test.go:156: Expected "\x1b[2K\rstatus 1 B\r", got "\x1b[1K\x1b[K\rstatus 1 B\r"
Into:
jsonmessage_test.go:156:
Expected "\x1b[2K\rstatus 1 B\r"
got "\x1b[1K\x1b[K\rstatus 1 B\r"
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
Upstream-commit: 2e3baa98eb0f40898005db1b40303848bf5c7de2
Component: engine
The majority already did so, but a few used %v.
Compared with %v using %q escapes any control characters ensuring they are
visible in the logs (otherwise they can cause scrolling and overwriting etc).
The %q formatter also includes the surrounding "s making the manual use of []
to wrap/delimit the %v output unnecessary.
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
Upstream-commit: 6582cfb1d4fec92b17e10291d30c2e6312ceb5f5
Component: engine
The ANSI escape codes \e[0A (cursor up 0 lines) and \e[0B (cursor down 0 lines)
are not well defined and are treated differently by different terminals. In
particular xterm treats 0 as a missing parameter and therefore defaults to 1,
whereas rxvt-unicode treats these escapes as a request to move 0 lines.
However the use of these codes is unnecessary and were really just hiding the
fact that we were not correctly computing diff when adding a new line. Having
added the new line to the ids map and output the corresponding \n we need to
then calculate a correct diff of 1 rather than leaving it as the default 0
(which xterm then interprets as 1). The fix is to pull the diff calculation out
of the else case and to always do it.
With this in place we can then avoid outputting escapes for moving 0 lines.
Actually diff should never be 0 to start with any more, but check to be safe.
This fixes corruption of `docker pull` seen with rxvt-unicode (and likely other
terminals in that family) seen in #28111. Tested with rxvt-unicode
($TERM=rxvt-unicode), xterm ($TERM=xterm), mlterm ($TERM=mlterm) and aterm
($TERM=kterm).
The test cases have been updated to match the new behaviour.
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
Upstream-commit: b08b437acc3bf52bd2c3435e632ed09f3312e489
Component: engine
This remove a dependency on `go-check` (and more) when using
`pkg/idtools`. `pkg/integration` should never be called from any other
package then `integration`.
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Upstream-commit: acf7ce1aa0bcaaf0b541b695ce5fbd22676e9239
Component: engine
In some cases, attempting to `docker cp` to a container's volume dir
would fail due to the volume mounts not existing after performing a
bind-mount on the container path prior to doing a pivot_root.
This does not seem to be effecting all systems, but was found to be a
problem on centos.
The solution is to use an `rbind` rather than `bind` so that any
existing mounts are carried over.
The `MakePrivate` on `path` is no longer neccessary since we are already
doing `MakeRPrivate` on `/`.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: e6eef7eb4911252c38c829775aa0d510a432476a
Component: engine
Dumping to log is unusable in 90% of cases and inspecting file is much
more convenient.
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
Upstream-commit: e5d36586acdd020a0a6d5840ea1fd060b6e3504b
Component: engine
This fix tries to fix logrus formatting by removing `f` from
`logrus.[Error|Warn|Debug|Fatal|Panic|Info]f` when formatting string
is not present.
Fixed issue #23459
Signed-off-by: Daehyeok Mun <daehyeok@gmail.com>
Upstream-commit: fa710e504b0e3e51d4031790c18621b02dcd2600
Component: engine
When processing the --userns-remap flag, add the
capability to call out to `getent` if the user and
group information is not found via local file
parsing code already in libcontainer/user.
Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
Upstream-commit: 6cb8392be9cdc5bf44436a092dd88b39968ffc7d
Component: engine
When converting an opaque directory always keep the original
directory tar entry to ensure directory is created with correct
permissions on restore.
Closes#27298
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Upstream-commit: daa70195171d798cdfb6c4033b33a06a8f7ebe6c
Component: engine
When daemon fails to load an authz plugin, it should be removed from
the plugin list. Else the plugin is retried on every request and
response, resulting in undesired behavior (eg. daemon panic)
Signed-off-by: Anusha Ragunathan <anusha@docker.com>
Upstream-commit: fae904af02a184833d2cd5ce9fdd61a4083707c7
Component: engine
containers may specify these cgroup values at runtime. This will allow
processes to change their priority to real-time within the container
when CONFIG_RT_GROUP_SCHED is enabled in the kernel. See #22380.
Also added sanity checks for the new --cpu-rt-runtime and --cpu-rt-period
flags to ensure that that the kernel supports these features and that
runtime is not greater than period.
Daemon will support a --cpu-rt-runtime flag to initialize the parent
cgroup on startup, this prevents the administrator from alotting runtime
to docker after each restart.
There are additional checks that could be added but maybe too far? Check
parent cgroups to ensure values are <= parent, inspecting rtprio ulimit
and issuing a warning.
Signed-off-by: Erik St. Martin <alakriti@gmail.com>
Upstream-commit: 56f77d5ade945b3b8816a6c8acb328b7c6dce9a7
Component: engine
The `archive` package defines aliases for `io.ReadCloser` and
`io.Reader`. These don't seem to provide an benefit other than type
decoration. Per this change, several unnecessary type cases were
removed.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
Upstream-commit: aa2cc18745cbe0231c33782f0fa764f657e3fb88
Component: engine
