don't export the exsisting TarSum struct and call the interface 'TarSum'
instead.
Signed-off-by: Vincent Batts <vbatts@redhat.com>
Upstream-commit: ec01eb653db9d5e5b9291c1670dde57e7f742874
Component: engine
This introduces Versions for TarSum checksums.
Fixes: https://github.com/docker/docker/issues/7526
It preserves current functionality and abstracts the interface for
future flexibility of hashing algorithms. As a POC, the VersionDev
Tarsum does not include the mtime in the checksum calculation, and would
solve https://github.com/docker/docker/issues/7387 though this is not a
settled Version is subject to change until a version number is assigned.
Signed-off-by: Vincent Batts <vbatts@redhat.com>
Upstream-commit: 747f89cd327db9d50251b17797c4d825162226d0
Component: engine
This method indicates that container using private network stack
Signed-off-by: Alexandr Morozov <lk4d4math@gmail.com>
Upstream-commit: 080ca8619172b020c7da29b46f2fe4c939bb47ca
Component: engine
commit 4aa5da278f49c889d43191f82ff42d3a95266d62 moves `Console` from Command to
ProcessConfig, but missed the change in lxc_template. Therefore creating a
container with tty using lxc driver with fail with error
template: lxc:60:20: executing "lxc" at <.Console>: Console is not a field of
struct type struct { *execdriver.Command; AppArmor bool; ProcessLabel string; MountLabel string }
This changes lxc_console template to refers to `.ProcessConfig.Console`
Docker-DCO-1.1-Signed-off-by: Daniel, Dao Quang Minh <dqminh89@gmail.com> (github: dqminh)
Upstream-commit: 4b3b54ca388cd49cd790def66fbce9af2be2f20f
Component: engine
Since these will be shared between containers we want to label
them as svirt_sandbox_file_t:s0. That will allow multiple containers
to write to them.
Currently we are allowing container domains to read/write all content in
/var/lib/docker because of container volumes. This is a big security hole
in our SELinux story.
This patch will allow us to tighten up the security of docker containers.
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
Upstream-commit: 73617e5e18159e5f791d2860c7857cd5dea31be4
Component: engine
Sven Dowideit Update export, copy and build API to say 'TAR STREAM' for all versions.
Upstream-commit: 10e4ca760ca1d1145169dbff94e0c8414928b79c
Component: engine
It is a tar stream, you should mention that somehow.
Here is the proof:
```
host:~$ docker run -t -i ubuntu:14.04 bash
root@c39be4c7b7c8:/# echo "my file contents" > abc
root@c39be4c7b7c8:/# cat abc
my file contents
root@c39be4c7b7c8:/# exit
host:~$ curl -H "Content-Type: application/json" -d '{"Resource":"/abc"}' http://localhost:4500/containers/c39be4c7b7c8/copy
abc0100644000000000000000000000002112402102531007674 0ustar0000000000000000my file contents
host:~$ curl -H "Content-Type: application/json" -d '{"Resource":"/abc"}' http://localhost:4500/containers/c39be4c7b7c8/copy > response_content
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 2067 100 2048 100 19 56968 528 --:--:-- --:--:-- --:--:-- 58514
host:~$ tar xvf response_content
abc
host:~$ cat abc
my file contents
```
Docker-DCO-1.1-Signed-off-by: Mustafa Akın <mustafa91@gmail.com> (github: SvenDowideit)
Upstream-commit: b9e889c30988f3babbc059a883d7f3096611ad60
Component: engine
This commit makes tarsum buffer allocation dynamic. This change
is required to avoid allocating memory excessively after the archive
buffering changes.
Docker-DCO-1.1-Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> (github: unclejack)
Upstream-commit: 7ef34407509fa76e3ead12a20c8b731f434e1971
Component: engine
Per registry.doRequest, res and client might be nil in case of error
For example, dns resolution errors, /etc/docker/certs.d perms, failed
loading of x509 cert ...
This will make res.StatusCode and res.Body SEGFAULT.
Signed-off-by: Arthur Gautier <baloo@gandi.net>
Upstream-commit: 3e6c69e5a1dbb428c4a62656f96cfe77c19986f9
Component: engine
