toolshed/docker-cli
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
20,934 Commits 3 Branches 295 Tags
69fc58a8aa277d86d5369bad46cb81fe4ee3d978
Commit Graph

20934 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sebastiaan van Stijn
69fc58a8aa Merge pull request #18925 from thaJeztah/please-dont-plus-one 
Be more explicit about "+1" comments
Upstream-commit: 024eead82f4739d028052b8138c3505d9e157a34
Component: engine
 2015-12-30 11:41:32 +01:00
Brian Goff
ca900e1cb6 Merge pull request #18981 from calavera/stop_using_sockets_package 
Remove pkg sockets and tlsconfig.
Upstream-commit: 135180bc4c6328cace293eb45ff901228a85092f
Component: engine
 2015-12-29 22:22:11 -05:00
David Calavera
51b37769f0 Remove usage of pkg sockets and tlsconfig. 
- Use the ones provided by docker/go-connections, they are a drop in replacement.
- Remove pkg/sockets from docker.
- Keep pkg/tlsconfig because libnetwork still needs it and there is a
  circular dependency issue.

Signed-off-by: David Calavera <david.calavera@gmail.com>
Upstream-commit: 8e034802b7ad92a29f08785e553415adcd1348a3
Component: engine
 2015-12-29 19:27:12 -05:00
moxiegirl
069aa886a5 Merge pull request #18627 from londoncalling/cloud-installs 
[WIP] docs updates per issue 18282 cloud installs
Upstream-commit: de84dfba75a3055b8cad4eb8e6d9fd7bcecc30fc
Component: engine
 2015-12-29 14:54:18 -08:00
Sebastiaan van Stijn
0206b55252 Merge pull request #18978 from tswift242/fix-daemon-storage-doc-typo 
Fix typo in daemon storage-driver docs
Upstream-commit: 1614a8652034b4a52b8260187094a09296b7e879
Component: engine
 2015-12-29 23:33:05 +01:00
David Calavera
67d9ed19ac Merge pull request #18965 from duglin/FixError 
Fix error messages
Upstream-commit: acffc79fe43e7ffe7d97d427b6a339c6b1dc072a
Component: engine
 2015-12-29 14:12:22 -08:00
Thomas Swift
9d5c330d8f Fix typo in daemon storage-driver docs 
Signed-off-by: Thomas Swift <tgs242@gmail.com>
Upstream-commit: c44a8d8d8c9eccb79b16c874f083cd9597c3f6ca
Component: engine
 2015-12-29 17:06:02 -05:00
Jess Frazelle
80207e0951 Merge pull request #18974 from jfrazelle/remove-seccomp-from-seccomp-profile 
remove seccomp from seccomp profile
Upstream-commit: abc695d9d540610546e860ed5a9e432685b924b3
Component: engine
 2015-12-29 13:15:14 -08:00
Arnaud Porterie
0aca5d35b3 Merge pull request #18877 from dnephin/move_graph_driver_to_layer_store 
Move graph driver to layer store
Upstream-commit: 7b540ee65358bce76575aa1370019444a86c99c1
Component: engine
 2015-12-29 12:19:02 -08:00
Arnaud Porterie
1149d92821 Merge pull request #18969 from justincormack/vm86 
Block vm86 syscalls in default seccomp profile
Upstream-commit: a81e438544500a121298c82f340db490efda8a86
Component: engine
 2015-12-29 11:57:35 -08:00
Arnaud Porterie
44a3b715ef Merge pull request #18972 from justincormack/bpf 
Block bpf syscall from default seccomp profile
Upstream-commit: 2307f47fdd2b3079cb623a69b0fa0a0ef502c624
Component: engine
 2015-12-29 11:57:07 -08:00
Arnaud Porterie
ed8f5303d0 Merge pull request #18971 from justincormack/ptrace 
Block additional ptrace related syscalls in default seccomp profile
Upstream-commit: e01cab1cc5c7f92747a479b5480ca78f7fc37101
Component: engine
 2015-12-29 11:56:51 -08:00
Arnaud Porterie
33e38a216c Merge pull request #18933 from coolljt0725/always_build 
Add DOCKER_BUILD_ARGS env to pass build-arg for building deb and rpm
Upstream-commit: 3858027e27bb57457b641634afc8ffb1f3630884
Component: engine
 2015-12-29 11:53:06 -08:00
Jessica Frazelle
ba9125a4e7 remove seccomp from seccomp profile 
This can be allowed because it should only restrict more per the seccomp docs, and multiple apps use it today.

Signed-off-by: Jessica Frazelle <acidburn@docker.com>
Upstream-commit: b610fc226afdf663b0ad46ad982c27fdee61f671
Component: engine
 2015-12-29 11:21:33 -08:00
Jess Frazelle
b5ac13e205 Merge pull request #18949 from jfrazelle/fix-libseccomp-version 
fix libseccomp where version < 2.2.1
Upstream-commit: 194e69507be4144d8a9ac72da524dcf46c3bb0e8
Component: engine
 2015-12-29 10:58:10 -08:00
Arnaud Porterie
9e1ed3e829 Merge pull request #18947 from jfrazelle/fix-seccomp-unsupported 
fix default profile where unsupported
Upstream-commit: 94e076086820aa34e6fc4fadb18714cd8b9263df
Component: engine
 2015-12-29 10:21:07 -08:00
Arnaud Porterie
0adeca917f Merge pull request #18953 from justincormack/robust_list 
Allow use of robust list syscalls in default seccomp policy
Upstream-commit: afdc4747dc16d4302ffd4f5dcb0fc537108862b7
Component: engine
 2015-12-29 10:19:41 -08:00
Arnaud Porterie
f88929edd0 Merge pull request #18956 from justincormack/umount 
Block original umount syscall in default seccomp filter
Upstream-commit: a32b06b067f847ee2cefe104430499c425c8fc2c
Component: engine
 2015-12-29 10:19:04 -08:00
Justin Cormack
c726c9026e Block additional ptrace related syscalls in default seccomp profile 
Block kcmp, procees_vm_readv, process_vm_writev.
All these require CAP_PTRACE, and are only used for ptrace related
actions, so are not useful as we block ptrace.

Signed-off-by: Justin Cormack <justin.cormack@unikernel.com>
Upstream-commit: a0a8ca0ae0bc9dc7faa0b8bacf4ca376c7257348
Component: engine
 2015-12-29 18:17:28 +00:00
David Calavera
b2cbf3953e Merge pull request #18950 from zhanghuanzhong/docker-fix-pull-image-log-info 
Print the registry name while pulling an image
Upstream-commit: 3ec3597d58dd3c3d91465a03942e60c8e736a225
Component: engine
 2015-12-29 10:16:05 -08:00
Arnaud Porterie
42db75c945 Merge pull request #18959 from justincormack/finit_module 
Deny finit_module in default seccomp profile
Upstream-commit: ad8bce2ce4e27f7484fc65a3e6b9bf111793a263
Component: engine
 2015-12-29 10:12:50 -08:00
Arnaud Porterie
00259400b7 Merge pull request #18961 from justincormack/clock_adjtime 
Block clock_adjtime in default seccomp config
Upstream-commit: 8ac3d083a856729bc78adad3924e85d73d07173f
Component: engine
 2015-12-29 10:08:45 -08:00
Arnaud Porterie
d07f5e2095 Merge pull request #18968 from justincormack/stime 
Block stime in default seccomp profile
Upstream-commit: 294336a1af9d00c1a803c3318e092b1c1d0c5be9
Component: engine
 2015-12-29 10:07:40 -08:00
Justin Cormack
cb797e315a Block bpf syscall from default seccomp profile 
The bpf syscall can load code into the kernel which may
persist beyond container lifecycle. Requires CAP_SYS_ADMIN
already.

Signed-off-by: Justin Cormack <justin.cormack@unikernel.com>
Upstream-commit: 33568405f34f363de49b1146119cc53bcb9e5f16
Component: engine
 2015-12-29 17:28:30 +00:00
Tianon Gravi
bc8b9546fd Merge pull request #18728 from hypriot/update-dockerfile-for-arm 
update Dockerfile.arm to reflect latest changes in main Dockerfile
Upstream-commit: 31bd242cba2eea84b3690e7b0f00864dd780a1af
Component: engine
 2015-12-29 09:24:29 -08:00
Jessica Frazelle
31e6f85fbe add note to packagers.md about libseccomp version 
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
Upstream-commit: 35667c3826d111babdeb35c7ab54609813fdb464
Component: engine
 2015-12-29 08:47:20 -08:00
Justin Cormack
e76b5dd895 Block vm86 syscalls in default seccomp profile 
These provide an in kernel virtual machine for x86 real mode on x86
used by one very early DOS emulator. Not required for any normal use.

Signed-off-by: Justin Cormack <justin.cormack@unikernel.com>
Upstream-commit: 6c3ea7a511ca641cdf4fa4da1d775d5b6f4bef3e
Component: engine
 2015-12-29 15:47:23 +00:00
Justin Cormack
d33f2d3ddd Block stime in default seccomp profile 
The stime syscall is a legacy syscall on some architectures
to set the clock, should be blocked as time is not namespaced.

Signed-off-by: Justin Cormack <justin.cormack@unikernel.com>
Upstream-commit: 6300a08be905969b16197f6a82a3d0d99a3f99cd
Component: engine
 2015-12-29 15:28:05 +00:00
Doug Davis
7a41bd8435 Fix error messages 
`docker kill 123` will show something like:
`Error response from daemon: Cannot kill container 123: nosuchcontainer: No such container: 123`
Notice the `nosuchcontainer` text, that should not be there as that's an internal ID that means nothing to the end user.
This PR fixes this by using `util.GetErrorMessage()` to extract just the message.

While in that dir I found a couple of other spots that could use the same call, just to be safe.

Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: b3e1178ad0e2cee43e9958f0f3b6e720bddc4ea4
Component: engine
 2015-12-29 06:08:52 -08:00
Justin Cormack
55ebb7bfa4 Block clock_adjtime in default seccomp config 
clock_adjtime is the new posix style version of adjtime allowing
a specific clock to be specified. Time is not namespaced, so do
not allow.

Signed-off-by: Justin Cormack <justin.cormack@unikernel.com>
Upstream-commit: 0e5c43cddad304301ca8a82f652e15f75ee68cfe
Component: engine
 2015-12-29 12:48:16 +00:00
Justin Cormack
40aa142ae9 Deny finit_module in default seccomp profile 
This is a new version of init_module that takes a file descriptor
rather than a file name.

Signed-off-by: Justin Cormack <justin.cormack@unikernel.com>
Upstream-commit: 0d5306a0b69c912a981f3a4bd41b80beb1207851
Component: engine
 2015-12-29 12:31:33 +00:00
Justin Cormack
e02645b0cd Block original umount syscall in default seccomp filter 
The original umount syscall without flags argument needs to
be blocked too.

Signed-off-by: Justin Cormack <justin.cormack@unikernel.com>
Upstream-commit: 9be0d93cf74d1bb31c401f1154abc773af31cbd6
Component: engine
 2015-12-29 11:57:16 +00:00
Vincent Demeester
425c31f3c5 Merge pull request #18951 from jfrazelle/fix-code-comment 
fix code comment
Upstream-commit: eb551baf6f239eb2a5f6838dac37530c022289b1
Component: engine
 2015-12-29 12:00:37 +01:00
Justin Cormack
b5183e0bab Allow use of robust list syscalls 
The set_robust_list syscall sets the list of futexes which are
cleaned up on thread exit, and are needed to avoid mutexes
being held forever on thread exit.

See for example in Musl libc mutex handling:
http://git.musl-libc.org/cgit/musl/tree/src/thread/pthread_mutex_trylock.c#n22

Signed-off-by: Justin Cormack <justin.cormack@unikernel.com>
Upstream-commit: 7b133e7235593f8d46832045da339395e71e8148
Component: engine
 2015-12-29 10:22:05 +00:00
Lei Jitang
61fe2fe7ce Add DOCKER_BUILD_ARGS env to pass build-arg for building deb and rpm 
Signed-off-by: Lei Jitang <leijitang@huawei.com>
Upstream-commit: 82051ab996910993c655fe2551fc84df592c4b81
Component: engine
 2015-12-29 04:09:44 -05:00
Jessica Frazelle
bc484831ec fix code comment 
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
Upstream-commit: b4c14a0bb846343c6d6d5dde6d9259c2c62a0b1e
Component: engine
 2015-12-28 22:36:54 -08:00
Huanzhong Zhang
ecf5a1e06e print the registry name. 
Signed-off-by: Huanzhong Zhang <zhanghuanzhong90@gmail.com>
Upstream-commit: 85e355605ac8f58452a712b160fdec51ff944aa2
Component: engine
 2015-12-29 13:33:04 +08:00
Jessica Frazelle
baf6d036eb fix libseccomp where version < 2.2.1 
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
Upstream-commit: ae54e39c80b8cc071143bfcb99bf80e3b0a0ec93
Component: engine
 2015-12-28 21:30:49 -08:00
Jessica Frazelle
8002590c16 fix default profile where unsupported 
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
Upstream-commit: 94b45310f400310af908a71f63ffcdaa504266de
Component: engine
 2015-12-28 20:42:15 -08:00
David Calavera
f07bb00458 Merge pull request #18780 from jfrazelle/seccomp-default 
set default seccomp profile
Upstream-commit: 78ce43bad85fdf97d7c836315e46b531901c8ae7
Component: engine
 2015-12-28 16:46:30 -08:00
Sebastiaan van Stijn
a60a5fd425 Merge pull request #18945 from jbruni/patch-2 
Fixed /etc/defaults/docker to /etc/default/docker
Upstream-commit: a3ca176e3c23907225f2e34a3b4a565b6f7bf31a
Component: engine
 2015-12-29 00:05:45 +01:00
J Bruni
3f6acddbd7 Fixed /etc/defaults/docker to /etc/default/docker 
/etc/default/docker is the correct file location in my system, and also according Docker's own documentation at https://github.com/docker/docker/blob/master/docs/articles/configuring.md#configuring-docker

Signed-off-by: J Bruni <contato@jbruni.com.br>
Upstream-commit: 153948ac46851397c9c4fd8117647c608f4d216a
Component: engine
 2015-12-28 20:57:36 -02:00
Vincent Demeester
5ec30c4d85 Merge pull request #18835 from dnephin/move_validate_context_dir 
Move utils.ValidateContextDirectory to the one package that uses it
Upstream-commit: 6cd167386b0133600ea5bbcd0f93d464e6f89e0c
Component: engine
 2015-12-28 22:06:13 +01:00
Sebastiaan van Stijn
383605ec04 Merge pull request #18899 from cpswan/18898-fix-storage-driver-example 
Fix --storage-driver example
Upstream-commit: 8c6ad0991e313805ea2c67275086f2c9130cceda
Component: engine
 2015-12-28 21:58:43 +01:00
Jess Frazelle
e2082c5e38 Merge pull request #18937 from cbalducci/patch-1 
[mkimage-alpine.sh] Additional repo and container cleanup
Upstream-commit: 8b68853ef5015f5dea9fb5a06e6715d0876a1eef
Component: engine
 2015-12-28 12:51:31 -08:00
David Calavera
4bf36f597c Merge pull request #18905 from coolljt0725/fix_disconnect_not_save 
Fix network disconnect does not save the config to disk
Upstream-commit: 1d4306d2fa73506ed101cd085fea3174a3edda8b
Component: engine
 2015-12-28 12:38:16 -08:00
David Calavera
9a3edea8a4 Merge pull request #18942 from thaJeztah/move-vish-to-alumni 
Move Vishnu to alumni
Upstream-commit: b6a251a551395dc727d458062fe49b9dc110529f
Component: engine
 2015-12-28 12:31:18 -08:00
Arnaud Porterie
3849375325 Merge pull request #18715 from calavera/remove_is_paused_from_interface 
Remove `IsPaused` from backend interface.
Upstream-commit: baee7ae045019d33e6833043bbf86bd76e1b9d41
Component: engine
 2015-12-28 11:25:11 -08:00
Jess Frazelle
3b4ed44ee4 Merge pull request #18897 from runcom/fix-net-none-build 
integration-cli: fix --net=none build
Upstream-commit: 38440cadf3e27b32b3ee7b9011b1a0a87cbcca69
Component: engine
 2015-12-28 10:51:18 -08:00
Jessica Frazelle
354272cd56 bump docker-py 
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
Upstream-commit: d34bbb66d5d5f2f07b8f0c1b63df5f058f20b436
Component: engine
 2015-12-28 10:26:52 -08:00