Plugin config can have Mounts without a 'Source' field. In such cases,
performing a 'plugin set' on the mount source will panic the daemon. Its
the same case for device paths as well. This detects the case and
returns error.
Signed-off-by: Anusha Ragunathan <anusha.ragunathan@docker.com>
Upstream-commit: 6572e27df7f3483cfed7a8294c1f6d9cf157809a
Component: engine
ClusterHQ shutted down at the end of 2016. It seems that ScatterHQ is a group of ClusterHQ former employees that have forked Flocker. It seems that no code has been commited in the last months but if somebody comes to this Docker page it should be referenced to ScatterHQ.
Signed-off-by: Miguel Angel Alvarez Cabrerizo <doncicuto@gmail.com>
Upstream-commit: 3e6e54a90f
Component: cli
The commit '0a13f827a10d3bf61744d9b3f7165c5885a39c5d' introduces an
import test for CVE-2017-14992, it uses a 8GB image to make sure we
don't revert CVE-2017-14992, but unfortunately this test can't finish
in 5-min on AArch64, as a fact, in most cases we have to crate a very
big image to make the test effective on AArch64, but this will result
in a test panic, so now we skip it order to avoid termination of others
tests followed.
Signed-off-by: Dennis Chen <dennis.chen@arm.com>
Upstream-commit: 6395b8b3dcc43be6750e0d90d9bab0a83e4eb20b
Component: engine
Adds a main_test for the image integration test, so we can download
frozen images, and clean up after the image test is ran
Signed-off-by: Christopher Jones <tophj@linux.vnet.ibm.com>
Upstream-commit: be83f42612e3be42fcd60726d48d7346befc9449
Component: engine
When starting the daemon, the `/var/lib/docker` directory
is scanned for existing directories, so that the previously
selected graphdriver will automatically be used.
In some situations, empty directories are present (those
directories can be created during feature detection of
graph-drivers), in which case the daemon refuses to start.
This patch improves detection, and skips empty directories,
so that leftover directories don't cause the daemon to
fail.
Before this change:
$ mkdir /var/lib/docker /var/lib/docker/aufs /var/lib/docker/overlay2
$ dockerd
...
Error starting daemon: error initializing graphdriver: /var/lib/docker contains several valid graphdrivers: overlay2, aufs; Please cleanup or explicitly choose storage driver (-s <DRIVER>)
With this patch applied:
$ mkdir /var/lib/docker /var/lib/docker/aufs /var/lib/docker/overlay2
$ dockerd
...
INFO[2017-11-16T17:26:43.207739140Z] Docker daemon commit=ab90bc296 graphdriver(s)=overlay2 version=dev
INFO[2017-11-16T17:26:43.208033095Z] Daemon has completed initialization
And on restart (prior graphdriver is still picked up):
$ dockerd
...
INFO[2017-11-16T17:27:52.260361465Z] [graphdriver] using prior storage driver: overlay2
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 1262c57714e694193be6bbcbed83e859dc246c2f
Component: engine
This is a fix to the following issue:
$ docker run --tmpfs /dev/shm busybox sh
docker: Error response from daemon: linux mounts: Duplicate mount point '/dev/shm'.
In current code (daemon.createSpec()), tmpfs mount from --tmpfs is added
to list of mounts (`ms`), when the mount from IpcMounts() is added.
While IpcMounts() is checking for existing mounts first, it does that
by using container.HasMountFor() function which only checks container.Mounts
but not container.Tmpfs.
Ultimately, the solution is to get rid of container.Tmpfs (moving its
data to container.Mounts). Current workaround is to add checking
of container.Tmpfs into container.HasMountFor().
A unit test case is included.
Unfortunately we can't call daemon.createSpec() from a unit test,
as the code relies a lot on various daemon structures to be initialized
properly, and it is hard to achieve. Therefore, we minimally mimick
the code flow of daemon.createSpec() -- barely enough to reproduce
the issue.
https://github.com/moby/moby/issues/35455
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Upstream-commit: 1861abdc4a31efad202a5c3d89a895bb7a62799a
Component: engine
The code in question looks up mounts two times: first by using
HasMountFor(), and then directly by looking in container.MountPoints.
There is no need to do it twice.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Upstream-commit: eab3ac3e70a510b97f9399efd13e3dc01a07c413
Component: engine
Commit dbf580be57a4bb854d7ce20d313e3a22ea337be5 removed
this helper script because it's no longer used in CI.
However, the "make test" target in the Makefile still
called this helper, resulting it to fail.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: a17071e88f15625a6be19f80c697ab1c3471381b
Component: engine
