updating with changes to this instant
Signed-off-by: Mary Anthony <mary@docker.com>
Upstream-commit: 30901609a825189e970ed8077b243af293a2b1de
Component: engine
This ensures that AppArmor, not other mechanisms used
by Docker or the kernel is restricting the mount.
Signed-off-by: Eric Windisch <eric@windisch.us>
Upstream-commit: e58161fedcb8718c3880eb1778e29468e4cb72bd
Component: engine
This will now properly check whether /etc/init.d/docker or service docker is
invoking the script and respond to the user accordingly.
Signed-off-by: Steven Richards <steven@axiomzen.co>
Upstream-commit: e5ff643aed78fb5dfb5e3fef518dfe56b82b3023
Component: engine
daemon.Diff already implements mounting for naivegraphdriver and
aufs which does diffing on its owns does not need the container to be mounted.
So new filesystem driver should mount filesystems on their own if it is needed
to implement Diff(). This issue was reported by @kvasdopil while working on a
freebsd port, because freebsd does not allow mount an already mounted
filesystem. Also it saves some cycles for other operating systems as well.
Signed-off-by: Jörg Thalheim <joerg@higgsboson.tk>
Upstream-commit: 6473b0f127c63e8a45b2b456d69e3de03273705c
Component: engine
I ran into a situation where I was trying:
`docker rmi busybox`
and it kept failing saying:
`could not find image: Prefix can't be empty`
While I have no idea how I got into this situation, it turns out this is
error message is from `daemon.canDeleteImage()`. In that func we loop over
all containers checking to see if they're using the image we're trying to
delete. In my case though, I had a container with no ImageID. So the code
would die tryig to find that image (hence the "Prefix can't be empty" err).
This would stop all processing despite the fact that the container we're
checking had nothing to do with 'busybox'.
My change logs the bad situation in the logs and then skips that container.
There's no reason to fail all `docker rmi ...` calls just because of one
bad container.
Will continue to try to figure out how I got a container w/o an ImageID
but as of now I have no idea, I didn't do anything but normal docker cli
commands.
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 71a499022904e1da074ded3e1ed874c1b75ccf23
Component: engine
- Match verbiage with other output
- Remove dead code and clearer flow
Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
Upstream-commit: e817e08481b91638037e55b8d4855f56814c81f5
Component: engine
- 79 char line length (non-command).
- Consistent single space between sentences.
- Replace start of line tabs with spaces.
- Remove trailing white space.
- Consistent "**Note:**" style.
https://docs.docker.com/project/doc-style/#notes
- Replace the ``` sections with indented code.
Signed-off-by: Lloyd Dewolf <foolswisdom@gmail.com>
Upstream-commit: b4a52fc4e9b8ed745eb012ba45628cdb3654ed70
Component: engine
Fixes a regression from the volumes refactor where the vfs graphdriver
was setting labels for volumes to `s0` so that they can both be written
to by the container and shared with other containers.
When moving away from vfs this was never re-introduced.
Since this needs to happen regardless of volume driver, this is
implemented outside of the driver.
Fixes issue where `z` and `Z` labels are not set for bind-mounts.
Don't lock while creating volumes
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: b2a43baf2e2cc68c83383a7524441f81bc4c4725
Component: engine
This patch is extending the qualifiers on the -v command to allow
an admin to tell the system to relabel, content. There might be a
need for something similar for changing the DAC Permissions.
Signed-off-by: Jessica Frazelle <princess@docker.com>
Upstream-commit: 160dc79db095767de74deb75b8e1ae86f213593c
Component: engine
