This patch fixes the permission fixing code used by addContext, which
would not be responsible for Lchown-ing top-level directories added to a
destination that didn't exist prior to untar-ing the context.
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com> (github: cyphar)
Upstream-commit: 916cba9c587a3f3ce97b407993fecd96ac2fecaf
Component: engine
Fix a regression introduced in PR#9467 when a single file was added or
copied.
Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com>
Upstream-commit: cfc24769a26e825e4267cbfdd59af807e27508b9
Component: engine
Because engine implicitly adds his stder to job stderr
Signed-off-by: Alexandr Morozov <lk4d4@docker.com>
Upstream-commit: a62cbdeb47e5e504e670c546ad8bec45e696f370
Component: engine
Permissions after an ADD or COPY build instructions are now restricted
to the scope of files potentially modified by the operation rather than
the entire impacted tree.
Fixes#9401.
Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com>
Upstream-commit: f3cedce3608afe7bd570666a7fc878ab85c7bc03
Component: engine
Now that the archive package does not depend on any docker-specific
packages, only those in pkg and vendor, it can be safely moved into pkg.
Signed-off-by: Rafe Colton <rafael.colton@gmail.com>
Upstream-commit: 30d5a42c1f24e26f681b7330249f04fec891aee9
Component: engine
This is the first of two steps to break the archive package's dependence
on utils so that archive may be moved into pkg. Also, the `Go()`
function is small, concise, and not specific to the docker internals, so
it is a good candidate for pkg.
Signed-off-by: Rafe Colton <rafael.colton@gmail.com>
Upstream-commit: b845a62149d5f4990462ac6c9167c5cfaa0e66cb
Component: engine
Currently, the HostConfig is only passed from the CLI to Docker only
when issuing a docker create, but not when doing a docker run.
In the near future, in order to allocate ports at creation time rather
than start time, we will need to have the HostConfig readily available
at container creation.
This PR makes the client always pass the HostConfig when creating a
container (regardless of whether it's for a run or create).
Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
Upstream-commit: 1df87b95066198c30312147393c18e0be0564fd0
Component: engine
Add check for / first - per LK4D4's comment.
Add a comment to explain why we're adding a /
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: cd329d062bddaffcfea3ac0cd3245c0be5bf5542
Component: engine
Part one of solution for issue #6820
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 05b8a1eb363ce03a9dfa3315fbac59c42af2df54
Component: engine
If a tar were constructed with duplicate file names, then depending on
the order, it could result in same tarsum.
Signed-off-by: Vincent Batts <vbatts@redhat.com>
Upstream-commit: c5e6362c53cbbc09ddbabd5a7323e04438b57d31
Component: engine
don't export the exsisting TarSum struct and call the interface 'TarSum'
instead.
Signed-off-by: Vincent Batts <vbatts@redhat.com>
Upstream-commit: ec01eb653db9d5e5b9291c1670dde57e7f742874
Component: engine
This introduces Versions for TarSum checksums.
Fixes: https://github.com/docker/docker/issues/7526
It preserves current functionality and abstracts the interface for
future flexibility of hashing algorithms. As a POC, the VersionDev
Tarsum does not include the mtime in the checksum calculation, and would
solve https://github.com/docker/docker/issues/7387 though this is not a
settled Version is subject to change until a version number is assigned.
Signed-off-by: Vincent Batts <vbatts@redhat.com>
Upstream-commit: 747f89cd327db9d50251b17797c4d825162226d0
Component: engine
