Xianglin Gao
06cc0ba6ba
Add docs about apparmor profile setting
...
Signed-off-by: Xianglin Gao <xlgao@zju.edu.cn>
2016-12-01 13:26:59 +08:00
Xianglin Gao
26645c90ac
Make the profile configurable
...
Signed-off-by: Xianglin Gao <xlgao@zju.edu.cn>
2016-12-01 13:26:59 +08:00
Antonio Murdaca
78ee03a8fc
add seccomp support
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-11-28 22:05:34 +01:00
Mrunal Patel
e4b76edd96
Add timestamps to logs
...
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
2016-10-26 12:45:29 -07:00
Mrunal Patel
da4cc11077
Merge pull request #135 from runcom/sdnotify
...
Sdnotify
2016-10-13 11:00:22 -07:00
Antonio Murdaca
cf677a20f6
cmd/server: sort flags
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-10-13 16:57:48 +02:00
Dan Walsh
09bed25074
Add support for sd_notify
...
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
2016-10-13 09:45:31 -04:00
Dan Walsh
f6d9d626a9
Cleanup help and add options to man page
...
Missing options from man page, and sort options alphabetically, as best
we can.
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
2016-10-13 09:26:28 -04:00
Aleksa Sarai
9fb23bf0dc
ocid: add config subcommand
...
This subcommand is so that users can get a nice commented version of the
ocid configuration file. This comes from the "current" version of the
configuration (allowing somone to get their custom configuration as a
file). It also has a --default option.
In addition, update the tests to use `ocid config` so that we test this
setup (the loading and saving of the options).
Signed-off-by: Aleksa Sarai <asarai@suse.de>
2016-10-11 21:21:58 +11:00
Aleksa Sarai
cd9e7de108
ocid: add TOML configuration file
...
The --config is merged with the default, and then is overridden by any
command-line options. Everything is organised to be in sub-tables so
that the sections are more clear.
Signed-off-by: Aleksa Sarai <asarai@suse.de>
2016-10-11 03:10:32 +11:00
Aleksa Sarai
7bf5110b76
server: refactor to use Config struct
...
This paves the way for having a configuration file that is loaded rather
than everything being set via the command-line.
Signed-off-by: Aleksa Sarai <asarai@suse.de>
2016-10-11 03:10:32 +11:00
Aleksa Sarai
3f48986ea0
cmd: switch to --connect and --listen flags
...
Signed-off-by: Aleksa Sarai <asarai@suse.de>
2016-10-11 03:09:59 +11:00
Mrunal Patel
027aaf15b7
Merge pull request #100 from rhatdan/selinux
...
Selinux
2016-10-06 12:28:12 -07:00
Dan Walsh
be77b841fa
Add SELinux support to OCID
...
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
2016-10-06 14:13:06 -04:00
Mike Brown
609d7630ca
small amount of error checking and help for path to the runtime
...
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
2016-10-06 11:14:54 -05:00
Aleksa Sarai
bd9acaf584
conmon: minor fixes
...
This fixes a bug where --conmon wouldn't actually set the conmon binary
path, and also where we weren't setting CFLAGS while compiling conmon.
Signed-off-by: Aleksa Sarai <asarai@suse.de>
2016-10-02 20:11:16 +11:00
Aleksa Sarai
bac579a9e5
server: create pause rootfs manually without Docker
...
This lessens the Docker requirement for creating sandboxes (with the
requirement only existing for the actual image pulling that is done when
adding a container to a pod). The interface was chosen to match the
--conmon interface, so that the location of the pause binary can be
chosen by a user.
Signed-off-by: Aleksa Sarai <asarai@suse.de>
2016-10-02 20:11:07 +11:00
Dan Walsh
f51c98b057
Install conmon in /usr/libexec/ocid/conmon
...
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
2016-09-29 08:55:12 -04:00
Mrunal Patel
4606f2a61a
Fix the build for ocid to cri-o rename
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-26 16:55:12 -07:00
Antonio Murdaca
857aaa7816
cmd/server: provide a flag to set ocid root dir
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-24 00:38:06 +02:00
Antonio Murdaca
45a7cb3fdf
cmd/server: fix cmd name and usage
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-23 09:33:49 +02:00
Antonio Murdaca
569183030f
fix vendored deps
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-22 18:17:45 +02:00
Antonio Murdaca
910f343f79
cmd/server: add socket flag
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-20 19:17:18 +02:00
Antonio Murdaca
22d434c1e6
restructure and make lint
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-19 19:56:13 +02:00
Antonio Murdaca
d626a32c56
server: add debug to ocid
...
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-17 17:30:00 +02:00
Mrunal Patel
bbe5325afc
Fix the build to account for the change in repository
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:48:39 -07:00
Mrunal Patel
764f02ca11
Add container dir to oci
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
ac1340488d
Refactor to add oci and util packages
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
Change the sandbox directory path
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Haiyan Meng
819d76b6fd
Add first version of createPodSandbox
...
Signed-off-by: Haiyan Meng <hmeng@redhat.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
0766dfecfe
Use unix domain socket by default
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00
Antonio Murdaca
06e013cd3d
*: abstractions and ImageService
...
plus some fix here and there
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-09-09 14:41:03 -07:00
Mrunal Patel
e93156e71e
Add stubs for server implementation
...
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-09-09 14:41:03 -07:00