Michael Crosby
935520b224
Always symlink /dev/ptmx for libcontainer
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-03-13 14:31:09 -07:00
Guillaume J. Charmes
87b153606a
Use BSD raw mode on darwin. Fixes nano, tmux and others
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume@charmes.net> (github: creack)
2014-03-13 11:11:02 -07:00
Victor Vieux
f7fe084946
improve deprecation message
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <victor.vieux@docker.com> (github: vieux)
2014-03-12 00:51:46 +00:00
Guillaume J. Charmes
02be9306bc
Update email + add self to pkg/signal
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume@charmes.net> (github: creack)
2014-03-10 20:26:45 -07:00
Kato Kazuyoshi
3f25da9dd5
Like signal_linux.go, we don't have import os and os/signal
...
Docker-DCO-1.1-Signed-off-by: Kato Kazuyoshi <kato.kazuyoshi@gmail.com> (github: kzys)
2014-03-11 23:14:58 +09:00
Michael Crosby
4631153f90
Merge pull request #4563 from creack/signal-improvment
...
Signal improvments
2014-03-10 17:59:17 -07:00
Michael Crosby
4125e1ccc3
Merge pull request #4515 from vieux/improve_sort_flags
...
improve alpha sort in mflag
2014-03-10 17:45:41 -07:00
Guillaume J. Charmes
2433bf6372
Make docker use the signal pkg with strings
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume@charmes.net> (github: creack)
2014-03-10 17:36:47 -07:00
Guillaume J. Charmes
16d0b6b959
Create portable signalMap
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume@charmes.net> (github: creack)
2014-03-10 17:36:41 -07:00
Guillaume J. Charmes
db6b150d99
Move signal to pkg
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume@charmes.net> (github: creack)
2014-03-10 17:36:32 -07:00
srid
115f88b346
nsinit: prefix errors with their source
...
Docker-DCO-1.1-Signed-off-by: Sridhar Ratnakumar <github@srid.name> (github: srid)
2014-03-10 17:08:50 -07:00
unclejack
374c3a3d3f
Merge pull request #3985 from creack/add_freebsd_support
...
Add freebsd client support
2014-03-11 00:58:30 +02:00
Guillaume J. Charmes
10ae745ed8
Update bsd specs
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
2014-03-10 15:19:08 -07:00
Victor Vieux
d9eb03d2ef
move opts out of pkg because it's related to docker
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <victor.vieux@docker.com> (github: vieux)
2014-03-10 21:10:23 +00:00
Victor Vieux
ff054ba1e2
remove utils.go
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <victor.vieux@docker.com> (github: vieux)
2014-03-10 21:06:27 +00:00
Guillaume J. Charmes
fcd7612643
Merge branch 'master' into add_freebsd_support
...
Conflicts:
archive/archive.go
archive/start_unsupported.go
2014-03-10 13:20:49 -07:00
Victor Vieux
572ce1c6a9
handle capital
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <victor.vieux@docker.com> (github: vieux)
2014-03-07 23:40:45 +00:00
Michael Crosby
da605a43d6
Add env var to toggle pivot root or ms_move
...
Use the DOCKER_RAMDISK env var to tell the native driver not to use
a pivot root when setting up the rootfs of a container.
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-03-06 19:30:52 -08:00
Victor Vieux
6c4652a766
improve alpha sort in mflag
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <victor.vieux@docker.com> (github: vieux)
2014-03-07 02:20:59 +00:00
Michael Crosby
ca93316795
Revert "Revert "libcontainer: Use pivot_root instead of chroot""
...
This reverts commit 82f797f14096430c3edbace1cd30e04a483ec41f.
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-03-06 17:19:59 -08:00
Michael Crosby
57e7760c26
Revert "Revert "libcontainer: Use MS_PRIVATE instead of MS_SLAVE""
...
This reverts commit bd263f5b15b51747e3429179fef7fcb425ccbe4a.
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-03-06 17:19:47 -08:00
unclejack
0718fb409c
Merge pull request #4512 from crosbymichael/no-pivot-root
...
No pivot root because of ramdisk
2014-03-07 02:54:03 +02:00
Michael Crosby
31c7d13466
Revert "libcontainer: Use MS_PRIVATE instead of MS_SLAVE"
...
This reverts commit 757b5775725fb90262cee1fa6068fa9dcbbff59f.
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-03-06 16:41:03 -08:00
Michael Crosby
abd1f8da60
Revert "libcontainer: Use pivot_root instead of chroot"
...
This reverts commit 5b5c884cc8266d0c2a56da0bc2df14cc9d5d85e8.
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-03-06 16:32:06 -08:00
Michael Crosby
fd8470acba
Ensure that native containers die with the parent
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-03-06 16:30:56 -08:00
Michael Crosby
c0d5c529bb
Remove the ghosts and kill everything
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-03-06 15:30:26 -08:00
Guillaume J. Charmes
f9bd82dd75
Merge pull request #4506 from creack/fix_apparmor
...
Use CGO for apparmor profile switch
2014-03-06 13:37:34 -08:00
Tianon Gravi
5c13d61425
Update build tags such that we can properly compile on all platforms (especially for packagers), and updated hack/PACKAGERS.md to mention the DOCKER_BUILDTAGS variable that will need to be set for binaries that might be used on AppArmor (such as Debian and especially Ubuntu)
...
Docker-DCO-1.1-Signed-off-by: Andrew Page <admwiggin@gmail.com> (github: tianon)
2014-03-06 13:39:17 -07:00
Guillaume J. Charmes
729080d46a
Add buildflags to allow crosscompilation for apparmor
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
2014-03-06 12:05:03 -08:00
Guillaume J. Charmes
6fcfe645f8
Merge pull request #4503 from unclejack/attempt_to_fix_apparmor_profile
...
remove dbus from apparmor profile for Ubuntu 12.04
2014-03-06 11:20:06 -08:00
Guillaume J. Charmes
0ecd2aa284
Use CGO for apparmor profile switch
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
2014-03-06 11:10:58 -08:00
unclejack
b359efd9ec
remove dbus from apparmor profile
...
This removes the dbus entry from the apparmor profile Docker creates.
Docker-DCO-1.1-Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> (github: unclejack)
2014-03-06 19:47:03 +02:00
Alexander Larsson
0caa2d3992
libcontainer: Don't use UsetCloseOnExec, it is racy
...
We can't keep file descriptors without close-on-exec except with
syscall.ForkLock held, as otherwise they could leak by accident into
other children from forks in other threads.
Instead we just use Cmd.ExtraFiles which handles all this for us.
This fixes https://github.com/dotcloud/docker/issues/4493
Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
2014-03-06 14:10:32 +01:00
Guillaume J. Charmes
d3bbd78cc5
Generate and load custom docker profile for apparmor
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
2014-03-05 15:02:11 -08:00
Michael Crosby
0eb4ea2f79
Some cleanup around logs
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-03-05 13:50:49 -08:00
Guillaume J. Charmes
73233223de
Add AppArmor support to native driver + change pipe/dup logic
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
2014-03-05 13:08:24 -08:00
Victor Vieux
7339ca8699
fix panic with only long flags or only one deprecatd
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <victor.vieux@docker.com> (github: vieux)
2014-03-05 19:45:57 +00:00
Victor Vieux
a5ba28e1f7
fix usage for completly deprecated flag
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <victor.vieux@docker.com> (github: vieux)
2014-03-05 19:27:39 +00:00
Michael Crosby
e8163b809b
Merge pull request #4278 from alexlarsson/system
...
Create pkg/system and move stuff there from archive
2014-03-05 12:32:35 -05:00
Alexander Larsson
7eb32029e9
Create pkg/system and move stuff there from archive
...
This is a package for generic system calls etc that for some reason
is not yet supported by "syscall", or where it is different enough
for the different ports to need portability wrappers.
Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
2014-03-05 14:05:32 +01:00
Alexander Larsson
88aed3bf92
libcontainer: Use MS_PRIVATE instead of MS_SLAVE
...
Now that we unmount all the mounts from the global namespace we can
use a private namespace rather than a slave one (as we have no need
for unmounts of inherited global mounts to propagate into the
container).
Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
2014-03-05 09:40:54 +01:00
Michael Crosby
2bddb20b91
Add shm size cap to mount
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-03-04 14:18:40 -08:00
Guillaume J. Charmes
9a5dead3c9
Remove /dev tmpfs mountpoint
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
2014-03-04 13:21:22 -08:00
Guillaume J. Charmes
91d13e5fa1
remove /run mountpoint
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
2014-03-04 12:32:17 -08:00
Guillaume J. Charmes
a8b87a47b6
Remove loopback mount bind
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
2014-03-04 12:30:52 -08:00
Michael Crosby
4f641377e0
Merge pull request #4452 from crosbymichael/small-fixes-to-libcontainer
...
Add find tests and remove panic in DEBUG
2014-03-04 14:37:41 -05:00
Michael Crosby
bd2d7a377c
Add find tests and remove panic in DEBUG
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-03-04 08:55:12 -08:00
Alexander Larsson
83de20deb7
libcontainer: Use pivot_root instead of chroot
...
Instead of keeping all the old mounts in the container namespace and
just using subtree as root we pivot_root so that the actual root in
the namespace is the root we want, and then we unmount the previous
mounts.
This has multiple advantages:
* The namespace mount tree is smaller (in the kernel)
* If you break out of the chroot you could previously access the host
filesystem. Now the host filesystem is fully invisible to the namespace.
* We get rid of all unrelated mounts from the parent namespace, which means
we don't hog these. This is important if we later switch to MS_PRIVATE instead
of MS_SLAVE as otherwise these mounts would be impossible to unmount from the
parent namespace.
Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
2014-03-04 12:44:08 +01:00
Guillaume J. Charmes
0ef83adf9f
Merge pull request #4327 from crosbymichael/add-libcontainer
...
Add native execution driver to docker and make it the default
2014-03-03 16:34:20 -08:00
Sven Dowideit
313d6a9e13
very minor spelling
...
Docker-DCO-1.1-Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au> (github: SvenDowideit)
2014-03-04 10:12:12 +10:00