Commit graph

1900 commits

Author SHA1 Message Date
Brian Goff
ebe1aafedc Merge pull request #21325 from frenkel/openbsd-support
Support OpenBSD build
2016-03-18 20:53:17 -04:00
Tonis Tiigi
038fe8cfea Replace execdrivers with containerd implementation
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
Signed-off-by: Anusha Ragunathan <anusha@docker.com>
2016-03-18 13:38:32 -07:00
Frank Groeneveld
9b109daafc Cli binary can now be build on OpenBSD
Signed-off-by: Frank Groeneveld <frank@frankgroeneveld.nl>
2016-03-18 14:56:21 +01:00
Alexander Morozov
9527d789e7 Merge pull request #21266 from estesp/dockremap-system-user
Change subordinate range-owning user to be a system user
2016-03-17 11:42:15 -07:00
Antonio Murdaca
0726d285f8 pkg: truncindex: provide more info in error
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-03-17 15:53:12 +01:00
Phil Estes
ca88852656 Change subordinate range-owning user to be a system user
Change user/group creation to use flags to adduser/useradd to enforce it
being a system user. Use system user defaults that auto-create a
matching group. These changes allow us to remove all group creation
code, and in doing so we also removed the code that finds available uid,
gid integers and use post-creation query to gather the system-generated
uid and gid.

The only added complexity is that today distros don't auto-create
subordinate ID ranges for a new ID if it is a system ID, so we now need
to handle finding a free range and then calling the `usermod` tool to
add the ranges for that ID. Note that this requires the distro supports
the `-v` and `-w` flags on `usermod` for subordinate ID range additions.

Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
2016-03-16 18:44:10 -04:00
Antonio Murdaca
a4b96d76f7 *: fix response body leaks
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-03-16 17:15:42 +01:00
Amit Krishnan
98910db2c0 Remove flush(stdout) in pkg/chrootarchive/diff_unix.go and improve error reporting of flush() to fix #21103
pkg/chrootarchive/diff_unix.go erroneously calls flush on stdout, which tries to read from stdout returning an error.
This has been fixed by removing the call and by modifying flush to return errors and checking for these errors on calls to flush.

Signed-off-by: Amit Krishnan <krish.amit@gmail.com>
2016-03-15 10:29:51 -07:00
David Calavera
b1d33bd4a2 Merge pull request #21162 from estesp/copyastar-dir-create
Fix CopyWithTar creation of new destination dir as remapped root
2016-03-15 10:26:30 -07:00
Yong Tang
5478d6190e Fix flaky test TestJSONFormatProgress (#21124)
In TestJSONFormatProgress, the progress string was used for comparison.
However, the progress string (progress.String()) uses time.Now().UTC()
to generate the timeLeftBox which is not a fixed value and cannot be
compared reliably.

This PR fixes the issue by stripping the timeLeftBox field before doing
the comparison.

This PR fixes #21124.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2016-03-14 16:00:12 +00:00
Phil Estes
ac445a24e8 Fix CopyWithTar creation of new destination dir as remapped root
If the destination does not exist, it needs to be created with ownership
mapping to the remapped uid/gid ranges if user namespaces are enabled.
This fixes ADD operations, similar to the prior fixes for COPY and WORKDIR.

Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
2016-03-12 23:05:45 -05:00
allencloud
dcb61a1e38 fix typos
Signed-off-by: allencloud <allen.sun@daocloud.io>
2016-03-11 23:22:16 +08:00
Jessica Frazelle
8ad3fc4a91 pids limit support
update bash commpletion for pids limit

update check config for kernel

add docs for pids limit

add pids stats

add stats to docker client

Signed-off-by: Jessica Frazelle <acidburn@docker.com>
2016-03-08 07:55:01 -08:00
Brian Goff
f558904849 Merge pull request #20843 from calavera/plugin_any_transport
Call plugins with custom transports.
2016-03-04 11:59:32 -05:00
Vincent Demeester
2b09059814 Merge pull request #20872 from duglin/Issue20470
Optimize .dockerignore when there are exclusions
2016-03-04 09:45:19 +01:00
David Calavera
c7ffb4137d Merge pull request #20730 from clnperez/sysinfo-match-ip-case
Match case for IP variables in sysinfo pkg
2016-03-03 08:48:57 -08:00
Doug Davis
f7e2d23879 Optimize .dockerignore when there are exclusions
Closes #20470

Before this PR we used to scan the entire build context when there were
exclusions in the .dockerignore file (paths that started with !). Now we
only traverse into subdirs when one of the exclusions starts with that dir
path.

Signed-off-by: Doug Davis <dug@us.ibm.com>
2016-03-03 05:46:24 -08:00
Sebastiaan van Stijn
ff7120fc3e Merge pull request #20896 from Microsoft/jjh/unit-pkg-integration
Windows CI: Turn off failing unit tests pkg\integration
2016-03-03 10:41:21 +01:00
Sebastiaan van Stijn
298692e686 Merge pull request #20894 from Microsoft/jjh/unit-pkg-graphdb
Windows CI: Turn off failing unit tests pkg\graphdb
2016-03-03 10:40:22 +01:00
John Howard
51832bf31f Windows CI: Turn off failing unit tests pkg\integration
Signed-off-by: John Howard <jhoward@microsoft.com>
2016-03-02 19:37:18 -08:00
John Howard
e84adddd0b Windows CI: Turn off failing unit tests pkg\graphdb
Signed-off-by: John Howard <jhoward@microsoft.com>
2016-03-02 19:27:41 -08:00
John Howard
b9bdd54935 Windows CI: Turn off failing unit test pkg\fileutils
Signed-off-by: John Howard <jhoward@microsoft.com>
2016-03-02 19:05:33 -08:00
David Calavera
44005e59d4 Call plugins with custom transports.
Small refactor to be able to use custom transports
to call remote plugins.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2016-03-02 12:54:53 -05:00
Vincent Demeester
4852d877f6 Merge pull request #20833 from Microsoft/testunit-archive
Windows CI: Unit Tests stop running failing archive test
2016-03-02 08:53:11 +01:00
David Calavera
13aa11b51b Merge pull request #20842 from dongluochen/IPv6Support
Handle IPv6 entries in discovery
2016-03-01 21:03:37 -08:00
Dong Chen
33f5b3d9e2 Use net.JoinHostPort to handle address format.
Signed-off-by: Dong Chen <dongluo.chen@docker.com>
2016-03-01 17:27:30 -08:00
Dong Chen
332306a8d4 Handle IPv6 entries.
Signed-off-by: Dong Chen <dongluo.chen@docker.com>
2016-03-01 16:56:12 -08:00
Darren Stahl
7baaf6fd2a Windows CI: Unit Tests stop running failing chrootarchive tests
Signed-off-by: Darren Stahl <darst@microsoft.com>
2016-03-01 14:28:29 -08:00
Darren Stahl
ba124af99e Windows CI: Unit Tests stop running failing archive test
Signed-off-by: Darren Stahl <darst@microsoft.com>
2016-03-01 13:27:44 -08:00
Tibor Vass
98943aafae Merge pull request #20587 from MHBauer/termfixes
do not turn post-processing on for linux-cgo terminals
2016-03-01 11:37:26 -05:00
Christy Perez
eb94bd7385 Match case for variables in sysinfo pkg
I noticied an inconsistency when reviewing docker/pull/20692.

Changing Ip to IP and Nf to NF.

More info: The golang folks recommend that you keep the initials consistent:
https://github.com/golang/go/wiki/CodeReviewComments#initialisms.

Signed-off-by: Christy Perez <christy@linux.vnet.ibm.com>
2016-03-01 10:37:05 -06:00
Vincent Demeester
e81a6737db Merge pull request #20791 from Microsoft/jjh/testunit-pkgsymlink
Windows CI: Turning off pkg\symlink unit testing
2016-03-01 08:18:44 +01:00
Sebastiaan van Stijn
3a366b1f39 Merge pull request #20782 from estesp/new-parent-dir-ownership
Fix ownership of non-existing parent dir
2016-03-01 01:45:38 +01:00
John Howard
73e7b59f39 Windows CI: Turning off pkg\symlink unit testing
Signed-off-by: John Howard <jhoward@microsoft.com>
2016-02-29 13:10:50 -08:00
Vincent Demeester
7af82a95e3 Merge pull request #20492 from WeiZhang555/export-no-privilege
Clean redundant error message for export
2016-02-29 21:14:28 +01:00
David Calavera
62a29c60c6 Merge pull request #20780 from runcom/revert-sudo-user
Revert sudo user
2016-02-29 11:48:24 -08:00
David Calavera
3b1fcb4db2 Merge pull request #20686 from clintonskitson/bugfix/plugin_desc_leak
Fix plugin file descriptor leaks
2016-02-29 10:44:36 -08:00
Brian Goff
c923ab0dc5 Merge pull request #20602 from twistlock/20508_authz_plugin_corrupt_body
Fix #20508 - Authz plugin enabled with large text/JSON POST payload corrupts body
2016-02-29 10:43:02 -05:00
Phil Estes
b4ec7f5b23 Fix ownership of non-existing parent dir
During "COPY" or other tar unpack operations, a target/destination
parent dir might not exist and should be created with ownership of the
root in the right context (including remapped root when user namespaces
are enabled)

Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
2016-02-29 09:14:23 -05:00
Antonio Murdaca
b031c14149 Revert "resolve the config file from the sudo user"
This reverts commit afde6450ee7bd4a43765fdc0a9799b411276d9e4.

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-02-29 13:51:43 +01:00
Brian Goff
fcb2e0b085 Merge pull request #20706 from calavera/remove_concurrent_access_to_stdtypes
Make stdcopy.StdWriter thread safe.
2016-02-27 21:14:09 -05:00
Clinton Kitson
f08caca8a0 Fixes plugin file descriptor leak on plugin discovery
Signed-off-by: Clinton Kitson <clintonskitson@gmail.com>
2016-02-26 19:43:50 -08:00
David Calavera
f55298771e Make stdcopy.stdWriter goroutine safe.
Stop using global variables as prefixes to inject the writer header.
That can cause issues when two writers set the length of the buffer in
the same header concurrently.

Stop Writing to the internal buffer twice for each write. This could
mess up with the ordering information is written.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2016-02-26 16:51:18 -05:00
Antonio Murdaca
7e132eee02 pkg: idtools: fix subid files parsing
Since Docker is already skipping newlines in /etc/sub{uid,gid},
this patch skips commented out lines - otherwise Docker fails to start.
Add unit test also.

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-02-26 15:42:05 +01:00
David Calavera
366b774b47 Merge pull request #20263 from Microsoft/jjh/testunit-fileutils
Windows CI: Fixes panic in test-unit for FileUtils
2016-02-25 17:35:32 -08:00
Vincent Demeester
29aeaf7880 Merge pull request #20572 from runcom/sudo-user
resolve the config file from the sudo user
2016-02-25 16:05:25 +01:00
Liron Levin
b3ff922a7b Fix #20508 - Authz plugin enabled with large text/JSON POST payload corrupts body
Based on the discussion, we have changed the following:

1. Send body only if content-type is application/json (based on the
Docker official daemon REST specification, this is the provided for all
APIs that requires authorization.

2. Correctly verify that the msg body is smaller than max cap (this was
the actual bug). Fix includes UT.

3. Minor: Check content length > 0 (it was -1 for load, altough an
attacker can still modify this)

Signed-off-by: Liron Levin <liron@twistlock.com>
2016-02-25 08:11:55 +02:00
Brian Goff
f5003987da Close resp body on plugin call error
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2016-02-24 20:09:51 -05:00
Brian Goff
c8da8b3693 add file poller panic fix from 1.10.2
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2016-02-24 10:17:29 -05:00
Antonio Murdaca
51359df9fb resolve the config file from the sudo user
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-02-24 15:41:00 +01:00