9 years ago · 414cfe9467
--- a/Dockerfile
+++ b/Dockerfile
@@ -182,7 +182,7 @@ RUN ln -sv $PWD/contrib/completion/bash/docker /etc/bash_completion.d/docker
 
															 # Get useful and necessary Hub images so we can "docker load" locally instead of pulling
														
 
															 COPY contrib/download-frozen-image.sh /go/src/github.com/docker/docker/contrib/
														
 
															 RUN ./contrib/download-frozen-image.sh /docker-frozen-images \
														
 
															-	busybox:latest@8c2e06607696bd4afb3d03b687e361cc43cf8ec1a4a725bc96e39f05ba97dd55 \
														
 
															+	busybox:latest@d7057cb020844f245031d27b76cb18af05db1cc3a96a29fa7777af75f5ac91a3 \
														
 
															 	hello-world:frozen@91c95931e552b11604fea91c2f537284149ec32fff0f700a4769cfd31d7696ae \
														
 
															 	jess/unshare@5c9f6ea50341a2a8eb6677527f2bdedbf331ae894a41714fda770fb130f3314d
														
 
															 # see also "hack/make/.ensure-frozen-images" (which needs to be updated any time this list is)
														
--- a/integration-cli/docker_cli_cp_test.go
+++ b/integration-cli/docker_cli_cp_test.go
@@ -797,7 +797,7 @@ func (s *DockerSuite) TestCopyAndRestart(c *check.C) {
 
															 	}
														
 
															 	defer os.RemoveAll(tmpDir)
														
 
															-	dockerCmd(c, "cp", fmt.Sprintf("%s:/etc/issue", id), tmpDir)
														
 
															+	dockerCmd(c, "cp", fmt.Sprintf("%s:/etc/group", id), tmpDir)
														
 
															 	out, _ = dockerCmd(c, "start", "-a", id)
														
--- a/integration-cli/docker_cli_daemon_test.go
+++ b/integration-cli/docker_cli_daemon_test.go
@@ -1495,13 +1495,16 @@ func (s *DockerDaemonSuite) TestRunContainerWithBridgeNone(c *check.C) {
 
															 	c.Assert(err, check.IsNil, check.Commentf("Output: %s", out))
														
 
															 	c.Assert(strings.Contains(out, "eth0"), check.Equals, false,
														
 
															 		check.Commentf("There shouldn't be eth0 in container in bridge mode when bridge network is disabled: %s", out))
														
 
															-	cmd := exec.Command("ip", "l")
														
 
															+	// the extra grep and awk clean up the output of `ip` to only list the number and name of
														
 
															+	// interfaces, allowing for different versions of ip (e.g. inside and outside the container) to
														
 
															+	// be used while still verifying that the interface list is the exact same
														
 
															+	cmd := exec.Command("sh", "-c", "ip l | grep -E '^[0-9]+:' | awk -F: ' { print $1\":\"$2 } '")
														
 
															 	stdout := bytes.NewBuffer(nil)
														
 
															 	cmd.Stdout = stdout
														
 
															 	if err := cmd.Run(); err != nil {
														
 
															 		c.Fatal("Failed to get host network interface")
														
 
															 	}
														
 
															-	out, err = s.d.Cmd("run", "--rm", "--net=host", "busybox", "ip", "l")
														
 
															+	out, err = s.d.Cmd("run", "--rm", "--net=host", "busybox", "sh", "-c", "ip l | grep -E '^[0-9]+:' | awk -F: ' { print $1\":\"$2 } '")
														
 
															 	c.Assert(err, check.IsNil, check.Commentf("Output: %s", out))
														
 
															 	c.Assert(out, check.Equals, fmt.Sprintf("%s", stdout),
														
 
															 		check.Commentf("The network interfaces in container should be the same with host when --net=host when bridge network is disabled: %s", out))
														
--- a/integration-cli/docker_cli_run_test.go
+++ b/integration-cli/docker_cli_run_test.go
@@ -851,9 +851,9 @@ func (s *DockerSuite) TestRunCapAddALLDropNetAdminCanDownInterface(c *check.C) {
 
															 func (s *DockerSuite) TestRunGroupAdd(c *check.C) {
														
 
															 	// Not applicable for Windows as there is no concept of --group-add
														
 
															 	testRequires(c, DaemonIsLinux, NativeExecDriver)
														
 
															-	out, _ := dockerCmd(c, "run", "--group-add=audio", "--group-add=dbus", "--group-add=777", "busybox", "sh", "-c", "id")
														
 
															+	out, _ := dockerCmd(c, "run", "--group-add=audio", "--group-add=staff", "--group-add=777", "busybox", "sh", "-c", "id")
														
 
															-	groupsList := "uid=0(root) gid=0(root) groups=10(wheel),29(audio),81(dbus),777"
														
 
															+	groupsList := "uid=0(root) gid=0(root) groups=10(wheel),29(audio),50(staff),777"
														
 
															 	if actual := strings.Trim(out, "\r\n"); actual != groupsList {
														
 
															 		c.Fatalf("expected output %s received %s", groupsList, actual)
														
 
															 	}
														
@@ -1168,13 +1168,13 @@ func (s *DockerSuite) TestRunDnsOptionsBasedOnHostResolvConf(c *check.C) {
 
															 	}
														
 
															 }
														
 
															-// Test to see if a non-root user can resolve a DNS name and reach out to it. Also
														
 
															+// Test to see if a non-root user can resolve a DNS name. Also
														
 
															 // check if the container resolv.conf file has at least 0644 perm.
														
 
															 func (s *DockerSuite) TestRunNonRootUserResolvName(c *check.C) {
														
 
															 	// Not applicable on Windows as Windows does not support --user
														
 
															 	testRequires(c, SameHostDaemon, Network, DaemonIsLinux)
														
 
															-	dockerCmd(c, "run", "--name=testperm", "--user=default", "busybox", "ping", "-c", "1", "apt.dockerproject.org")
														
 
															+	dockerCmd(c, "run", "--name=testperm", "--user=nobody", "busybox", "nslookup", "apt.dockerproject.org")
														
 
															 	cID, err := getIDByName("testperm")
														
 
															 	if err != nil {