0ct0pu5/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
8174 commits 14 branches 412 tags 338 MiB
Commit graph

8174 commits

This branch
This branch
All branches
Author SHA1 Message Date
Joel Handwell
137f4b326a changed deprecated -rm option to --rm 
changed deprecated -rm option to --rm
 2014-05-14 16:22:38 -04:00
Michael Crosby
4af465fccf Merge pull request #5720 from cyphar/5656-cp-absolute-paths 
Ensure `docker cp` cannot traverse outside container rootfs
 2014-05-14 11:46:11 -07:00
Victor Vieux
d066ceaa4f Merge pull request #5752 from crosbymichael/fix-port-mapping-ps 
Fix port mapping in ps display for public and private
 2014-05-14 11:36:23 -07:00
Victor Vieux
bc22c9948c Merge pull request #5756 from crosbymichael/move-units-to-pkg 
Move duration and size to units pkg
 2014-05-14 11:36:14 -07:00
Victor Vieux
c78b390b6c Merge pull request #5780 from vbatts/vbatts-start_tarsum_test 
tarsum: start a test for TarSum
 2014-05-14 11:28:26 -07:00
James Turnbull
d9b1c1976f Merge pull request #5787 from SvenDowideit/pr_out_add_a_mention_of_80_column_lines_and_reflow_the_document_to_hide_the_evidence 
Add a mention of 80 column lines and reflow the document to hide the evidence.
 2014-05-14 20:13:48 +02:00
Michael Crosby
de406b69f3 Merge pull request #5798 from unclejack/fix_startup_speed 
don't update Suffixarray for every Register during startup
 2014-05-14 11:13:02 -07:00
Michael Crosby
432e42e715 Merge pull request #5791 from bernerdschaefer/nsinit-exec-forwards-signals 
"nsinit exec ..." forwards signals to container
 2014-05-14 11:05:27 -07:00
Victor Vieux
3bf1b562e3 Merge pull request #5781 from creack/remove_bind_console 
Remove the bind mount for dev/console which override the mknod/label
 2014-05-14 10:57:21 -07:00
unclejack
fc82199d4f Merge pull request #5758 from crosbymichael/add-cpuset 
Add cpuset cpus support for docker
 2014-05-14 20:57:12 +03:00
Victor Vieux
b561f0398a Merge pull request #5794 from unclejack/speed_up_ps 
don't call sort for every add in daemon/history
 2014-05-14 10:48:08 -07:00
Vincent Batts
d153740d9c tarsum: adding benchmarks 
to cover a couple of use-cases:
* 1mb file, using no compression
* 1mb file, using compression
* 1024 1k files, using no compression
* 1024 1k files, using compression

Docker-DCO-1.1-Signed-off-by: Vincent Batts <vbatts@redhat.com> (github: vbatts)
 2014-05-14 11:48:17 -04:00
unclejack
5d5c89398c update Suffixarray only once during daemon startup 
This commit makes the Docker daemon call UpdateSuffixarray only after
it finishes registering all containers.

This lowers the amount of time required for the Docker daemon to start
up.

Docker-DCO-1.1-Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> (github: unclejack)
 2014-05-14 17:58:37 +03:00
unclejack
219b7ae8b5 add UpdateSuffixarray and refactor TruncIndex 
This commit refactors TruncIndex to make it possible to add container
ids to the TruncIndex without updating the Suffixarray.

This is useful during the Docker daemon's startup when we don't want to
update the Suffixarray for every container we add.

Add continues to function like before.

Docker-DCO-1.1-Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> (github: unclejack)
 2014-05-14 17:57:59 +03:00
unclejack
e963179c79 don't call sort for every add in history 
This moves the call to sort in daemon/history to a function to be
called explicitly when we're done adding elements to the list.

This speeds up `docker ps`.

Docker-DCO-1.1-Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> (github: unclejack)
 2014-05-14 15:02:02 +03:00
Bernerd Schaefer
830c2d7fa3 "nsinit exec ..." forwards signals to container 
Docker-DCO-1.1-Signed-off-by: Bernerd Schaefer <bj.schaefer@gmail.com> (github: bernerdschaefer)
 2014-05-14 11:01:02 +02:00
James Turnbull
cb0f2a2823 Merge pull request #5785 from SvenDowideit/pr_out_subject_and_object_containers_can_be_confused 
Subject and object containers can be confused
 2014-05-14 07:56:31 +02:00
Michael Crosby
adbe3096e8 Add cpuset cpus support for docker 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-05-13 18:17:12 -07:00
Michael Crosby
4de6810be9 Merge pull request #5786 from crosbymichael/cpuset-copy 
Copy parents cpus and mems for cpuset
 2014-05-13 18:16:47 -07:00
cyphar
0fb507dc23 daemon: *: refactored container resource path generation 
This patch is a preventative patch, it fixes possible future
vulnerabilities regarding unsantised paths. Due to several recent
vulnerabilities, wherein the docker daemon could be fooled into
accessing data from the host (rather than a container), this patch
was created to try and mitigate future possible vulnerabilities in
the same vein.

Docker-DCO-1.1-Signed-off-by: Aleksa Sarai <cyphar@cyphar.com> (github: cyphar)
 2014-05-14 11:15:50 +10:00
cyphar
79ca77f3e8 integration-cli: cp: added tests for cp 
This patch adds integration tests for the copying of resources
from a container, to ensure that regressions in the security of
resource copying can be easily discovered.

Docker-DCO-1.1-Signed-off-by: Aleksa Sarai <cyphar@cyphar.com> (github: cyphar)
 2014-05-14 11:14:59 +10:00
cyphar
bfc3a4192a daemon: container: ensure cp cannot traverse outside container rootfs 
This patch fixes the bug that allowed cp to copy files outside of
the containers rootfs, by passing a relative path (such as
../../../../../../../../etc/shadow). This is fixed by first converting
the path to an absolute path (relative to /) and then appending it
to the container's rootfs before continuing.

Docker-DCO-1.1-Signed-off-by: Aleksa Sarai <cyphar@cyphar.com> (github: cyphar)
 2014-05-14 11:14:59 +10:00
Michael Crosby
3de15bda7e Copy parents cpus and mems for cpuset 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-05-13 18:01:31 -07:00
SvenDowideit
195f3a3f42 Add a mention of 80 column lines and reflow the document to hide the 
evidence.

Docker-DCO-1.1-Signed-off-by: SvenDowideit <SvenDowideit@home.org.au> (github: SvenDowideit)
 2014-05-14 10:22:55 +10:00
SvenDowideit
af891a6751 Subject and object containers can be confused 
and `create` is now a loaded word for some readers

Docker-DCO-1.1-Signed-off-by: SvenDowideit <SvenDowideit@home.org.au> (github: SvenDowideit)
 2014-05-14 07:43:41 +10:00
Vincent Batts
cfd1227e91 tarsum: test gofmt 
Docker-DCO-1.1-Signed-off-by: Vincent Batts <vbatts@redhat.com> (github: vbatts)
 2014-05-13 15:14:32 -04:00
Vincent Batts
efa369a6ee tarsum: adding the layer for "scratch" image 
Docker-DCO-1.1-Signed-off-by: Vincent Batts <vbatts@redhat.com> (github: vbatts)
 2014-05-13 15:08:48 -04:00
Guillaume J. Charmes
ae85dd5458
Remove the bind mount for dev/console which override the mknod/label 
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume@charmes.net> (github: creack)
 2014-05-13 11:59:27 -07:00
Vincent Batts
461f801f83 tarsum: start a test for TarSum 
Docker-DCO-1.1-Signed-off-by: Vincent Batts <vbatts@redhat.com> (github: vbatts)
 2014-05-13 14:57:31 -04:00
Victor Vieux
f637eaca5d Merge pull request #5778 from crosbymichael/check-symlink 
Ensure libcontainer follows correct symlink in scope
 2014-05-13 11:28:00 -07:00
Michael Crosby
ea7647099f Add MAINTAINERS file to symlink pkg 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-05-13 11:27:24 -07:00
Michael Crosby
ca040b1a37 Update code to handle new path to Follow Symlink func 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-05-13 10:54:08 -07:00
Michael Crosby
dcf81f95fd Move Follow symlink to pkg 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-05-13 10:35:57 -07:00
Alexander Larsson
b7c7b851dc libcontainer: Ensure bind mount target files are inside rootfs 
Before we create any files to bind-mount on, make sure they are
inside the container rootfs, handling for instance absolute symbolic
links inside the container.

Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
 2014-05-13 10:24:52 -07:00
Sven Dowideit
1d4caadfe2 Merge pull request #5769 from dankeder/master 
Fix a typo in contrib/man/md/docker.1.md
 2014-05-13 20:26:02 +10:00
Dan Keder
653328c6ce Fix a typo in contrib/man/md/docker.1.md 2014-05-13 11:17:42 +02:00
Sven Dowideit
a70bffd382 Merge pull request #5745 from ojilles/patch-1 
Cleaned up Network settings overview
 2014-05-13 19:02:18 +10:00
unclejack
f1eabe436a Merge pull request #5655 from alexlarsson/mount-run-dir 
Always mount a /run tmpfs in the container
 2014-05-13 11:51:14 +03:00
Solomon Hykes
ee4fa10fb0 Merge pull request #5753 from creack/fix-beam-32bit 
[beam] Use direct iota instead of binary shift
 2014-05-13 00:21:32 -07:00
James Turnbull
5ac3c6c4ed Merge pull request #5757 from SvenDowideit/pr_out_was_checking_something_for_a_pr_and_noticed_some_quote_issues 
Was checking something for a PR and noticed some quote issues
 2014-05-13 06:37:12 +02:00
Michael Crosby
5b525feaed Merge pull request #5707 from vieux/fix_event_removal 
fix event removal
 2014-05-12 18:59:42 -07:00
Victor Vieux
a0f799b6d4 Merge pull request #5759 from vieux/move_register_links_to_daemon 
move RegisterLinks to daemon
 2014-05-12 18:39:47 -07:00
Victor Vieux
100a92146e move RegisterLinks to daemon 
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
 2014-05-13 00:54:46 +00:00
SvenDowideit
b9c2d57d89 Was checking something for a PR and noticed some quote issues 
Docker-DCO-1.1-Signed-off-by: SvenDowideit <SvenDowideit@home.org.au> (github: SvenDowideit)
 2014-05-13 10:36:19 +10:00
Sven Dowideit
3f6ec6ebba Merge pull request #5747 from ojilles/patch-2 
runmetrics update, linking to collectd plugin rather than just hinting
 2014-05-13 10:21:34 +10:00
Michael Crosby
d33b4655c4 Move duration and size to units pkg 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-05-12 17:05:07 -07:00
Michael Crosby
d54dec4d8b Fix port mapping in ps display for public and private 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-05-12 15:26:23 -07:00
Guillaume J. Charmes
0d78799db7 Merge pull request #5751 from vieux/move_version 
move version out of server
 2014-05-12 15:25:40 -07:00
Victor Vieux
7894a70f8b move version out of server 
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
 2014-05-12 21:38:20 +00:00
Guillaume J. Charmes
bc77ec2b17 Merge pull request #5717 from philips/mkdir-in-daemon 
fix(daemon): ensure the /var/lib/docker dir exists
 2014-05-12 14:13:56 -07:00