0ct0pu5/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
39893 commits 14 branches 412 tags 338 MiB
Commit graph

3005 commits

Author SHA1 Message Date
Michael Crosby
0e863a584a Add stderr log ouput if in debug 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-03-14 09:55:05 -07:00
Michael Crosby
7294392c72 Add initial logging to libcontainer 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-03-14 09:55:05 -07:00
Michael Crosby
cbd2a30cd6 Update libcontainer readme and todo list 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-03-13 15:18:08 -07:00
Michael Crosby
28994f86ee Merge pull request #4656 from crosbymichael/fix-ptmx-link 
Always symlink /dev/ptmx for libcontainer
 2014-03-13 14:57:17 -07:00
Guillaume J. Charmes
c7ea6e5da8 Merge pull request #4422 from alexlarsson/internal-mounts 
Move all bind-mounts in the container inside the namespace
 2014-03-13 14:55:29 -07:00
Michael Crosby
747275d30c Always symlink /dev/ptmx for libcontainer 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-03-13 14:31:09 -07:00
Victor Vieux
192917a1cb Merge pull request #4624 from creack/fix_apparmor_init 
Fix issue when /etc/apparmor.d does not exists
 2014-03-13 14:04:13 -07:00
Alexander Larsson
6c266c4b42 Move all bind-mounts in the container inside the namespace 
This moves the bind mounts like /.dockerinit, /etc/hostname, volumes,
etc into the container namespace, by setting them up using lxc.

This is useful to avoid littering the global namespace with a lot of
mounts that are internal to each container and are not generally
needed on the outside. In particular, it seems that having a lot of
mounts is problematic wrt scaling to a lot of containers on systems
where the root filesystem is mounted --rshared.

Note that the "private" option is only supported by the native driver, as
lxc doesn't support setting this. This is not a huge problem, but it does
mean that some mounts are unnecessarily shared inside the container if you're
using the lxc driver.

Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
 2014-03-13 20:01:29 +01:00
Guillaume J. Charmes
029aac9639
Use BSD raw mode on darwin. Fixes nano, tmux and others 
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume@charmes.net> (github: creack)
 2014-03-13 11:11:02 -07:00
Guillaume J. Charmes
6a325f1c7a
Fix issue when /etc/apparmor.d does not exists 
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume@charmes.net> (github: creack)
 2014-03-12 11:13:24 -07:00
Victor Vieux
f0eb227548 improve deprecation message 
Docker-DCO-1.1-Signed-off-by: Victor Vieux <victor.vieux@docker.com> (github: vieux)
 2014-03-12 00:51:46 +00:00
Guillaume J. Charmes
915d967f55
Update email + add self to pkg/signal 
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume@charmes.net> (github: creack)
 2014-03-10 20:26:45 -07:00
Kato Kazuyoshi
b2cd89056f Like signal_linux.go, we don't have import os and os/signal 
Docker-DCO-1.1-Signed-off-by: Kato Kazuyoshi <kato.kazuyoshi@gmail.com> (github: kzys)
 2014-03-11 23:14:58 +09:00
Michael Crosby
b5a544b02e Merge pull request #4563 from creack/signal-improvment 
Signal improvments
 2014-03-10 17:59:17 -07:00
Michael Crosby
923962a4b5 Merge pull request #4515 from vieux/improve_sort_flags 
improve alpha sort in mflag
 2014-03-10 17:45:41 -07:00
Guillaume J. Charmes
157f24ca77 Make docker use the signal pkg with strings 
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume@charmes.net> (github: creack)
 2014-03-10 17:36:47 -07:00
Guillaume J. Charmes
10dc16dcd3 Create portable signalMap 
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume@charmes.net> (github: creack)
 2014-03-10 17:36:41 -07:00
Guillaume J. Charmes
c563262239 Move signal to pkg 
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume@charmes.net> (github: creack)
 2014-03-10 17:36:32 -07:00
srid
03211ecce0 nsinit: prefix errors with their source 
Docker-DCO-1.1-Signed-off-by: Sridhar Ratnakumar <github@srid.name> (github: srid)
 2014-03-10 17:08:50 -07:00
unclejack
8bcb156694 Merge pull request #3985 from creack/add_freebsd_support 
Add freebsd client support
 2014-03-11 00:58:30 +02:00
Guillaume J. Charmes
6ccfb7fb9a
Update bsd specs 
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
 2014-03-10 15:19:08 -07:00
Victor Vieux
fde5f573d3 move opts out of pkg because it's related to docker 
Docker-DCO-1.1-Signed-off-by: Victor Vieux <victor.vieux@docker.com> (github: vieux)
 2014-03-10 21:10:23 +00:00
Victor Vieux
d648708d02 remove utils.go 
Docker-DCO-1.1-Signed-off-by: Victor Vieux <victor.vieux@docker.com> (github: vieux)
 2014-03-10 21:06:27 +00:00
Guillaume J. Charmes
bb43761940
Merge branch 'master' into add_freebsd_support 
Conflicts:
	archive/archive.go
	archive/start_unsupported.go
 2014-03-10 13:20:49 -07:00
Victor Vieux
7da37fec13 handle capital 
Docker-DCO-1.1-Signed-off-by: Victor Vieux <victor.vieux@docker.com> (github: vieux)
 2014-03-07 23:40:45 +00:00
Michael Crosby
36dd124b16 Add env var to toggle pivot root or ms_move 
Use the  DOCKER_RAMDISK env var to tell the native driver not to use
a pivot root when setting up the rootfs of a container.
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-03-06 19:30:52 -08:00
Victor Vieux
3729ece2ea improve alpha sort in mflag 
Docker-DCO-1.1-Signed-off-by: Victor Vieux <victor.vieux@docker.com> (github: vieux)
 2014-03-07 02:20:59 +00:00
Michael Crosby
c38635020a Revert "Revert "libcontainer: Use pivot_root instead of chroot"" 
This reverts commit 82f797f140.

Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-03-06 17:19:59 -08:00
Michael Crosby
557e4fef44 Revert "Revert "libcontainer: Use MS_PRIVATE instead of MS_SLAVE"" 
This reverts commit bd263f5b15.

Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-03-06 17:19:47 -08:00
unclejack
78dc1ede52 Merge pull request #4512 from crosbymichael/no-pivot-root 
No pivot root because of ramdisk
 2014-03-07 02:54:03 +02:00
Michael Crosby
bd263f5b15 Revert "libcontainer: Use MS_PRIVATE instead of MS_SLAVE" 
This reverts commit 757b577572.

Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-03-06 16:41:03 -08:00
Michael Crosby
82f797f140 Revert "libcontainer: Use pivot_root instead of chroot" 
This reverts commit 5b5c884cc8.

Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-03-06 16:32:06 -08:00
Michael Crosby
ea9bce8724 Ensure that native containers die with the parent 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-03-06 16:30:56 -08:00
Michael Crosby
772ef99d28 Remove the ghosts and kill everything 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-03-06 15:30:26 -08:00
Guillaume J. Charmes
b722aa21b7 Merge pull request #4506 from creack/fix_apparmor 
Use CGO for apparmor profile switch
 2014-03-06 13:37:34 -08:00
Tianon Gravi
0b23393ba1 Update build tags such that we can properly compile on all platforms (especially for packagers), and updated hack/PACKAGERS.md to mention the DOCKER_BUILDTAGS variable that will need to be set for binaries that might be used on AppArmor (such as Debian and especially Ubuntu) 
Docker-DCO-1.1-Signed-off-by: Andrew Page <admwiggin@gmail.com> (github: tianon)
 2014-03-06 13:39:17 -07:00
Guillaume J. Charmes
c89fa6645e
Add buildflags to allow crosscompilation for apparmor 
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
 2014-03-06 12:05:03 -08:00
Guillaume J. Charmes
31f62b934b Merge pull request #4503 from unclejack/attempt_to_fix_apparmor_profile 
remove dbus from apparmor profile for Ubuntu 12.04
 2014-03-06 11:20:06 -08:00
Guillaume J. Charmes
f0f833c6d7
Use CGO for apparmor profile switch 
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
 2014-03-06 11:10:58 -08:00
unclejack
46fdb6af8e remove dbus from apparmor profile 
This removes the dbus entry from the apparmor profile Docker creates.

Docker-DCO-1.1-Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> (github: unclejack)
 2014-03-06 19:47:03 +02:00
Alexander Larsson
5c9b28db18 libcontainer: Don't use UsetCloseOnExec, it is racy 
We can't keep file descriptors without close-on-exec except with
syscall.ForkLock held, as otherwise they could leak by accident into
other children from forks in other threads.

Instead we just use Cmd.ExtraFiles which handles all this for us.

This fixes https://github.com/dotcloud/docker/issues/4493

Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
 2014-03-06 14:10:32 +01:00
Guillaume J. Charmes
920a6ca54c
Generate and load custom docker profile for apparmor 
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
 2014-03-05 15:02:11 -08:00
Michael Crosby
37f137c822 Some cleanup around logs 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-03-05 13:50:49 -08:00
Guillaume J. Charmes
cb4189a292
Add AppArmor support to native driver + change pipe/dup logic 
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
 2014-03-05 13:08:24 -08:00
Victor Vieux
069dc7f8c7 fix panic with only long flags or only one deprecatd 
Docker-DCO-1.1-Signed-off-by: Victor Vieux <victor.vieux@docker.com> (github: vieux)
 2014-03-05 19:45:57 +00:00
Victor Vieux
089bf5e11e fix usage for completly deprecated flag 
Docker-DCO-1.1-Signed-off-by: Victor Vieux <victor.vieux@docker.com> (github: vieux)
 2014-03-05 19:27:39 +00:00
Michael Crosby
858d0356fd Merge pull request #4278 from alexlarsson/system 
Create pkg/system and move stuff there from archive
 2014-03-05 12:32:35 -05:00
Alexander Larsson
d6114c0da0 Create pkg/system and move stuff there from archive 
This is a package for generic system calls etc that for some reason
is not yet supported by "syscall", or where it is different enough
for the different ports to need portability wrappers.

Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
 2014-03-05 14:05:32 +01:00
Alexander Larsson
757b577572 libcontainer: Use MS_PRIVATE instead of MS_SLAVE 
Now that we unmount all the mounts from the global namespace we can
use a private namespace rather than a slave one (as we have no need
for unmounts of inherited global mounts to propagate into the
container).

Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
 2014-03-05 09:40:54 +01:00
Michael Crosby
b07708c8de Add shm size cap to mount 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-03-04 14:18:40 -08:00