Tianon Gravi
88eec2e811
Also trim "~..." from AppArmor versions
...
Signed-off-by: Tianon Gravi <admwiggin@gmail.com>
(cherry picked from commit 654cad4d9d
2020-10-09 22:22:56 +02:00
Akihiro Suda
ecd3baca25
pkg/aaparser: support parsing version like "3.0.0-beta1"
...
Fix #41517
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
(cherry picked from commit ee079e4692
2020-10-09 22:22:53 +02:00
Akihiro Suda
0a3b2bda34
pkg/archive: escape ":" symbol in overlay lowerdir
...
lowerdir needs escaping:
https://github.com/torvalds/linux/blob/v5.4/fs/overlayfs/super.c#L835-L853
Fix #40939
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
(cherry picked from commit 6a5e3547fb
2020-05-15 06:57:49 +09:00
Tõnis Tiigi
69098f05cf
Merge pull request #454 from thaJeztah/19.03_backport_lgetxattr_panic
...
[19.03 backport] Fix possible runtime panic in Lgetxattr
2020-01-23 15:03:16 -08:00
Sebastiaan van Stijn
dda9b3eced
Merge pull request #440 from thaJeztah/19.03_backport_remove_cocky
...
[19.03 backport] Remove cocky from names-generator
2020-01-23 20:21:27 +01:00
Sascha Grunert
c7cd5d6726
Fix possible runtime panic in Lgetxattr
...
If `unix.Lgetxattr` returns an error, then `sz == -1` which will cause a
runtime panic if `errno == unix.ERANGE`.
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
(cherry picked from commit 4138cd22ab
2020-01-17 11:31:12 +01:00
Sebastiaan van Stijn
71dec69ef5
pkg/parsers/kernel: gofmt hex value (preparation for Go 1.13+)
...
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 7663aebc12
2020-01-17 10:43:36 +01:00
Eli Uriegas
f13b265b56
Remove cocky from names-generator
...
Could be misinterpreted as something not too kosher
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
(cherry picked from commit 8be39cd277
2020-01-17 10:03:40 +01:00
Dominic
16f503c048
cast Dev and Rdev of Stat_t to uint64 for mips
...
Signed-off-by: Dominic <yindongchao@inspur.com>
Signed-off-by: Dominic Yin <yindongchao@inspur.com>
(cherry picked from commit 5f0231bca1
2020-01-13 09:25:13 +08:00
Andrew Hsu
b6a7124855
Merge pull request #383 from thaJeztah/19.03_backport_test_fixes_2
...
[19.03 backport] Testing and Jenkinsfile changes [step 2]
2019-09-27 16:58:30 -07:00
Tibor Vass
da96e5c27b
Setup tests
...
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 8b40da168b
2019-09-26 23:52:42 +02:00
Tibor Vass
be42af89f8
fix remaining issues with checker.Not
...
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 40f1950e8e
2019-09-26 23:52:38 +02:00
Tibor Vass
e25352a42a
rm-gocheck: run goimports to compile successfully
...
goimports -w \
-- "./integration-cli/daemon" "./pkg/discovery" "./pkg/discovery/file" "./pkg/discovery/kv" "./pkg/discovery/memory" "./pkg/discovery/nodes" "./integration-cli" \
&& \
gofmt -w -s \
-- "./integration-cli/daemon" "./pkg/discovery" "./pkg/discovery/file" "./pkg/discovery/kv" "./pkg/discovery/memory" "./pkg/discovery/nodes" "./integration-cli"
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 59e55dcdd0
2019-09-26 23:52:28 +02:00
Tibor Vass
d523748a4f
rm-gocheck: comment out check.TestingT
...
sed -E -i 's#([^*])(check\.TestingT\([^\)]+\))#\1/*\2*/#g' \
-- "integration-cli/check_test.go" "pkg/discovery/discovery_test.go" "pkg/discovery/file/file_test.go" "pkg/discovery/kv/kv_test.go" "pkg/discovery/memory/memory_test.go" "pkg/discovery/nodes/nodes_test.go"
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit eb67bb9fb5
2019-09-26 23:52:27 +02:00
Tibor Vass
bbcad73a27
rm-gocheck: comment out check.Suite calls
...
sed -E -i 's#^([^*])+?((var .*)?check\.Suite\(.*\))#\1/*\2*/#g' \
-- "integration-cli/check_test.go" "integration-cli/docker_cli_external_volume_driver_unix_test.go" "integration-cli/docker_cli_network_unix_test.go" "integration-cli/docker_hub_pull_suite_test.go" "pkg/discovery/discovery_test.go" "pkg/discovery/file/file_test.go" "pkg/discovery/kv/kv_test.go" "pkg/discovery/memory/memory_test.go" "pkg/discovery/nodes/nodes_test.go"
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 81d2a0c389
2019-09-26 23:52:26 +02:00
Tibor Vass
e49237dc7d
rm-gocheck: NotNil
...
sed -E -i 's#\bassert\.Assert\(c, (.*), checker\.NotNil\b#assert.Assert(c, \1 != nil#g' \
-- "integration-cli/docker_cli_build_test.go" "integration-cli/docker_cli_by_digest_test.go" "integration-cli/docker_cli_create_test.go" "integration-cli/docker_cli_daemon_test.go" "integration-cli/docker_cli_external_volume_driver_unix_test.go" "integration-cli/docker_cli_history_test.go" "integration-cli/docker_cli_import_test.go" "integration-cli/docker_cli_inspect_test.go" "integration-cli/docker_cli_links_test.go" "integration-cli/docker_cli_netmode_test.go" "integration-cli/docker_cli_network_unix_test.go" "integration-cli/docker_cli_port_test.go" "integration-cli/docker_cli_ps_test.go" "integration-cli/docker_cli_run_test.go" "integration-cli/docker_cli_service_create_test.go" "integration-cli/docker_cli_start_test.go" "integration-cli/docker_cli_swarm_test.go" "integration-cli/docker_cli_volume_test.go" "pkg/discovery/discovery_test.go" "pkg/discovery/file/file_test.go" "pkg/discovery/kv/kv_test.go" "pkg/discovery/nodes/nodes_test.go"
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 64a161aa3e
2019-09-26 23:52:24 +02:00
Tibor Vass
ef4c63acf6
rm-gocheck: IsNil
...
sed -E -i 's#\bassert\.Assert\(c, (.*), checker\.IsNil\b#assert.Assert(c, \1 == nil#g' \
-- "integration-cli/docker_api_containers_test.go" "integration-cli/docker_cli_attach_test.go" "integration-cli/docker_cli_attach_unix_test.go" "integration-cli/docker_cli_build_test.go" "integration-cli/docker_cli_build_unix_test.go" "integration-cli/docker_cli_by_digest_test.go" "integration-cli/docker_cli_cp_from_container_test.go" "integration-cli/docker_cli_cp_to_container_test.go" "integration-cli/docker_cli_create_test.go" "integration-cli/docker_cli_daemon_test.go" "integration-cli/docker_cli_external_volume_driver_unix_test.go" "integration-cli/docker_cli_health_test.go" "integration-cli/docker_cli_history_test.go" "integration-cli/docker_cli_import_test.go" "integration-cli/docker_cli_inspect_test.go" "integration-cli/docker_cli_links_test.go" "integration-cli/docker_cli_network_unix_test.go" "integration-cli/docker_cli_plugins_test.go" "integration-cli/docker_cli_port_test.go" "integration-cli/docker_cli_ps_test.go" "integration-cli/docker_cli_pull_local_test.go" "integration-cli/docker_cli_run_test.go" "integration-cli/docker_cli_run_unix_test.go" "integration-cli/docker_cli_save_load_test.go" "integration-cli/docker_cli_service_create_test.go" "integration-cli/docker_cli_swarm_test.go" "integration-cli/docker_cli_userns_test.go" "integration-cli/docker_cli_volume_test.go" "integration-cli/docker_hub_pull_suite_test.go" "integration-cli/docker_utils_test.go" "pkg/discovery/discovery_test.go" "pkg/discovery/file/file_test.go" "pkg/discovery/kv/kv_test.go" "pkg/discovery/memory/memory_test.go"
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 2743e2d8bc
2019-09-26 23:52:23 +02:00
Tibor Vass
7b91af803d
rm-gocheck: HasLen -> assert.Equal + len()
...
sed -E -i 's#\bassert\.Assert\(c, (.*), checker\.HasLen, (.*)#assert.Equal(c, len(\1), \2#g' \
-- "integration-cli/docker_api_containers_test.go" "integration-cli/docker_cli_by_digest_test.go" "integration-cli/docker_cli_create_test.go" "integration-cli/docker_cli_daemon_test.go" "integration-cli/docker_cli_external_volume_driver_unix_test.go" "integration-cli/docker_cli_import_test.go" "integration-cli/docker_cli_inspect_test.go" "integration-cli/docker_cli_network_unix_test.go" "integration-cli/docker_cli_ps_test.go" "integration-cli/docker_cli_pull_local_test.go" "integration-cli/docker_cli_service_create_test.go" "integration-cli/docker_cli_swarm_test.go" "integration-cli/docker_cli_userns_test.go" "pkg/discovery/discovery_test.go" "pkg/discovery/file/file_test.go" "pkg/discovery/kv/kv_test.go"
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 491ef7b901
2019-09-26 23:52:22 +02:00
Tibor Vass
17e04aa6c2
rm-gocheck: DeepEquals -> assert.DeepEqual
...
sed -E -i 's#\bassert\.Assert\(c, (.*), checker\.DeepEquals, (.*)#assert.DeepEqual(c, \1, \2#g' \
-- "integration-cli/docker_cli_daemon_test.go" "pkg/discovery/discovery_test.go" "pkg/discovery/file/file_test.go" "pkg/discovery/kv/kv_test.go" "pkg/discovery/memory/memory_test.go"
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit dd9d28669f
2019-09-26 23:52:21 +02:00
Tibor Vass
6dc7846d26
rm-gocheck: Equals -> assert.Equal
...
sed -E -i 's#\bassert\.Assert\(c, (.*), checker\.Equals, (.*)#assert.Equal(c, \1, \2#g' \
-- "integration-cli/docker_api_containers_test.go" "integration-cli/docker_api_swarm_node_test.go" "integration-cli/docker_cli_attach_test.go" "integration-cli/docker_cli_build_test.go" "integration-cli/docker_cli_build_unix_test.go" "integration-cli/docker_cli_by_digest_test.go" "integration-cli/docker_cli_commit_test.go" "integration-cli/docker_cli_create_test.go" "integration-cli/docker_cli_daemon_test.go" "integration-cli/docker_cli_external_volume_driver_unix_test.go" "integration-cli/docker_cli_health_test.go" "integration-cli/docker_cli_images_test.go" "integration-cli/docker_cli_import_test.go" "integration-cli/docker_cli_info_test.go" "integration-cli/docker_cli_inspect_test.go" "integration-cli/docker_cli_links_test.go" "integration-cli/docker_cli_network_unix_test.go" "integration-cli/docker_cli_plugins_test.go" "integration-cli/docker_cli_port_test.go" "integration-cli/docker_cli_ps_test.go" "integration-cli/docker_cli_rmi_test.go" "integration-cli/docker_cli_run_test.go" "integration-cli/docker_cli_run_unix_test.go" "integration-cli/docker_cli_service_create_test.go" "integration-cli/docker_cli_service_health_test.go" "integration-cli/docker_cli_start_test.go" "integration-cli/docker_cli_swarm_test.go" "integration-cli/docker_cli_userns_test.go" "integration-cli/docker_cli_volume_test.go" "pkg/discovery/discovery_test.go" "pkg/discovery/file/file_test.go" "pkg/discovery/generator_test.go" "pkg/discovery/kv/kv_test.go" "pkg/discovery/nodes/nodes_test.go"
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 6dc7f4c167
2019-09-26 23:52:21 +02:00
Tibor Vass
c8da7fbd25
rm-gocheck: normalize to use checker
...
sed -E -i 's#\bcheck\.(Equals|DeepEquals|HasLen|IsNil|Matches|Not|NotNil)\b#checker.\1#g' \
-- "integration-cli/docker_api_containers_test.go" "integration-cli/docker_cli_attach_test.go" "integration-cli/docker_cli_attach_unix_test.go" "integration-cli/docker_cli_build_test.go" "integration-cli/docker_cli_build_unix_test.go" "integration-cli/docker_cli_by_digest_test.go" "integration-cli/docker_cli_create_test.go" "integration-cli/docker_cli_daemon_test.go" "integration-cli/docker_cli_external_volume_driver_unix_test.go" "integration-cli/docker_cli_health_test.go" "integration-cli/docker_cli_images_test.go" "integration-cli/docker_cli_inspect_test.go" "integration-cli/docker_cli_netmode_test.go" "integration-cli/docker_cli_network_unix_test.go" "integration-cli/docker_cli_port_test.go" "integration-cli/docker_cli_run_test.go" "integration-cli/docker_cli_run_unix_test.go" "integration-cli/docker_cli_save_load_test.go" "integration-cli/docker_cli_service_health_test.go" "integration-cli/docker_cli_swarm_test.go" "integration-cli/docker_cli_volume_test.go" "integration-cli/docker_utils_test.go" "pkg/discovery/discovery_test.go" "pkg/discovery/file/file_test.go" "pkg/discovery/generator_test.go" "pkg/discovery/kv/kv_test.go" "pkg/discovery/memory/memory_test.go" "pkg/discovery/nodes/nodes_test.go"
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 230f7bcc02
2019-09-26 23:52:18 +02:00
Tibor Vass
99deded542
rm-gocheck: ErrorMatches -> assert.ErrorContains
...
sed -E -i 's#\bassert\.Assert\(c, (.*), check\.ErrorMatches,#assert.ErrorContains(c, \1,#g' \
-- "pkg/discovery/kv/kv_test.go"
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit a7d144fb34
2019-09-26 23:52:17 +02:00
Tibor Vass
64a928a3d4
rm-gocheck: check.C -> testing.T
...
sed -E -i 's#\bcheck\.C\b#testing.T#g' \
-- "integration-cli/check_test.go" "integration-cli/daemon/daemon.go" "integration-cli/daemon/daemon_swarm.go" "integration-cli/daemon_swarm_hack_test.go" "integration-cli/docker_api_attach_test.go" "integration-cli/docker_api_build_test.go" "integration-cli/docker_api_build_windows_test.go" "integration-cli/docker_api_containers_test.go" "integration-cli/docker_api_containers_windows_test.go" "integration-cli/docker_api_exec_resize_test.go" "integration-cli/docker_api_exec_test.go" "integration-cli/docker_api_images_test.go" "integration-cli/docker_api_inspect_test.go" "integration-cli/docker_api_logs_test.go" "integration-cli/docker_api_network_test.go" "integration-cli/docker_api_stats_test.go" "integration-cli/docker_api_swarm_node_test.go" "integration-cli/docker_api_swarm_service_test.go" "integration-cli/docker_api_swarm_test.go" "integration-cli/docker_api_test.go" "integration-cli/docker_cli_attach_test.go" "integration-cli/docker_cli_attach_unix_test.go" "integration-cli/docker_cli_build_test.go" "integration-cli/docker_cli_build_unix_test.go" "integration-cli/docker_cli_by_digest_test.go" "integration-cli/docker_cli_commit_test.go" "integration-cli/docker_cli_cp_from_container_test.go" "integration-cli/docker_cli_cp_test.go" "integration-cli/docker_cli_cp_to_container_test.go" "integration-cli/docker_cli_cp_to_container_unix_test.go" "integration-cli/docker_cli_cp_utils_test.go" "integration-cli/docker_cli_create_test.go" "integration-cli/docker_cli_daemon_plugins_test.go" "integration-cli/docker_cli_daemon_test.go" "integration-cli/docker_cli_events_test.go" "integration-cli/docker_cli_events_unix_test.go" "integration-cli/docker_cli_exec_test.go" "integration-cli/docker_cli_exec_unix_test.go" "integration-cli/docker_cli_external_volume_driver_unix_test.go" "integration-cli/docker_cli_health_test.go" "integration-cli/docker_cli_history_test.go" "integration-cli/docker_cli_images_test.go" "integration-cli/docker_cli_import_test.go" "integration-cli/docker_cli_info_test.go" "integration-cli/docker_cli_info_unix_test.go" "integration-cli/docker_cli_inspect_test.go" "integration-cli/docker_cli_links_test.go" "integration-cli/docker_cli_login_test.go" "integration-cli/docker_cli_logout_test.go" "integration-cli/docker_cli_logs_test.go" "integration-cli/docker_cli_netmode_test.go" "integration-cli/docker_cli_network_unix_test.go" "integration-cli/docker_cli_plugins_logdriver_test.go" "integration-cli/docker_cli_plugins_test.go" "integration-cli/docker_cli_port_test.go" "integration-cli/docker_cli_proxy_test.go" "integration-cli/docker_cli_prune_unix_test.go" "integration-cli/docker_cli_ps_test.go" "integration-cli/docker_cli_pull_local_test.go" "integration-cli/docker_cli_pull_test.go" "integration-cli/docker_cli_push_test.go" "integration-cli/docker_cli_registry_user_agent_test.go" "integration-cli/docker_cli_restart_test.go" "integration-cli/docker_cli_rmi_test.go" "integration-cli/docker_cli_run_test.go" "integration-cli/docker_cli_run_unix_test.go" "integration-cli/docker_cli_save_load_test.go" "integration-cli/docker_cli_save_load_unix_test.go" "integration-cli/docker_cli_search_test.go" "integration-cli/docker_cli_service_create_test.go" "integration-cli/docker_cli_service_health_test.go" "integration-cli/docker_cli_service_logs_test.go" "integration-cli/docker_cli_service_scale_test.go" "integration-cli/docker_cli_sni_test.go" "integration-cli/docker_cli_start_test.go" "integration-cli/docker_cli_stats_test.go" "integration-cli/docker_cli_swarm_test.go" "integration-cli/docker_cli_swarm_unix_test.go" "integration-cli/docker_cli_top_test.go" "integration-cli/docker_cli_update_unix_test.go" "integration-cli/docker_cli_userns_test.go" "integration-cli/docker_cli_v2_only_test.go" "integration-cli/docker_cli_volume_test.go" "integration-cli/docker_deprecated_api_v124_test.go" "integration-cli/docker_deprecated_api_v124_unix_test.go" "integration-cli/docker_hub_pull_suite_test.go" "integration-cli/docker_utils_test.go" "integration-cli/events_utils_test.go" "integration-cli/fixtures_linux_daemon_test.go" "integration-cli/utils_test.go" "pkg/discovery/discovery_test.go" "pkg/discovery/file/file_test.go" "pkg/discovery/generator_test.go" "pkg/discovery/kv/kv_test.go" "pkg/discovery/memory/memory_test.go" "pkg/discovery/nodes/nodes_test.go"
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 1d92789b4f
2019-09-26 23:52:16 +02:00
Tibor Vass
a11079a449
rm-gocheck: c.Assert(...) -> assert.Assert(c, ...)
...
sed -E -i 's#\bc\.Assert\(#assert.Assert(c, #g' \
-- "integration-cli/docker_api_containers_test.go" "integration-cli/docker_api_swarm_node_test.go" "integration-cli/docker_cli_attach_test.go" "integration-cli/docker_cli_attach_unix_test.go" "integration-cli/docker_cli_build_test.go" "integration-cli/docker_cli_build_unix_test.go" "integration-cli/docker_cli_by_digest_test.go" "integration-cli/docker_cli_commit_test.go" "integration-cli/docker_cli_cp_from_container_test.go" "integration-cli/docker_cli_cp_to_container_test.go" "integration-cli/docker_cli_create_test.go" "integration-cli/docker_cli_daemon_test.go" "integration-cli/docker_cli_external_volume_driver_unix_test.go" "integration-cli/docker_cli_health_test.go" "integration-cli/docker_cli_history_test.go" "integration-cli/docker_cli_images_test.go" "integration-cli/docker_cli_import_test.go" "integration-cli/docker_cli_info_test.go" "integration-cli/docker_cli_info_unix_test.go" "integration-cli/docker_cli_inspect_test.go" "integration-cli/docker_cli_links_test.go" "integration-cli/docker_cli_netmode_test.go" "integration-cli/docker_cli_network_unix_test.go" "integration-cli/docker_cli_plugins_test.go" "integration-cli/docker_cli_port_test.go" "integration-cli/docker_cli_prune_unix_test.go" "integration-cli/docker_cli_ps_test.go" "integration-cli/docker_cli_pull_local_test.go" "integration-cli/docker_cli_rmi_test.go" "integration-cli/docker_cli_run_test.go" "integration-cli/docker_cli_run_unix_test.go" "integration-cli/docker_cli_save_load_test.go" "integration-cli/docker_cli_service_create_test.go" "integration-cli/docker_cli_service_health_test.go" "integration-cli/docker_cli_start_test.go" "integration-cli/docker_cli_swarm_test.go" "integration-cli/docker_cli_userns_test.go" "integration-cli/docker_cli_volume_test.go" "integration-cli/docker_hub_pull_suite_test.go" "integration-cli/docker_utils_test.go" "pkg/discovery/discovery_test.go" "pkg/discovery/file/file_test.go" "pkg/discovery/generator_test.go" "pkg/discovery/kv/kv_test.go" "pkg/discovery/memory/memory_test.go" "pkg/discovery/nodes/nodes_test.go"
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 1f69c62540
2019-09-26 23:52:15 +02:00
Tibor Vass
02545bf320
prepare for rm-gocheck script
...
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 931edfe5e9
2019-09-26 23:52:12 +02:00
Kir Kolyshkin
9f03b73dbd
pkg/mount/Make*: optimize
...
The only option we supply is either BIND or a mount propagation flag,
so it makes sense to specify the flag value directly, rather than using
parseOptions() every time.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit ec248fe61d
2019-09-26 23:52:10 +02:00
Kir Kolyshkin
8b328aa9b4
pkg/mount: Mount: minor optimization
...
Eliminate double call to parseOptions() from Mount()
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit 80fce834ad
2019-09-26 23:52:08 +02:00
Kir Kolyshkin
dc4884a9fb
pkg/mount: MakeMount: minor optimization
...
Current code in MakeMount parses /proc/self/mountinfo twice:
first in call to Mounted(), then in call to Mount(). Use
ForceMount() to eliminate such double parsing.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit aa60541877
2019-09-26 23:51:59 +02:00
Kirill Kolyshkin
e64c635c31
Merge pull request #381 from thaJeztah/19.03_backport_hn3000_fix_39981
...
[19.03 backport] Remove minsky and stallman
2019-09-26 10:47:55 -07:00
Sebastiaan van Stijn
79e5950b2f
pkg/term: refactor TestEscapeProxyRead
...
- use subtests to make it clearer what the individual test-cases
are, and to prevent tests from depending on values set by the
previous test(s).
- remove redundant messages in assert (gotest.tools already prints
a useful message if assertions fail).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 556d26c07d
2019-09-25 21:35:55 +02:00
hn3000
589f437b06
Remove minsky and stallman
...
Their inclusion is no longer defensible.
closes #39981
Signed-off-by: Harald Niesche <harald@niesche.de>
(cherry picked from commit 77d3c68f97
2019-09-25 01:57:40 +02:00
Daniel Sweet
0485e53675
Use correct LOOP_CTL_GET_FREE API in pkg/loopback
...
The `ioctl` interface for the `LOOP_CTL_GET_FREE` request on
`/dev/loop-control` is a little different from what `unix.IoctlGetInt`
expects: the first index is the returned status in `r1`, not an `int`
pointer as the first parameter.
Unfortunately we have to go a little lower level to get the appropriate
loop device index out, using `unix.Syscall` directly to read from
`r1`. Internally, the index is returned as a signed integer to match the
internal `ioctl` expectations of interpreting a negative signed integer
as an error at the userspace ABI boundary, so the direct interface of
`ioctlLoopCtlGetFree` can remain as-is.
[@kolyshkin: it still worked before this fix because of
/dev scan fallback in ioctlLoopCtlGetFree()]
Signed-off-by: Daniel Sweet <danieljsweet@icloud.com>
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit db2bc43017
2019-09-02 18:38:22 +03:00
Sebastiaan van Stijn
a02539b3e8
Harden TestClientWithRequestTimeout
...
DeadlineExceeded now implements a TimeOut() function,
since dc4427f372c7816c5323
2019-08-14 15:21:34 +02:00
Brian Goff
47a7f762d3
Add realChroot for non linux/windows
...
3029e765e234d5b8867f
2019-08-08 18:15:26 +02:00
Justin Cormack
fa8dd90ceb
Initialize nss libraries in Glibc so that the dynamic libraries are loaded in the host
...
environment not in the chroot from untrusted files.
See also OpenVZ a3f732ef75/src/enter.c (L227-L234)
2019-07-25 16:39:05 +00:00
Tibor Vass
186afe3ce3
pkg/archive: keep walkRoot clean if source is /
...
Previously, getWalkRoot("/", "foo") would return "//foo"
Now it returns "/foo"
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 7410f1a859
2019-06-14 04:02:08 +00:00
Tibor Vass
44023afb7d
Revert "Revert "Add chroot for tar packing operations""
...
This reverts commit 96df6d4d0b
2019-06-14 01:37:32 +00:00
Tibor Vass
29ff2800c3
Revert "Revert "Pass root to chroot to for chroot Untar""
...
This reverts commit 60013ba69b
2019-06-14 01:37:30 +00:00
Tibor Vass
60013ba69b
Revert "Pass root to chroot to for chroot Untar"
...
This reverts commit 9781cceb09
2019-06-12 04:06:21 +00:00
Tibor Vass
96df6d4d0b
Revert "Add chroot for tar packing operations"
...
This reverts commit 3e057d527d
2019-06-12 04:06:14 +00:00
Justin Cormack
510e79ebe9
Entropy cannot be saved
...
Remove non cryptographic randomness.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
(cherry picked from commit 2df693e533
2019-06-11 17:40:09 +02:00
Jonas Dohse
e7c02a0508
Stop sorting uid and gid ranges in id maps
...
Moby currently sorts uid and gid ranges in id maps. This causes subuid
and subgid files to be interpreted wrongly.
The subuid file
```
> cat /etc/subuid
jonas:100000:1000
jonas:1000:1
```
configures that the container uids 0-999 are mapped to the host uids
100000-100999 and uid 1000 in the container is mapped to uid 1000 on the
host. The expected uid_map is:
```
> docker run ubuntu cat /proc/self/uid_map
0 100000 1000
1000 1000 1
```
Moby currently sorts the ranges by the first id in the range. Therefore
with the subuid file above the uid 0 in the container is mapped to uid
100000 on host and the uids 1-1000 in container are mapped to the uids
1-1000 on the host. The resulting uid_map is:
```
> docker run ubuntu cat /proc/self/uid_map
0 1000 1
1 100000 1000
```
The ordering was implemented to work around a limitation in Linux 3.8.
This is fixed since Linux 3.9 as stated on the user namespaces manpage
[1]:
> In the initial implementation (Linux 3.8), this requirement was
> satisfied by a simplistic implementation that imposed the further
> requirement that the values in both field 1 and field 2 of successive
> lines must be in ascending numerical order, which prevented some
> otherwise valid maps from being created. Linux 3.9 and later fix this
> limitation, allowing any valid set of nonoverlapping maps.
This fix changes the interpretation of subuid and subgid files which do
not have the ids of in the numerical order for each individual user.
This breaks users that rely on the current behaviour.
The desired mapping above - map low user ids in the container to high
user ids on the host and some higher user ids in the container to lower
user on host - can unfortunately not archived with the current
behaviour.
[1] http://man7.org/linux/man-pages/man7/user_namespaces.7.html
Signed-off-by: Jonas Dohse <jonas@dohse.ch>
(cherry picked from commit c4628d79d2
2019-06-05 14:46:55 +02:00
Brian Goff
3e057d527d
Add chroot for tar packing operations
...
Previously only unpack operations were supported with chroot.
This adds chroot support for packing operations.
This prevents potential breakouts when copying data from a container.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
(cherry picked from commit 3029e765e2
2019-06-03 18:55:45 +02:00
Brian Goff
9781cceb09
Pass root to chroot to for chroot Untar
...
This is useful for preventing CVE-2018-15664 where a malicious container
process can take advantage of a race on symlink resolution/sanitization.
Before this change chrootarchive would chroot to the destination
directory which is attacker controlled. With this patch we always chroot
to the container's root which is not attacker controlled.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
(cherry picked from commit d089b63937
2019-06-03 18:55:37 +02:00
Sebastiaan van Stijn
79b5b19439
Merge pull request #39103 from lsilvs/master
...
Add Satoshi Nakamoto to names generator
2019-04-24 08:29:39 +02:00
Lucas Silvestre
4bfd23b7ee
Add Satoshi Nakamoto to names generator
...
Signed-off-by: Lucas Silvestre <lukas.silvestre@gmail.com>
2019-04-23 10:32:53 +02:00
John Howard
e0b528fe08
LCOW: (Experimental) Require RS5+ builds
...
Signed-off-by: John Howard <jhoward@microsoft.com>
2019-04-18 09:43:37 -07:00
Yong Tang
bfe6a05d5c
Merge pull request #39052 from thaJeztah/more_import_comments
...
Add more import comments
2019-04-11 09:29:43 -07:00
Sebastiaan van Stijn
191c0fec8c
Add Katie Bouman to names generator
...
Katherine Louise Bouman is an imaging scientist and Assistant Professor
of Computer Science at the California Institute of Technology. She
researches computational methods for imaging, and developed an algorithm
that made possible the picture first visualization of a black hole
using the Event Horizon Telescope. - https://en.wikipedia.org/wiki/Katie_Bouman
Thank you for being amazing!
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-04-11 12:43:30 +02:00
Sebastiaan van Stijn
c725eff3e2
Add more import comments
...
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-04-10 16:59:33 +02:00
