This patch creates a new `tlsconfig` package to handle creation of
secure-enough TLS configurations for clients and servers.
The package was created by refactoring TLS code in the client and the
daemon. After this patch, it is expected that all code creating TLS
configurations use this `tlsconfig` package for greater security,
consistency and readability.
On the server side, this fixes a bug where --tlsverify was not taken
into account. Now, if specified, it will require the client to
authenticate.
Signed-off-by: Tibor Vass <tibor@docker.com>
The DOCKER_EXPERIMENTAL environment variable drives the activation of
the 'experimental' build tag.
Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com>
Before this PR the list of commands that were printed for the help
text was statically put into the flags.Usage() function via main.init(). This
made it impossible to modify later on when we add new commands
via plugins.
This PR moves the list of commands (name & description) into a structure
that is sorted and printed dynamically by the Usage func. This will allow
the code to add to the list of commands after the init() func is done
but before the help text is printed for the user.
This just moves code around - it should have no UX impact at all.
Signed-off-by: Doug Davis <dug@us.ibm.com>
* daemon creation wasn't parallel to request buffering
* it was possible that empty volume will be created in
/var/run/docker.sock by some container
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
It is simplifies code and lead to next refactoring step, where daemon
will be incorporated to some structure which represents API.
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
This makes `registry.Service` a first class type and does not use jobs
to interact with this type.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Currently the daemon will not stop on error because the serve API job is
blocking the channel wait for daemon init. A better way is to run the
blocking serve API job as a goroutine and make sure that error
notification gets back to the main daemon thread (using the already
existing channel) so that clean shutdown can occur on error.
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
It is implemented by intercepting and interpreting the output
escape sequence by calling win32 console apis.
In addition the input from win32 console is translated to linux keycodes
Signed-off-by: Sachin Joshi <sachin_jayant_joshi@hotmail.com>
Previously on error either from the daemon or from the api it is just
exiting with exit status 1 but not performing a shutdown.
This can produce insconsistent state depending on where the error came
from.
This makes sure that before we exit on error that the engine gets fully
shutdown.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
In order to fit printed messages to fit 80 chars,
rewording messages for `-H` and `--tls` flags.
Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
Refactored getHomeDir in docker/docker to GetHomeDir in utils
pkg. Currently covers all use cases on the client-side.
Signed-off-by: Ahmet Alp Balkan <ahmetb@microsoft.com>
This modifies the "docker help" text so that it is no wider than 80 chars
and each description fits on one line. This will also try to use ~ when
possible
Added a test to make sure we don't go over 80 chars again.
Added a test to make sure we use ~
Applied rules/tests to all docker commands - not just main help text
Closes#10214
Signed-off-by: Doug Davis <dug@us.ibm.com>
Docker inspect can also be used on images, this patch fixed the
minor typo in file docker/flags.go and docs/man/docker.1.md
Signed-off-by: DiuDiugirl <sophia.wang@pku.edu.cn>
Passing RepositoryInfo to ResolveAuthConfig, pullRepository, and pushRepository
Moving --registry-mirror configuration to registry config
Created resolve_repository job
Repo names with 'index.docker.io' or 'docker.io' are now synonymous with omitting an index name.
Adding test for RepositoryInfo
Adding tests for opts.StringSetOpts and registry.ValidateMirror
Fixing search term use of repoInfo
Adding integration tests for registry mirror configuration
Normalizing LookupImage image name to match LocalName parsing rules
Normalizing repository LocalName to avoid multiple references to an official image
Removing errorOut use in tests
Removing TODO comment
gofmt changes
golint comments cleanup. renaming RegistryOptions => registry.Options, and RegistryServiceConfig => registry.ServiceConfig
Splitting out builtins.Registry and registry.NewService calls
Stray whitespace cleanup
Moving integration tests for Mirrors and InsecureRegistries into TestNewIndexInfo unit test
Factoring out ValidateRepositoryName from NewRepositoryInfo
Removing unused IndexServerURL
Allowing json marshaling of ServiceConfig. Exposing ServiceConfig in /info
Switching to CamelCase for json marshaling
PR cleanup; removing 'Is' prefix from boolean members. Removing unneeded json tags.
Removing non-cleanup related fix for 'localhost:[port]' in splitReposName
Merge fixes for gh9735
Fixing integration test
Reapplying #9754
Adding comment on config.IndexConfigs use from isSecureIndex
Remove unused error return value from isSecureIndex
Signed-off-by: Don Kjer <don.kjer@gmail.com>
Adding back comment in isSecureIndex
Signed-off-by: Don Kjer <don.kjer@gmail.com>
--help and help are successful commands so output should not go to error.
QE teams have requested this change, also users doing docker help | less
or docker run --help | less would expect this to work.
Usage statement should only be printed when the user asks for it.
Errors should print error message and then suggest the docker COMMAND --help
command to see usage information.
The current behaviour causes the user to have to search for the error message
and sometimes scrolls right off the screen. For example a error on a
"docker run" command is very difficult to diagnose.
Finally erros should always exit with a non 0 exit code, if the user
makes a CLI error.
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
I also needed to add a mflag.IsSet() function that allows you to check
to see if a certain flag was actually specified on the cmd line.
Per #9221 - also tweaked the docs to fix a typo.
Closes#9221
Signed-off-by: Doug Davis <dug@us.ibm.com>
Next steps, in another PR, would be:
- make all logging go through the logrus stuff
- I'd like to see if we can remove the env var stuff (like DEBUG) but we'll see
Closes#5198
Signed-off-by: Doug Davis <dug@us.ibm.com>
graphdriver is not always specified when the log printed, because
it's provided in another thread. This patch will fix this.
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
This removes the key generation for trust from main while it is not
being consumed. The problem is that because this is being set in main
if a user runs as root initially the files will be owned by root. Later
if the user sets up the docker group they are unable to read the keys.
This is half a user error and documentation problem and the other half
is management.
We decided to remove this code for now while it is not being used and
will revisit it later when the consuming features are added. A few
options are to generate lazily and provide a clear error message on an
EPERM so that the user knows what is wrong and can correct the
permissions.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
This makes it possible to make the Docker client "secure by default"
without wrapping the binary in a shell alias so that `--tlsverify` is
always passed.
Signed-off-by: Aanand Prasad <aanand.prasad@gmail.com>
This exposes the already existing "create container" operation. It is
very similar to "docker run -d" except it doesn't actually start the
container, but just prepares it. It can then be manually started using
"docker start" at any point.
Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
Conflicts:
api/client/commands.go
runconfig/parse.go
server/container.go
Docker-DCO-1.1-Signed-off-by: Tibor Vass <teabee89@gmail.com> (github: tiborvass)
--help and help are successful commands so output should not go to error.
QE teams have requested this change, also users doing docker help | less
or docker run --help | less would expect this to work.
Usage statement should only be printed when the user asks for it.
Errors should print error message and then suggest the docker COMMAND --help
command to see usage information.
The current behaviour causes the user to have to search for the error message
and sometimes scrolls right off the screen. For example a error on a
"docker run" command is very difficult to diagnose.
Finally erros should always exit with a non 0 exit code, if the user
makes a CLI error.
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
This changes the way the exec drivers work by not specifing a -driver
flag on reexec. For each of the exec drivers they register their own
functions that will be matched aginst the argv 0 on exec and called if
they match.
This also allows any functionality to be added to docker so that the
binary can be reexec'd and any type of function can be called. I moved
the flag parsing on docker exec to the specific initializers so that the
implementations do not bleed into one another. This also allows for
more flexability within reexec initializers to specify their own flags
and options.
Signed-off-by: Michael Crosby <michael@docker.com>
That job was a hacky solution to a real race condition. This removes the
hack without re-introducing the race.
Signed-off-by: Solomon Hykes <solomon@docker.com>
This disentangles the following functions, which were previously all mixed together:
* 1) Waiting for jobs to terminate when shutting down
* 2) Handling signals in the Docker daemon
* 3) Per-subsystem cleanup handlers
* 4) pidfile management
Responsibilities are dispatched as follows:
* Signal traps are set in `main`, and trigger `engine.Shutdown`
* `engine.Shutdown` coordinates cleanup by waiting for jobs to complete, and calling shutdown handlers
* To perform cleanup at shutdown, each subsystem registers handlers with `engine.OnShutdown`
* `daemon` is one subsystem, so it registers cleanup via `engine.OnShutdown`.
* `daemon` owns the pidfile, which is used to lock access to `/var/lib/docker`. Part of its cleanup is to remove the pidfile.
Signed-off-by: Solomon Hykes <solomon@docker.com>
DOCKER_CONFIG was introduced in #6984.
We may use "config" for other purposes (e.g. #7232). Until we
have made a design decision around how configuration files will
work, DOCKER_CERT_PATH is a much safer name to rely on for future
compatibility.
Docker-DCO-1.1-Signed-off-by: Ben Firshman <ben@firshman.co.uk> (github: bfirsh)
This works mostly by refactoring our "main" package to be careful about what it imports based on the daemon build tag. :)
Also, I've updated Travis to test "client-only" compilation after it tests the daemon version.
Docker-DCO-1.1-Signed-off-by: Andrew Page <admwiggin@gmail.com> (github: tianon)
functions to pkg/parsers/kernel, and parsing filters to
pkg/parsers/filter. Adjust imports and package references.
Docker-DCO-1.1-Signed-off-by: Erik Hollensbe <github@hollensbe.org> (github: erikh)
Can now dynamically set the docker config directory through an
environment variable.
export DOCKER_CONFIG=/path/to/docker_config/
Default behavior remains the same, e.g. ~/.docker
Documentation for change added to the https.md docs.
Docker-DCO-1.1-Signed-off-by: James A. Kyle <james@jameskyle.org> (github: jameskyle)
In that case /etc/resolv.conf will be generated with no search
option. Usage: --dns-search=.
Docker-DCO-1.1-Signed-off-by: Fabio Falci <fabiofalci@gmail.com> (github: fabiofalci)
The Docker btrfs graph driver does not interact well with SELinux at present.
If btrfs mounts the same file in several locations, the same SELinux label will
be applied to all mountpoints. In the context of the graph driver, things such
as shared libraries become inaccessible to containers due to SELInux, causing
all dynamically linked applications to fail when run in a container.
Consequently, error when we detect the daemon is being run with SELinux enabled
and the btrfs driver. Documentation has been added for this behavior.
Docker-DCO-1.1-Signed-off-by: Matthew Heon <mheon@redhat.com> (github: mheon)
It avoids hidden error when ports are redirected from
container to host using -p host_port:guest_port.
Docker-DCO-1.1-Signed-off-by: Jiří Župka <jzupka@redhat.com> (github: jzupka)
This will allow us to _know_ what the user's -H settings are, which may
be useful for debugging later.
Docker-DCO-1.1-Signed-off-by: Sven Dowideit <SvenDowideit@fosiki.com> (github: SvenDowideit)
This commit makes Docker throw an error if the daemon isn't started as
root.
Docker-DCO-1.1-Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> (github: unclejack)
Added --selinux-enable switch to daemon to enable SELinux labeling.
The daemon will now generate a new unique random SELinux label when a
container starts, and remove it when the container is removed. The MCS
labels will be stored in the daemon memory. The labels of containers will
be stored in the container.json file.
When the daemon restarts on boot or if done by an admin, it will read all containers json files and reserve the MCS labels.
A potential problem would be conflicts if you setup thousands of containers,
current scheme would handle ~500,000 containers.
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: crosbymichael)
This has every container using the docker daemon's pid for the processes
label so it does not work correctly.
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
- Mention that [] options may be specified multiple times on the Usage page
Docker-DCO-1.1-Signed-off-by: Mike MacCana <mike.maccana@gmail.com> (github: mikemaccana)
Docker-DCO-1.1-Signed-off-by: Mike MacCana <mike.maccana@gmail.com> (github: SvenDowideit)
Without creating a root there is no way for the engine to return an
error from the new function.
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
This makes the engine more general purpose so that we can
use it and the job routing functionality for reexec'ing our binary
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Conflicts:
integration/runtime_test.go
