as of Ubuntu Yakkety, dirmngr is now in a separate
package (see https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1634464)
this patch updates the install script to install
the dirmngr package if it's not installed.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit f5263c8074)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
This bumps RunC and libcontainer to fix a regression
in 1.13 that caused SELinux labels to not be
applied correctly.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The base selinux policies on centos/rhel/oraclelinux have all been
updated in a way that conflicts with the policies we install with
`docker-engine-selinux`. This patch fixes these conflicts.
In addition, removes special cases for old/unsupported versions of
fedora in our selinux package, and change to use a single minimum
version for the selinux base policy package, as this is the minimum
version required to use our selinux policy package.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
(cherry picked from commit ec9a05e5e2)
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
The install script currently includes some
distros that we don't actually have packages
for.
For these distros, the script currently
performs step to install Docker from
the distro's repository.
This patch removes those distros from
the install script, because we have no
control over these packages, and cannot
provide support for them.
Installing docker anyway will give the
false impression that they installed
a package from our repository (but they
didn't), and that they need to contact
us for support.
It's better to tell people that we don't
install in that case, and refer them to
the installation documentation, or the
documentation of their distro.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 29b98b6ee6)
Signed-off-by: Victor Vieux <vieux@docker.com>
Modify the service update and create APIs to return optional warning
messages as part of the response. Populate these messages with an
informative reason when digest resolution fails.
This is a small API change, but significantly improves the UX. The user
can now get immediate feedback when they've specified a nonexistent
image or unreachable registry.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
(cherry picked from commit 948e60691e)
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
This is a temporary version for building
Fedora 25. Fedora 25 will be released during
code-freeze, and is currently in beta, so no
official images are available yet.
Current release date is scheduled for 2016-11-15
https://fedoraproject.org/wiki/Releases/25/Schedule
Once released, the image will be updated for
GA
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
There is no reason to duplicate efforts and tini is well built and
better than grimes. It is a much stronger option for the default init
and @krallin has done a great job maintaining it and helping make
changes so that it will work with Docker.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
This version:
- properly follow context cancellation on Start and Exec
- add support for Solaris
- ensure exec exit events are always seen before init's
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
- yamllint to ensure it is a valid YAML file
- go-swagger validate to ensure it is a valid swagger file
Signed-off-by: Ben Firshman <ben@firshman.co.uk>
Until we can support existing behaviour with `sudo` disable
ambient capabilities in runc build.
Add tests that non root user cannot use default capabilities,
and that capabilities are working as expected.
Test for #27590
Update runc.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
The validate-lint script excludes any package names that match
api/types. However, the only subpackage that appears to cause issues is
api/types/container (due to stuttering names). Tighten the filtering so
that other code inside api/types is validated.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>