docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
9,643 Commits 21 Branches 28 Tags 816 MiB
Commit Graph

100 Commits

Author SHA1 Message Date
Michael Crosby 7a8ea91392 Fix cross compile non cgo and linux systems 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
 2014-07-16 16:57:49 -07:00
Michael Crosby 0d67b420b5 Make tty term exec driver specific 
lxc is special in that we cannot create the master outside of the
container without opening the slave because we have nothing to provide to the
cmd.  We have to open both then do the crazy setup on command right now instead of
passing the console path to lxc and telling it to open up that console.  we save a couple of
openfiles in the native driver because we can do this.
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
 2014-07-16 16:57:49 -07:00
Michael Crosby 1501c342d8 Don't create pty slave in the daemon for native driver 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
 2014-07-16 16:57:19 -07:00
Victor Vieux 6d238c6fba Merge pull request #6797 from zhgwenming/master 
make /.dockerinit bind mount driver specific
 2014-07-16 16:01:43 -07:00
Michael Crosby 7c19499c63 Allow case insensitive caps for add and drop 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
 2014-07-16 11:47:55 -07:00
Albert Zhang b3b6e05f26 since moved the ./dockerinit mount into lxc driver, fix the lxc testcase accordingly 
Docker-DCO-1.1-Signed-off-by: Albert Zhang <zhgwenming@gmail.com> (github: zhgwenming)
 2014-07-15 07:56:19 -04:00
Michael Crosby f00e643576 Update native driver for libcontainer changes 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
 2014-07-14 12:49:50 -07:00
Michael Crosby 7ebd49c49a Merge pull request #6968 from vieux/cap_add_drop 
Add support for --cap-add and --cap-drop
 2014-07-14 10:42:29 -07:00
Victor Vieux c04230c42b add check for invalid caps 
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
 2014-07-11 23:43:21 +00:00
Victor Vieux 064b5f870d support add and drop in both order 
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
 2014-07-11 23:43:21 +00:00
Victor Vieux 222a6f4401 add basic support for 'all' 
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
 2014-07-11 23:43:21 +00:00
Victor Vieux f3ff323fb3 small refactoring 
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
 2014-07-11 23:43:21 +00:00
Victor Vieux 21059af3ac Basic --cap-add and --cap-drop support for lxc 
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
 2014-07-11 23:43:21 +00:00
Victor Vieux 94e6dc9781 Basic --cap-add and --cap-drop support for native 
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
 2014-07-11 23:43:21 +00:00
Victor Vieux e8762bfe39 add FSETID back to the caps whitelist 
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
 2014-07-11 00:30:56 +00:00
unclejack e2c575c5a6 Merge pull request #6756 from kzys/lxc-linux 
Skip lxc_template_unit_test.go on non-Linux platforms
 2014-07-07 18:46:46 +03:00
Victor Vieux d403936818 fix compilation and panic 
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
 2014-07-02 00:54:08 +00:00
Tibor Vass cccb64e863 Add backwards READ compatibility for the old libcontainer API 
Docker-DCO-1.1-Signed-off-by: Tibor Vass <teabee89@gmail.com> (github: tiborvass)
 2014-07-02 00:19:05 +00:00
Tibor Vass 262d45e0fe Use new libcontainer.State API 
Docker-DCO-1.1-Signed-off-by: Tibor Vass <teabee89@gmail.com> (github: tiborvass)
 2014-06-30 18:27:15 -04:00
Kato Kazuyoshi dda0ce6459 Skip lxc_template_unit_test.go on non-Linux platforms 
It doesn't work without lxc-start.

Docker-DCO-1.1-Signed-off-by: Kato Kazuyoshi <kato.kazuyoshi@gmail.com> (github: kzys)
 2014-06-29 17:11:30 +09:00
Michael Crosby c9fdb08bda Update libcontainer Context changes 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
 2014-06-26 16:56:39 -07:00
Solomon Hykes c9e647e42f Merge pull request #6218 from vieux/update_maintainers 2014-06-25 17:00:32 -07:00
Michael Crosby 1dc8e2ffab Rename libcontainer.Container to libcontainer.Config 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
 2014-06-24 11:31:03 -07:00
Michael Crosby cee6f4506c Update libcontainer references 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
 2014-06-24 11:31:03 -07:00
Michael Crosby 707ef9618b Update close fd issues for lxc 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
 2014-06-19 16:02:21 -04:00
Michael Crosby d31ae5aed8 Use libcontainer cap drop method 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
 2014-06-19 16:00:53 -04:00
Dinesh Subhraveti cf331cdd6a Maintain a whitelist of capabilities rather than droplist 
This fixes 6/18 vulnerability

Docker-DCO-1.1-Signed-off-by: Dinesh Subhraveti <dineshs@altiscale.com> (github: dineshs-altiscale)
 2014-06-19 03:34:04 -04:00
Victor Vieux 06248d745a update MAINTAINERS files 
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
 2014-06-16 22:20:07 +00:00
Solomon Hykes 41d437117d Guillaume is busy full-time on his new business, and no longer available 
as a maintainer.

Best of luck on your e-commerce business Guillaume, and thanks for all
the great contributions!

Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)
 2014-06-16 06:22:15 -07:00
Michael Crosby c99ee556d4 Merge pull request #6060 from dineshs-altiscale/maintainers 
Add Dinesh Subhraveti to MAINTAINERS
 2014-06-11 14:37:01 -07:00
Michael Crosby 8194556337 Update libcontainer imports 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-06-10 19:58:15 -07:00
Michael Crosby bae6a5a616 Gofmt imports 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-06-09 16:01:57 -07:00
Michael Crosby 6158ccad97 Move libcontainer deps into libcontainer 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-06-09 15:52:12 -07:00
Michael Crosby fa72eb3a58 Add CAP_KILL to unprivileged containers 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-06-07 15:18:18 -07:00
Victor Vieux 30ba7546cb add wait4 after kill 
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
 2014-06-06 00:32:14 +00:00
Michael Crosby 8aff01c0b4 Rename nsinit package to namespaces in libcontainer 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-06-04 15:47:57 -07:00
Chris Alfonso 26246ebd53 Integrating systemd freeze functionality. 
This pulls together #6061 and #6125

Docker-DCO-1.1-Signed-off-by: Chris Alfonso <calfonso@redhat.com> (github: calfonso)
 2014-06-04 13:33:44 -06:00
Ian Main b054569cde Add ability to pause/unpause containers via cgroups freeze 
This patch adds pause/unpause to the command line, api, and drivers
for use on containers.  This is implemented using the cgroups/freeze
utility in libcontainer and lxc freeze/unfreeze.

Co-Authored-By: Eric Windisch <ewindisch@docker.com>
Co-Authored-By: Chris Alfonso <calfonso@redhat.com>
Docker-DCO-1.1-Signed-off-by: Ian Main <imain@redhat.com> (github: imain)
 2014-06-04 13:33:44 -06:00
unclejack 1ef3ca83d8 apparmor: write & load the profile on every start 
Docker-DCO-1.1-Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> (github: unclejack)
 2014-06-04 00:56:35 +03:00
Albert Zhang b611198d28 mount of /.dockerinit is not needed for native driver, so move it into lxc driver 
Docker-DCO-1.1-Signed-off-by: Albert Zhang <zhgwenming@gmail.com> (github: zhgwenming)
 2014-06-03 18:13:54 +08:00
Michael Crosby 41f7cef2bd Add SYS_CHROOT cap to unprivileged containers 
Fixes #6103
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-06-02 18:23:47 -07:00
Shane Canon f9705477d0 Fix for setuid race condition in LXC driver 
This is a fix for a race condition in the LXC driver.  This is described
more in issue #6092.

Closes #6092

Docker-DCO-1.1-Signed-off-by: Shane Canon <scanon@lbl.gov> (github: scanon)
 2014-05-31 10:42:48 -07:00
Michael Crosby 69989b7c06 Ensure all dev nodes are copied for privileged 
This also makes sure that devices are pointers to avoid copies
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-05-30 18:39:11 -07:00
unclejack 0ef637722f Merge pull request #6097 from timthelion/consistentdevices 
Refactor device handling code
 2014-05-31 03:34:52 +03:00
Timothy Hobbs 608702b980 Refactor device handling code 
We now have one place that keeps track of (most) devices that are allowed and created within the container.  That place is pkg/libcontainer/devices/devices.go

This fixes several inconsistencies between which devices were created in the lxc backend and the native backend.  It also fixes inconsistencies between wich devices were created and which were allowed.  For example, /dev/full was being created but it was not allowed within the cgroup.  It also declares the file modes and permissions of the default devices, rather than copying them from the host.  This is in line with docker's philosphy of not being host dependent.

Docker-DCO-1.1-Signed-off-by: Timothy Hobbs <timothyhobbs@seznam.cz> (github: https://github.com/timthelion)
 2014-05-30 19:21:29 +00:00
Alexandr Morozov 64bd6a6a53 Fix race in native driver on activeContainers usage 
Docker-DCO-1.1-Signed-off-by: Alexandr Morozov <lk4d4math@gmail.com> (github: LK4D4)
 2014-05-30 14:16:00 +04:00
Victor Marmol 5e2af07137 Merge pull request #5868 from jhspaybar/5749-libcontainerroutes 
libcontainer support for arbitrary route table entries
 2014-05-28 10:50:56 -07:00
William Thurston bf7f360dca Fixes #5749 
libcontainer support for arbitrary route table entries

Docker-DCO-1.1-Signed-off-by: William Thurston <me@williamthurston.com> (github: jhspaybar)
 2014-05-28 17:42:02 +00:00
Michael Crosby 5310e8575f Update lxc to use cmd.Wait() 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-05-27 13:52:05 -07:00
Dinesh Subhraveti 249524ec49 Add Dinesh Subhraveti to MAINTAINERS 
Docker-DCO-1.1-Signed-off-by: Dinesh Subhraveti <dineshs@altiscale.com> (github: dineshs-altiscale)
 2014-05-27 16:45:17 -04:00