Fix race condition issue to solve an issue about "panic: runtime error: invalid memory address or nil pointer dereference".
This fix stabilize Docker daemon under the situation of communication problem with Fluentd processes.
Signed-off-by: Satoshi Tagomori <tagomoris@gmail.com>
(cherry picked from commit 87124b9d62bc71f7632126cf7f8d5eb805c4a7f1)
Signed-off-by: Victor Vieux <vieux@docker.com>
Fixes#26394
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
(cherry picked from commit f528690674712b680caf2712092c7e2f8f236491)
Signed-off-by: Victor Vieux <vieux@docker.com>
Update apparmor error message
(cherry picked from commit e168f0b4ad4dfc11a4423a6785d80153f0969808)
Signed-off-by: Charles Smith <charles.smith@docker.com>
- Fixes a SNAT issue in loadbalancer when multiple networks are involved
- Fixes an issue with SRV query forwarding in DNS
- Fixes a map race
Signed-off-by: Jana Radhakrishnan <mrjana@docker.com>
(cherry picked from commit 56c98226955d98a2ba6a99bffd3a9a80d691e4a7)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit e1c7ad871f6fd41a7682cf7effb02838ab679ae3)
Signed-off-by: Tibor Vass <tibor@docker.com>
This patch allows to only release the packages that were built and are
present under the bundles/ directory instead of assuming packages exist
for all distros enumerated in the contrib/builder/ directory.
It also now adds support for armhf architecture for apt repositories.
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 2ff2e9a73076b737948c68c26f26b7bda5ac7db8)
Signed-off-by: Tibor Vass <tibor@docker.com>
This adds the ability to have different profiles for individual distros
and versions of the distro because they all ship with and depend on
different versions of policy packages.
The `selinux` dir contains the unmodified policy that is being used
today. The `selinux-fedora` dir contains the new policy for fedora 24
with the changes for it to compile and work on the system.
The fedora policy is from commit
4a6ce94da5
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
(cherry picked from commit 32b1f26c5111b22fe4277879c4f5e4687a6a72fc)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Daniel Nephin <dnephin@docker.com>
(cherry picked from commit 1ea9c19ffe53811931ecd3102703c3eacb22d14c)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Daniel Nephin <dnephin@docker.com>
(cherry picked from commit 7004f219f5d0fe99de0dadf319381d224866eb7c)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit e3c150bd470162d7a1a168f125a5e9a3b32b6a00)
Signed-off-by: Tibor Vass <tibor@docker.com>
When using encrypted vxlan network, some of the xfrm states are left
stale. This fix also filters out self advertise-addr rules.
Signed-off-by: Madhu Venugopal <madhu@docker.com>
(cherry picked from commit 6a754a4eef4463ed7c712a1ebe5bc38e2a957c42)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 9a3e47511ab9faac599b8f085a1b755ec941e49c)
Signed-off-by: Tibor Vass <tibor@docker.com>
This commit update swarmkit to 9ee5fc3b8db5de8c8593a57bc45fc178f74ceee1.
This is part of step to fix#24270.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
(cherry picked from commit 467107cd401ce9d3678e4f7ec1abfb65a0e46018)
Signed-off-by: Tibor Vass <tibor@docker.com>
This version introduces the following:
- uses nanosecond timestamps for event
- ensure events are sent once their effect is "live"
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
(cherry picked from commit 29b2714580d085533c29807fa337c2b7a302abb6)
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Daniel Nephin <dnephin@docker.com>
(cherry picked from commit 47cca88c8c151ebf3dd25adcf28ac1b2f75c76fb)
Signed-off-by: Tibor Vass <tibor@docker.com>
Use the generate.sh script instead of md2man directly.
Update Dockerfile for generating man pages.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
(cherry picked from commit 00a8a40398263429f99b1a5f0be59048e1c6f38d)
Signed-off-by: Tibor Vass <tibor@docker.com>
Fixes#23981
The selinux issue we are seeing in the report is related to the socket
file for docker and nothing else. By removing the socket docker starts
up correctly.
However, there is another motivation for removing socket activation from
docker's systemd files and that is because when you have daemons running
with --restart always whenever you have a host reboot those daemons
will not be started again because the docker daemon is not started by
systemd until a request comes into the docker API.
Leave it for deb based systems because everything is working correctly
for both socket activation and starting normally at boot.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
(cherry picked from commit 04104c3a1e6cad30cb41b762e8832215466c0e95)
Signed-off-by: Tibor Vass <tibor@docker.com>
following the announcement;
https://groups.google.com/forum/m/#!topic/golang-announce/7JTsd70ZAT0
> [security] Go 1.6.3 and Go 1.7rc2 pre-announcement
>
> Hello gophers,
> We plan to issue Go 1.6.3 and Go 1.7rc2 on Monday July 18 at approximately 2am UTC.
> These are minor release to fix a security issue.
>
> Following our policy at https://golang.org/security, this is the pre-announcement of those releases.
>
> Because we are so late in the release cycle for Go 1.7, we will not issue a minor release of Go 1.5.
> Additionally, we plan to issue Go 1.7rc3 later next week, which will include any changes between 1.7rc1 and tip.
>
> Cheers,
> Chris on behalf of the Go team
**Note:**
the man/Dockerfile is not yet updated, because
the official image for Go 1.6.2 has not yet
been updated.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 589bafddf391cbf6aff8b22044266dc819cdcaeb)
Signed-off-by: Tibor Vass <tibor@docker.com>
CrazyMax
Allie Sadler
David Karlsson
Misty Stanley-Jones
Victor Vieux
Madhu Venugopal
Satoshi Tagomori
Brian Goff
Alessandro Boch
Kenfe-Mickael Laventure
Aaron Lehmann
Sven Dowideit
Tibor Vass
Jana Radhakrishnan
Dieter Reuter
Santhosh Manohar
Michael Crosby
Daniel Nephin
Sebastiaan van Stijn
Alexandre Beslic
Yong Tang