This option was incorrectly ported to the new `daemon` subcommand
structure.
Beside the obvious effect that completion of `docker daemon --log-opt`
did not work, this also caused completion of `docker` and `docker xxx`
to fail on macs with
> bash: words: bad array subscript
Signed-off-by: Harald Albers <github@albersweb.de>
Allow the user to configure how Docker's bash completion works for the
"events", "history", "inspect", "run", "rmi" and "save" commands through the
following environment variables:
DOCKER_COMPLETION_SHOW_IMAGE_IDS
"none" - Show names only (default)
"non-intermediate" - Show names and ids, but omit intermediate image IDs
"all" - Show names and ids, including intermediate image IDs
DOCKER_COMPLETION_SHOW_TAGS
"yes" - include tags in completion options (default)
"no" - don't include tags in completion options
Fixes#9474.
Signed-off-by: Rory Hunter <roryhunter2@gmail.com>
This reverts commit 40b71adee3.
Original commit (for which this is effectively a rebased version) is
72a500e9e5 and was provided by Lei Jitang
<leijitang@huawei.com>.
Signed-off-by: Tim Dettrick <t.dettrick@uq.edu.au>
All docker subcommands support `-h` as an alias for `--help`
unless they have `-h` aliased to something else like `docker run`,
which uses `-h` for `--hostname`.
`-h` is not included in the help messages of the commands, though.
It ist visible in
* reference: only in `docker daemon` reference,
see output of `grep -Rse --help=false docs`
* man pages: only in `docker` man page
see output of `grep -RF '**-h**' man`
For consistency reasons, this commit removes `-h` as an alias for
`--help` from the reference page, man page and the bash completion.
Signed-off-by: Harald Albers <github@albersweb.de>
The docker script in contrib/init/sysvinit-redhat will fail silently on
a start if Docker is not installed in the default /usr/bin/ location.
While a non-zero exit code is returned the user will receive no visible
indication (i.e. error message) as to why Docker was not started.
This commit changes the logic so that in the case that the docker
executable is not found in the expected location or the user does not
have execute permissions on the executable appropriate error messages
are now shown to the user as well as exiting with a non-zero exit code
Signed-off-by: Rob Vesse <rvesse@dotnetrdf.org>
The custom configuration will also be used in docker invocations made
by the completion script itself, just like `-H`.
Signed-off-by: Harald Albers <github@albersweb.de>
It's a bit confusing: the "global options" are valid as "global options"
for all client commands (i.e. all but daemon).
Example: `docker --log-level info run`
For `docker daemon`, these "global options" are only valid as "command
options".
Example: `docker daemon --log-level info`
As command completion cannot tell which command the user is going to
type next, completion for the daemon command has to allow illegal
syntaxes like
`docker --log-level info daemon --log-level info`
Signed-off-by: Harald Albers <github@albersweb.de>
Add tools to the apparmor profile that are needed when -s devicemapper is
in the docker daemon's command line.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
Currently the service type is 'simple', the default, meaning that
docker.service is considered to be started straight after
spawning. This is incorrect as there is significant amount of time
between spawning and docker ready to accept connections on the passed
sockets. Docker does implement systemd socket activate and
notification protocol, and send the ready signal to systemd, once it
is ready. However for systemd to take those notifications into
account, the service file type should be set to notify.
Signed-off-by: Dimitri John Ledkov <dimitri.j.ledkov@intel.com>
The engine policy will now only complain
as a temporary measure to ensure we do not
cause breakages while users exercise this
policy.
This is NOT the policy for containers, but
for the newly-introduced policy for the
daemon itself.
Signed-off-by: Eric Windisch <eric@windisch.us>
Implements the policies for the remaining binaries
called by the Docker engine and eliminates the
giant whitelisted 'all files' permission in favor
of granular whitelisting and child-specific policies.
It should be possible now to remove the 'file' permission,
but for the sake of keeping Docker unbroken, we'll try
to gradually tighten the policy.
Signed-off-by: Eric Windisch <eric@windisch.us>
Will attempt to load profiles automatically. If loading fails
but the profiles are already loaded, execution will continue.
A hard failure will only occur if Docker cannot load
the profiles *and* they have not already been loaded via
some other means.
Also introduces documentation for AppArmor.
Signed-off-by: Eric Windisch <eric@windisch.us>
A bash completion file shouldn't have a executable bit set.
Just change file mode to 644 (instead of 755).
Signed-off-by: Dieter Reuter <dieter.reuter@me.com>
Jessie Frazelle
David Calavera
Qiang Huang
Jessica Frazelle
Lei Jitang
Harald Albers
Sebastiaan van Stijn
Rory Hunter
Tim Dettrick
Tibor Vass
Brian Goff
Veres Lajos
Rob Vesse
Eric Windisch
Stefan Berger
Dimitri John Ledkov
Dieter Reuter
Tianon Gravi
Alexander Morozov