915d967f55
Update email + add self to pkg/signal
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume@charmes.net> (github: creack)
2014-03-10 20:26:45 -07:00
b2cd89056f
Like signal_linux.go, we don't have import os and os/signal
...
Docker-DCO-1.1-Signed-off-by: Kato Kazuyoshi <kato.kazuyoshi@gmail.com> (github: kzys)
2014-03-11 23:14:58 +09:00
b5a544b02e
Merge pull request #4563 from creack/signal-improvment
...
Signal improvments
2014-03-10 17:59:17 -07:00
923962a4b5
Merge pull request #4515 from vieux/improve_sort_flags
...
improve alpha sort in mflag
2014-03-10 17:45:41 -07:00
157f24ca77
Make docker use the signal pkg with strings
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume@charmes.net> (github: creack)
2014-03-10 17:36:47 -07:00
10dc16dcd3
Create portable signalMap
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume@charmes.net> (github: creack)
2014-03-10 17:36:41 -07:00
c563262239
Move signal to pkg
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume@charmes.net> (github: creack)
2014-03-10 17:36:32 -07:00
03211ecce0
nsinit: prefix errors with their source
...
Docker-DCO-1.1-Signed-off-by: Sridhar Ratnakumar <github@srid.name> (github: srid)
2014-03-10 17:08:50 -07:00
8bcb156694
Merge pull request #3985 from creack/add_freebsd_support
...
Add freebsd client support
2014-03-11 00:58:30 +02:00
6ccfb7fb9a
Update bsd specs
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
2014-03-10 15:19:08 -07:00
fde5f573d3
move opts out of pkg because it's related to docker
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <victor.vieux@docker.com> (github: vieux)
2014-03-10 21:10:23 +00:00
d648708d02
remove utils.go
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <victor.vieux@docker.com> (github: vieux)
2014-03-10 21:06:27 +00:00
bb43761940
Merge branch 'master' into add_freebsd_support
...
Conflicts:
archive/archive.go
archive/start_unsupported.go
2014-03-10 13:20:49 -07:00
7da37fec13
handle capital
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <victor.vieux@docker.com> (github: vieux)
2014-03-07 23:40:45 +00:00
36dd124b16
Add env var to toggle pivot root or ms_move
...
Use the DOCKER_RAMDISK env var to tell the native driver not to use
a pivot root when setting up the rootfs of a container.
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-03-06 19:30:52 -08:00
3729ece2ea
improve alpha sort in mflag
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <victor.vieux@docker.com> (github: vieux)
2014-03-07 02:20:59 +00:00
c38635020a
Revert "Revert "libcontainer: Use pivot_root instead of chroot""
...
This reverts commit 82f797f140
2014-03-06 17:19:59 -08:00
557e4fef44
Revert "Revert "libcontainer: Use MS_PRIVATE instead of MS_SLAVE""
...
This reverts commit bd263f5b15
2014-03-06 17:19:47 -08:00
78dc1ede52
Merge pull request #4512 from crosbymichael/no-pivot-root
...
No pivot root because of ramdisk
2014-03-07 02:54:03 +02:00
bd263f5b15
Revert "libcontainer: Use MS_PRIVATE instead of MS_SLAVE"
...
This reverts commit 757b577572
2014-03-06 16:41:03 -08:00
82f797f140
Revert "libcontainer: Use pivot_root instead of chroot"
...
This reverts commit 5b5c884cc8
2014-03-06 16:32:06 -08:00
ea9bce8724
Ensure that native containers die with the parent
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-03-06 16:30:56 -08:00
772ef99d28
Remove the ghosts and kill everything
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-03-06 15:30:26 -08:00
b722aa21b7
Merge pull request #4506 from creack/fix_apparmor
...
Use CGO for apparmor profile switch
2014-03-06 13:37:34 -08:00
0b23393ba1
Update build tags such that we can properly compile on all platforms (especially for packagers), and updated hack/PACKAGERS.md to mention the DOCKER_BUILDTAGS variable that will need to be set for binaries that might be used on AppArmor (such as Debian and especially Ubuntu)
...
Docker-DCO-1.1-Signed-off-by: Andrew Page <admwiggin@gmail.com> (github: tianon)
2014-03-06 13:39:17 -07:00
c89fa6645e
Add buildflags to allow crosscompilation for apparmor
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
2014-03-06 12:05:03 -08:00
31f62b934b
Merge pull request #4503 from unclejack/attempt_to_fix_apparmor_profile
...
remove dbus from apparmor profile for Ubuntu 12.04
2014-03-06 11:20:06 -08:00
f0f833c6d7
Use CGO for apparmor profile switch
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
2014-03-06 11:10:58 -08:00
46fdb6af8e
remove dbus from apparmor profile
...
This removes the dbus entry from the apparmor profile Docker creates.
Docker-DCO-1.1-Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> (github: unclejack)
2014-03-06 19:47:03 +02:00
5c9b28db18
libcontainer: Don't use UsetCloseOnExec, it is racy
...
We can't keep file descriptors without close-on-exec except with
syscall.ForkLock held, as otherwise they could leak by accident into
other children from forks in other threads.
Instead we just use Cmd.ExtraFiles which handles all this for us.
This fixes https://github.com/dotcloud/docker/issues/4493
Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
2014-03-06 14:10:32 +01:00
920a6ca54c
Generate and load custom docker profile for apparmor
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
2014-03-05 15:02:11 -08:00
37f137c822
Some cleanup around logs
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-03-05 13:50:49 -08:00
cb4189a292
Add AppArmor support to native driver + change pipe/dup logic
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
2014-03-05 13:08:24 -08:00
069dc7f8c7
fix panic with only long flags or only one deprecatd
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <victor.vieux@docker.com> (github: vieux)
2014-03-05 19:45:57 +00:00
089bf5e11e
fix usage for completly deprecated flag
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <victor.vieux@docker.com> (github: vieux)
2014-03-05 19:27:39 +00:00
858d0356fd
Merge pull request #4278 from alexlarsson/system
...
Create pkg/system and move stuff there from archive
2014-03-05 12:32:35 -05:00
d6114c0da0
Create pkg/system and move stuff there from archive
...
This is a package for generic system calls etc that for some reason
is not yet supported by "syscall", or where it is different enough
for the different ports to need portability wrappers.
Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
2014-03-05 14:05:32 +01:00
757b577572
libcontainer: Use MS_PRIVATE instead of MS_SLAVE
...
Now that we unmount all the mounts from the global namespace we can
use a private namespace rather than a slave one (as we have no need
for unmounts of inherited global mounts to propagate into the
container).
Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
2014-03-05 09:40:54 +01:00
b07708c8de
Add shm size cap to mount
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-03-04 14:18:40 -08:00
57a47f5bbf
Remove /dev tmpfs mountpoint
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
2014-03-04 13:21:22 -08:00
c74a8b28cd
remove /run mountpoint
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
2014-03-04 12:32:17 -08:00
39d58129c3
Remove loopback mount bind
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
2014-03-04 12:30:52 -08:00
b63709c1f1
Merge pull request #4452 from crosbymichael/small-fixes-to-libcontainer
...
Add find tests and remove panic in DEBUG
2014-03-04 14:37:41 -05:00
7e52445f2f
Add find tests and remove panic in DEBUG
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-03-04 08:55:12 -08:00
5b5c884cc8
libcontainer: Use pivot_root instead of chroot
...
Instead of keeping all the old mounts in the container namespace and
just using subtree as root we pivot_root so that the actual root in
the namespace is the root we want, and then we unmount the previous
mounts.
This has multiple advantages:
* The namespace mount tree is smaller (in the kernel)
* If you break out of the chroot you could previously access the host
filesystem. Now the host filesystem is fully invisible to the namespace.
* We get rid of all unrelated mounts from the parent namespace, which means
we don't hog these. This is important if we later switch to MS_PRIVATE instead
of MS_SLAVE as otherwise these mounts would be impossible to unmount from the
parent namespace.
Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
2014-03-04 12:44:08 +01:00
69c69059fc
Merge pull request #4327 from crosbymichael/add-libcontainer
...
Add native execution driver to docker and make it the default
2014-03-03 16:34:20 -08:00
2e71adac9f
very minor spelling
...
Docker-DCO-1.1-Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au> (github: SvenDowideit)
2014-03-04 10:12:12 +10:00
5465fdf00f
Factor out finalize namespace
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-03-03 12:15:47 -08:00
bb5ed45224
add warning for deprecatd flags
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <victor.vieux@docker.com> (github: vieux)
2014-03-03 19:57:05 +00:00
2f35f8e2a8
Update readme to remove .nspid
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-03-03 11:31:37 -08:00
Guillaume J. Charmes
Kato Kazuyoshi
Michael Crosby
srid
unclejack
Victor Vieux
Michael Crosby
Guillaume J. Charmes
Tianon Gravi
Guillaume J. Charmes
unclejack
Alexander Larsson
Sven Dowideit