80fca061e7
Change ip allocation logic
...
Now IP reuses only after all IPs from network was allocated
Fixes #5729
Docker-DCO-1.1-Signed-off-by: Alexandr Morozov <lk4d4math@gmail.com> (github: LK4D4)
2014-05-14 06:43:10 +04:00
5128feb690
Refactoring collections/orderedintset and benchmarks for it
...
Docker-DCO-1.1-Signed-off-by: Alexandr Morozov <lk4d4math@gmail.com> (github: LK4D4)
2014-05-14 06:04:12 +04:00
adbe3096e8
Add cpuset cpus support for docker
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-05-13 18:17:12 -07:00
4de6810be9
Merge pull request #5786 from crosbymichael/cpuset-copy
...
Copy parents cpus and mems for cpuset
2014-05-13 18:16:47 -07:00
0fb507dc23
daemon: *: refactored container resource path generation
...
This patch is a preventative patch, it fixes possible future
vulnerabilities regarding unsantised paths. Due to several recent
vulnerabilities, wherein the docker daemon could be fooled into
accessing data from the host (rather than a container), this patch
was created to try and mitigate future possible vulnerabilities in
the same vein.
Docker-DCO-1.1-Signed-off-by: Aleksa Sarai <cyphar@cyphar.com> (github: cyphar)
2014-05-14 11:15:50 +10:00
79ca77f3e8
integration-cli: cp: added tests for cp
...
This patch adds integration tests for the copying of resources
from a container, to ensure that regressions in the security of
resource copying can be easily discovered.
Docker-DCO-1.1-Signed-off-by: Aleksa Sarai <cyphar@cyphar.com> (github: cyphar)
2014-05-14 11:14:59 +10:00
bfc3a4192a
daemon: container: ensure cp cannot traverse outside container rootfs
...
This patch fixes the bug that allowed cp to copy files outside of
the containers rootfs, by passing a relative path (such as
../../../../../../../../etc/shadow). This is fixed by first converting
the path to an absolute path (relative to /) and then appending it
to the container's rootfs before continuing.
Docker-DCO-1.1-Signed-off-by: Aleksa Sarai <cyphar@cyphar.com> (github: cyphar)
2014-05-14 11:14:59 +10:00
3de15bda7e
Copy parents cpus and mems for cpuset
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-05-13 18:01:31 -07:00
195f3a3f42
Add a mention of 80 column lines and reflow the document to hide the
...
evidence.
Docker-DCO-1.1-Signed-off-by: SvenDowideit <SvenDowideit@home.org.au> (github: SvenDowideit)
2014-05-14 10:22:55 +10:00
af891a6751
Subject and object containers can be confused
...
and `create` is now a loaded word for some readers
Docker-DCO-1.1-Signed-off-by: SvenDowideit <SvenDowideit@home.org.au> (github: SvenDowideit)
2014-05-14 07:43:41 +10:00
cfd1227e91
tarsum: test gofmt
...
Docker-DCO-1.1-Signed-off-by: Vincent Batts <vbatts@redhat.com> (github: vbatts)
2014-05-13 15:14:32 -04:00
efa369a6ee
tarsum: adding the layer for "scratch" image
...
Docker-DCO-1.1-Signed-off-by: Vincent Batts <vbatts@redhat.com> (github: vbatts)
2014-05-13 15:08:48 -04:00
ae85dd5458
Remove the bind mount for dev/console which override the mknod/label
...
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume@charmes.net> (github: creack)
2014-05-13 11:59:27 -07:00
461f801f83
tarsum: start a test for TarSum
...
Docker-DCO-1.1-Signed-off-by: Vincent Batts <vbatts@redhat.com> (github: vbatts)
2014-05-13 14:57:31 -04:00
f637eaca5d
Merge pull request #5778 from crosbymichael/check-symlink
...
Ensure libcontainer follows correct symlink in scope
2014-05-13 11:28:00 -07:00
ea7647099f
Add MAINTAINERS file to symlink pkg
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-05-13 11:27:24 -07:00
ca040b1a37
Update code to handle new path to Follow Symlink func
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-05-13 10:54:08 -07:00
dcf81f95fd
Move Follow symlink to pkg
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-05-13 10:35:57 -07:00
b7c7b851dc
libcontainer: Ensure bind mount target files are inside rootfs
...
Before we create any files to bind-mount on, make sure they are
inside the container rootfs, handling for instance absolute symbolic
links inside the container.
Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
2014-05-13 10:24:52 -07:00
1d4caadfe2
Merge pull request #5769 from dankeder/master
...
Fix a typo in contrib/man/md/docker.1.md
2014-05-13 20:26:02 +10:00
653328c6ce
Fix a typo in contrib/man/md/docker.1.md
2014-05-13 11:17:42 +02:00
a70bffd382
Merge pull request #5745 from ojilles/patch-1
...
Cleaned up Network settings overview
2014-05-13 19:02:18 +10:00
f1eabe436a
Merge pull request #5655 from alexlarsson/mount-run-dir
...
Always mount a /run tmpfs in the container
2014-05-13 11:51:14 +03:00
ee4fa10fb0
Merge pull request #5753 from creack/fix-beam-32bit
...
[beam] Use direct iota instead of binary shift
2014-05-13 00:21:32 -07:00
5ac3c6c4ed
Merge pull request #5757 from SvenDowideit/pr_out_was_checking_something_for_a_pr_and_noticed_some_quote_issues
...
Was checking something for a PR and noticed some quote issues
2014-05-13 06:37:12 +02:00
fe445a2447
tell the user not to run from OSX
...
Docker-DCO-1.1-Signed-off-by: SvenDowideit <SvenDowideit@home.org.au> (github: SvenDowideit)
2014-05-13 12:51:00 +10:00
5b525feaed
Merge pull request #5707 from vieux/fix_event_removal
...
fix event removal
2014-05-12 18:59:42 -07:00
937f8f2d81
move acceptconnections as builtin
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
2014-05-13 01:53:38 +00:00
f3736265fd
make listen buffer optional
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
2014-05-13 01:51:41 +00:00
a0f799b6d4
Merge pull request #5759 from vieux/move_register_links_to_daemon
...
move RegisterLinks to daemon
2014-05-12 18:39:47 -07:00
100a92146e
move RegisterLinks to daemon
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
2014-05-13 00:54:46 +00:00
b9c2d57d89
Was checking something for a PR and noticed some quote issues
...
Docker-DCO-1.1-Signed-off-by: SvenDowideit <SvenDowideit@home.org.au> (github: SvenDowideit)
2014-05-13 10:36:19 +10:00
3f6ec6ebba
Merge pull request #5747 from ojilles/patch-2
...
runmetrics update, linking to collectd plugin rather than just hinting
2014-05-13 10:21:34 +10:00
d33b4655c4
Move duration and size to units pkg
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-05-12 17:05:07 -07:00
d54dec4d8b
Fix port mapping in ps display for public and private
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-05-12 15:26:23 -07:00
0d78799db7
Merge pull request #5751 from vieux/move_version
...
move version out of server
2014-05-12 15:25:40 -07:00
7894a70f8b
move version out of server
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
2014-05-12 21:38:20 +00:00
bc77ec2b17
Merge pull request #5717 from philips/mkdir-in-daemon
...
fix(daemon): ensure the /var/lib/docker dir exists
2014-05-12 14:13:56 -07:00
43e926cd9c
Merge pull request #5750 from vieux/vieux_server_maintainer
...
add vieux as server's MAINTAINERS
2014-05-12 13:56:30 -07:00
1d15c0b491
add vieux as server's MAINTAINERS
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
2014-05-12 20:51:45 +00:00
aa1fc36a92
Merge pull request #5696 from cyphar/rev-ubuntu-dockerfile
...
Update Ubuntu release used for builds
2014-05-12 13:21:38 -07:00
905795ece6
Always mount a /run tmpfs in the container
...
All modern distros set up /run to be a tmpfs, see for instance:
https://wiki.debian.org/ReleaseGoals/RunDirectory
Its a very useful place to store pid-files, sockets and other things
that only live at runtime and that should not be stored in the image.
This is also useful when running systemd inside a container, as it
will try to mount /run if not already mounted, which will fail for
non-privileged container.
Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
2014-05-12 21:41:04 +02:00
30a40de205
Merge pull request #5748 from crosbymichael/libcontainer-bindmounts
...
libcontainer: Create dirs/files as needed for bind mounts
2014-05-12 12:27:18 -07:00
cc678a7078
Remove newline char in error message
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-05-12 12:24:30 -07:00
243eaac8b6
Merge pull request #5724 from tutumcloud/5718-lxcbugfix
...
Fix bug on LXC container start. Fixes #5718
2014-05-12 12:14:57 -07:00
16fe76e770
Merge pull request #5712 from vishh/fix_typo
...
Correct a libcontainer Mount Namespace setup comment.
2014-05-12 12:07:19 -07:00
fee1bbd79e
Correct a comment in libcontainer Mount Namespace setup.
...
Docker-DCO-1.1-Signed-off-by: Vishnu Kannan <vishnuk@google.com> (github: vishh)
2014-05-12 19:01:36 +00:00
79f234e049
runmetrics update, linking to collectd plugin rather than just hinting
2014-05-12 20:51:40 +02:00
3e636446c3
Update google.md
...
Fix numbering resets after code sample blocks
2014-05-12 14:48:03 -04:00
feb42d3f97
Cleaned up Network settings overview
2014-05-12 20:35:18 +02:00
Alexandr Morozov
Michael Crosby
Michael Crosby
cyphar
SvenDowideit
Vincent Batts
Guillaume J. Charmes
Victor Vieux
Alexander Larsson
Sven Dowideit
Dan Keder
unclejack
Solomon Hykes
James Turnbull
Victor Vieux
Guillaume J. Charmes
Vishnu Kannan
Jilles Oldenbeuving
Jason Hall