688741df31
Update mount struct with reference
...
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2014-09-01 15:18:30 -07:00
3a7e07355a
Rename 'StdConfig' to 'StreamConfig'.
...
Docker-DCO-1.1-Signed-off-by: Vishnu Kannan <vishnuk@google.com> (github: vishh)
2014-09-01 14:31:01 -07:00
4aa5da278f
Refactoring execdriver.Command and Container structs to support 'docker exec' and other
...
similar features in the future.
Docker-DCO-1.1-Signed-off-by: Vishnu Kannan <vishnuk@google.com> (github: vishh)
2014-09-01 14:30:16 -07:00
a02f67be5b
Extract log utils into pkg/log
...
Docker-DCO-1.1-Signed-off-by: Josiah Kiehl <josiah@capoferro.net> (github: capoferro)
2014-08-13 15:18:15 -07:00
391c35c822
Fix go vet warnings
...
Signed-off-by: Alexandr Morozov <lk4d4math@gmail.com>
2014-08-13 11:37:30 +04:00
b06311a72e
fix goroutines leak and exit code
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
Signed-off-by: Victor Vieux <vieux@docker.com>
2014-08-13 00:03:56 +00:00
7321067176
Use argv0 as reexec implementation for dockerinit
...
This changes the way the exec drivers work by not specifing a -driver
flag on reexec. For each of the exec drivers they register their own
functions that will be matched aginst the argv 0 on exec and called if
they match.
This also allows any functionality to be added to docker so that the
binary can be reexec'd and any type of function can be called. I moved
the flag parsing on docker exec to the specific initializers so that the
implementations do not bleed into one another. This also allows for
more flexability within reexec initializers to specify their own flags
and options.
Signed-off-by: Michael Crosby <michael@docker.com>
2014-08-11 11:47:21 -07:00
93f6cf0351
Catch error on console creation
...
Signed-off-by: Alexandr Morozov <lk4d4math@gmail.com>
2014-08-09 22:10:44 +04:00
89ec17d113
Replace "amd64" build tags with "cgo" as appropriate, and remove where unnecessary
...
Signed-off-by: Andrew Page <admwiggin@gmail.com>
2014-08-06 17:20:21 -06:00
60341f80d7
Purge the bits of pkg/system that moved to libcontainer/system
...
Signed-off-by: Andrew Page <admwiggin@gmail.com>
2014-08-02 01:35:04 -06:00
d82bb603af
Make lxc driver rbind all user specified mounts.
...
Docker-DCO-1.1-Signed-off-by: Vishnu Kannan <vishnuk@google.com> (github: vishh)
2014-07-30 02:23:24 +00:00
ac3eecf3db
Merge pull request #7062 from crosbymichael/fix-lxc-caps
...
Fix cap drop issues with lxc
2014-07-28 16:19:08 -07:00
5a0ef08c94
gofmt -s -w
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
2014-07-24 22:25:29 +00:00
b3ee9ac74e
update go import path and libcontainer
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
2014-07-24 22:19:50 +00:00
29ecc95c31
Add AUDIT_WRITE cap
...
Fixes #6345
Thanks @larsks for outstanding investigation
Docker-DCO-1.1-Signed-off-by: Alexandr Morozov <lk4d4math@gmail.com> (github: LK4D4)
2014-07-23 09:57:41 +04:00
7a8ea91392
Fix cross compile non cgo and linux systems
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
2014-07-16 16:57:49 -07:00
0d67b420b5
Make tty term exec driver specific
...
lxc is special in that we cannot create the master outside of the
container without opening the slave because we have nothing to provide to the
cmd. We have to open both then do the crazy setup on command right now instead of
passing the console path to lxc and telling it to open up that console. we save a couple of
openfiles in the native driver because we can do this.
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
2014-07-16 16:57:49 -07:00
1501c342d8
Don't create pty slave in the daemon for native driver
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
2014-07-16 16:57:19 -07:00
6d238c6fba
Merge pull request #6797 from zhgwenming/master
...
make /.dockerinit bind mount driver specific
2014-07-16 16:01:43 -07:00
50b580cfec
Use : to split caps in sysinit flags
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
2014-07-16 13:40:10 -07:00
47917135da
Fix cap drop issues with lxc
...
This uses "," instead of spaces so that the flags are parsed correctly
and also does not do a strings.Split on an empty string because
strings.Split will return a slice with one element, and empty string
causing parsing to fail when it validates that the cap exists.
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
2014-07-16 12:14:26 -07:00
7c19499c63
Allow case insensitive caps for add and drop
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
2014-07-16 11:47:55 -07:00
b3b6e05f26
since moved the ./dockerinit mount into lxc driver, fix the lxc testcase accordingly
...
Docker-DCO-1.1-Signed-off-by: Albert Zhang <zhgwenming@gmail.com> (github: zhgwenming)
2014-07-15 07:56:19 -04:00
f00e643576
Update native driver for libcontainer changes
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
2014-07-14 12:49:50 -07:00
7ebd49c49a
Merge pull request #6968 from vieux/cap_add_drop
...
Add support for --cap-add and --cap-drop
2014-07-14 10:42:29 -07:00
c04230c42b
add check for invalid caps
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
2014-07-11 23:43:21 +00:00
064b5f870d
support add and drop in both order
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
2014-07-11 23:43:21 +00:00
222a6f4401
add basic support for 'all'
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
2014-07-11 23:43:21 +00:00
f3ff323fb3
small refactoring
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
2014-07-11 23:43:21 +00:00
21059af3ac
Basic --cap-add and --cap-drop support for lxc
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
2014-07-11 23:43:21 +00:00
94e6dc9781
Basic --cap-add and --cap-drop support for native
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
2014-07-11 23:43:21 +00:00
e8762bfe39
add FSETID back to the caps whitelist
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
2014-07-11 00:30:56 +00:00
e2c575c5a6
Merge pull request #6756 from kzys/lxc-linux
...
Skip lxc_template_unit_test.go on non-Linux platforms
2014-07-07 18:46:46 +03:00
d403936818
fix compilation and panic
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
2014-07-02 00:54:08 +00:00
cccb64e863
Add backwards READ compatibility for the old libcontainer API
...
Docker-DCO-1.1-Signed-off-by: Tibor Vass <teabee89@gmail.com> (github: tiborvass)
2014-07-02 00:19:05 +00:00
262d45e0fe
Use new libcontainer.State API
...
Docker-DCO-1.1-Signed-off-by: Tibor Vass <teabee89@gmail.com> (github: tiborvass)
2014-06-30 18:27:15 -04:00
dda0ce6459
Skip lxc_template_unit_test.go on non-Linux platforms
...
It doesn't work without lxc-start.
Docker-DCO-1.1-Signed-off-by: Kato Kazuyoshi <kato.kazuyoshi@gmail.com> (github: kzys)
2014-06-29 17:11:30 +09:00
c9fdb08bda
Update libcontainer Context changes
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
2014-06-26 16:56:39 -07:00
c9e647e42f
Merge pull request #6218 from vieux/update_maintainers
2014-06-25 17:00:32 -07:00
1dc8e2ffab
Rename libcontainer.Container to libcontainer.Config
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
2014-06-24 11:31:03 -07:00
cee6f4506c
Update libcontainer references
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
2014-06-24 11:31:03 -07:00
707ef9618b
Update close fd issues for lxc
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
2014-06-19 16:02:21 -04:00
d31ae5aed8
Use libcontainer cap drop method
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@docker.com> (github: crosbymichael)
2014-06-19 16:00:53 -04:00
cf331cdd6a
Maintain a whitelist of capabilities rather than droplist
...
This fixes 6/18 vulnerability
Docker-DCO-1.1-Signed-off-by: Dinesh Subhraveti <dineshs@altiscale.com> (github: dineshs-altiscale)
2014-06-19 03:34:04 -04:00
06248d745a
update MAINTAINERS files
...
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
2014-06-16 22:20:07 +00:00
41d437117d
Guillaume is busy full-time on his new business, and no longer available
...
as a maintainer.
Best of luck on your e-commerce business Guillaume, and thanks for all
the great contributions!
Docker-DCO-1.1-Signed-off-by: Solomon Hykes <solomon@docker.com> (github: shykes)
2014-06-16 06:22:15 -07:00
c99ee556d4
Merge pull request #6060 from dineshs-altiscale/maintainers
...
Add Dinesh Subhraveti to MAINTAINERS
2014-06-11 14:37:01 -07:00
8194556337
Update libcontainer imports
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-06-10 19:58:15 -07:00
bae6a5a616
Gofmt imports
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-06-09 16:01:57 -07:00
6158ccad97
Move libcontainer deps into libcontainer
...
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
2014-06-09 15:52:12 -07:00
Michael Crosby
Vishnu Kannan
Josiah Kiehl
Alexandr Morozov
Victor Vieux
Michael Crosby
Tianon Gravi
Victor Vieux
Albert Zhang
unclejack
Tibor Vass
Kato Kazuyoshi
Solomon Hykes
Dinesh Subhraveti
Michael Crosby