Commit Graph

14 Commits

Author SHA1 Message Date
Jess Frazelle 87a614ed55 Merge pull request #17989 from jfrazelle/initial-seccomp-support
Phase 1: Initial seccomp support
2015-12-05 08:33:58 -08:00
Jessica Frazelle b7b707af2e
update go version
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
2015-12-03 16:37:13 -08:00
Jessica Frazelle 255004ef33
update debs/rpms for seccomp
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
2015-12-03 16:20:05 -08:00
Jessica Frazelle cf4c3da725
update debs/rpms for pkcs11 yubikey things
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
2015-11-13 13:20:53 -08:00
Jessica Frazelle 985fe8857d
update go version for debs and rpms
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
2015-10-29 17:04:38 -07:00
Jessica Frazelle c39689ca70
add dh-apparmor & apparmor to deb builder dockerfiles
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
2015-10-19 16:15:22 -07:00
Qiang Huang 42d643af55 Bump Go to 1.4.3 for builder
We already bumped this for Dockerfile, should keep build environment
consistent with that.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2015-10-15 14:02:18 +08:00
Nalin Dahyabhai e611a189cb Add log reading to the journald log driver
If a logdriver doesn't register a callback function to validate log
options, it won't be usable.  Fix the journald driver by adding a dummy
validator.

Teach the client and the daemon's "logs" logic that the server can also
supply "logs" data via the "journald" driver.  Update documentation and
tests that depend on error messages.

Add support for reading log data from the systemd journal to the
journald log driver.  The internal logic uses a goroutine to scan the
journal for matching entries after any specified cutoff time, formats
the messages from those entries as JSONLog messages, and stuffs the
results down a pipe whose reading end we hand back to the caller.

If we are missing any of the 'linux', 'cgo', or 'journald' build tags,
however, we don't implement a reader, so the 'logs' endpoint will still
return an error.

Make the necessary changes to the build setup to ensure that support for
reading container logs from the systemd journal is built.

Rename the Jmap member of the journald logdriver's struct to "vars" to
make it non-public, and to make it easier to tell that it's just there
to hold additional variable values that we want journald to record along
with log data that we're sending to it.

In the client, don't assume that we know which logdrivers the server
implements, and remove the check that looks at the server.  It's
redundant because the server already knows, and the check also makes
using older clients with newer servers (which may have new logdrivers in
them) unnecessarily hard.

When we try to "logs" and have to report that the container's logdriver
doesn't support reading, send the error message through the
might-be-a-multiplexer so that clients which are expecting multiplexed
data will be able to properly display the error, instead of tripping
over the data and printing a less helpful "Unrecognized input header"
error.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com> (github: nalind)
2015-09-11 16:50:03 -04:00
Jessica Frazelle bd06432ba3 cleanup and fix btrfs subvolume recursion deletion
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
2015-08-25 13:00:41 -07:00
Jessica Frazelle 83416f68de add file to test install script
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
2015-08-11 16:31:58 -07:00
Jessica Frazelle ed248207d7 revert apparmor changes back to how it was in 1.7.1, but keep tests
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
2015-08-06 12:49:25 -07:00
Jessica Frazelle 1fff0a5cc5 actually update deb dockerfiles
Signed-off-by: Jessica Frazelle <princess@docker.com>
2015-07-22 13:06:04 -07:00
Tianon Gravi 24d98c14a0 Switch verbosity in builder/*/generate.sh so that we get download progress for Go instead of the name of every single file extracted
Also, `curl` is smart enough to see when the consumer of the pipe is going slow that it should slow down the transfer, so this gives a reasonable indication of extraction progress too.

Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
2015-05-07 14:15:35 -06:00
Tianon Gravi eee1efcfd6 Add "builder-deb" base images for building ".deb" packages properly
Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
2015-04-06 10:43:36 -06:00