- replace /etc/hosts based name resolution with embedded DNS for user
defined networks
- overlay veth cleanup: docker/docker#18814
- check before programming ipv6 in bridge: docker/docker#19139
- diable DAD: docker/docker#18871
Signed-off-by: Santhosh Manohar <santhosh@docker.com>
The trust code used to parse the console output of `docker push` to
extract the digest, tag, and size information and determine what to
sign. This is fragile and might give an attacker control over what gets
signed if the attacker can find a way to influence what gets printed as
part of the push output.
This commit sends the push metadata out-of-band. It introduces an `Aux`
field in JSONMessage that can carry application-specific data alongside
progress updates. Instead of parsing formatted output, the client looks
in this field to get the digest, size, and tag from the push.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
This adds guidelines around reaching the maintainers. Emails shouldn't
be sent to maintainers. GitHub mentions should be used instead.
Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com>
Wait the new created container for running and then check if it
is in the docker stats to avoid flaky test.
Signed-off-by: Lei Jitang <leijitang@huawei.com>
.ensure-syscall-test need to build an image, we have
to add http_proxy and https_proxy to make it work.
Inseted of adding http_proxy and https_proxy env to the Dockerfile,
adding a DOCKER_BUILD_ARGS env to pass the build-arg is much more
elegant.
Signed-off-by: Lei Jitang <leijitang@huawei.com>
if create a container with -w to specify the working directory and
the directory does not exist in the container rootfs, the directory
will be created until the container start. It make docker export of
a created container and a running container inconsistent.
Signed-off-by: Lei Jitang <leijitang@huawei.com>
Make sure btrfs mounted subvolumes are owned properly when a remapped
root exists (user namespaces are enabled, for example)
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
- Use the master interface in the new repo.
- Use new structures for container create, update and network connect.
Signed-off-by: David Calavera <david.calavera@gmail.com>
file to require the Unbreakable Enterprise Kernel Release 4 on both Oracle Linux 6
and Oracle Linux 7.
The UEK R4 provides the required kernel functionality for VxLAN support
required by Docker 1.9 and user namespace support required for 1.10+.
The build of Docker on Oracle Linux 6 requires some manipulation of the build
environment so that the CGO compiler uses the UEK R4 headers instead of the old
default kernel headers.
Signed-off-by: Avi Miller <avi.miller@oracle.com>
Don't rely on sqlite db for name registration and linking.
Instead register names and links when the daemon starts to an in-memory
store.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Euan
Santhosh Manohar
Alexander Morozov
John Howard
Tianon Gravi
Aidan Hobson Sayers
Jess Frazelle
Stephen Rust
Phil Estes
Arnaud Porterie
Michael Crosby
Aaron Lehmann
Alessandro Boch
David Calavera
Riyaz Faizullabhoy
unclejack
Vincent Demeester
Antonio Murdaca
Lei Jitang
cyli
Brian Goff
moxiegirl
Victoria Bialas
Avi Miller
Anusha Ragunathan
Shishir Mahajan
Doug Davis
Jessica Frazelle