diff options
Diffstat (limited to 'app-emulation/docker/files')
-rw-r--r-- | app-emulation/docker/files/15404-fix-go14_15.patch | 85 | ||||
-rw-r--r-- | app-emulation/docker/files/18074-disable-journald-arm.patch | 30 | ||||
-rw-r--r-- | app-emulation/docker/files/7179-add-audit_write-cap.patch | 29 | ||||
-rw-r--r-- | app-emulation/docker/files/docker-1.7.1-service-patch.patch | 12 | ||||
-rw-r--r-- | app-emulation/docker/files/docker-r2.confd | 18 | ||||
-rw-r--r-- | app-emulation/docker/files/docker-r2.initd | 54 | ||||
-rw-r--r-- | app-emulation/docker/files/docker-r3.confd | 13 | ||||
-rw-r--r-- | app-emulation/docker/files/docker-r3.initd | 31 | ||||
-rw-r--r-- | app-emulation/docker/files/docker.initd | 31 | ||||
-rw-r--r-- | app-emulation/docker/files/docker.service | 13 |
10 files changed, 316 insertions, 0 deletions
diff --git a/app-emulation/docker/files/15404-fix-go14_15.patch b/app-emulation/docker/files/15404-fix-go14_15.patch new file mode 100644 index 00000000..7cda1f93 --- /dev/null +++ b/app-emulation/docker/files/15404-fix-go14_15.patch @@ -0,0 +1,85 @@ +From f83d05c3be3c3bcc84f6fa229504848ee8078321 Mon Sep 17 00:00:00 2001 +From: Vincent Batts <vbatts@redhat.com> +Date: Fri, 7 Aug 2015 10:18:20 -0400 +Subject: [PATCH] devicemapper: fix zero-sized field access + +Fixes: #15279 + +Due to +https://github.com/golang/go/commit/7904946eeb35faece61bbf6f5b3cc8be2f519c17 +the devices field is dropped. + +This solution works on go1.4 and go1.5 + +Signed-off-by: Vincent Batts <vbatts@redhat.com> +--- + daemon/graphdriver/devmapper/deviceset.go | 14 +++++++++----- + pkg/devicemapper/devmapper_wrapper.go | 18 +++++++++++++++--- + 2 files changed, 24 insertions(+), 8 deletions(-) + +diff --git a/daemon/graphdriver/devmapper/deviceset.go b/daemon/graphdriver/devmapper/deviceset.go +index 6dddeb1..97e2032 100644 +--- a/daemon/graphdriver/devmapper/deviceset.go ++++ b/daemon/graphdriver/devmapper/deviceset.go +@@ -1509,12 +1509,16 @@ func (devices *DeviceSet) deactivatePool() error { + if err != nil { + return err + } +- if d, err := devicemapper.GetDeps(devname); err == nil { +- // Access to more Debug output +- logrus.Debugf("[devmapper] devicemapper.GetDeps() %s: %#v", devname, d) ++ ++ if devinfo.Exists == 0 { ++ return nil + } +- if devinfo.Exists != 0 { +- return devicemapper.RemoveDevice(devname) ++ if err := devicemapper.RemoveDevice(devname); err != nil { ++ return err ++ } ++ ++ if d, err := devicemapper.GetDeps(devname); err == nil { ++ logrus.Warnf("[devmapper] device %s still has %d active dependents", devname, d.Count) + } + + return nil +diff --git a/pkg/devicemapper/devmapper_wrapper.go b/pkg/devicemapper/devmapper_wrapper.go +index 87c2003..44ca772 100644 +--- a/pkg/devicemapper/devmapper_wrapper.go ++++ b/pkg/devicemapper/devmapper_wrapper.go +@@ -38,7 +38,10 @@ static void log_with_errno_init() + */ + import "C" + +-import "unsafe" ++import ( ++ "reflect" ++ "unsafe" ++) + + type ( + CDmTask C.struct_dm_task +@@ -184,12 +187,21 @@ func dmTaskGetDepsFct(task *CDmTask) *Deps { + if Cdeps == nil { + return nil + } ++ ++ // golang issue: https://github.com/golang/go/issues/11925 ++ hdr := reflect.SliceHeader{ ++ Data: uintptr(unsafe.Pointer(uintptr(unsafe.Pointer(Cdeps)) + unsafe.Sizeof(*Cdeps))), ++ Len: int(Cdeps.count), ++ Cap: int(Cdeps.count), ++ } ++ devices := *(*[]C.uint64_t)(unsafe.Pointer(&hdr)) ++ + deps := &Deps{ + Count: uint32(Cdeps.count), + Filler: uint32(Cdeps.filler), + } +- for _, device := range Cdeps.device { +- deps.Device = append(deps.Device, (uint64)(device)) ++ for _, device := range devices { ++ deps.Device = append(deps.Device, uint64(device)) + } + return deps + } diff --git a/app-emulation/docker/files/18074-disable-journald-arm.patch b/app-emulation/docker/files/18074-disable-journald-arm.patch new file mode 100644 index 00000000..e7c9a2f6 --- /dev/null +++ b/app-emulation/docker/files/18074-disable-journald-arm.patch @@ -0,0 +1,30 @@ +diff --git a/daemon/logger/journald/journald.go b/daemon/logger/journald/journald.go +index c729b56..97c379c 100644 +--- a/daemon/logger/journald/journald.go ++++ b/daemon/logger/journald/journald.go +@@ -1,4 +1,4 @@ +-// +build linux ++// +build linux,!arm + + // Package journald provides the log driver for forwarding server logs + // to endpoints that receive the systemd format. +diff --git a/daemon/logger/journald/journald_unsupported.go b/daemon/logger/journald/journald_unsupported.go +index d52ca92..8e9034a 100644 +--- a/daemon/logger/journald/journald_unsupported.go ++++ b/daemon/logger/journald/journald_unsupported.go +@@ -1,4 +1,4 @@ +-// +build !linux ++// +build !linux linux,arm + + package journald + +diff --git a/daemon/logger/journald/read.go b/daemon/logger/journald/read.go +index 80c1fbd..0477c04 100644 +--- a/daemon/logger/journald/read.go ++++ b/daemon/logger/journald/read.go +@@ -1,4 +1,4 @@ +-// +build linux,cgo,!static_build,journald ++// +build linux,cgo,!static_build,journald,!arm + + package journald + diff --git a/app-emulation/docker/files/7179-add-audit_write-cap.patch b/app-emulation/docker/files/7179-add-audit_write-cap.patch new file mode 100644 index 00000000..6263698c --- /dev/null +++ b/app-emulation/docker/files/7179-add-audit_write-cap.patch @@ -0,0 +1,29 @@ +From 29ecc95c31ecfe15e3b3d8db94cea1c555e526a3 Mon Sep 17 00:00:00 2001 +From: Alexandr Morozov <lk4d4math@gmail.com> +Date: Wed, 23 Jul 2014 09:57:41 +0400 +Subject: [PATCH] Add AUDIT_WRITE cap + +Fixes #6345 + +Thanks @larsks for outstanding investigation + +Docker-DCO-1.1-Signed-off-by: Alexandr Morozov <lk4d4math@gmail.com> (github: LK4D4) +--- + daemon/execdriver/native/template/default_template.go | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/daemon/execdriver/native/template/default_template.go b/daemon/execdriver/native/template/default_template.go +index cc5cc4f..be3dd5a 100644 +--- a/daemon/execdriver/native/template/default_template.go ++++ b/daemon/execdriver/native/template/default_template.go +@@ -23,6 +23,7 @@ func New() *libcontainer.Config { + "NET_BIND_SERVICE", + "SYS_CHROOT", + "KILL", ++ "AUDIT_WRITE", + }, + Namespaces: map[string]bool{ + "NEWNS": true, +-- +2.0.3 + diff --git a/app-emulation/docker/files/docker-1.7.1-service-patch.patch b/app-emulation/docker/files/docker-1.7.1-service-patch.patch new file mode 100644 index 00000000..10f1002c --- /dev/null +++ b/app-emulation/docker/files/docker-1.7.1-service-patch.patch @@ -0,0 +1,12 @@ +--- docker-1.7.1/contrib/init/systemd/docker.service.orig 2015-07-14 21:41:25.000000000 +0300 ++++ docker-1.7.1/contrib/init/systemd/docker.service 2016-03-31 23:38:11.461808109 +0300 +@@ -5,7 +5,8 @@ + Requires=docker.socket + + [Service] +-ExecStart=/usr/bin/docker -d -H fd:// ++EnvironmentFile=/etc/default/docker ++ExecStart=/usr/bin/docker -d $DOCKER_OPTS -H fd:// + MountFlags=slave + LimitNOFILE=1048576 + LimitNPROC=1048576 diff --git a/app-emulation/docker/files/docker-r2.confd b/app-emulation/docker/files/docker-r2.confd new file mode 100644 index 00000000..5436b233 --- /dev/null +++ b/app-emulation/docker/files/docker-r2.confd @@ -0,0 +1,18 @@ +# /etc/conf.d/docker: config file for /etc/init.d/docker + +# where the docker daemon output gets piped +#DOCKER_LOGFILE="/var/log/docker.log" + +# where docker's pid get stored +#DOCKER_PIDFILE="/run/docker.pid" + +# where the docker daemon itself is run from +#DOCKER_BINARY="/usr/bin/docker" + +# uncomment this for a simple workaround to +# https://github.com/dotcloud/docker/issues/1422 +#DOCKER_WORKAROUND_1422="1" + +# if you find that the default DOCKER_WORKAROUND_1422 delay of one second +# is not sufficient, try uncommenting and increasing this value +#DOCKER_WORKAROUND_1422_DELAY="1" diff --git a/app-emulation/docker/files/docker-r2.initd b/app-emulation/docker/files/docker-r2.initd new file mode 100644 index 00000000..b081d9c7 --- /dev/null +++ b/app-emulation/docker/files/docker-r2.initd @@ -0,0 +1,54 @@ +#!/sbin/runscript +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +DOCKER_LOGFILE=${DOCKER_LOGFILE:-/var/log/${SVCNAME}.log} +DOCKER_PIDFILE=${DOCKER_PIDFILE:-/run/${SVCNAME}.pid} +DOCKER_BINARY=${DOCKER_BINARY:-/usr/bin/docker} +DOCKER_WORKAROUND_1422=${DOCKER_WORKAROUND_1422:-0} +DOCKER_WORKAROUND_1422_DELAY=${DOCKER_WORKAROUND_1422_DELAY:-1} + +start() { + checkpath -f -m 0644 -o root:docker "$DOCKER_LOGFILE" + + ebegin "Starting docker daemon" + start-stop-daemon --start --background \ + --exec "$DOCKER_BINARY" \ + --pidfile "$DOCKER_PIDFILE" \ + --stdout "$DOCKER_LOGFILE" \ + --stderr "$DOCKER_LOGFILE" \ + -- -d -p "$DOCKER_PIDFILE" + eend $? + ret=$? + + if [ $ret -eq 0 ] \ + && [ "$DOCKER_WORKAROUND_1422" ] \ + && [ "$DOCKER_WORKAROUND_1422" -gt 0 ] \ + ; then + # see https://github.com/dotcloud/docker/issues/1422 + ewarn "Working around gh#1422 (via busybox image); this may take a moment" + + # we were calling "docker run" more quickly than "docker -d" could get + # fired up, so our workaround wasn't successful without a short delay + sleep $DOCKER_WORKAROUND_1422_DELAY + + # TODO when we get https://github.com/dotcloud/docker/pull/1589, these + # both need -rm so we clean up after ourselves (thanks, @eliasp!) + docker run -i -t busybox true &> /dev/null || true + # first run will fail, so we ignore its output and result and run again + docker run -i -t busybox true + + ewend $? + fi + + return $ret +} + +stop() { + ebegin "Stopping docker daemon" + start-stop-daemon --stop \ + --exec "$DOCKER_BINARY" \ + --pidfile "$DOCKER_PIDFILE" + eend $? +} diff --git a/app-emulation/docker/files/docker-r3.confd b/app-emulation/docker/files/docker-r3.confd new file mode 100644 index 00000000..ae247c00 --- /dev/null +++ b/app-emulation/docker/files/docker-r3.confd @@ -0,0 +1,13 @@ +# /etc/conf.d/docker: config file for /etc/init.d/docker + +# where the docker daemon output gets piped +#DOCKER_LOGFILE="/var/log/docker.log" + +# where docker's pid get stored +#DOCKER_PIDFILE="/run/docker.pid" + +# where the docker daemon itself is run from +#DOCKER_BINARY="/usr/bin/docker" + +# any other random options you want to pass to docker +DOCKER_OPTS="" diff --git a/app-emulation/docker/files/docker-r3.initd b/app-emulation/docker/files/docker-r3.initd new file mode 100644 index 00000000..a3031850 --- /dev/null +++ b/app-emulation/docker/files/docker-r3.initd @@ -0,0 +1,31 @@ +#!/sbin/runscript +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +DOCKER_LOGFILE=${DOCKER_LOGFILE:-/var/log/${SVCNAME}.log} +DOCKER_PIDFILE=${DOCKER_PIDFILE:-/run/${SVCNAME}.pid} +DOCKER_BINARY=${DOCKER_BINARY:-/usr/bin/docker} +DOCKER_OPTS=${DOCKER_OPTS:-} + +start() { + checkpath -f -m 0644 -o root:docker "$DOCKER_LOGFILE" + + ebegin "Starting docker daemon" + start-stop-daemon --start --background \ + --exec "$DOCKER_BINARY" \ + --pidfile "$DOCKER_PIDFILE" \ + --stdout "$DOCKER_LOGFILE" \ + --stderr "$DOCKER_LOGFILE" \ + -- -d -p "$DOCKER_PIDFILE" \ + $DOCKER_OPTS + eend $? +} + +stop() { + ebegin "Stopping docker daemon" + start-stop-daemon --stop \ + --exec "$DOCKER_BINARY" \ + --pidfile "$DOCKER_PIDFILE" + eend $? +} diff --git a/app-emulation/docker/files/docker.initd b/app-emulation/docker/files/docker.initd new file mode 100644 index 00000000..18ca8ab9 --- /dev/null +++ b/app-emulation/docker/files/docker.initd @@ -0,0 +1,31 @@ +#!/sbin/runscript +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +DOCKER_LOGFILE=${DOCKER_LOGFILE:-/var/log/${SVCNAME}.log} +DOCKER_PIDFILE=${DOCKER_PIDFILE:-/run/${SVCNAME}.pid} +DOCKER_BINARY=${DOCKER_BINARY:-/usr/bin/docker} + +start() { + touch "$DOCKER_LOGFILE" + chown root:docker "$DOCKER_LOGFILE" + chmod 0644 "$DOCKER_LOGFILE" + + ebegin "Starting docker daemon" + start-stop-daemon --start --background \ + --exec "$DOCKER_BINARY" \ + --pidfile "$DOCKER_PIDFILE" \ + --stdout "$DOCKER_LOGFILE" \ + --stderr "$DOCKER_LOGFILE" \ + -- -d -p "$DOCKER_PIDFILE" + eend $? +} + +stop() { + ebegin "Stopping docker daemon" + start-stop-daemon --stop \ + --exec "$DOCKER_BINARY" \ + --pidfile "$DOCKER_PIDFILE" + eend $? +} diff --git a/app-emulation/docker/files/docker.service b/app-emulation/docker/files/docker.service new file mode 100644 index 00000000..bd53c520 --- /dev/null +++ b/app-emulation/docker/files/docker.service @@ -0,0 +1,13 @@ +[Unit] +Description=Easily create lightweight, portable, self-sufficient containers from any application! +Requires=network.target +After=multi-user.target + +[Service] +Type=simple +EnvironmentFile=-/etc/default/docker +ExecStartPre=/bin/mount --make-rprivate / +ExecStart=/usr/bin/docker -d ${DOCKER_OPTS} + +[Install] +WantedBy=multi-user.target |