Commit Graph

42 Commits

Author SHA1 Message Date
Qiang Huang c91b5bea48 Merge pull request #1088 from crosbymichael/rc2
Bump spec and version to rc2
2016-09-29 09:18:37 +08:00
Michael Crosby 0f97ba469f Bump spec and version to rc2
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-09-28 09:53:43 -07:00
Justin Cormack 4e179bddca Set ambient capabilities where supported
Since Linux 4.3 ambient capabilities are available. If set these allow unprivileged child
processes to inherit capabilities, while at present there is no means to set capabilities
on non root processes, other than via filesystem capabilities which are not usually
supported in image formats.

With ambient capabilities non root processes can be given capabilities as well, and so
the main reason to use root in containers goes away, and capabilities work as expected.

The code falls back to the existing behaviour if ambient capabilities are not supported.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2016-09-28 09:13:56 +01:00
Shukui Yang 1db7315287 update github.com/urfave/cli lib
Signed-off-by: Shukui Yang <yangshukui@huawei.com>
2016-09-18 09:22:46 +08:00
Adam Thomason fcbde0ce9f Update runtime-spec to current upstream
runc currently fails to build against the upstream version of
runtime-spec/specs-go.

```
# github.com/opencontainers/runc
./spec.go:189: cannot use specs.Linux literal (type specs.Linux) as type *specs.Linux in field value
```

on account of 63231576ec (diff-7f24d60f0cbb9c433e165467e3d34838R25)

This commit updates the dependency to current runtime-spec master and
fixes the type mismatch.

Fixes #1035

Signed-off-by: Adam Thomason <ad@mthomason.net>
2016-09-11 15:17:14 -07:00
Aleksa Sarai ec1ccb90f4 godeps: bump libseccomp-golang to 32f571b70023028bd57d9288c20efbcb237f3ce0
Signed-off-by: Aleksa Sarai <asarai@suse.de>
2016-06-08 20:15:18 +10:00
Mrunal Patel a753b06645 Replace github.com/codegangsta/cli by github.com/urfave/cli
The package got moved to a different repository

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-06-06 11:47:20 -07:00
Michael Crosby d6fbe044c3 Bump spec dependency to 1.0.0-rc1
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-06-03 15:24:44 -07:00
Aleksa Sarai 089b05a512 godeps: update seccomp to 60c9953736798c4a04e90d0f3da2f933d44fd4c4
This update allows more distributions to build runC with seccomp out of
the box (the include path and library paths are not always the Go
defaults).  In addition, update the test's Dockerfile to have pkg-config
installed.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
2016-05-25 07:58:28 +10:00
Qiang Huang 8477638aab Update cli package
The old one has bug when showing help message for IntFlags.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2016-05-10 13:58:09 +08:00
Mrunal Patel e25811108b Bump up spec and add support for mount label
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-04-22 15:31:39 -07:00
Michael Crosby f417e993d0 Update spec to v0.5.0
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-04-12 14:11:40 -07:00
Michael Crosby 1117a7cbf9 Bump specs to 93ca97e83c
This bumps specs to version 93ca97e83c
which fixes the json marshal/unmarshal issue with blkio major/minor and
adds masked and readonly paths to the spec.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-04-01 13:00:44 -07:00
Michael Crosby 4d431183be Update spec to version cf8ebc9d6e
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-03-29 11:14:35 -07:00
Michael Crosby 9047912c35 Bump spec version to v0.4.0
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-03-10 14:14:57 -08:00
Michael Crosby aa9660027b Update spec version
This bump of the spec includes a change to the deivce type to be a
string so that it is more readable in the json serialization.

It also includes the change were caps, no new privs, and process
labeling features are moved from the container config onto the process.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-03-03 10:26:38 -08:00
Antonio Murdaca 0dea09bce7 *: use coreos/go-systemd/activation for socket activation
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-02-09 23:44:09 +01:00
Mike Brown c2c0458598 merges latest spec with runc
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
2016-02-05 12:47:09 -08:00
Jessica Frazelle b23613c9c2
update godeps cli version
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
2016-01-28 17:45:51 -08:00
Mrunal Patel 9cd641486a Update github.com/opencontainers/specs to a7b50925d8
This leaves out the internal conversions as we may need to consider
docker backward compatibility for those changes.

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-01-25 19:19:15 -05:00
Qiang Huang f4fc51b59c Cleanup Godeps
`godep save` and `godep update` don't copy `*_test.go` files and
`testdata` directories by default, and we have no reason to keep
them in Godeps.

This is what I did:
1. A clean GOPATH with no vendors in
2. godep restore
3. remove Godeps dir in the repo
4. godep save

Note that I'm using the latest godep, so we also vendored all
necessary licese files because of https://github.com/tools/godep/pul/301

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2015-12-28 09:34:37 +08:00
David Calavera 977991d36f Replace docker units package with new docker/go-units.
It's the same library but it won't live in docker/docker anymore.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-12-14 20:45:30 -05:00
Antonio Murdaca bea558b61f godeps: update go-systemd to v4 and godbus/dbus to v3
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2015-11-19 23:37:28 +01:00
Mrunal Patel f184a880a2 Bump up github.com/opencontainers/specs to cf8dd12093
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2015-10-07 16:51:10 -04:00
Antonio Murdaca c5b80bddf1 bump docker pkgs
Docker pkgs were updated while golinting the whole docker code base.
Now when trying to bump libcontainer/runc in docker, it fails compiling
with the following error:
``
vendor/src/github.com/opencontainers/runc/libcontainer/rootfs_linux.go:424:
undefined: mount.MountInfo
``
This is because, for instance, the mount pkg was updated here
0f5c9d301b (diff-49294d05afa48e2f7c0d2f02c6f7614c)
and now that type is only `mount.Info`.
This patch bump docker pkgs commit and adapt code to it.

Signed-off-by: Antonio Murdaca <amurdaca@redhat.com>
2015-10-06 10:48:12 +02:00
Antonio Murdaca c6e406af24 Adjust runc to new opencontainers/specs version
Godeps: Vendor opencontainers/specs 96bcd043aa

Fix a bug where it's impossible to pass multiple devices to blkio
cgroup controller files. See https://github.com/opencontainers/runc/issues/274

Signed-off-by: Antonio Murdaca <runcom@linux.com>
2015-10-03 12:25:33 +02:00
Mrunal Patel 34d3e2b948 Update github.com/syndtr/gocapability/capability to 2c00daeb6c3b45114c80ac44119e7b8801fdd852
This allows us to use the capability.List() function to construct capability list
dynamically.

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2015-09-24 18:44:01 -04:00
Alexander Morozov ea5032bc5e Adjust runc to new opencontainers/specs version
I deleted possibility to specify config file from commands for now.
Until we decide how it'll be done. Also I changed runc spec interface to
write config files instead of output them.

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-09-15 08:35:25 -07:00
Alexander Morozov 24f4d5d1fd Remove old netlink library
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-09-09 19:38:02 -07:00
Alexander Morozov 916bd6bd68 Use github.com/vishvananda/netlink for networking
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-09-09 19:32:46 -07:00
Mrunal Patel e7663a673e Merge pull request #70 from mheon/seccomp
Convert Seccomp support to use Libseccomp
2015-08-21 12:25:33 -07:00
Matthew Heon 8da24a5447 Update vendored Libseccomp bindings
Signed-off-by: Matthew Heon <mheon@redhat.com>
2015-08-13 09:36:09 -04:00
Matthew Heon 2ae581ae62 Convert Seccomp support to use Libseccomp
This removes the existing, native Go seccomp filter generation and replaces it
with Libseccomp. Libseccomp is a C library which provides architecture
independent generation of Seccomp filters for the Linux kernel.

This adds a dependency on v2.2.1 or above of Libseccomp.

Signed-off-by: Matthew Heon <mheon@redhat.com>
2015-08-13 07:56:27 -04:00
Tonis Tiigi 0f99c20fd0 Update specs
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2015-08-11 13:50:57 -07:00
Michael Crosby b1821a4edc Merge pull request #150 from runcom/update-go-systemd-dbus-v3
Update go systemd dbus v3
2015-08-03 16:11:52 -04:00
Mrunal Patel 5f65056c89 Update github.com/opecontainers/specs to 5b31bb2b77
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>

Make runc changes required to pull in the updated spec

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2015-08-03 15:33:48 -04:00
Antonio Murdaca b21a519ac9 Vendor github.com/coreos/go-systemd/util
Signed-off-by: Antonio Murdaca <runcom@linux.com>
2015-07-25 01:35:00 +02:00
Antonio Murdaca 75bc7ae642 Update github.com/coreos/go-systemd/dbus to v3
Signed-off-by: Antonio Murdaca <runcom@linux.com>
2015-07-24 15:54:52 +02:00
W. Trevor King 40ca795938 Godeps: Update github.com/opencontainers/specs to include IDMapping change
Pull in:

* spec_linux.go: Rename IDMapping fields to follow syscall.SysProcIDMap
* Merge pull request opencontainers/specs#60 from jonboulle/master
2015-07-08 10:53:06 -07:00
Mrunal Patel d61480ea3d Update github.com/opencontainer/specs to include Sysctl change
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2015-07-06 19:16:55 -04:00
Michael Crosby e2df818399 Add opencontainers/spec to godeps
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2015-07-02 14:00:13 -07:00
Michael Crosby f20d95b6f2 Use godeps for building of vendored files
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2015-06-22 09:23:17 -07:00