Commit Graph

1262 Commits

Author SHA1 Message Date
Mrunal Patel 58feafa848 Merge pull request #442 from rhatdan/tmpfsperms
Mounting a tmpfs directory needs to inherit directory permissions from base
2015-03-11 21:10:31 -07:00
Michael Crosby 7c8550af53 Merge pull request #447 from jfrazelle/update-logrus
Update logrus to 0.6.6
2015-03-11 16:51:52 -07:00
Jessica Frazelle 3e9299d6da Update logrus to 0.6.6
we did the same for docker/docker so now they are inline.

Docker-DCO-1.1-Signed-off-by: Jessie Frazelle <jess@docker.com> (github: jfrazelle)
2015-03-11 16:53:40 -07:00
Mrunal Patel f7837f4f71 Merge pull request #446 from icecrime/hairpin-nat-re
Hairpin NAT network configuration
2015-03-11 14:49:12 -07:00
Arnaud Porterie e1c14b3ca2 Hairpin NAT network configuration
Offer the ability to enable hairpin NAT on a per network basis, while
keeping it disable by default as it is unsupported by older kernel.

Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com>
2015-03-11 13:42:37 -07:00
Dan Walsh 9f2c67332f Mounting a tmpfs directory needs to inherit directory permissions from base
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
2015-03-11 15:33:35 -04:00
Michael Crosby ef4efd065c Merge pull request #445 from LK4D4/add_type_method
Add information Type method for Factory
2015-03-11 11:52:46 -07:00
Mrunal Patel aa10040b57 Merge pull request #444 from ncdc/dont-label-mqueue
Don't label mqueue when mounting
2015-03-11 11:46:47 -07:00
Michael Crosby 3977c892e7 Remove --create from nsinit and make it default
More people are using this to test new features and this makes it very
simple to run a container with a simple command.

`nsinit exec --tty sh`

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2015-03-11 11:46:11 -07:00
Alexander Morozov c44ab12c86 Add information Type method for Factory
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-03-11 11:44:56 -07:00
Andy Goldstein 2ca9dc306e Don't label mqueue when mounting
mqueue shouldn't be labeled when mounting; otherwise, the mount will
fail.

Signed-off-by: Andy Goldstein <agoldste@redhat.com>
2015-03-11 14:30:26 -04:00
Mrunal Patel a9442e6660 selinux: Adds a check for a NUL byte at the end of the string and removes
it.

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2015-03-11 14:10:37 -04:00
Qiang Huang d6eb76f8a2 add parameter to Set api
We only have libcontainer.Container on Docker side, can't change `config`
in linuxContainer, pass config to libcontainer so we can change config of
container.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2015-03-11 16:46:54 +08:00
Michael Crosby 9387ebb6ba Merge pull request #437 from hqhq/hq_fix_some_cgroups_issues
fix some cgroups issues
2015-03-10 14:04:10 -07:00
Mrunal Patel 2da159823d Merge pull request #439 from vbatts/vbatts-fix_unused_variable_warning
nsenter: fix the -Wunused-variable warning
2015-03-10 11:54:25 -07:00
Vincent Batts 2a9511a026 nsenter: fix the -Wunused-variable warning
The change 699429e60f that allows the
constructor attribute to not be optimized out on gccgo has resulted in a
warning when compiling on the golang compiler.

```
./nsenter.go: In function ‘_cgo_51505a0edd5d_Cfunc_init’:
./nsenter.go:40:49: warning: unused variable ‘a’ [-Wunused-variable]
```

the generated code produced an unused struct like:

```
void
_cgo_d6cfae95ae01_Cfunc_init (void *v)
{
  struct
  {
    char unused;
  } __attribute__ ((__packed__, __gcc_struct__)) * a = v;
  init ();
}
```

Truly the "fix" would be upstream in cgo. If it knows it is producing an
unused struct, then it should also include __attribute__ ((unused))

Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
2015-03-10 14:43:09 -04:00
Victor Marmol 43fabe36d1 Merge pull request #438 from hqhq/hq_add_memoryswap_test
add Set memoryswap test cases
2015-03-09 10:17:20 -07:00
Qiang Huang 35c01f9eb3 add Set memoryswap test cases
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2015-03-09 10:25:12 +08:00
Qiang Huang a3b0209cc6 cgroups: don't use d.path for cgroup tests files
d.path() should be used to get the real cgroup path, for temp path,
we can just create one.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2015-03-09 09:32:02 +08:00
Qiang Huang 606d9064b0 cgroups: only return path when subsystem really mounted
If cgroup patch doesn't exist, there is no point we do the Set.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2015-03-09 09:16:56 +08:00
Mrunal Patel 83663f82e3 Merge pull request #435 from pmorie/selinux-doc
Add godoc for selinux package
2015-03-06 12:33:03 -08:00
Paul Morie 4fc29224cf Add godoc for selinux package
Docker-DCO-1.1-Signed-off-by: Paul Morie <pmorie@gmail.com> (github: pmorie)
2015-03-06 13:28:52 -05:00
Rohit Jnagal 074441b495 Merge pull request #429 from hqhq/hq_use_FindCgroupMountRoot
fix apply error when we not mount cpu subsystem
2015-03-06 10:11:16 -08:00
Victor Marmol dd3cb88223 Merge pull request #417 from HuKeping/master
cgroups: add support for oom control
2015-03-06 08:31:40 -08:00
HuKeping 4332ffcfc6 cgroups: add test for disable oom killer
Signed-off-by: Hu Keping <hukeping@huawei.com>
2015-03-07 02:49:34 +08:00
HuKeping 295c70865d cgroups: add support for oom control
This patch add support for diable OOM Killer.

Signed-off-by: Hu Keping <hukeping@huawei.com>
2015-03-07 02:49:31 +08:00
Mrunal Patel 334b196371 Merge pull request #432 from LK4D4/os_environ
Pass os.Environ() as environment to process from init.
2015-03-05 14:49:24 -08:00
Alexander Morozov 9744d72c74 Pass os.Environ() as environment to process from init.
Replacement of #418

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-03-05 14:44:40 -08:00
Mrunal Patel d4867a6583 Merge pull request #431 from LK4D4/fix_nsenter_test_hang
Remove overcomplicated logic of SIGCHLD from TestNsenterDeadPid
2015-03-05 13:58:47 -08:00
Alexander Morozov 846e522ffc Remove overcomplicated logic of SIGCHLD from TestNsenterDeadPid
It lead to some race which hanged test.

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-03-05 13:52:54 -08:00
Alexander Morozov f0d1a8fc27 Add go vet check to validate script
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-03-05 10:24:26 -08:00
Alexander Morozov 8b77eba9a6 Calm down vet about foreign array type
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-03-05 10:24:21 -08:00
Mrunal Patel 88989e66d3 Merge pull request #427 from avagin/fixes
A few minor fixes
2015-03-04 21:36:46 -08:00
Andrey Vagin 872663148e paranoia: Don't return -1 as PID in error cases
I have seen a few times, when kill() was called for this
value on error paths and nobody survived except the init process.

man 2 kill
If pid equals -1, then sig is sent to every process for which the call‐
ing  process  has  permission  to  send  signals,  except for process 1
(init), but see below.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-03-05 08:07:33 +03:00
Qiang Huang 07db66a6ef fix apply error when we not mount cpu subsystem
Find cgroup mountpoint dir through a specific subsystem is not reliable,
we don't know which subsystem users will or will not mount, we can't
assume that, only we can assume is that users mount cgroup subsystems
on the same dir.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2015-03-05 10:21:52 +08:00
Mrunal Patel 38f729e577 Merge pull request #428 from LK4D4/exec_tty
Add tty support for setnsProcess
2015-03-04 17:55:55 -08:00
Alexander Morozov a9644c209f Add tty support for setnsProcess
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-03-04 17:30:37 -08:00
Andrey Vagin a72f710d89 configs: check that config doesn't contain extra fields
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-03-05 00:26:33 +03:00
Andrey Vagin f78bf211f0 integration: don't use default values to test smth
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2015-03-04 23:31:54 +03:00
Alexander Morozov 1c9de5b4d2 Merge pull request #423 from mrunalp/test_env
Adds an integration test for checking process env.
2015-03-04 11:13:48 -08:00
Mrunal Patel 0e3b1262a1 Adds an integration test for checking process env.
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2015-03-04 13:58:42 -05:00
Mrunal Patel 11d14f2621 Merge pull request #425 from hqhq/hq_use_set_in_freeze
cgroups: use Set instead of Apply in Freeze
2015-03-04 10:13:46 -08:00
Michael Crosby b49bd705dc Merge pull request #426 from MabinGo/file_check
Add the file close operation before function return to release resource
2015-03-04 09:26:01 -08:00
Mabin c1fb904d10 Add the file close operation before function return to release resource
Signed-off-by: Mabin <bin.ma@huawei.com>
2015-03-04 14:56:50 +08:00
Qiang Huang a8a798a7c9 cgroups: use Set instead of Apply in Freeze
So Apply function of freezer can be as sample as other subsystems.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2015-03-04 13:45:44 +08:00
Mrunal Patel 903680701a Merge pull request #424 from dqminh/fix-generic-error
Fix panic when genericError constructor gets nil error
2015-03-03 20:11:37 -08:00
Mrunal Patel 3ca0e1ff95 Merge pull request #376 from hqhq/hq_add_set_interface
add a new api Set
2015-03-03 19:57:55 -08:00
Daniel, Dao Quang Minh e22b589543 genericError constructors can accept nil error
if the error is nil, we do not populate generic error's message, but the
constructor will still return a valid error

Signed-off-by: Daniel, Dao Quang Minh <dqminh89@gmail.com>
2015-03-03 22:47:44 -05:00
Daniel, Dao Quang Minh 4ce8d97320 do not pass nil to genericError
currently genericError constructors require not-nil error to be able to read
its Error() message

Signed-off-by: Daniel, Dao Quang Minh <dqminh89@gmail.com>
2015-03-03 22:47:44 -05:00
Qiang Huang 4077c254a6 add test cases for Set interfaces
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2015-03-04 08:43:59 +08:00