Commit Graph

2397 Commits

Author SHA1 Message Date
Tatsushi Inagaki 78e1a4fc2e Selinux: reduce redundant parsing of mountinfo
Avoid parsing the whole lines of mountinfo after the mountpoint
is found.

Signed-off-by: Tatsushi Inagaki <e29253@jp.ibm.com>
2016-04-22 09:41:28 +09:00
Tatsushi Inagaki 2a1a6cdf44 Cgroup: reduce redundant parsing of mountinfo
Avoid parsing the whole lines of mountinfo after all mountpoints
of the target subsytems are found, or when the target subsystem
is not enabled.

Signed-off-by: Tatsushi Inagaki <e29253@jp.ibm.com>
2016-04-22 09:41:28 +09:00
Mrunal Patel 1d2bea3d46 Merge pull request #765 from hqhq/hq_link_ocitools
Add infomation about ocitools in runc spec
2016-04-21 09:53:30 -07:00
Qiang Huang 8b0d5831b8 Add infomation about ocitools in runc spec
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2016-04-21 12:57:26 +08:00
Michael Crosby d14b04a331 Merge pull request #738 from codido/makefile_fixes
Makefile fixes
2016-04-19 16:17:42 -07:00
Michael Crosby 7dd87976ed Merge pull request #758 from rajasec/container-pause-comment
Update the comment for container pause
2016-04-19 16:16:41 -07:00
Michael Crosby 616ad448e1 Merge pull request #751 from mrunalp/list_quiet
Add -q to list to print only container IDs
2016-04-19 16:16:09 -07:00
Michael Crosby 76261a4854 Merge pull request #762 from ncopa/musl-fix-headers
nsexec: fix build against musl libc
2016-04-19 15:29:13 -07:00
Michael Crosby 27fd0575ee Merge pull request #763 from mrunalp/userns_cgroups_ro
Allow mounting cgroups as read-only when user namespace is configured
2016-04-19 10:36:00 -07:00
Mrunal Patel a6104c3bbe Allow mounting cgroups as read-only when user namespace is configured
We use bind mount to achieve this as other file system remounts are disallowed
in a user namespace.

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-04-19 10:12:09 -07:00
Natanael Copa ac6bd95319 nsexec: fix build against musl libc
Remove a wrongly added include which was added in commit 3c2e77ee (Add a
compatibility header for CentOS/RHEL 6, 2016-01-29) apparently to
fix this compile error on centos 6:

> In file included from
> Godeps/_workspace/src/github.com/opencontainers/runc/libcontainer/nsenter/nsexec.c:20:
> /usr/include/linux/netlink.h:35: error: expected specifier-qualifier-list before 'sa_family_t'

The glibc bits/sockaddr.h says that this header should never be included
directly[1]. Instead, sys/socket.h should be used.

The problem was correctly fixed later, in commit 394fb55 (Fix build
error on centos6, 2016-03-02) so the incorrect bits/sockaddr.h can
safely be removed.

This is needed to build musl libc.

Fixes #761

[1]: 20003c4988/bits/sockaddr.h (L20)

Signed-off-by: Natanael Copa <natanael.copa@docker.com>
2016-04-19 10:58:17 +02:00
Aleksa Sarai 9384f484ff Merge pull request #759 from crosbymichael/err-context
Add cause to error messages
2016-04-19 01:52:43 +00:00
Michael Crosby 6978875298 Add cause to error messages
This is the inital port of the libcontainer.Error to added a cause to
all the existing error messages.  Going forward, when an error can be
wrapped because it is not being checked at the higher levels for
something like `os.IsNotExist` we can add more information to the error
message like cause and stack file/line information.  This will help
higher level tools to know what cause a container start or operation to
fail.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-04-18 11:37:26 -07:00
Qiang Huang 8b0f6a7e14 Merge pull request #757 from rajasec/spec-typo
Typo in SPEC.md
2016-04-18 09:59:48 +08:00
Qiang Huang d5574d1a4c Merge pull request #672 from rajasec/userns-validation
handling error for userns
2016-04-18 09:15:37 +08:00
rajasec ccbd0a176f Update the comment for container pause
Signed-off-by: rajasec <rajasec79@gmail.com>
2016-04-16 14:59:19 +05:30
rajasec d663afe2a3 Rebased with spec changes
Signed-off-by: rajasec <rajasec79@gmail.com>
2016-04-16 07:10:02 +05:30
rajasec 2295e0ddb1 Typo in SPEC.md
Signed-off-by: rajasec <rajasec79@gmail.com>
2016-04-15 14:57:14 +05:30
Qiang Huang c6db82f921 Merge pull request #753 from rajasec/manpage-start
updating man page for start option
2016-04-15 09:30:30 +08:00
Mrunal Patel 852d20b0c6 Add -q to list to print only container IDs
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-04-14 16:19:33 -07:00
Mrunal Patel b407ca684d Merge pull request #749 from jonboulle/master
Fix OCI reference in README
2016-04-14 12:18:39 -07:00
Mrunal Patel d1e0015032 Merge pull request #748 from runcom/readme
README.md: simplify Docker image example
2016-04-13 14:13:23 -07:00
Antonio Murdaca 18f60ae906 README.md: simplify Docker image example
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-04-13 23:09:58 +02:00
Michael Crosby 942d0cf03f Merge pull request #750 from tianon/libseccomp-backports
Switch from mixed jessie/testing to jessie+backports for libseccomp
2016-04-13 13:38:22 -07:00
Tianon Gravi ca423f1348 Switch from mixed jessie/testing to jessie+backports for libseccomp
Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
2016-04-13 12:37:54 -07:00
Jonathan Boulle bf8e444f77 Fix OCI reference in README
Signed-off-by: Jonathan Boulle <jonathanboulle@gmail.com>
2016-04-13 19:38:58 +02:00
rajasec 1e070e51d9 updating man page for start option
Signed-off-by: rajasec <rajasec79@gmail.com>
2016-04-13 19:08:58 +05:30
Aleksa Sarai 445d184c81 Merge pull request #747 from amitkris/build_solaris
Get runc to build clean on Solaris
2016-04-13 00:29:35 +00:00
Amit Krishnan 82050a5b8f Get runc to build clean on Solaris
Signed-off-by: Amit Krishnan <krish.amit@gmail.com>
2016-04-12 16:13:08 -07:00
Ido Yariv 80cf52436a Speed up successive builds
By saving the packages that are dependencies of runc, successive build
times can be decreased by over 50%.

Signed-off-by: Ido Yariv <ido@wizery.com>
2016-04-12 18:48:52 -04:00
Ido Yariv 77ce689fe0 Don't use pre-defined GOPATH
All packages should be vendored, so there's no need to include the
pre-defined GOPATH in the search path.

Signed-off-by: Ido Yariv <ido@wizery.com>
2016-04-12 18:48:52 -04:00
Ido Yariv 8f250ceb47 Fix static builds
The runc symlink is only created when building non-static builds, so it
might be missing when building static builds. Fix this.

Signed-off-by: Ido Yariv <ido@wizery.com>
2016-04-12 18:48:52 -04:00
Alexander Morozov 99b423c6cb Merge pull request #746 from crosbymichael/bump_spec412
Update to version 0.1.0
2016-04-12 14:34:16 -07:00
Michael Crosby 8e129e0972 Update runc to 0.1.0
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-04-12 14:12:08 -07:00
Michael Crosby f417e993d0 Update spec to v0.5.0
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-04-12 14:11:40 -07:00
Michael Crosby 660029b476 Merge pull request #745 from AkihiroSuda/very-trivial-style-fix
Fix trivial style errors reported by `go vet` and `golint`
2016-04-12 13:33:00 -07:00
Mrunal Patel e874369984 Merge pull request #702 from cyphar/install-to-sbin
Makefile: install to /usr/local/sbin
2016-04-12 12:12:08 -07:00
Michael Crosby 6460c26528 Merge pull request #744 from hqhq/hq_fix_swap_memory
Fix problem when swap memory unsupported
2016-04-12 10:05:47 -07:00
Mrunal Patel 59c99bc33c Merge pull request #739 from albertoleal/unittests-utils
Add unit tests for the utils package
2016-04-12 09:21:24 -07:00
Alberto Leal 917c1f6d60 Add unit tests for 'utils' package
Signed-off-by: Alberto Leal <albertonb@gmail.com>
2016-04-12 13:29:37 +01:00
Akihiro Suda 1829531241 Fix trivial style errors reported by `go vet` and `golint`
No substantial code change.
Note that some style errors reported by `golint` are not fixed due to possible compatibility issues.

Signed-off-by: Akihiro Suda <suda.kyoto@gmail.com>
2016-04-12 08:13:16 +00:00
Qiang Huang 792251ae38 Fix problem when swap memory unsupported
When swap memory is unsupported, Docker will set
cgroup.Resources.MemorySwap as -1.

Fixes: https://github.com/docker/docker/pull/21937

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2016-04-12 15:08:10 +08:00
Aleksa Sarai af0cc71369 Merge pull request #717 from albertoleal/config-unittests
Add unit tests for configs.Hooks
2016-04-12 02:43:16 +00:00
Mrunal Patel 4023fe0fb9 Merge pull request #724 from cloudfoundry-incubator/hookstate-bundlepath
HookState adhears to OCI
2016-04-11 14:59:14 -07:00
Michael Crosby f54e41f7f0 Merge pull request #742 from LK4D4/carry_732
Fix setupDev logic in rootfs_linux.go
2016-04-11 11:16:36 -07:00
Michael Crosby 4998ea19e5 Merge pull request #736 from mrunalp/rootfs_fix
Fix for runc failing when rootfs has a trailing slash
2016-04-11 10:58:05 -07:00
Akihiro Suda 42234a85d1 Fix setupDev logic in rootfs_linux.go
setupDev was introduced in #96, but broken since #536 because spec 0.3.0 introduced default devices.

Fix #80 again
Fix docker/docker#21808

Signed-off-by: Akihiro Suda <suda.kyoto@gmail.com>
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2016-04-11 10:29:40 -07:00
Mrunal Patel 5640330693 Fix for runc failing when rootfs has a traling slash
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-04-11 09:50:28 -07:00
Alberto Leal 69be363508 Add unit tests for configs.Hooks
Signed-off-by: Alberto Leal <albertonb@gmail.com>
2016-04-09 07:27:33 +00:00
Aleksa Sarai 6c59168557 Merge pull request #730 from rhatdan/getfilecon
Add label.GetFileLabel interface
2016-04-09 05:25:11 +00:00