Commit Graph

133 Commits

Author SHA1 Message Date
Akihiro Suda 1386570498 add cgroup v2 documentation
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-06-04 00:21:31 +09:00
Akihiro Suda 5b601c66d0 README.md: fix a dead link
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-05-21 02:31:33 +09:00
Chris Aniszczyk 7376bdc142
Fix reference to badge
Signed-off-by: Chris Aniszczyk <caniszczyk@gmail.com>
2020-04-21 13:20:20 -05:00
Chris Aniszczyk 5c2a97828c
Add CII Badge to README
https://master.bestpractices.coreinfrastructure.org/projects/588

Signed-off-by: Chris Aniszczyk <caniszczyk@gmail.com>
2020-04-20 11:38:49 -05:00
Kenta Tada f8f03700cc README.md: update Go version to build
Signed-off-by: Kenta Tada <Kenta.Tada@sony.com>
2020-04-06 20:14:21 +09:00
Aleksa Sarai a15d2c3ca0
merge branch 'pr-2073'
Odin Ugedal (7):
  Run verify-dependencies only on go1.x
  Don't add git utils to go.mod in CI
  Remove refrences to vndr
  Make CI script to verify that vendor is in sync
  Fix file permissions for mounts.bats
  Update spec test to use go.mod
  Add support for GO Modules

LGTMs: @hqhq @AkihiroSuda @cyphar
Closes #2073
2020-03-16 12:38:40 +11:00
Kir Kolyshkin 89c108b1be Makefile: add selinux and apparmor build tags
Both selinux and apparmor subsystem can detect whether it is enabled,
and act accordingly. Compiling it in by default should help avoid
some frustration cased by missing build tags.

This should not change anything in case BUILDTAGS is already set.

README.md is amended to clarify what BUILDTAGS are enabled by
default.

[v2: add apparmor]
[v3: add it unconditionally, fix README]

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2020-03-15 10:29:35 -07:00
Kir Kolyshkin 69f6f32f6b README, travis.yml: rm ambient tag
This build tag was removed in commit 4f903a21c4 (PR #1370)
quite some time ago.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2020-03-15 10:25:33 -07:00
Odin Ugedal 777f97d8de
Run verify-dependencies only on go1.x
Signed-off-by: Odin Ugedal <odin@ugedal.com>
2020-03-07 10:46:34 +01:00
Odin Ugedal f7edcc3a89
Remove refrences to vndr
Signed-off-by: Odin Ugedal <odin@ugedal.com>
2020-03-07 09:29:33 +01:00
Kenta Tada af3a81e48e Add rootless testpath in Makefile
This commit modifies Makefile for rootless test to select testpath.

Signed-off-by: Kenta Tada <Kenta.Tada@sony.com>
2020-03-06 17:02:33 +09:00
Kenta Tada e03859022a README.md: modify the explanation of make flags
Signed-off-by: Kenta Tada <Kenta.Tada@sony.com>
2020-02-03 15:03:26 +09:00
Amye Scavarda Perrin 7d23d1e172
Update README.md
Signed-off-by: Amye Scavarda Perrin <amye@linuxfoundation.org>
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
2020-01-31 10:59:57 +11:00
Kohei Ota ed4a3e9bc6 Apply review
Signed-off-by: Kohei Ota <kela@inductor.me>
2020-01-26 23:03:13 +09:00
Kohei Ota c8ba985325 Fix path for security report line
Signed-off-by: Kohei Ota <kela@inductor.me>
2020-01-26 16:13:05 +09:00
Michael Crosby 792af40dc0
Merge pull request #1929 from kkallday/patch-1
Adds info about `userns` for rootless containers
2019-10-23 12:35:59 -04:00
Akihiro Suda 9996cf7d39 README.md: clarify cgroup2 support is not ready for production
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2019-10-19 01:51:11 +09:00
Manuel Rüger 4be50fe338 SECURITY: Add Security Policy
This should make the vuln reporting process more visible on GitHub
https://help.github.com/en/articles/adding-a-security-policy-to-your-repository

Signed-off-by: Manuel Rüger <manuel@rueg.eu>
2019-10-01 13:38:50 +02:00
Vincent Batts dbf6e48d0f
README: link to /org/security/
Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
2019-03-03 15:01:08 -05:00
Kevin Kelani 056909bd3d Adds note about user ns for rootless containers
Signed-off-by: Kevin Kelani <kkelani@gmail.com>
2018-11-15 21:37:23 -08:00
Ace-Tang f1b1407e1b readme: add nokmem build tag
Signed-off-by: Ace-Tang <aceapril@126.com>
2018-11-02 11:56:54 +08:00
Mike Brown 26bdc0dce7 clarify license information
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
2018-10-03 10:39:44 -05:00
Kenta Tada b399167f2c Add docker proxy settings for make test in a proxy environment
This commit modifies Makefile to execute `make test` in a proxy environment.

Signed-off-by: Kenta Tada <Kenta.Tada@sony.com>
2018-08-22 18:19:48 +09:00
Kenta Tada 0880503b44 Add an explanation for TESTPATH
This commit adds an explanation of TESTPATH for `make test`.

Signed-off-by: Kenta Tada <Kenta.Tada@sony.com>
2018-07-31 13:33:42 +09:00
Alex Glikson e7e303ab9e Minor wording enhancement in readme
Clarifying a bit the explanation why fine-grained control is benefitial.

Signed-off-by: Alex Glikson <alex.glikson@gmail.com>
2018-03-02 13:39:28 -05:00
vsoch 0f3d824550 adding go get instruction to readme
Signed-off-by: Vanessa Sochat <vsochat@stanford.edu>
2018-02-21 12:54:21 -08:00
Tobias Klauser db093f621f libcontainer: remove dependency on libapparmor
libapparmor is integrated in libcontainer using cgo but is only used to
call a single function: aa_change_onexec. It turns out this function is
simple enough (writing a string to a file in /proc/<n>/attr/...) to be
re-implemented locally in libcontainer in plain Go.

This allows to drop the dependency on libapparmor and the corresponding
cgo integration.

Fixes #1674

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-12-15 09:59:58 +01:00
Tobias Klauser 10dc96bb9e README.md: adjust capabilities section in config.json example
The format of the capabilities section in config.json was changed in the
runtime spec 1.0.0.rc5 (pulled in through PR #1370). Update the example
in README.md correspondingly.

Also fix a small typo (though -> through).

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2017-07-25 13:46:20 +02:00
Jonh Wendell d8477f9b02 Add a rootless containers section on README
Closes #1413.

Signed-off-by: Jonh Wendell <jonh.wendell@redhat.com>
2017-04-21 21:19:07 -03:00
Daniel Dao 912d20cbd1
mention vndr in README
add a new dependencies management section in README to note that we are
using vndr.

Signed-off-by: Daniel Dao <dqminh89@gmail.com>
2017-02-24 11:25:21 +00:00
Steven Hartland a887fc3f2d Add godoc links to README.md files
Add godoc links to README.md files for runc and libcontainer so its easy to access the golang documentation.

Signed-off-by: Steven Hartland <steven.hartland@multiplay.co.uk>
2017-01-21 18:21:03 +00:00
Xianglin Gao 27f7490b7e Add badge for Go Report Card
Signed-off-by: Xianglin Gao <xlgao@zju.edu.cn>
2017-01-04 16:52:29 +08:00
Chris Aniszczyk 165fba9e4b Add Travis CI badge to README
https://travis-ci.org/opencontainers/runc

Signed-off-by: Chris Aniszczyk <caniszczyk@gmail.com>
2017-01-03 19:31:29 -06:00
Aleksa Sarai ac422aa545
*: add information about security mailing list
Signed-off-by: Aleksa Sarai <asarai@suse.de>
2016-12-03 18:54:53 +11:00
Michael Crosby 603c151e6c Move ambient capabilties behind build tag
This moves the ambient capability support behind an `ambient` build tag
so that it is only compiled upon request.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-11-02 10:59:59 -07:00
Harry Zhang 4d76a85559 Clarify libseccomp-devel in guide
Signed-off-by: Harry Zhang <harryz@hyper.sh>
2016-10-31 03:27:05 -04:00
rajasec 4cfbd2555d Small typo in README
Signed-off-by: rajasec <rajasec79@gmail.com>

Fixing small typo in README

Signed-off-by: rajasec <rajasec79@gmail.com>
2016-10-23 19:08:17 +05:30
rajasec c4ffabc033 Typo in README.md
Signed-off-by: rajasec <rajasec79@gmail.com>
2016-09-06 20:24:25 +05:30
Jonathan Boulle 67a6e679c6 Fix runtime-spec repository reference in README
Signed-off-by: Jonathan Boulle <jonathanboulle@gmail.com>
2016-08-31 18:43:57 +02:00
Michael Crosby 762ff42a49 Update readme for create start
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-06-10 16:37:55 -07:00
Mrunal Patel b12fbe0b15 readme: Mention the go 1.6 requirement in the README for building runc
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-06-09 16:23:43 -07:00
rajasec 0307c88ee9 Updating README for starting the container
Signed-off-by: rajasec <rajasec79@gmail.com>

Updating README for starting the container

Signed-off-by: rajasec <rajasec79@gmail.com>

Updating README files for container start

Signed-off-by: rajasec <rajasec79@gmail.com>

updating README files for container start

Signed-off-by: rajasec <rajasec79@gmail.com>
2016-06-05 14:41:58 +05:30
rajasec b3503c3516 Changing OCF to OCI in README
Signed-off-by: rajasec <rajasec79@gmail.com>
2016-05-28 14:28:17 +05:30
rajasec 0015f86cf3 Updating README for runc path
Signed-off-by: rajasec <rajasec79@gmail.com>
2016-04-23 22:00:08 +05:30
Mrunal Patel b407ca684d Merge pull request #749 from jonboulle/master
Fix OCI reference in README
2016-04-14 12:18:39 -07:00
Antonio Murdaca 18f60ae906 README.md: simplify Docker image example
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-04-13 23:09:58 +02:00
Jonathan Boulle bf8e444f77 Fix OCI reference in README
Signed-off-by: Jonathan Boulle <jonathanboulle@gmail.com>
2016-04-13 19:38:58 +02:00
Michael Crosby f417e993d0 Update spec to v0.5.0
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-04-12 14:11:40 -07:00
Alberto Leal 7ec83f8b38 Typo on Readme file
Signed-off-by: Alberto Leal <albertonb@gmail.com>
2016-04-06 15:15:11 +01:00
Michael Crosby a7278cad98 Require containerd id as arg 1
Closes #532

This requires the container id to always be passed to all runc commands
as arg one on the cli.  This was the result of the last OCI meeting and
how operations work with the spec.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-02-09 11:20:55 -08:00