jasder
/
runc
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
2,922 Commits 5 Branches 25 Tags 17 MiB
Commit Graph

2922 Commits

Author SHA1 Message Date
Michael Crosby baf6536d62 Bump to 0.1.1 
This includes a fix for selinux mount labels in the spec.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2016-04-25 14:18:35 -07:00
Mrunal Patel 9d16d9472e Bump up spec and add support for mount label 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2016-04-25 14:14:15 -07:00
Michael Crosby ee42f8bbb6 Merge pull request #768 from rajasec/events-destroy 
Not showing up the events for destroyed container
 2016-04-25 10:51:58 -07:00
Mrunal Patel 091ed0b043 Merge pull request #777 from cyphar/fix-null-pointer-deref 
libcontainer: specconv: fix nil dereference in resource setup
 2016-04-24 19:09:30 -07:00
Aleksa Sarai 4b710d33d2 Merge pull request #776 from rajasec/runc-path 
Updating README for runc path
 2016-04-25 01:56:37 +00:00
Aleksa Sarai a939c7ecd9 libcontainer: specconv: fix nil dereference in resource setup 
This caused issues if someone omitted or set "resources": null, in the
runC config. The panic follows.

panic: runtime error: invalid memory address or nil pointer dereference
[signal 0xb code=0x1 addr=0x20 pc=0x545b53]

goroutine 1 [running]:
panic(0x7aed40, 0xc820014260)
        /usr/lib64/go/src/runtime/panic.go:464 +0x3e6
github.com/opencontainers/runc/libcontainer/specconv.CreateLibcontainerConfig(0xc8200b0e30, 0x836480, 0x0, 0x0)
        /home/cyphar/src/runc/Godeps/_workspace/src/github.com/opencontainers/runc/libcontainer/specconv/spec_linux.go:222 +0xe83
main.createContainer(0xc82007eb40, 0x7ffd8024e439, 0x4, 0xc82008e780, 0x0, 0x0, 0x0, 0x0)
        /home/cyphar/src/runc/utils_linux.go:174 +0x105
main.startContainer(0xc82007eb40, 0xc82008e780, 0x0, 0x0, 0x0)
        /home/cyphar/src/runc/start.go:114 +0x189
main.glob.func11(0xc82007eb40)
        /home/cyphar/src/runc/start.go:78 +0x13e
github.com/codegangsta/cli.Command.Run(0x829a58, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x87ada0, 0x1a, 0x8dff80, ...)
        /home/cyphar/src/runc/Godeps/_workspace/src/github.com/codegangsta/cli/command.go:137 +0x1081
github.com/codegangsta/cli.(*App).Run(0xc82007e900, 0xc82000a050, 0x5, 0x5, 0x0, 0x0)
        /home/cyphar/src/runc/Godeps/_workspace/src/github.com/codegangsta/cli/app.go:176 +0xffa
main.main()
        /home/cyphar/src/runc/main.go:123 +0xc8e

Signed-off-by: Aleksa Sarai <asarai@suse.de>
 2016-04-25 11:52:22 +10:00
Aleksa Sarai 399175c227 Merge pull request #679 from rajasec/selinux-errorcheck 
Adding selinux check during container start
 2016-04-24 16:24:26 +00:00
Alexander Morozov ae0fc15b1e Merge pull request #608 from inatatsu/reduce-parsing-mountinfo 
Eliminate redundant parsing of mountinfo
 2016-04-23 22:30:54 -07:00
rajasec 0015f86cf3 Updating README for runc path 
Signed-off-by: rajasec <rajasec79@gmail.com>
 2016-04-23 22:00:08 +05:30
rajasec 9adc142404 Updated as per review comments by moving to caller 
Signed-off-by: rajasec <rajasec79@gmail.com>

Changing to container ID as per comments

Signed-off-by: rajasec <rajasec79@gmail.com>
 2016-04-23 20:31:05 +05:30
rajasec fb53190389 Not showing up the events for destroyed container 
Signed-off-by: rajasec <rajasec79@gmail.com>

Updated as per review comments by moving to caller

Signed-off-by: rajasec <rajasec79@gmail.com>
 2016-04-23 20:25:57 +05:30
Qiang Huang 45605bb48d Merge pull request #773 from mrunalp/mount_label 
Bump up spec and add support for mount label
 2016-04-23 08:09:26 +08:00
Mrunal Patel 94acd98156 Merge pull request #766 from hqhq/hq_makefile_man 
Add target man in Makefile
 2016-04-22 15:51:46 -07:00
Mrunal Patel e25811108b Bump up spec and add support for mount label 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2016-04-22 15:31:39 -07:00
Michael Crosby 3041475491 Merge pull request #659 from mikebrow/integration-test-bats 
adds client api integration tests for runc using bash w/bats
 2016-04-22 15:29:57 -07:00
Michael Crosby e0a1d18050 Merge pull request #772 from rajasec/validate-kcore 
Updating kcore in validator test
 2016-04-22 14:47:16 -07:00
Qiang Huang 3dadcf02f6 Add target man in Makefile 
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
 2016-04-22 14:37:42 +08:00
Qiang Huang 9a69882ab9 Merge pull request #740 from rajasec/process-argscheck 
Fixing index out of range during exec of container
 2016-04-22 11:09:27 +08:00
Tatsushi Inagaki eb0a144b5e Rootfs: reduce redundant parsing of mountinfo 
Postpone parsing mountinfo until pivot_root() actually failed

Signed-off-by: Tatsushi Inagaki <e29253@jp.ibm.com>
 2016-04-22 09:41:28 +09:00
Tatsushi Inagaki 78e1a4fc2e Selinux: reduce redundant parsing of mountinfo 
Avoid parsing the whole lines of mountinfo after the mountpoint
is found.

Signed-off-by: Tatsushi Inagaki <e29253@jp.ibm.com>
 2016-04-22 09:41:28 +09:00
Tatsushi Inagaki 2a1a6cdf44 Cgroup: reduce redundant parsing of mountinfo 
Avoid parsing the whole lines of mountinfo after all mountpoints
of the target subsytems are found, or when the target subsystem
is not enabled.

Signed-off-by: Tatsushi Inagaki <e29253@jp.ibm.com>
 2016-04-22 09:41:28 +09:00
Mike Brown e9f89e163f adds integration tests 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2016-04-21 19:09:27 -05:00
Qiang Huang 8cf9ca4bcf Add ps command 
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
 2016-04-22 08:06:35 +08:00
Mrunal Patel 1d2bea3d46 Merge pull request #765 from hqhq/hq_link_ocitools 
Add infomation about ocitools in runc spec
 2016-04-21 09:53:30 -07:00
rajasec 733ff99f6d Updating kcore in validator test 
Signed-off-by: rajasec <rajasec79@gmail.com>
 2016-04-21 15:29:19 +05:30
Qiang Huang 8b0d5831b8 Add infomation about ocitools in runc spec 
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
 2016-04-21 12:57:26 +08:00
rajasec c3cc4b36ba Fixing index out of range during exec of container 
Signed-off-by: rajasec <rajasec79@gmail.com>

Fixed review comments

Signed-off-by: rajasec <rajasec79@gmail.com>

updated the arguments check as per review comment

Signed-off-by: rajasec <rajasec79@gmail.com>
 2016-04-20 14:25:50 +05:30
Michael Crosby d14b04a331 Merge pull request #738 from codido/makefile_fixes 
Makefile fixes
 2016-04-19 16:17:42 -07:00
Michael Crosby 7dd87976ed Merge pull request #758 from rajasec/container-pause-comment 
Update the comment for container pause
 2016-04-19 16:16:41 -07:00
Michael Crosby 616ad448e1 Merge pull request #751 from mrunalp/list_quiet 
Add -q to list to print only container IDs
 2016-04-19 16:16:09 -07:00
Michael Crosby 76261a4854 Merge pull request #762 from ncopa/musl-fix-headers 
nsexec: fix build against musl libc
 2016-04-19 15:29:13 -07:00
Michael Crosby 27fd0575ee Merge pull request #763 from mrunalp/userns_cgroups_ro 
Allow mounting cgroups as read-only when user namespace is configured
 2016-04-19 10:36:00 -07:00
Mrunal Patel a6104c3bbe Allow mounting cgroups as read-only when user namespace is configured 
We use bind mount to achieve this as other file system remounts are disallowed
in a user namespace.

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2016-04-19 10:12:09 -07:00
rajasec d0bf80e481 Adding selinux check during container start 
Signed-off-by: rajasec <rajasec79@gmail.com>

Fixed review comments and rebased

Signed-off-by: rajasec <rajasec79@gmail.com>

updated the message as per review comment

Signed-off-by: Rajasekaran <rajasec79@gmail.com>
 2016-04-19 22:22:04 +05:30
Natanael Copa ac6bd95319 nsexec: fix build against musl libc 
Remove a wrongly added include which was added in commit 3c2e77ee (Add a
compatibility header for CentOS/RHEL 6, 2016-01-29) apparently to
fix this compile error on centos 6:

> In file included from
> Godeps/_workspace/src/github.com/opencontainers/runc/libcontainer/nsenter/nsexec.c:20:
> /usr/include/linux/netlink.h:35: error: expected specifier-qualifier-list before 'sa_family_t'

The glibc bits/sockaddr.h says that this header should never be included
directly[1]. Instead, sys/socket.h should be used.

The problem was correctly fixed later, in commit 394fb55 (Fix build
error on centos6, 2016-03-02) so the incorrect bits/sockaddr.h can
safely be removed.

This is needed to build musl libc.

Fixes #761

[1]: 20003c4988/bits/sockaddr.h (L20)

Signed-off-by: Natanael Copa <natanael.copa@docker.com>
 2016-04-19 10:58:17 +02:00
Aleksa Sarai 9384f484ff Merge pull request #759 from crosbymichael/err-context 
Add cause to error messages
 2016-04-19 01:52:43 +00:00
Michael Crosby 6978875298 Add cause to error messages 
This is the inital port of the libcontainer.Error to added a cause to
all the existing error messages.  Going forward, when an error can be
wrapped because it is not being checked at the higher levels for
something like `os.IsNotExist` we can add more information to the error
message like cause and stack file/line information.  This will help
higher level tools to know what cause a container start or operation to
fail.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2016-04-18 11:37:26 -07:00
Qiang Huang 8b0f6a7e14 Merge pull request #757 from rajasec/spec-typo 
Typo in SPEC.md
 2016-04-18 09:59:48 +08:00
Qiang Huang d5574d1a4c Merge pull request #672 from rajasec/userns-validation 
handling error for userns
 2016-04-18 09:15:37 +08:00
rajasec ccbd0a176f Update the comment for container pause 
Signed-off-by: rajasec <rajasec79@gmail.com>
 2016-04-16 14:59:19 +05:30
rajasec d663afe2a3 Rebased with spec changes 
Signed-off-by: rajasec <rajasec79@gmail.com>
 2016-04-16 07:10:02 +05:30
rajasec 2295e0ddb1 Typo in SPEC.md 
Signed-off-by: rajasec <rajasec79@gmail.com>
 2016-04-15 14:57:14 +05:30
Qiang Huang c6db82f921 Merge pull request #753 from rajasec/manpage-start 
updating man page for start option
 2016-04-15 09:30:30 +08:00
Mrunal Patel 852d20b0c6 Add -q to list to print only container IDs 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
 2016-04-14 16:19:33 -07:00
Mrunal Patel b407ca684d Merge pull request #749 from jonboulle/master 
Fix OCI reference in README
 2016-04-14 12:18:39 -07:00
Mrunal Patel d1e0015032 Merge pull request #748 from runcom/readme 
README.md: simplify Docker image example
 2016-04-13 14:13:23 -07:00
Antonio Murdaca 18f60ae906 README.md: simplify Docker image example 
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
 2016-04-13 23:09:58 +02:00
Michael Crosby 942d0cf03f Merge pull request #750 from tianon/libseccomp-backports 
Switch from mixed jessie/testing to jessie+backports for libseccomp
 2016-04-13 13:38:22 -07:00
Tianon Gravi ca423f1348 Switch from mixed jessie/testing to jessie+backports for libseccomp 
Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
 2016-04-13 12:37:54 -07:00
Jonathan Boulle bf8e444f77 Fix OCI reference in README 
Signed-off-by: Jonathan Boulle <jonathanboulle@gmail.com>
 2016-04-13 19:38:58 +02:00