Commit Graph

2879 Commits

Author SHA1 Message Date
Zhao Lei 54390f89a7 Introduce make release
So we can make all types of release binary with combination
of following flags:
 seccomp
 selinux
 apparmor
 static

All binary files are put in release/ dir, like:
 [root@zlosvm1 runc]# ls -l release
 total 53556
 -rwxr-xr-x 1 root root 9517965 Aug 24 16:59 runc
 -rwxr-xr-x 1 root root 9673533 Aug 24 17:00 runc.seccomp
 -rwxr-xr-x 1 root root 9705839 Aug 24 17:00 runc.seccomp.selinux
 -rwxr-xr-x 1 root root 9546175 Aug 24 16:59 runc.selinux
 -rwxr-xr-x 1 root root 8205015 Aug 24 16:59 runc.selinux.static
 -rwxr-xr-x 1 root root 8181789 Aug 24 16:59 runc.static
 ...
Closes #899

Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
2016-09-06 11:22:34 +08:00
Qiang Huang 7b0b628a9b Merge pull request #1020 from forever043/fix-makefile-integration
Makefile: Fix wrong dependency of "integration" target
2016-09-06 09:05:28 +08:00
Jiuyue Ma 4bc8637393 Makefile: Fix wrong dependency of "integration" target
Change dependency of integration to runcimage.

Signed-off-by: Jiuyue Ma <majiuyue@huawei.com>
2016-09-06 08:38:32 +08:00
Shukui Yang e15af9ffbb remove redundant by in annotation(nsexec.c)
Signed-off-by: Shukui Yang <yangshukui@huawei.com>
2016-09-05 10:53:19 +08:00
Zhang Wei 9f80653779 Append string "-dirty" to version if git repo is unclean
If runc binary is compiled from codes with modified but not commited
files, git commits should report "COMMIT-dirty" instead of single
"COMMIT" to warn users.

Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2016-09-04 16:08:39 +08:00
Qiang Huang 10da74affe Merge pull request #1012 from hqhq/fix_null_point_reference
Fix null point reference panic
2016-09-02 09:15:40 +08:00
Qiang Huang aa2dd02f5a Fix null point reference panic
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2016-09-01 08:34:22 +08:00
Mrunal Patel b79076544e Merge pull request #1009 from hqhq/fix_default_cgroup_parent
Fix default cgroup path
2016-08-31 14:23:14 -07:00
Mrunal Patel 795d5ce2da Merge pull request #1008 from hqhq/combine_runc_image
Combine runctestimage and runcimage
2016-08-31 14:22:11 -07:00
Michael Crosby bf8d1296a9 Merge pull request #1011 from jonboulle/master
Fix runtime-spec repository reference in README
2016-08-31 09:55:42 -07:00
Jonathan Boulle 67a6e679c6 Fix runtime-spec repository reference in README
Signed-off-by: Jonathan Boulle <jonathanboulle@gmail.com>
2016-08-31 18:43:57 +02:00
Qiang Huang a8f66ffcaf Update golang to 1.7.0
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2016-08-31 14:32:02 +08:00
Qiang Huang 220e5098a8 Fix default cgroup path
Alternative of #895 , part of #892

The intension of current behavior if to create cgroup in
parent cgroup of current process, but we did this in a
wrong way, we used devices cgroup path of current process
as the default parent path for all subsystems, this is
wrong because we don't always have the same cgroup path
for all subsystems.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2016-08-30 14:12:15 +08:00
Qiang Huang 0c80599812 Combine runctestimage and runcimage
There is no need that keep them separate, it also
fixes #1006.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2016-08-30 09:46:47 +08:00
Qiang Huang 189a2ab2f7 Merge pull request #1003 from rajasec/container-error
Error handling when container not exists
2016-08-27 11:18:55 +08:00
Qiang Huang face64a1ed Merge pull request #880 from rajasec/exec-status
Not exec a container from stopped state
2016-08-27 11:07:02 +08:00
Qiang Huang dc9be6cab1 Merge pull request #933 from zhaoleidd/workaround_for_ps
cli: Workaround for ps's argument
2016-08-27 10:57:17 +08:00
Mrunal Patel 9b53b362e2 Merge pull request #906 from TristanCacqueray/master
Add "--" exec cli support for command arguments
2016-08-26 10:35:26 -07:00
Tristan Cacqueray c562e4cd91 exec: Support command arguments
This enables support for exec command argument starting with a '-'.
This uses the usual argument separator '--', for example:
  runc exec containerid -- ps -afx

Without this, cli interprets command argument and fails with
'flag provided but not defined'.

Signed-off-by: Tristan Cacqueray <tdecacqu@redhat.com>
2016-08-26 02:01:40 +00:00
Qiang Huang 1e319efa36 Merge pull request #815 from rajasec/basecont-comments
Updated the libcontainer interface comments
2016-08-26 09:43:50 +08:00
rajasec 714550f87c Error handling when container not exists
Signed-off-by: rajasec <rajasec79@gmail.com>

Error handling when container not exists

Signed-off-by: rajasec <rajasec79@gmail.com>

Error handling when container not exists

Signed-off-by: rajasec <rajasec79@gmail.com>

Error handling when container not exists

Signed-off-by: rajasec <rajasec79@gmail.com>
2016-08-26 00:00:54 +05:30
Daniel, Dao Quang Minh 91dd6d2452 Merge pull request #1002 from crosbymichael/stopped
Return 0 for pid if container is stopped
2016-08-25 18:18:32 +01:00
Michael Crosby 4294d882b1 Return 0 for pid if container is stopped
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-08-25 09:44:48 -07:00
Michael Crosby 46d9535096 Merge pull request #934 from macrosheep/fix-initargs
Fix and refactor init args
2016-08-24 10:06:01 -07:00
Mrunal Patel 4d34c30196 Merge pull request #988 from chlunde/i386-32-bit-uid
Support 32 bit UID on i386
2016-08-24 09:55:41 -07:00
Daniel, Dao Quang Minh c92d105863 Merge pull request #997 from xiekeyang/defer
let defer function
2016-08-24 11:15:53 +01:00
Aleksa Sarai e43f740ed7
Merge branch 'pr-987'
Closes #987 [Test: Make TestCaptureTestFunc pass in localunittest]
2016-08-24 18:37:06 +10:00
Aleksa Sarai a56fc8264c
Merge branch 'pr-878'
Closes #878 [Adjust man pages for create start split].
2016-08-24 18:35:11 +10:00
xiekeyang 200f8cb69d let defer function
Signed-off-by: xiekeyang <xiekeyang@huawei.com>
2016-08-24 11:35:49 +08:00
Michael Crosby b4ffe2974d Merge pull request #995 from estesp/starttime-for-criu-container
Restored-from-checkpoint containers should have a start time
2016-08-23 15:07:14 -07:00
Alexander Morozov 0c6733d669 Merge pull request #970 from hqhq/fix_race_cgroup_paths
Fix race condition when using cgroups.Paths
2016-08-23 10:47:00 -07:00
rajasec 1ea17d73fe Updated the libcontainer interface comments
Signed-off-by: rajasec <rajasec79@gmail.com>
2016-08-23 19:14:27 +05:30
rajasec 98d63504a4 Not exec a container from stopped state
Signed-off-by: rajasec <rajasec79@gmail.com>
2016-08-23 18:25:08 +05:30
Aleksa Sarai 31d51c10e1
Merge branch 'pr-994'
Closes #994
2016-08-23 01:47:41 +10:00
xiekeyang 206fea7f50 remove unused code
Signed-off-by: xiekeyang <xiekeyang@huawei.com>
2016-08-22 17:16:45 +08:00
Phil Estes 85f4d20b44
Restored-from-checkpoint containers should have a start time
Set the start time similar to a brand new container.

Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
2016-08-21 18:15:18 -04:00
Daniel, Dao Quang Minh c520720728 Merge pull request #993 from crosbymichael/disable-subreaper-exec
Disable the subreaper on exec
2016-08-19 18:18:08 +01:00
Michael Crosby f61c6e413f Disable the subreaper on exec
This keeps the flag but makes it hidden so that existing clients do not
encounter an error if we were to have removed the flag.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-08-19 09:56:00 -07:00
Daniel, Dao Quang Minh 84c344d260 Merge pull request #992 from xiekeyang/master
move util function
2016-08-19 15:56:40 +01:00
xiekeyang 2fcbb5a494 move util function
Signed-off-by: xiekeyang <xiekeyang@huawei.com>
2016-08-19 16:08:06 +08:00
Michael Crosby 6df383c2f8 Merge pull request #989 from mrunalp/fix_format
Fix format specifier for size_t
2016-08-17 11:54:33 -07:00
Mrunal Patel 0bd675a56c Fix format specifier for size_t
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-08-17 11:40:08 -07:00
Mrunal Patel aee3f6ff5a Merge pull request #950 from cyphar/cleanup-nsenter
nsenter: major cleanups
2016-08-16 16:00:22 -07:00
Aleksa Sarai 4e72ffc237
nsenter: simplify netlink parsing
This just moves everything to one function so we don't have to pass a
bunch of things to functions when there's no real benefit. It also makes
the API nicer.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
2016-08-17 08:21:48 +10:00
Carl Henrik Lunde 0a45903563 Support 32 bit UID on i386
The original SETUID takes a 16 bit UID.  Linux 2.4 introduced  a new
syscall, SETUID32, with support for 32 bit UIDs.  The setgid wrapper
already uses SETGID32.

Signed-off-by: Carl Henrik Lunde <chlunde@ifi.uio.no>
2016-08-16 22:47:38 +02:00
Zhao Lei bb067f55aa Test: Make TestCaptureTestFunc pass in localunittest
TestCaptureTestFunc failed in localunittest:
 # make localunittest
 === RUN   TestCaptureTestFunc
 --- FAIL: TestCaptureTestFunc (0.00s)
         capture_test.go:26: expected package "github.com/opencontainers/runc/libcontainer/stacktrace" but received "_/root/runc/libcontainer/stacktrace"
 #

Reason: the path for stacktrace is a fixed string which
only valid for container environment.
And we can switch to relative path to make both in-container
and out-of-container test works.

After patch:
 # make localunittest
 === RUN   TestCaptureTestFunc
 --- PASS: TestCaptureTestFunc (0.00s)
 #

Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
2016-08-16 18:37:01 +08:00
Michael Crosby 12c3d17017 Merge pull request #985 from hallyn/whitelist
checkMountDesktionation: add swaps and uptime to /proc whitelist
2016-08-15 09:42:23 -07:00
Serge Hallyn 52a8873f62 checkMountDesktionation: add swaps and uptime to /proc whitelist
Signed-off-by: Serge Hallyn <serge@hallyn.com>
2016-08-14 18:32:39 -05:00
Aleksa Sarai faa3281ce8
nsenter: major cleanup
Removed a lot of clutter, improved the style of the code, removed
unnecessary complexity. In addition, made errors unique by making bail()
exit with a unique error code. Most of this code comes from the current
state of the rootless containers branch.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
2016-08-13 03:18:04 +10:00
Michael Crosby ae7a92e352 Merge pull request #983 from justincormack/no-dev-fuse
Do not create /dev/fuse by default
2016-08-12 09:35:08 -07:00