Accepting request 867701 from home:cyphar:docker:bsc1065609

- Re-apply secrets fix for bsc#1065609 which appears to have been lost after it
  was fixed.
  * secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
  * secrets-0002-SUSE-implement-SUSE-container-secrets.patch

OBS-URL: https://build.opensuse.org/request/show/867701
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=351

docker.changes

@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Fri Jan 29 11:54:53 UTC 2021 - Aleksa Sarai <asarai@suse.com>
+
+- Re-apply secrets fix for bsc#1065609 which appears to have been lost after it
+  was fixed.
+  * secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
+  * secrets-0002-SUSE-implement-SUSE-container-secrets.patch
+
 -------------------------------------------------------------------
 Wed Dec 23 06:40:46 UTC 2020 - Aleksa Sarai <asarai@suse.com>
 

secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch

@@ -70,5 +70,5 @@ index 3fcdc1913bed..4920def81a7e 100644
  			return errors.Wrap(err, "error setting ownership for secret")
  		}
 -- 
-2.22.0
+2.30.0
 

secrets-0002-SUSE-implement-SUSE-container-secrets.patch

@@ -1,4 +1,4 @@
-From 80072183953f8cf6fcef6b5e65e609e833dd9fb8 Mon Sep 17 00:00:00 2001
+From 3b3a583ef0704d1a83d172c8a996b1d536e2839b Mon Sep 17 00:00:00 2001
 From: Aleksa Sarai <asarai@suse.de>
 Date: Wed, 8 Mar 2017 11:43:29 +1100
 Subject: [PATCH 2/2] SUSE: implement SUSE container secrets
@@ -10,12 +10,12 @@ THIS PATCH IS NOT TO BE UPSTREAMED, DUE TO THE FACT THAT IT IS
 SUSE-SPECIFIC, AND UPSTREAM DOES NOT APPROVE OF THIS CONCEPT BECAUSE IT
 MAKES BUILDS NOT ENTIRELY REPRODUCIBLE.
 
-SUSE-Bugs: bsc#1057743 bsc#1055676 bsc#1030702
+SUSE-Bugs: bsc#1065609 bsc#1057743 bsc#1055676 bsc#1030702
 Signed-off-by: Aleksa Sarai <asarai@suse.de>
 ---
  components/engine/daemon/start.go        |   5 +
- components/engine/daemon/suse_secrets.go | 396 +++++++++++++++++++++++
+ components/engine/daemon/suse_secrets.go | 406 +++++++++++++++++++++++
- 2 files changed, 401 insertions(+)
+ 2 files changed, 411 insertions(+)
  create mode 100644 components/engine/daemon/suse_secrets.go
 
 diff --git a/components/engine/daemon/start.go b/components/engine/daemon/start.go
@@ -36,10 +36,10 @@ index 57a7267b7cbb..46c3a603554f 100644
  		return errdefs.System(err)
 diff --git a/components/engine/daemon/suse_secrets.go b/components/engine/daemon/suse_secrets.go
 new file mode 100644
-index 000000000000..087c877015a7
+index 000000000000..e8de931cb7ca
 --- /dev/null
 +++ b/components/engine/daemon/suse_secrets.go
-@@ -0,0 +1,396 @@
+@@ -0,0 +1,406 @@
 +/*
 + * suse-secrets: patch for Docker to implement SUSE secrets
 + * Copyright (C) 2017 SUSE LLC.
@@ -145,9 +145,14 @@ index 000000000000..087c877015a7
 +	path := filepath.Join(prefix, dir)
 +	fi, err := os.Stat(path)
 +	if err != nil {
-+		// Ignore dangling symlinks.
++		// Ignore missing files.
 +		if os.IsNotExist(err) {
-+			logrus.Warnf("SUSE:secrets :: dangling symlink: %s", path)
++			// If the path itself exists it was a dangling symlink so give a
++			// warning about the dangling symlink.
++			_, err2 := os.Lstat(path)
++			if !os.IsNotExist(err2) {
++				logrus.Warnf("SUSE:secrets :: ignoring dangling symlink: %s", path)
++			}
 +			return nil, nil
 +		}
 +		return nil, err
@@ -261,9 +266,14 @@ index 000000000000..087c877015a7
 +	path := filepath.Join(prefix, file)
 +	fi, err := os.Stat(path)
 +	if err != nil {
-+		// Ignore dangling symlinks.
++		// Ignore missing files.
 +		if os.IsNotExist(err) {
-+			logrus.Warnf("SUSE:secrets :: dangling symlink: %s", path)
++			// If the path itself exists it was a dangling symlink so give a
++			// warning about the dangling symlink.
++			_, err2 := os.Lstat(path)
++			if !os.IsNotExist(err2) {
++				logrus.Warnf("SUSE:secrets :: ignoring dangling symlink: %s", path)
++			}
 +			return nil, nil
 +		}
 +		return nil, err
@@ -437,5 +447,5 @@ index 000000000000..087c877015a7
 +	return nil
 +}
 -- 
-2.22.0
+2.30.0