Accepting request 981222 from home:cyphar:docker

- Rebase patches: * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch * 0003-PRIVATE-REGISTRY-add-private-registry-mirror-support.patch * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch * 0005-bsc1183855-btrfs-Do-not-disable-quota-on-cleanup.patch * 0006-bsc1193930-vendor-update-golang.org-x-crypto.patch OBS-URL: https://build.opensuse.org/request/show/981222 OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=371
2022-06-07 23:20:49 +00:00 · 2022-06-07 23:20:49 +00:00 · 9f1db41663
commit 9f1db41663
parent 6fbaa2ec7d
7 changed files with 41 additions and 37 deletions
--- a/0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
+++ b/0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
@ -1,4 +1,4 @@
-From 63d19d6ef58457e8aba6346157c9601e38f60929 Mon Sep 17 00:00:00 2001
+From 37dfb97c0016300dd6453fc718805ccdf341bfd6 Mon Sep 17 00:00:00 2001
 From: Aleksa Sarai <asarai@suse.de>
 Date: Wed, 8 Mar 2017 12:41:54 +1100
 Subject: [PATCH 1/6] SECRETS: daemon: allow directory creation in /run/secrets
@ -10,17 +10,14 @@ useful for creating directories and subdirectories of secrets.
 Signed-off-by: Antonio Murdaca <runcom@redhat.com>
 Signed-off-by: Aleksa Sarai <asarai@suse.de>
 ---
- daemon/container_operations_unix.go | 25 ++++++++++++++++++++++---
+ daemon/container_operations_unix.go | 24 +++++++++++++++++++++---
- 1 file changed, 22 insertions(+), 3 deletions(-)
+ 1 file changed, 21 insertions(+), 3 deletions(-)
 diff --git a/daemon/container_operations_unix.go b/daemon/container_operations_unix.go
-index 6a50b99bd29e..583db20aa459 100644
+index 75b4b09b8dc4..583db20aa459 100644
 --- a/daemon/container_operations_unix.go
 +++ b/daemon/container_operations_unix.go
-@@ -1,8 +1,10 @@
+@@ -4,6 +4,7 @@
 +//go:build linux || freebsd
 // +build linux freebsd
 package daemon // import "github.com/docker/docker/daemon"
 import (
@ -28,7 +25,7 @@ index 6a50b99bd29e..583db20aa459 100644
 	"fmt"
 	"io/ioutil"
 	"os"
-@@ -12,6 +14,7 @@ import (
+@@ -13,6 +14,7 @@ import (
 	"github.com/docker/docker/container"
 	"github.com/docker/docker/daemon/links"
 	"github.com/docker/docker/errdefs"
@ -36,7 +33,7 @@ index 6a50b99bd29e..583db20aa459 100644
 	"github.com/docker/docker/pkg/idtools"
 	"github.com/docker/docker/pkg/stringid"
 	"github.com/docker/docker/pkg/system"
-@@ -205,9 +208,6 @@ func (daemon *Daemon) setupSecretDir(c *container.Container) (setupErr error) {
+@@ -206,9 +208,6 @@ func (daemon *Daemon) setupSecretDir(c *container.Container) (setupErr error) {
 		if err != nil {
 			return errors.Wrap(err, "unable to get secret from secret store")
 		}
@ -46,7 +43,7 @@ index 6a50b99bd29e..583db20aa459 100644
 		uid, err := strconv.Atoi(s.File.UID)
 		if err != nil {
-@@ -218,6 +218,25 @@ func (daemon *Daemon) setupSecretDir(c *container.Container) (setupErr error) {
+@@ -219,6 +218,25 @@ func (daemon *Daemon) setupSecretDir(c *container.Container) (setupErr error) {
 			return err
 		}
@ -73,5 +70,5 @@ index 6a50b99bd29e..583db20aa459 100644
 			return errors.Wrap(err, "error setting ownership for secret")
 		}
 -- 
-2.35.1
+2.36.1
--- a/0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
+++ b/0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
@ -1,4 +1,4 @@
-From a472a5da8d0aeb21b4cb6fbd2dc348a753c0a883 Mon Sep 17 00:00:00 2001
+From 11ac23e5620ee53c9527334d2222b32ca5098876 Mon Sep 17 00:00:00 2001
 From: Aleksa Sarai <asarai@suse.de>
 Date: Wed, 8 Mar 2017 11:43:29 +1100
 Subject: [PATCH 2/6] SECRETS: SUSE: implement SUSE container secrets
@ -451,5 +451,5 @@ index 000000000000..9ee33adf7497
 +	return nil
 +}
 -- 
-2.35.1
+2.36.1
--- a/0003-PRIVATE-REGISTRY-add-private-registry-mirror-support.patch
+++ b/0003-PRIVATE-REGISTRY-add-private-registry-mirror-support.patch
@ -1,4 +1,4 @@
-From 098dd769a226407da7a695ae44cf2e41a5d13a4a Mon Sep 17 00:00:00 2001
+From cf3c6ccefda39c60dc656404674628ac48b55de9 Mon Sep 17 00:00:00 2001
 From: Valentin Rothberg <vrothberg@suse.com>
 Date: Mon, 2 Jul 2018 13:37:34 +0200
 Subject: [PATCH 3/6] PRIVATE-REGISTRY: add private-registry mirror support
@ -1142,5 +1142,5 @@ index 3e3a5b41ffbd..451a6f874bc1 100644
 	endpoints = []APIEndpoint{
 -- 
-2.35.1
+2.36.1
--- a/0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
+++ b/0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
@ -1,4 +1,4 @@
-From 5e84bae968f7beadd92452795cfe2ce4f8995cef Mon Sep 17 00:00:00 2001
+From 5d2f7a37a37547663aae1538b2d3fd48dd7277c8 Mon Sep 17 00:00:00 2001
 From: Aleksa Sarai <asarai@suse.de>
 Date: Fri, 29 Jun 2018 17:59:30 +1000
 Subject: [PATCH 4/6] bsc1073877: apparmor: clobber docker-default profile on
@ -22,10 +22,10 @@ Signed-off-by: Aleksa Sarai <asarai@suse.de>
 3 files changed, 17 insertions(+), 6 deletions(-)
 diff --git a/daemon/apparmor_default.go b/daemon/apparmor_default.go
-index a7cc3a5ef412..1a952953da8f 100644
+index 21813ec14f8f..0de75b32b7fa 100644
 --- a/daemon/apparmor_default.go
 +++ b/daemon/apparmor_default.go
-@@ -23,6 +23,15 @@ func DefaultApparmorProfile() string {
+@@ -24,6 +24,15 @@ func DefaultApparmorProfile() string {
 	return ""
 }
@ -41,7 +41,7 @@ index a7cc3a5ef412..1a952953da8f 100644
 func ensureDefaultAppArmorProfile() error {
 	if apparmor.IsEnabled() {
 		loaded, err := aaprofile.IsLoaded(defaultAppArmorProfile)
-@@ -36,10 +45,7 @@ func ensureDefaultAppArmorProfile() error {
+@@ -37,10 +46,7 @@ func ensureDefaultAppArmorProfile() error {
 		}
 		// Load the profile.
@ -54,10 +54,10 @@ index a7cc3a5ef412..1a952953da8f 100644
 	return nil
 }
 diff --git a/daemon/apparmor_default_unsupported.go b/daemon/apparmor_default_unsupported.go
-index dd581dc7dadb..5b14979cd4a3 100644
+index e3dc18b32b5e..9c7723056268 100644
 --- a/daemon/apparmor_default_unsupported.go
 +++ b/daemon/apparmor_default_unsupported.go
-@@ -2,6 +2,10 @@
+@@ -3,6 +3,10 @@
 package daemon // import "github.com/docker/docker/daemon"
@ -85,5 +85,5 @@ index 2a2fbbd52e19..0999ac3186b7 100644
 	}
 -- 
-2.35.1
+2.36.1
--- a/0005-bsc1183855-btrfs-Do-not-disable-quota-on-cleanup.patch
+++ b/0005-bsc1183855-btrfs-Do-not-disable-quota-on-cleanup.patch
@ -1,4 +1,4 @@
-From 98822d2010c709e64d5e86d7ec8e054861080a53 Mon Sep 17 00:00:00 2001
+From b54c6c7addcb163ddcef5e37fc7ed1c0afd0dbfa Mon Sep 17 00:00:00 2001
 From: Michal Rostecki <mrostecki@opensuse.org>
 Date: Thu, 8 Apr 2021 14:42:02 +0100
 Subject: [PATCH 5/6] bsc1183855: btrfs: Do not disable quota on cleanup
@ -24,10 +24,10 @@ Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
 1 file changed, 8 insertions(+), 42 deletions(-)
 diff --git a/daemon/graphdriver/btrfs/btrfs.go b/daemon/graphdriver/btrfs/btrfs.go
-index 8fd2854a2673..32c4f07c620d 100644
+index fa0cdf8666b1..02bbb5da1088 100644
 --- a/daemon/graphdriver/btrfs/btrfs.go
 +++ b/daemon/graphdriver/btrfs/btrfs.go
-@@ -103,7 +103,7 @@ func Init(home string, options []string, uidMaps, gidMaps []idtools.IDMap) (grap
+@@ -104,7 +104,7 @@ func Init(home string, options []string, uidMaps, gidMaps []idtools.IDMap) (grap
 	}
 	if userDiskQuota {
@ -36,7 +36,7 @@ index 8fd2854a2673..32c4f07c620d 100644
 			return nil, err
 		}
 	}
-@@ -172,18 +172,10 @@ func (d *Driver) GetMetadata(id string) (map[string]string, error) {
+@@ -173,18 +173,10 @@ func (d *Driver) GetMetadata(id string) (map[string]string, error) {
 // Cleanup unmounts the home directory.
 func (d *Driver) Cleanup() error {
@ -56,7 +56,7 @@ index 8fd2854a2673..32c4f07c620d 100644
 	return nil
 }
-@@ -341,7 +333,7 @@ func (d *Driver) updateQuotaStatus() {
+@@ -342,7 +334,7 @@ func (d *Driver) updateQuotaStatus() {
 	d.once.Do(func() {
 		if !d.quotaEnabled {
 			// In case quotaEnabled is not set, check qgroup and update quotaEnabled as needed
@ -65,7 +65,7 @@ index 8fd2854a2673..32c4f07c620d 100644
 				// quota is still not enabled
 				return
 			}
-@@ -350,7 +342,7 @@ func (d *Driver) updateQuotaStatus() {
+@@ -351,7 +343,7 @@ func (d *Driver) updateQuotaStatus() {
 	})
 }
@ -74,7 +74,7 @@ index 8fd2854a2673..32c4f07c620d 100644
 	d.updateQuotaStatus()
 	if d.quotaEnabled {
-@@ -376,32 +368,6 @@ func (d *Driver) subvolEnableQuota() error {
+@@ -377,32 +369,6 @@ func (d *Driver) subvolEnableQuota() error {
 	return nil
 }
@ -107,7 +107,7 @@ index 8fd2854a2673..32c4f07c620d 100644
 func (d *Driver) subvolRescanQuota() error {
 	d.updateQuotaStatus()
-@@ -444,11 +410,11 @@ func subvolLimitQgroup(path string, size uint64) error {
+@@ -445,11 +411,11 @@ func subvolLimitQgroup(path string, size uint64) error {
 	return nil
 }
@ -121,7 +121,7 @@ index 8fd2854a2673..32c4f07c620d 100644
 	dir, err := openDir(path)
 	if err != nil {
 		return err
-@@ -622,7 +588,7 @@ func (d *Driver) setStorageSize(dir string, driver *Driver) error {
+@@ -623,7 +589,7 @@ func (d *Driver) setStorageSize(dir string, driver *Driver) error {
 	if d.options.minSpace > 0 && driver.options.size < d.options.minSpace {
 		return fmt.Errorf("btrfs: storage size cannot be less than %s", units.HumanSize(float64(d.options.minSpace)))
 	}
@ -130,7 +130,7 @@ index 8fd2854a2673..32c4f07c620d 100644
 		return err
 	}
 	return subvolLimitQgroup(dir, driver.options.size)
-@@ -676,7 +642,7 @@ func (d *Driver) Get(id, mountLabel string) (containerfs.ContainerFS, error) {
+@@ -677,7 +643,7 @@ func (d *Driver) Get(id, mountLabel string) (containerfs.ContainerFS, error) {
 	if quota, err := ioutil.ReadFile(d.quotasDirID(id)); err == nil {
 		if size, err := strconv.ParseUint(string(quota), 10, 64); err == nil && size >= d.options.minSpace {
@ -140,5 +140,5 @@ index 8fd2854a2673..32c4f07c620d 100644
 			}
 			if err := subvolLimitQgroup(dir, size); err != nil {
 -- 
-2.35.1
+2.36.1
--- a/0006-bsc1193930-vendor-update-golang.org-x-crypto.patch
+++ b/0006-bsc1193930-vendor-update-golang.org-x-crypto.patch
@ -1,4 +1,4 @@
-From b0122ef823aa4f05c9c552fb0eeff2fc11a0a64c Mon Sep 17 00:00:00 2001
+From bb67252dfccb18dacc9e0c3463e7c52f32fb2900 Mon Sep 17 00:00:00 2001
 From: Aleksa Sarai <asarai@suse.de>
 Date: Fri, 29 Apr 2022 12:44:21 +1000
 Subject: [PATCH 6/6] bsc1193930: vendor: update golang.org/x/crypto
@ -354,7 +354,7 @@ Signed-off-by: Aleksa Sarai <asarai@suse.de>
 create mode 100644 vendor/golang.org/x/crypto/xts/xts.go
 diff --git a/vendor.conf b/vendor.conf
-index ac4640c76369..c21d903fa8a8 100644
+index 54e97e4562d8..9ff95d499ef8 100644
 --- a/vendor.conf
 +++ b/vendor.conf
@@ -150,7 +150,7 @@ github.com/golang/protobuf                          84668698ea25b64748563aa20726
@ -41068,5 +41068,5 @@ index 000000000000..b51308e95e52
 +	}
 +}
 -- 
-2.35.1
+2.36.1
--- a/docker.changes
+++ b/docker.changes
@ -3,6 +3,13 @@ Tue Jun  7 07:18:41 UTC 2022 - Aleksa Sarai <asarai@suse.com>
 - Update to Docker 20.10.17-ce. See upstream changelog online at
  <https://docs.docker.com/engine/release-notes/#201017>. bsc#1200145
 - Rebase patches:
  * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  * 0003-PRIVATE-REGISTRY-add-private-registry-mirror-support.patch
  * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  * 0005-bsc1183855-btrfs-Do-not-disable-quota-on-cleanup.patch
  * 0006-bsc1193930-vendor-update-golang.org-x-crypto.patch
 -------------------------------------------------------------------
 Fri Apr 29 02:51:43 UTC 2022 - Aleksa Sarai <asarai@suse.com>