Accepting request 576049 from Virtualization:containers

OBS-URL: https://build.opensuse.org/request/show/576049 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/docker?expand=0&rev=70
2018-02-16 20:40:02 +00:00 · 2018-02-16 20:40:02 +00:00 · dfa2ecf531
commit dfa2ecf531
parent aee56fe48c cdaf1b8273
6 changed files with 61 additions and 50 deletions
--- a/bsc1021227-0001-pkg-devmapper-dynamically-load-dm_task_deferred_remo.patch
+++ b/bsc1021227-0001-pkg-devmapper-dynamically-load-dm_task_deferred_remo.patch
@ -1,4 +1,4 @@
-From b492588a54b8efa1fba1de700cb3e0ad3fe665d9 Mon Sep 17 00:00:00 2001
+From e57d7270deb50c31ac1f732d8f28812e5b809062 Mon Sep 17 00:00:00 2001
 From: Aleksa Sarai <asarai@suse.de>
 Date: Thu, 16 Nov 2017 17:09:16 +1100
 Subject: [PATCH] pkg: devmapper: dynamically load dm_task_deferred_remove
@ -19,18 +19,18 @@ default (libdm_dlsym_deferred_remove).
 SUSE-Bugs: bsc#1021227 bsc#1029320 bsc#1058173
 Signed-off-by: Aleksa Sarai <asarai@suse.de>
 ---
- hack/make.sh                                       |  12 +-
+ components/engine/hack/make.sh                     |  12 +-
 ...> devmapper_wrapper_dynamic_deferred_remove.go} |  10 +-
 ...mapper_wrapper_dynamic_dlsym_deferred_remove.go | 128 +++++++++++++++++++++
 .../devmapper_wrapper_no_deferred_remove.go        |   6 +-
 4 files changed, 149 insertions(+), 7 deletions(-)
- rename pkg/devicemapper/{devmapper_wrapper_deferred_remove.go => devmapper_wrapper_dynamic_deferred_remove.go} (78%)
+ rename components/engine/pkg/devicemapper/{devmapper_wrapper_deferred_remove.go => devmapper_wrapper_dynamic_deferred_remove.go} (78%)
- create mode 100644 pkg/devicemapper/devmapper_wrapper_dynamic_dlsym_deferred_remove.go
+ create mode 100644 components/engine/pkg/devicemapper/devmapper_wrapper_dynamic_dlsym_deferred_remove.go
-diff --git a/hack/make.sh b/hack/make.sh
+diff --git a/components/engine/hack/make.sh b/components/engine/hack/make.sh
-index bc18c066b66c..6e94824ad557 100755
+index 58e0d8cd628a..3b78ddef30b0 100755
--- a/hack/make.sh
+--- a/components/engine/hack/make.sh
-+++ b/hack/make.sh
+++ b/components/engine/hack/make.sh
@@ -112,6 +112,12 @@ if [ ! "$GOPATH" ]; then
 	exit 1
 fi
@ -61,13 +61,13 @@ index bc18c066b66c..6e94824ad557 100755
 fi
 # Use these flags when compiling the tests and final binary
-diff --git a/pkg/devicemapper/devmapper_wrapper_deferred_remove.go b/pkg/devicemapper/devmapper_wrapper_dynamic_deferred_remove.go
+diff --git a/components/engine/pkg/devicemapper/devmapper_wrapper_deferred_remove.go b/components/engine/pkg/devicemapper/devmapper_wrapper_dynamic_deferred_remove.go
 similarity index 78%
-rename from pkg/devicemapper/devmapper_wrapper_deferred_remove.go
+rename from components/engine/pkg/devicemapper/devmapper_wrapper_deferred_remove.go
-rename to pkg/devicemapper/devmapper_wrapper_dynamic_deferred_remove.go
+rename to components/engine/pkg/devicemapper/devmapper_wrapper_dynamic_deferred_remove.go
 index 7f793c270868..bf57371ff4cf 100644
--- a/pkg/devicemapper/devmapper_wrapper_deferred_remove.go
+--- a/components/engine/pkg/devicemapper/devmapper_wrapper_deferred_remove.go
-+++ b/pkg/devicemapper/devmapper_wrapper_dynamic_deferred_remove.go
+++ b/components/engine/pkg/devicemapper/devmapper_wrapper_dynamic_deferred_remove.go
@@ -1,11 +1,15 @@
 -// +build linux,cgo,!libdm_no_deferred_remove
 +// +build linux,cgo,!static_build
@ -87,11 +87,11 @@ index 7f793c270868..bf57371ff4cf 100644
 const LibraryDeferredRemovalSupport = true
 func dmTaskDeferredRemoveFct(task *cdmTask) int {
-diff --git a/pkg/devicemapper/devmapper_wrapper_dynamic_dlsym_deferred_remove.go b/pkg/devicemapper/devmapper_wrapper_dynamic_dlsym_deferred_remove.go
+diff --git a/components/engine/pkg/devicemapper/devmapper_wrapper_dynamic_dlsym_deferred_remove.go b/components/engine/pkg/devicemapper/devmapper_wrapper_dynamic_dlsym_deferred_remove.go
 new file mode 100644
 index 000000000000..5dfb369f1ff8
 --- /dev/null
-+++ b/pkg/devicemapper/devmapper_wrapper_dynamic_dlsym_deferred_remove.go
+++ b/components/engine/pkg/devicemapper/devmapper_wrapper_dynamic_dlsym_deferred_remove.go
@@ -0,0 +1,128 @@
 +// +build linux,cgo,!static_build
 +// +build libdm_dlsym_deferred_remove,!libdm_no_deferred_remove
@ -221,10 +221,10 @@ index 000000000000..5dfb369f1ff8
 +	}()
 +	return int(C.dm_task_get_info((*C.struct_dm_task)(task), (*C.struct_dm_info)(unsafe.Pointer(&Cinfo))))
 +}
-diff --git a/pkg/devicemapper/devmapper_wrapper_no_deferred_remove.go b/pkg/devicemapper/devmapper_wrapper_no_deferred_remove.go
+diff --git a/components/engine/pkg/devicemapper/devmapper_wrapper_no_deferred_remove.go b/components/engine/pkg/devicemapper/devmapper_wrapper_no_deferred_remove.go
 index a880fec8c499..80b034b3ff17 100644
--- a/pkg/devicemapper/devmapper_wrapper_no_deferred_remove.go
+--- a/components/engine/pkg/devicemapper/devmapper_wrapper_no_deferred_remove.go
-+++ b/pkg/devicemapper/devmapper_wrapper_no_deferred_remove.go
+++ b/components/engine/pkg/devicemapper/devmapper_wrapper_no_deferred_remove.go
@@ -1,8 +1,10 @@
 -// +build linux,cgo,libdm_no_deferred_remove
 +// +build linux,cgo
@ -239,5 +239,5 @@ index a880fec8c499..80b034b3ff17 100644
 func dmTaskDeferredRemoveFct(task *cdmTask) int {
 -- 
-2.15.1
+2.16.1
--- a/bsc1055676-0001-daemon-oci-obey-CL_UNPRIVILEGED-for-user-namespaced-.patch
+++ b/bsc1055676-0001-daemon-oci-obey-CL_UNPRIVILEGED-for-user-namespaced-.patch
@ -1,4 +1,4 @@
-From a24b98c0fc45d640b4eed8105033b313b8145e35 Mon Sep 17 00:00:00 2001
+From ff7b94c76f343931463b5916fb3fbd2610869a1a Mon Sep 17 00:00:00 2001
 From: Aleksa Sarai <asarai@suse.de>
 Date: Sun, 15 Oct 2017 17:06:20 +1100
 Subject: [PATCH] daemon: oci: obey CL_UNPRIVILEGED for user namespaced daemon
@ -14,17 +14,16 @@ CL_UNPRIVILEGED mount flags when Docker is spawning containers with user
 namespaces enabled.
 SUSE-Bug: https://bugzilla.suse.com/show_bug.cgi?id=1055676
 SUSE-Backport: https://github.com/moby/moby/pull/35205
 Signed-off-by: Aleksa Sarai <asarai@suse.de>
 ---
- daemon/oci_linux.go | 46 ++++++++++++++++++++++++++++++++++++++++++++++
+ components/engine/daemon/oci_linux.go | 46 +++++++++++++++++++++++++++++++++++
 1 file changed, 46 insertions(+)
-diff --git a/daemon/oci_linux.go b/daemon/oci_linux.go
+diff --git a/components/engine/daemon/oci_linux.go b/components/engine/daemon/oci_linux.go
-index 0f8a392c2621..89ac627ff090 100644
+index 6917b4841429..936cb8f998ca 100644
--- a/daemon/oci_linux.go
+--- a/components/engine/daemon/oci_linux.go
-+++ b/daemon/oci_linux.go
+++ b/components/engine/daemon/oci_linux.go
-@@ -26,6 +26,7 @@ import (
+@@ -27,6 +27,7 @@ import (
 	"github.com/opencontainers/runc/libcontainer/user"
 	specs "github.com/opencontainers/runtime-spec/specs-go"
 	"github.com/sirupsen/logrus"
@ -71,7 +70,7 @@ index 0f8a392c2621..89ac627ff090 100644
 var (
 	mountPropagationMap = map[string]int{
 		"private":  mount.PRIVATE,
-@@ -575,6 +608,19 @@ func setMounts(daemon *Daemon, s *specs.Spec, c *container.Container, mounts []c
+@@ -586,6 +619,19 @@ func setMounts(daemon *Daemon, s *specs.Spec, c *container.Container, mounts []c
 			opts = append(opts, mountPropagationReverseMap[pFlag])
 		}
@ -92,5 +91,5 @@ index 0f8a392c2621..89ac627ff090 100644
 		s.Mounts = append(s.Mounts, mt)
 	}
 -- 
-2.15.0
+2.16.1
--- a/docker.changes
+++ b/docker.changes
@ -1,3 +1,15 @@
 -------------------------------------------------------------------
 Tue Feb 13 10:45:58 UTC 2018 - asarai@suse.com
 - Update patches to be sourced from https://github.com/suse/docker-ce (which
  are based on the upstream docker/docker-ce repo). The reason for this change
  (though it is functionally identical to the old patches) is so that public
  patch maintenance is much simpler.
  * bsc1021227-0001-pkg-devmapper-dynamically-load-dm_task_deferred_remo.patch
  * bsc1055676-0001-daemon-oci-obey-CL_UNPRIVILEGED-for-user-namespaced-.patch
  * secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
  * secrets-0002-SUSE-implement-SUSE-container-secrets.patch
 -------------------------------------------------------------------
 Fri Jan 19 14:12:32 UTC 2018 - asarai@suse.com
--- a/docker.spec
+++ b/docker.spec
@ -184,13 +184,13 @@ Test package for docker. It contains the source code and the tests.
 # nothing
 %else
 # PATCH-SUSE: Secrets patches.
-%patch200 -p1 -d components/engine
+%patch200 -p1
-%patch201 -p1 -d components/engine
+%patch201 -p1
 %endif
 # bsc#1055676
-%patch400 -p1 -d components/engine
+%patch400 -p1
 # bsc#1021227 bsc#1029320 bsc#1058173
-%patch401 -p1 -d components/engine
+%patch401 -p1
 cp %{SOURCE7} .
 cp %{SOURCE9} .
--- a/secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
+++ b/secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
@ -1,4 +1,4 @@
-From 5022c3554723040682444e324cd26ec8e2500131 Mon Sep 17 00:00:00 2001
+From c607825b73e5f850b3804a10e9f3c8684cb29d16 Mon Sep 17 00:00:00 2001
 From: Aleksa Sarai <asarai@suse.de>
 Date: Wed, 8 Mar 2017 12:41:54 +1100
 Subject: [PATCH 1/2] daemon: allow directory creation in /run/secrets
@ -10,13 +10,13 @@ useful for creating directories and subdirectories of secrets.
 Signed-off-by: Antonio Murdaca <runcom@redhat.com>
 Signed-off-by: Aleksa Sarai <asarai@suse.de>
 ---
- daemon/container_operations_unix.go | 24 +++++++++++++++++++++---
+ .../engine/daemon/container_operations_unix.go     | 24 +++++++++++++++++++---
 1 file changed, 21 insertions(+), 3 deletions(-)
-diff --git a/daemon/container_operations_unix.go b/daemon/container_operations_unix.go
+diff --git a/components/engine/daemon/container_operations_unix.go b/components/engine/daemon/container_operations_unix.go
 index 954c194ea836..3ef1e0262edc 100644
--- a/daemon/container_operations_unix.go
+--- a/components/engine/daemon/container_operations_unix.go
-+++ b/daemon/container_operations_unix.go
+++ b/components/engine/daemon/container_operations_unix.go
@@ -3,6 +3,7 @@
 package daemon
@ -70,5 +70,5 @@ index 954c194ea836..3ef1e0262edc 100644
 			return errors.Wrap(err, "error setting ownership for secret")
 		}
 -- 
-2.15.1
+2.16.1
--- a/secrets-0002-SUSE-implement-SUSE-container-secrets.patch
+++ b/secrets-0002-SUSE-implement-SUSE-container-secrets.patch
@ -1,4 +1,4 @@
-From a84aa9152b50ea1fd73a7d09246ac056534d0e48 Mon Sep 17 00:00:00 2001
+From 3a7cd305f75fabc49460066e5452458a524ead5c Mon Sep 17 00:00:00 2001
 From: Aleksa Sarai <asarai@suse.de>
 Date: Wed, 8 Mar 2017 11:43:29 +1100
 Subject: [PATCH 2/2] SUSE: implement SUSE container secrets
@ -13,15 +13,15 @@ MAKES BUILDS NOT ENTIRELY REPRODUCIBLE.
 SUSE-Bugs: bsc#1057743 bsc#1055676 bsc#1030702
 Signed-off-by: Aleksa Sarai <asarai@suse.de>
 ---
- daemon/start.go        |   5 +
+ components/engine/daemon/start.go        |   5 +
- daemon/suse_secrets.go | 391 +++++++++++++++++++++++++++++++++++++++++++++++++
+ components/engine/daemon/suse_secrets.go | 391 +++++++++++++++++++++++++++++++
 2 files changed, 396 insertions(+)
- create mode 100644 daemon/suse_secrets.go
+ create mode 100644 components/engine/daemon/suse_secrets.go
-diff --git a/daemon/start.go b/daemon/start.go
+diff --git a/components/engine/daemon/start.go b/components/engine/daemon/start.go
-index de32a649d7ed..2b6137d315e9 100644
+index 55438cf2c45f..7dfa6cd1d055 100644
--- a/daemon/start.go
+--- a/components/engine/daemon/start.go
-+++ b/daemon/start.go
+++ b/components/engine/daemon/start.go
@@ -147,6 +147,11 @@ func (daemon *Daemon) containerStart(container *container.Container, checkpoint
 		return err
 	}
@ -34,11 +34,11 @@ index de32a649d7ed..2b6137d315e9 100644
 	spec, err := daemon.createSpec(container)
 	if err != nil {
 		return systemError{err}
-diff --git a/daemon/suse_secrets.go b/daemon/suse_secrets.go
+diff --git a/components/engine/daemon/suse_secrets.go b/components/engine/daemon/suse_secrets.go
 new file mode 100644
 index 000000000000..9d0788f0410d
 --- /dev/null
-+++ b/daemon/suse_secrets.go
+++ b/components/engine/daemon/suse_secrets.go
@@ -0,0 +1,391 @@
 +/*
 + * suse-secrets: patch for Docker to implement SUSE secrets
@ -432,5 +432,5 @@ index 000000000000..9d0788f0410d
 +	return nil
 +}
 -- 
-2.15.1
+2.16.1