Accepting request 381303 from Virtualization:containers
Automatic submission by obs-autosubmit OBS-URL: https://build.opensuse.org/request/show/381303 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/docker?expand=0&rev=31
This commit is contained in:
commit
efcbbd7a98
4
_service
4
_service
@ -3,8 +3,8 @@
|
|||||||
<param name="url">https://github.com/docker/docker.git</param>
|
<param name="url">https://github.com/docker/docker.git</param>
|
||||||
<param name="scm">git</param>
|
<param name="scm">git</param>
|
||||||
<param name="exclude">.git</param>
|
<param name="exclude">.git</param>
|
||||||
<param name="versionformat">1.9.1</param>
|
<param name="versionformat">1.10.3</param>
|
||||||
<param name="revision">v1.9.1</param>
|
<param name="revision">v1.10.3</param>
|
||||||
</service>
|
</service>
|
||||||
<service name="recompress" mode="disabled">
|
<service name="recompress" mode="disabled">
|
||||||
<param name="file">docker-*.tar</param>
|
<param name="file">docker-*.tar</param>
|
||||||
|
@ -1,20 +0,0 @@
|
|||||||
From: Michel Normand <normand@linux.vnet.ibm.com>
|
|
||||||
Subject: add bolt arm64
|
|
||||||
Date: Fri, 04 Dec 2015 17:07:22 +0100
|
|
||||||
|
|
||||||
add bolt arm64
|
|
||||||
|
|
||||||
Signed-off-by: Michel Normand <normand@linux.vnet.ibm.com>
|
|
||||||
---
|
|
||||||
vendor/src/github.com/boltdb/bolt/bolt_arm64.go | 4 ++++
|
|
||||||
1 file changed, 4 insertions(+)
|
|
||||||
|
|
||||||
Index: docker-1.9.1/vendor/src/github.com/boltdb/bolt/bolt_arm64.go
|
|
||||||
===================================================================
|
|
||||||
--- /dev/null
|
|
||||||
+++ docker-1.9.1/vendor/src/github.com/boltdb/bolt/bolt_arm64.go
|
|
||||||
@@ -0,0 +1,4 @@
|
|
||||||
+package bolt
|
|
||||||
+
|
|
||||||
+// maxMapSize represents the largest mmap size supported by Bolt.
|
|
||||||
+const maxMapSize = 0xFFFFFFFFFFFF // 256TB
|
|
@ -1,23 +0,0 @@
|
|||||||
---
|
|
||||||
vendor/src/github.com/boltdb/bolt/bolt_ppc64.go | 4 ++++
|
|
||||||
vendor/src/github.com/boltdb/bolt/bolt_ppc64le.go | 4 ++++
|
|
||||||
2 files changed, 8 insertions(+)
|
|
||||||
|
|
||||||
Index: docker-1.9.1/vendor/src/github.com/boltdb/bolt/bolt_ppc64.go
|
|
||||||
===================================================================
|
|
||||||
--- /dev/null
|
|
||||||
+++ docker-1.9.1/vendor/src/github.com/boltdb/bolt/bolt_ppc64.go
|
|
||||||
@@ -0,0 +1,4 @@
|
|
||||||
+package bolt
|
|
||||||
+
|
|
||||||
+// maxMapSize represents the largest mmap size supported by Bolt.
|
|
||||||
+const maxMapSize = 0xFFFFFFFFFFFF // 256TB
|
|
||||||
Index: docker-1.9.1/vendor/src/github.com/boltdb/bolt/bolt_ppc64le.go
|
|
||||||
===================================================================
|
|
||||||
--- /dev/null
|
|
||||||
+++ docker-1.9.1/vendor/src/github.com/boltdb/bolt/bolt_ppc64le.go
|
|
||||||
@@ -0,0 +1,4 @@
|
|
||||||
+package bolt
|
|
||||||
+
|
|
||||||
+// maxMapSize represents the largest mmap size supported by Bolt.
|
|
||||||
+const maxMapSize = 0xFFFFFFFFFFFF // 256TB
|
|
18
boltdb_bolt_powerpc.patch
Normal file
18
boltdb_bolt_powerpc.patch
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
---
|
||||||
|
vendor/src/github.com/boltdb/bolt/bolt_ppc64.go | 9 +++++++++
|
||||||
|
1 file changed, 9 insertions(+)
|
||||||
|
|
||||||
|
Index: docker-1.10.2/vendor/src/github.com/boltdb/bolt/bolt_ppc64.go
|
||||||
|
===================================================================
|
||||||
|
--- /dev/null
|
||||||
|
+++ docker-1.10.2/vendor/src/github.com/boltdb/bolt/bolt_ppc64.go
|
||||||
|
@@ -0,0 +1,9 @@
|
||||||
|
+// +build ppc64
|
||||||
|
+
|
||||||
|
+package bolt
|
||||||
|
+
|
||||||
|
+// maxMapSize represents the largest mmap size supported by Bolt.
|
||||||
|
+const maxMapSize = 0xFFFFFFFFFFFF // 256TB
|
||||||
|
+
|
||||||
|
+// maxAllocSize is the size used when creating array pointers.
|
||||||
|
+const maxAllocSize = 0x7FFFFFFF
|
3
docker-1.10.3.tar.xz
Normal file
3
docker-1.10.3.tar.xz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:981d52320b7936c294d4b433deffe7af9934b715e207d38a7a993a5a74b3862e
|
||||||
|
size 8307800
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:edb9bdbcce529e4170b6ad8a14643b12f176c8d2b1690f182f29bc79e3dde3c0
|
|
||||||
size 6283244
|
|
221
docker.changes
221
docker.changes
@ -1,3 +1,224 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Mar 22 15:27:26 UTC 2016 - fcastelli@suse.com
|
||||||
|
|
||||||
|
- Changed systemd unit file and default sysconfig file to include network options,
|
||||||
|
this is needed to get SDN like flannel to work
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Mar 15 09:16:55 UTC 2016 - asarai@suse.de
|
||||||
|
|
||||||
|
- docker.spec: update warning to mention that /etc/sysconfig/docker is sourced
|
||||||
|
by the migration script.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Mar 14 10:20:19 UTC 2016 - asarai@suse.de
|
||||||
|
|
||||||
|
- docker.spec: only Reccomends: the docker-image-migrator package as it is no
|
||||||
|
longer required for our ugly systemctl hacks.
|
||||||
|
- docker.spec: fix up documentation to refer to the script you need to run in
|
||||||
|
the migrator package.
|
||||||
|
- docker.spec: print a warning if you force the DOCKER_FORCE_INSTALL option.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Mar 11 08:44:46 UTC 2016 - asarai@suse.de
|
||||||
|
|
||||||
|
- spec: switch to new done file name from docker-image-migrator
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Mar 11 08:41:49 UTC 2016 - jmassaguerpla@suse.com
|
||||||
|
|
||||||
|
- update to docker 1.10.3 (bnc#970637)
|
||||||
|
Runtime
|
||||||
|
Fix Docker client exiting with an "Unrecognized input header" error #20706
|
||||||
|
Fix Docker exiting if Exec is started with both AttachStdin and Detach #20647
|
||||||
|
Distribution
|
||||||
|
Fix a crash when pushing multiple images sharing the same layers to the same repository in parallel #20831
|
||||||
|
Fix a panic when pushing images to a registry which uses a misconfigured token service #21030
|
||||||
|
Plugin system
|
||||||
|
Fix issue preventing volume plugins to start when SELinux is enabled #20834
|
||||||
|
Prevent Docker from exiting if a volume plugin returns a null response for Get requests #20682
|
||||||
|
Fix plugin system leaking file descriptors if a plugin has an error #20680
|
||||||
|
Security
|
||||||
|
Fix linux32 emulation to fail during docker build #20672 It was due to the personality syscall being blocked by the default seccomp profile.
|
||||||
|
Fix Oracle XE 10g failing to start in a container #20981 It was due to the ipc syscall being blocked by the default seccomp profile.
|
||||||
|
Fix user namespaces not working on Linux From Scratch #20685
|
||||||
|
Fix issue preventing daemon to start if userns is enabled and the subuid or subgid files contain comments #20725
|
||||||
|
|
||||||
|
More at https://github.com/docker/docker/releases/tag/v1.10.3
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Mar 10 13:52:54 UTC 2016 - asarai@suse.de
|
||||||
|
|
||||||
|
- spec: improve file-based migration checks to make sure that it doesn't cause
|
||||||
|
errors if running on a /var/lib/docker without /var/lib/docker/graph.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Mar 9 13:45:14 UTC 2016 - asarai@suse.de
|
||||||
|
|
||||||
|
- spec: implement file-based migration checks. The migrator will be updated to
|
||||||
|
match the warning message's instructions. This looks like it works with my
|
||||||
|
testing.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Mar 7 14:09:17 UTC 2016 - normand@linux.vnet.ibm.com
|
||||||
|
|
||||||
|
- more patches to build on ppc64 architecture
|
||||||
|
update netlink_gcc_go.patch
|
||||||
|
new netlink_netns_powerpc.patch
|
||||||
|
new boltdb_bolt_powerpc.patch
|
||||||
|
new libnetwork_drivers_bridge_powerpc.patch to replace
|
||||||
|
deleted fix-ppc64le.patch
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Mar 1 17:54:41 UTC 2016 - jmassaguerpla@suse.com
|
||||||
|
|
||||||
|
- fix bsc#968972 - let docker manage the cgroups of the processes
|
||||||
|
that it launches without systemd
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Mar 1 15:28:56 UTC 2016 - jmassaguerpla@suse.com
|
||||||
|
|
||||||
|
- Require docker-image-migrator (bnc#968933)
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Feb 23 08:55:17 UTC 2016 - jmassaguerpla@suse.com
|
||||||
|
|
||||||
|
Update to version 1.10.2 (bnc#968933)
|
||||||
|
|
||||||
|
- Runtime
|
||||||
|
Prevent systemd from deleting containers' cgroups when its configuration is reloaded #20518
|
||||||
|
Fix SELinux issues by disregarding --read-only when mounting /dev/mqueue #20333
|
||||||
|
Fix chown permissions used during docker cp when userns is used #20446
|
||||||
|
Fix configuration loading issue with all booleans defaulting to true #20471
|
||||||
|
Fix occasional panic with docker logs -f #20522
|
||||||
|
|
||||||
|
- Distribution
|
||||||
|
Keep layer reference if deletion failed to avoid a badly inconsistent state #20513
|
||||||
|
Handle gracefully a corner case when canceling migration #20372
|
||||||
|
Fix docker import on compressed data #20367
|
||||||
|
Fix tar-split files corruption during migration that later cause docker push and docker save to fail #20458
|
||||||
|
|
||||||
|
- Networking
|
||||||
|
Fix daemon crash if embedded DNS is sent garbage #20510
|
||||||
|
|
||||||
|
- Volumes
|
||||||
|
Fix issue with multiple volume references with same name #20381
|
||||||
|
|
||||||
|
- Security
|
||||||
|
Fix potential cache corruption and delegation conflict issues #20523
|
||||||
|
|
||||||
|
link to changelog:
|
||||||
|
|
||||||
|
https://github.com/docker/docker/blob/v1.10.2/CHANGELOG.md
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Feb 15 09:48:41 UTC 2016 - asarai@suse.com
|
||||||
|
|
||||||
|
- fix-apparmor.patch: switch to a backported version of docker/docker#20305,
|
||||||
|
which also fixes several potential issues if the major version of apparmor
|
||||||
|
changes.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Feb 15 08:35:43 UTC 2016 - asarai@suse.com
|
||||||
|
|
||||||
|
- Remove 1.10.0 tarball.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Feb 12 16:04:19 UTC 2016 - jmassaguerpla@suse.com
|
||||||
|
|
||||||
|
- Update to docker 1.10.1
|
||||||
|
It includes some fixes to 1.10.0, see detailed changelog in
|
||||||
|
|
||||||
|
https://github.com/docker/docker/blob/v1.10.1/CHANGELOG.md
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Feb 9 17:24:46 UTC 2016 - jmassaguerpla@suse.com
|
||||||
|
|
||||||
|
- Update docker to 1.10.0 (bnc#965918)
|
||||||
|
|
||||||
|
Add usernamespace support
|
||||||
|
Add support for custom seccomp profiles
|
||||||
|
Improvements in network and volume management
|
||||||
|
|
||||||
|
detailed changelog in
|
||||||
|
|
||||||
|
https://github.com/docker/docker/blob/590d5108bbdaabb05af590f76c9757daceb6d02e/CHANGELOG.md
|
||||||
|
|
||||||
|
- removed patches, because code has been merged in 1.10.0 release:
|
||||||
|
libcontainer-apparmor-fixes.patch: see: https://github.com/docker/docker/blob/release/v1.10/contrib/apparmor/template.go
|
||||||
|
fix_bnc_958255.patch: see https://github.com/docker/docker/commit/2b4f64e59018c21aacbf311d5c774dd5521b5352
|
||||||
|
use_fs_cgroups_by_default.patch
|
||||||
|
fix_cgroup.parent_path_sanitisation.patch
|
||||||
|
add_bolt_ppc64.patch
|
||||||
|
add_bolt_arm64.patch
|
||||||
|
add_bolt_s390x.patch
|
||||||
|
|
||||||
|
- remove gcc-go-build-static-libgo.patch: This has been replace by gcc-go-patches.patch
|
||||||
|
|
||||||
|
- removed patches, because arm and ppc are not build using the dynbinary target, but the dyngccgo one:
|
||||||
|
docker_remove_journald_to_fix_dynbinary_build_on_arm.patch
|
||||||
|
docker_remove_journald_to_fix_dynbinary_build_on_powerpc.patch
|
||||||
|
docker_remove_journald_to_fix_dynbinary_build_on_arm64.patch
|
||||||
|
|
||||||
|
- added patches:
|
||||||
|
fix_platform_type_arm.patch: fix build for arm64 and aarch64: set utsname as uint8 for arm64 and aarch64
|
||||||
|
gcc5_socket_workaround.patch: gcc5-go in Tumbleweed includes this commit
|
||||||
|
https://github.com/golang/gofrontend/commit/a850225433a66a58613c22185c3b09626f5545eb
|
||||||
|
Which "fixes" the data type for RawSockaddr.Data
|
||||||
|
However, docker now expects the "wrong" data type, since docker had a workaround
|
||||||
|
for that issue.
|
||||||
|
Thus, we need to workaround the workaround in tumbleweed
|
||||||
|
netlink_gcc_go.patch: add constants for syscalls TUNSETIFF and TUNSETPERSIST to fix a gcc issue.
|
||||||
|
This is a workaround for bnc#964468: gcc-go can no longer compile Docker.
|
||||||
|
fix-apparmor.patch: fix https://github.com/docker/docker/issues/20269 . It affects SLE12 which has apparmor
|
||||||
|
version 2.8 and not openSUSE which has version 2.9.
|
||||||
|
fix-ppc64le.patch: Build netlink driver using int8 and not uint8 for the data structure
|
||||||
|
|
||||||
|
|
||||||
|
- reviewed patches:
|
||||||
|
ignore-dockerinit-checksum.patch: review context in patch
|
||||||
|
fix-docker-init.patch: review patch because build method has been changed in spec file for gcc-go
|
||||||
|
gcc-go-patches.patch: review context in patch
|
||||||
|
|
||||||
|
- Build requires go >= 1.5: For version 1.9, we could use Go 1.4.3
|
||||||
|
see GO_VERSION https://github.com/docker/docker/blob/release/v1.9/Dockerfile
|
||||||
|
However, for version 1.10, we need go 1.5.3
|
||||||
|
see GO_VERSION https://github.com/docker/docker/blob/release/v1.10/Dockerfile
|
||||||
|
|
||||||
|
- fix bnc#965600 - SLES12 SP1 - Static shared memory limit in container
|
||||||
|
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Jan 27 23:40:09 UTC 2016 - asarai@suse.com
|
||||||
|
|
||||||
|
- backport 1 bugfix from the upstream 1.10 branch
|
||||||
|
Added:
|
||||||
|
fix_json_econnreset_bug.patch (https://github.com/docker/docker/issues/14203)
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Jan 22 15:08:05 UTC 2016 - jmassaguerpla@suse.com
|
||||||
|
|
||||||
|
- use_fs_cgroups_by_default.patch: fix bsc#963177 - Use fs cgroups
|
||||||
|
by default in docker
|
||||||
|
- fix_cgroup.parent_path_sanitisation.patch: fix bsc# 963198 - fix
|
||||||
|
cgroup.Parent path sanitisation in docker
|
||||||
|
- fix_bnc_958255.patch: fix bnc#958255 - Docker creates strange
|
||||||
|
apparmor profile
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Jan 21 16:52:41 UTC 2016 - jmassaguerpla@suse.com
|
||||||
|
|
||||||
|
- gcc5-go in Tumbleweed includes this commit
|
||||||
|
https://github.com/golang/gofrontend/commit/a850225433a66a58613c22185c3b09626f5545eb
|
||||||
|
Which "fixes" the data type for RawSockaddr.Data
|
||||||
|
However, docker now expects the "wrong" data type, since docker had a workaround
|
||||||
|
for that issue.
|
||||||
|
Thus, we need to workaround the workaroundn in tumbleweed
|
||||||
|
|
||||||
|
- There was an error in one of the file list
|
||||||
|
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
Wed Dec 23 10:47:04 UTC 2015 - fcastelli@suse.com
|
Wed Dec 23 10:47:04 UTC 2015 - fcastelli@suse.com
|
||||||
|
|
||||||
- Add rules for auditd. This is required to fix bnc#959405
|
- Add rules for auditd. This is required to fix bnc#959405
|
||||||
|
@ -5,12 +5,17 @@ After=network.target docker.socket
|
|||||||
Requires=docker.socket
|
Requires=docker.socket
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
|
# the default is not to use systemd for cgroups because the delegate issues still
|
||||||
|
# exists and systemd currently does not support the cgroup feature set required
|
||||||
|
# for containers run by docker
|
||||||
EnvironmentFile=/etc/sysconfig/docker
|
EnvironmentFile=/etc/sysconfig/docker
|
||||||
ExecStart=/usr/bin/docker daemon -H fd:// $DOCKER_OPTS
|
ExecStart=/usr/bin/docker daemon -H fd:// $DOCKER_NETWORK_OPTIONS $DOCKER_OPTS
|
||||||
MountFlags=slave
|
MountFlags=slave
|
||||||
LimitNOFILE=1048576
|
LimitNOFILE=1048576
|
||||||
LimitNPROC=1048576
|
LimitNPROC=1048576
|
||||||
LimitCORE=infinity
|
LimitCORE=infinity
|
||||||
|
# set delegate yes so that systemd does not reset the cgroups of docker containers
|
||||||
|
Delegate=yes
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=multi-user.target
|
WantedBy=multi-user.target
|
||||||
|
132
docker.spec
132
docker.spec
@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# spec file for package docker
|
# spec file for package docker
|
||||||
#
|
#
|
||||||
# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
|
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||||
#
|
#
|
||||||
# All modifications and additions to the file contributed by third parties
|
# All modifications and additions to the file contributed by third parties
|
||||||
# remain the property of their copyright owners, unless otherwise agreed
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
@ -16,10 +16,14 @@
|
|||||||
#
|
#
|
||||||
|
|
||||||
|
|
||||||
%define git_version a34a1d5
|
%define docker_store /var/lib/docker
|
||||||
|
%define docker_graph %{docker_store}/graph
|
||||||
|
%define docker_migration_testfile %{docker_store}/.suse-image-migration-v1to2-complete
|
||||||
|
|
||||||
|
%define git_version 9e83765
|
||||||
%define go_arches %ix86 x86_64
|
%define go_arches %ix86 x86_64
|
||||||
Name: docker
|
Name: docker
|
||||||
Version: 1.9.1
|
Version: 1.10.3
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: The Linux container runtime
|
Summary: The Linux container runtime
|
||||||
License: Apache-2.0
|
License: Apache-2.0
|
||||||
@ -41,26 +45,26 @@ Source7: README_SUSE.md
|
|||||||
Source8: docker-audit.rules
|
Source8: docker-audit.rules
|
||||||
# TODO: remove once we figure out what is wrong with iptables on ppc64le
|
# TODO: remove once we figure out what is wrong with iptables on ppc64le
|
||||||
Source100: sysconfig.docker.ppc64le
|
Source100: sysconfig.docker.ppc64le
|
||||||
Patch0: fix-docker-init.patch
|
Patch0: fix_platform_type_arm.patch
|
||||||
# PATCH-FIX-OPENSUSE libcontainer-apparmor-fixes.patch -- mount rules aren't supported in our apparmor
|
Patch1: gcc5_socket_workaround.patch
|
||||||
Patch1: libcontainer-apparmor-fixes.patch
|
Patch2: fix-docker-init.patch
|
||||||
|
Patch3: fix-apparmor.patch
|
||||||
# Required to overcome some limitations of gcc-go: https://groups.google.com/forum/#!msg/golang-nuts/SlGCPYkjxo4/4DjcjXRCqAkJ
|
# Required to overcome some limitations of gcc-go: https://groups.google.com/forum/#!msg/golang-nuts/SlGCPYkjxo4/4DjcjXRCqAkJ
|
||||||
# Right now docker passes the sha1sum of the dockerinit binary to the docker binary at build time
|
# Right now docker passes the sha1sum of the dockerinit binary to the docker binary at build time
|
||||||
# We cannot do that, right now a quick and really dirty way to get it running is
|
# We cannot do that, right now a quick and really dirty way to get it running is
|
||||||
# to simply disable this check
|
# to simply disable this check
|
||||||
Patch100: ignore-dockerinit-checksum.patch
|
Patch100: ignore-dockerinit-checksum.patch
|
||||||
Patch101: gcc-go-build-static-libgo.patch
|
Patch101: gcc-go-patches.patch
|
||||||
Patch102: add_bolt_ppc64.patch
|
Patch102: netlink_gcc_go.patch
|
||||||
Patch103: docker_remove_journald_to_fix_dynbinary_build_on_arm.patch
|
Patch103: netlink_netns_powerpc.patch
|
||||||
Patch104: docker_remove_journald_to_fix_dynbinary_build_on_powerpc.patch
|
Patch104: boltdb_bolt_powerpc.patch
|
||||||
Patch105: add_bolt_arm64.patch
|
Patch105: libnetwork_drivers_bridge_powerpc.patch
|
||||||
Patch106: docker_remove_journald_to_fix_dynbinary_build_on_arm64.patch
|
|
||||||
BuildRequires: audit
|
BuildRequires: audit
|
||||||
BuildRequires: bash-completion
|
BuildRequires: bash-completion
|
||||||
BuildRequires: device-mapper-devel >= 1.2.68
|
BuildRequires: device-mapper-devel >= 1.2.68
|
||||||
BuildRequires: glibc-devel-static
|
BuildRequires: glibc-devel-static
|
||||||
%ifarch %go_arches
|
%ifarch %go_arches
|
||||||
BuildRequires: go >= 1.4
|
BuildRequires: go >= 1.5
|
||||||
BuildRequires: go-go-md2man
|
BuildRequires: go-go-md2man
|
||||||
%else
|
%else
|
||||||
BuildRequires: gcc5-go >= 5.0
|
BuildRequires: gcc5-go >= 5.0
|
||||||
@ -84,6 +88,8 @@ Requires: lvm2 >= 2.2.89
|
|||||||
Requires: procps
|
Requires: procps
|
||||||
Requires: tar >= 1.26
|
Requires: tar >= 1.26
|
||||||
Requires: xz >= 4.9
|
Requires: xz >= 4.9
|
||||||
|
# Not necessary, but must be installed to have a smooth upgrade.
|
||||||
|
Recommends: docker-image-migrator
|
||||||
Conflicts: lxc < 1.0
|
Conflicts: lxc < 1.0
|
||||||
PreReq: %fillup_prereq
|
PreReq: %fillup_prereq
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||||
@ -140,21 +146,33 @@ Requires: procps
|
|||||||
Requires: sqlite3-devel
|
Requires: sqlite3-devel
|
||||||
BuildArch: noarch
|
BuildArch: noarch
|
||||||
|
|
||||||
|
%global __requires_exclude ^libgo.so.*$
|
||||||
|
|
||||||
%description test
|
%description test
|
||||||
Test package for docker. It contains the source code and the tests.
|
Test package for docker. It contains the source code and the tests.
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q -n docker-%{version}
|
%setup -q -n %{name}-%{version}
|
||||||
%patch0 -p1
|
%patch0 -p1
|
||||||
|
# 1330 is Tumbleweed after leap has been released
|
||||||
|
# gcc5-go in Tumbleweed includes this commit
|
||||||
|
# https://github.com/golang/gofrontend/commit/a850225433a66a58613c22185c3b09626f5545eb
|
||||||
|
# Which "fixes" the data type for RawSockaddr.Data
|
||||||
|
# However, docker now expects the "wrong" data type, since docker had a workaround
|
||||||
|
# for that issue.
|
||||||
|
# Thus, we need to workaround the workaroundn in tumbleweed
|
||||||
|
%if 0%{?suse_version} >= 1330 && 0%{?is_opensuse} == 1
|
||||||
%patch1 -p1
|
%patch1 -p1
|
||||||
|
%endif
|
||||||
|
%patch2 -p1
|
||||||
|
%patch3 -p1
|
||||||
%ifnarch %go_arches
|
%ifnarch %go_arches
|
||||||
%patch100 -p1
|
%patch101 -p1
|
||||||
%patch101 -p0
|
|
||||||
%patch102 -p1
|
%patch102 -p1
|
||||||
%patch103 -p1
|
%patch103 -p1
|
||||||
%patch104 -p1
|
%patch104 -p1
|
||||||
%patch105 -p1
|
%patch105 -p1
|
||||||
%patch106 -p1
|
%patch100 -p1
|
||||||
%endif
|
%endif
|
||||||
cp %{SOURCE7} .
|
cp %{SOURCE7} .
|
||||||
|
|
||||||
@ -174,10 +192,14 @@ export DOCKER_GITCOMMIT=%{git_version}
|
|||||||
EOF
|
EOF
|
||||||
) > docker_build_env
|
) > docker_build_env
|
||||||
. ./docker_build_env
|
. ./docker_build_env
|
||||||
./hack/make.sh dynbinary
|
|
||||||
%ifarch %go_arches
|
%ifarch %go_arches
|
||||||
|
./hack/make.sh dynbinary
|
||||||
man/md2man-all.sh
|
man/md2man-all.sh
|
||||||
|
%else
|
||||||
|
./hack/make.sh dyngccgo
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
# remove other than systemd
|
# remove other than systemd
|
||||||
# otherwise the resulting package will have extra requires
|
# otherwise the resulting package will have extra requires
|
||||||
rm -rf hack/make/.build-deb
|
rm -rf hack/make/.build-deb
|
||||||
@ -185,9 +207,14 @@ rm -rf hack/make/.build-deb
|
|||||||
%install
|
%install
|
||||||
install -d %{buildroot}%{go_contribdir}
|
install -d %{buildroot}%{go_contribdir}
|
||||||
install -d %{buildroot}%{_bindir}
|
install -d %{buildroot}%{_bindir}
|
||||||
|
%ifarch %go_arches
|
||||||
install -D -m755 bundles/%{version}/dynbinary/%{name}-%{version} %{buildroot}/%{_bindir}/%{name}
|
install -D -m755 bundles/%{version}/dynbinary/%{name}-%{version} %{buildroot}/%{_bindir}/%{name}
|
||||||
install -d %{buildroot}/%{_prefix}/lib/docker
|
|
||||||
install -D -m755 bundles/%{version}/dynbinary/dockerinit-%{version} %{buildroot}/%{_prefix}/lib/docker/dockerinit
|
install -D -m755 bundles/%{version}/dynbinary/dockerinit-%{version} %{buildroot}/%{_prefix}/lib/docker/dockerinit
|
||||||
|
%else
|
||||||
|
install -D -m755 bundles/%{version}/dyngccgo/%{name}-%{version} %{buildroot}/%{_bindir}/%{name}
|
||||||
|
install -D -m755 bundles/%{version}/dyngccgo/dockerinit-%{version} %{buildroot}/%{_prefix}/lib/docker/dockerinit
|
||||||
|
%endif
|
||||||
|
install -d %{buildroot}/%{_prefix}/lib/docker
|
||||||
install -Dd -m 0755 \
|
install -Dd -m 0755 \
|
||||||
%{buildroot}%{_sysconfdir}/init.d \
|
%{buildroot}%{_sysconfdir}/init.d \
|
||||||
%{buildroot}%{_sbindir}
|
%{buildroot}%{_sbindir}
|
||||||
@ -233,6 +260,73 @@ install -p -m 644 man/man5/Dockerfile.5 %{buildroot}%{_mandir}/man5
|
|||||||
%fdupes %{buildroot}
|
%fdupes %{buildroot}
|
||||||
|
|
||||||
%pre
|
%pre
|
||||||
|
# We're currently inside rpmlint, which will cause us to fail the tests if it
|
||||||
|
# happens that the Docker install in the builder requires a migration.
|
||||||
|
if [[ -z "$BUILD_ROOT" ]]
|
||||||
|
then
|
||||||
|
# In order to make sure we don't print a scary warning when we shouldn't we
|
||||||
|
# need to test these things (in this order):
|
||||||
|
# 1. Check that /var/lib/docker actually exists (docker daemon has run).
|
||||||
|
# 2. Check that the migrator has *not* finished.
|
||||||
|
# 3. Check that /var/lib/docker/graph exists (this is a <=1.9.1 thing, but
|
||||||
|
# will stick around if it has been migrated -- which is why we need the
|
||||||
|
# MIGRATION_TESTFILE check).
|
||||||
|
# 4. Check that there are images in the graph/ directory.
|
||||||
|
if [[ -d "%{docker_store}" && ( ! -f "%{docker_migration_testfile}" ) && -d "%{docker_store}" && -n "$(find "%{docker_store}" -maxdepth 1 -type d 2>/dev/null | grep -Ev '_tmp|^%{docker_store}$')" ]]
|
||||||
|
then
|
||||||
|
|
||||||
|
if [ -n "$DOCKER_FORCE_INSTALL" ]
|
||||||
|
then
|
||||||
|
echo >&2 "*** IGNORING DOWNTIME WARNING! FORCING INSTALLATION. ***"
|
||||||
|
else
|
||||||
|
|
||||||
|
cat >&2 <<EOF
|
||||||
|
|
||||||
|
*** WARNING ***
|
||||||
|
|
||||||
|
In the migration from docker<1.10.0 to docker>=1.10.0, the Docker image format
|
||||||
|
has changed to be completely content-addressible. This results in several positive
|
||||||
|
improvements to image operations (better caching during builds mainly). However,
|
||||||
|
the migration operation may take several hours if you have a lot of large images
|
||||||
|
on a Docker host. In order to ensure that you have minimum downtime, this update
|
||||||
|
of Docker will not complete successfully, and you will have the opportunity to
|
||||||
|
run a separate migration tool (which will not cause downtime for your Docker
|
||||||
|
daemon).
|
||||||
|
|
||||||
|
In order to run this migration tool, please install the 'docker-image-migrator'
|
||||||
|
package. You can run the migration with this command, which will exit after the
|
||||||
|
migration has been completed:
|
||||||
|
|
||||||
|
$ /usr/lib/docker-image-migrator/do-image-migration-v1to2.sh
|
||||||
|
|
||||||
|
Because the migrator requires information about the storage driver used by Docker,
|
||||||
|
the migration script will source /etc/sysconfig/docker and use \$DOCKER_OPTS as
|
||||||
|
arguments to the migrator. If this automated migration fails, it will be re-attempted
|
||||||
|
with every known storage driver. In addition, the script accepts arguments which
|
||||||
|
will simiarly be appended to the set of arguments (after \$DOCKER_OPTS) to the
|
||||||
|
migrator.
|
||||||
|
|
||||||
|
However, if you prefer to not run this separate migration tool, you can force this
|
||||||
|
update using the following command. THIS WILL CAUSE DOWNTIME, BECAUSE DOCKER WILL
|
||||||
|
RUN THE MIGRATION ON FIRST START AND YOU WILL BE UNABLE TO START ANY CONTAINERS
|
||||||
|
OR USE ANY DOCKER COMMANDS (EVEN CONTAINERS WITH RESTART POLICIES ACTIVE):
|
||||||
|
|
||||||
|
$ DOCKER_FORCE_INSTALL=1 sudo -E zypper up docker
|
||||||
|
EOF
|
||||||
|
|
||||||
|
# Fail the update.
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# In order to make sure that we don't accidentally cause problems with an
|
||||||
|
# upgrade to docker>=1.10.2, we'll touch the same file we tested in (2).
|
||||||
|
# -m701 is *not* a typo, it is necessary for certain syscalls with remapped
|
||||||
|
# root.
|
||||||
|
[[ -d "%{docker_store}" ]] || install -d -m701 %{docker_store} || :
|
||||||
|
touch %{docker_migration_testfile}
|
||||||
|
fi
|
||||||
|
|
||||||
echo "creating group docker..."
|
echo "creating group docker..."
|
||||||
groupadd -r docker 2>/dev/null || :
|
groupadd -r docker 2>/dev/null || :
|
||||||
%service_add_pre %{name}.service %{name}.socket
|
%service_add_pre %{name}.service %{name}.socket
|
||||||
|
@ -1,53 +0,0 @@
|
|||||||
From 6f6f10a75f8b447637e8a89d685452871899e9c0 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Stefan Scherer <scherer_stefan@icloud.com>
|
|
||||||
Date: Thu, 19 Nov 2015 17:09:20 +0100
|
|
||||||
Subject: [PATCH] prevent journald from being built on ARM
|
|
||||||
|
|
||||||
Signed-off-by: Govinda Fichtner <govinda.fichtner@googlemail.com>
|
|
||||||
|
|
||||||
---
|
|
||||||
daemon/logger/journald/journald.go | 2 +-
|
|
||||||
daemon/logger/journald/journald_unsupported.go | 2 +-
|
|
||||||
daemon/logger/journald/read.go | 2 +-
|
|
||||||
daemon/logger/journald/read_unsupported.go | 2 +-
|
|
||||||
4 files changed, 4 insertions(+), 4 deletions(-)
|
|
||||||
|
|
||||||
Index: docker-1.9.1/daemon/logger/journald/journald.go
|
|
||||||
===================================================================
|
|
||||||
--- docker-1.9.1.orig/daemon/logger/journald/journald.go
|
|
||||||
+++ docker-1.9.1/daemon/logger/journald/journald.go
|
|
||||||
@@ -1,4 +1,4 @@
|
|
||||||
-// +build linux
|
|
||||||
+// +build linux,!arm
|
|
||||||
|
|
||||||
// Package journald provides the log driver for forwarding server logs
|
|
||||||
// to endpoints that receive the systemd format.
|
|
||||||
Index: docker-1.9.1/daemon/logger/journald/journald_unsupported.go
|
|
||||||
===================================================================
|
|
||||||
--- docker-1.9.1.orig/daemon/logger/journald/journald_unsupported.go
|
|
||||||
+++ docker-1.9.1/daemon/logger/journald/journald_unsupported.go
|
|
||||||
@@ -1,3 +1,3 @@
|
|
||||||
-// +build !linux
|
|
||||||
+// +build !linux linux,arm
|
|
||||||
|
|
||||||
package journald
|
|
||||||
Index: docker-1.9.1/daemon/logger/journald/read.go
|
|
||||||
===================================================================
|
|
||||||
--- docker-1.9.1.orig/daemon/logger/journald/read.go
|
|
||||||
+++ docker-1.9.1/daemon/logger/journald/read.go
|
|
||||||
@@ -1,4 +1,4 @@
|
|
||||||
-// +build linux,cgo,!static_build,journald
|
|
||||||
+// +build linux,cgo,!static_build,journald,!arm
|
|
||||||
|
|
||||||
package journald
|
|
||||||
|
|
||||||
Index: docker-1.9.1/daemon/logger/journald/read_unsupported.go
|
|
||||||
===================================================================
|
|
||||||
--- docker-1.9.1.orig/daemon/logger/journald/read_unsupported.go
|
|
||||||
+++ docker-1.9.1/daemon/logger/journald/read_unsupported.go
|
|
||||||
@@ -1,4 +1,4 @@
|
|
||||||
-// +build !linux !cgo static_build !journald
|
|
||||||
+// +build !linux !cgo static_build !journald linux,arm
|
|
||||||
|
|
||||||
package journald
|
|
||||||
|
|
@ -1,53 +0,0 @@
|
|||||||
From: Michel Normand <normand@linux.vnet.ibm.com>
|
|
||||||
Subject: docker remove journald to fix dynbinary build on arm64
|
|
||||||
Date: Fri, 04 Dec 2015 17:07:12 +0100
|
|
||||||
|
|
||||||
docker remove journald to fix dynbinary build on arm64
|
|
||||||
|
|
||||||
Signed-off-by: Michel Normand <normand@linux.vnet.ibm.com>
|
|
||||||
---
|
|
||||||
daemon/logger/journald/journald.go | 2 +-
|
|
||||||
daemon/logger/journald/journald_unsupported.go | 2 +-
|
|
||||||
daemon/logger/journald/read.go | 2 +-
|
|
||||||
daemon/logger/journald/read_unsupported.go | 2 +-
|
|
||||||
4 files changed, 4 insertions(+), 4 deletions(-)
|
|
||||||
|
|
||||||
Index: docker-1.9.1/daemon/logger/journald/journald.go
|
|
||||||
===================================================================
|
|
||||||
--- docker-1.9.1.orig/daemon/logger/journald/journald.go
|
|
||||||
+++ docker-1.9.1/daemon/logger/journald/journald.go
|
|
||||||
@@ -1,4 +1,4 @@
|
|
||||||
-// +build linux,!arm linux,!ppc64 linux,!ppc64le
|
|
||||||
+// +build linux,!arm linux,!arm64 linux,!ppc64 linux,!ppc64le
|
|
||||||
|
|
||||||
// Package journald provides the log driver for forwarding server logs
|
|
||||||
// to endpoints that receive the systemd format.
|
|
||||||
Index: docker-1.9.1/daemon/logger/journald/journald_unsupported.go
|
|
||||||
===================================================================
|
|
||||||
--- docker-1.9.1.orig/daemon/logger/journald/journald_unsupported.go
|
|
||||||
+++ docker-1.9.1/daemon/logger/journald/journald_unsupported.go
|
|
||||||
@@ -1,3 +1,3 @@
|
|
||||||
-// +build !linux linux,arm linux,ppc64 linux,ppc64le
|
|
||||||
+// +build !linux linux,arm linux,arm64 linux,ppc64 linux,ppc64le
|
|
||||||
|
|
||||||
package journald
|
|
||||||
Index: docker-1.9.1/daemon/logger/journald/read.go
|
|
||||||
===================================================================
|
|
||||||
--- docker-1.9.1.orig/daemon/logger/journald/read.go
|
|
||||||
+++ docker-1.9.1/daemon/logger/journald/read.go
|
|
||||||
@@ -1,4 +1,4 @@
|
|
||||||
-// +build linux,cgo,!static_build,journald,!arm,!ppc64,!ppc64le
|
|
||||||
+// +build linux,cgo,!static_build,journald,!arm,!arm64,!ppc64,!ppc64le
|
|
||||||
|
|
||||||
package journald
|
|
||||||
|
|
||||||
Index: docker-1.9.1/daemon/logger/journald/read_unsupported.go
|
|
||||||
===================================================================
|
|
||||||
--- docker-1.9.1.orig/daemon/logger/journald/read_unsupported.go
|
|
||||||
+++ docker-1.9.1/daemon/logger/journald/read_unsupported.go
|
|
||||||
@@ -1,4 +1,4 @@
|
|
||||||
-// +build !linux !cgo static_build !journald linux,arm linux,ppc64 linux,ppc64le
|
|
||||||
+// +build !linux !cgo static_build !journald linux,arm linux,arm64 linux,ppc64 linux,ppc64le
|
|
||||||
|
|
||||||
package journald
|
|
||||||
|
|
@ -1,53 +0,0 @@
|
|||||||
From: Michel Normand <normand@linux.vnet.ibm.com>
|
|
||||||
Subject: docker remove journald to fix dynbinary build on powerpc
|
|
||||||
Date: Fri, 04 Dec 2015 14:45:43 +0100
|
|
||||||
|
|
||||||
docker remove journald to fix dynbinary build on powerpc
|
|
||||||
|
|
||||||
Signed-off-by: Michel Normand <normand@linux.vnet.ibm.com>
|
|
||||||
---
|
|
||||||
daemon/logger/journald/journald.go | 2 +-
|
|
||||||
daemon/logger/journald/journald_unsupported.go | 2 +-
|
|
||||||
daemon/logger/journald/read.go | 2 +-
|
|
||||||
daemon/logger/journald/read_unsupported.go | 2 +-
|
|
||||||
4 files changed, 4 insertions(+), 4 deletions(-)
|
|
||||||
|
|
||||||
Index: docker-1.9.1/daemon/logger/journald/journald.go
|
|
||||||
===================================================================
|
|
||||||
--- docker-1.9.1.orig/daemon/logger/journald/journald.go
|
|
||||||
+++ docker-1.9.1/daemon/logger/journald/journald.go
|
|
||||||
@@ -1,4 +1,4 @@
|
|
||||||
-// +build linux,!arm
|
|
||||||
+// +build linux,!arm linux,!ppc64 linux,!ppc64le
|
|
||||||
|
|
||||||
// Package journald provides the log driver for forwarding server logs
|
|
||||||
// to endpoints that receive the systemd format.
|
|
||||||
Index: docker-1.9.1/daemon/logger/journald/journald_unsupported.go
|
|
||||||
===================================================================
|
|
||||||
--- docker-1.9.1.orig/daemon/logger/journald/journald_unsupported.go
|
|
||||||
+++ docker-1.9.1/daemon/logger/journald/journald_unsupported.go
|
|
||||||
@@ -1,3 +1,3 @@
|
|
||||||
-// +build !linux linux,arm
|
|
||||||
+// +build !linux linux,arm linux,ppc64 linux,ppc64le
|
|
||||||
|
|
||||||
package journald
|
|
||||||
Index: docker-1.9.1/daemon/logger/journald/read.go
|
|
||||||
===================================================================
|
|
||||||
--- docker-1.9.1.orig/daemon/logger/journald/read.go
|
|
||||||
+++ docker-1.9.1/daemon/logger/journald/read.go
|
|
||||||
@@ -1,4 +1,4 @@
|
|
||||||
-// +build linux,cgo,!static_build,journald,!arm
|
|
||||||
+// +build linux,cgo,!static_build,journald,!arm,!ppc64,!ppc64le
|
|
||||||
|
|
||||||
package journald
|
|
||||||
|
|
||||||
Index: docker-1.9.1/daemon/logger/journald/read_unsupported.go
|
|
||||||
===================================================================
|
|
||||||
--- docker-1.9.1.orig/daemon/logger/journald/read_unsupported.go
|
|
||||||
+++ docker-1.9.1/daemon/logger/journald/read_unsupported.go
|
|
||||||
@@ -1,4 +1,4 @@
|
|
||||||
-// +build !linux !cgo static_build !journald linux,arm
|
|
||||||
+// +build !linux !cgo static_build !journald linux,arm linux,ppc64 linux,ppc64le
|
|
||||||
|
|
||||||
package journald
|
|
||||||
|
|
292
fix-apparmor.patch
Normal file
292
fix-apparmor.patch
Normal file
@ -0,0 +1,292 @@
|
|||||||
|
Index: docker-1.10.1/contrib/apparmor/main.go
|
||||||
|
===================================================================
|
||||||
|
--- docker-1.10.1.orig/contrib/apparmor/main.go
|
||||||
|
+++ docker-1.10.1/contrib/apparmor/main.go
|
||||||
|
@@ -11,8 +11,7 @@ import (
|
||||||
|
)
|
||||||
|
|
||||||
|
type profileData struct {
|
||||||
|
- MajorVersion int
|
||||||
|
- MinorVersion int
|
||||||
|
+ Version int
|
||||||
|
}
|
||||||
|
|
||||||
|
func main() {
|
||||||
|
@@ -23,13 +22,12 @@ func main() {
|
||||||
|
// parse the arg
|
||||||
|
apparmorProfilePath := os.Args[1]
|
||||||
|
|
||||||
|
- majorVersion, minorVersion, err := aaparser.GetVersion()
|
||||||
|
+ version, err := aaparser.GetVersion()
|
||||||
|
if err != nil {
|
||||||
|
log.Fatal(err)
|
||||||
|
}
|
||||||
|
data := profileData{
|
||||||
|
- MajorVersion: majorVersion,
|
||||||
|
- MinorVersion: minorVersion,
|
||||||
|
+ Version: version,
|
||||||
|
}
|
||||||
|
fmt.Printf("apparmor_parser is of version %+v\n", data)
|
||||||
|
|
||||||
|
Index: docker-1.10.1/daemon/execdriver/native/apparmor.go
|
||||||
|
===================================================================
|
||||||
|
--- docker-1.10.1.orig/daemon/execdriver/native/apparmor.go
|
||||||
|
+++ docker-1.10.1/daemon/execdriver/native/apparmor.go
|
||||||
|
@@ -25,8 +25,7 @@ type data struct {
|
||||||
|
ExecPath string
|
||||||
|
Imports []string
|
||||||
|
InnerImports []string
|
||||||
|
- MajorVersion int
|
||||||
|
- MinorVersion int
|
||||||
|
+ Version int
|
||||||
|
}
|
||||||
|
|
||||||
|
const baseTemplate = `
|
||||||
|
@@ -64,14 +63,17 @@ profile {{.Name}} flags=(attach_disconne
|
||||||
|
deny /sys/firmware/efi/efivars/** rwklx,
|
||||||
|
deny /sys/kernel/security/** rwklx,
|
||||||
|
|
||||||
|
-{{if ge .MajorVersion 2}}{{if ge .MinorVersion 8}}
|
||||||
|
+{{if ge .Version 208095}}
|
||||||
|
+ # apparmor-2.8.95 is Ubuntu 14.04 LTS (Trusty Tahr)
|
||||||
|
+ # apparmor-2.8.95 is apparmor-2.9 beta, which supports ptrace rule
|
||||||
|
+ # other apparmor-2.8 versions do not support this rule
|
||||||
|
# suppress ptrace denials when using 'docker ps' or using 'ps' inside a container
|
||||||
|
ptrace (trace,read) peer=docker-default,
|
||||||
|
-{{end}}{{end}}
|
||||||
|
-{{if ge .MajorVersion 2}}{{if ge .MinorVersion 9}}
|
||||||
|
+{{end}}
|
||||||
|
+{{if ge .Version 209000}}
|
||||||
|
# docker daemon confinement requires explict allow rule for signal
|
||||||
|
signal (receive) set=(kill,term) peer={{.ExecPath}},
|
||||||
|
-{{end}}{{end}}
|
||||||
|
+{{end}}
|
||||||
|
}
|
||||||
|
`
|
||||||
|
|
||||||
|
@@ -91,7 +93,7 @@ func generateProfile(out io.Writer) erro
|
||||||
|
if abstractionsExists() {
|
||||||
|
data.InnerImports = append(data.InnerImports, "#include <abstractions/base>")
|
||||||
|
}
|
||||||
|
- data.MajorVersion, data.MinorVersion, err = aaparser.GetVersion()
|
||||||
|
+ data.Version, err = aaparser.GetVersion()
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
Index: docker-1.10.1/pkg/aaparser/aaparser.go
|
||||||
|
===================================================================
|
||||||
|
--- docker-1.10.1.orig/pkg/aaparser/aaparser.go
|
||||||
|
+++ docker-1.10.1/pkg/aaparser/aaparser.go
|
||||||
|
@@ -1,45 +1,92 @@
|
||||||
|
+// Package aaparser is a convenience package interacting with `apparmor_parser`.
|
||||||
|
package aaparser
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
- "log"
|
||||||
|
"os/exec"
|
||||||
|
+ "path/filepath"
|
||||||
|
"strconv"
|
||||||
|
"strings"
|
||||||
|
)
|
||||||
|
|
||||||
|
-// GetVersion returns the major and minor version of apparmor_parser
|
||||||
|
-func GetVersion() (int, int, error) {
|
||||||
|
- // get the apparmor_version version
|
||||||
|
- cmd := exec.Command("apparmor_parser", "--version")
|
||||||
|
+const (
|
||||||
|
+ binary = "apparmor_parser"
|
||||||
|
+)
|
||||||
|
+
|
||||||
|
+// GetVersion returns the major and minor version of apparmor_parser.
|
||||||
|
+func GetVersion() (int, error) {
|
||||||
|
+ output, err := cmd("", "--version")
|
||||||
|
+ if err != nil {
|
||||||
|
+ return -1, err
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ return parseVersion(output)
|
||||||
|
+}
|
||||||
|
|
||||||
|
- output, err := cmd.CombinedOutput()
|
||||||
|
+// LoadProfile runs `apparmor_parser -r -W` on a specified apparmor profile to
|
||||||
|
+// replace and write it to disk.
|
||||||
|
+func LoadProfile(profilePath string) error {
|
||||||
|
+ _, err := cmd(filepath.Dir(profilePath), "-r", "-W", filepath.Base(profilePath))
|
||||||
|
if err != nil {
|
||||||
|
- log.Fatalf("getting apparmor_parser version failed: %s (%s)", err, output)
|
||||||
|
+ return err
|
||||||
|
}
|
||||||
|
+ return nil
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// cmd runs `apparmor_parser` with the passed arguments.
|
||||||
|
+func cmd(dir string, arg ...string) (string, error) {
|
||||||
|
+ c := exec.Command(binary, arg...)
|
||||||
|
+ c.Dir = dir
|
||||||
|
|
||||||
|
- // parse the version from the output
|
||||||
|
+ output, err := c.CombinedOutput()
|
||||||
|
+ if err != nil {
|
||||||
|
+ return "", fmt.Errorf("running `%s %s` failed with output: %s\nerror: %v", c.Path, strings.Join(c.Args, " "), string(output), err)
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ return string(output), nil
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+// parseVersion takes the output from `apparmor_parser --version` and returns
|
||||||
|
+// a representation of the {major, minor, patch} version as a single number of
|
||||||
|
+// the form MMmmPPP {major, minor, patch}.
|
||||||
|
+func parseVersion(output string) (int, error) {
|
||||||
|
// output is in the form of the following:
|
||||||
|
// AppArmor parser version 2.9.1
|
||||||
|
// Copyright (C) 1999-2008 Novell Inc.
|
||||||
|
// Copyright 2009-2012 Canonical Ltd.
|
||||||
|
- lines := strings.SplitN(string(output), "\n", 2)
|
||||||
|
+
|
||||||
|
+ lines := strings.SplitN(output, "\n", 2)
|
||||||
|
words := strings.Split(lines[0], " ")
|
||||||
|
version := words[len(words)-1]
|
||||||
|
+
|
||||||
|
// split by major minor version
|
||||||
|
v := strings.Split(version, ".")
|
||||||
|
- if len(v) < 2 {
|
||||||
|
- return -1, -1, fmt.Errorf("parsing major minor version failed for %q", version)
|
||||||
|
+ if len(v) == 0 || len(v) > 3 {
|
||||||
|
+ return -1, fmt.Errorf("parsing version failed for output: `%s`", output)
|
||||||
|
}
|
||||||
|
|
||||||
|
+ // Default the versions to 0.
|
||||||
|
+ var majorVersion, minorVersion, patchLevel int
|
||||||
|
+
|
||||||
|
majorVersion, err := strconv.Atoi(v[0])
|
||||||
|
if err != nil {
|
||||||
|
- return -1, -1, err
|
||||||
|
+ return -1, err
|
||||||
|
}
|
||||||
|
- minorVersion, err := strconv.Atoi(v[1])
|
||||||
|
- if err != nil {
|
||||||
|
- return -1, -1, err
|
||||||
|
+
|
||||||
|
+ if len(v) > 1 {
|
||||||
|
+ minorVersion, err = strconv.Atoi(v[1])
|
||||||
|
+ if err != nil {
|
||||||
|
+ return -1, err
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ if len(v) > 2 {
|
||||||
|
+ patchLevel, err = strconv.Atoi(v[2])
|
||||||
|
+ if err != nil {
|
||||||
|
+ return -1, err
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
|
||||||
|
- return majorVersion, minorVersion, nil
|
||||||
|
+ // major*10^5 + minor*10^3 + patch*10^0
|
||||||
|
+ numericVersion := majorVersion*1e5 + minorVersion*1e3 + patchLevel
|
||||||
|
+ return numericVersion, nil
|
||||||
|
}
|
||||||
|
Index: docker-1.10.1/contrib/apparmor/template.go
|
||||||
|
===================================================================
|
||||||
|
--- docker-1.10.1.orig/contrib/apparmor/template.go
|
||||||
|
+++ docker-1.10.1/contrib/apparmor/template.go
|
||||||
|
@@ -20,11 +20,11 @@ profile /usr/bin/docker (attach_disconne
|
||||||
|
|
||||||
|
umount,
|
||||||
|
pivot_root,
|
||||||
|
-{{if ge .MajorVersion 2}}{{if ge .MinorVersion 9}}
|
||||||
|
+{{if ge .Version 209000}}
|
||||||
|
signal (receive) peer=@{profile_name},
|
||||||
|
signal (receive) peer=unconfined,
|
||||||
|
signal (send),
|
||||||
|
-{{end}}{{end}}
|
||||||
|
+{{end}}
|
||||||
|
network,
|
||||||
|
capability,
|
||||||
|
owner /** rw,
|
||||||
|
@@ -46,12 +46,12 @@ profile /usr/bin/docker (attach_disconne
|
||||||
|
/etc/ld.so.cache r,
|
||||||
|
/etc/passwd r,
|
||||||
|
|
||||||
|
-{{if ge .MajorVersion 2}}{{if ge .MinorVersion 9}}
|
||||||
|
+{{if ge .Version 209000}}
|
||||||
|
ptrace peer=@{profile_name},
|
||||||
|
ptrace (read) peer=docker-default,
|
||||||
|
deny ptrace (trace) peer=docker-default,
|
||||||
|
deny ptrace peer=/usr/bin/docker///bin/ps,
|
||||||
|
-{{end}}{{end}}
|
||||||
|
+{{end}}
|
||||||
|
|
||||||
|
/usr/lib/** rm,
|
||||||
|
/lib/** rm,
|
||||||
|
@@ -72,11 +72,11 @@ profile /usr/bin/docker (attach_disconne
|
||||||
|
/sbin/zfs rCx,
|
||||||
|
/sbin/apparmor_parser rCx,
|
||||||
|
|
||||||
|
-{{if ge .MajorVersion 2}}{{if ge .MinorVersion 9}}
|
||||||
|
+{{if ge .Version 209000}}
|
||||||
|
# Transitions
|
||||||
|
change_profile -> docker-*,
|
||||||
|
change_profile -> unconfined,
|
||||||
|
-{{end}}{{end}}
|
||||||
|
+{{end}}
|
||||||
|
|
||||||
|
profile /bin/cat (complain) {
|
||||||
|
/etc/ld.so.cache r,
|
||||||
|
@@ -98,10 +98,10 @@ profile /usr/bin/docker (attach_disconne
|
||||||
|
/dev/null rw,
|
||||||
|
/bin/ps mr,
|
||||||
|
|
||||||
|
-{{if ge .MajorVersion 2}}{{if ge .MinorVersion 9}}
|
||||||
|
+{{if ge .Version 209000}}
|
||||||
|
# We don't need ptrace so we'll deny and ignore the error.
|
||||||
|
deny ptrace (read, trace),
|
||||||
|
-{{end}}{{end}}
|
||||||
|
+{{end}}
|
||||||
|
|
||||||
|
# Quiet dac_override denials
|
||||||
|
deny capability dac_override,
|
||||||
|
@@ -119,15 +119,15 @@ profile /usr/bin/docker (attach_disconne
|
||||||
|
/proc/tty/drivers r,
|
||||||
|
}
|
||||||
|
profile /sbin/iptables (complain) {
|
||||||
|
-{{if ge .MajorVersion 2}}{{if ge .MinorVersion 9}}
|
||||||
|
+{{if ge .Version 209000}}
|
||||||
|
signal (receive) peer=/usr/bin/docker,
|
||||||
|
-{{end}}{{end}}
|
||||||
|
+{{end}}
|
||||||
|
capability net_admin,
|
||||||
|
}
|
||||||
|
profile /sbin/auplink flags=(attach_disconnected, complain) {
|
||||||
|
-{{if ge .MajorVersion 2}}{{if ge .MinorVersion 9}}
|
||||||
|
+{{if ge .Version 209000}}
|
||||||
|
signal (receive) peer=/usr/bin/docker,
|
||||||
|
-{{end}}{{end}}
|
||||||
|
+{{end}}
|
||||||
|
capability sys_admin,
|
||||||
|
capability dac_override,
|
||||||
|
|
||||||
|
@@ -146,9 +146,9 @@ profile /usr/bin/docker (attach_disconne
|
||||||
|
/proc/[0-9]*/mounts rw,
|
||||||
|
}
|
||||||
|
profile /sbin/modprobe /bin/kmod (complain) {
|
||||||
|
-{{if ge .MajorVersion 2}}{{if ge .MinorVersion 9}}
|
||||||
|
+{{if ge .Version 209000}}
|
||||||
|
signal (receive) peer=/usr/bin/docker,
|
||||||
|
-{{end}}{{end}}
|
||||||
|
+{{end}}
|
||||||
|
capability sys_module,
|
||||||
|
/etc/ld.so.cache r,
|
||||||
|
/lib/** rm,
|
||||||
|
@@ -162,9 +162,9 @@ profile /usr/bin/docker (attach_disconne
|
||||||
|
}
|
||||||
|
# xz works via pipes, so we do not need access to the filesystem.
|
||||||
|
profile /usr/bin/xz (complain) {
|
||||||
|
-{{if ge .MajorVersion 2}}{{if ge .MinorVersion 9}}
|
||||||
|
+{{if ge .Version 209000}}
|
||||||
|
signal (receive) peer=/usr/bin/docker,
|
||||||
|
-{{end}}{{end}}
|
||||||
|
+{{end}}
|
||||||
|
/etc/ld.so.cache r,
|
||||||
|
/lib/** rm,
|
||||||
|
/usr/bin/xz rm,
|
@ -8,3 +8,14 @@ diff -Naur a/hack/make/.dockerinit b/hack/make/.dockerinit
|
|||||||
+/usr/bin/strip -s $DEST/dockerinit-$VERSION
|
+/usr/bin/strip -s $DEST/dockerinit-$VERSION
|
||||||
# sha1 our new dockerinit to ensure separate docker and dockerinit always run in a perfect pair compiled for one another
|
# sha1 our new dockerinit to ensure separate docker and dockerinit always run in a perfect pair compiled for one another
|
||||||
export DOCKER_INITSHA1=$($sha1sum "$DEST/dockerinit-$VERSION" | cut -d' ' -f1)
|
export DOCKER_INITSHA1=$($sha1sum "$DEST/dockerinit-$VERSION" | cut -d' ' -f1)
|
||||||
|
diff --git a/hack/make/.dockerinit-gccgo b/hack/make/.dockerinit-gccgo
|
||||||
|
index 3caa526..f272d29 100644
|
||||||
|
--- a/hack/make/.dockerinit-gccgo
|
||||||
|
+++ b/hack/make/.dockerinit-gccgo
|
||||||
|
@@ -27,5 +27,6 @@ else
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
+/usr/bin/strip -s $DEST/dockerinit-$VERSION
|
||||||
|
# sha1 our new dockerinit to ensure separate docker and dockerinit always run in a perfect pair compiled for one another
|
||||||
|
export DOCKER_INITSHA1=$($sha1sum "$DEST/dockerinit-$VERSION" | cut -d' ' -f1)
|
||||||
|
20
fix_platform_type_arm.patch
Normal file
20
fix_platform_type_arm.patch
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
diff --git a/pkg/platform/utsname_int8.go b/pkg/platform/utsname_int8.go
|
||||||
|
index 5dcbadf..a022a35 100644
|
||||||
|
--- a/pkg/platform/utsname_int8.go
|
||||||
|
+++ b/pkg/platform/utsname_int8.go
|
||||||
|
@@ -1,4 +1,4 @@
|
||||||
|
-// +build linux,386 linux,amd64 linux,arm64
|
||||||
|
+// +build linux,386 linux,amd64
|
||||||
|
// see golang's sources src/syscall/ztypes_linux_*.go that use int8
|
||||||
|
|
||||||
|
package platform
|
||||||
|
diff --git a/pkg/platform/utsname_uint8.go b/pkg/platform/utsname_uint8.go
|
||||||
|
index c9875cf..0ee937a 100644
|
||||||
|
--- a/pkg/platform/utsname_uint8.go
|
||||||
|
+++ b/pkg/platform/utsname_uint8.go
|
||||||
|
@@ -1,4 +1,4 @@
|
||||||
|
-// +build linux,arm linux,ppc64 linux,ppc64le s390x
|
||||||
|
+// +build linux,arm linux,ppc64 linux,ppc64le s390x linux,arm64 linux,aarch64
|
||||||
|
// see golang's sources src/syscall/ztypes_linux_*.go that use uint8
|
||||||
|
|
||||||
|
package platform
|
@ -1,10 +0,0 @@
|
|||||||
--- hack/make/binary
|
|
||||||
+++ hack/make/binary
|
|
||||||
@@ -9,6 +9,7 @@
|
|
||||||
|
|
||||||
echo "Building: $DEST/$BINARY_FULLNAME"
|
|
||||||
go build \
|
|
||||||
+ -gccgoflags="-static-libgo" \
|
|
||||||
-o "$DEST/$BINARY_FULLNAME" \
|
|
||||||
"${BUILDFLAGS[@]}" \
|
|
||||||
-ldflags "
|
|
24
gcc-go-patches.patch
Normal file
24
gcc-go-patches.patch
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
diff --git a/hack/make/gccgo b/hack/make/gccgo
|
||||||
|
index 878c814..84b7f69 100644
|
||||||
|
--- a/hack/make/gccgo
|
||||||
|
+++ b/hack/make/gccgo
|
||||||
|
@@ -1,5 +1,5 @@
|
||||||
|
#!/bin/bash
|
||||||
|
-set -e
|
||||||
|
+set -ex
|
||||||
|
|
||||||
|
BINARY_NAME="docker-$VERSION"
|
||||||
|
BINARY_EXTENSION="$(binary_extension)"
|
||||||
|
@@ -16,9 +16,11 @@ go build -compiler=gccgo \
|
||||||
|
"${BUILDFLAGS[@]}" \
|
||||||
|
-gccgoflags "
|
||||||
|
-g
|
||||||
|
+ -Wl,--add-needed -Wl,--no-as-needed
|
||||||
|
$EXTLDFLAGS_STATIC
|
||||||
|
+ -static-libgo
|
||||||
|
-Wl,--no-export-dynamic
|
||||||
|
- -ldl
|
||||||
|
+ -ldl -lselinux -lsystemd
|
||||||
|
-pthread
|
||||||
|
" \
|
||||||
|
./docker
|
46
gcc5_socket_workaround.patch
Normal file
46
gcc5_socket_workaround.patch
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
diff --git a/vendor/src/github.com/docker/libnetwork/drivers/bridge/netlink_deprecated_linux.go b/vendor/src/github.com/docker/libnetwork/drivers/bridge/netlink_deprecated_linux.go
|
||||||
|
index 007ccb2..65f638f 100644
|
||||||
|
--- a/vendor/src/github.com/docker/libnetwork/drivers/bridge/netlink_deprecated_linux.go
|
||||||
|
+++ b/vendor/src/github.com/docker/libnetwork/drivers/bridge/netlink_deprecated_linux.go
|
||||||
|
@@ -22,7 +22,7 @@ type ifreqIndex struct {
|
||||||
|
|
||||||
|
type ifreqHwaddr struct {
|
||||||
|
IfrnName [ifNameSize]byte
|
||||||
|
- IfruHwaddr syscall.RawSockaddr
|
||||||
|
+ IfruHwaddr patchedRawSockAddr
|
||||||
|
}
|
||||||
|
|
||||||
|
var rnd = rand.New(rand.NewSource(time.Now().UnixNano()))
|
||||||
|
diff --git a/vendor/src/github.com/docker/libnetwork/drivers/bridge/patched_socket_ppc64xe_type.go b/vendor/src/github.com/docker/libnetwork/drivers/bridge/patched_socket_ppc64xe_type.go
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000..118f7bf
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/vendor/src/github.com/docker/libnetwork/drivers/bridge/patched_socket_ppc64xe_type.go
|
||||||
|
@@ -0,0 +1,11 @@
|
||||||
|
+// Copyright (c) 2015 SUSE LLC. All rights reserved.
|
||||||
|
+
|
||||||
|
+// +build linux
|
||||||
|
+// +build ppc64 ppc64le
|
||||||
|
+
|
||||||
|
+package bridge
|
||||||
|
+
|
||||||
|
+type patchedRawSockAddr struct {
|
||||||
|
+ Family uint16
|
||||||
|
+ Data [14]int8
|
||||||
|
+}
|
||||||
|
diff --git a/vendor/src/github.com/docker/libnetwork/drivers/bridge/patched_socket_type.go b/vendor/src/github.com/docker/libnetwork/drivers/bridge/patched_socket_type.go
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000..cdba329
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/vendor/src/github.com/docker/libnetwork/drivers/bridge/patched_socket_type.go
|
||||||
|
@@ -0,0 +1,10 @@
|
||||||
|
+// Copyright (c) 2015 SUSE LLC. All rights reserved.
|
||||||
|
+
|
||||||
|
+// +build linux,!ppc64,!ppc64le
|
||||||
|
+
|
||||||
|
+package bridge
|
||||||
|
+
|
||||||
|
+type patchedRawSockAddr struct {
|
||||||
|
+ Family uint16
|
||||||
|
+ Data [14]int8
|
||||||
|
+}
|
@ -1,11 +1,12 @@
|
|||||||
diff -Naur a/utils/utils.go b/utils/utils.go
|
diff --git a/utils/utils.go b/utils/utils.go
|
||||||
--- a/utils/utils.go 2015-08-11 18:35:27.000000000 +0200
|
index 340b9e4..70a85a6 100644
|
||||||
+++ b/utils/utils.go 2015-08-12 18:06:47.930445696 +0200
|
--- a/utils/utils.go
|
||||||
@@ -76,7 +76,7 @@
|
+++ b/utils/utils.go
|
||||||
|
@@ -75,7 +75,7 @@ func isValidDockerInitPath(target string, selfPath string) bool { // target and
|
||||||
}
|
}
|
||||||
return os.SameFile(targetFileInfo, selfPathFileInfo)
|
return os.SameFile(targetFileInfo, selfPathFileInfo)
|
||||||
}
|
}
|
||||||
- return dockerversion.INITSHA1 != "" && dockerInitSha1(target) == dockerversion.INITSHA1
|
- return dockerversion.InitSHA1 != "" && dockerInitSha1(target) == dockerversion.InitSHA1
|
||||||
+ return true
|
+ return true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1,11 +0,0 @@
|
|||||||
diff -Naur a/contrib/apparmor/docker-engine b/contrib/apparmor/docker-engine
|
|
||||||
--- a/contrib/apparmor/docker-engine 2015-08-11 18:35:27.000000000 +0200
|
|
||||||
+++ b/contrib/apparmor/docker-engine 2015-08-12 18:05:07.608444190 +0200
|
|
||||||
@@ -13,7 +13,6 @@
|
|
||||||
mount -> /sys/**,
|
|
||||||
mount -> /run/docker/netns/**,
|
|
||||||
|
|
||||||
- umount,
|
|
||||||
pivot_root,
|
|
||||||
signal (receive) peer=@{profile_name},
|
|
||||||
signal (receive) peer=unconfined,
|
|
25
libnetwork_drivers_bridge_powerpc.patch
Normal file
25
libnetwork_drivers_bridge_powerpc.patch
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
---
|
||||||
|
vendor/src/github.com/docker/libnetwork/drivers/bridge/netlink_deprecated_linux_armppc64.go | 2 +-
|
||||||
|
vendor/src/github.com/docker/libnetwork/drivers/bridge/netlink_deprecated_linux_notarm.go | 2 +-
|
||||||
|
2 files changed, 2 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
Index: docker-1.10.2/vendor/src/github.com/docker/libnetwork/drivers/bridge/netlink_deprecated_linux_armppc64.go
|
||||||
|
===================================================================
|
||||||
|
--- docker-1.10.2.orig/vendor/src/github.com/docker/libnetwork/drivers/bridge/netlink_deprecated_linux_armppc64.go
|
||||||
|
+++ docker-1.10.2/vendor/src/github.com/docker/libnetwork/drivers/bridge/netlink_deprecated_linux_armppc64.go
|
||||||
|
@@ -1,4 +1,4 @@
|
||||||
|
-// +build arm ppc64 ppc64le
|
||||||
|
+// +build arm,!ppc64,!ppc64le
|
||||||
|
|
||||||
|
package bridge
|
||||||
|
|
||||||
|
Index: docker-1.10.2/vendor/src/github.com/docker/libnetwork/drivers/bridge/netlink_deprecated_linux_notarm.go
|
||||||
|
===================================================================
|
||||||
|
--- docker-1.10.2.orig/vendor/src/github.com/docker/libnetwork/drivers/bridge/netlink_deprecated_linux_notarm.go
|
||||||
|
+++ docker-1.10.2/vendor/src/github.com/docker/libnetwork/drivers/bridge/netlink_deprecated_linux_notarm.go
|
||||||
|
@@ -1,4 +1,4 @@
|
||||||
|
-// +build !arm,!ppc64,!ppc64le
|
||||||
|
+// +build !arm ppc64 ppc64le
|
||||||
|
|
||||||
|
package bridge
|
||||||
|
|
48
netlink_gcc_go.patch
Normal file
48
netlink_gcc_go.patch
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
diff --git a/vendor/src/github.com/vishvananda/netlink/link_linux.go b/vendor/src/github.com/vishvananda/netlink/link_linux.go
|
||||||
|
index 3aa9124..6ad7c2b 100644
|
||||||
|
--- a/vendor/src/github.com/vishvananda/netlink/link_linux.go
|
||||||
|
+++ b/vendor/src/github.com/vishvananda/netlink/link_linux.go
|
||||||
|
@@ -415,11 +415,11 @@ func LinkAdd(link Link) error {
|
||||||
|
req.Flags |= syscall.IFF_TUN_EXCL
|
||||||
|
copy(req.Name[:15], base.Name)
|
||||||
|
req.Flags |= uint16(tuntap.Mode)
|
||||||
|
- _, _, errno := syscall.Syscall(syscall.SYS_IOCTL, file.Fd(), uintptr(syscall.TUNSETIFF), uintptr(unsafe.Pointer(&req)))
|
||||||
|
+ _, _, errno := syscall.Syscall(syscall.SYS_IOCTL, file.Fd(), uintptr(syscall_TUNSETIFF), uintptr(unsafe.Pointer(&req)))
|
||||||
|
if errno != 0 {
|
||||||
|
return fmt.Errorf("Tuntap IOCTL TUNSETIFF failed, errno %v", errno)
|
||||||
|
}
|
||||||
|
- _, _, errno = syscall.Syscall(syscall.SYS_IOCTL, file.Fd(), uintptr(syscall.TUNSETPERSIST), 1)
|
||||||
|
+ _, _, errno = syscall.Syscall(syscall.SYS_IOCTL, file.Fd(), uintptr(syscall_TUNSETPERSIST), 1)
|
||||||
|
if errno != 0 {
|
||||||
|
return fmt.Errorf("Tuntap IOCTL TUNSETPERSIST failed, errno %v", errno)
|
||||||
|
}
|
||||||
|
diff --git a/vendor/src/github.com/vishvananda/netlink/link_linux_others.go b/vendor/src/github.com/vishvananda/netlink/link_linux_others.go
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000..feb6070
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/vendor/src/github.com/vishvananda/netlink/link_linux_others.go
|
||||||
|
@@ -0,0 +1,9 @@
|
||||||
|
+// +build linux
|
||||||
|
+// +build x86_64 arm64 s390x
|
||||||
|
+
|
||||||
|
+package netlink
|
||||||
|
+
|
||||||
|
+const (
|
||||||
|
+ syscall_TUNSETIFF = 0x400454ca
|
||||||
|
+ syscall_TUNSETPERSIST = 0x400454ca
|
||||||
|
+)
|
||||||
|
diff --git a/vendor/src/github.com/vishvananda/netlink/link_linux_powerpc.go b/vendor/src/github.com/vishvananda/netlink/link_linux_powerpc.go
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000..fac7c06
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/vendor/src/github.com/vishvananda/netlink/link_linux_powerpc.go
|
||||||
|
@@ -0,0 +1,9 @@
|
||||||
|
+// +build linux
|
||||||
|
+// +build ppc64 ppc64le
|
||||||
|
+
|
||||||
|
+package netlink
|
||||||
|
+
|
||||||
|
+const (
|
||||||
|
+ syscall_TUNSETIFF = 0x800454ca
|
||||||
|
+ syscall_TUNSETPERSIST = 0x800454ca
|
||||||
|
+)
|
16
netlink_netns_powerpc.patch
Normal file
16
netlink_netns_powerpc.patch
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
---
|
||||||
|
vendor/src/github.com/vishvananda/netns/netns_linux_ppc64.go | 7 +++++++
|
||||||
|
1 file changed, 7 insertions(+)
|
||||||
|
|
||||||
|
Index: docker-1.10.2/vendor/src/github.com/vishvananda/netns/netns_linux_ppc64.go
|
||||||
|
===================================================================
|
||||||
|
--- /dev/null
|
||||||
|
+++ docker-1.10.2/vendor/src/github.com/vishvananda/netns/netns_linux_ppc64.go
|
||||||
|
@@ -0,0 +1,7 @@
|
||||||
|
+// +build linux,ppc64
|
||||||
|
+
|
||||||
|
+package netns
|
||||||
|
+
|
||||||
|
+const (
|
||||||
|
+ SYS_SETNS = 350
|
||||||
|
+)
|
@ -6,3 +6,5 @@
|
|||||||
## ServiceRestart : docker
|
## ServiceRestart : docker
|
||||||
#
|
#
|
||||||
DOCKER_OPTS=""
|
DOCKER_OPTS=""
|
||||||
|
|
||||||
|
DOCKER_NETWORK_OPTIONS=""
|
||||||
|
Loading…
Reference in New Issue
Block a user