Aleksa Sarai
c7eaf3a256
Accepting request 545157 from home:cyphar:containers:docker_bsc
...
Add link to https://bugzilla.suse.com/show_bug.cgi?id=1069758 in the changelog.
OBS-URL: https://build.opensuse.org/request/show/545157
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=220
2017-11-24 12:32:16 +00:00
Aleksa Sarai
a5b4f28061
Accepting request 545109 from home:cyphar:containers:docker_drop_migrator
...
Rebase. I've also dropped the docker-image-migrator removal (it's depending on
an openSUSE:Factory change).
- Remove migration code for the v1.9.x -> v1.10.x migration. This has been
around for a while, and we no longer support migrating from such an old
version "nicely". Docker still has migration code that will run on
first-boot, we are merely removing all of the "nice" warnings which tell
users how to avoid issues during an upgrade that ocurred more than a year
ago.
OBS-URL: https://build.opensuse.org/request/show/545109
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=219
2017-11-24 10:32:23 +00:00
Aleksa Sarai
eb28b07ea5
Accepting request 544765 from home:RBrownSUSE:branches:Virtualization:containers
...
Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)
OBS-URL: https://build.opensuse.org/request/show/544765
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=218
2017-11-24 10:06:46 +00:00
Dominique Leuenberger
41554f0a6c
Accepting request 540195 from Virtualization:containers
...
- Add a backport of https://github.com/moby/moby/pull/35424 , which fixes a
security issue where a maliciously crafted image could be used to crash a
Docker daemon. bsc#1066210 CVE-2017-14992
+ bsc1066210-0001-vendor-update-to-github.com-vbatts-tar-split-v0.10.2.patch
- Add a backport of https://github.com/moby/moby/pull/35399 , which fixes a
security issue where a Docker container (with a disabled AppArmor profile)
could write to /proc/scsi/... and subsequently DoS the host. bsc#1066801
CVE-2017-16539
+ bsc1066801-0001-oci-add-proc-scsi-to-masked-paths.patch
- Fix bsc#1059011
The systemd service helper script used a timeout of 60 seconds to
start the daemon, which is insufficient in cases where the daemon
takes longer to start. Instead, set the service type from 'simple' to
'notify' and remove the now superfluous helper script.
- fix bsc#1057743: Add a Requires: fix_bsc_1057743 which is provided by the
newer version of docker-libnetwork. This is necessary because of a versioning
bug we found in bsc#1057743.
OBS-URL: https://build.opensuse.org/request/show/540195
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/docker?expand=0&rev=63
2017-11-10 13:42:49 +00:00
Aleksa Sarai
c1e075d88f
Accepting request 540407 from home:cyphar:containers:docker_bsc1057743
...
Match secrets patches with upstream. This corrects a bug in our fix for
bsc#1055676.
OBS-URL: https://build.opensuse.org/request/show/540407
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=216
2017-11-10 07:15:19 +00:00
Aleksa Sarai
6a6c6aa170
Accepting request 540191 from home:cyphar:containers:docker_forwardport
...
- Fix bsc#1059011
The systemd service helper script used a timeout of 60 seconds to
start the daemon, which is insufficient in cases where the daemon
takes longer to start. Instead, set the service type from 'simple' to
'notify' and remove the now superfluous helper script.
- fix bsc#1057743: Add a Requires: fix_bsc_1057743 which is provided by the
newer version of docker-libnetwork. This is necessary because of a versioning
bug we found in bsc#1057743.
OBS-URL: https://build.opensuse.org/request/show/540191
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=215
2017-11-09 12:24:37 +00:00
Aleksa Sarai
7ee12cd06b
osc copypac from project:Virtualization:containers package:docker revision:212
...
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=214
2017-11-09 11:09:35 +00:00
Aleksa Sarai
9a0bb40a46
- Fix bsc#1059011
...
The systemd service helper script used a timeout of 60 seconds to
start the daemon, which is insufficient in cases where the daemon
takes longer to start. Instead, set the service type from 'simple' to
'notify' and remove the now superfluous helper script.
- fix bsc#1057743: Add a Requires: fix_bsc_1057743 which is provided by the
newer version of docker-libnetwork. This is necessary because of a versioning
bug we found in bsc#1057743.
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=213
2017-11-09 11:08:27 +00:00
Aleksa Sarai
ca68434d79
Accepting request 539622 from home:cyphar:containers:docker_CVE-2017-14992
...
- Add a backport of https://github.com/moby/moby/pull/35424 , which fixes a
security issue where a maliciously crafted image could be used to crash a
Docker daemon. bsc#1066210 CVE-2017-14992
+ bsc1066210-0001-vendor-update-to-github.com-vbatts-tar-split-v0.10.2.patch
OBS-URL: https://build.opensuse.org/request/show/539622
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=212
2017-11-07 17:23:31 +00:00
Aleksa Sarai
2c5d57165f
Accepting request 539487 from home:cyphar:containers:docker_CVE-2017-16539
...
Update bsc1066801-0001-oci-add-proc-scsi-to-masked-paths.patch.
OBS-URL: https://build.opensuse.org/request/show/539487
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=211
2017-11-07 10:53:24 +00:00
Aleksa Sarai
9102c78185
Accepting request 539455 from home:cyphar:containers:docker_CVE-2017-16539
...
- Add a backport of https://github.com/moby/moby/pull/35399 , which fixes a
security issue where a Docker container (with a disabled AppArmor profile)
could write to /proc/scsi/... and subsequently DoS the host. bsc#1066801
CVE-2017-16539
+ bsc1066801-0001-oci-add-proc-scsi-to-masked-paths.patch
OBS-URL: https://build.opensuse.org/request/show/539455
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=210
2017-11-07 09:33:12 +00:00
Dominique Leuenberger
c9664c6805
Accepting request 536271 from Virtualization:containers
...
1
OBS-URL: https://build.opensuse.org/request/show/536271
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/docker?expand=0&rev=62
2017-10-25 15:45:18 +00:00
Aleksa Sarai
91fa19e925
Accepting request 536268 from home:cyphar:containers:boo1064781_docker_version
...
- Correctly set `docker version` information, including the version, git
commit, and SOURCE_DATE_EPOCH (requires a backport). This should
*effectively* make Docker builds reproducible, with minimal cost. boo#1064781
+ bsc1064781-0001-Allow-to-override-build-date.patch
OBS-URL: https://build.opensuse.org/request/show/536268
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=208
2017-10-24 10:02:17 +00:00
Dominique Leuenberger
ee6fad3b59
Accepting request 535075 from Virtualization:containers
...
Update Docker to v17.07.0_ce. This SR is in conjunction with:
* request#535047
* request#535048
* request#535049
OBS-URL: https://build.opensuse.org/request/show/535075
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/docker?expand=0&rev=61
2017-10-20 12:39:56 +00:00
Aleksa Sarai
2b837c69aa
Accepting request 535073 from home:cyphar:containers:docker-ce_v17.07
...
Re-enable tests and correct changelog (again).
OBS-URL: https://build.opensuse.org/request/show/535073
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=206
2017-10-19 02:18:11 +00:00
Aleksa Sarai
63ed852619
Correct a series of minor issues in the v17.07.0_ce update, mainly related to
...
changelog entries and the versions of certain packages not being correct.
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=205
2017-10-18 06:27:21 +00:00
Aleksa Sarai
5bc18f1a1b
Accepting request 534446 from home:vrothberg:branches:Virtualization:containers
...
The docker-ce 17.07 update. Depends on:
- https://build.opensuse.org/request/show/534442
- https://build.opensuse.org/request/show/534444
- https://build.opensuse.org/request/show/534445
OBS-URL: https://build.opensuse.org/request/show/534446
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=204
2017-10-18 04:27:06 +00:00
Dominique Leuenberger
335659c13f
Accepting request 526985 from Virtualization:containers
...
1
OBS-URL: https://build.opensuse.org/request/show/526985
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/docker?expand=0&rev=60
2017-09-21 10:31:53 +00:00
Jordi Massaguer
e69ff9a2ac
Accepting request 526390 from home:jordimassaguerpla:branch:V:c:fix_update_message_docker
...
- fix /var/adm/update-message/docker file name to be
/var/adm/update-message/docker-%{version}-%{release}
OBS-URL: https://build.opensuse.org/request/show/526390
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=202
2017-09-18 10:05:54 +00:00
Dominique Leuenberger
e7abb960ae
Accepting request 521899 from Virtualization:containers
...
1
OBS-URL: https://build.opensuse.org/request/show/521899
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/docker?expand=0&rev=59
2017-09-07 20:11:56 +00:00
Valentin Rothberg
00112aab82
Accepting request 521690 from home:cyphar:containers:dm_bsc1045628
...
- devicemapper: add patch to make the dm storage driver remove a container's
rootfs mountpoint before attempting to do libdm operations on it. This helps
avoid complications when live mounts will leak into containers. Backport of
https://github.com/moby/moby/pull/34573 . bsc#1045628
+ bsc1045628-0001-devicemapper-remove-container-rootfs-mountPath-after.patch
OBS-URL: https://build.opensuse.org/request/show/521690
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=200
2017-09-07 07:53:28 +00:00
Jordi Massaguer
64b99bd0ee
Accepting request 519818 from home:cyphar:containers:bsc1055676_userns_mount
...
- Fix a regression in our SUSE secrets patches, which caused the copied files
to not carry the correct {uid,gid} mapping when using user namespaces. This
would not cause any bugs (SUSEConnect does the right thing anyway) but it's
possible some programs would not treat the files correctly. This is
tangentially related to bsc#1055676.
* secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
* secrets-0002-SUSE-implement-SUSE-container-secrets.patch
OBS-URL: https://build.opensuse.org/request/show/519818
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=199
2017-09-04 13:03:50 +00:00
Dominique Leuenberger
5b3a1383e8
Accepting request 516137 from Virtualization:containers
...
Automatic submission by obs-autosubmit
OBS-URL: https://build.opensuse.org/request/show/516137
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/docker?expand=0&rev=58
2017-08-17 09:44:02 +00:00
Aleksa Sarai
ca3f73206d
- Use -buildmode=pie for tests and binary build. bsc#1048046 bsc#1051429
...
This also includes some various improvements to the packaging of runc,
containerd and docker-runc.
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=197
2017-08-11 12:09:59 +00:00
Dominique Leuenberger
8f54946f95
Accepting request 512811 from Virtualization:containers
...
1
OBS-URL: https://build.opensuse.org/request/show/512811
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/docker?expand=0&rev=57
2017-07-30 09:26:14 +00:00
Aleksa Sarai
18b17a0bdb
Accepting request 512333 from home:jordimassaguerpla:branch:Vc:fix_seccomp_and_dm
...
- enable deferred removal for sle12sp2 and newer (and openSUSE
equivalent. fix bsc#1021227
- enable libseccomp on sle12sp2 and newer, 42.2 and newer
fix bsc#1028638 - docker: conditional filtering not supported on
libseccomp for sle12
OBS-URL: https://build.opensuse.org/request/show/512333
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=195
2017-07-27 16:11:06 +00:00
Jordi Massaguer
eee720d9e6
Accepting request 509416 from home:jordimassaguerpla:branch:Vc:docker:bsc_1046024
...
- add SuSEfirewall2.service to the After clause in docker.service
in order to fix bsc#1046024
OBS-URL: https://build.opensuse.org/request/show/509416
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=194
2017-07-11 11:32:02 +00:00
Thomas Hipp
5283b611b2
Accepting request 508834 from home:thipp:branches:Virtualization:containers
...
- fix path to docker-runc in systemd service file
- change dependency to docker-runc
OBS-URL: https://build.opensuse.org/request/show/508834
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=193
2017-07-10 11:39:04 +00:00
Dominique Leuenberger
de6e51c1cb
Accepting request 504651 from Virtualization:containers
...
- Fix bsc#1029630: docker does not wait for lvm on system startup
I added "lvm2-monitor.service" as an "After dependency" of the docker systemd
unit. (forwarded request 504626 from jordimassaguerpla)
OBS-URL: https://build.opensuse.org/request/show/504651
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/docker?expand=0&rev=56
2017-06-21 11:52:10 +00:00
Aleksa Sarai
6d17ff854b
Accepting request 504626 from home:jordimassaguerpla:branch:V:c:fix_bsc_1029630:docker
...
- Fix bsc#1029630: docker does not wait for lvm on system startup
I added "lvm2-monitor.service" as an "After dependency" of the docker systemd
unit.
OBS-URL: https://build.opensuse.org/request/show/504626
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=191
2017-06-19 11:50:14 +00:00
Dominique Leuenberger
50be8ad7ff
Accepting request 499667 from Virtualization:containers
...
1
OBS-URL: https://build.opensuse.org/request/show/499667
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/docker?expand=0&rev=55
2017-06-02 08:32:08 +00:00
Aleksa Sarai
d3edfac459
Accepting request 499665 from home:jordimassaguerpla:branch:V:c:bsc_722377
...
- Fix bsc#1032287: missing docker systemd configuration
OBS-URL: https://build.opensuse.org/request/show/499665
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=189
2017-05-30 11:36:16 +00:00
Jordi Massaguer
9fce3cd938
Accepting request 498958 from home:cyphar:containers
...
- Update SUSE secrets patch to correctly handle restarting of containers.
+ secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
+ secrets-0002-SUSE-implement-SUSE-container-secrets.patch
OBS-URL: https://build.opensuse.org/request/show/498958
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=188
2017-05-29 12:37:19 +00:00
Jordi Massaguer
a61156fa80
Accepting request 496617 from home:scarabeus_iv:branches:Virtualization:containers
...
- Fix bsc#1038476 warning about non-executable docker
* Simply verify we have binary prior using it, might happen if
someone had docker installed and then did remove it and install
from scratch again
OBS-URL: https://build.opensuse.org/request/show/496617
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=187
2017-05-25 08:24:46 +00:00
Dominique Leuenberger
7e47b9bdcc
Accepting request 495655 from Virtualization:containers
...
1
OBS-URL: https://build.opensuse.org/request/show/495655
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/docker?expand=0&rev=54
2017-05-23 08:18:53 +00:00
Miquel Sabate Sola
ba2f6637f8
Accepting request 495639 from home:cyphar:containers
...
- Fix bsc#1037607 which was causing read-only issues on Kubic, this is a
backport of https://github.com/moby/moby/pull/33250 .
+ bsc1037607-0001-apparmor-make-pkg-aaparser-work-on-read-only-root.patch
OBS-URL: https://build.opensuse.org/request/show/495639
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=185
2017-05-17 15:18:13 +00:00
Miquel Sabate Sola
e7663235ed
Accepting request 494283 from home:cyphar:containers
...
- Add a partial fix for boo#1038493.
- Fixed bsc#1037436 where execids were being leaked due to bad error handling.
This is a backport of https://github.com/docker/cli/pull/52 .
+ bsc1037436-0001-client-check-tty-before-creating-exec-job.patch
OBS-URL: https://build.opensuse.org/request/show/494283
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=184
2017-05-10 14:04:27 +00:00
Jordi Massaguer
1e1a89ae18
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=183
2017-05-04 19:02:51 +00:00
Jordi Massaguer
5cc47a1efe
Accepting request 492292 from home:flavio_castelli:branches:Virtualization:containers
...
- Update golang build requirements to use golang(API) symbol: this is
needed to solve a conflict between multiple versions of Go being available
OBS-URL: https://build.opensuse.org/request/show/492292
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=182
2017-05-02 15:36:24 +00:00
Jordi Massaguer
da53caf134
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=181
2017-04-20 10:54:05 +00:00
Jordi Massaguer
fed8ecda73
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=180
2017-04-20 10:25:37 +00:00
Yuchen Lin
4fa0574fc1
Accepting request 487506 from Virtualization:containers
...
1
OBS-URL: https://build.opensuse.org/request/show/487506
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/docker?expand=0&rev=53
2017-04-17 08:26:34 +00:00
Jordi Massaguer
5fbd718e69
Accepting request 487501 from home:cyphar:containers
...
- Enable Delegate=yes, since systemd will safely ignore lvalues it doesn't
understand.
OBS-URL: https://build.opensuse.org/request/show/487501
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=178
2017-04-12 08:37:11 +00:00
Jordi Massaguer
fa6eaf989a
Accepting request 487315 from home:cyphar:containers
...
- Update SUSE secrets patch to handle boo#1030702.
* secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
* secrets-0002-SUSE-implement-SUSE-container-secrets.patch
OBS-URL: https://build.opensuse.org/request/show/487315
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=177
2017-04-11 12:13:39 +00:00
Jordi Massaguer
c9c04a0b92
Accepting request 487252 from home:m_meister:branches:Virtualization:containers
...
https://bugzilla.suse.com/show_bug.cgi?id=1032644
OBS-URL: https://build.opensuse.org/request/show/487252
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=176
2017-04-11 09:17:58 +00:00
Aleksa Sarai
5038fcde2b
Accepting request 484060 from home:jordimassaguerpla:branch:V:c:docker:fix_seccomp
...
- Disable libseccomp for leap 42.1, sle12sp1 and sle12, because
docker needs a higher version. Otherwise, we get the error
"conditional filtering requires libseccomp version >= 2.2.1
(bsc#1028639 and bsc#1028638)
OBS-URL: https://build.opensuse.org/request/show/484060
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=175
2017-03-31 11:32:13 +00:00
Dominique Leuenberger
b61db04550
Accepting request 480841 from Virtualization:containers
...
1
OBS-URL: https://build.opensuse.org/request/show/480841
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/docker?expand=0&rev=52
2017-03-22 22:18:14 +00:00
Jordi Massaguer
757ddedc74
Accepting request 480819 from home:cyphar:containers
...
- Add a backport of fix to AppArmor lazy loading docker-exec case.
https://github.com/docker/docker/pull/31773
+ pr31773-daemon-also-ensureDefaultApparmorProfile-in-exec-pat.patch
OBS-URL: https://build.opensuse.org/request/show/480819
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=173
2017-03-17 13:18:51 +00:00
Jordi Massaguer
9c1f006520
Accepting request 477670 from home:cyphar:containers
...
This massively cleans up the docker mount secrets patch we have to use the new
Docker Swarm framework for /run/secrets (which doesn't require swarm mode with
these patches).
OBS-URL: https://build.opensuse.org/request/show/477670
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=172
2017-03-08 09:03:15 +00:00
Aleksa Sarai
f0d9c665f7
Accepting request 477346 from home:jordimassaguerpla:branch:V:c:docker:small_fixes_1_13_0
...
- fix docker-mount-secrets.patch to apply to docker-1.13.0
- Remove old plugins.json to prevent docker-1.13 to fail to start
- Fix bsc#1026827: systemd TasksMax default throttles docker
- Fix post section by adding shadow as a package requirement
Otherwise the groupadd instruction fails
OBS-URL: https://build.opensuse.org/request/show/477346
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=171
2017-03-07 10:40:30 +00:00