Commit Graph

142 Commits

Author SHA256 Message Date
Aleksa Sarai
9a0bb40a46 - Fix bsc#1059011
The systemd service helper script used a timeout of 60 seconds to
  start the daemon, which is insufficient in cases where the daemon
  takes longer to start. Instead, set the service type from 'simple' to
  'notify' and remove the now superfluous helper script.
- fix bsc#1057743: Add a Requires: fix_bsc_1057743 which is provided by the
  newer version of docker-libnetwork. This is necessary because of a versioning
  bug we found in bsc#1057743.

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=213
2017-11-09 11:08:27 +00:00
Aleksa Sarai
ca68434d79 Accepting request 539622 from home:cyphar:containers:docker_CVE-2017-14992
- Add a backport of https://github.com/moby/moby/pull/35424, which fixes a
  security issue where a maliciously crafted image could be used to crash a
  Docker daemon. bsc#1066210 CVE-2017-14992
  + bsc1066210-0001-vendor-update-to-github.com-vbatts-tar-split-v0.10.2.patch

OBS-URL: https://build.opensuse.org/request/show/539622
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=212
2017-11-07 17:23:31 +00:00
Aleksa Sarai
9102c78185 Accepting request 539455 from home:cyphar:containers:docker_CVE-2017-16539
- Add a backport of https://github.com/moby/moby/pull/35399, which fixes a
  security issue where a Docker container (with a disabled AppArmor profile)
  could write to /proc/scsi/... and subsequently DoS the host. bsc#1066801
  CVE-2017-16539
  + bsc1066801-0001-oci-add-proc-scsi-to-masked-paths.patch

OBS-URL: https://build.opensuse.org/request/show/539455
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=210
2017-11-07 09:33:12 +00:00
Aleksa Sarai
91fa19e925 Accepting request 536268 from home:cyphar:containers:boo1064781_docker_version
- Correctly set `docker version` information, including the version, git
  commit, and SOURCE_DATE_EPOCH (requires a backport). This should
  *effectively* make Docker builds reproducible, with minimal cost. boo#1064781
  + bsc1064781-0001-Allow-to-override-build-date.patch

OBS-URL: https://build.opensuse.org/request/show/536268
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=208
2017-10-24 10:02:17 +00:00
Aleksa Sarai
2b837c69aa Accepting request 535073 from home:cyphar:containers:docker-ce_v17.07
Re-enable tests and correct changelog (again).

OBS-URL: https://build.opensuse.org/request/show/535073
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=206
2017-10-19 02:18:11 +00:00
Aleksa Sarai
5bc18f1a1b Accepting request 534446 from home:vrothberg:branches:Virtualization:containers
The docker-ce 17.07 update. Depends on:
- https://build.opensuse.org/request/show/534442
- https://build.opensuse.org/request/show/534444
- https://build.opensuse.org/request/show/534445

OBS-URL: https://build.opensuse.org/request/show/534446
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=204
2017-10-18 04:27:06 +00:00
Jordi Massaguer
e69ff9a2ac Accepting request 526390 from home:jordimassaguerpla:branch:V:c:fix_update_message_docker
- fix /var/adm/update-message/docker file name to be
  /var/adm/update-message/docker-%{version}-%{release}

OBS-URL: https://build.opensuse.org/request/show/526390
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=202
2017-09-18 10:05:54 +00:00
Valentin Rothberg
00112aab82 Accepting request 521690 from home:cyphar:containers:dm_bsc1045628
- devicemapper: add patch to make the dm storage driver remove a container's
  rootfs mountpoint before attempting to do libdm operations on it. This helps
  avoid complications when live mounts will leak into containers. Backport of
  https://github.com/moby/moby/pull/34573. bsc#1045628
  + bsc1045628-0001-devicemapper-remove-container-rootfs-mountPath-after.patch

OBS-URL: https://build.opensuse.org/request/show/521690
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=200
2017-09-07 07:53:28 +00:00
Jordi Massaguer
64b99bd0ee Accepting request 519818 from home:cyphar:containers:bsc1055676_userns_mount
- Fix a regression in our SUSE secrets patches, which caused the copied files
  to not carry the correct {uid,gid} mapping when using user namespaces. This
  would not cause any bugs (SUSEConnect does the right thing anyway) but it's
  possible some programs would not treat the files correctly. This is
  tangentially related to bsc#1055676.
  * secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
  * secrets-0002-SUSE-implement-SUSE-container-secrets.patch

OBS-URL: https://build.opensuse.org/request/show/519818
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=199
2017-09-04 13:03:50 +00:00
Aleksa Sarai
ca3f73206d - Use -buildmode=pie for tests and binary build. bsc#1048046 bsc#1051429
This also includes some various improvements to the packaging of runc,
containerd and docker-runc.

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=197
2017-08-11 12:09:59 +00:00
Aleksa Sarai
18b17a0bdb Accepting request 512333 from home:jordimassaguerpla:branch:Vc:fix_seccomp_and_dm
- enable deferred removal for sle12sp2 and newer (and openSUSE
  equivalent. fix bsc#1021227

- enable libseccomp on sle12sp2 and newer, 42.2 and newer
  fix bsc#1028638 - docker: conditional filtering not supported on
  libseccomp for sle12

OBS-URL: https://build.opensuse.org/request/show/512333
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=195
2017-07-27 16:11:06 +00:00
Jordi Massaguer
eee720d9e6 Accepting request 509416 from home:jordimassaguerpla:branch:Vc:docker:bsc_1046024
- add SuSEfirewall2.service to the After clause in docker.service
  in order to fix bsc#1046024

OBS-URL: https://build.opensuse.org/request/show/509416
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=194
2017-07-11 11:32:02 +00:00
Thomas Hipp
5283b611b2 Accepting request 508834 from home:thipp:branches:Virtualization:containers
- fix path to docker-runc in systemd service file 
- change dependency to docker-runc

OBS-URL: https://build.opensuse.org/request/show/508834
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=193
2017-07-10 11:39:04 +00:00
Aleksa Sarai
6d17ff854b Accepting request 504626 from home:jordimassaguerpla:branch:V:c:fix_bsc_1029630:docker
- Fix bsc#1029630: docker does not wait for lvm on system startup
I added "lvm2-monitor.service" as an "After dependency" of the docker systemd
unit.

OBS-URL: https://build.opensuse.org/request/show/504626
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=191
2017-06-19 11:50:14 +00:00
Aleksa Sarai
d3edfac459 Accepting request 499665 from home:jordimassaguerpla:branch:V:c:bsc_722377
- Fix bsc#1032287: missing docker systemd configuration

OBS-URL: https://build.opensuse.org/request/show/499665
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=189
2017-05-30 11:36:16 +00:00
Jordi Massaguer
9fce3cd938 Accepting request 498958 from home:cyphar:containers
- Update SUSE secrets patch to correctly handle restarting of containers.
  + secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
  + secrets-0002-SUSE-implement-SUSE-container-secrets.patch

OBS-URL: https://build.opensuse.org/request/show/498958
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=188
2017-05-29 12:37:19 +00:00
Jordi Massaguer
a61156fa80 Accepting request 496617 from home:scarabeus_iv:branches:Virtualization:containers
- Fix bsc#1038476 warning about non-executable docker
  * Simply verify we have binary prior using it, might happen if
    someone had docker installed and then did remove it and install
    from scratch again

OBS-URL: https://build.opensuse.org/request/show/496617
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=187
2017-05-25 08:24:46 +00:00
Miquel Sabate Sola
ba2f6637f8 Accepting request 495639 from home:cyphar:containers
- Fix bsc#1037607 which was causing read-only issues on Kubic, this is a
  backport of https://github.com/moby/moby/pull/33250.
  + bsc1037607-0001-apparmor-make-pkg-aaparser-work-on-read-only-root.patch

OBS-URL: https://build.opensuse.org/request/show/495639
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=185
2017-05-17 15:18:13 +00:00
Miquel Sabate Sola
e7663235ed Accepting request 494283 from home:cyphar:containers
- Add a partial fix for boo#1038493.
- Fixed bsc#1037436 where execids were being leaked due to bad error handling.
  This is a backport of https://github.com/docker/cli/pull/52.
   + bsc1037436-0001-client-check-tty-before-creating-exec-job.patch

OBS-URL: https://build.opensuse.org/request/show/494283
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=184
2017-05-10 14:04:27 +00:00
Jordi Massaguer
1e1a89ae18 OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=183 2017-05-04 19:02:51 +00:00
Jordi Massaguer
5cc47a1efe Accepting request 492292 from home:flavio_castelli:branches:Virtualization:containers
- Update golang build requirements to use golang(API) symbol: this is
  needed to solve a conflict between multiple versions of Go being available

OBS-URL: https://build.opensuse.org/request/show/492292
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=182
2017-05-02 15:36:24 +00:00
Jordi Massaguer
da53caf134 OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=181 2017-04-20 10:54:05 +00:00
Jordi Massaguer
fed8ecda73 OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=180 2017-04-20 10:25:37 +00:00
Jordi Massaguer
5fbd718e69 Accepting request 487501 from home:cyphar:containers
- Enable Delegate=yes, since systemd will safely ignore lvalues it doesn't
  understand.

OBS-URL: https://build.opensuse.org/request/show/487501
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=178
2017-04-12 08:37:11 +00:00
Jordi Massaguer
fa6eaf989a Accepting request 487315 from home:cyphar:containers
- Update SUSE secrets patch to handle boo#1030702.
  * secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
  * secrets-0002-SUSE-implement-SUSE-container-secrets.patch

OBS-URL: https://build.opensuse.org/request/show/487315
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=177
2017-04-11 12:13:39 +00:00
Jordi Massaguer
c9c04a0b92 Accepting request 487252 from home:m_meister:branches:Virtualization:containers
https://bugzilla.suse.com/show_bug.cgi?id=1032644

OBS-URL: https://build.opensuse.org/request/show/487252
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=176
2017-04-11 09:17:58 +00:00
Aleksa Sarai
5038fcde2b Accepting request 484060 from home:jordimassaguerpla:branch:V:c:docker:fix_seccomp
- Disable libseccomp for leap 42.1, sle12sp1 and sle12, because
  docker needs a higher version. Otherwise, we get the error
    "conditional filtering requires libseccomp version >= 2.2.1
  (bsc#1028639 and bsc#1028638)

OBS-URL: https://build.opensuse.org/request/show/484060
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=175
2017-03-31 11:32:13 +00:00
Jordi Massaguer
757ddedc74 Accepting request 480819 from home:cyphar:containers
- Add a backport of fix to AppArmor lazy loading docker-exec case.
  https://github.com/docker/docker/pull/31773
  + pr31773-daemon-also-ensureDefaultApparmorProfile-in-exec-pat.patch

OBS-URL: https://build.opensuse.org/request/show/480819
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=173
2017-03-17 13:18:51 +00:00
Jordi Massaguer
9c1f006520 Accepting request 477670 from home:cyphar:containers
This massively cleans up the docker mount secrets patch we have to use the new
Docker Swarm framework for /run/secrets (which doesn't require swarm mode with
these patches).

OBS-URL: https://build.opensuse.org/request/show/477670
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=172
2017-03-08 09:03:15 +00:00
Aleksa Sarai
f0d9c665f7 Accepting request 477346 from home:jordimassaguerpla:branch:V:c:docker:small_fixes_1_13_0
- fix docker-mount-secrets.patch to apply to docker-1.13.0 

- Remove old plugins.json to prevent docker-1.13 to fail to start 

- Fix bsc#1026827: systemd TasksMax default throttles docker  

- Fix post section by adding shadow as a package requirement
  Otherwise the groupadd instruction fails

OBS-URL: https://build.opensuse.org/request/show/477346
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=171
2017-03-07 10:40:30 +00:00
Jordi Massaguer
bfed92d82d Accepting request 476967 from home:cyphar:containers
- Add patch to fix TestDaemonCommand failure in %check. This is an upstream
  bug, and has an upstream PR to fix it https://github.com/docker/docker/pull/31549.
  + pr31549-cmd-docker-fix-TestDaemonCommand.patch

OBS-URL: https://build.opensuse.org/request/show/476967
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=170
2017-03-06 09:15:37 +00:00
Aleksa Sarai
d94576af79 Accepting request 461899 from home:jordimassaguerpla:branch:Vc:update_docker_1_13
- update docker to 1.13.0
  see details in https://github.com/docker/docker/releases/tag/v1.13.0 
- use the same buildflags for building docker and for building the
  tests.
- enable pkcs11:
  37fa75b344

OBS-URL: https://build.opensuse.org/request/show/461899
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=169
2017-03-05 03:07:44 +00:00
Jordi Massaguer
e41683b0fb Accepting request 453067 from openSUSE:Factory:zSystems
please remove that artificial excludearch s390x for opensuse

OBS-URL: https://build.opensuse.org/request/show/453067
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=167
2017-01-30 09:45:07 +00:00
Aleksa Sarai
e29a1fcaf0 Accepting request 452786 from home:jordimassaguerpla:branch:Vc:fix_runtime_docker
- provide the oci runtime so that containers which were using an old
  runtime option, when started on the new docker version, the runtime
  is changed to the new one. fix bsc#1020806 bsc#1016992

OBS-URL: https://build.opensuse.org/request/show/452786
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=166
2017-01-27 16:27:14 +00:00
Aleksa Sarai
9dd652a377 Accepting request 450174 from home:jordimassaguerpla:branch:Vc:update_docker_1_12_6
OBS-URL: https://build.opensuse.org/request/show/450174
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=164
2017-01-13 17:01:50 +00:00
Aleksa Sarai
82acbf96ef Accepting request 449885 from home:jordimassaguerpla:branch:Vc:add_wait_on_service_startup
- add "a wait" when starting docker service to fix
  bsc#1019251

OBS-URL: https://build.opensuse.org/request/show/449885
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=163
2017-01-13 13:05:35 +00:00
Aleksa Sarai
d7c5e8e7f3 Accepting request 447283 from home:jordimassaguerpla:branch:V:c:fix_ppc64le
- remove netlink_gcc_go.patch after integration of PR
  https://github.com/golang/go/issues/11707
- new boltdb_bolt_add_brokenUnaligned.patch for ppc64
  waiting for https://github.com/boltdb/bolt/pull/635

OBS-URL: https://build.opensuse.org/request/show/447283
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=161
2016-12-21 14:28:32 +00:00
Jordi Massaguer
e7c95c3802 Accepting request 447279 from home:cyphar:containers
Remove socket activation from Docker, to match upstream.

OBS-URL: https://build.opensuse.org/request/show/447279
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=159
2016-12-21 09:44:20 +00:00
Aleksa Sarai
3d7280619a OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=158 2016-12-19 14:01:37 +00:00
Aleksa Sarai
2033d2ac73 Accepting request 443923 from home:jordimassaguerpla:branch:vc:docker:fix_completin
- fix bash-completion

OBS-URL: https://build.opensuse.org/request/show/443923
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=156
2016-12-11 04:45:46 +00:00
Jordi Massaguer
226e269bd5 Accepting request 442751 from home:boombatower:branches:Virtualization:containers
Add packageand(docker:bash) to bash-completion to match zsh-completion.

OBS-URL: https://build.opensuse.org/request/show/442751
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=154
2016-11-30 09:52:14 +00:00
Jordi Massaguer
93c5e4c56c - fix runc and containerd revisions
fix bsc#1009961

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=152
2016-11-24 16:09:34 +00:00
Jordi Massaguer
68dcb35da6 - update docker to 1.12.3
- fix bsc#1007249 - CVE-2016-8867: Fix ambient capability usage in containers
 - other fixes:
   https://github.com/docker/docker/releases/tag/v1.12.3

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=150
2016-10-27 11:36:02 +00:00
Jordi Massaguer
f6cba4501a add changelog entry which was removed:
Fix go version to 1.5 (bsc#977394)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=149
2016-10-26 15:19:09 +00:00
Jordi Massaguer
c8a522d920 OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=148 2016-10-24 10:56:09 +00:00
Miquel Sabate Sola
96b81887ce Accepting request 434284 from home:cyphar:branches:Virtualization:containers
This just fixes the docker-mount-secrets.patch to assist in bsc#999582.

OBS-URL: https://build.opensuse.org/request/show/434284
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=146
2016-10-11 10:30:52 +00:00
Aleksa Sarai
1013eed0ae Accepting request 428673 from home:jordimassaguerpla:branch:V:c:fix_go_arches_def
- fix go_arches definition: use global instead of define, otherwise
  it fails to build

OBS-URL: https://build.opensuse.org/request/show/428673
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=143
2016-09-19 12:08:32 +00:00
Miquel Sabate Sola
3919623e60 Accepting request 427574 from home:cyphar:branches:Virtualization:containers
Adds the dockerd man page.

OBS-URL: https://build.opensuse.org/request/show/427574
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=142
2016-09-14 10:14:05 +00:00
Miquel Sabate Sola
7b7b508120 Accepting request 426147 from home:thipp:branch:Virtualization:containers
- add missing patch to changelog

OBS-URL: https://build.opensuse.org/request/show/426147
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=141
2016-09-14 07:47:42 +00:00
Alvaro Saurin
266b75a4a6 Accepting request 425388 from home:thipp:branch:Virtualization:containers
- fix integration test case

OBS-URL: https://build.opensuse.org/request/show/425388
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=140
2016-09-09 12:03:05 +00:00