diff --git a/docker.changes b/docker.changes index efa9e2a..db89647 100644 --- a/docker.changes +++ b/docker.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Fri Jan 29 11:54:53 UTC 2021 - Aleksa Sarai + +- Re-apply secrets fix for bsc#1065609 which appears to have been lost after it + was fixed. + * secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch + * secrets-0002-SUSE-implement-SUSE-container-secrets.patch + ------------------------------------------------------------------- Wed Dec 23 06:40:46 UTC 2020 - Aleksa Sarai diff --git a/secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch b/secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch index e6c05ad..82fb391 100644 --- a/secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch +++ b/secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch @@ -70,5 +70,5 @@ index 3fcdc1913bed..4920def81a7e 100644 return errors.Wrap(err, "error setting ownership for secret") } -- -2.22.0 +2.30.0 diff --git a/secrets-0002-SUSE-implement-SUSE-container-secrets.patch b/secrets-0002-SUSE-implement-SUSE-container-secrets.patch index b939896..da7c18d 100644 --- a/secrets-0002-SUSE-implement-SUSE-container-secrets.patch +++ b/secrets-0002-SUSE-implement-SUSE-container-secrets.patch @@ -1,4 +1,4 @@ -From 80072183953f8cf6fcef6b5e65e609e833dd9fb8 Mon Sep 17 00:00:00 2001 +From 3b3a583ef0704d1a83d172c8a996b1d536e2839b Mon Sep 17 00:00:00 2001 From: Aleksa Sarai Date: Wed, 8 Mar 2017 11:43:29 +1100 Subject: [PATCH 2/2] SUSE: implement SUSE container secrets @@ -10,12 +10,12 @@ THIS PATCH IS NOT TO BE UPSTREAMED, DUE TO THE FACT THAT IT IS SUSE-SPECIFIC, AND UPSTREAM DOES NOT APPROVE OF THIS CONCEPT BECAUSE IT MAKES BUILDS NOT ENTIRELY REPRODUCIBLE. -SUSE-Bugs: bsc#1057743 bsc#1055676 bsc#1030702 +SUSE-Bugs: bsc#1065609 bsc#1057743 bsc#1055676 bsc#1030702 Signed-off-by: Aleksa Sarai --- components/engine/daemon/start.go | 5 + - components/engine/daemon/suse_secrets.go | 396 +++++++++++++++++++++++ - 2 files changed, 401 insertions(+) + components/engine/daemon/suse_secrets.go | 406 +++++++++++++++++++++++ + 2 files changed, 411 insertions(+) create mode 100644 components/engine/daemon/suse_secrets.go diff --git a/components/engine/daemon/start.go b/components/engine/daemon/start.go @@ -36,10 +36,10 @@ index 57a7267b7cbb..46c3a603554f 100644 return errdefs.System(err) diff --git a/components/engine/daemon/suse_secrets.go b/components/engine/daemon/suse_secrets.go new file mode 100644 -index 000000000000..087c877015a7 +index 000000000000..e8de931cb7ca --- /dev/null +++ b/components/engine/daemon/suse_secrets.go -@@ -0,0 +1,396 @@ +@@ -0,0 +1,406 @@ +/* + * suse-secrets: patch for Docker to implement SUSE secrets + * Copyright (C) 2017 SUSE LLC. @@ -145,9 +145,14 @@ index 000000000000..087c877015a7 + path := filepath.Join(prefix, dir) + fi, err := os.Stat(path) + if err != nil { -+ // Ignore dangling symlinks. ++ // Ignore missing files. + if os.IsNotExist(err) { -+ logrus.Warnf("SUSE:secrets :: dangling symlink: %s", path) ++ // If the path itself exists it was a dangling symlink so give a ++ // warning about the dangling symlink. ++ _, err2 := os.Lstat(path) ++ if !os.IsNotExist(err2) { ++ logrus.Warnf("SUSE:secrets :: ignoring dangling symlink: %s", path) ++ } + return nil, nil + } + return nil, err @@ -261,9 +266,14 @@ index 000000000000..087c877015a7 + path := filepath.Join(prefix, file) + fi, err := os.Stat(path) + if err != nil { -+ // Ignore dangling symlinks. ++ // Ignore missing files. + if os.IsNotExist(err) { -+ logrus.Warnf("SUSE:secrets :: dangling symlink: %s", path) ++ // If the path itself exists it was a dangling symlink so give a ++ // warning about the dangling symlink. ++ _, err2 := os.Lstat(path) ++ if !os.IsNotExist(err2) { ++ logrus.Warnf("SUSE:secrets :: ignoring dangling symlink: %s", path) ++ } + return nil, nil + } + return nil, err @@ -437,5 +447,5 @@ index 000000000000..087c877015a7 + return nil +} -- -2.22.0 +2.30.0