From 5283b611b2705348d0c197e72aafb090f4b70e1ae86302ea1de075e93e964ace Mon Sep 17 00:00:00 2001
From: Thomas Hipp <thomashipp@gmail.com>
Date: Mon, 10 Jul 2017 11:39:04 +0000
Subject: [PATCH 1/3] Accepting request 508834 from
 home:thipp:branches:Virtualization:containers

- fix path to docker-runc in systemd service file
- change dependency to docker-runc

OBS-URL: https://build.opensuse.org/request/show/508834
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=193
---
 docker.changes | 10 ++++++++++
 docker.service |  2 +-
 docker.spec    |  2 +-
 3 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/docker.changes b/docker.changes
index e930822..7bb7024 100644
--- a/docker.changes
+++ b/docker.changes
@@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Fri Jul  7 14:53:59 UTC 2017 - thipp@suse.de
+
+- fix path to docker-runc in systemd service file 
+
+-------------------------------------------------------------------
+Thu Jul  6 14:18:29 UTC 2017 - thipp@suse.de
+
+- change dependency to docker-runc
+
 -------------------------------------------------------------------
 Mon Jun 19 10:54:36 UTC 2017 - jmassaguerpla@suse.com
 
diff --git a/docker.service b/docker.service
index 42d360b..85a9d53 100644
--- a/docker.service
+++ b/docker.service
@@ -11,7 +11,7 @@ EnvironmentFile=/etc/sysconfig/docker
 # enabled by default because enabling socket activation means that on boot your
 # containers won't start until someone tries to administer the Docker daemon.
 Type=simple
-ExecStart=/usr/bin/dockerd --containerd /run/containerd/containerd.sock --add-runtime oci=/usr/bin/docker-runc $DOCKER_NETWORK_OPTIONS $DOCKER_OPTS
+ExecStart=/usr/bin/dockerd --containerd /run/containerd/containerd.sock --add-runtime oci=/usr/sbin/docker-runc $DOCKER_NETWORK_OPTIONS $DOCKER_OPTS
 ExecStartPost=/usr/lib/docker/docker_service_helper.sh wait
 ExecReload=/bin/kill -s HUP $MAINPID
 
diff --git a/docker.spec b/docker.spec
index 53410ae..9e05e09 100644
--- a/docker.spec
+++ b/docker.spec
@@ -87,7 +87,7 @@ Requires:       docker-libnetwork = 0.0.0+git20170119.7b2b1fe
 # Dockerfile to ensure that we don't use a slightly incompatible version of
 # runC or containerd (which would be bad).
 Requires:       containerd = 0.2.5+gitr639_422e31c
-Requires:       runc = 0.1.1+gitr2947_9c2d8d1
+Requires:       docker-runc = 0.1.1+gitr2947_9c2d8d1
 # Provides mkfs.ext4 - used by Docker when devicemapper storage driver is used
 Requires:       e2fsprogs
 Requires:       git-core >= 1.7

From eee720d9e65a9b91c25b7cd4aadaf1bd21058d1a61f6252d4d449c30641817bc Mon Sep 17 00:00:00 2001
From: Jordi Massaguer <jmassaguerpla@suse.com>
Date: Tue, 11 Jul 2017 11:32:02 +0000
Subject: [PATCH 2/3] Accepting request 509416 from
 home:jordimassaguerpla:branch:Vc:docker:bsc_1046024

- add SuSEfirewall2.service to the After clause in docker.service
  in order to fix bsc#1046024

OBS-URL: https://build.opensuse.org/request/show/509416
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=194
---
 docker.changes | 6 ++++++
 docker.service | 2 +-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/docker.changes b/docker.changes
index 7bb7024..d27bda2 100644
--- a/docker.changes
+++ b/docker.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Tue Jul 11 10:50:12 UTC 2017 - jmassaguerpla@suse.com
+
+- add SuSEfirewall2.service to the After clause in docker.service
+  in order to fix bsc#1046024 
+
 -------------------------------------------------------------------
 Fri Jul  7 14:53:59 UTC 2017 - thipp@suse.de
 
diff --git a/docker.service b/docker.service
index 85a9d53..25c0f8f 100644
--- a/docker.service
+++ b/docker.service
@@ -1,7 +1,7 @@
 [Unit]
 Description=Docker Application Container Engine
 Documentation=http://docs.docker.com
-After=network.target containerd.socket containerd.service lvm2-monitor.service
+After=network.target containerd.socket containerd.service lvm2-monitor.service SuSEfirewall2.service
 Requires=containerd.socket containerd.service
 
 [Service]

From 18b17a0bdb7d2ab28d2a6ac7cdc41c47dc68e4547321fa519dbc4662f126bc2e Mon Sep 17 00:00:00 2001
From: Aleksa Sarai <asarai@suse.com>
Date: Thu, 27 Jul 2017 16:11:06 +0000
Subject: [PATCH 3/3] Accepting request 512333 from
 home:jordimassaguerpla:branch:Vc:fix_seccomp_and_dm

- enable deferred removal for sle12sp2 and newer (and openSUSE
  equivalent. fix bsc#1021227

- enable libseccomp on sle12sp2 and newer, 42.2 and newer
  fix bsc#1028638 - docker: conditional filtering not supported on
  libseccomp for sle12

OBS-URL: https://build.opensuse.org/request/show/512333
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=195
---
 docker.changes | 13 +++++++++++++
 docker.spec    | 21 +++++++++++++--------
 2 files changed, 26 insertions(+), 8 deletions(-)

diff --git a/docker.changes b/docker.changes
index d27bda2..4321e44 100644
--- a/docker.changes
+++ b/docker.changes
@@ -1,3 +1,16 @@
+-------------------------------------------------------------------
+Wed Jul 19 18:12:26 UTC 2017 - jmassaguerpla@suse.com
+
+- enable deferred removal for sle12sp2 and newer (and openSUSE
+  equivalent. fix bsc#1021227
+
+-------------------------------------------------------------------
+Wed Jul 19 17:17:04 UTC 2017 - jmassaguerpla@suse.com
+
+- enable libseccomp on sle12sp2 and newer, 42.2 and newer
+  fix bsc#1028638 - docker: conditional filtering not supported on
+  libseccomp for sle12
+
 -------------------------------------------------------------------
 Tue Jul 11 10:50:12 UTC 2017 - jmassaguerpla@suse.com
 
diff --git a/docker.spec b/docker.spec
index 9e05e09..1cea9e5 100644
--- a/docker.spec
+++ b/docker.spec
@@ -65,9 +65,16 @@ BuildRequires:  device-mapper-devel >= 1.2.68
 BuildRequires:  glibc-devel-static
 BuildRequires:  libapparmor-devel
 BuildRequires:  libbtrfs-devel >= 3.8
-# If not leap 42.1 (120100), not sle12sp1 (120100) and not sle12 (1315)
-# enable libseccomp
-%if 0%{?sle_version} != 120100 && 0%{?suse_version} != 1315
+# enable libseccomp for sle >= sle12sp2
+%if 0%{?sle_version} >= 120200
+%define with_libseccomp 1
+%endif
+# enable libseccomp for leap >= 42.2
+%if 0%{?leap_version} >= 420200
+%define with_libseccomp 1
+%endif
+# enable libseccomp for Factory
+%if 0%{?suse_version} > 1320
 %define with_libseccomp 1
 %endif
 %if 0%{?with_libseccomp}
@@ -180,11 +187,9 @@ BUILDTAGS="exclude_graphdriver_aufs apparmor selinux pkcs11"
 %if 0%{?with_libseccomp}
 BUILDTAGS="seccomp $BUILDTAGS"
 %endif
-# Note that these commands do not allow %%elseif.
-# For versions equal to or below SLE12 && openSUSE_13.2 libdevmapper.h is not
-# recent enough to define dm_task_deferred_remove(). (This is not true of
-# SLE12_SP1 but we cannot distinguish it with this macro.)
-%if 0%{?suse_version} <= 1320
+# For SLE12 libdevmapper.h is not recent enough to define
+# dm_task_deferred_remove().
+%if 0%{?sle_version} == 120000
 	BUILDTAGS="libdm_no_deferred_remove $BUILDTAGS"
 %endif