forked from pool/docker
Accepting request 540407 from home:cyphar:containers:docker_bsc1057743
Match secrets patches with upstream. This corrects a bug in our fix for bsc#1055676. OBS-URL: https://build.opensuse.org/request/show/540407 OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=216
This commit is contained in:
parent
6a6c6aa170
commit
c1e075d88f
@ -70,5 +70,5 @@ index 84b7eb352f1a..dc3a48bfe47a 100644
|
||||
return errors.Wrap(err, "error setting ownership for secret")
|
||||
}
|
||||
--
|
||||
2.14.2
|
||||
2.15.0
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
From afb202611a8330e0b3a7900aa2d68b7cc1d489fe Mon Sep 17 00:00:00 2001
|
||||
From 7c03750568cb9b67b763cd03f92ce45c567ca043 Mon Sep 17 00:00:00 2001
|
||||
From: Aleksa Sarai <asarai@suse.de>
|
||||
Date: Wed, 8 Mar 2017 11:43:29 +1100
|
||||
Subject: [PATCH 2/2] SUSE: implement SUSE container secrets
|
||||
@ -13,8 +13,8 @@ MAKES BUILDS NOT ENTIRELY REPRODUCIBLE.
|
||||
Signed-off-by: Aleksa Sarai <asarai@suse.de>
|
||||
---
|
||||
daemon/start.go | 5 +
|
||||
daemon/suse_secrets.go | 328 +++++++++++++++++++++++++++++++++++++++++++++++++
|
||||
2 files changed, 333 insertions(+)
|
||||
daemon/suse_secrets.go | 331 +++++++++++++++++++++++++++++++++++++++++++++++++
|
||||
2 files changed, 336 insertions(+)
|
||||
create mode 100644 daemon/suse_secrets.go
|
||||
|
||||
diff --git a/daemon/start.go b/daemon/start.go
|
||||
@ -35,10 +35,10 @@ index 55438cf2c45f..7dfa6cd1d055 100644
|
||||
return err
|
||||
diff --git a/daemon/suse_secrets.go b/daemon/suse_secrets.go
|
||||
new file mode 100644
|
||||
index 000000000000..b09ad96f01b0
|
||||
index 000000000000..b6914adf09ce
|
||||
--- /dev/null
|
||||
+++ b/daemon/suse_secrets.go
|
||||
@@ -0,0 +1,328 @@
|
||||
@@ -0,0 +1,331 @@
|
||||
+/*
|
||||
+ * suse-secrets: patch for Docker to implement SUSE secrets
|
||||
+ * Copyright (C) 2017 SUSE LLC.
|
||||
@ -94,6 +94,9 @@ index 000000000000..b09ad96f01b0
|
||||
+}
|
||||
+
|
||||
+func (s SuseFakeFile) id() string {
|
||||
+ // NOTE: It is _very_ important that this string always has a prefix of
|
||||
+ // "suse". This is how we can ensure that we can operate on
|
||||
+ // SecretReferences with a confidence that it was made by us.
|
||||
+ return fmt.Sprintf("suse_%s_%s", digest.FromBytes(s.Data).Hex(), s.Path)
|
||||
+}
|
||||
+
|
||||
@ -113,7 +116,7 @@ index 000000000000..b09ad96f01b0
|
||||
+ // mapped).
|
||||
+ ctrUser := idtools.IDPair{UID: s.Uid, GID: s.Gid}
|
||||
+ hostUser := idMaps.RootPair()
|
||||
+ if user, err := idMaps.ToHost(ctrUser); err != nil {
|
||||
+ if user, err := idMaps.ToHost(ctrUser); err == nil {
|
||||
+ hostUser = user
|
||||
+ }
|
||||
+
|
||||
@ -368,5 +371,5 @@ index 000000000000..b09ad96f01b0
|
||||
+ return nil
|
||||
+}
|
||||
--
|
||||
2.14.2
|
||||
2.15.0
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user