packages/docker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
98 Commits 1 Branch 0 Tags
Commit Graph

98 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
openeuler-ci-bot
f3ac464a6e
!314 docker:modify runc rpm package name to runc 
From: @zhong-jiawei-1 
Reviewed-by: @zhangsong234 
Signed-off-by: @zhangsong234
 2024-06-14 06:24:01 +00:00
zhongjiawei
3fa184fafd docker:modify runc rpm package name to runc 2024-06-13 16:34:54 +08:00
openeuler-ci-bot
630b06c475
!308 [sync] PR-303: backport: fix CVE-2024-32473 
From: @openeuler-sync-bot 
Reviewed-by: @zhangsong234 
Signed-off-by: @zhangsong234
 2024-05-08 13:13:07 +00:00
chenjiankun
99f5ab96c6 backport: fix CVE-2024-32473 
fix #I9HX2H

(cherry picked from commit 29ff8159f389c51ebfe76fa3926ce722a65b7ba8)
 2024-05-08 17:10:28 +08:00
openeuler-ci-bot
48894ea24f
!295 [sync] PR-294: docker: fix CVE-2024-29018 
From: @openeuler-sync-bot 
Reviewed-by: @zhangsong234 
Signed-off-by: @zhangsong234
 2024-04-12 11:32:33 +00:00
chenjiankun
d4dc011fd2 docker: fix CVE-2024-29018 
fix #I9A82U

(cherry picked from commit 035844ebe4186c26e0da07fa35e52e968cde9836)
 2024-04-12 17:05:37 +08:00
openeuler-ci-bot
4cb0d67c6e
!283 [sync] PR-281: backport: fix CVE-2024-24557 
From: @openeuler-sync-bot 
Reviewed-by: @zhangsong234 
Signed-off-by: @zhangsong234
 2024-03-19 11:29:41 +00:00
chenjiankun
af72c1a944 backport: fix CVE-2024-24557 
fix #I90KVB

(cherry picked from commit 23c0890e05c6872627e34a03538443d7ef2dc6b1)
 2024-03-19 17:25:23 +08:00
openeuler-ci-bot
51173e60bd
!277 [sync] PR-274: docker: sync patches from upstream 
From: @openeuler-sync-bot 
Reviewed-by: @zhangsong234 
Signed-off-by: @zhangsong234
 2024-01-09 06:22:34 +00:00
chenjiankun
c00617e26a docker: sync patches from upstream 
Sync patches from upstream, including:
b033961a82
2a8341f252
cae76642b6
f43f820a8c
b1d05350ec
7a24e475b3
f89fd3df7d
76e4260141
b92585a470

(cherry picked from commit 964354b6885aa28a3668ccab6cf0c458206df30b)
 2024-01-08 15:46:01 +08:00
openeuler-ci-bot
b5f00e5985
!266 [sync] PR-262: docker:add delay after freeze 
From: @openeuler-sync-bot 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
 2023-10-12 12:33:37 +00:00
zhongjiawei
937754a249 docker:add delay after freeze 
(cherry picked from commit 2e48b57e25c721804c926c73370c33d3e769bc94)
 2023-10-12 17:19:29 +08:00
openeuler-ci-bot
b89d862077
!257 [sync] PR-255: docker: fix COPY --from should preserve ownership 
From: @openeuler-sync-bot 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
 2023-10-09 11:47:18 +00:00
Lu Jingxiao
0b26f41390 docker: fix COPY --from should preserve ownership 
Fixes: #I86H6B

Signed-off-by: Lu Jingxiao <lujingxiao@huawei.com>
(cherry picked from commit 84fd54726a663f603700e4b565b065a62c268449)
 2023-10-09 18:58:59 +08:00
openeuler-ci-bot
17fe0e8e71
!252 [sync] PR-249: 修复docker pull和restart dockerd并发操作,/var/lib/docker/devicemapper/mnt/目录资源残留问题 
From: @openeuler-sync-bot 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
 2023-08-29 02:51:53 +00:00
flyflyflypeng
1dceeb1c20 docker: remove useless mount point dir 
fix #I7UQ2Y

Signed-off-by: flyflyflypeng <jiangpengfei9@huawei.com>
(cherry picked from commit e5190694496f1b5fccb7b70e982fdf3fadb6e3cb)
 2023-08-28 15:14:00 +08:00
openeuler-ci-bot
b53043d34f
!240 docker: define a dummy hostname to use for local connections 
From: @jackchan8 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
 2023-08-03 02:26:30 +00:00
chenjiankun
cd7070aebb docker: define a dummy hostname to use for local connections 
For local communications (npipe://, unix://), the hostname is not used,
but we need valid and meaningful hostname.

The current code used the client's `addr` as hostname in some cases, which
could contain the path for the unix-socket (`/var/run/docker.sock`), which
gets rejected by go1.20.6 and go1.19.11 because of a security fix for
[CVE-2023-29406 ][1], which was implemented in  https://go.dev/issue/60374.

Prior versions go Go would clean the host header, and strip slashes in the
process, but go1.20.6 and go1.19.11 no longer do, and reject the host
header.

This patch introduces a `DummyHost` const, and uses this dummy host for
cases where we don't need an actual hostname.
 2023-08-02 16:30:20 +08:00
openeuler-ci-bot
1b1985ecc6
!234 [sync] PR-233: docker: sync patches from master 
From: @openeuler-sync-bot 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
 2023-07-13 06:41:08 +00:00
chenjiankun
f69d70d2e2 docker: sync patches from master 
(cherry picked from commit faa68fcbfa7bc543cdf70f004b82eed8431c7c77)
 2023-07-13 11:26:08 +08:00
openeuler-ci-bot
1d0f48e769
!229 docker:remove invalid libcgroup dependencies 
From: @zhong-jiawei-1 
Reviewed-by: @zhangsong234, @duguhaotian 
Signed-off-by: @duguhaotian
 2023-07-12 04:00:06 +00:00
zhongjiawei
1beb1da2de docker:remove invalid libcgroup dependencies 2023-07-12 11:39:01 +08:00
openeuler-ci-bot
d0e04590e6
!217 docker:thinpool full because docker daemon restart when docker pull 
From: @zhong-jiawei-1 
Reviewed-by: @zhangsong234, @duguhaotian 
Signed-off-by: @duguhaotian
 2023-06-09 04:01:58 +00:00
zhongjiawei
a4edd1edf4 docker:thinpool full because docker daemon restart when docker pull 2023-06-09 11:06:25 +08:00
openeuler-ci-bot
f366ec1425
!207 [sync] PR-205: docker:fix CVE-2023-28840 CVE-2023-28841 CVE-2023-28842 
From: @openeuler-sync-bot 
Reviewed-by: @zhangsong234, @duguhaotian 
Signed-off-by: @duguhaotian
 2023-04-06 12:31:54 +00:00
zhongjiawei
7a60984014 docker:fix CVE-2023-28840 CVE-2023-28841 CVE-2023-28842 
(cherry picked from commit f021f5c385bf7dd11a892a128888f5998f754b24)
 2023-04-06 20:00:21 +08:00
openeuler-ci-bot
2aa7dd8759
!200 [sync] PR-198: docker:backport upstream patches 
From: @openeuler-sync-bot 
Reviewed-by: @zhangsong234, @duguhaotian 
Signed-off-by: @duguhaotian
 2023-03-30 06:10:01 +00:00
zhongjiawei
cf3b5bbff6 docker:sync some patches 
(cherry picked from commit 5004ebff5b6cd0eeff1a8edaf8f59dea0f348021)
 2023-03-30 10:02:42 +08:00
openeuler-ci-bot
d6c7ceaf25
!189 [sync] PR-186: docker:try http for docker manifest insecure 
From: @openeuler-sync-bot 
Reviewed-by: @zhangsong234, @duguhaotian 
Signed-off-by: @duguhaotian
 2023-03-16 07:12:37 +00:00
zhongjiawei
9c2234772a docker: try http for docker manifest insecure 
(cherry picked from commit ff3bcc697b172784a8dacd637576cd932801399a)
 2023-03-16 14:27:21 +08:00
openeuler-ci-bot
e3c5b359c0
!182 [sync] PR-181: docker: fix container missing after restarting dockerd twice 
From: @openeuler-sync-bot 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
 2023-03-15 02:51:07 +00:00
JackChan8
2f5e04a8aa docker: fix container missing after restarting dockerd twice 
fix #I6MJ4X

(cherry picked from commit 5ecf0ca3e74f004180222c8ec9ea3e240bf96d15)
 2023-03-15 10:03:30 +08:00
openeuler-ci-bot
4eb3292100
!177 [sync] PR-176: docker stats: fix 'panic: close of closed channel' 
From: @openeuler-sync-bot 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
 2023-03-10 09:24:25 +00:00
Song Zhang
725d53a12b docker stats: fix 'panic: close of closed channel' 
bugfix: https://gitee.com/src-openeuler/docker/issues/I6LNNW?from=project-issue

Signed-off-by: Song Zhang <zhangsong34@huawei.com>
(cherry picked from commit 8ed0a65d0b666a1f05e3b9c2e0f906859a1c4acb)
 2023-03-10 16:39:45 +08:00
openeuler-ci-bot
42eaf1976e
!172 [sync] PR-170: docker: set freezer.state to Thawed to increase freeze chances 
From: @openeuler-sync-bot 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
 2023-02-17 09:38:46 +00:00
chenjiankun
8eacb70a4e docker: set freezer.state to Thawed to increase freeze chances 
docker pause/unpause with parallel docker exec can lead to freezing
state, set freezer.state to Thawed to increase freeze chances

(cherry picked from commit b78a50c378d2ccef2254cf694991f4d52eec1fe9)
 2023-02-17 16:52:06 +08:00
openeuler-ci-bot
6cac8f8bc6
!164 [sync] PR-160: docker:do not stop health check before sending signal 
From: @openeuler-sync-bot 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
 2022-12-01 12:29:18 +00:00
zhongjiawei
748628a918 docker:do not stop health check before sending signal 
(cherry picked from commit 365eb0b1969d296e7e6894af9f913b3e24f81c21)
 2022-12-01 16:28:49 +08:00
openeuler-ci-bot
4e8201a56d
!157 [sync] PR-154: docker: using VERSION-vendor to record version 
From: @openeuler-sync-bot 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
 2022-11-24 07:34:25 +00:00
chenjiankun
ec922e1fed docker: using VERSION-vendor to record version 
(cherry picked from commit 3cc77fa02d5a0efb77b71d4f506b44f209329b1d)
 2022-11-24 14:31:40 +08:00
openeuler-ci-bot
33724df909
!151 [sync] PR-148: docker: fix dockerd core when release network 
From: @openeuler-sync-bot 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
 2022-11-23 02:36:53 +00:00
chenjiankun
025a686650 docker: fix dockerd core when release network 
fix #I627ON

(cherry picked from commit 07ce32f65f1a3d9d812fe0fbb0276353472c035d)
 2022-11-22 20:40:56 +08:00
openeuler-ci-bot
b3ee12551d
!145 [sync] PR-142: docker: cleanup netns file when stop docker daemon 
From: @openeuler-sync-bot 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
 2022-11-22 12:37:25 +00:00
chenjiankun
6c95d358c2 docker: cleanup netns file when stop docker daemon 
fix #I5W2XY

(cherry picked from commit 6a3861c8c1449da33e37ccbd0f8a9327394dff6b)
 2022-11-22 16:36:27 +08:00
openeuler-ci-bot
dc16083004
!141 [sync] PR-139: docker: fix compile problem 
From: @openeuler-sync-bot 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
 2022-10-19 02:29:08 +00:00
chenjiankun
3adcb38631 docker: fix compile problem 
(cherry picked from commit 0044b4982fe164af275802e9901040e9c588a2b2)
 2022-10-19 09:56:49 +08:00
openeuler-ci-bot
5106a479a6
!135 [sync] PR-131: docker: add epoch for easy upgrade 
From: @openeuler-sync-bot 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
 2022-09-21 06:16:07 +00:00
chenjiankun
ffbd659b2d docker: add epoch for easy upgrade 
(cherry picked from commit 7e4ff1bd426180bbdb05f55a57db9ec03034a257)
 2022-09-21 11:29:00 +08:00
openeuler-ci-bot
37e7f70f10
!129 [sync] PR-125: docker: ensure layer digest folder removed if ls.driver.Remove fails 
From: @openeuler-sync-bot 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
 2022-09-16 06:51:20 +00:00
chenjiankun
d13823d8e0 docker: ensure layer digest folder removed if ls.driver.Remove fails 
If image pull fails of context canceled, image layer will perform a
rollback operation. When image layer is released, the diff folder of layer
will be removed first, and then the digest folder will be removed.
If the diff folder fails to be removed, such as operation not permitted or
interrupted by others, both the digest folder and diff folder will remain
on the disk, this will cause image not be complete and not repairable.

So we should remove the digest folder first for image layers rollback
and ensure image can be re-pulled completely.

(cherry picked from commit 54c9d1260f3b7756794a8b8c13e0080831c29203)
 2022-09-16 09:24:39 +08:00