centersl/docker-docs
1
0
Fork 0
mirror of https://github.com/docker/docs.git synced 2026-03-29 15:28:51 +07:00
Code Issues Packages Projects Releases Wiki Activity
8,272 Commits 54 Branches 28 Tags
8dfd4b677b60bc2b5de0214bb3cef1a04da12bed
Commit Graph

8 Commits

Author SHA1 Message Date
Victor Marmol
92614928ce Make libcontainer's CapabilitiesMask into a []string (Capabilities). 
Docker-DCO-1.1-Signed-off-by: Victor Marmol <vmarmol@google.com> (github: vmarmol)
 2014-05-17 00:44:10 +00:00
Victor Marmol
01d10d6f13 Merge pull request #5810 from vmarmol/drop-caps 
Change libcontainer to drop all capabilities by default.
 2014-05-16 11:51:41 -07:00
Victor Marmol
9d6875d19d Change libcontainer to drop all capabilities by default. Only keeps 
those that were specified in the config. This commit also explicitly
adds a set of capabilities that we were silently not dropping and were
assumed by the tests.

Docker-DCO-1.1-Signed-off-by: Victor Marmol <vmarmol@google.com> (github: vmarmol)
 2014-05-16 00:57:58 +00:00
Michael Crosby
3b7a19def6 Move cgroups package into libcontainer 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-05-14 15:21:44 -07:00
Michael Crosby
db5f6b4aa0 Improve libcontainer namespace and cap format 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-05-05 12:34:21 -07:00
Eiichi Tsukata
cac0cea03f drop CAP_SYSLOG capability 
Kernel capabilities for privileged syslog operations are currently splitted into
CAP_SYS_ADMIN and CAP_SYSLOG since the following commit:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce6ada35bdf710d16582cc4869c26722547e6f11

This patch drops CAP_SYSLOG to prevent containers from messing with
host's syslog (e.g. `dmesg -c` clears up host's printk ring buffer).

Closes #5491

Docker-DCO-1.1-Signed-off-by: Eiichi Tsukata <devel@etsukata.com> (github: Etsukata)
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-05-01 11:43:55 -07:00
Guillaume J. Charmes
813cebc64f Merge branch 'master' into load-profile 
Conflicts:
	daemon/execdriver/native/create.go
	daemon/execdriver/native/driver.go

Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume@charmes.net> (github: creack)
 2014-04-21 10:32:13 -07:00
Alexander Larsson
359b7df5d2 Rename runtime/* to daemon/* 
Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
 2014-04-17 14:43:01 -07:00