centersl/docker-docs
1
0
Fork 0
mirror of https://github.com/docker/docs.git synced 2026-03-30 07:48:52 +07:00
Code Issues Packages Projects Releases Wiki Activity
8,731 Commits 54 Branches 28 Tags
c95f77866c18fcd75507bf72df405bc61ba50bb0
Commit Graph

18 Commits

Author SHA1 Message Date
Michael Crosby
e1c7abe890 Add the rest of the caps so that they are retained in privilged mode 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-05-19 16:43:31 +00:00
Victor Vieux
a0070f0c17 add support for CAP_FOWNER 
Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
 2014-05-17 01:16:07 +00:00
Victor Marmol
92614928ce Make libcontainer's CapabilitiesMask into a []string (Capabilities). 
Docker-DCO-1.1-Signed-off-by: Victor Marmol <vmarmol@google.com> (github: vmarmol)
 2014-05-17 00:44:10 +00:00
Victor Marmol
9d6875d19d Change libcontainer to drop all capabilities by default. Only keeps 
those that were specified in the config. This commit also explicitly
adds a set of capabilities that we were silently not dropping and were
assumed by the tests.

Docker-DCO-1.1-Signed-off-by: Victor Marmol <vmarmol@google.com> (github: vmarmol)
 2014-05-16 00:57:58 +00:00
Michael Crosby
db5f6b4aa0 Improve libcontainer namespace and cap format 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-05-05 12:34:21 -07:00
Eiichi Tsukata
cac0cea03f drop CAP_SYSLOG capability 
Kernel capabilities for privileged syslog operations are currently splitted into
CAP_SYS_ADMIN and CAP_SYSLOG since the following commit:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce6ada35bdf710d16582cc4869c26722547e6f11

This patch drops CAP_SYSLOG to prevent containers from messing with
host's syslog (e.g. `dmesg -c` clears up host's printk ring buffer).

Closes #5491

Docker-DCO-1.1-Signed-off-by: Eiichi Tsukata <devel@etsukata.com> (github: Etsukata)
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-05-01 11:43:55 -07:00
Michael Crosby
156987c118 Move mounts into types.go 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-04-24 10:35:20 -07:00
Kato Kazuyoshi
c5226d94fa Avoid "invalid memory address or nil pointer dereference" panic 
libcontainer.GetNamespace returns nil on FreeBSD because
libcontainer.namespaceList is empty. In this case, Namespaces#Get should
return nil instead of being panic.

Docker-DCO-1.1-Signed-off-by: Kato Kazuyoshi <kato.kazuyoshi@gmail.com> (github: kzys)
 2014-04-10 22:07:29 +09:00
Michael Crosby
70f3b9f4ce Add ability to work with individual namespaces 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-03-21 00:23:34 +00:00
Michael Crosby
443a75d5f6 Allow caps to be toggled in native driver with plugin flag 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-03-21 00:10:24 +00:00
Michael Crosby
c5f9c4bd69 Dont use custom marshaling for caps and namespaces 
This also adds an enabled field to the types so that they
can be easily toggled.
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-03-20 23:09:01 +00:00
Michael Crosby
7e52445f2f Add find tests and remove panic in DEBUG 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-03-04 08:55:12 -08:00
Michael Crosby
93ed15075c Fix cross compile for make cross 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-25 15:19:13 -08:00
Guillaume J. Charmes
91bf120c51 Better capability/namespace management 
Docker-DCO-1.1-Signed-off-by: Guillaume J. Charmes <guillaume.charmes@docker.com> (github: creack)
 2014-02-24 21:52:29 -08:00
Michael Crosby
70593be139 Add comments to many functions 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-21 14:56:16 -08:00
Michael Crosby
e0ff0f4dd6 Add CAP_NET_ADMIN 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-21 14:56:16 -08:00
Michael Crosby
5d62916c48 Refactor large funcs 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-21 14:56:16 -08:00
Michael Crosby
e8abaf217b Initial commit of libcontainer 
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
 2014-02-21 14:56:15 -08:00