Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2016-10-13 11:31:39
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and      /work/SRC/openSUSE:Factory/.docker.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "docker"

Changes:
--------
--- /work/SRC/openSUSE:Factory/docker/docker.changes    2016-09-21 
18:49:53.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes       2016-10-13 
11:31:39.000000000 +0200
@@ -1,0 +2,7 @@
+Tue Oct 11 09:36:23 UTC 2016 - asa...@suse.com
+
+- docker-mount-secrets.patch: change the internal mountpoint name to not use
+  ":" as that character can be considered a special character by other tools.
+  bsc#999582
+
+-------------------------------------------------------------------

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ docker.spec ++++++
--- /var/tmp/diff_new_pack.nDYl57/_old  2016-10-13 11:31:41.000000000 +0200
+++ /var/tmp/diff_new_pack.nDYl57/_new  2016-10-13 11:31:41.000000000 +0200
@@ -64,6 +64,10 @@
 Patch100:       gcc-go-patches.patch
 Patch101:       netlink_gcc_go.patch
 Patch102:       netlink_netns_powerpc.patch
+# SUSE-FEATURE: Adds the /run/secrets mountpoint inside all Docker containers
+# which is not snapshotted when images are committed. Note that if you modify
+# this patch, please also modify the patch in the suse-secrets-v<version>
+# branch in http://github.com/suse/docker.mirror.
 Patch200:       docker-mount-secrets.patch
 Patch300:       integration-cli-fix-TestInfoEnsureSucceeds.patch
 BuildRequires:  audit

++++++ docker-mount-secrets.patch ++++++
--- /var/tmp/diff_new_pack.nDYl57/_old  2016-10-13 11:31:41.000000000 +0200
+++ /var/tmp/diff_new_pack.nDYl57/_new  2016-10-13 11:31:41.000000000 +0200
@@ -1,31 +1,23 @@
-From fb84d5a3fbc3f1fad7dfc961b5dace3915eae7f9 Mon Sep 17 00:00:00 2001
-From: Aleksa Sarai <asa...@suse.de>
-Date: Mon, 11 Apr 2016 22:54:35 +1000
-Subject: [PATCH] SUSE: implement SUSE container secrets
+commit 7726422774cf8dda6766cb268b4e9110e4f68945
+Author: Aleksa Sarai <asa...@suse.de>
+Date:   Mon Apr 11 22:54:35 2016 +1000
 
-This allows for us to pass in host credentials to a container, allowing
-for SUSEConnect to work with containers.
-
-THIS PATCH IS NOT TO BE UPSTREAMED, DUE TO THE FACT THAT IT IS
-SUSE-SPECIFIC, AND UPSTREAM DOES NOT APPROVE OF THIS CONCEPT BECAUSE IT
-MAKES BUILDS NOT ENTIRELY REPRODUCIBLE.
-
-Signed-off-by: Aleksa Sarai <asa...@suse.de>
----
- container/container_unix.go         |  63 ++++++++++++
- daemon/container_operations_unix.go |  50 ++++++++++
- daemon/daemon_unix.go               |   6 +-
- daemon/oci_linux.go                 |   7 ++
- daemon/start.go                     |   6 ++
- daemon/suse_secrets.go              | 184 ++++++++++++++++++++++++++++++++++++
- 6 files changed, 314 insertions(+), 2 deletions(-)
- create mode 100644 daemon/suse_secrets.go
+    SUSE: implement SUSE container secrets
+    
+    This allows for us to pass in host credentials to a container, allowing
+    for SUSEConnect to work with containers.
+    
+    THIS PATCH IS NOT TO BE UPSTREAMED, DUE TO THE FACT THAT IT IS
+    SUSE-SPECIFIC, AND UPSTREAM DOES NOT APPROVE OF THIS CONCEPT BECAUSE IT
+    MAKES BUILDS NOT ENTIRELY REPRODUCIBLE.
+    
+    Signed-off-by: Aleksa Sarai <asa...@suse.de>
 
 diff --git a/container/container_unix.go b/container/container_unix.go
-index 8273bdb..d86d783 100644
+index 2727b818f542..07a07102f031 100644
 --- a/container/container_unix.go
 +++ b/container/container_unix.go
-@@ -34,6 +34,8 @@ type Container struct {
+@@ -35,6 +35,8 @@ type Container struct {
        HostsPath       string
        ShmPath         string
        ResolvConfPath  string
@@ -34,14 +26,14 @@
        SeccompProfile  string
        NoNewPrivileges bool
  }
-@@ -243,6 +245,67 @@ func (container *Container) IpcMounts() []Mount {
+@@ -256,6 +258,67 @@ func (container *Container) IpcMounts() []Mount {
        return mounts
  }
  
 +// SUSE:secrets :: SuseSecretsResourcePath returns the path to the container's
 +// personal /run/secrets tmpfs.
 +func (container *Container) SuseSecretsResourcePath() (string, error) {
-+      return container.GetRootResourcePath("suse:secrets")
++      return container.GetRootResourcePath("suse.secrets")
 +}
 +
 +// SUSE:secrets :: SuseSecretMounts returns the list of mounts required for 
the
@@ -103,10 +95,10 @@
  func (container *Container) UpdateContainer(hostConfig 
*containertypes.HostConfig) error {
        container.Lock()
 diff --git a/daemon/container_operations_unix.go 
b/daemon/container_operations_unix.go
-index c8a0b93..036c65a 100644
+index 55bd3fc8392d..a3ab7fbd83d1 100644
 --- a/daemon/container_operations_unix.go
 +++ b/daemon/container_operations_unix.go
-@@ -168,6 +168,56 @@ func (daemon *Daemon) getIpcContainer(container 
*container.Container) (*containe
+@@ -184,6 +184,56 @@ func (daemon *Daemon) getPidContainer(container 
*container.Container) (*containe
        return c, nil
  }
  
@@ -164,10 +156,10 @@
        var err error
  
 diff --git a/daemon/daemon_unix.go b/daemon/daemon_unix.go
-index 9e231c5..1138c9a 100644
+index f26691226f91..2ced1b869b81 100644
 --- a/daemon/daemon_unix.go
 +++ b/daemon/daemon_unix.go
-@@ -795,8 +795,10 @@ func initBridgeDriver(controller 
libnetwork.NetworkController, config *Config) e
+@@ -809,8 +809,10 @@ func initBridgeDriver(controller 
libnetwork.NetworkController, config *Config) e
  // the container from unwanted side-effects on the rw layer.
  func setupInitLayer(initLayer string, rootUID, rootGID int) error {
        for pth, typ := range map[string]string{
@@ -181,10 +173,10 @@
                "/sys":             "dir",
                "/.dockerenv":      "file",
 diff --git a/daemon/oci_linux.go b/daemon/oci_linux.go
-index e238640..0d8bb47 100644
+index 4459d02fcad3..6af7d351ccc0 100644
 --- a/daemon/oci_linux.go
 +++ b/daemon/oci_linux.go
-@@ -655,6 +655,10 @@ func (daemon *Daemon) createSpec(c *container.Container) 
(*libcontainerd.Spec, e
+@@ -656,6 +656,10 @@ func (daemon *Daemon) createSpec(c *container.Container) 
(*libcontainerd.Spec, e
        if err := daemon.setupIpcDirs(c); err != nil {
                return nil, err
        }
@@ -195,7 +187,7 @@
  
        ms, err := daemon.setupMounts(c)
        if err != nil {
-@@ -662,6 +666,8 @@ func (daemon *Daemon) createSpec(c *container.Container) 
(*libcontainerd.Spec, e
+@@ -663,6 +667,8 @@ func (daemon *Daemon) createSpec(c *container.Container) 
(*libcontainerd.Spec, e
        }
        ms = append(ms, c.IpcMounts()...)
        ms = append(ms, c.TmpfsMounts()...)
@@ -205,10 +197,10 @@
        if err := setMounts(daemon, &s, c, ms); err != nil {
                return nil, fmt.Errorf("linux mounts: %v", err)
 diff --git a/daemon/start.go b/daemon/start.go
-index 4862969..6d3b56e 100644
+index 7a0bc2121c83..30b75ee2a616 100644
 --- a/daemon/start.go
 +++ b/daemon/start.go
-@@ -164,6 +164,12 @@ func (daemon *Daemon) Cleanup(container 
*container.Container) {
+@@ -173,6 +173,12 @@ func (daemon *Daemon) Cleanup(container 
*container.Container) {
  
        container.UnmountIpcMounts(detachMounted)
  
@@ -223,7 +215,7 @@
                // Ensure that all the mounts are gone
 diff --git a/daemon/suse_secrets.go b/daemon/suse_secrets.go
 new file mode 100644
-index 0000000..417a1a9
+index 000000000000..417a1a9e5b61
 --- /dev/null
 +++ b/daemon/suse_secrets.go
 @@ -0,0 +1,184 @@
@@ -411,6 +403,3 @@
 +
 +      return secrets, nil
 +}
--- 
-2.8.1
-


Reply via email to