commit docker for openSUSE:Factory

2020-08-16 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2020-08-16 20:26:09

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new.3399 (New)


Package is "docker"

Sun Aug 16 20:26:09 2020 rev:104 rq:826658 version:19.03.12_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2020-06-30 
23:02:49.618626363 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new.3399/docker.changes  2020-08-16 
20:26:13.770063428 +0200
@@ -1,0 +2,5 @@
+Mon Aug  3 16:58:07 UTC 2020 - Callum Farmer 
+
+- Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)
+
+---



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.nD4jc2/_old  2020-08-16 20:26:16.350064854 +0200
+++ /var/tmp/diff_new_pack.nD4jc2/_new  2020-08-16 20:26:16.354064857 +0200
@@ -416,6 +416,7 @@
 
 %if "%flavour" == "kubic"
 # place kubelet.env in fillupdir (for kubeadm-criconfig)
+sed -e 's-@LIBEXECDIR@-%{_libexecdir}-g' -i %{SOURCE5}
 install -D -m 0644 %{SOURCE5} %{buildroot}%{_fillupdir}/sysconfig.kubelet
 %endif
 

++ kubelet.env ++
--- /var/tmp/diff_new_pack.nD4jc2/_old  2020-08-16 20:26:16.518064948 +0200
+++ /var/tmp/diff_new_pack.nD4jc2/_new  2020-08-16 20:26:16.522064949 +0200
@@ -1 +1 @@
-KUBELET_EXTRA_ARGS="--cni-bin-dir=/usr/lib/cni"
+KUBELET_EXTRA_ARGS="--cni-bin-dir=@LIBEXECDIR@/cni"




commit docker for openSUSE:Factory

2020-06-30 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2020-06-30 23:02:49

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new.3060 (New)


Package is "docker"

Tue Jun 30 23:02:49 2020 rev:103 rq: version:19.03.12_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2020-06-29 
21:15:19.885220745 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new.3060/docker.changes  2020-06-30 
23:02:49.618626363 +0200
@@ -1,0 +2,6 @@
+Tue Jun 30 23:00:00 UTC 2020 - Dominique Leuenberger 
+
+- Emergency fix: %requires_eq does not work with provide symbols,
+  only effective package names. Convert back to regular Requires.
+
+---



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.hnkXvM/_old  2020-06-30 23:02:50.454628803 +0200
+++ /var/tmp/diff_new_pack.hnkXvM/_new  2020-06-30 23:02:50.458628814 +0200
@@ -105,16 +105,16 @@
 # for some old packaging issues (where rpm would delete a binary that was
 # installed by docker-libnetwork). See bsc#1057743 for more details.
 BuildRequires:  docker-libnetwork%{name_suffix}-git = %{required_libnetwork}
-%requires_eqdocker-libnetwork%{name_suffix}-git
+Requires:   docker-libnetwork%{name_suffix}-git = %{required_libnetwork}
 Requires:   fix_bsc_1057743
 # Containerd and runC are required as they are the only currently supported
 # execdrivers of Docker. NOTE: The version pinning here matches upstream's
 # vendor.conf to ensure that we don't use a slightly incompatible version of
 # runC or containerd (which would be bad).
 BuildRequires:  containerd%{name_suffix}-git  = %{required_containerd}
-%requires_eqcontainerd%{name_suffix}-git
+Requires:   containerd%{name_suffix}-git = %{required_containerd}
 BuildRequires:  docker-runc%{name_suffix}-git = %{required_dockerrunc}
-%requires_eqdocker-runc%{name_suffix}-git
+Requires:   docker-runc%{name_suffix}-git = %{required_dockerrunc}
 # Needed for --init support. We don't use "tini", we use our own implementation
 # which handles edge-cases better.
 Requires:   catatonit




commit docker for openSUSE:Factory

2020-06-29 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2020-06-29 21:15:10

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new.3060 (New)


Package is "docker"

Mon Jun 29 21:15:10 2020 rev:102 rq:817374 version:19.03.12_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2020-06-05 
20:09:17.133558872 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new.3060/docker.changes  2020-06-29 
21:15:19.885220745 +0200
@@ -1,0 +2,12 @@
+Thu Jun 25 21:54:46 UTC 2020 - Aleksa Sarai 
+
+- Update to Docker 19.03.12-ce. See upstream changelog in the packaged
+  /usr/share/doc/packages/docker/CHANGELOG.md.
+- Use Go 1.13 instead of Go 1.14 because Go 1.14 can cause all sorts of
+  spurrious errors due to Go returning -EINTR from I/O syscalls much more often
+  (due to Go 1.14's pre-emptive goroutine support).
+  - bsc1172377-0001-unexport-testcase.Cleanup-to-fix-Go-1.14.patch
+- Add BuildRequires for all -git dependencies so that we catch missing
+  dependencies much more quickly.
+
+---

Old:

  bsc1172377-0001-unexport-testcase.Cleanup-to-fix-Go-1.14.patch
  docker-19.03.11_ce_42e35e61f352.tar.xz

New:

  docker-19.03.12_ce_48a66213fe17.tar.xz



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.xK1o70/_old  2020-06-29 21:15:21.961227169 +0200
+++ /var/tmp/diff_new_pack.xK1o70/_new  2020-06-29 21:15:21.961227169 +0200
@@ -42,17 +42,17 @@
 # helpfully injects into our build environment from the changelog). If you want
 # to generate a new git_commit_epoch, use this:
 #  $ date --date="$(git show --format=fuller --date=iso $COMMIT_ID | grep -oP 
'(?<=^CommitDate: ).*')" '+%s'
-%define git_version 42e35e61f352
-%define git_commit_epoch 1591001995
+%define git_version 48a66213fe17
+%define git_commit_epoch 1592522265
 
 # These are the git commits required. We verify them against the source to make
 # sure we didn't miss anything important when doing upgrades.
 %define required_containerd 7ad184331fa3e55e52b890ea95e65ba581ae3429
 %define required_dockerrunc dc9208a3303feef5b3839f4323d9beb36df0a9dd
-%define required_libnetwork 153d0769a1181bf591a9637fd487a541ec7db1e6
+%define required_libnetwork 026aabaa659832804b01754aaadd2c0f420c68b6
 
 Name:   %{realname}%{name_suffix}
-Version:19.03.11_ce
+Version:19.03.12_ce
 Release:0
 Summary:The Moby-project Linux container runtime
 License:Apache-2.0
@@ -83,8 +83,6 @@
 Patch401:   
bsc1073877-0001-apparmor-clobber-docker-default-profile-on-start.patch
 # SUSE-BACKPORT: Backport of https://github.com/docker/docker/pull/39121. 
bsc#1122469
 Patch402:   bsc1122469-0001-apparmor-allow-readby-and-tracedby.patch
-# FIX-UPSTREAM: Backport of 
https://github.com/gotestyourself/gotest.tools/pull/169. bsc#1172377
-Patch410:   bsc1172377-0001-unexport-testcase.Cleanup-to-fix-Go-1.14.patch
 # SUSE-FEATURE: Add support to mirror inofficial/private registries
 #   (https://github.com/docker/docker/pull/34319)
 Patch500:   private-registry-0001-Add-private-registry-mirror-support.patch
@@ -106,14 +104,17 @@
 # Required in order for networking to work. fix_bsc_1057743 is a work-around
 # for some old packaging issues (where rpm would delete a binary that was
 # installed by docker-libnetwork). See bsc#1057743 for more details.
-Requires:   docker-libnetwork%{name_suffix}-git = %{required_libnetwork}
+BuildRequires:  docker-libnetwork%{name_suffix}-git = %{required_libnetwork}
+%requires_eqdocker-libnetwork%{name_suffix}-git
 Requires:   fix_bsc_1057743
 # Containerd and runC are required as they are the only currently supported
 # execdrivers of Docker. NOTE: The version pinning here matches upstream's
 # vendor.conf to ensure that we don't use a slightly incompatible version of
 # runC or containerd (which would be bad).
-Requires:   containerd%{name_suffix}-git  = %{required_containerd}
-Requires:   docker-runc%{name_suffix}-git = %{required_dockerrunc}
+BuildRequires:  containerd%{name_suffix}-git  = %{required_containerd}
+%requires_eqcontainerd%{name_suffix}-git
+BuildRequires:  docker-runc%{name_suffix}-git = %{required_dockerrunc}
+%requires_eqdocker-runc%{name_suffix}-git
 # Needed for --init support. We don't use "tini", we use our own implementation
 # which handles edge-cases better.
 Requires:   catatonit
@@ -138,7 +139,9 @@
 Conflicts:  lxc < 1.0
 ExcludeArch:s390 ppc
 BuildRequires:  go-go-md2man
-BuildRequires:  golang(API) >= 1.13
+# We cannot use Go 1.14 because it breaks io.Copy (among other things) by
+# returning -EINTR 

commit docker for openSUSE:Factory

2020-06-05 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2020-06-05 20:05:42

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new.3606 (New)


Package is "docker"

Fri Jun  5 20:05:42 2020 rev:101 rq:88 version:19.03.11_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2020-01-13 
22:15:18.158345077 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new.3606/docker.changes  2020-06-05 
20:09:17.133558872 +0200
@@ -1,0 +2,9 @@
+Tue Jun  2 08:37:06 UTC 2020 - Aleksa Sarai 
+
+- Update to Docker 19.03.11-ce. See upstream changelog in the packaged
+  /usr/share/doc/packages/docker/CHANGELOG.md. bsc#1172377 CVE-2020-13401
+- Backport https://github.com/gotestyourself/gotest.tools/pull/169 so that we
+  can build Docker with Go 1.14 (upstream uses Go 1.13).
+  + bsc1172377-0001-unexport-testcase.Cleanup-to-fix-Go-1.14.patch
+
+---

Old:

  docker-19.03.5_ce_633a0ea838f1.tar.xz

New:

  bsc1172377-0001-unexport-testcase.Cleanup-to-fix-Go-1.14.patch
  docker-19.03.11_ce_42e35e61f352.tar.xz



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.9so8hW/_old  2020-06-05 20:09:18.221562382 +0200
+++ /var/tmp/diff_new_pack.9so8hW/_new  2020-06-05 20:09:18.225562395 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package docker
 #
-# Copyright (c) 2019 SUSE LLC
+# Copyright (c) 2020 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -42,17 +42,17 @@
 # helpfully injects into our build environment from the changelog). If you want
 # to generate a new git_commit_epoch, use this:
 #  $ date --date="$(git show --format=fuller --date=iso $COMMIT_ID | grep -oP 
'(?<=^CommitDate: ).*')" '+%s'
-%define git_version 633a0ea838f1
-%define git_commit_epoch 1573629549
+%define git_version 42e35e61f352
+%define git_commit_epoch 1591001995
 
 # These are the git commits required. We verify them against the source to make
 # sure we didn't miss anything important when doing upgrades.
-%define required_containerd b34a5c8af56e510852c35414db4c1f4fa6172339
-%define required_dockerrunc 3e425f80a8c931f88e6d94a8c831b9d5aa481657
-%define required_libnetwork 3eb39382bfa6a3c42f83674ab080ae13b0e34e5d
+%define required_containerd 7ad184331fa3e55e52b890ea95e65ba581ae3429
+%define required_dockerrunc dc9208a3303feef5b3839f4323d9beb36df0a9dd
+%define required_libnetwork 153d0769a1181bf591a9637fd487a541ec7db1e6
 
 Name:   %{realname}%{name_suffix}
-Version:19.03.5_ce
+Version:19.03.11_ce
 Release:0
 Summary:The Moby-project Linux container runtime
 License:Apache-2.0
@@ -83,6 +83,8 @@
 Patch401:   
bsc1073877-0001-apparmor-clobber-docker-default-profile-on-start.patch
 # SUSE-BACKPORT: Backport of https://github.com/docker/docker/pull/39121. 
bsc#1122469
 Patch402:   bsc1122469-0001-apparmor-allow-readby-and-tracedby.patch
+# FIX-UPSTREAM: Backport of 
https://github.com/gotestyourself/gotest.tools/pull/169. bsc#1172377
+Patch410:   bsc1172377-0001-unexport-testcase.Cleanup-to-fix-Go-1.14.patch
 # SUSE-FEATURE: Add support to mirror inofficial/private registries
 #   (https://github.com/docker/docker/pull/34319)
 Patch500:   private-registry-0001-Add-private-registry-mirror-support.patch
@@ -97,8 +99,8 @@
 BuildRequires:  libtool
 BuildRequires:  procps
 BuildRequires:  sqlite3-devel
-BuildRequires:  pkgconfig(libsystemd)
 BuildRequires:  zsh
+BuildRequires:  pkgconfig(libsystemd)
 Requires:   apparmor-parser
 Requires:   ca-certificates-mozilla
 # Required in order for networking to work. fix_bsc_1057743 is a work-around
@@ -136,7 +138,7 @@
 Conflicts:  lxc < 1.0
 ExcludeArch:s390 ppc
 BuildRequires:  go-go-md2man
-BuildRequires:  golang(API) >= 1.12
+BuildRequires:  golang(API) >= 1.13
 # KUBIC-SPECIFIC: This was required when upgrading from the original kubic
 # packaging, when everything was renamed to -kubic. It also is
 # used to ensure that nothing complains too much when using
@@ -263,6 +265,8 @@
 %patch401 -p1
 # bsc#1122469
 %patch402 -p1
+# bsc#1172377
+%patch410 -p1
 %if "%flavour" == "kubic"
 # PATCH-SUSE: Mirror patch.
 %patch500 -p1
@@ -349,9 +353,9 @@
 # of the upstream vendoring scripts. This is done on-build to make sure that
 # someone doing an update didn't miss anything.
 cd components/engine
-grep 'RUNC_COMMIT=%{required_dockerrunc}'   
hack/dockerfile/install/runc.installer
-grep 'CONTAINERD_COMMIT=%{required_containerd}' 

commit docker for openSUSE:Factory

2020-01-13 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2020-01-13 22:15:03

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new.6675 (New)


Package is "docker"

Mon Jan 13 22:15:03 2020 rev:100 rq:758650 version:19.03.5_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2019-12-18 
14:46:26.281887013 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new.6675/docker.changes  2020-01-13 
22:15:18.158345077 +0100
@@ -1,0 +2,6 @@
+Thu Dec 19 15:42:26 UTC 2019 - Dominique Leuenberger 
+
+- BuildRequire pkgconfig(libsystemd) instead of systemd-devel:
+  Allow OBS to shortcut through the -mini flavors.
+
+---



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.llBT5p/_old  2020-01-13 22:15:19.610345751 +0100
+++ /var/tmp/diff_new_pack.llBT5p/_new  2020-01-13 22:15:19.614345752 +0100
@@ -97,7 +97,7 @@
 BuildRequires:  libtool
 BuildRequires:  procps
 BuildRequires:  sqlite3-devel
-BuildRequires:  systemd-devel
+BuildRequires:  pkgconfig(libsystemd)
 BuildRequires:  zsh
 Requires:   apparmor-parser
 Requires:   ca-certificates-mozilla




commit docker for openSUSE:Factory

2019-12-18 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2019-12-18 14:43:18

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new.4691 (New)


Package is "docker"

Wed Dec 18 14:43:18 2019 rev:99 rq:756079 version:19.03.5_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2019-12-11 
12:03:22.136784677 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new.4691/docker.changes  2019-12-18 
14:46:26.281887013 +0100
@@ -1,0 +2,11 @@
+Thu Dec 12 13:27:21 UTC 2019 - Aleksa Sarai 
+
+- Add backport of https://github.com/docker/docker/pull/39121. bsc#1122469
+  + bsc1122469-0001-apparmor-allow-readby-and-tracedby.patch
+
+---
+Wed Dec 11 23:55:40 UTC 2019 - Aleksa Sarai 
+
+- Support older SLE systems which don't have "usermod -w -v".
+
+---
@@ -67 +78,2 @@
-  /usr/share/doc/packages/docker/CHANGELOG.md. bsc#1142160 CVE-2019-13509
+  /usr/share/doc/packages/docker/CHANGELOG.md.
+  * Includes fixes for CVE-2019-13509 bsc#1142160.
@@ -148,0 +161,2 @@
+  * Includes fix for CVE-2018-10892 bsc#1100331.
+  * Includes fix for CVE-2018-20699 bsc#1121768.

New:

  bsc1122469-0001-apparmor-allow-readby-and-tracedby.patch



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.PMgLqi/_old  2019-12-18 14:46:27.581887608 +0100
+++ /var/tmp/diff_new_pack.PMgLqi/_new  2019-12-18 14:46:27.581887608 +0100
@@ -77,10 +77,12 @@
 # branch in http://github.com/suse/docker.mirror.
 Patch200:   
secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
 Patch201:   secrets-0002-SUSE-implement-SUSE-container-secrets.patch
+# SUSE-ISSUE: Revert of https://github.com/docker/docker/pull/37907.
+Patch300:   
packaging-0001-revert-Remove-docker-prefix-for-containerd-and-runc-.patch
 # SUSE-BACKPORT: Backport of https://github.com/docker/docker/pull/37353. 
bsc#1099277
 Patch401:   
bsc1073877-0001-apparmor-clobber-docker-default-profile-on-start.patch
-# SUSE-ISSUE: Revert of https://github.com/docker/docker/pull/37907.
-Patch402:   
packaging-0001-revert-Remove-docker-prefix-for-containerd-and-runc-.patch
+# SUSE-BACKPORT: Backport of https://github.com/docker/docker/pull/39121. 
bsc#1122469
+Patch402:   bsc1122469-0001-apparmor-allow-readby-and-tracedby.patch
 # SUSE-FEATURE: Add support to mirror inofficial/private registries
 #   (https://github.com/docker/docker/pull/34319)
 Patch500:   private-registry-0001-Add-private-registry-mirror-support.patch
@@ -255,9 +257,11 @@
 %patch200 -p1
 %patch201 -p1
 %endif
+# revert upstream
+%patch300 -p1
 # bsc#1099277
 %patch401 -p1
-# revert upstream
+# bsc#1122469
 %patch402 -p1
 %if "%flavour" == "kubic"
 # PATCH-SUSE: Mirror patch.
@@ -419,12 +423,21 @@
 # used for --userns-remap=default.
 getent passwd dockremap >/dev/null || \
useradd -Ur -p '!' -s /bin/false -c 'docker --userns-remap=default' 
dockremap
+
+# /etc/sub[ug]id should exist already (it's part of shadow-utils), but older
+# distros don't have it. Docker just parses it and doesn't need any special
+# shadow-utils helpers.
+touch /etc/subuid /etc/subgid ||:
+
 # "useradd -r" doesn't add sub[ug]ids so we manually add some. Hopefully there
 # aren't any conflicts here, because usermod doesn't provide the same "get
 # unusued range" feature that dockremap does.
-touch /etc/sub{uid,gid}
-grep -q '^dockremap:' /etc/sub{uid,gid} || \
-   usermod -v 1-2 -w 1-2 dockremap
+grep -q '^dockremap:' /etc/subuid || \
+   usermod -v 1-2 dockremap &>/dev/null || \
+   echo "dockremap:1:10001" >>/etc/subuid ||:
+grep -q '^dockremap:' /etc/subgid || \
+   usermod -w 1-2 dockremap &>/dev/null || \
+   echo "dockremap:1:10001" >>/etc/subgid ||:
 
 %service_add_pre %{realname}.service
 

++ bsc1122469-0001-apparmor-allow-readby-and-tracedby.patch ++
>From cb676052272ed4f6f3b901dbc21510fabf742860 Mon Sep 17 00:00:00 2001
From: Goldwyn Rodrigues 
Date: Mon, 22 Apr 2019 09:08:28 -0500
Subject: [PATCH] apparmor: allow readby and tracedby

Fixes audit errors such as:

type=AVC msg=audit(1550236803.810:143):
apparmor="DENIED" operation="ptrace" profile="docker-default"
pid=3181 comm="ps" requested_mask="readby" denied_mask="readby"
peer="docker-default"

audit(1550236375.918:3): apparmor="DENIED" operation="ptrace"
profile="docker-default" pid=2267 comm="ps"
requested_mask="tracedby" denied_mask="tracedby"
peer="docker-default"

SUSE-Bugs: bsc#1122469
Signed-off-by: Goldwyn Rodrigues 
Signed-off-by: 

commit docker for openSUSE:Factory

2019-12-11 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2019-12-11 12:02:56

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new.4691 (New)


Package is "docker"

Wed Dec 11 12:02:56 2019 rev:98 rq:754552 version:19.03.5_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2019-11-19 
12:58:50.382152450 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new.4691/docker.changes  2019-12-11 
12:03:22.136784677 +0100
@@ -5 +5 @@
-  /usr/share/doc/packages/docker/CHANGELOG.md.
+  /usr/share/doc/packages/docker/CHANGELOG.md. bsc#1158590



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.wbmnFO/_old  2019-12-11 12:03:23.160784246 +0100
+++ /var/tmp/diff_new_pack.wbmnFO/_new  2019-12-11 12:03:23.164784245 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package docker
 #
-# Copyright (c) 2019 SUSE LLC.
+# Copyright (c) 2019 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed




commit docker for openSUSE:Factory

2019-11-19 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2019-11-19 12:58:48

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new.26869 (New)


Package is "docker"

Tue Nov 19 12:58:48 2019 rev:97 rq:749316 version:19.03.5_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2019-11-12 
11:54:15.391269000 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new.26869/docker.changes 2019-11-19 
12:58:50.382152450 +0100
@@ -1,0 +2,6 @@
+Mon Nov 18 04:46:31 UTC 2019 - Aleksa Sarai 
+
+- Update to Docker 19.03.5-ce. See upstream changelog in the packaged
+  /usr/share/doc/packages/docker/CHANGELOG.md.
+
+---
@@ -19,0 +26,5 @@
+
+---
+Sun Sep 22 17:41:56 UTC 2019 - Chris Coutinho 
+
+- Fix zsh-completion (docker -> _docker)

Old:

  docker-19.03.4_ce_9013bf583a21.tar.xz

New:

  docker-19.03.5_ce_633a0ea838f1.tar.xz



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.a0zAuh/_old  2019-11-19 12:58:52.274151255 +0100
+++ /var/tmp/diff_new_pack.a0zAuh/_new  2019-11-19 12:58:52.278151253 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package docker
 #
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LLC.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -42,8 +42,8 @@
 # helpfully injects into our build environment from the changelog). If you want
 # to generate a new git_commit_epoch, use this:
 #  $ date --date="$(git show --format=fuller --date=iso $COMMIT_ID | grep -oP 
'(?<=^CommitDate: ).*')" '+%s'
-%define git_version 9013bf583a21
-%define git_commit_epoch 1571353729
+%define git_version 633a0ea838f1
+%define git_commit_epoch 1573629549
 
 # These are the git commits required. We verify them against the source to make
 # sure we didn't miss anything important when doing upgrades.
@@ -52,12 +52,12 @@
 %define required_libnetwork 3eb39382bfa6a3c42f83674ab080ae13b0e34e5d
 
 Name:   %{realname}%{name_suffix}
-Version:19.03.4_ce
+Version:19.03.5_ce
 Release:0
 Summary:The Moby-project Linux container runtime
 License:Apache-2.0
 Group:  System/Management
-Url:http://www.docker.io
+URL:http://www.docker.io
 # TODO(VR): check those SOURCE files below
 Source: %{realname}-%{version}_%{git_version}.tar.xz
 Source1:docker.service
@@ -359,7 +359,7 @@
%{buildroot}%{_sbindir}
 
 install -D -m0644 components/cli/contrib/completion/bash/docker 
"%{buildroot}%{_datarootdir}/bash-completion/completions/%{realname}"
-install -D -m0644 components/cli/contrib/completion/zsh/_docker 
"%{buildroot}%{_sysconfdir}/zsh_completion.d/%{realname}"
+install -D -m0644 components/cli/contrib/completion/zsh/_docker 
"%{buildroot}%{_sysconfdir}/zsh_completion.d/_%{realname}"
 
 #
 # systemd service
@@ -476,7 +476,7 @@
 
 %files zsh-completion
 %defattr(-,root,root)
-%{_sysconfdir}/zsh_completion.d/%{realname}
+%{_sysconfdir}/zsh_completion.d/_%{realname}
 
 %files test
 %defattr(-,root,root)

++ _service ++
--- /var/tmp/diff_new_pack.a0zAuh/_old  2019-11-19 12:58:52.342151212 +0100
+++ /var/tmp/diff_new_pack.a0zAuh/_new  2019-11-19 12:58:52.342151212 +0100
@@ -3,8 +3,8 @@
 https://github.com/docker/docker-ce.git
 git
 .git
-19.03.4_ce_%h
-v19.03.4
+19.03.5_ce_%h
+v19.03.5
 docker
   
   

++ docker-19.03.4_ce_9013bf583a21.tar.xz -> 
docker-19.03.5_ce_633a0ea838f1.tar.xz ++
/work/SRC/openSUSE:Factory/docker/docker-19.03.4_ce_9013bf583a21.tar.xz 
/work/SRC/openSUSE:Factory/.docker.new.26869/docker-19.03.5_ce_633a0ea838f1.tar.xz
 differ: char 26, line 1




commit docker for openSUSE:Factory

2019-11-12 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2019-11-12 11:54:00

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new.2990 (New)


Package is "docker"

Tue Nov 12 11:54:00 2019 rev:96 rq:742814 version:19.03.4_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2019-10-23 
15:47:39.466487546 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new.2990/docker.changes  2019-11-12 
11:54:15.391269000 +0100
@@ -1,0 +2,6 @@
+Sat Oct 19 11:21:03 UTC 2019 - Aleksa Sarai 
+
+- Update to Docker 19.03.4-ce. See upstream changelog in the packaged
+  /usr/share/doc/packages/docker/CHANGELOG.md.
+
+---

Old:

  docker-19.03.3_ce_a872fc2f86c0.tar.xz

New:

  docker-19.03.4_ce_9013bf583a21.tar.xz



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.9TTKKE/_old  2019-11-12 11:54:18.031271700 +0100
+++ /var/tmp/diff_new_pack.9TTKKE/_new  2019-11-12 11:54:18.035271704 +0100
@@ -42,17 +42,17 @@
 # helpfully injects into our build environment from the changelog). If you want
 # to generate a new git_commit_epoch, use this:
 #  $ date --date="$(git show --format=fuller --date=iso $COMMIT_ID | grep -oP 
'(?<=^CommitDate: ).*')" '+%s'
-%define git_version a872fc2f86c0
-%define git_commit_epoch 1570493609
+%define git_version 9013bf583a21
+%define git_commit_epoch 1571353729
 
 # These are the git commits required. We verify them against the source to make
 # sure we didn't miss anything important when doing upgrades.
 %define required_containerd b34a5c8af56e510852c35414db4c1f4fa6172339
 %define required_dockerrunc 3e425f80a8c931f88e6d94a8c831b9d5aa481657
-%define required_libnetwork 45c710223c5fbf04dc3028b9a90b51892e36ca7f
+%define required_libnetwork 3eb39382bfa6a3c42f83674ab080ae13b0e34e5d
 
 Name:   %{realname}%{name_suffix}
-Version:19.03.3_ce
+Version:19.03.4_ce
 Release:0
 Summary:The Moby-project Linux container runtime
 License:Apache-2.0

++ _service ++
--- /var/tmp/diff_new_pack.9TTKKE/_old  2019-11-12 11:54:18.111271782 +0100
+++ /var/tmp/diff_new_pack.9TTKKE/_new  2019-11-12 11:54:18.111271782 +0100
@@ -3,8 +3,8 @@
 https://github.com/docker/docker-ce.git
 git
 .git
-19.03.3_ce_%h
-v19.03.3
+19.03.4_ce_%h
+v19.03.4
 docker
   
   

++ docker-19.03.3_ce_a872fc2f86c0.tar.xz -> 
docker-19.03.4_ce_9013bf583a21.tar.xz ++
/work/SRC/openSUSE:Factory/docker/docker-19.03.3_ce_a872fc2f86c0.tar.xz 
/work/SRC/openSUSE:Factory/.docker.new.2990/docker-19.03.4_ce_9013bf583a21.tar.xz
 differ: char 26, line 1




commit docker for openSUSE:Factory

2019-10-23 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2019-10-23 15:47:36

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new.2352 (New)


Package is "docker"

Wed Oct 23 15:47:36 2019 rev:95 rq:736409 version:19.03.3_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2019-10-05 
16:19:23.525579888 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new.2352/docker.changes  2019-10-23 
15:47:39.466487546 +0200
@@ -1,0 +2,8 @@
+Tue Oct  8 21:47:56 UTC 2019 - Aleksa Sarai 
+
+- Drop containerd.service workaround (we've released enough versions without
+  containerd.service -- there's no need to support package upgrades that old).
+- Update to Docker 19.03.3-ce. See upstream changelog in the packaged
+  /usr/share/doc/packages/docker/CHANGELOG.md. bsc#1153367
+
+---

Old:

  docker-19.03.2_ce_6a30dfca0366.tar.xz

New:

  docker-19.03.3_ce_a872fc2f86c0.tar.xz



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.UgwG7o/_old  2019-10-23 15:47:40.698488878 +0200
+++ /var/tmp/diff_new_pack.UgwG7o/_new  2019-10-23 15:47:40.70242 +0200
@@ -42,17 +42,17 @@
 # helpfully injects into our build environment from the changelog). If you want
 # to generate a new git_commit_epoch, use this:
 #  $ date --date="$(git show --format=fuller --date=iso $COMMIT_ID | grep -oP 
'(?<=^CommitDate: ).*')" '+%s'
-%define git_version 6a30dfca0366
-%define git_commit_epoch 1567053734
+%define git_version a872fc2f86c0
+%define git_commit_epoch 1570493609
 
 # These are the git commits required. We verify them against the source to make
 # sure we didn't miss anything important when doing upgrades.
-%define required_containerd 894b81a4b802e4eb2a91d1ce216b8817763c29fb
-%define required_dockerrunc 425e105d5a03fabd737a126ad93d62a9eeede87f
-%define required_libnetwork fc5a7d91d54cc98f64fc28f9e288b46a0bee756c
+%define required_containerd b34a5c8af56e510852c35414db4c1f4fa6172339
+%define required_dockerrunc 3e425f80a8c931f88e6d94a8c831b9d5aa481657
+%define required_libnetwork 45c710223c5fbf04dc3028b9a90b51892e36ca7f
 
 Name:   %{realname}%{name_suffix}
-Version:19.03.2_ce
+Version:19.03.3_ce
 Release:0
 Summary:The Moby-project Linux container runtime
 License:Apache-2.0
@@ -352,7 +352,7 @@
 %install
 install -d %{buildroot}%{_bindir}
 install -D -m755 components/cli/build/docker %{buildroot}/%{_bindir}/docker
-install -D -m755 components/engine/bundles/latest/dynbinary-daemon/dockerd 
%{buildroot}/%{_bindir}/dockerd
+install -D -m755 components/engine/bundles/dynbinary-daemon/dockerd 
%{buildroot}/%{_bindir}/dockerd
 install -d %{buildroot}/%{_localstatedir}/lib/docker
 install -Dd -m 0755 \
%{buildroot}%{_sysconfdir}/init.d \
@@ -432,17 +432,6 @@
 %service_add_post %{realname}.service
 %{fillup_only -n docker}
 
-# NOTE: This is a pretty hacky way of getting around the fact we've removed
-#   containerd.service and now everything is spawned underneath Docker. In
-#   order to force containerd.service to be stopped on the upgrade we need
-#   to trick the systemd macros into thinking that this is an "uninstall".
-#   Hopefully we can remove this soon.
-(
-   FIRST_ARG=0
-   %service_del_preun containerd.service containerd.socket
-   %service_del_postun containerd.service containerd.socket
-)
-
 %if "%flavour" == "kubic"
 %post kubeadm-criconfig
 %fillup_only -n kubelet

++ _service ++
--- /var/tmp/diff_new_pack.UgwG7o/_old  2019-10-23 15:47:40.826489016 +0200
+++ /var/tmp/diff_new_pack.UgwG7o/_new  2019-10-23 15:47:40.830489020 +0200
@@ -3,8 +3,8 @@
 https://github.com/docker/docker-ce.git
 git
 .git
-19.03.2_ce_%h
-v19.03.2
+19.03.3_ce_%h
+v19.03.3
 docker
   
   

++ docker-19.03.2_ce_6a30dfca0366.tar.xz -> 
docker-19.03.3_ce_a872fc2f86c0.tar.xz ++
/work/SRC/openSUSE:Factory/docker/docker-19.03.2_ce_6a30dfca0366.tar.xz 
/work/SRC/openSUSE:Factory/.docker.new.2352/docker-19.03.3_ce_a872fc2f86c0.tar.xz
 differ: char 26, line 1




commit docker for openSUSE:Factory

2019-10-05 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2019-10-05 16:19:00

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new.2352 (New)


Package is "docker"

Sat Oct  5 16:19:00 2019 rev:94 rq:734439 version:19.03.2_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2019-07-30 
12:37:07.154951761 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new.2352/docker.changes  2019-10-05 
16:19:23.525579888 +0200
@@ -1,0 +2,6 @@
+Tue Oct  1 23:54:25 UTC 2019 - Aleksa Sarai 
+
+- Update to Docker 19.03.2-ce. See upstream changelog in the packaged
+  /usr/share/doc/packages/docker/CHANGELOG.md. bsc#1150397
+
+---

Old:

  docker-19.03.1_ce_74b1e89e8ac6.tar.xz

New:

  docker-19.03.2_ce_6a30dfca0366.tar.xz



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.R62Fcl/_old  2019-10-05 16:19:25.533574660 +0200
+++ /var/tmp/diff_new_pack.R62Fcl/_new  2019-10-05 16:19:25.541574639 +0200
@@ -42,8 +42,8 @@
 # helpfully injects into our build environment from the changelog). If you want
 # to generate a new git_commit_epoch, use this:
 #  $ date --date="$(git show --format=fuller --date=iso $COMMIT_ID | grep -oP 
'(?<=^CommitDate: ).*')" '+%s'
-%define git_version 74b1e89e8ac6
-%define git_commit_epoch 1564087121
+%define git_version 6a30dfca0366
+%define git_commit_epoch 1567053734
 
 # These are the git commits required. We verify them against the source to make
 # sure we didn't miss anything important when doing upgrades.
@@ -52,7 +52,7 @@
 %define required_libnetwork fc5a7d91d54cc98f64fc28f9e288b46a0bee756c
 
 Name:   %{realname}%{name_suffix}
-Version:19.03.1_ce
+Version:19.03.2_ce
 Release:0
 Summary:The Moby-project Linux container runtime
 License:Apache-2.0
@@ -422,8 +422,9 @@
 # "useradd -r" doesn't add sub[ug]ids so we manually add some. Hopefully there
 # aren't any conflicts here, because usermod doesn't provide the same "get
 # unusued range" feature that dockremap does.
-grep -q '^dockremap:' /etc/sub[ug]id || \
-   usermod -v 1-100065536 -w 1-100065536 dockremap
+touch /etc/sub{uid,gid}
+grep -q '^dockremap:' /etc/sub{uid,gid} || \
+   usermod -v 1-2 -w 1-2 dockremap
 
 %service_add_pre %{realname}.service
 

++ _service ++
--- /var/tmp/diff_new_pack.R62Fcl/_old  2019-10-05 16:19:25.601574483 +0200
+++ /var/tmp/diff_new_pack.R62Fcl/_new  2019-10-05 16:19:25.605574472 +0200
@@ -3,8 +3,8 @@
 https://github.com/docker/docker-ce.git
 git
 .git
-19.03.1_ce_%h
-v19.03.1
+19.03.2_ce_%h
+v19.03.2
 docker
   
   

++ docker-19.03.1_ce_74b1e89e8ac6.tar.xz -> 
docker-19.03.2_ce_6a30dfca0366.tar.xz ++
/work/SRC/openSUSE:Factory/docker/docker-19.03.1_ce_74b1e89e8ac6.tar.xz 
/work/SRC/openSUSE:Factory/.docker.new.2352/docker-19.03.2_ce_6a30dfca0366.tar.xz
 differ: char 26, line 1




commit docker for openSUSE:Factory

2019-07-30 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2019-07-30 12:37:03

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new.4126 (New)


Package is "docker"

Tue Jul 30 12:37:03 2019 rev:93 rq:719750 version:19.03.1_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2019-07-28 
10:16:57.940598564 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new.4126/docker.changes  2019-07-30 
12:37:07.154951761 +0200
@@ -1,0 +2,13 @@
+Tue Jul 30 05:14:44 UTC 2019 - Aleksa Sarai 
+
+- Fix default installation such that --userns-remap=default works properly
+  (this appears to be an upstream regression, where --userns-remap=default
+  doesn't auto-create the group and results in an error on-start). boo#1143349
+
+---
+Fri Jul 26 12:49:18 UTC 2019 - Aleksa Sarai 
+
+- Update to Docker 19.03.1-ce. See upstream changelog in the packaged
+  /usr/share/doc/packages/docker/CHANGELOG.md. CVE-2019-14271
+
+---

Old:

  docker-19.03.0_ce_aeac9490dc54.tar.xz

New:

  docker-19.03.1_ce_74b1e89e8ac6.tar.xz



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.iGD76r/_old  2019-07-30 12:37:08.498951590 +0200
+++ /var/tmp/diff_new_pack.iGD76r/_new  2019-07-30 12:37:08.506951589 +0200
@@ -42,8 +42,8 @@
 # helpfully injects into our build environment from the changelog). If you want
 # to generate a new git_commit_epoch, use this:
 #  $ date --date="$(git show --format=fuller --date=iso $COMMIT_ID | grep -oP 
'(?<=^CommitDate: ).*')" '+%s'
-%define git_version aeac9490dc54
-%define git_commit_epoch 1563384968
+%define git_version 74b1e89e8ac6
+%define git_commit_epoch 1564087121
 
 # These are the git commits required. We verify them against the source to make
 # sure we didn't miss anything important when doing upgrades.
@@ -52,7 +52,7 @@
 %define required_libnetwork fc5a7d91d54cc98f64fc28f9e288b46a0bee756c
 
 Name:   %{realname}%{name_suffix}
-Version:19.03.0_ce
+Version:19.03.1_ce
 Release:0
 Summary:The Moby-project Linux container runtime
 License:Apache-2.0
@@ -413,7 +413,18 @@
 %fdupes %{buildroot}
 
 %pre
+# /var/run/docker.sock group owner.
 getent group docker >/dev/null || groupadd -r docker
+
+# used for --userns-remap=default.
+getent passwd dockremap >/dev/null || \
+   useradd -Ur -p '!' -s /bin/false -c 'docker --userns-remap=default' 
dockremap
+# "useradd -r" doesn't add sub[ug]ids so we manually add some. Hopefully there
+# aren't any conflicts here, because usermod doesn't provide the same "get
+# unusued range" feature that dockremap does.
+grep -q '^dockremap:' /etc/sub[ug]id || \
+   usermod -v 1-100065536 -w 1-100065536 dockremap
+
 %service_add_pre %{realname}.service
 
 %post

++ _service ++
--- /var/tmp/diff_new_pack.iGD76r/_old  2019-07-30 12:37:08.582951579 +0200
+++ /var/tmp/diff_new_pack.iGD76r/_new  2019-07-30 12:37:08.586951579 +0200
@@ -3,8 +3,8 @@
 https://github.com/docker/docker-ce.git
 git
 .git
-19.03.0_ce_%h
-v19.03.0
+19.03.1_ce_%h
+v19.03.1
 docker
   
   

++ docker-19.03.0_ce_aeac9490dc54.tar.xz -> 
docker-19.03.1_ce_74b1e89e8ac6.tar.xz ++
/work/SRC/openSUSE:Factory/docker/docker-19.03.0_ce_aeac9490dc54.tar.xz 
/work/SRC/openSUSE:Factory/.docker.new.4126/docker-19.03.1_ce_74b1e89e8ac6.tar.xz
 differ: char 26, line 1




commit docker for openSUSE:Factory

2019-07-28 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2019-07-28 10:16:44

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new.4126 (New)


Package is "docker"

Sun Jul 28 10:16:44 2019 rev:92 rq:717727 version:19.03.0_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2019-06-30 
10:19:15.499411120 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new.4126/docker.changes  2019-07-28 
10:16:57.940598564 +0200
@@ -1,0 +2,24 @@
+Mon Jul 22 22:13:30 UTC 2019 - Aleksa Sarai 
+
+- Update to Docker 19.03.0-ce. See upstream changelog in the packaged
+  /usr/share/doc/packages/docker/CHANGELOG.md. bsc#1142413
+- Remove upstreamed patches:
+  - bsc1001161-0001-oci-include-the-domainname-in-kernel.domainname.patch
+  - bsc1001161-0002-cli-add-a-separate-domainname-flag.patch
+  - bsc1047218-0001-man-obey-SOURCE_DATE_EPOCH-when-generating-man-pages.patch
+  - bsc1128746-0001-integration-cli-don-t-build-test-images-if-they-alre.patch
+- Rebase pacthes:
+  * bsc1073877-0001-apparmor-clobber-docker-default-profile-on-start.patch
+  * packaging-0001-revert-Remove-docker-prefix-for-containerd-and-runc-.patch
+  * private-registry-0001-Add-private-registry-mirror-support.patch
+  * secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
+  * secrets-0002-SUSE-implement-SUSE-container-secrets.patch
+
+---
+Wed Jul 17 23:15:33 UTC 2019 - Aleksa Sarai 
+
+- Move bash-completion to correct location.
+- Update to Docker 18.09.8-ce. See upstream changelog in the packaged
+  /usr/share/doc/packages/docker/CHANGELOG.md. bsc#1142160 CVE-2019-13509
+
+---

Old:

  bsc1001161-0001-oci-include-the-domainname-in-kernel.domainname.patch
  bsc1001161-0002-cli-add-a-separate-domainname-flag.patch
  bsc1047218-0001-man-obey-SOURCE_DATE_EPOCH-when-generating-man-pages.patch
  bsc1128746-0001-integration-cli-don-t-build-test-images-if-they-alre.patch
  docker-18.09.7_ce_2d0083d657f8.tar.xz

New:

  docker-19.03.0_ce_aeac9490dc54.tar.xz



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.4Wkis1/_old  2019-07-28 10:16:58.836598599 +0200
+++ /var/tmp/diff_new_pack.4Wkis1/_new  2019-07-28 10:16:58.836598599 +0200
@@ -42,17 +42,17 @@
 # helpfully injects into our build environment from the changelog). If you want
 # to generate a new git_commit_epoch, use this:
 #  $ date --date="$(git show --format=fuller --date=iso $COMMIT_ID | grep -oP 
'(?<=^CommitDate: ).*')" '+%s'
-%define git_version 2d0083d657f8
-%define git_commit_epoch 1561655613
+%define git_version aeac9490dc54
+%define git_commit_epoch 1563384968
 
 # These are the git commits required. We verify them against the source to make
 # sure we didn't miss anything important when doing upgrades.
 %define required_containerd 894b81a4b802e4eb2a91d1ce216b8817763c29fb
 %define required_dockerrunc 425e105d5a03fabd737a126ad93d62a9eeede87f
-%define required_libnetwork e7933d41e7b206756115aa9df5e0599fc5169742
+%define required_libnetwork fc5a7d91d54cc98f64fc28f9e288b46a0bee756c
 
 Name:   %{realname}%{name_suffix}
-Version:18.09.7_ce
+Version:19.03.0_ce
 Release:0
 Summary:The Moby-project Linux container runtime
 License:Apache-2.0
@@ -79,19 +79,11 @@
 Patch201:   secrets-0002-SUSE-implement-SUSE-container-secrets.patch
 # SUSE-BACKPORT: Backport of https://github.com/docker/docker/pull/37353. 
bsc#1099277
 Patch401:   
bsc1073877-0001-apparmor-clobber-docker-default-profile-on-start.patch
-# SUSE-BACKPORT: Backport of https://github.com/docker/cli/pull/1306. 
boo#1047218
-Patch402:   
bsc1047218-0001-man-obey-SOURCE_DATE_EPOCH-when-generating-man-pages.patch
 # SUSE-ISSUE: Revert of https://github.com/docker/docker/pull/37907.
-Patch403:   
packaging-0001-revert-Remove-docker-prefix-for-containerd-and-runc-.patch
-# SUSE-BACKPORT: Backport of https://github.com/docker/docker/pull/37302. 
bsc#1001161
-Patch404:   
bsc1001161-0001-oci-include-the-domainname-in-kernel.domainname.patch
-# SUSE-BACKPORT: Backport of https://github.com/docker/cli/pull/1130. 
bsc#1001161
-Patch405:   bsc1001161-0002-cli-add-a-separate-domainname-flag.patch
+Patch402:   
packaging-0001-revert-Remove-docker-prefix-for-containerd-and-runc-.patch
 # SUSE-FEATURE: Add support to mirror inofficial/private registries
 #   (https://github.com/docker/docker/pull/34319)
 Patch500:   private-registry-0001-Add-private-registry-mirror-support.patch
-# SUSE-BACKPORT: Backport of test-only patch 

commit docker for openSUSE:Factory

2019-06-30 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2019-06-30 10:19:13

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new.4615 (New)


Package is "docker"

Sun Jun 30 10:19:13 2019 rev:91 rq:712298 version:18.09.7_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2019-06-24 
21:47:19.635825748 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new.4615/docker.changes  2019-06-30 
10:19:15.499411120 +0200
@@ -1,0 +2,13 @@
+Fri Jun 28 01:21:19 UTC 2019 - Aleksa Sarai 
+
+- Update to Docker 18.09.7-ce. See upstream changelog in the packaged
+  /usr/share/doc/packages/docker/CHANGELOG.md. bsc#1139649
+- Remove upstreamed patches:
+  - CVE-2018-15664.patch
+
+---
+Thu Jun 27 07:12:57 UTC 2019 - Aleksa Sarai 
+
+- Use %config(noreplace) for /etc/docker/daemon.json. bsc#1138920
+
+---

Old:

  CVE-2018-15664.patch
  docker-18.09.6_ce_481bc7715621.tar.xz

New:

  docker-18.09.7_ce_2d0083d657f8.tar.xz



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.8CrHqj/_old  2019-06-30 10:19:18.435415681 +0200
+++ /var/tmp/diff_new_pack.8CrHqj/_new  2019-06-30 10:19:18.483415756 +0200
@@ -42,17 +42,17 @@
 # helpfully injects into our build environment from the changelog). If you want
 # to generate a new git_commit_epoch, use this:
 #  $ date --date="$(git show --format=fuller --date=iso $COMMIT_ID | grep -oP 
'(?<=^CommitDate: ).*')" '+%s'
-%define git_version 481bc7715621
-%define git_commit_epoch 1556935084
+%define git_version 2d0083d657f8
+%define git_commit_epoch 1561655613
 
 # These are the git commits required. We verify them against the source to make
 # sure we didn't miss anything important when doing upgrades.
-%define required_containerd bb71b10fd8f58240ca47fbb579b9d1028eea7c84
-%define required_dockerrunc 2b18fe1d885ee5083ef9f0838fee39b62d653e30
-%define required_libnetwork 872f0a83c98add6cae255c8859e29532febc0039
+%define required_containerd 894b81a4b802e4eb2a91d1ce216b8817763c29fb
+%define required_dockerrunc 425e105d5a03fabd737a126ad93d62a9eeede87f
+%define required_libnetwork e7933d41e7b206756115aa9df5e0599fc5169742
 
 Name:   %{realname}%{name_suffix}
-Version:18.09.6_ce
+Version:18.09.7_ce
 Release:0
 Summary:The Moby-project Linux container runtime
 License:Apache-2.0
@@ -87,8 +87,6 @@
 Patch404:   
bsc1001161-0001-oci-include-the-domainname-in-kernel.domainname.patch
 # SUSE-BACKPORT: Backport of https://github.com/docker/cli/pull/1130. 
bsc#1001161
 Patch405:   bsc1001161-0002-cli-add-a-separate-domainname-flag.patch
-# SUSE-BACKPORT: Backport of https://github.com/moby/moby/pull/39292. 
CVE-2018-15664 bsc#1096726
-Patch406:   CVE-2018-15664.patch
 # SUSE-FEATURE: Add support to mirror inofficial/private registries
 #   (https://github.com/docker/docker/pull/34319)
 Patch500:   private-registry-0001-Add-private-registry-mirror-support.patch
@@ -275,8 +273,6 @@
 # bsc#1001161
 %patch404 -p1
 %patch405 -p1
-#  CVE-2018-15664 bsc#1096726
-%patch406 -p1
 %if "%flavour" == "kubic"
 # PATCH-SUSE: Mirror patch.
 %patch500 -p1
@@ -469,17 +465,21 @@
 %{_bindir}/docker
 %{_bindir}/dockerd
 %{_sbindir}/rcdocker
+%dir %{_localstatedir}/lib/docker/
+
 %{_unitdir}/%{realname}.service
 %if "%flavour" == "kubic"
 %dir %{_unitdir}/%{realname}.service.d/
 %{_unitdir}/%{realname}.service.d/90-kubic.conf
 %endif
+
 %dir %{_sysconfdir}/docker
-%config %{_sysconfdir}/docker/daemon.json
+%config(noreplace) %{_sysconfdir}/docker/daemon.json
+%{_fillupdir}/sysconfig.docker
+
 %config %{_sysconfdir}/audit/rules.d/%{realname}.rules
 %{_udevrulesdir}/80-%{realname}.rules
-%{_fillupdir}/sysconfig.docker
-%dir %{_localstatedir}/lib/docker/
+
 %{_mandir}/man1/docker-*.1%{ext_man}
 %{_mandir}/man1/docker.1%{ext_man}
 %{_mandir}/man5/Dockerfile.5%{ext_man}

++ _service ++
--- /var/tmp/diff_new_pack.8CrHqj/_old  2019-06-30 10:19:19.215416893 +0200
+++ /var/tmp/diff_new_pack.8CrHqj/_new  2019-06-30 10:19:19.243416936 +0200
@@ -3,8 +3,8 @@
 https://github.com/docker/docker-ce.git
 git
 .git
-18.09.6_ce_%h
-v18.09.6
+18.09.7_ce_%h
+v18.09.7
 docker
   
   

++ docker-18.09.6_ce_481bc7715621.tar.xz -> 
docker-18.09.7_ce_2d0083d657f8.tar.xz ++
/work/SRC/openSUSE:Factory/docker/docker-18.09.6_ce_481bc7715621.tar.xz 
/work/SRC/openSUSE:Factory/.docker.new.4615/docker-18.09.7_ce_2d0083d657f8.tar.xz
 differ: char 26, line 1




commit docker for openSUSE:Factory

2019-06-24 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2019-06-24 21:47:17

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new.4615 (New)


Package is "docker"

Mon Jun 24 21:47:17 2019 rev:90 rq:708941 version:18.09.6_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2019-05-06 
21:14:36.256648084 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new.4615/docker.changes  2019-06-24 
21:47:19.635825748 +0200
@@ -1,0 +2,6 @@
+Fri Jun  7 08:36:17 UTC 2019 - Aleksa Sarai 
+
+- Add patch for CVE-2018-15664. bsc#1096726
+  + CVE-2018-15664.patch
+
+---

New:

  CVE-2018-15664.patch



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.u4ZNQI/_old  2019-06-24 21:47:22.591827979 +0200
+++ /var/tmp/diff_new_pack.u4ZNQI/_new  2019-06-24 21:47:22.627828006 +0200
@@ -87,6 +87,8 @@
 Patch404:   
bsc1001161-0001-oci-include-the-domainname-in-kernel.domainname.patch
 # SUSE-BACKPORT: Backport of https://github.com/docker/cli/pull/1130. 
bsc#1001161
 Patch405:   bsc1001161-0002-cli-add-a-separate-domainname-flag.patch
+# SUSE-BACKPORT: Backport of https://github.com/moby/moby/pull/39292. 
CVE-2018-15664 bsc#1096726
+Patch406:   CVE-2018-15664.patch
 # SUSE-FEATURE: Add support to mirror inofficial/private registries
 #   (https://github.com/docker/docker/pull/34319)
 Patch500:   private-registry-0001-Add-private-registry-mirror-support.patch
@@ -273,6 +275,8 @@
 # bsc#1001161
 %patch404 -p1
 %patch405 -p1
+#  CVE-2018-15664 bsc#1096726
+%patch406 -p1
 %if "%flavour" == "kubic"
 # PATCH-SUSE: Mirror patch.
 %patch500 -p1

++ CVE-2018-15664.patch ++
>From 33df3c9fb60ed22422c101e3fd618d5eb284c199 Mon Sep 17 00:00:00 2001
From: Brian Goff 
Date: Thu, 30 May 2019 11:15:09 -0700
Subject: [PATCH] CVE-2018-15664

This is a backported fix of the following upstream commits:

 * d089b639372a ("Pass root to chroot to for chroot Untar")
 * 3029e765e241 ("Add chroot for tar packing operations")

Signed-off-by: Brian Goff 
Signed-off-by: Aleksa Sarai 
---
 components/engine/daemon/archive.go   |  15 +-
 components/engine/daemon/export.go|   2 +-
 .../engine/pkg/chrootarchive/archive.go   |  32 +++-
 .../engine/pkg/chrootarchive/archive_unix.go  | 130 -
 .../pkg/chrootarchive/archive_windows.go  |   9 +-
 .../engine/pkg/chrootarchive/init_unix.go |   1 +
 pkg/chrootarchive/archive_unix_test.go| 171 ++
 7 files changed, 342 insertions(+), 18 deletions(-)
 create mode 100644 pkg/chrootarchive/archive_unix_test.go

diff --git a/components/engine/daemon/archive.go 
b/components/engine/daemon/archive.go
index 9c7971b56ea3..109376b4b566 100644
--- a/components/engine/daemon/archive.go
+++ b/components/engine/daemon/archive.go
@@ -31,18 +31,19 @@ type archiver interface {
 }
 
 // helper functions to extract or archive
-func extractArchive(i interface{}, src io.Reader, dst string, opts 
*archive.TarOptions) error {
+func extractArchive(i interface{}, src io.Reader, dst string, opts 
*archive.TarOptions, root string) error {
if ea, ok := i.(extractor); ok {
return ea.ExtractArchive(src, dst, opts)
}
-   return chrootarchive.Untar(src, dst, opts)
+
+   return chrootarchive.UntarWithRoot(src, dst, opts, root)
 }
 
-func archivePath(i interface{}, src string, opts *archive.TarOptions) 
(io.ReadCloser, error) {
+func archivePath(i interface{}, src string, opts *archive.TarOptions, root 
string) (io.ReadCloser, error) {
if ap, ok := i.(archiver); ok {
return ap.ArchivePath(src, opts)
}
-   return archive.TarWithOptions(src, opts)
+   return chrootarchive.Tar(src, opts, root)
 }
 
 // ContainerCopy performs a deprecated operation of archiving the resource at
@@ -238,7 +239,7 @@ func (daemon *Daemon) containerArchivePath(container 
*container.Container, path
sourceDir, sourceBase := driver.Dir(resolvedPath), 
driver.Base(resolvedPath)
opts := archive.TarResourceRebaseOpts(sourceBase, driver.Base(absPath))
 
-   data, err := archivePath(driver, sourceDir, opts)
+   data, err := archivePath(driver, sourceDir, opts, 
container.BaseFS.Path())
if err != nil {
return nil, nil, err
}
@@ -367,7 +368,7 @@ func (daemon *Daemon) containerExtractToDir(container 
*container.Container, path
}
}
 
-   if err := extractArchive(driver, content, resolvedPath, options); err 
!= nil {
+   if err := extractArchive(driver, content, resolvedPath, options, 

commit docker for openSUSE:Factory

2019-05-06 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2019-05-06 21:14:31

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new.5148 (New)


Package is "docker"

Mon May  6 21:14:31 2019 rev:89 rq:701147 version:18.09.6_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2019-03-26 
22:28:11.693766999 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new.5148/docker.changes  2019-05-06 
21:14:36.256648084 +0200
@@ -1,0 +2,26 @@
+Mon May  6 18:25:14 UTC 2019 - Aleksa Sarai 
+
+- Update to Docker 18.09.6-ce see upstream changelog in the packaged
+  /usr/share/doc/packages/docker/CHANGELOG.md.
+- Rebase patches:
+  * bsc1128746-0001-integration-cli-don-t-build-test-images-if-they-alre.patch
+
+---
+Fri May  3 14:02:46 UTC 2019 - Aleksa Sarai 
+
+- Update to Docker 18.09.5-ce see upstream changelog in the packaged
+  /usr/share/doc/packages/docker/CHANGELOG.md. bsc#1128376 boo#1134068
+- Rebase patches:
+  * bsc1001161-0001-oci-include-the-domainname-in-kernel.domainname.patch
+  * bsc1001161-0002-cli-add-a-separate-domainname-flag.patch
+  * bsc1047218-0001-man-obey-SOURCE_DATE_EPOCH-when-generating-man-pages.patch
+  * bsc1128746-0001-integration-cli-don-t-build-test-images-if-they-alre.patch
+  * packaging-0001-revert-Remove-docker-prefix-for-containerd-and-runc-.patch
+  * private-registry-0001-Add-private-registry-mirror-support.patch
+  * secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
+  * secrets-0002-SUSE-implement-SUSE-container-secrets.patch
+- Updated patch name:
+  + bsc1073877-0001-apparmor-clobber-docker-default-profile-on-start.patch
+  - bsc1073877-0002-apparmor-clobber-docker-default-profile-on-start.patch
+
+---

Old:

  bsc1073877-0002-apparmor-clobber-docker-default-profile-on-start.patch
  docker-18.09.3_ce.774a1f4eee66.tar.xz

New:

  bsc1073877-0001-apparmor-clobber-docker-default-profile-on-start.patch
  docker-18.09.6_ce_481bc7715621.tar.xz



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.43CHjN/_old  2019-05-06 21:14:37.040650211 +0200
+++ /var/tmp/diff_new_pack.43CHjN/_new  2019-05-06 21:14:37.040650211 +0200
@@ -42,24 +42,24 @@
 # helpfully injects into our build environment from the changelog). If you want
 # to generate a new git_commit_epoch, use this:
 #  $ date --date="$(git show --format=fuller --date=iso $COMMIT_ID | grep -oP 
'(?<=^CommitDate: ).*')" '+%s'
-%define git_version 774a1f4eee66
-%define git_commit_epoch 1551333049
+%define git_version 481bc7715621
+%define git_commit_epoch 1556935084
 
 # These are the git commits required. We verify them against the source to make
 # sure we didn't miss anything important when doing upgrades.
-%define required_containerd e6b3f5632f50dbc4e9cb6288d911bf4f5e95b18e
-%define required_dockerrunc 6635b4f0c6af3810594d2770f662f34ddc15b40d
-%define required_libnetwork 2cfbf9b1f98162a55829a21cc603c76072a75382
+%define required_containerd bb71b10fd8f58240ca47fbb579b9d1028eea7c84
+%define required_dockerrunc 2b18fe1d885ee5083ef9f0838fee39b62d653e30
+%define required_libnetwork 872f0a83c98add6cae255c8859e29532febc0039
 
 Name:   %{realname}%{name_suffix}
-Version:18.09.3_ce
+Version:18.09.6_ce
 Release:0
-Summary:The Linux container runtime
+Summary:The Moby-project Linux container runtime
 License:Apache-2.0
 Group:  System/Management
 Url:http://www.docker.io
 # TODO(VR): check those SOURCE files below
-Source: %{realname}-%{version}.%{git_version}.tar.xz
+Source: %{realname}-%{version}_%{git_version}.tar.xz
 Source1:docker.service
 # bsc#1086185 -- but we only apply this on Kubic.
 Source2:docker-kubic-service.conf
@@ -78,7 +78,7 @@
 Patch200:   
secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
 Patch201:   secrets-0002-SUSE-implement-SUSE-container-secrets.patch
 # SUSE-BACKPORT: Backport of https://github.com/docker/docker/pull/37353. 
bsc#1099277
-Patch401:   
bsc1073877-0002-apparmor-clobber-docker-default-profile-on-start.patch
+Patch401:   
bsc1073877-0001-apparmor-clobber-docker-default-profile-on-start.patch
 # SUSE-BACKPORT: Backport of https://github.com/docker/cli/pull/1306. 
boo#1047218
 Patch402:   
bsc1047218-0001-man-obey-SOURCE_DATE_EPOCH-when-generating-man-pages.patch
 # SUSE-ISSUE: Revert of https://github.com/docker/docker/pull/37907.
@@ -256,7 +256,7 @@
 %endif
 
 %prep
-%setup -q -n %{realname}-%{version}.%{git_version}
+%setup -q -n 

commit docker for openSUSE:Factory

2019-03-26 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2019-03-26 22:28:10

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new.25356 (New)


Package is "docker"

Tue Mar 26 22:28:10 2019 rev:88 rq:688119 version:18.09.3_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2019-02-27 
21:11:42.579196565 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new.25356/docker.changes 2019-03-26 
22:28:11.693766999 +0100
@@ -1,0 +2,15 @@
+Fri Mar 22 09:19:28 UTC 2019 - Sascha Grunert 
+
+- Update to Docker 18.09.3-ce. See upstream changelog in the packaged
+  /usr/share/doc/packages/docker/CHANGELOG.md.
+
+---
+Sun Mar 10 21:12:09 UTC 2019 - Aleksa Sarai 
+
+- docker-test: improvements to test packaging (we don't need to ship around the
+  entire source tree, and we also need to build the born-again integration/
+  tests which contain a suite-per-directory). We also need a new patch which
+  fixes the handling of *-test images. bsc#1128746
+  + bsc1128746-0001-integration-cli-don-t-build-test-images-if-they-alre.patch
+
+---

Old:

  docker-18.09.1_ce.4c52b901c6cb.tar.xz

New:

  bsc1128746-0001-integration-cli-don-t-build-test-images-if-they-alre.patch
  docker-18.09.3_ce.774a1f4eee66.tar.xz



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.ydKF6e/_old  2019-03-26 22:28:12.665766764 +0100
+++ /var/tmp/diff_new_pack.ydKF6e/_new  2019-03-26 22:28:12.673766762 +0100
@@ -42,17 +42,17 @@
 # helpfully injects into our build environment from the changelog). If you want
 # to generate a new git_commit_epoch, use this:
 #  $ date --date="$(git show --format=fuller --date=iso $COMMIT_ID | grep -oP 
'(?<=^CommitDate: ).*')" '+%s'
-%define git_version 4c52b901c6cb
-%define git_commit_epoch 1547060456
+%define git_version 774a1f4eee66
+%define git_commit_epoch 1551333049
 
 # These are the git commits required. We verify them against the source to make
 # sure we didn't miss anything important when doing upgrades.
-%define required_containerd 9754871865f7fe2f4e74d43e2fc7ccd237edcbce
-%define required_dockerrunc 96ec2177ae841256168fcf76954f7177af9446eb
+%define required_containerd e6b3f5632f50dbc4e9cb6288d911bf4f5e95b18e
+%define required_dockerrunc 6635b4f0c6af3810594d2770f662f34ddc15b40d
 %define required_libnetwork 2cfbf9b1f98162a55829a21cc603c76072a75382
 
 Name:   %{realname}%{name_suffix}
-Version:18.09.1_ce
+Version:18.09.3_ce
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0
@@ -90,11 +90,13 @@
 # SUSE-FEATURE: Add support to mirror inofficial/private registries
 #   (https://github.com/docker/docker/pull/34319)
 Patch500:   private-registry-0001-Add-private-registry-mirror-support.patch
+# SUSE-BACKPORT: Backport of test-only patch 
https://github.com/moby/moby/pull/38853. bsc1128746
+Patch900:   
bsc1128746-0001-integration-cli-don-t-build-test-images-if-they-alre.patch
 BuildRequires:  audit
 BuildRequires:  bash-completion
 BuildRequires:  ca-certificates
 BuildRequires:  device-mapper-devel >= 1.2.68
-BuildRequires:  glibc-devel-static
+BuildRequires:  fdupes
 BuildRequires:  libapparmor-devel
 BuildRequires:  libbtrfs-devel >= 3.8
 BuildRequires:  libseccomp-devel >= 2.2
@@ -217,17 +219,13 @@
 %package test
 %global __requires_exclude ^libgo.so.*$
 Summary:Test package for docker
+# Needed for test-suite.
 Group:  System/Management
-BuildRequires:  fdupes
-Requires:   apparmor-parser
-Requires:   bash-completion
-Requires:   device-mapper-devel >= 1.2.68
-Requires:   glibc-devel-static
-Requires:   libapparmor-devel
-Requires:   libbtrfs-devel >= 3.8
-Requires:   procps
-Requires:   sqlite3-devel
-Requires:   golang(API) = 1.8
+Requires:   curl
+Requires:   go
+Requires:   iputils
+Requires:   jq
+Requires:   net-tools-deprecated
 # KUBIC-SPECIFIC: This was required when upgrading from the original kubic
 # packaging, when everything was renamed to -kubic. It also is
 # used to ensure that nothing complains too much when using
@@ -279,9 +277,10 @@
 # PATCH-SUSE: Mirror patch.
 %patch500 -p1
 %endif
+# bsc#1128746
+%patch900 -p1
 
 cp %{SOURCE7} .
-cp %{SOURCE9} .
 
 %build
 BUILDTAGS="exclude_graphdriver_aufs apparmor selinux seccomp pkcs11"
@@ -317,19 +316,32 @@
 ln -s $(pwd)/components/cli $(pwd)/src/github.com/docker/cli
 export GOPATH=$GOPATH:$(pwd)
 
-# DOCKER ENGINE
+###
+## DOCKER ENGINE ##

commit docker for openSUSE:Factory

2019-02-27 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2019-02-27 21:11:41

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new.28833 (New)


Package is "docker"

Wed Feb 27 21:11:41 2019 rev:87 rq:679242 version:18.09.1_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2019-02-13 
09:58:50.617658137 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new.28833/docker.changes 2019-02-27 
21:11:42.579196565 +0100
@@ -1,0 +2,5 @@
+Tue Feb 26 09:39:57 UTC 2019 - Michal Jura 
+
+- Move daemon.json file to /etc/docker directory, bsc#1114832 
+
+---



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.ZL1pBi/_old  2019-02-27 21:11:44.235196231 +0100
+++ /var/tmp/diff_new_pack.ZL1pBi/_new  2019-02-27 21:11:44.263196225 +0100
@@ -392,7 +392,7 @@
 install -D -m 644 %{SOURCE4} %{buildroot}%{_fillupdir}/sysconfig.docker
 
 # install docker config file
-install -D -m 644 %{SOURCE10} %{buildroot}%{_sysconfdir}/daemon.json
+install -D -m 644 %{SOURCE10} %{buildroot}%{_sysconfdir}/docker/daemon.json
 
 # install manpages (using the ones from the engine)
 install -d %{buildroot}%{_mandir}/man1
@@ -451,7 +451,8 @@
 %dir %{_unitdir}/%{realname}.service.d/
 %{_unitdir}/%{realname}.service.d/90-kubic.conf
 %endif
-%config %{_sysconfdir}/daemon.json
+%dir %{_sysconfdir}/docker
+%config %{_sysconfdir}/docker/daemon.json
 %config %{_sysconfdir}/audit/rules.d/%{realname}.rules
 %{_udevrulesdir}/80-%{realname}.rules
 %{_fillupdir}/sysconfig.docker




commit docker for openSUSE:Factory

2019-02-13 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2019-02-13 09:58:25

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new.28833 (New)


Package is "docker"

Wed Feb 13 09:58:25 2019 rev:86 rq:673384 version:18.09.1_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2019-01-21 
10:07:00.194882436 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new.28833/docker.changes 2019-02-13 
09:58:50.617658137 +0100
@@ -1,0 +2,18 @@
+Sat Feb  9 13:54:03 UTC 2019 - Aleksa Sarai 
+
+- Update shell completion to use Group: System/Shells.
+
+---
+Wed Feb  6 14:37:43 UTC 2019 - Michal Jura 
+
+-  Add daemon.json file with rotation logs cofiguration, bsc#1114832
+
+---
+Tue Feb  5 11:24:02 UTC 2019 - Aleksa Sarai 
+
+- Update to Docker 18.09.1-ce. See upstream changelog in the packaged
+  /usr/share/doc/packages/docker/CHANGELOG.md. bsc#1124308
+- Remove upstreamed patches.
+  - bsc1073877-0001-apparmor-allow-receiving-of-signals-from-docker-kill.patch
+
+---

Old:

  bsc1073877-0001-apparmor-allow-receiving-of-signals-from-docker-kill.patch
  docker-18.09.0_ce.tar.xz

New:

  docker-18.09.1_ce.4c52b901c6cb.tar.xz
  docker-daemon.json



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.Cno4ik/_old  2019-02-13 09:58:51.777657856 +0100
+++ /var/tmp/diff_new_pack.Cno4ik/_new  2019-02-13 09:58:51.781657855 +0100
@@ -42,24 +42,24 @@
 # helpfully injects into our build environment from the changelog). If you want
 # to generate a new git_commit_epoch, use this:
 #  $ date --date="$(git show --format=fuller --date=iso $COMMIT_ID | grep -oP 
'(?<=^CommitDate: ).*')" '+%s'
-%define git_version e68fc7a215d7
-%define git_commit_epoch 1534871791
+%define git_version 4c52b901c6cb
+%define git_commit_epoch 1547060456
 
 # These are the git commits required. We verify them against the source to make
 # sure we didn't miss anything important when doing upgrades.
-%define required_containerd 468a545b9edcd5932818eb9de8e72413e616e86e
-%define required_dockerrunc 69663f0bd4b60df09991c08812a60108003fa340
-%define required_libnetwork 6da50d1978302f04c3e2089e29112ea24812f05b
+%define required_containerd 9754871865f7fe2f4e74d43e2fc7ccd237edcbce
+%define required_dockerrunc 96ec2177ae841256168fcf76954f7177af9446eb
+%define required_libnetwork 2cfbf9b1f98162a55829a21cc603c76072a75382
 
 Name:   %{realname}%{name_suffix}
-Version:18.09.0_ce
+Version:18.09.1_ce
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0
 Group:  System/Management
 Url:http://www.docker.io
 # TODO(VR): check those SOURCE files below
-Source: %{realname}-%{version}.tar.xz
+Source: %{realname}-%{version}.%{git_version}.tar.xz
 Source1:docker.service
 # bsc#1086185 -- but we only apply this on Kubic.
 Source2:docker-kubic-service.conf
@@ -70,14 +70,13 @@
 Source7:README_SUSE.md
 Source8:docker-audit.rules
 Source9:tests.sh
+Source10:   docker-daemon.json
 # SUSE-FEATURE: Adds the /run/secrets mountpoint inside all Docker containers
 # which is not snapshotted when images are committed. Note that if you modify
 # this patch, please also modify the patch in the suse-secrets-v
 # branch in http://github.com/suse/docker.mirror.
 Patch200:   
secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
 Patch201:   secrets-0002-SUSE-implement-SUSE-container-secrets.patch
-# SUSE-BACKPORT: Backport of https://github.com/docker/docker/pull/37831. 
bsc#1073877
-Patch400:   
bsc1073877-0001-apparmor-allow-receiving-of-signals-from-docker-kill.patch
 # SUSE-BACKPORT: Backport of https://github.com/docker/docker/pull/37353. 
bsc#1099277
 Patch401:   
bsc1073877-0002-apparmor-clobber-docker-default-profile-on-start.patch
 # SUSE-BACKPORT: Backport of https://github.com/docker/cli/pull/1306. 
boo#1047218
@@ -175,7 +174,7 @@
 
 %package bash-completion
 Summary:Bash Completion for %{name}
-Group:  System/Management
+Group:  System/Shells
 Requires:   %{name} = %{version}
 Supplements:packageand(%{name}:bash-completion)
 BuildArch:  noarch
@@ -196,7 +195,7 @@
 
 %package zsh-completion
 Summary:Zsh Completion for %{name}
-Group:  System/Management
+Group:  System/Shells
 Requires:   %{name} = %{version}
 Supplements:packageand(%{name}:zsh)
 BuildArch:  noarch
@@ -259,7 +258,7 @@
 %endif
 
 

commit docker for openSUSE:Factory

2019-01-21 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2019-01-21 10:06:51

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new.28833 (New)


Package is "docker"

Mon Jan 21 10:06:51 2019 rev:85 rq:664600 version:18.09.0_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2018-12-21 
08:19:12.329694305 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new.28833/docker.changes 2019-01-21 
10:07:00.194882436 +0100
@@ -1,0 +2,16 @@
+Fri Jan 11 09:57:32 UTC 2019 - Sascha Grunert 
+
+- Disable leap based builds for kubic flavor. bsc#1121412
+
+---
+Wed Dec 19 19:28:47 UTC 2018 - c...@suse.com
+
+- Update go requirements to >= go1.10.6 to fix
+  * bsc#1118897 CVE-2018-16873
+go#29230 cmd/go: remote command execution during "go get -u"
+  * bsc#1118898 CVE-2018-16874
+go#29231 cmd/go: directory traversal in "go get" via curly braces in 
import paths
+  * bsc#1118899 CVE-2018-16875
+go#29233 crypto/x509: CPU denial of service
+
+---
@@ -22 +38 @@
-  /usr/share/doc/packages/docker/CHANGELOG.md. boo#1115464
+  /usr/share/doc/packages/docker/CHANGELOG.md. boo#1115464 bsc#1118990
@@ -3314,2 +3329,0 @@
-
-



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.w8U5pc/_old  2019-01-21 10:07:01.198881419 +0100
+++ /var/tmp/diff_new_pack.w8U5pc/_new  2019-01-21 10:07:01.206881411 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package docker
 #
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -158,6 +158,10 @@
 Provides:   cri-runtime
 # No i586 Kubernetes, so docker-kubic must not be built for i586 also
 ExcludeArch:i586
+# Disable leap based builds for kubic flavor (bsc#1121412)
+%if 0%{?suse_version} == 1500 && 0%{?is_opensuse}
+ExclusiveArch:  do_not_build
+%endif
 %endif
 
 %description




commit docker for openSUSE:Factory

2018-12-20 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2018-12-21 08:19:10

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new.28833 (New)


Package is "docker"

Fri Dec 21 08:19:10 2018 rev:84 rq:659073 version:18.09.0_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2018-12-05 
09:39:14.472977754 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new.28833/docker.changes 2018-12-21 
08:19:12.329694305 +0100
@@ -1,0 +2,6 @@
+Tue Dec 18 10:10:06 UTC 2018 - Aleksa Sarai 
+
+- Handle build breakage due to missing 'export GOPATH' (caused by resolution of
+  boo#1119634). I believe Docker is one of the only packages with this problem.
+
+---



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.S0qXOU/_old  2018-12-21 08:19:13.125693560 +0100
+++ /var/tmp/diff_new_pack.S0qXOU/_new  2018-12-21 08:19:13.125693560 +0100
@@ -314,10 +314,10 @@
 # Preparing GOPATH so that the client is visible to the compiler
 mkdir -p src/github.com/docker/
 ln -s $(pwd)/components/cli $(pwd)/src/github.com/docker/cli
-GOPATH=$GOPATH:$(pwd)
+export GOPATH=$GOPATH:$(pwd)
 
 # DOCKER ENGINE
-cd components/engine/
+pushd components/engine/
 # ignore the warning that we compile outside a Docker container
 ./hack/make.sh dynbinary
 # build the tests binary
@@ -325,17 +325,17 @@
-buildmode=pie \
-tags "$DOCKER_BUILDTAGS daemon autogen" \
-c github.com/docker/docker/integration-cli -o tests.main
-cd ../..
+popd
 
 # DOCKER CLIENT
-cd components/cli
+pushd components/cli
 ./scripts/build/dynbinary
 
 mkdir -p ./man/man1
 go build -buildmode=pie -o gen-manpages github.com/docker/cli/man
 ./gen-manpages --root "$(pwd)" --target "$(pwd)/man/man1"
 ./man/md2man-all.sh
-cd ../..
+popd
 
 %check
 # We used to run 'go test' here, however we found that this actually didn't




commit docker for openSUSE:Factory

2018-12-05 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2018-12-05 09:39:04

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new.19453 (New)


Package is "docker"

Wed Dec  5 09:39:04 2018 rev:83 rq:653739 version:18.09.0_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2018-11-05 
22:57:02.155930905 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new.19453/docker.changes 2018-12-05 
09:39:14.472977754 +0100
@@ -1,0 +2,28 @@
+Mon Dec  3 16:14:22 UTC 2018 - Aleksa Sarai 
+
+- Add backports of https://github.com/docker/docker/pull/37302 and
+  https://github.com/docker/cli/pull/1130, which allow for users to explicitly
+  specify the NIS domainname of a container. bsc#1001161
+  + bsc1001161-0001-oci-include-the-domainname-in-kernel.domainname.patch
+  + bsc1001161-0002-cli-add-a-separate-domainname-flag.patch
+
+---
+Thu Nov 29 09:41:11 UTC 2018 - Aleksa Sarai 
+
+- Update docker.service to match upstream and avoid rlimit problems.
+  bsc#1112980
+- Upgrade to Docker 18.09.0-ce. See upstream changelog in the packaged
+  /usr/share/doc/packages/docker/CHANGELOG.md. boo#1115464
+- Add revert of an upstream patch to fix docker-* handling.
+  + packaging-0001-revert-Remove-docker-prefix-for-containerd-and-runc-.patch
+- Rebase patches:
+  * bsc1047218-0001-man-obey-SOURCE_DATE_EPOCH-when-generating-man-pages.patch
+  * bsc1073877-0001-apparmor-allow-receiving-of-signals-from-docker-kill.patch
+  * bsc1073877-0002-apparmor-clobber-docker-default-profile-on-start.patch
+  * private-registry-0001-Add-private-registry-mirror-support.patch
+  * secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
+  * secrets-0002-SUSE-implement-SUSE-container-secrets.patch
+- Remove upstreamed patches:
+  - bsc1100727-0001-build-add-buildmode-pie.patch
+
+---

Old:

  bsc1100727-0001-build-add-buildmode-pie.patch
  docker-18.06.1_ce.tar.xz

New:

  bsc1001161-0001-oci-include-the-domainname-in-kernel.domainname.patch
  bsc1001161-0002-cli-add-a-separate-domainname-flag.patch
  docker-18.09.0_ce.tar.xz
  packaging-0001-revert-Remove-docker-prefix-for-containerd-and-runc-.patch



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.Jb2ku1/_old  2018-12-05 09:39:19.168972614 +0100
+++ /var/tmp/diff_new_pack.Jb2ku1/_new  2018-12-05 09:39:19.172972610 +0100
@@ -49,10 +49,10 @@
 # sure we didn't miss anything important when doing upgrades.
 %define required_containerd 468a545b9edcd5932818eb9de8e72413e616e86e
 %define required_dockerrunc 69663f0bd4b60df09991c08812a60108003fa340
-%define required_libnetwork 3ac297bc7fd0afec9051bbb47024c9bc1d75bf5b
+%define required_libnetwork 6da50d1978302f04c3e2089e29112ea24812f05b
 
 Name:   %{realname}%{name_suffix}
-Version:18.06.1_ce
+Version:18.09.0_ce
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0
@@ -76,16 +76,20 @@
 # branch in http://github.com/suse/docker.mirror.
 Patch200:   
secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
 Patch201:   secrets-0002-SUSE-implement-SUSE-container-secrets.patch
-# SUSE-BACKPORT: Backport of https://github.com/moby/moby/pull/36822. 
bsc#1073877
+# SUSE-BACKPORT: Backport of https://github.com/docker/docker/pull/37831. 
bsc#1073877
 Patch400:   
bsc1073877-0001-apparmor-allow-receiving-of-signals-from-docker-kill.patch
-# SUSE-BACKPORT: Backport of https://github.com/moby/moby/pull/37353. 
bsc#1099277
+# SUSE-BACKPORT: Backport of https://github.com/docker/docker/pull/37353. 
bsc#1099277
 Patch401:   
bsc1073877-0002-apparmor-clobber-docker-default-profile-on-start.patch
-# SUSE-BACKPORT: Backport of https://github.com/docker/cli/pull/1242. 
bsc#1100727
-Patch402:   bsc1100727-0001-build-add-buildmode-pie.patch
 # SUSE-BACKPORT: Backport of https://github.com/docker/cli/pull/1306. 
boo#1047218
-Patch403:   
bsc1047218-0001-man-obey-SOURCE_DATE_EPOCH-when-generating-man-pages.patch
+Patch402:   
bsc1047218-0001-man-obey-SOURCE_DATE_EPOCH-when-generating-man-pages.patch
+# SUSE-ISSUE: Revert of https://github.com/docker/docker/pull/37907.
+Patch403:   
packaging-0001-revert-Remove-docker-prefix-for-containerd-and-runc-.patch
+# SUSE-BACKPORT: Backport of https://github.com/docker/docker/pull/37302. 
bsc#1001161
+Patch404:   
bsc1001161-0001-oci-include-the-domainname-in-kernel.domainname.patch
+# SUSE-BACKPORT: Backport of https://github.com/docker/cli/pull/1130. 
bsc#1001161
+Patch405:   

commit docker for openSUSE:Factory

2018-11-05 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2018-11-05 22:56:51

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Mon Nov  5 22:56:51 2018 rev:82 rq:646380 version:18.06.1_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2018-10-12 
13:08:54.323452604 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2018-11-05 
22:57:02.155930905 +0100
@@ -28,2 +28,3 @@
-- Upgrade to docker-ce v18.06.1-ce. Upstream changelog:
-  https://github.com/docker/docker-ce/releases/tag/v18.06.1-ce bsc#1102522
+- Upgrade to docker-ce v18.06.1-ce. bsc#1102522 bsc#1113313
+  Upstream changelog:
+  https://github.com/docker/docker-ce/releases/tag/v18.06.1-ce



Other differences:
--



commit docker for openSUSE:Factory

2018-10-12 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2018-10-12 13:08:48

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Fri Oct 12 13:08:48 2018 rev:81 rq:640569 version:18.06.1_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2018-09-05 
13:46:43.130072804 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2018-10-12 
13:08:54.323452604 +0200
@@ -1,0 +2,7 @@
+Mon Oct  8 06:41:21 UTC 2018 - Valentin Rothberg 
+
+- Reduce the disk footprint by recommending git-core instead of
+  hard requiring it.
+  bsc#1108038
+
+---



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.hdAnvT/_old  2018-10-12 13:08:55.987450230 +0200
+++ /var/tmp/diff_new_pack.hdAnvT/_new  2018-10-12 13:08:55.987450230 +0200
@@ -12,7 +12,7 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
 # nodebuginfo
 
@@ -118,7 +118,6 @@
 Requires:   catatonit
 # Provides mkfs.ext4 - used by Docker when devicemapper storage driver is used
 Requires:   e2fsprogs
-Requires:   git-core >= 1.7
 Requires:   iproute2 >= 3.5
 Requires:   iptables >= 1.4
 Requires:   procps
@@ -134,6 +133,7 @@
 # configured to use lvm and the user doesn't explicitly provide a
 # different storage-driver than devicemapper
 Recommends: lvm2 >= 2.2.89
+Recommends: git-core >= 1.7
 Conflicts:  lxc < 1.0
 ExcludeArch:s390 ppc
 # Make sure we build with go 1.10




commit docker for openSUSE:Factory

2018-09-05 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2018-09-05 13:46:40

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Wed Sep  5 13:46:40 2018 rev:80 rq:632984 version:18.06.1_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2018-08-03 
12:29:15.766857516 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2018-09-05 
13:46:43.130072804 +0200
@@ -1,0 +2,73 @@
+Tue Sep  4 08:32:43 UTC 2018 - rbr...@suse.com
+
+- ExcludeArch i586 for entire docker-kubic flavour 
+
+---
+Tue Sep  4 07:32:47 UTC 2018 - rbr...@suse.com
+
+- ExcludeArch i586 for docker-kubic-kubeadm-criconfig subpackage 
+
+---
+Fri Aug 24 08:17:41 UTC 2018 - asa...@suse.com
+
+- Add patch to make package reproducible, which is a backport of
+  https://github.com/docker/cli/pull/1306. boo#1047218
+  + bsc1047218-0001-man-obey-SOURCE_DATE_EPOCH-when-generating-man-pages.patch
+
+---
+Wed Aug 22 09:54:57 UTC 2018 - asa...@suse.com
+
+- Upgrade to docker-ce v18.06.1-ce. Upstream changelog:
+  https://github.com/docker/docker-ce/releases/tag/v18.06.1-ce bsc#1102522
+- Remove patches that were merged upstream:
+  - bsc1102522-0001-18.06-disable-containerd-CRI-plugin.patch
+
+---
+Tue Aug 21 09:50:01 UTC 2018 - asa...@suse.com
+
+- Add a backport of https://github.com/docker/engine/pull/29 for the 18.06.0-ce
+  upgrade. This is a potential security issue (the CRI plugin was enabled by
+  default, which listens on a TCP port bound to 0.0.0.0) that will be fixed
+  upstream in the 18.06.1-ce upgrade. bsc#1102522
+  + bsc1102522-0001-18.06-disable-containerd-CRI-plugin.patch
+
+---
+Tue Aug 21 09:39:57 UTC 2018 - rbr...@suse.com
+
+- Kubic: Make crio default, docker as alternative runtime
+  (boo#1104821)
+- Provide kubernetes CRI config with docker-kubic-kubeadm-criconfig
+  subpackage
+
+---
+Thu Aug 16 02:00:31 UTC 2018 - asa...@suse.com
+
+- Merge -kubic packages back into the main Virtualization:containers packages.
+  This is done using _multibuild to add a "kubic" flavour, which is then used
+  to conditionally compile patches and other kubic-specific features.
+  bsc#1105000
+- Rework docker-rpmlintrc with the new _multibuild setup.
+
+---
+Wed Aug  1 09:40:59 UTC 2018 - asa...@suse.com
+
+- Enable seccomp support on SLE12, since libseccomp is now a new enough vintage
+  to work with Docker and containerd. fate#325877
+
+---
+Tue Jul 31 09:48:16 UTC 2018 - asa...@suse.com
+
+- Upgrade to docker-ce v18.06.0-ce. bsc#1102522
+- Remove systemd-service dependency on containerd, which is now being started
+  by dockerd to align with upstream defaults.
+- Removed the following patches as they are merged upstream:
+  - bsc1021227-0001-pkg-devmapper-dynamically-load-dm_task_deferred_remo.patch
+  - bsc1055676-0001-daemon-oci-obey-CL_UNPRIVILEGED-for-user-namespaced-.patch
+- Rebased the following patches:
+  * bsc1073877-0001-apparmor-allow-receiving-of-signals-from-docker-kill.patch
+  * bsc1073877-0002-apparmor-clobber-docker-default-profile-on-start.patch
+  * bsc1100727-0001-build-add-buildmode-pie.patch
+  * secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
+  * secrets-0002-SUSE-implement-SUSE-container-secrets.patch
+
+---
@@ -18,5 +90,0 @@
-Wed Jun 13 10:19:23 UTC 2018 - dcass...@suse.com
-
-- Make use of %license macro
-

@@ -29,0 +98,5 @@
+Tue Jun  5 08:41:07 UTC 2018 - dcass...@suse.com
+
+- Make use of %license macro
+
+---
@@ -44,0 +118,12 @@
+Wed May 16 10:12:56 UTC 2018 - jmassaguer...@suse.com
+
+- Review Obsoletes to fix bsc#1080978
+
+---
+Thu Apr 12 12:49:25 UTC 2018 - fcaste...@suse.com
+
+- Put docker under the podruntime slice. This the recommended
+  deployment to allow fine resource control on Kubernetes.
+  bsc#1086185
+
+---
@@ -69,0 +155,7 @@
+Thu Mar  8 13:14:54 UTC 2018 - vrothb...@suse.com
+
+- Fix private-registry-0001-Add-private-registry-mirror-support.patch to
+  

commit docker for openSUSE:Factory

2018-08-03 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2018-08-03 12:29:11

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Fri Aug  3 12:29:11 2018 rev:79 rq:626556 version:17.09.1_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2018-07-02 
23:29:29.565543925 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2018-08-03 
12:29:15.766857516 +0200
@@ -1,0 +2,7 @@
+Mon Jul 30 09:44:47 UTC 2018 - asa...@suse.com
+
+- Build the client binary with -buildmode=pie to fix issues on POWER.
+  bsc#1100727
+  + bsc1100727-0001-build-add-buildmode-pie.patch
+
+---

New:

  bsc1100727-0001-build-add-buildmode-pie.patch



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.9aOliX/_old  2018-08-03 12:29:16.446858514 +0200
+++ /var/tmp/diff_new_pack.9aOliX/_new  2018-08-03 12:29:16.450858519 +0200
@@ -70,6 +70,8 @@
 Patch402:   
bsc1073877-0001-apparmor-allow-receiving-of-signals-from-docker-kill.patch
 # SUSE-BACKPORT: Backport of https://github.com/moby/moby/pull/37353. 
bsc#1099277
 Patch403:   
bsc1073877-0002-apparmor-clobber-docker-default-profile-on-start.patch
+# SUSE-BACKPORT: Backport of https://github.com/docker/cli/pull/1242. 
bsc#1100727
+Patch404:   bsc1100727-0001-build-add-buildmode-pie.patch
 BuildRequires:  audit
 BuildRequires:  bash-completion
 BuildRequires:  ca-certificates
@@ -202,6 +204,8 @@
 %patch402 -p1
 # bsc#1099277
 %patch403 -p1
+# bsc#1100727
+%patch404 -p1
 
 cp %{SOURCE7} .
 cp %{SOURCE9} .

++ bsc1100727-0001-build-add-buildmode-pie.patch ++
>From d39172ffc6b245f02da1898793ccaef20bb6858a Mon Sep 17 00:00:00 2001
From: Aleksa Sarai 
Date: Mon, 30 Jul 2018 19:34:01 +1000
Subject: [PATCH] build: add -buildmode=pie

Make all dynbinary builds be position-independent (this adds both
security benefits and can help with flaky builds on POWER
architectures).

Signed-off-by: Aleksa Sarai 
---
 components/cli/scripts/build/dynbinary | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/components/cli/scripts/build/dynbinary 
b/components/cli/scripts/build/dynbinary
index 3c32ed342ef7..4feb7e71d852 100755
--- a/components/cli/scripts/build/dynbinary
+++ b/components/cli/scripts/build/dynbinary
@@ -9,6 +9,6 @@ source ./scripts/build/.variables
 
 echo "Building dynamically linked $TARGET"
 export CGO_ENABLED=1
-go build -o "${TARGET}" -tags pkcs11 --ldflags "${LDFLAGS}" "${SOURCE}"
+go build -o "${TARGET}" -tags pkcs11 --ldflags "${LDFLAGS}" -buildmode=pie 
"${SOURCE}"
 
 ln -sf "$(basename "${TARGET}")" build/docker
-- 
2.18.0




commit docker for openSUSE:Factory

2018-07-02 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2018-07-02 23:29:24

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Mon Jul  2 23:29:24 2018 rev:78 rq:619750 version:17.09.1_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2018-06-22 
13:15:22.691048985 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2018-07-02 
23:29:29.565543925 +0200
@@ -1,0 +2,9 @@
+Fri Jun 29 08:35:56 UTC 2018 - asa...@suse.com
+
+- Update the AppArmor patchset again to fix a separate issue where changed
+  AppArmor profiles don't actually get applied on Docker daemon reboot.
+  bsc#1099277
+  * bsc1073877-0001-apparmor-allow-receiving-of-signals-from-docker-kill.patch
+  + bsc1073877-0002-apparmor-clobber-docker-default-profile-on-start.patch
+
+---

New:

  bsc1073877-0002-apparmor-clobber-docker-default-profile-on-start.patch



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.xZorMf/_old  2018-07-02 23:29:30.749542452 +0200
+++ /var/tmp/diff_new_pack.xZorMf/_new  2018-07-02 23:29:30.749542452 +0200
@@ -68,6 +68,8 @@
 Patch401:   
bsc1021227-0001-pkg-devmapper-dynamically-load-dm_task_deferred_remo.patch
 # SUSE-BACKPORT: Backport of https://github.com/moby/moby/pull/36822. 
bsc#1073877
 Patch402:   
bsc1073877-0001-apparmor-allow-receiving-of-signals-from-docker-kill.patch
+# SUSE-BACKPORT: Backport of https://github.com/moby/moby/pull/37353. 
bsc#1099277
+Patch403:   
bsc1073877-0002-apparmor-clobber-docker-default-profile-on-start.patch
 BuildRequires:  audit
 BuildRequires:  bash-completion
 BuildRequires:  ca-certificates
@@ -198,6 +200,8 @@
 %patch401 -p1
 # bsc#1073877
 %patch402 -p1
+# bsc#1099277
+%patch403 -p1
 
 cp %{SOURCE7} .
 cp %{SOURCE9} .

++ 
bsc1073877-0001-apparmor-allow-receiving-of-signals-from-docker-kill.patch 
++
--- /var/tmp/diff_new_pack.xZorMf/_old  2018-07-02 23:29:30.829542353 +0200
+++ /var/tmp/diff_new_pack.xZorMf/_new  2018-07-02 23:29:30.833542348 +0200
@@ -1,7 +1,7 @@
 From 2cc9da975798847cd0a37d1571d8a0f1d72b522d Mon Sep 17 00:00:00 2001
 From: Aleksa Sarai 
 Date: Sun, 8 Apr 2018 20:21:30 +1000
-Subject: [PATCH] apparmor: allow receiving of signals from 'docker kill'
+Subject: [PATCH 1/2] apparmor: allow receiving of signals from 'docker kill'
 
 In newer kernels, AppArmor will reject attempts to send signals to a
 container because the signal originated from outside of that AppArmor
@@ -32,5 +32,5 @@
deny @{PROC}/* w,   # deny write for all files directly in /proc (not in a 
subdir)
# deny write to files not in /proc//** or /proc/sys/**
 -- 
-2.16.3
+2.17.1
 

++ bsc1073877-0002-apparmor-clobber-docker-default-profile-on-start.patch 
++
>From 8edc54753ab5ea9294c55ec32b49c9eb7cdf3892 Mon Sep 17 00:00:00 2001
From: Aleksa Sarai 
Date: Fri, 29 Jun 2018 17:59:30 +1000
Subject: [PATCH 2/2] apparmor: clobber docker-default profile on start

In the process of making docker-default reloading far less expensive,
567ef8e7858c ("daemon: switch to 'ensure' workflow for AppArmor
profiles") mistakenly made the initial profile load at dockerd start-up
lazy. As a result, if you have a running Docker daemon and upgrade it to
a new one with an updated AppArmor profile the new profile will not take
effect (because the old one is still loaded). The fix for this is quite
trivial, and just requires us to clobber the profile on start-up.

Fixes: 567ef8e7858c ("daemon: switch to 'ensure' workflow for AppArmor 
profiles")
SUSE-Bugs: bsc#1099277
Signed-off-by: Aleksa Sarai 
---
 components/engine/daemon/apparmor_default.go   | 14 ++
 .../engine/daemon/apparmor_default_unsupported.go  |  4 
 components/engine/daemon/daemon.go |  4 +++-
 3 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/components/engine/daemon/apparmor_default.go 
b/components/engine/daemon/apparmor_default.go
index 2a418b25c241..c3e271ee4774 100644
--- a/components/engine/daemon/apparmor_default.go
+++ b/components/engine/daemon/apparmor_default.go
@@ -14,6 +14,15 @@ const (
defaultApparmorProfile = "docker-default"
 )
 
+func clobberDefaultAppArmorProfile() error {
+   if apparmor.IsEnabled() {
+   if err := aaprofile.InstallDefault(defaultApparmorProfile); err 
!= nil {
+   return fmt.Errorf("AppArmor enabled on system but the 
%s profile could not be loaded: %s", defaultApparmorProfile, err)
+   }
+   }
+   return nil
+}
+
 func ensureDefaultAppArmorProfile() error {
if apparmor.IsEnabled() 

commit docker for openSUSE:Factory

2018-06-22 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2018-06-22 13:15:19

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Fri Jun 22 13:15:19 2018 rev:77 rq:616513 version:17.09.1_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2018-06-08 
23:11:48.331994272 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2018-06-22 
13:15:22.691048985 +0200
@@ -1,0 +2,5 @@
+Wed Jun 13 10:19:23 UTC 2018 - dcass...@suse.com
+
+- Make use of %license macro 
+
+---



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.HJMnq6/_old  2018-06-22 13:15:24.126995739 +0200
+++ /var/tmp/diff_new_pack.HJMnq6/_new  2018-06-22 13:15:24.126995739 +0200
@@ -336,7 +336,8 @@
 
 %files
 %defattr(-,root,root)
-%doc components/engine/README.md components/engine/LICENSE README_SUSE.md 
CHANGELOG.md
+%doc components/engine/README.md README_SUSE.md CHANGELOG.md
+%license components/engine/LICENSE
 %{_bindir}/docker
 %{_bindir}/dockerd
 %{_sbindir}/rcdocker




commit docker for openSUSE:Factory

2018-06-08 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2018-06-08 23:11:45

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Fri Jun  8 23:11:45 2018 rev:76 rq:614829 version:17.09.1_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2018-06-03 
12:28:46.624506375 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2018-06-08 
23:11:48.331994272 +0200
@@ -1,0 +2,14 @@
+Tue Jun  5 11:24:35 UTC 2018 - asa...@suse.com
+
+- Update to AppArmor patch so that signal mediation also works for signals
+  between in-container processes. bsc#1073877
+  * bsc1073877-0001-apparmor-allow-receiving-of-signals-from-docker-kill.patch
+
+---
+Tue Jun  5 06:38:40 UTC 2018 - asa...@suse.com
+
+- Remove 'go test' from %check section, as it has only ever caused us problems
+  and hasn't (as far as I remember) ever caught a release-blocking issue. Smoke
+  testing has been far more useful. boo#1095817
+
+---



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.rlYKqi/_old  2018-06-08 23:11:49.215962354 +0200
+++ /var/tmp/diff_new_pack.rlYKqi/_new  2018-06-08 23:11:49.219962209 +0200
@@ -261,106 +261,20 @@
 cd ../..
 
 %check
-. ./docker_build_env
-
-# DOCKER ENGINE
-# go test will look in github.com/docker/docker/vendor for vendored packages 
but
-# Docker keeps them in github.com/docker/docker/vendor/src. Let's do it like
-# Docker does it and append github.com/docker/docker/vendor to the GOPATH so 
the
-# packages are found by go test.
-export GOPATH=$HOME/go/src/github.com/docker/docker/vendor:$GOPATH
-
-# Create or dir if it doesn't exist already
-mkdir -p $HOME/go/src/github.com/docker
-
-# Remove any existing symlinks.
-rm -rf $HOME/go/src/github.com/docker/*
-
-# go list -e ... doesn't seem to work with symlinks so do a full copy instead.
-cp -ar %{buildroot}/usr/src/docker/engine $HOME/go/src/github.com/docker/docker
-
-cd $HOME/go/src/github.com/docker/docker
-
-# We verify that all of our -git requires are correct. This is done on-build to
-# make sure that someone doing an update didn't miss anything.
+# We used to run 'go test' here, however we found that this actually didn't
+# catch any issues that were caught by smoke testing, and %check would
+# continually cause package builds to fail due to flaky tests. If you ever need
+# to know how the testing was done, you can always look in the package history.
+# boo#1095817
+
+# We verify that all of our -git requires are correct, and match the contents
+# of the upstream vendoring scripts. This is done on-build to make sure that
+# someone doing an update didn't miss anything.
+cd components/engine
 grep 'RUNC_COMMIT=%{required_dockerrunc}'   
hack/dockerfile/binaries-commits
 grep 'CONTAINERD_COMMIT=%{required_containerd}' 
hack/dockerfile/binaries-commits
 grep 'LIBNETWORK_COMMIT=%{required_libnetwork}' 
hack/dockerfile/binaries-commits
 
-# The command is taken from hack/make/test-unit and various test runs.
-# Everything that follows github.com/docker/pkg/integration-cli are packages
-# containing tests that cannot run in an obs build context. Some tests must be
-# excluded as they will always fail in our build environments.
-PKG_LIST=$(go list -e \
-   -f '{{if ne .Name "github.com/docker/docker"}} {{.ImportPath}}
-   {{end}}'  \
-   -tags "$DOCKER_BUILDTAGS" \
-   -a "${BUILDFLAGS[@]}" ... \
-   | grep'github.com/docker/docker' \
-   | grep -Ev 'vendor/(.+/)?github.com/docker/docker' \
-   | grep -v 'github.com/docker/docker/vendor' \
-   | grep -v 'github.com/docker/docker/builder$' \
-   | grep -v 'github.com/docker/docker/builder/dockerfile$' \
-   | grep -v 'github.com/docker/docker/builder/dockerfile/parser$' 
\
-   | grep -v 'github.com/docker/docker/builder/remotecontext' \
-   | grep -v 'github.com/docker/docker/cmd/dockerd$' \
-%ifarch s390x
-   | grep -v 'github.com/docker/docker/container' \
-%endif
-   | grep -v 'github.com/docker/docker/daemon$' \
-   | grep -v 'github.com/docker/docker/daemon/graphdriver' \
-   | grep -Pv 'github.com/docker/docker/daemon/logger(?!/gelf)' \
-   | grep -v 'github.com/docker/docker/integration' \
-   | grep -v 'github.com/docker/docker/integration-cli' \
-   | grep -v 'github.com/docker/docker/man$' \
-   | grep -v 

commit docker for openSUSE:Factory

2018-06-03 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2018-06-03 12:28:41

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Sun Jun  3 12:28:41 2018 rev:75 rq:612961 version:17.09.1_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2018-05-15 
10:32:00.219269694 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2018-06-03 
12:28:46.624506375 +0200
@@ -1,0 +2,8 @@
+Tue May 29 08:10:48 UTC 2018 - asa...@suse.com
+
+- Update secrets patch to not log incorrect warnings when attempting to inject
+  non-existent host files. bsc#1065609
+  * secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
+  * secrets-0002-SUSE-implement-SUSE-container-secrets.patch
+
+---



Other differences:
--
++ secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch ++
--- /var/tmp/diff_new_pack.Nq0DHG/_old  2018-06-03 12:28:48.676431255 +0200
+++ /var/tmp/diff_new_pack.Nq0DHG/_new  2018-06-03 12:28:48.676431255 +0200
@@ -10,7 +10,7 @@
 Signed-off-by: Antonio Murdaca 
 Signed-off-by: Aleksa Sarai 
 ---
- .../engine/daemon/container_operations_unix.go | 24 +++---
+ .../daemon/container_operations_unix.go   | 24 ---
  1 file changed, 21 insertions(+), 3 deletions(-)
 
 diff --git a/components/engine/daemon/container_operations_unix.go 
b/components/engine/daemon/container_operations_unix.go
@@ -70,5 +70,5 @@
return errors.Wrap(err, "error setting ownership for 
secret")
}
 -- 
-2.16.1
+2.17.0
 

++ secrets-0002-SUSE-implement-SUSE-container-secrets.patch ++
--- /var/tmp/diff_new_pack.Nq0DHG/_old  2018-06-03 12:28:48.688430816 +0200
+++ /var/tmp/diff_new_pack.Nq0DHG/_new  2018-06-03 12:28:48.692430669 +0200
@@ -1,4 +1,4 @@
-From 3a7cd305f75fabc49460066e5452458a524ead5c Mon Sep 17 00:00:00 2001
+From a7533a3084e925eb478148ef30bec0d1f1b81ae3 Mon Sep 17 00:00:00 2001
 From: Aleksa Sarai 
 Date: Wed, 8 Mar 2017 11:43:29 +1100
 Subject: [PATCH 2/2] SUSE: implement SUSE container secrets
@@ -10,12 +10,12 @@
 SUSE-SPECIFIC, AND UPSTREAM DOES NOT APPROVE OF THIS CONCEPT BECAUSE IT
 MAKES BUILDS NOT ENTIRELY REPRODUCIBLE.
 
-SUSE-Bugs: bsc#1057743 bsc#1055676 bsc#1030702
+SUSE-Bugs: bsc#1065609 bsc#1057743 bsc#1055676 bsc#1030702
 Signed-off-by: Aleksa Sarai 
 ---
  components/engine/daemon/start.go|   5 +
- components/engine/daemon/suse_secrets.go | 391 +++
- 2 files changed, 396 insertions(+)
+ components/engine/daemon/suse_secrets.go | 399 +++
+ 2 files changed, 404 insertions(+)
  create mode 100644 components/engine/daemon/suse_secrets.go
 
 diff --git a/components/engine/daemon/start.go 
b/components/engine/daemon/start.go
@@ -36,10 +36,10 @@
return systemError{err}
 diff --git a/components/engine/daemon/suse_secrets.go 
b/components/engine/daemon/suse_secrets.go
 new file mode 100644
-index ..9d0788f0410d
+index ..00e485368b47
 --- /dev/null
 +++ b/components/engine/daemon/suse_secrets.go
-@@ -0,0 +1,391 @@
+@@ -0,0 +1,399 @@
 +/*
 + * suse-secrets: patch for Docker to implement SUSE secrets
 + * Copyright (C) 2017 SUSE LLC.
@@ -143,6 +143,10 @@
 +  var suseFiles []*SuseFakeFile
 +
 +  path := filepath.Join(prefix, dir)
++  if _, err := os.Lstat(path); err != nil && os.IsNotExist(err) {
++  // If the path doesn't exist at all we don't inject anything.
++  return nil, nil
++  }
 +  fi, err := os.Stat(path)
 +  if err != nil {
 +  // Ignore dangling symlinks.
@@ -259,6 +263,10 @@
 +// readFile returns a secret given a file under a given prefix.
 +func readFile(prefix, file string) ([]*SuseFakeFile, error) {
 +  path := filepath.Join(prefix, file)
++  if _, err := os.Lstat(path); err != nil && os.IsNotExist(err) {
++  // If the path doesn't exist at all we don't inject anything.
++  return nil, nil
++  }
 +  fi, err := os.Stat(path)
 +  if err != nil {
 +  // Ignore dangling symlinks.
@@ -432,5 +440,5 @@
 +  return nil
 +}
 -- 
-2.16.1
+2.17.0
 




commit docker for openSUSE:Factory

2018-05-15 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2018-05-15 10:10:29

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Tue May 15 10:10:29 2018 rev:74 rq:605682 version:17.09.1_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2018-04-22 
14:35:29.157986242 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2018-05-15 
10:32:00.219269694 +0200
@@ -2,8 +2 @@
-Thu Apr 19 11:23:32 UTC 2018 - asa...@suse.com
-
-- Fix up the AppArmor 'docker kill' patch to work on older AppArmor versions.
-  boo#1089732
-  * bsc1073877-0001-apparmor-allow-receiving-of-signals-from-docker-kill.patch
-

-Tue Apr 10 09:25:43 UTC 2018 - asa...@suse.com
+Tue Apr 10 09:25:43 UTC 2018 - mmeis...@suse.com
@@ -12 +5 @@
-  bsc#1073877
+  bsc#1073877 boo#1089732
@@ -31 +24 @@
-  fate#324652
+  fate#324652 bsc#1085380



Other differences:
--



commit docker for openSUSE:Factory

2018-04-22 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2018-04-22 14:35:27

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Sun Apr 22 14:35:27 2018 rev:73 rq:598552 version:17.09.1_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2018-04-17 
11:13:16.234359837 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2018-04-22 
14:35:29.157986242 +0200
@@ -1,0 +2,7 @@
+Thu Apr 19 11:23:32 UTC 2018 - asa...@suse.com
+
+- Fix up the AppArmor 'docker kill' patch to work on older AppArmor versions.
+  boo#1089732
+  * bsc1073877-0001-apparmor-allow-receiving-of-signals-from-docker-kill.patch
+
+---



Other differences:
--
++ 
bsc1073877-0001-apparmor-allow-receiving-of-signals-from-docker-kill.patch 
++
--- /var/tmp/diff_new_pack.FAI9lp/_old  2018-04-22 14:35:29.873960332 +0200
+++ /var/tmp/diff_new_pack.FAI9lp/_new  2018-04-22 14:35:29.873960332 +0200
@@ -1,4 +1,4 @@
-From c11493737b4a5ffd59d635650f3a0d45f220ad2b Mon Sep 17 00:00:00 2001
+From fb59d17b2617ebee34f91786428f63571a19bb74 Mon Sep 17 00:00:00 2001
 From: Aleksa Sarai 
 Date: Sun, 8 Apr 2018 20:21:30 +1000
 Subject: [PATCH] apparmor: allow receiving of signals from 'docker kill'
@@ -7,22 +7,25 @@
 container because the signal originated from outside of that AppArmor
 profile. Correct this by allowing all unconfined signals to be received.
 
-SUSE-Bug: bsc#1073877
+SUSE-Bugs: bsc#1073877 boo#1089732
 Signed-off-by: Goldwyn Rodrigues 
 Signed-off-by: Aleksa Sarai 
 ---
- components/engine/profiles/apparmor/template.go | 1 +
- 1 file changed, 1 insertion(+)
+ components/engine/profiles/apparmor/template.go | 4 
+ 1 file changed, 4 insertions(+)
 
 diff --git a/components/engine/profiles/apparmor/template.go 
b/components/engine/profiles/apparmor/template.go
-index c5ea4584de6b..4830ac440645 100644
+index c5ea4584de6b..47c1b0659a15 100644
 --- a/components/engine/profiles/apparmor/template.go
 +++ b/components/engine/profiles/apparmor/template.go
-@@ -17,6 +17,7 @@ profile {{.Name}} 
flags=(attach_disconnected,mediate_deleted) {
+@@ -17,6 +17,10 @@ profile {{.Name}} 
flags=(attach_disconnected,mediate_deleted) {
capability,
file,
umount,
++{{if ge .Version 208096}}
++{{/* Allow 'docker kill' to actually send signals to container processes. */}}
 +  signal (receive) peer=unconfined,
++{{end}}
  
deny @{PROC}/* w,   # deny write for all files directly in /proc (not in a 
subdir)
# deny write to files not in /proc//** or /proc/sys/**




commit docker for openSUSE:Factory

2018-04-17 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2018-04-17 11:13:13

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Tue Apr 17 11:13:13 2018 rev:72 rq:595995 version:17.09.1_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2018-04-05 
15:29:33.880658384 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2018-04-17 
11:13:16.234359837 +0200
@@ -1,0 +2,13 @@
+Tue Apr 10 09:25:43 UTC 2018 - asa...@suse.com
+
+- Add patch to handle AppArmor changes that make 'docker kill' stop working.
+  bsc#1073877
+  + bsc1073877-0001-apparmor-allow-receiving-of-signals-from-docker-kill.patch
+
+---
+Fri Apr  6 04:21:28 UTC 2018 - asa...@suse.com
+
+- Fix manpage generation breaking ppc64le builds due to a missing
+  -buildemode=pie.
+
+---

New:

  bsc1073877-0001-apparmor-allow-receiving-of-signals-from-docker-kill.patch



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.Hwf7BQ/_old  2018-04-17 11:13:16.942326633 +0200
+++ /var/tmp/diff_new_pack.Hwf7BQ/_new  2018-04-17 11:13:16.946326445 +0200
@@ -66,6 +66,8 @@
 Patch400:   
bsc1055676-0001-daemon-oci-obey-CL_UNPRIVILEGED-for-user-namespaced-.patch
 # SUSE-BACKPORT: Backport of https://github.com/moby/moby/pull/35518. 
bsc#1021227 bsc#1029320 bsc#1058173
 Patch401:   
bsc1021227-0001-pkg-devmapper-dynamically-load-dm_task_deferred_remo.patch
+# SUSE-BACKPORT: Backport of https://github.com/moby/moby/pull/36822. 
bsc#1073877
+Patch402:   
bsc1073877-0001-apparmor-allow-receiving-of-signals-from-docker-kill.patch
 BuildRequires:  audit
 BuildRequires:  bash-completion
 BuildRequires:  ca-certificates
@@ -194,6 +196,8 @@
 %patch400 -p1
 # bsc#1021227 bsc#1029320 bsc#1058173
 %patch401 -p1
+# bsc#1073877
+%patch402 -p1
 
 cp %{SOURCE7} .
 cp %{SOURCE9} .
@@ -251,9 +255,8 @@
 ./scripts/build/dynbinary
 
 mkdir -p ./man/man1
-go build -o gen-manpages github.com/docker/cli/man
+go build -buildmode=pie -o gen-manpages github.com/docker/cli/man
 ./gen-manpages --root "$(pwd)" --target "$(pwd)/man/man1"
-rm gen-manpages
 ./man/md2man-all.sh
 cd ../..
 

++ 
bsc1073877-0001-apparmor-allow-receiving-of-signals-from-docker-kill.patch 
++
>From c11493737b4a5ffd59d635650f3a0d45f220ad2b Mon Sep 17 00:00:00 2001
From: Aleksa Sarai 
Date: Sun, 8 Apr 2018 20:21:30 +1000
Subject: [PATCH] apparmor: allow receiving of signals from 'docker kill'

In newer kernels, AppArmor will reject attempts to send signals to a
container because the signal originated from outside of that AppArmor
profile. Correct this by allowing all unconfined signals to be received.

SUSE-Bug: bsc#1073877
Signed-off-by: Goldwyn Rodrigues 
Signed-off-by: Aleksa Sarai 
---
 components/engine/profiles/apparmor/template.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/components/engine/profiles/apparmor/template.go 
b/components/engine/profiles/apparmor/template.go
index c5ea4584de6b..4830ac440645 100644
--- a/components/engine/profiles/apparmor/template.go
+++ b/components/engine/profiles/apparmor/template.go
@@ -17,6 +17,7 @@ profile {{.Name}} flags=(attach_disconnected,mediate_deleted) 
{
   capability,
   file,
   umount,
+  signal (receive) peer=unconfined,
 
   deny @{PROC}/* w,   # deny write for all files directly in /proc (not in a 
subdir)
   # deny write to files not in /proc//** or /proc/sys/**
-- 
2.16.3




commit docker for openSUSE:Factory

2018-04-05 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2018-04-05 15:29:29

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Thu Apr  5 15:29:29 2018 rev:71 rq:593664 version:17.09.1_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2018-02-16 
21:40:03.881057964 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2018-04-05 
15:29:33.880658384 +0200
@@ -1,0 +2,12 @@
+Wed Apr  4 12:27:29 UTC 2018 - vrothb...@suse.com
+
+- Compile and install all manpages.
+  bsc#1085117
+
+---
+Tue Mar 27 10:13:41 UTC 2018 - asa...@suse.com
+
+- Add requirement for catatonit, which provides a docker-init implementation.
+  fate#324652
+
+---



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.ojqrHx/_old  2018-04-05 15:29:35.832587833 +0200
+++ /var/tmp/diff_new_pack.ojqrHx/_new  2018-04-05 15:29:35.836587689 +0200
@@ -106,6 +106,9 @@
 # runC or containerd (which would be bad).
 Requires:   containerd-git  = %{required_containerd}
 Requires:   docker-runc-git = %{required_dockerrunc}
+# Needed for --init support. We don't use "tini", we use our own implementation
+# which handles edge-cases better.
+Requires:   catatonit
 # Provides mkfs.ext4 - used by Docker when devicemapper storage driver is used
 Requires:   e2fsprogs
 Requires:   git-core >= 1.7
@@ -246,6 +249,11 @@
 # DOCKER CLIENT
 cd components/cli
 ./scripts/build/dynbinary
+
+mkdir -p ./man/man1
+go build -o gen-manpages github.com/docker/cli/man
+./gen-manpages --root "$(pwd)" --target "$(pwd)/man/man1"
+rm gen-manpages
 ./man/md2man-all.sh
 cd ../..
 




commit docker for openSUSE:Factory

2018-02-16 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2018-02-16 21:40:02

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Fri Feb 16 21:40:02 2018 rev:70 rq:576049 version:17.09.1_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2018-01-21 
15:48:19.343742267 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2018-02-16 
21:40:03.881057964 +0100
@@ -1,0 +2,12 @@
+Tue Feb 13 10:45:58 UTC 2018 - asa...@suse.com
+
+- Update patches to be sourced from https://github.com/suse/docker-ce (which
+  are based on the upstream docker/docker-ce repo). The reason for this change
+  (though it is functionally identical to the old patches) is so that public
+  patch maintenance is much simpler.
+  * bsc1021227-0001-pkg-devmapper-dynamically-load-dm_task_deferred_remo.patch
+  * bsc1055676-0001-daemon-oci-obey-CL_UNPRIVILEGED-for-user-namespaced-.patch
+  * secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
+  * secrets-0002-SUSE-implement-SUSE-container-secrets.patch
+
+---



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.2MBcOT/_old  2018-02-16 21:40:05.676993197 +0100
+++ /var/tmp/diff_new_pack.2MBcOT/_new  2018-02-16 21:40:05.684992907 +0100
@@ -184,13 +184,13 @@
 # nothing
 %else
 # PATCH-SUSE: Secrets patches.
-%patch200 -p1 -d components/engine
-%patch201 -p1 -d components/engine
+%patch200 -p1
+%patch201 -p1
 %endif
 # bsc#1055676
-%patch400 -p1 -d components/engine
+%patch400 -p1
 # bsc#1021227 bsc#1029320 bsc#1058173
-%patch401 -p1 -d components/engine
+%patch401 -p1
 
 cp %{SOURCE7} .
 cp %{SOURCE9} .

++ 
bsc1021227-0001-pkg-devmapper-dynamically-load-dm_task_deferred_remo.patch 
++
--- /var/tmp/diff_new_pack.2MBcOT/_old  2018-02-16 21:40:05.784989302 +0100
+++ /var/tmp/diff_new_pack.2MBcOT/_new  2018-02-16 21:40:05.784989302 +0100
@@ -1,4 +1,4 @@
-From b492588a54b8efa1fba1de700cb3e0ad3fe665d9 Mon Sep 17 00:00:00 2001
+From e57d7270deb50c31ac1f732d8f28812e5b809062 Mon Sep 17 00:00:00 2001
 From: Aleksa Sarai 
 Date: Thu, 16 Nov 2017 17:09:16 +1100
 Subject: [PATCH] pkg: devmapper: dynamically load dm_task_deferred_remove
@@ -19,18 +19,18 @@
 SUSE-Bugs: bsc#1021227 bsc#1029320 bsc#1058173
 Signed-off-by: Aleksa Sarai 
 ---
- hack/make.sh   |  12 +-
+ components/engine/hack/make.sh |  12 +-
  ...> devmapper_wrapper_dynamic_deferred_remove.go} |  10 +-
  ...mapper_wrapper_dynamic_dlsym_deferred_remove.go | 128 +
  .../devmapper_wrapper_no_deferred_remove.go|   6 +-
  4 files changed, 149 insertions(+), 7 deletions(-)
- rename pkg/devicemapper/{devmapper_wrapper_deferred_remove.go => 
devmapper_wrapper_dynamic_deferred_remove.go} (78%)
- create mode 100644 
pkg/devicemapper/devmapper_wrapper_dynamic_dlsym_deferred_remove.go
+ rename 
components/engine/pkg/devicemapper/{devmapper_wrapper_deferred_remove.go => 
devmapper_wrapper_dynamic_deferred_remove.go} (78%)
+ create mode 100644 
components/engine/pkg/devicemapper/devmapper_wrapper_dynamic_dlsym_deferred_remove.go
 
-diff --git a/hack/make.sh b/hack/make.sh
-index bc18c066b66c..6e94824ad557 100755
 a/hack/make.sh
-+++ b/hack/make.sh
+diff --git a/components/engine/hack/make.sh b/components/engine/hack/make.sh
+index 58e0d8cd628a..3b78ddef30b0 100755
+--- a/components/engine/hack/make.sh
 b/components/engine/hack/make.sh
 @@ -112,6 +112,12 @@ if [ ! "$GOPATH" ]; then
exit 1
  fi
@@ -61,13 +61,13 @@
  fi
  
  # Use these flags when compiling the tests and final binary
-diff --git a/pkg/devicemapper/devmapper_wrapper_deferred_remove.go 
b/pkg/devicemapper/devmapper_wrapper_dynamic_deferred_remove.go
+diff --git 
a/components/engine/pkg/devicemapper/devmapper_wrapper_deferred_remove.go 
b/components/engine/pkg/devicemapper/devmapper_wrapper_dynamic_deferred_remove.go
 similarity index 78%
-rename from pkg/devicemapper/devmapper_wrapper_deferred_remove.go
-rename to pkg/devicemapper/devmapper_wrapper_dynamic_deferred_remove.go
+rename from 
components/engine/pkg/devicemapper/devmapper_wrapper_deferred_remove.go
+rename to 
components/engine/pkg/devicemapper/devmapper_wrapper_dynamic_deferred_remove.go
 index 7f793c270868..bf57371ff4cf 100644
 a/pkg/devicemapper/devmapper_wrapper_deferred_remove.go
-+++ b/pkg/devicemapper/devmapper_wrapper_dynamic_deferred_remove.go
+--- a/components/engine/pkg/devicemapper/devmapper_wrapper_deferred_remove.go
 

commit docker for openSUSE:Factory

2018-01-21 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2018-01-21 15:48:18

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Sun Jan 21 15:48:18 2018 rev:69 rq:567740 version:17.09.1_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2018-01-13 
21:34:33.306696327 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2018-01-21 
15:48:19.343742267 +0100
@@ -1,0 +2,13 @@
+Fri Jan 19 14:12:32 UTC 2018 - asa...@suse.com
+
+- Add Obsoletes: docker-image-migrator, as the tool is no longer needed and
+  we've pretty much removed it from everywhere except the containers module.
+  bsc#1069758
+
+---
+Fri Jan 19 07:48:10 UTC 2018 - vrothb...@suse.com
+
+- Remove requirement on bridge-utils, which has been replaced by libnetwork in
+  Docker. bsc#1072798
+
+---



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.dCui8I/_old  2018-01-21 15:48:21.147657619 +0100
+++ /var/tmp/diff_new_pack.dCui8I/_new  2018-01-21 15:48:21.151657431 +0100
@@ -94,7 +94,6 @@
 BuildRequires:  systemd-devel
 BuildRequires:  zsh
 Requires:   apparmor-parser
-Requires:   bridge-utils
 Requires:   ca-certificates-mozilla
 # Required in order for networking to work. fix_bsc_1057743 is a work-around
 # for some old packaging issues (where rpm would delete a binary that was
@@ -118,6 +117,9 @@
 Requires(post): %fillup_prereq
 Requires(post): udev
 Requires(post): shadow
+# We used to have a migration tool for the upgrade from v1.9.x to v1.10.x.
+# It is no longer useful, so we obsolete it. bsc#1069758
+Obsoletes:  docker-image-migrator
 # Not necessary, but must be installed when the underlying system is
 # configured to use lvm and the user doesn't explicitly provide a
 # different storage-driver than devicemapper




commit docker for openSUSE:Factory

2018-01-13 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2018-01-13 21:34:30

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Sat Jan 13 21:34:30 2018 rev:68 rq:563290 version:17.09.1_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2017-12-21 
11:25:16.559449330 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2018-01-13 
21:34:33.306696327 +0100
@@ -4 +4 @@
-- Update to Docker v17.09.1_ce. Upstream changelog:
+- Update to Docker v17.09.1_ce (bsc#1069758). Upstream changelog:
@@ -105 +105 @@
-- Update to Docker v17.07.0_ce (bsc#1069758). Upstream changelog:
+- Update to Docker v17.07.0_ce. Upstream changelog:



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.wI8eyU/_old  2018-01-13 21:34:34.086659811 +0100
+++ /var/tmp/diff_new_pack.wI8eyU/_new  2018-01-13 21:34:34.090659623 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package docker
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed




commit docker for openSUSE:Factory

2017-12-21 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2017-12-21 11:25:14

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Thu Dec 21 11:25:14 2017 rev:67 rq:558281 version:17.09.1_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2017-12-08 
12:54:02.400940025 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2017-12-21 
11:25:16.559449330 +0100
@@ -1,0 +2,35 @@
+Mon Dec 18 12:32:35 UTC 2017 - asa...@suse.com
+
+- Update to Docker v17.09.1_ce. Upstream changelog:
+  https://github.com/docker/docker-ce/releases/tag/v17.09.1-ce
+- Removed patches (merged upstream):
+  - bsc1045628-0001-devicemapper-remove-container-rootfs-mountPath-after.patch
+  - bsc1066210-0001-vendor-update-to-github.com-vbatts-tar-split-v0.10.2.patch
+  - bsc1066801-0001-oci-add-proc-scsi-to-masked-paths.patch
+
+---
+Mon Dec 18 12:32:35 UTC 2017 - asa...@suse.com
+
+- Update to Docker v17.09.0_ce. Upstream changelog:
+  https://github.com/docker/docker-ce/releases/tag/v17.09.0-ce
+- Rebased patches:
+  * bsc1021227-0001-pkg-devmapper-dynamically-load-dm_task_deferred_remo.patch
+  * bsc1045628-0001-devicemapper-remove-container-rootfs-mountPath-after.patch
+  * bsc1055676-0001-daemon-oci-obey-CL_UNPRIVILEGED-for-user-namespaced-.patch
+  * secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
+  * secrets-0002-SUSE-implement-SUSE-container-secrets.patch
+- Removed patches (merged upstream):
+  - bsc1064781-0001-Allow-to-override-build-date.patch
+
+---
+Tue Dec  5 10:58:07 UTC 2017 - asa...@suse.com
+
+- Add a patch to dynamically probe whether libdevmapper supports
+  dm_task_deferred_remove. This is necessary because we build the containers
+  module on a SLE12 base, but later SLE versions have libdevmapper support.
+  This should not affect openSUSE, as all openSUSE versions have a new enough
+  libdevmapper. Backport of https://github.com/moby/moby/pull/35518.
+  bsc#1021227 bsc#1029320 bsc#1058173
+  + bsc1021227-0001-pkg-devmapper-dynamically-load-dm_task_deferred_remo.patch
+
+---
@@ -70 +105 @@
-- Update to Docker v17.07-ce (bsc#1069758). Upstream changelog:
+- Update to Docker v17.07.0_ce (bsc#1069758). Upstream changelog:

Old:

  bsc1045628-0001-devicemapper-remove-container-rootfs-mountPath-after.patch
  bsc1064781-0001-Allow-to-override-build-date.patch
  bsc1066210-0001-vendor-update-to-github.com-vbatts-tar-split-v0.10.2.patch
  bsc1066801-0001-oci-add-proc-scsi-to-masked-paths.patch
  docker-17.07.0_ce.tar.xz

New:

  bsc1021227-0001-pkg-devmapper-dynamically-load-dm_task_deferred_remo.patch
  docker-17.09.1_ce.tar.xz



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.ufTQlA/_old  2017-12-21 11:25:17.411407789 +0100
+++ /var/tmp/diff_new_pack.ufTQlA/_new  2017-12-21 11:25:17.415407594 +0100
@@ -31,11 +31,17 @@
 # helpfully injects into our build environment from the changelog). If you want
 # to generate a new git_commit_epoch, use this:
 #  $ date --date="$(git show --format=fuller --date=iso $COMMIT_ID | grep -oP 
'(?<=^CommitDate: ).*')" '+%s'
-%define git_version 87847530f717
-%define git_commit_epoch 1508266293
+%define git_version f4ffd2511ce9
+%define git_commit_epoch 1508606827
+
+# These are the git commits required. We verify them against the source to make
+# sure we didn't miss anything important when doing upgrades.
+%define required_containerd 06b9cb35161009dcb7123345749fef02f7cea8e0
+%define required_dockerrunc 3f2f8b84a77f73d38244dd690525642a72156c64
+%define required_libnetwork 7b2b1feb1de4817d522cc372af149ff48d25028e
 
 Name:   docker
-Version:17.07.0_ce
+Version:17.09.1_ce
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0
@@ -57,15 +63,9 @@
 Patch200:   
secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
 Patch201:   secrets-0002-SUSE-implement-SUSE-container-secrets.patch
 # SUSE-BACKPORT: Backport of https://github.com/moby/moby/pull/35205. 
bsc#1055676
-Patch401:   
bsc1055676-0001-daemon-oci-obey-CL_UNPRIVILEGED-for-user-namespaced-.patch
-# SUSE-BACKPORT: Backport of https://github.com/moby/moby/pull/34573. 
bsc#1045628
-Patch402:   
bsc1045628-0001-devicemapper-remove-container-rootfs-mountPath-after.patch
-# SUSE-BACKPORT: Backport of https://github.com/moby/moby/pull/34176. 
boo#1064781
-Patch403:   bsc1064781-0001-Allow-to-override-build-date.patch
-# 

commit docker for openSUSE:Factory

2017-12-08 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2017-12-08 12:54:01

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Fri Dec  8 12:54:01 2017 rev:66 rq:548181 version:17.07.0_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2017-12-03 
10:06:28.342147686 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2017-12-08 
12:54:02.400940025 +0100
@@ -1,0 +2,6 @@
+Mon Dec  4 12:22:29 UTC 2017 - asa...@suse.com
+
+- Fix up the ordering of tests in docker.spec. This is to keep things easier to
+  backport into the SLE package.
+
+---



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.gqnQeD/_old  2017-12-08 12:54:03.308907234 +0100
+++ /var/tmp/diff_new_pack.gqnQeD/_new  2017-12-08 12:54:03.312907089 +0100
@@ -167,7 +167,6 @@
 Requires:   bash-completion
 Requires:   device-mapper-devel >= 1.2.68
 Requires:   glibc-devel-static
-# Make sure we require go 1.7
 Requires:   libapparmor-devel
 Requires:   libbtrfs-devel >= 3.8
 Requires:   procps
@@ -285,33 +284,35 @@
| grep'github.com/docker/docker' \
| grep -Ev 'vendor/(.+/)?github.com/docker/docker' \
| grep -v 'github.com/docker/docker/vendor' \
+   | grep -v 'github.com/docker/docker/builder$' \
+   | grep -v 'github.com/docker/docker/builder/dockerfile$' \
+   | grep -v 'github.com/docker/docker/builder/dockerfile/parser$' 
\
+   | grep -v 'github.com/docker/docker/builder/remotecontext' \
+   | grep -v 'github.com/docker/docker/cmd/dockerd$' \
+   | grep -v 'github.com/docker/docker/daemon$' \
+   | grep -v 'github.com/docker/docker/daemon/graphdriver' \
+   | grep -Pv 'github.com/docker/docker/daemon/logger(?!/gelf)' \
| grep -v 'github.com/docker/docker/integration-cli' \
+   | grep -v 'github.com/docker/docker/man$' \
| grep -v 'github.com/docker/docker/pkg/archive$' \
| grep -v 'github.com/docker/docker/pkg/chrootarchive$' \
+%if 0%{?sle_version} == 12
+   | grep -v 'github.com/docker/docker/pkg/devicemapper$' \
+%endif
| grep -v 'github.com/docker/docker/pkg/gitutils$' \
| grep -v 'github.com/docker/docker/pkg/idtools$' \
+   | grep -v 'github.com/docker/docker/pkg/integration$' \
| grep -v 'github.com/docker/docker/pkg/jsonlog$' \
| grep -v 'github.com/docker/docker/pkg/mount$' \
| grep -v 'github.com/docker/docker/pkg/sysinfo$' \
-   | grep -v 'github.com/docker/docker/registry$' \
-   | grep -v 'github.com/docker/docker/volume/local$' \
-   | grep -v 'github.com/docker/docker/builder$' \
-   | grep -v 'github.com/docker/docker/builder/remotecontext' \
-   | grep -v 'github.com/docker/docker/builder/dockerfile$' \
-   | grep -v 'github.com/docker/docker/builder/dockerfile/parser$' 
\
-   | grep -v 'github.com/docker/docker/daemon$' \
-   | grep -v 'github.com/docker/docker/daemon/graphdriver' \
-   | grep -v 'github.com/docker/docker/cmd/dockerd$' \
-   | grep -v 'github.com/docker/docker/pkg/integration$' \
| grep -v 'github.com/docker/docker/pkg/testutil' \
-%if 0%{?sle_version} == 12
-   | grep -v 'github.com/docker/docker/pkg/devicemapper$' \
-%endif
 %if ! 0%{?with_libseccomp}
| grep -v 'github.com/docker/docker/profiles/seccomp$' \
 %endif
+   | grep -v 'github.com/docker/docker/registry$' \
+   | grep -v 'github.com/docker/docker/volume/local$' \
)
-
+# PLEASE KEEP THIS LIST IN ALPHABETICAL ORDER!
 rm ./pkg/system/rm_test.go
 
 go test -buildmode=pie -cover -ldflags -w -tags "$DOCKER_BUILDTAGS" -a 
-test.timeout=10m $PKG_LIST
@@ -326,6 +327,7 @@
| grep -v 'github.com/docker/cli/cli/command/image' \
| grep -v 'github.com/docker/cli/cli/image' \
)
+# PLEASE KEEP THIS LIST IN ALPHABETICAL ORDER!
 
 go test -buildmode=pie -cover -ldflags -w -tags daemon -a -test.timeout=10m 
$PKG_LIST
 




commit docker for openSUSE:Factory

2017-12-03 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2017-12-03 10:06:24

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Sun Dec  3 10:06:24 2017 rev:65 rq:546698 version:17.07.0_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2017-11-30 
12:41:40.326031831 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2017-12-03 
10:06:28.342147686 +0100
@@ -1,0 +2,8 @@
+Thu Nov 30 10:15:20 UTC 2017 - asa...@suse.com
+
+- Include secrets fix to handle "old" containers that have orphaned secret
+  data. It's not clear why Docker caches these secrets, but fix the problem by
+  trashing the references manually. bsc#1057743
+  * secrets-0002-SUSE-implement-SUSE-container-secrets.patch
+
+---



Other differences:
--
++ secrets-0002-SUSE-implement-SUSE-container-secrets.patch ++
--- /var/tmp/diff_new_pack.8XsuSz/_old  2017-12-03 10:06:29.354110893 +0100
+++ /var/tmp/diff_new_pack.8XsuSz/_new  2017-12-03 10:06:29.354110893 +0100
@@ -1,4 +1,4 @@
-From 7c03750568cb9b67b763cd03f92ce45c567ca043 Mon Sep 17 00:00:00 2001
+From c62fb8fa766b6917839987b7e1323f0523166d32 Mon Sep 17 00:00:00 2001
 From: Aleksa Sarai 
 Date: Wed, 8 Mar 2017 11:43:29 +1100
 Subject: [PATCH 2/2] SUSE: implement SUSE container secrets
@@ -10,11 +10,12 @@
 SUSE-SPECIFIC, AND UPSTREAM DOES NOT APPROVE OF THIS CONCEPT BECAUSE IT
 MAKES BUILDS NOT ENTIRELY REPRODUCIBLE.
 
+SUSE-Bugs: bsc#1057743 bsc#1055676 bsc#1030702
 Signed-off-by: Aleksa Sarai 
 ---
  daemon/start.go|   5 +
- daemon/suse_secrets.go | 331 +
- 2 files changed, 336 insertions(+)
+ daemon/suse_secrets.go | 391 +
+ 2 files changed, 396 insertions(+)
  create mode 100644 daemon/suse_secrets.go
 
 diff --git a/daemon/start.go b/daemon/start.go
@@ -35,10 +36,10 @@
return err
 diff --git a/daemon/suse_secrets.go b/daemon/suse_secrets.go
 new file mode 100644
-index ..b6914adf09ce
+index ..9d0788f0410d
 --- /dev/null
 +++ b/daemon/suse_secrets.go
-@@ -0,0 +1,331 @@
+@@ -0,0 +1,391 @@
 +/*
 + * suse-secrets: patch for Docker to implement SUSE secrets
 + * Copyright (C) 2017 SUSE LLC.
@@ -66,6 +67,7 @@
 +  "io/ioutil"
 +  "os"
 +  "path/filepath"
++  "strings"
 +  "syscall"
 +
 +  "github.com/docker/docker/container"
@@ -322,17 +324,40 @@
 +  return secrets, nil
 +}
 +
++// To fake an empty store, in the case where we are operating on a container
++// that was created pre-swarmkit. Otherwise segfaults and other fun things
++// happen. See bsc#1057743.
++type (
++  suseEmptyStore  struct{}
++  suseEmptySecret struct{}
++  suseEmptyConfig struct{}
++)
++
 +// In order to reduce the amount of code touched outside of this file, we
 +// implement the swarm API for DependencyGetter. This asserts that this
-+// requirement will always be matched.
-+var _ swarmexec.DependencyGetter = {}
++// requirement will always be matched. In addition, for the case of the 
*empty*
++// getters this reduces memory usage by having a global instance.
++var (
++  _   swarmexec.DependencyGetter = {}
++  emptyStore  swarmexec.DependencyGetter = suseEmptyStore{}
++  emptySecret swarmexec.SecretGetter = suseEmptySecret{}
++  emptyConfig swarmexec.ConfigGetter = suseEmptyConfig{}
++)
++
++var errSuseEmptyStore = fmt.Errorf("SUSE:secrets :: tried to get a resource 
from empty store [this is a bug]")
++
++func (_ suseEmptyConfig) Get(_ string) (*swarmapi.Config, error) { return 
nil, errSuseEmptyStore }
++func (_ suseEmptySecret) Get(_ string) (*swarmapi.Secret, error) { return 
nil, errSuseEmptyStore }
++func (_ suseEmptyStore) Secrets() swarmexec.SecretGetter { return 
emptySecret }
++func (_ suseEmptyStore) Configs() swarmexec.ConfigGetter { return 
emptyConfig }
 +
 +type suseDependencyStore struct {
 +  dfl swarmexec.DependencyGetter
 +  secrets map[string]*swarmapi.Secret
 +}
 +
-+// The following are just dumb wrappers that return ourselves.
++// The following are effectively dumb wrappers that return ourselves, or the
++// default.
 +func (s *suseDependencyStore) Secrets() swarmexec.SecretGetter { return s }
 +func (s *suseDependencyStore) Configs() swarmexec.ConfigGetter { return 
s.dfl.Configs() }
 +
@@ -346,15 +371,39 @@
 +  // fallthrough
 +  return s.dfl.Secrets().Get(id)
 +  }
-+
 +  return secret, nil
 +}
 +
++// removeSuseSecrets 

commit docker for openSUSE:Factory

2017-11-30 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2017-11-30 12:41:35

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Thu Nov 30 12:41:35 2017 rev:64 rq:545292 version:17.07.0_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2017-11-10 
14:42:50.823646548 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2017-11-30 
12:41:40.326031831 +0100
@@ -1,0 +2,19 @@
+Thu Nov 23 13:48:08 UTC 2017 - rbr...@suse.com
+
+- Replace references to /var/adm/fillup-templates with new
+  %_fillupdir macro (boo#1069468)
+
+---
+Tue Nov 14 22:39:56 UTC 2017 - asa...@suse.com
+
+- Remove migration code for the v1.9.x -> v1.10.x migration. This has been
+  around for a while, and we no longer support migrating from such an old
+  version "nicely". Docker still has migration code that will run on
+  first-boot, we are merely removing all of the "nice" warnings which tell
+  users how to avoid issues during an upgrade that ocurred more than a year
+  ago.
+- Drop un-needed files:
+  - docker-plugin-message.txt
+  - docker-update-message.txt
+
+---
@@ -37 +56 @@
-- Update to Docker v17.07-ce. Upstream changelog:
+- Update to Docker v17.07-ce (bsc#1069758). Upstream changelog:

Old:

  docker-plugin-message.txt
  docker-update-message.txt



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.bJySsx/_old  2017-11-30 12:41:41.166001291 +0100
+++ /var/tmp/diff_new_pack.bJySsx/_new  2017-11-30 12:41:41.170001146 +0100
@@ -17,12 +17,14 @@
 # nodebuginfo
 
 
-%global docker_store  %{_localstatedir}/lib/docker
-%global docker_migration_testfile 
%{docker_store}/.suse-image-migration-v1to2-complete
-%global docker_migration_warnfile %{docker_store}/docker-update-message.txt
-%global docker_plugin_warnfile%{docker_store}/docker-plugin-message.txt
-%define docker_graph  %{docker_store}/graph
-%define __arch_install_post export NO_BRP_STRIP_DEBUG=true
+# Where important update information will be stored, such that an administrator
+# is guaranteed to see the relevant warning.
+%define update_messages 
%{_localstatedir}/adm/update-messages/%{name}-%{version}-%{release}
+
+#Compat macro for new _fillupdir macro introduced in Nov 2017
+%if ! %{defined _fillupdir}
+  %define _fillupdir /var/adm/fillup-templates
+%endif
 
 # Used when generating the "build" information for Docker version. The value of
 # git_commit_epoch is unused here (we use SOURCE_DATE_EPOCH, which rpm
@@ -32,12 +34,6 @@
 %define git_version 87847530f717
 %define git_commit_epoch 1508266293
 
-# When upgrading to a new version requires the service not to be restarted
-# Due to a long migration process update last_migration_version to the new 
version
-# that will first perform the migration, last time this was needed was version
-# 1.10.1
-%global last_migration_version 1.10.1
-
 Name:   docker
 Version:17.07.0_ce
 Release:0
@@ -54,8 +50,6 @@
 Source7:README_SUSE.md
 Source8:docker-audit.rules
 Source9:tests.sh
-Source50:   docker-update-message.txt
-Source51:   docker-plugin-message.txt
 # SUSE-FEATURE: Adds the /run/secrets mountpoint inside all Docker containers
 # which is not snapshotted when images are committed. Note that if you modify
 # this patch, please also modify the patch in the suse-secrets-v
@@ -124,8 +118,6 @@
 Requires(post): %fillup_prereq
 Requires(post): udev
 Requires(post): shadow
-# Not necessary, but must be installed to have a smooth upgrade.
-Recommends: docker-image-migrator
 # Not necessary, but must be installed when the underlying system is
 # configured to use lvm and the user doesn't explicitly provide a
 # different storage-driver than devicemapper
@@ -342,7 +334,7 @@
 install -d %{buildroot}%{_bindir}
 install -D -m755 components/cli/build/docker %{buildroot}/%{_bindir}/docker
 install -D -m755 components/engine/bundles/latest/dynbinary-daemon/dockerd 
%{buildroot}/%{_bindir}/dockerd
-install -d %{buildroot}/%{_prefix}/lib/docker
+install -d %{buildroot}/%{_localstatedir}/lib/docker
 install -Dd -m 0755 \
%{buildroot}%{_sysconfdir}/init.d \
%{buildroot}%{_sbindir}
@@ -370,7 +362,7 @@
 install -D -m 0640 %{SOURCE8} 
%{buildroot}%{_sysconfdir}/audit/rules.d/%{name}.rules
 
 # sysconfig file
-install -D -m 644 %{SOURCE4} 
%{buildroot}%{_localstatedir}/adm/fillup-templates/sysconfig.docker
+install -D -m 644 %{SOURCE4} %{buildroot}%{_fillupdir}/sysconfig.docker
 
 # install manpages 

commit docker for openSUSE:Factory

2017-11-10 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2017-11-10 14:42:49

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Fri Nov 10 14:42:49 2017 rev:63 rq:540195 version:17.07.0_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2017-10-25 
17:45:19.361606531 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2017-11-10 
14:42:50.823646548 +0100
@@ -1,0 +2,17 @@
+Tue Nov  7 16:47:01 UTC 2017 - asa...@suse.com
+
+- Add a backport of https://github.com/moby/moby/pull/35424, which fixes a
+  security issue where a maliciously crafted image could be used to crash a
+  Docker daemon. bsc#1066210 CVE-2017-14992
+  + bsc1066210-0001-vendor-update-to-github.com-vbatts-tar-split-v0.10.2.patch
+
+---
+Tue Nov  7 09:00:31 UTC 2017 - asa...@suse.com
+
+- Add a backport of https://github.com/moby/moby/pull/35399, which fixes a
+  security issue where a Docker container (with a disabled AppArmor profile)
+  could write to /proc/scsi/... and subsequently DoS the host. bsc#1066801
+  CVE-2017-16539
+  + bsc1066801-0001-oci-add-proc-scsi-to-masked-paths.patch
+
+---
@@ -32,0 +50,17 @@
+
+---
+Mon Oct  2 08:12:17 UTC 2017 - vrothb...@suse.com
+
+- Fix bsc#1059011
+
+  The systemd service helper script used a timeout of 60 seconds to
+  start the daemon, which is insufficient in cases where the daemon
+  takes longer to start. Instead, set the service type from 'simple' to
+  'notify' and remove the now superfluous helper script.
+
+---
+Wed Sep 27 15:04:19 UTC 2017 - jmassaguer...@suse.com
+
+- fix bsc#1057743: Add a Requires: fix_bsc_1057743 which is provided by the
+  newer version of docker-libnetwork. This is necessary because of a versioning
+  bug we found in bsc#1057743.

New:

  bsc1066210-0001-vendor-update-to-github.com-vbatts-tar-split-v0.10.2.patch
  bsc1066801-0001-oci-add-proc-scsi-to-masked-paths.patch



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.DiGkc2/_old  2017-11-10 14:42:51.927606642 +0100
+++ /var/tmp/diff_new_pack.DiGkc2/_new  2017-11-10 14:42:51.931606496 +0100
@@ -68,6 +68,10 @@
 Patch402:   
bsc1045628-0001-devicemapper-remove-container-rootfs-mountPath-after.patch
 # SUSE-BACKPORT: Backport of https://github.com/moby/moby/pull/34176. 
boo#1064781
 Patch403:   bsc1064781-0001-Allow-to-override-build-date.patch
+# SUSE-BACKPORT: Backport of https://github.com/moby/moby/pull/35399. 
boo#1066801 CVE-2017-16539
+Patch404:   bsc1066801-0001-oci-add-proc-scsi-to-masked-paths.patch
+# SUSE-BACKPORT: Backport of https://github.com/moby/moby/pull/35424. 
boo#1066210 CVE-2017-14992
+Patch405:   
bsc1066210-0001-vendor-update-to-github.com-vbatts-tar-split-v0.10.2.patch
 BuildRequires:  audit
 BuildRequires:  bash-completion
 BuildRequires:  ca-certificates
@@ -98,7 +102,11 @@
 Requires:   apparmor-parser
 Requires:   bridge-utils
 Requires:   ca-certificates-mozilla
+# Required in order for networking to work. fix_bsc_1057743 is a work-around
+# for some old packaging issues (where rpm would delete a binary that was
+# installed by docker-libnetwork). See bsc#1057743 for more details.
 Requires:   docker-libnetwork = 0.7.0+gitr2322_4a242dba7739
+Requires:   fix_bsc_1057743
 # Containerd and runC are required as they are the only currently supported
 # execdrivers of Docker. NOTE: The version pinning here matches upstream's
 # vendor.conf to ensure that we don't use a slightly incompatible version of
@@ -191,6 +199,10 @@
 %patch402 -p1 -d components/engine
 # boo#1064781
 %patch403 -p1 -d components/engine
+# boo#1066801 CVE-2017-16539
+%patch404 -p1 -d components/engine
+# boo#1066210 CVE-2017-14992
+%patch405 -p1 -d components/engine
 
 cp %{SOURCE7} .
 cp %{SOURCE9} .
@@ -435,7 +447,6 @@
 %{_bindir}/docker
 %{_bindir}/dockerd
 %{_sbindir}/rcdocker
-%{_libexecdir}/docker/
 %{_unitdir}/%{name}.service
 %config %{_sysconfdir}/audit/rules.d/%{name}.rules
 %{_udevrulesdir}/80-%{name}.rules

++ 
bsc1066210-0001-vendor-update-to-github.com-vbatts-tar-split-v0.10.2.patch 
++
>From b5cf56bc7f734ed8bfad4119fb817261e541a609 Mon Sep 17 00:00:00 2001
From: Aleksa Sarai 
Date: Wed, 8 Nov 2017 02:50:52 +1100
Subject: [PATCH] vendor: update to github.com/vbatts/tar-split@v0.10.2

Update to the latest version of tar-split, which includes a change to
fix a memory exhaustion 

commit docker for openSUSE:Factory

2017-10-25 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2017-10-25 17:45:18

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Wed Oct 25 17:45:18 2017 rev:62 rq:536271 version:17.07.0_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2017-10-20 
14:40:04.748497368 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2017-10-25 
17:45:19.361606531 +0200
@@ -1,0 +2,8 @@
+Tue Oct 24 06:50:29 UTC 2017 - asa...@suse.com
+
+- Correctly set `docker version` information, including the version, git
+  commit, and SOURCE_DATE_EPOCH (requires a backport). This should
+  *effectively* make Docker builds reproducible, with minimal cost. boo#1064781
+  + bsc1064781-0001-Allow-to-override-build-date.patch
+
+---

New:

  bsc1064781-0001-Allow-to-override-build-date.patch



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.aPqhYA/_old  2017-10-25 17:45:20.389558285 +0200
+++ /var/tmp/diff_new_pack.aPqhYA/_new  2017-10-25 17:45:20.393558098 +0200
@@ -22,14 +22,22 @@
 %global docker_migration_warnfile %{docker_store}/docker-update-message.txt
 %global docker_plugin_warnfile%{docker_store}/docker-plugin-message.txt
 %define docker_graph  %{docker_store}/graph
-%define git_version 78d1802
-%define version_unconverted 17.07.0_ce
 %define __arch_install_post export NO_BRP_STRIP_DEBUG=true
+
+# Used when generating the "build" information for Docker version. The value of
+# git_commit_epoch is unused here (we use SOURCE_DATE_EPOCH, which rpm
+# helpfully injects into our build environment from the changelog). If you want
+# to generate a new git_commit_epoch, use this:
+#  $ date --date="$(git show --format=fuller --date=iso $COMMIT_ID | grep -oP 
'(?<=^CommitDate: ).*')" '+%s'
+%define git_version 87847530f717
+%define git_commit_epoch 1508266293
+
 # When upgrading to a new version requires the service not to be restarted
 # Due to a long migration process update last_migration_version to the new 
version
 # that will first perform the migration, last time this was needed was version
 # 1.10.1
 %global last_migration_version 1.10.1
+
 Name:   docker
 Version:17.07.0_ce
 Release:0
@@ -58,6 +66,8 @@
 Patch401:   
bsc1055676-0001-daemon-oci-obey-CL_UNPRIVILEGED-for-user-namespaced-.patch
 # SUSE-BACKPORT: Backport of https://github.com/moby/moby/pull/34573. 
bsc#1045628
 Patch402:   
bsc1045628-0001-devicemapper-remove-container-rootfs-mountPath-after.patch
+# SUSE-BACKPORT: Backport of https://github.com/moby/moby/pull/34176. 
boo#1064781
+Patch403:   bsc1064781-0001-Allow-to-override-build-date.patch
 BuildRequires:  audit
 BuildRequires:  bash-completion
 BuildRequires:  ca-certificates
@@ -179,6 +189,8 @@
 %patch401 -p1 -d components/engine
 # bsc#1045628
 %patch402 -p1 -d components/engine
+# boo#1064781
+%patch403 -p1 -d components/engine
 
 cp %{SOURCE7} .
 cp %{SOURCE9} .
@@ -197,12 +209,19 @@
 (cat  docker_build_env
 . ./docker_build_env
@@ -301,10 +320,10 @@
| grep -v 'github.com/docker/cli/vendor' \
| grep -v 'github.com/docker/cli/cli/command/idresolver' \
| grep -v 'github.com/docker/cli/cli/command/image' \
-   | grep -v 'github.com/docker/cli/cli/image'
+   | grep -v 'github.com/docker/cli/cli/image' \
)
 
-go test -buildmode=pie -ldflags -w -tags daemon -a -test.timeout=10m $PKG_LIST
+go test -buildmode=pie -cover -ldflags -w -tags daemon -a -test.timeout=10m 
$PKG_LIST
 
 %install
 install -d %{buildroot}%{go_contribdir}

++ bsc1064781-0001-Allow-to-override-build-date.patch ++
>From 760763e9957840f1983a5006f4e66d6920ec496e Mon Sep 17 00:00:00 2001
From: "Bernhard M. Wiedemann" 
Date: Wed, 19 Jul 2017 06:17:19 +0200
Subject: [PATCH] Allow to override build date

in order to make builds reproducible.
See https://reproducible-builds.org/ for why this is good
and https://reproducible-builds.org/specs/source-date-epoch/
for the definition of this variable.

SUSE-Bugfix: https://bugzilla.suse.com/show_bug.cgi?id=1064781
Signed-off-by: Bernhard M. Wiedemann 
Signed-off-by: Aleksa Sarai 
---
 hack/make.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hack/make.sh b/hack/make.sh
index b7d59ba94a00..7d18d649b540 100755
--- a/hack/make.sh
+++ b/hack/make.sh
@@ -68,7 +68,7 @@ DEFAULT_BUNDLES=(
 )

 VERSION=$(< ./VERSION)
-! BUILDTIME=$(date --rfc-3339 ns 2> /dev/null | sed 

commit docker for openSUSE:Factory

2017-10-20 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2017-10-20 14:39:56

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Fri Oct 20 14:39:56 2017 rev:61 rq:535075 version:17.07.0_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2017-09-21 
12:31:57.607624901 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2017-10-20 
14:40:04.748497368 +0200
@@ -1,0 +2,25 @@
+Mon Oct 16 11:06:22 UTC 2017 - asa...@suse.com
+
+- Add backport of https://github.com/moby/moby/pull/35205. This used to be
+  fixed in docker-runc, but we're moving it here after upstream discussion.
+  bsc#1055676
+  + bsc1055676-0001-daemon-oci-obey-CL_UNPRIVILEGED-for-user-namespaced-.patch
+
+---
+Mon Oct  9 11:36:59 UTC 2017 - asa...@suse.com
+
+- Update to Docker v17.07-ce. Upstream changelog:
+  https://github.com/docker/docker-ce/releases/tag/v17.06.0-ce
+  https://github.com/docker/docker-ce/releases/tag/v17.07.0-ce
+- Removed no-longer needed patches.
+  - bsc1037436-0001-client-check-tty-before-creating-exec-job.patch
+  - bsc1037607-0001-apparmor-make-pkg-aaparser-work-on-read-only-root.patch
+  - integration-cli-fix-TestInfoEnsureSucceeds.patch
+- Added backport of https://github.com/moby/moby/pull/34573. bsc#1045628
+  + bsc1045628-0001-devicemapper-remove-container-rootfs-mountPath-after.patch
+- Rewrite secrets patches to correctly handle directories in a way that doesn't
+  cause errors when starting new containers.
+  * secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
+  * secrets-0002-SUSE-implement-SUSE-container-secrets.patch
+
+---

Old:

  bsc1037436-0001-client-check-tty-before-creating-exec-job.patch
  bsc1037607-0001-apparmor-make-pkg-aaparser-work-on-read-only-root.patch
  docker-17.04.0_ce.tar.xz
  docker_service_helper.sh
  integration-cli-fix-TestInfoEnsureSucceeds.patch

New:

  bsc1055676-0001-daemon-oci-obey-CL_UNPRIVILEGED-for-user-namespaced-.patch
  docker-17.07.0_ce.tar.xz
  docker-plugin-message.txt



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.c6pbTF/_old  2017-10-20 14:40:11.412185548 +0200
+++ /var/tmp/diff_new_pack.c6pbTF/_new  2017-10-20 14:40:11.416185361 +0200
@@ -20,9 +20,10 @@
 %global docker_store  %{_localstatedir}/lib/docker
 %global docker_migration_testfile 
%{docker_store}/.suse-image-migration-v1to2-complete
 %global docker_migration_warnfile %{docker_store}/docker-update-message.txt
+%global docker_plugin_warnfile%{docker_store}/docker-plugin-message.txt
 %define docker_graph  %{docker_store}/graph
 %define git_version 78d1802
-%define version_unconverted 17.04.0_ce
+%define version_unconverted 17.07.0_ce
 %define __arch_install_post export NO_BRP_STRIP_DEBUG=true
 # When upgrading to a new version requires the service not to be restarted
 # Due to a long migration process update last_migration_version to the new 
version
@@ -30,12 +31,13 @@
 # 1.10.1
 %global last_migration_version 1.10.1
 Name:   docker
-Version:17.04.0_ce
+Version:17.07.0_ce
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0
 Group:  System/Management
 Url:http://www.docker.io
+# TODO(VR): check those SOURCE files below
 Source: %{name}-%{version}.tar.xz
 Source1:docker.service
 Source3:80-docker.rules
@@ -43,22 +45,18 @@
 Source6:docker-rpmlintrc
 Source7:README_SUSE.md
 Source8:docker-audit.rules
-Source9:docker-update-message.txt
-Source10:   tests.sh
-Source11:   docker_service_helper.sh
+Source9:tests.sh
+Source50:   docker-update-message.txt
+Source51:   docker-plugin-message.txt
 # SUSE-FEATURE: Adds the /run/secrets mountpoint inside all Docker containers
 # which is not snapshotted when images are committed. Note that if you modify
 # this patch, please also modify the patch in the suse-secrets-v
 # branch in http://github.com/suse/docker.mirror.
 Patch200:   
secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
 Patch201:   secrets-0002-SUSE-implement-SUSE-container-secrets.patch
-# PATCH-FIX-UPSTREAM: Backports.
-Patch300:   integration-cli-fix-TestInfoEnsureSucceeds.patch
-# PATCH-FIX-UPSTREAM: Backport of https://github.com/docker/cli/pull/52 
(bsc#1037436).
-Patch400:   bsc1037436-0001-client-check-tty-before-creating-exec-job.patch
-# PATCH-FIX-UPSTREAM: Backport of 

commit docker for openSUSE:Factory

2017-09-21 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2017-09-21 12:31:53

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Thu Sep 21 12:31:53 2017 rev:60 rq:526985 version:17.04.0_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2017-09-07 
22:12:01.872978684 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2017-09-21 
12:31:57.607624901 +0200
@@ -1,0 +2,6 @@
+Fri Sep 15 15:32:49 UTC 2017 - jmassaguer...@suse.com
+
+- fix /var/adm/update-message/docker file name to be
+  /var/adm/update-message/docker-%{version}-%{release} 
+
+---



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.tZcmDC/_old  2017-09-21 12:31:58.663476313 +0200
+++ /var/tmp/diff_new_pack.tZcmDC/_new  2017-09-21 12:31:58.667475751 +0200
@@ -365,7 +365,7 @@
 
 %post
 if [  -e %{docker_migration_testfile} ]; then
-cp %{docker_migration_warnfile} /var/adm/update-messages/docker
+cp %{docker_migration_warnfile} 
/var/adm/update-messages/docker-%{version}-%{release}
 else
 if [ -e %{docker_migration_warnfile} ]; then
 rm %{docker_migration_warnfile}




commit docker for openSUSE:Factory

2017-09-07 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2017-09-07 22:11:56

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Thu Sep  7 22:11:56 2017 rev:59 rq:521899 version:17.04.0_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2017-08-17 
11:44:05.589963477 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2017-09-07 
22:12:01.872978684 +0200
@@ -1,0 +2,20 @@
+Wed Sep  6 11:42:31 UTC 2017 - asa...@suse.com
+
+- devicemapper: add patch to make the dm storage driver remove a container's
+  rootfs mountpoint before attempting to do libdm operations on it. This helps
+  avoid complications when live mounts will leak into containers. Backport of
+  https://github.com/moby/moby/pull/34573. bsc#1045628
+  + bsc1045628-0001-devicemapper-remove-container-rootfs-mountPath-after.patch
+
+---
+Wed Aug 30 14:58:52 UTC 2017 - asa...@suse.com
+
+- Fix a regression in our SUSE secrets patches, which caused the copied files
+  to not carry the correct {uid,gid} mapping when using user namespaces. This
+  would not cause any bugs (SUSEConnect does the right thing anyway) but it's
+  possible some programs would not treat the files correctly. This is
+  tangentially related to bsc#1055676.
+  * secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
+  * secrets-0002-SUSE-implement-SUSE-container-secrets.patch
+
+---

New:

  bsc1045628-0001-devicemapper-remove-container-rootfs-mountPath-after.patch



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.4KXeCw/_old  2017-09-07 22:12:03.100805638 +0200
+++ /var/tmp/diff_new_pack.4KXeCw/_new  2017-09-07 22:12:03.104805074 +0200
@@ -58,6 +58,8 @@
 Patch400:   bsc1037436-0001-client-check-tty-before-creating-exec-job.patch
 # PATCH-FIX-UPSTREAM: Backport of https://github.com/moby/moby/pull/33250 
(bsc#1037607).
 Patch401:   
bsc1037607-0001-apparmor-make-pkg-aaparser-work-on-read-only-root.patch
+# PATCH-FIX-UPSTREAM: Backport of https://github.com/moby/moby/pull/34573 
(bsc#1045628)
+Patch402:   
bsc1045628-0001-devicemapper-remove-container-rootfs-mountPath-after.patch
 BuildRequires:  audit
 BuildRequires:  bash-completion
 BuildRequires:  ca-certificates
@@ -176,8 +178,12 @@
 %patch201 -p1
 %endif
 %patch300 -p1
+# bsc#1037436
 %patch400 -p1
+# bsc#1037607
 %patch401 -p1
+# bsc#1045628
+%patch402 -p1
 cp %{SOURCE7} .
 cp %{SOURCE10} .
 

++ 
bsc1045628-0001-devicemapper-remove-container-rootfs-mountPath-after.patch 
++
>From be9eaee9e25e6b389fcfacd8829bc1235269527b Mon Sep 17 00:00:00 2001
From: Aleksa Sarai 
Date: Sun, 20 Aug 2017 13:50:52 +1000
Subject: [PATCH] devicemapper: remove container rootfs mountPath after umount

libdm currently has a fairly substantial DoS bug that makes certain
operations fail on a libdm device if the device has active references
through mountpoints. This is a significant problem with the advent of
mount namespaces and MS_PRIVATE, and can cause certain --volume mounts
to cause libdm to no longer be able to remove containers:

  % docker run -d --name testA busybox top
  % docker run -d --name testB -v /var/lib/docker:/docker busybox top
  % docker rm -f testA
  [fails on libdm with dm_task_run errors.]

This also solves the problem of unprivileged users being able to DoS
docker by using unprivileged mount namespaces to preseve mounts that
Docker has dropped.

SUSE-Bug: https://bugzilla.suse.com/show_bug.cgi?id=1045628
SUSE-Backport: https://github.com/moby/moby/pull/34573
Signed-off-by: Aleksa Sarai 
---
 daemon/graphdriver/devmapper/deviceset.go | 12 
 daemon/graphdriver/devmapper/driver.go|  4 +++-
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/daemon/graphdriver/devmapper/deviceset.go 
b/daemon/graphdriver/devmapper/deviceset.go
index ba845d4d01d4..fe8103683b9b 100644
--- a/daemon/graphdriver/devmapper/deviceset.go
+++ b/daemon/graphdriver/devmapper/deviceset.go
@@ -2402,6 +2402,18 @@ func (devices *DeviceSet) UnmountDevice(hash, mountPath 
string) error {
}
logrus.Debug("devmapper: Unmount done")
 
+   // Remove the mountpoint here. Removing the mountpoint (in newer 
kernels)
+   // will cause all other instances of this mount in other mount 
namespaces
+   // to be killed (this is an anti-DoS measure that is necessary for 
things
+   // like devicemapper). This is necessary to avoid cases where a libdm 
mount
+   // that is present in another namespace 

commit docker for openSUSE:Factory

2017-08-17 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2017-08-17 11:44:02

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Thu Aug 17 11:44:02 2017 rev:58 rq:516137 version:17.04.0_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2017-07-30 
11:26:35.980001604 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2017-08-17 
11:44:05.589963477 +0200
@@ -1,0 +2,5 @@
+Wed Aug  2 13:37:16 UTC 2017 - asa...@suse.com
+
+- Use -buildmode=pie for tests and binary build. bsc#1048046 bsc#1051429
+
+---



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.tryGVA/_old  2017-08-17 11:44:07.085752366 +0200
+++ /var/tmp/diff_new_pack.tryGVA/_new  2017-08-17 11:44:07.089751801 +0200
@@ -200,6 +200,8 @@
 # Until boo#1038493 is fixed properly we need to do this hack to get the
 # compiled-into-the-binary GOROOT.
 export GOROOT="$(GOROOT= go env GOROOT)"
+# Make sure we always build PIC code. bsc#1048046
+export BUILDFLAGS="-buildmode=pie"
 EOF
 ) > docker_build_env
 . ./docker_build_env
@@ -209,6 +211,7 @@
 
 # build the tests binary
 GOPATH=$(pwd)/vendor:$(pwd)/.gopath/ go test \
+   -buildmode=pie \
 -tags "$DOCKER_BUILDTAGS daemon autogen" \
 -c github.com/docker/docker/integration-cli -o tests.main
 
@@ -265,14 +268,13 @@
| grep -v 'github.com/docker/docker/cmd/dockerd$' \
| grep -v 'github.com/docker/docker/builder/dockerfile/parser$' 
\
| grep -v 'github.com/docker/docker/man$' \
-%if 0%{?with_libseccomp}
-   | grep -v 'github.com/docker/docker/pkg/integration$')
-%else
| grep -v 'github.com/docker/docker/pkg/integration$' \
-   | grep -v 'github.com/docker/docker/profiles/seccomp$')
+%if ! 0%{?with_libseccomp}
+   | grep -v 'github.com/docker/docker/profiles/seccomp$' \
 %endif
+   )
 
-go test -cover -ldflags -w -tags "$DOCKER_BUILDTAGS" -a -test.timeout=10m 
$PKG_LIST
+go test -buildmode=pie -cover -ldflags -w -tags "$DOCKER_BUILDTAGS" -a 
-test.timeout=10m $PKG_LIST
 
 %install
 install -d %{buildroot}%{go_contribdir}




commit docker for openSUSE:Factory

2017-07-30 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2017-07-30 11:26:14

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Sun Jul 30 11:26:14 2017 rev:57 rq:512811 version:17.04.0_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2017-06-21 
13:52:10.841780602 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2017-07-30 
11:26:35.980001604 +0200
@@ -1,0 +2,29 @@
+Wed Jul 19 18:12:26 UTC 2017 - jmassaguer...@suse.com
+
+- enable deferred removal for sle12sp2 and newer (and openSUSE
+  equivalent. fix bsc#1021227
+
+---
+Wed Jul 19 17:17:04 UTC 2017 - jmassaguer...@suse.com
+
+- enable libseccomp on sle12sp2 and newer, 42.2 and newer
+  fix bsc#1028638 - docker: conditional filtering not supported on
+  libseccomp for sle12
+
+---
+Tue Jul 11 10:50:12 UTC 2017 - jmassaguer...@suse.com
+
+- add SuSEfirewall2.service to the After clause in docker.service
+  in order to fix bsc#1046024 
+
+---
+Fri Jul  7 14:53:59 UTC 2017 - th...@suse.de
+
+- fix path to docker-runc in systemd service file 
+
+---
+Thu Jul  6 14:18:29 UTC 2017 - th...@suse.de
+
+- change dependency to docker-runc
+
+---



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.cfiPLB/_old  2017-07-30 11:26:37.059849231 +0200
+++ /var/tmp/diff_new_pack.cfiPLB/_new  2017-07-30 11:26:37.067848102 +0200
@@ -65,9 +65,16 @@
 BuildRequires:  glibc-devel-static
 BuildRequires:  libapparmor-devel
 BuildRequires:  libbtrfs-devel >= 3.8
-# If not leap 42.1 (120100), not sle12sp1 (120100) and not sle12 (1315)
-# enable libseccomp
-%if 0%{?sle_version} != 120100 && 0%{?suse_version} != 1315
+# enable libseccomp for sle >= sle12sp2
+%if 0%{?sle_version} >= 120200
+%define with_libseccomp 1
+%endif
+# enable libseccomp for leap >= 42.2
+%if 0%{?leap_version} >= 420200
+%define with_libseccomp 1
+%endif
+# enable libseccomp for Factory
+%if 0%{?suse_version} > 1320
 %define with_libseccomp 1
 %endif
 %if 0%{?with_libseccomp}
@@ -87,7 +94,7 @@
 # Dockerfile to ensure that we don't use a slightly incompatible version of
 # runC or containerd (which would be bad).
 Requires:   containerd = 0.2.5+gitr639_422e31c
-Requires:   runc = 0.1.1+gitr2947_9c2d8d1
+Requires:   docker-runc = 0.1.1+gitr2947_9c2d8d1
 # Provides mkfs.ext4 - used by Docker when devicemapper storage driver is used
 Requires:   e2fsprogs
 Requires:   git-core >= 1.7
@@ -180,11 +187,9 @@
 %if 0%{?with_libseccomp}
 BUILDTAGS="seccomp $BUILDTAGS"
 %endif
-# Note that these commands do not allow %%elseif.
-# For versions equal to or below SLE12 && openSUSE_13.2 libdevmapper.h is not
-# recent enough to define dm_task_deferred_remove(). (This is not true of
-# SLE12_SP1 but we cannot distinguish it with this macro.)
-%if 0%{?suse_version} <= 1320
+# For SLE12 libdevmapper.h is not recent enough to define
+# dm_task_deferred_remove().
+%if 0%{?sle_version} == 12
BUILDTAGS="libdm_no_deferred_remove $BUILDTAGS"
 %endif
 

++ docker.service ++
--- /var/tmp/diff_new_pack.cfiPLB/_old  2017-07-30 11:26:37.223826092 +0200
+++ /var/tmp/diff_new_pack.cfiPLB/_new  2017-07-30 11:26:37.223826092 +0200
@@ -1,7 +1,7 @@
 [Unit]
 Description=Docker Application Container Engine
 Documentation=http://docs.docker.com
-After=network.target containerd.socket containerd.service lvm2-monitor.service
+After=network.target containerd.socket containerd.service lvm2-monitor.service 
SuSEfirewall2.service
 Requires=containerd.socket containerd.service
 
 [Service]
@@ -11,7 +11,7 @@
 # enabled by default because enabling socket activation means that on boot your
 # containers won't start until someone tries to administer the Docker daemon.
 Type=simple
-ExecStart=/usr/bin/dockerd --containerd /run/containerd/containerd.sock 
--add-runtime oci=/usr/bin/docker-runc $DOCKER_NETWORK_OPTIONS $DOCKER_OPTS
+ExecStart=/usr/bin/dockerd --containerd /run/containerd/containerd.sock 
--add-runtime oci=/usr/sbin/docker-runc $DOCKER_NETWORK_OPTIONS $DOCKER_OPTS
 ExecStartPost=/usr/lib/docker/docker_service_helper.sh wait
 ExecReload=/bin/kill -s HUP $MAINPID
 




commit docker for openSUSE:Factory

2017-06-21 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2017-06-21 13:52:10

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Wed Jun 21 13:52:10 2017 rev:56 rq:504651 version:17.04.0_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2017-06-02 
10:33:09.737346585 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2017-06-21 
13:52:10.841780602 +0200
@@ -1,0 +2,8 @@
+Mon Jun 19 10:54:36 UTC 2017 - jmassaguer...@suse.com
+
+- Fix bsc#1029630: docker does not wait for lvm on system startup
+
+I added "lvm2-monitor.service" as an "After dependency" of the docker systemd
+unit.
+
+---



Other differences:
--
++ docker.service ++
--- /var/tmp/diff_new_pack.2v68kW/_old  2017-06-21 13:52:12.069607405 +0200
+++ /var/tmp/diff_new_pack.2v68kW/_new  2017-06-21 13:52:12.069607405 +0200
@@ -1,7 +1,7 @@
 [Unit]
 Description=Docker Application Container Engine
 Documentation=http://docs.docker.com
-After=network.target containerd.socket containerd.service
+After=network.target containerd.socket containerd.service lvm2-monitor.service
 Requires=containerd.socket containerd.service
 
 [Service]




commit docker for openSUSE:Factory

2017-06-02 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2017-06-02 10:32:08

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Fri Jun  2 10:32:08 2017 rev:55 rq:499667 version:17.04.0_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2017-05-23 
10:18:59.332239279 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2017-06-02 
10:33:09.737346585 +0200
@@ -1,0 +2,12 @@
+Tue May 30 11:29:45 UTC 2017 - jmassaguer...@suse.com
+
+- Fix bsc#1032287: missing docker systemd configuration 
+
+---
+Mon May 29 11:08:44 UTC 2017 - asa...@suse.com
+
+- Update SUSE secrets patch to correctly handle restarting of containers.
+  + secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
+  + secrets-0002-SUSE-implement-SUSE-container-secrets.patch
+
+---
@@ -6,0 +19,8 @@
+
+---
+Thu May 11 07:36:32 UTC 2017 - tchva...@suse.com
+
+- Fix bsc#1038476 warning about non-executable docker
+  * Simply verify we have binary prior using it, might happen if
+someone had docker installed and then did remove it and install
+from scratch again



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.SBHAni/_old  2017-06-02 10:33:10.533234129 +0200
+++ /var/tmp/diff_new_pack.SBHAni/_new  2017-06-02 10:33:10.537233564 +0200
@@ -335,7 +335,7 @@
 #will stick around if it has been migrated -- which is why we need the
 #MIGRATION_TESTFILE check).
 # 4. Check that there are images in the graph/ directory.
-if [[ -d "%{docker_store}" && -n "$(find "%{docker_graph}" -maxdepth 1 -type d 
2>/dev/null | grep -Ev '_tmp|^%{docker_graph}$')" ]]; then
+if [[ -x %{_bindir}/docker && -d "%{docker_store}" && -n "$(find 
"%{docker_graph}" -maxdepth 1 -type d 2>/dev/null | grep -Ev 
'_tmp|^%{docker_graph}$')" ]]; then
 # Check if currently installed version of docker is old enough to need 
migration.
 CURRENT_DOCKER_VERSION=$(docker -v | sed 
's/^.*[^0-9]\([0-9]*\.[0-9]*\.[0-9]*\).*$/\1/')
 # This variable will contain the current docker version if migration is 
needed otherwise it will contain the upgrade point.

++ docker.service ++
--- /var/tmp/diff_new_pack.SBHAni/_old  2017-06-02 10:33:10.669214916 +0200
+++ /var/tmp/diff_new_pack.SBHAni/_new  2017-06-02 10:33:10.669214916 +0200
@@ -1,8 +1,8 @@
 [Unit]
 Description=Docker Application Container Engine
 Documentation=http://docs.docker.com
-After=network.target containerd.socket
-Requires=containerd.socket
+After=network.target containerd.socket containerd.service
+Requires=containerd.socket containerd.service
 
 [Service]
 EnvironmentFile=/etc/sysconfig/docker

++ secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch ++
--- /var/tmp/diff_new_pack.SBHAni/_old  2017-06-02 10:33:10.701210395 +0200
+++ /var/tmp/diff_new_pack.SBHAni/_new  2017-06-02 10:33:10.701210395 +0200
@@ -1,4 +1,4 @@
-From 36b539ca64d8c47681d5f15689db03751962d496 Mon Sep 17 00:00:00 2001
+From 4de0a0a9689c4063d369d54ecc16952241c7f241 Mon Sep 17 00:00:00 2001
 From: Aleksa Sarai 
 Date: Wed, 8 Mar 2017 12:41:54 +1100
 Subject: [PATCH 1/2] daemon: allow directory creation in /run/secrets
@@ -8,16 +8,17 @@
 useful for creating directories and subdirectories of secrets.
 
 Backport: https://github.com/docker/docker/pull/31632
+Signed-off-by: Antonio Murdaca 
 Signed-off-by: Aleksa Sarai 
 ---
- daemon/container_operations_unix.go | 15 ---
- 1 file changed, 8 insertions(+), 7 deletions(-)
+ daemon/container_operations_unix.go | 18 +-
+ 1 file changed, 9 insertions(+), 9 deletions(-)
 
 diff --git a/daemon/container_operations_unix.go 
b/daemon/container_operations_unix.go
-index 2296045765d4..bb08d3c4a207 100644
+index 67b3ee38c0ab..a538ba4e73e8 100644
 --- a/daemon/container_operations_unix.go
 +++ b/daemon/container_operations_unix.go
-@@ -177,11 +177,6 @@ func (daemon *Daemon) setupSecretDir(c 
*container.Container) (setupErr error) {
+@@ -178,11 +178,6 @@ func (daemon *Daemon) setupSecretDir(c 
*container.Container) (setupErr error) {
}
  
targetPath := filepath.Clean(s.File.Name)
@@ -29,23 +30,33 @@
fPath := filepath.Join(localMountPath, targetPath)
if err := idtools.MkdirAllAs(filepath.Dir(fPath), 0700, 
rootUID, rootGID); err != nil {
return errors.Wrap(err, "error creating secret mount 
path")

commit docker for openSUSE:Factory

2017-05-23 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2017-05-23 10:18:53

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Tue May 23 10:18:53 2017 rev:54 rq:495655 version:17.04.0_ce

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2017-04-17 
10:26:35.327855973 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2017-05-23 
10:18:59.332239279 +0200
@@ -1,0 +2,63 @@
+Wed May 17 14:41:29 UTC 2017 - asa...@suse.com
+
+- Fix bsc#1037607 which was causing read-only issues on Kubic, this is a
+  backport of https://github.com/moby/moby/pull/33250.
+  + bsc1037607-0001-apparmor-make-pkg-aaparser-work-on-read-only-root.patch
+
+---
+Wed May 10 13:54:44 UTC 2017 - asa...@suse.com
+
+- Add a partial fix for boo#1038493.
+- Fixed bsc#1037436 where execids were being leaked due to bad error handling.
+  This is a backport of https://github.com/docker/cli/pull/52.
+   + bsc1037436-0001-client-check-tty-before-creating-exec-job.patch
+
+---
+Thu May  4 19:03:40 UTC 2017 - jmassaguer...@suse.com
+
+- Fix golang requirements in the subpackages
+
+---
+Mon May  1 07:57:35 UTC 2017 - fcaste...@suse.com
+
+- Update golang build requirements to use golang(API) symbol: this is
+  needed to solve a conflict between multiple versions of Go being available
+
+---
+Tue Apr 18 15:38:11 UTC 2017 - jmassaguer...@suse.com
+
+- Fix secrets-0002-SUSE-implement-SUSE-container-secrets.patch:
+  substitute docker/distribution/digest by opencontainers/digest
+
+---
+Thu Apr 13 14:34:35 UTC 2017 - jmassaguer...@suse.com
+
+- Update to version 17.04.0-ce (fix bsc#1034053 )
+
+- Patches removed because have been merged into this version:
+  * pr31549-cmd-docker-fix-TestDaemonCommand.patch
+  * pr31773-daemon-also-ensureDefaultApparmorProfile-in-exec-pat.patch
+- Patches rebased:
+  * integration-cli-fix-TestInfoEnsureSucceeds.patch
+- Build man pages for all archs (bsc#953182)
+- Containers cannot resolve DNS if docker host uses 127.0.0.1 as resolver 
(bsc#1034063)
+
+see /usr/share/doc/packages/docker/CHANGELOG.md
+
+---
+Wed Apr 12 09:54:18 UTC 2017 - jmassaguer...@suse.com
+
+- Make sure this is being built with go 1.7
+
+---
+Wed Apr 12 09:14:35 UTC 2017 - jmassaguer...@suse.com
+
+- remove the go_arches macro because we are using go1.7 which
+  is available in all archs
+
+- remove gcc specific patches
+  * gcc-go-patches.patch
+  * netlink_netns_powerpc.patch
+  * boltdb_bolt_add_brokenUnaligned.patch
+
+---

Old:

  boltdb_bolt_add_brokenUnaligned.patch
  docker-1.13.0.tar.xz
  gcc-go-patches.patch
  netlink_netns_powerpc.patch
  pr31549-cmd-docker-fix-TestDaemonCommand.patch
  pr31773-daemon-also-ensureDefaultApparmorProfile-in-exec-pat.patch

New:

  bsc1037436-0001-client-check-tty-before-creating-exec-job.patch
  bsc1037607-0001-apparmor-make-pkg-aaparser-work-on-read-only-root.patch
  docker-17.04.0_ce.tar.xz



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.O87KAV/_old  2017-05-23 10:19:00.300102830 +0200
+++ /var/tmp/diff_new_pack.O87KAV/_new  2017-05-23 10:19:00.304102266 +0200
@@ -17,26 +17,12 @@
 # nodebuginfo
 
 
-# Check if go_arches is defined in the project configuration
-# Otherwise, define it here
-# In order to define it in the project configuration, see
-#
-# https://en.opensuse.org/openSUSE:Build%20Service%20prjconf#Macros
-#
-# The Macros tag is the one that defines the go_arches variable to be used
-# in the spec file.
-# The "define" one is to help the specfile parser of the buildservice
-# to see what packages are being built. You also want to define it here
-# for keeping things consistent.
-
-%{!?go_arches: %global go_arches %ix86 x86_64 aarch64 ppc64le}
-
 %global docker_store  %{_localstatedir}/lib/docker
 %global docker_migration_testfile 
%{docker_store}/.suse-image-migration-v1to2-complete
 %global docker_migration_warnfile %{docker_store}/docker-update-message.txt
 %define docker_graph  %{docker_store}/graph
 %define git_version 78d1802
-%define version_unconverted 1.13.0
+%define version_unconverted 17.04.0_ce
 %define __arch_install_post 

commit docker for openSUSE:Factory

2017-04-17 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2017-04-17 10:26:34

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Mon Apr 17 10:26:34 2017 rev:53 rq:487506 version:1.13.0

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2017-03-22 
23:18:15.671939874 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2017-04-17 
10:26:35.327855973 +0200
@@ -1,0 +2,32 @@
+Wed Apr 12 07:58:08 UTC 2017 - asa...@suse.com
+
+- Enable Delegate=yes, since systemd will safely ignore lvalues it doesn't
+  understand.
+
+---
+Tue Apr 11 11:49:05 UTC 2017 - asa...@suse.com
+
+- Update SUSE secrets patch to handle boo#1030702.
+  * secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
+  * secrets-0002-SUSE-implement-SUSE-container-secrets.patch
+
+---
+Tue Apr 11 08:28:33 UTC 2017 - mmeis...@suse.com
+
+- Fix (bsc#1032644)
+
+  Change lvm2 from Requires to Recommends
+
+  Docker usually uses a default storage driver, when it's not configured
+  explicitly. This default driver then depends on the underlying
+  system and gets chosen during installation.
+
+---
+Mon Mar 20 08:12:01 UTC 2017 - jmassaguer...@suse.com
+
+- Disable libseccomp for leap 42.1, sle12sp1 and sle12, because
+  docker needs a higher version. Otherwise, we get the error
+"conditional filtering requires libseccomp version >= 2.2.1
+  (bsc#1028639 and bsc#1028638)
+
+---



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.K8pcSJ/_old  2017-04-17 10:26:39.035330926 +0200
+++ /var/tmp/diff_new_pack.K8pcSJ/_new  2017-04-17 10:26:39.039330359 +0200
@@ -81,7 +81,14 @@
 BuildRequires:  glibc-devel-static
 BuildRequires:  libapparmor-devel
 BuildRequires:  libbtrfs-devel >= 3.8
+# If not leap 42.1 (120100), not sle12sp1 (120100) and not sle12 (1315)
+# enable libseccomp
+%if 0%{?sle_version} != 120100 && 0%{?suse_version} != 1315
+%define with_libseccomp 1
+%endif
+%if 0%{?with_libseccomp}
 BuildRequires:  libseccomp-devel
+%endif
 BuildRequires:  libtool
 BuildRequires:  procps
 BuildRequires:  sqlite3-devel
@@ -102,7 +109,6 @@
 Requires:   git-core >= 1.7
 Requires:   iproute2 >= 3.5
 Requires:   iptables >= 1.4
-Requires:   lvm2 >= 2.2.89
 Requires:   procps
 Requires:   tar >= 1.26
 Requires:   xz >= 4.9
@@ -111,6 +117,10 @@
 Requires(post): shadow
 # Not necessary, but must be installed to have a smooth upgrade.
 Recommends: docker-image-migrator
+# Not necessary, but must be installed when the underlying system is
+# configured to use lvm and the user doesn't explicitly provide a
+# different storage-driver than devicemapper
+Recommends: lvm2 >= 2.2.89
 Conflicts:  lxc < 1.0
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 ExcludeArch:%ix86 s390 ppc
@@ -200,11 +210,14 @@
 export PATH=$tmphack:$PATH
 %endif
 
+BUILDTAGS="exclude_graphdriver_aufs apparmor selinux pkcs11"
+%if 0%{?with_libseccomp}
+BUILDTAGS="seccomp $BUILDTAGS"
+%endif
 # Note that these commands do not allow %%elseif.
 # For versions equal to or below SLE12 && openSUSE_13.2 libdevmapper.h is not
 # recent enough to define dm_task_deferred_remove(). (This is not true of
 # SLE12_SP1 but we cannot distinguish it with this macro.)
-BUILDTAGS="exclude_graphdriver_aufs apparmor seccomp selinux pkcs11"
 %if 0%{?suse_version} <= 1320
BUILDTAGS="libdm_no_deferred_remove $BUILDTAGS"
 %endif
@@ -283,7 +296,12 @@
| grep -v 'github.com/docker/docker/cmd/dockerd$' \
| grep -v 'github.com/docker/docker/builder/dockerfile/parser$' 
\
| grep -v 'github.com/docker/docker/man$' \
+%if 0%{?with_libseccomp}
| grep -v 'github.com/docker/docker/pkg/integration$')
+%else
+   | grep -v 'github.com/docker/docker/pkg/integration$' \
+| grep -v 'github.com/docker/docker/profiles/seccomp$') 
+%endif
 
 go test -cover -ldflags -w -tags "$DOCKER_BUILDTAGS" -a -test.timeout=10m 
$PKG_LIST
 %endif

++ docker.service ++
--- /var/tmp/diff_new_pack.K8pcSJ/_old  2017-04-17 10:26:39.175311103 +0200
+++ /var/tmp/diff_new_pack.K8pcSJ/_new  2017-04-17 10:26:39.175311103 +0200
@@ -27,7 +27,7 @@
 
 # Set delegate yes so that systemd does not reset the cgroups of docker 
containers
 # Only systemd 218 and above support this property.
-#Delegate=yes
+Delegate=yes
 
 # This is not necessary because of 

commit docker for openSUSE:Factory

2017-03-22 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2017-03-22 23:18:14

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Wed Mar 22 23:18:14 2017 rev:52 rq:480841 version:1.13.0

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2017-02-03 
17:35:51.644330236 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2017-03-22 
23:18:15.671939874 +0100
@@ -1,0 +2,53 @@
+Fri Mar 17 11:08:03 UTC 2017 - asa...@suse.com
+
+- Add a backport of fix to AppArmor lazy loading docker-exec case.
+  https://github.com/docker/docker/pull/31773
+  + pr31773-daemon-also-ensureDefaultApparmorProfile-in-exec-pat.patch
+
+---
+Wed Mar  8 00:48:46 UTC 2017 - asa...@suse.com
+
+- Clean up docker-mount-secrets.patch to use the new swarm secrets internals of
+  Docker 1.13.0, which removes the need to implement any secret handling
+  ourselves. This resulted in a split up of the patch.
+  - docker-mount-secrets.patch
+  + secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
+  + secrets-0002-SUSE-implement-SUSE-container-secrets.patch
+
+---
+Mon Mar  6 15:31:02 UTC 2017 - jmassaguer...@suse.com
+
+- Remove old plugins.json to prevent docker-1.13 to fail to start
+
+---
+Mon Mar  6 12:52:14 UTC 2017 - jmassaguer...@suse.com
+
+- Fix bsc#1026827: systemd TasksMax default throttles docker
+
+---
+Mon Mar  6 10:09:14 UTC 2017 - jmassaguer...@suse.com
+
+- Fix post section by adding shadow as a package requirement
+  Otherwise the groupadd instruction fails
+
+---
+Sun Mar  5 04:54:52 UTC 2017 - asa...@suse.com
+
+- Add patch to fix TestDaemonCommand failure in %check. This is an upstream
+  bug, and has an upstream PR to fix it 
https://github.com/docker/docker/pull/31549.
+  + pr31549-cmd-docker-fix-TestDaemonCommand.patch
+
+---
+Wed Feb  1 15:59:40 UTC 2017 - jmassaguer...@suse.com
+
+- update docker to 1.13.0
+
+  see details in https://github.com/docker/docker/releases/tag/v1.13.0
+
+- use the same buildflags for building docker and for building the
+  tests.
+
+- enable pkcs11:
+  
https://github.com/docker/docker/commit/37fa75b3447007bb8ea311f02610bb383b0db77f
+
+---

Old:

  docker-1.12.6.tar.xz
  docker-mount-secrets.patch

New:

  docker-1.13.0.tar.xz
  pr31549-cmd-docker-fix-TestDaemonCommand.patch
  pr31773-daemon-also-ensureDefaultApparmorProfile-in-exec-pat.patch
  secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
  secrets-0002-SUSE-implement-SUSE-container-secrets.patch



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.x7rAzr/_old  2017-03-22 23:18:19.291427183 +0100
+++ /var/tmp/diff_new_pack.x7rAzr/_new  2017-03-22 23:18:19.295426616 +0100
@@ -36,7 +36,7 @@
 %global docker_migration_warnfile %{docker_store}/docker-update-message.txt
 %define docker_graph  %{docker_store}/graph
 %define git_version 78d1802
-%define version_unconverted 1.12.6
+%define version_unconverted 1.13.0
 %define __arch_install_post export NO_BRP_STRIP_DEBUG=true
 # When upgrading to a new version requires the service not to be restarted
 # Due to a long migration process update last_migration_version to the new 
version
@@ -44,7 +44,7 @@
 # 1.10.1
 %global last_migration_version 1.10.1
 Name:   docker
-Version:1.12.6
+Version:1.13.0
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0
@@ -68,14 +68,21 @@
 # which is not snapshotted when images are committed. Note that if you modify
 # this patch, please also modify the patch in the suse-secrets-v
 # branch in http://github.com/suse/docker.mirror.
-Patch200:   docker-mount-secrets.patch
+Patch200:   
secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
+Patch201:   secrets-0002-SUSE-implement-SUSE-container-secrets.patch
+# PATCH-FIX-UPSTREAM: Backports.
 Patch300:   integration-cli-fix-TestInfoEnsureSucceeds.patch
+Patch301:   pr31549-cmd-docker-fix-TestDaemonCommand.patch
+Patch302:   
pr31773-daemon-also-ensureDefaultApparmorProfile-in-exec-pat.patch
 BuildRequires:  audit
 BuildRequires:  bash-completion
+BuildRequires:  ca-certificates
 BuildRequires:  device-mapper-devel >= 

commit docker for openSUSE:Factory

2017-02-03 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2017-01-31 12:46:50

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2017-01-23 
11:36:24.874176867 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2017-02-03 
17:35:51.644330236 +0100
@@ -1,0 +2,12 @@
+Fri Jan 27 12:30:18 UTC 2017 - b...@suse.com
+
+- enable architecture s390x for openSUSE
+
+---
+Thu Jan 26 15:43:38 UTC 2017 - jmassaguer...@suse.com
+
+- provide the oci runtime so that containers which were using an old
+  runtime option, when started on the new docker version, the runtime
+  is changed to the new one. fix bsc#1020806 bsc#1016992 
+
+---



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.Wqck0n/_old  2017-02-03 17:35:52.528205134 +0100
+++ /var/tmp/diff_new_pack.Wqck0n/_new  2017-02-03 17:35:52.532204568 +0100
@@ -111,9 +111,6 @@
 %else
 BuildRequires:  gcc6-go >= 6.1
 %endif
-%if 0%{?is_opensuse}
-ExcludeArch:s390x
-%endif
 
 %description
 Docker complements LXC with a high-level API which operates at the process

++ docker.service ++
--- /var/tmp/diff_new_pack.Wqck0n/_old  2017-02-03 17:35:52.704180227 +0100
+++ /var/tmp/diff_new_pack.Wqck0n/_new  2017-02-03 17:35:52.704180227 +0100
@@ -11,7 +11,7 @@
 # enabled by default because enabling socket activation means that on boot your
 # containers won't start until someone tries to administer the Docker daemon.
 Type=simple
-ExecStart=/usr/bin/dockerd --containerd /run/containerd/containerd.sock 
$DOCKER_NETWORK_OPTIONS $DOCKER_OPTS
+ExecStart=/usr/bin/dockerd --containerd /run/containerd/containerd.sock 
--add-runtime oci=/usr/bin/docker-runc $DOCKER_NETWORK_OPTIONS $DOCKER_OPTS
 ExecStartPost=/usr/lib/docker/docker_service_helper.sh wait
 ExecReload=/bin/kill -s HUP $MAINPID
 




commit docker for openSUSE:Factory

2017-01-23 Thread root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2017-01-23 11:36:23

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2017-01-10 
10:43:27.387569657 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2017-01-23 
11:36:24.874176867 +0100
@@ -1,0 +2,13 @@
+Fri Jan 13 13:56:15 UTC 2017 - jmassaguer...@suse.com
+
+- fix CVE-2016-9962 bsc#1012568 . Fix it by updating to 1.12.6
+  plus an extra commit to fix liverestore:
+  
https://github.com/docker/docker/commit/97cd32a6a9076306baa637a29bba84c3f1f3d218
 
+
+---
+Wed Jan 11 12:47:16 UTC 2017 - jmassaguer...@suse.com
+
+- add "a wait" when starting docker service to fix
+  bsc#1019251 
+
+---

Old:

  docker-1.12.5.tar.xz

New:

  docker-1.12.6.tar.xz
  docker_service_helper.sh



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.ZK6qxH/_old  2017-01-23 11:36:25.818043012 +0100
+++ /var/tmp/diff_new_pack.ZK6qxH/_new  2017-01-23 11:36:25.822042445 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package docker
 #
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -35,8 +35,8 @@
 %global docker_migration_testfile 
%{docker_store}/.suse-image-migration-v1to2-complete
 %global docker_migration_warnfile %{docker_store}/docker-update-message.txt
 %define docker_graph  %{docker_store}/graph
-%define git_version 8eab29e
-%define version_unconverted 1.12.5
+%define git_version 78d1802
+%define version_unconverted 1.12.6
 %define __arch_install_post export NO_BRP_STRIP_DEBUG=true
 # When upgrading to a new version requires the service not to be restarted
 # Due to a long migration process update last_migration_version to the new 
version
@@ -44,7 +44,7 @@
 # 1.10.1
 %global last_migration_version 1.10.1
 Name:   docker
-Version:1.12.5
+Version:1.12.6
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0
@@ -59,6 +59,7 @@
 Source8:docker-audit.rules
 Source9:docker-update-message.txt
 Source10:   tests.sh
+Source11:   docker_service_helper.sh 
 # Fixes for architecture-specific issues (gcc-go).
 Patch100:   gcc-go-patches.patch
 Patch102:   netlink_netns_powerpc.patch
@@ -87,7 +88,7 @@
 # Dockerfile to ensure that we don't use a slightly incompatible version of
 # runC or containerd (which would be bad).
 Requires:   containerd = 0.2.5+gitr569_2a5e70c
-Requires:   runc = 0.1.1+gitr2818_f59ba3cdd76f
+Requires:   runc = 0.1.1+gitr2819_50a19c6
 # Provides mkfs.ext4 - used by Docker when devicemapper storage driver is used
 Requires:   e2fsprogs
 Requires:   git-core >= 1.7
@@ -316,6 +317,7 @@
 #
 install -D -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service
 ln -sf service %{buildroot}%{_sbindir}/rcdocker
+install -D -m 0755 %{SOURCE11} %{buildroot}/%{_libexecdir}/docker/
 
 #
 # udev rules that prevents dolphin to show all docker devices and slows down

++ _service ++
--- /var/tmp/diff_new_pack.ZK6qxH/_old  2017-01-23 11:36:25.906030535 +0100
+++ /var/tmp/diff_new_pack.ZK6qxH/_new  2017-01-23 11:36:25.906030535 +0100
@@ -3,8 +3,8 @@
 https://github.com/docker/docker.git
 git
 .git
-1.12.5
-v1.12.5
+1.12.6
+v1.12.6
   
   
 docker-*.tar

++ docker-1.12.5.tar.xz -> docker-1.12.6.tar.xz ++
/work/SRC/openSUSE:Factory/docker/docker-1.12.5.tar.xz 
/work/SRC/openSUSE:Factory/.docker.new/docker-1.12.6.tar.xz differ: char 27, 
line 1

++ docker.service ++
--- /var/tmp/diff_new_pack.ZK6qxH/_old  2017-01-23 11:36:26.006016355 +0100
+++ /var/tmp/diff_new_pack.ZK6qxH/_new  2017-01-23 11:36:26.006016355 +0100
@@ -10,7 +10,9 @@
 # While Docker has support for socket activation (-H fd://), this is not
 # enabled by default because enabling socket activation means that on boot your
 # containers won't start until someone tries to administer the Docker daemon.
+Type=simple
 ExecStart=/usr/bin/dockerd --containerd /run/containerd/containerd.sock 
$DOCKER_NETWORK_OPTIONS $DOCKER_OPTS
+ExecStartPost=/usr/lib/docker/docker_service_helper.sh wait
 ExecReload=/bin/kill -s HUP $MAINPID
 
 # Having non-zero Limit*s causes performance problems due to accounting 
overhead

++ 

commit docker for openSUSE:Factory

2016-12-02 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2016-12-02 16:42:09

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2016-11-29 
12:48:48.0 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2016-12-02 
16:42:10.0 +0100
@@ -1,0 +2,5 @@
+Tue Nov 29 21:57:08 UTC 2016 - ji...@boombatower.com
+
+- Add packageand(docker:bash) to bash-completion to match zsh-completion.
+
+---



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.NQSmBR/_old  2016-12-02 16:42:11.0 +0100
+++ /var/tmp/diff_new_pack.NQSmBR/_new  2016-12-02 16:42:11.0 +0100
@@ -133,7 +133,7 @@
 Summary:Bash Completion for %{name}
 Group:  System/Management
 Requires:   %{name} = %{version}
-Requires:   bash-completion
+Supplements:packageand(docker:bash)
 BuildArch:  noarch
 
 %description bash-completion




commit docker for openSUSE:Factory

2016-11-29 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2016-11-29 12:48:47

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2016-10-31 
09:56:30.0 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2016-11-29 
12:48:48.0 +0100
@@ -1,0 +2,6 @@
+Thu Nov 24 16:09:52 UTC 2016 - jmassaguer...@suse.com
+
+- fix runc and containerd revisions
+  fix bsc#1009961 
+
+---



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.3JnMNQ/_old  2016-11-29 12:48:49.0 +0100
+++ /var/tmp/diff_new_pack.3JnMNQ/_new  2016-11-29 12:48:49.0 +0100
@@ -87,8 +87,8 @@
 # execdrivers of Docker. NOTE: The version pinning here matches upstream's
 # Dockerfile to ensure that we don't use a slightly incompatible version of
 # runC or containerd (which would be bad).
-Requires:   containerd = 0.2.4+git0366d7e
-Requires:   runc = 0.1.1+git02f8fa7
+Requires:   containerd = 0.2.4+gitr565_0366d7e
+Requires:   runc = 0.1.1+gitr2816_02f8fa7
 # Provides mkfs.ext4 - used by Docker when devicemapper storage driver is used
 Requires:   e2fsprogs
 Requires:   git-core >= 1.7




commit docker for openSUSE:Factory

2016-10-31 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2016-10-31 09:56:29

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2016-10-26 
13:29:14.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2016-10-31 
09:56:30.0 +0100
@@ -1,0 +2,8 @@
+Thu Oct 27 11:13:56 UTC 2016 - jmassaguer...@suse.com
+
+- update docker to 1.12.3
+ - fix bsc#1007249 - CVE-2016-8867: Fix ambient capability usage in containers
+ - other fixes:
+   https://github.com/docker/docker/releases/tag/v1.12.3
+
+---
@@ -276,0 +285,5 @@
+
+---
+Wed Apr 27 10:29:47 UTC 2016 - jmassaguer...@suse.com
+
+- Fix go version to 1.5 (bsc#977394)

Old:

  docker-1.12.2.tar.xz

New:

  docker-1.12.3.tar.xz



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.Kwolph/_old  2016-10-31 09:56:32.0 +0100
+++ /var/tmp/diff_new_pack.Kwolph/_new  2016-10-31 09:56:32.0 +0100
@@ -36,7 +36,7 @@
 %global docker_migration_warnfile %{docker_store}/docker-update-message.txt
 %define docker_graph  %{docker_store}/graph
 %define git_version 8eab29e
-%define version_unconverted 1.12.2
+%define version_unconverted 1.12.3
 %define docker_version 1.12.1
 %define __arch_install_post export NO_BRP_STRIP_DEBUG=true
 # When upgrading to a new version requires the service not to be restarted
@@ -45,7 +45,7 @@
 # 1.10.1
 %global last_migration_version 1.10.1
 Name:   docker
-Version:1.12.2
+Version:1.12.3
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0

++ _service ++
--- /var/tmp/diff_new_pack.Kwolph/_old  2016-10-31 09:56:32.0 +0100
+++ /var/tmp/diff_new_pack.Kwolph/_new  2016-10-31 09:56:32.0 +0100
@@ -3,8 +3,8 @@
 https://github.com/docker/docker.git
 git
 .git
-1.12.2
-v1.12.2
+1.12.3
+v1.12.3
   
   
 docker-*.tar

++ docker-1.12.2.tar.xz -> docker-1.12.3.tar.xz ++
/work/SRC/openSUSE:Factory/docker/docker-1.12.2.tar.xz 
/work/SRC/openSUSE:Factory/.docker.new/docker-1.12.3.tar.xz differ: char 26, 
line 1




commit docker for openSUSE:Factory

2016-10-26 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2016-10-26 13:29:13

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2016-10-13 
11:31:39.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2016-10-26 
13:29:14.0 +0200
@@ -1,0 +2,9 @@
+Thu Oct 13 11:15:17 UTC 2016 - jmassaguer...@suse.com
+
+- update docker to 1.12.2 (bsc#1004490). See changelog
+
+https://github.com/docker/docker/blob/v1.12.2/CHANGELOG.md 
+
+- update docker-mount-secrets.patch to 1.12.2 code
+
+---

Old:

  docker-1.12.1.tar.xz

New:

  docker-1.12.2.tar.xz



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.RWvfU9/_old  2016-10-26 13:29:16.0 +0200
+++ /var/tmp/diff_new_pack.RWvfU9/_new  2016-10-26 13:29:16.0 +0200
@@ -36,7 +36,7 @@
 %global docker_migration_warnfile %{docker_store}/docker-update-message.txt
 %define docker_graph  %{docker_store}/graph
 %define git_version 8eab29e
-%define version_unconverted 1.12.1
+%define version_unconverted 1.12.2
 %define docker_version 1.12.1
 %define __arch_install_post export NO_BRP_STRIP_DEBUG=true
 # When upgrading to a new version requires the service not to be restarted
@@ -45,7 +45,7 @@
 # 1.10.1
 %global last_migration_version 1.10.1
 Name:   docker
-Version:1.12.1
+Version:1.12.2
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0
@@ -87,8 +87,8 @@
 # execdrivers of Docker. NOTE: The version pinning here matches upstream's
 # Dockerfile to ensure that we don't use a slightly incompatible version of
 # runC or containerd (which would be bad).
-Requires:   containerd = 0.2.3
-Requires:   runc = 0.1.1+gitcc29e3d
+Requires:   containerd = 0.2.4+git0366d7e
+Requires:   runc = 0.1.1+git02f8fa7
 # Provides mkfs.ext4 - used by Docker when devicemapper storage driver is used
 Requires:   e2fsprogs
 Requires:   git-core >= 1.7

++ _service ++
--- /var/tmp/diff_new_pack.RWvfU9/_old  2016-10-26 13:29:16.0 +0200
+++ /var/tmp/diff_new_pack.RWvfU9/_new  2016-10-26 13:29:16.0 +0200
@@ -3,8 +3,8 @@
 https://github.com/docker/docker.git
 git
 .git
-1.12.1
-v1.12.1
+1.12.2
+v1.12.2
   
   
 docker-*.tar

++ docker-1.12.1.tar.xz -> docker-1.12.2.tar.xz ++
/work/SRC/openSUSE:Factory/docker/docker-1.12.1.tar.xz 
/work/SRC/openSUSE:Factory/.docker.new/docker-1.12.2.tar.xz differ: char 25, 
line 1

++ docker-mount-secrets.patch ++
--- /var/tmp/diff_new_pack.RWvfU9/_old  2016-10-26 13:29:16.0 +0200
+++ /var/tmp/diff_new_pack.RWvfU9/_new  2016-10-26 13:29:16.0 +0200
@@ -1,20 +1,28 @@
-commit 7726422774cf8dda6766cb268b4e9110e4f68945
-Author: Aleksa Sarai 
-Date:   Mon Apr 11 22:54:35 2016 +1000
+From 17cd15ba4160f0e0830453529b9b01edc308d847 Mon Sep 17 00:00:00 2001
+From: Aleksa Sarai 
+Date: Mon, 11 Apr 2016 22:54:35 +1000
+Subject: [PATCH] SUSE: implement SUSE container secrets
 
-SUSE: implement SUSE container secrets
-
-This allows for us to pass in host credentials to a container, allowing
-for SUSEConnect to work with containers.
-
-THIS PATCH IS NOT TO BE UPSTREAMED, DUE TO THE FACT THAT IT IS
-SUSE-SPECIFIC, AND UPSTREAM DOES NOT APPROVE OF THIS CONCEPT BECAUSE IT
-MAKES BUILDS NOT ENTIRELY REPRODUCIBLE.
-
-Signed-off-by: Aleksa Sarai 
+This allows for us to pass in host credentials to a container, allowing
+for SUSEConnect to work with containers.
+
+THIS PATCH IS NOT TO BE UPSTREAMED, DUE TO THE FACT THAT IT IS
+SUSE-SPECIFIC, AND UPSTREAM DOES NOT APPROVE OF THIS CONCEPT BECAUSE IT
+MAKES BUILDS NOT ENTIRELY REPRODUCIBLE.
+
+Signed-off-by: Aleksa Sarai 
+---
+ container/container_unix.go |  63 
+ daemon/container_operations_unix.go |  50 ++
+ daemon/daemon_unix.go   |   6 +-
+ daemon/oci_linux.go |   6 ++
+ daemon/start.go |   6 ++
+ daemon/suse_secrets.go  | 184 
+ 6 files changed, 313 insertions(+), 2 deletions(-)
+ create mode 100644 daemon/suse_secrets.go
 
 diff --git a/container/container_unix.go b/container/container_unix.go
-index 2727b818f542..07a07102f031 100644
+index 2727b81..07a0710 100644
 --- a/container/container_unix.go
 +++ b/container/container_unix.go
 @@ -35,6 +35,8 @@ type Container struct {
@@ 

commit docker for openSUSE:Factory

2016-10-13 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2016-10-13 11:31:39

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2016-09-21 
18:49:53.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2016-10-13 
11:31:39.0 +0200
@@ -1,0 +2,7 @@
+Tue Oct 11 09:36:23 UTC 2016 - asa...@suse.com
+
+- docker-mount-secrets.patch: change the internal mountpoint name to not use
+  ":" as that character can be considered a special character by other tools.
+  bsc#999582
+
+---



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.nDYl57/_old  2016-10-13 11:31:41.0 +0200
+++ /var/tmp/diff_new_pack.nDYl57/_new  2016-10-13 11:31:41.0 +0200
@@ -64,6 +64,10 @@
 Patch100:   gcc-go-patches.patch
 Patch101:   netlink_gcc_go.patch
 Patch102:   netlink_netns_powerpc.patch
+# SUSE-FEATURE: Adds the /run/secrets mountpoint inside all Docker containers
+# which is not snapshotted when images are committed. Note that if you modify
+# this patch, please also modify the patch in the suse-secrets-v
+# branch in http://github.com/suse/docker.mirror.
 Patch200:   docker-mount-secrets.patch
 Patch300:   integration-cli-fix-TestInfoEnsureSucceeds.patch
 BuildRequires:  audit

++ docker-mount-secrets.patch ++
--- /var/tmp/diff_new_pack.nDYl57/_old  2016-10-13 11:31:41.0 +0200
+++ /var/tmp/diff_new_pack.nDYl57/_new  2016-10-13 11:31:41.0 +0200
@@ -1,31 +1,23 @@
-From fb84d5a3fbc3f1fad7dfc961b5dace3915eae7f9 Mon Sep 17 00:00:00 2001
-From: Aleksa Sarai 
-Date: Mon, 11 Apr 2016 22:54:35 +1000
-Subject: [PATCH] SUSE: implement SUSE container secrets
+commit 7726422774cf8dda6766cb268b4e9110e4f68945
+Author: Aleksa Sarai 
+Date:   Mon Apr 11 22:54:35 2016 +1000
 
-This allows for us to pass in host credentials to a container, allowing
-for SUSEConnect to work with containers.
-
-THIS PATCH IS NOT TO BE UPSTREAMED, DUE TO THE FACT THAT IT IS
-SUSE-SPECIFIC, AND UPSTREAM DOES NOT APPROVE OF THIS CONCEPT BECAUSE IT
-MAKES BUILDS NOT ENTIRELY REPRODUCIBLE.
-
-Signed-off-by: Aleksa Sarai 

- container/container_unix.go |  63 
- daemon/container_operations_unix.go |  50 ++
- daemon/daemon_unix.go   |   6 +-
- daemon/oci_linux.go |   7 ++
- daemon/start.go |   6 ++
- daemon/suse_secrets.go  | 184 
- 6 files changed, 314 insertions(+), 2 deletions(-)
- create mode 100644 daemon/suse_secrets.go
+SUSE: implement SUSE container secrets
+
+This allows for us to pass in host credentials to a container, allowing
+for SUSEConnect to work with containers.
+
+THIS PATCH IS NOT TO BE UPSTREAMED, DUE TO THE FACT THAT IT IS
+SUSE-SPECIFIC, AND UPSTREAM DOES NOT APPROVE OF THIS CONCEPT BECAUSE IT
+MAKES BUILDS NOT ENTIRELY REPRODUCIBLE.
+
+Signed-off-by: Aleksa Sarai 
 
 diff --git a/container/container_unix.go b/container/container_unix.go
-index 8273bdb..d86d783 100644
+index 2727b818f542..07a07102f031 100644
 --- a/container/container_unix.go
 +++ b/container/container_unix.go
-@@ -34,6 +34,8 @@ type Container struct {
+@@ -35,6 +35,8 @@ type Container struct {
HostsPath   string
ShmPath string
ResolvConfPath  string
@@ -34,14 +26,14 @@
SeccompProfile  string
NoNewPrivileges bool
  }
-@@ -243,6 +245,67 @@ func (container *Container) IpcMounts() []Mount {
+@@ -256,6 +258,67 @@ func (container *Container) IpcMounts() []Mount {
return mounts
  }
  
 +// SUSE:secrets :: SuseSecretsResourcePath returns the path to the container's
 +// personal /run/secrets tmpfs.
 +func (container *Container) SuseSecretsResourcePath() (string, error) {
-+  return container.GetRootResourcePath("suse:secrets")
++  return container.GetRootResourcePath("suse.secrets")
 +}
 +
 +// SUSE:secrets :: SuseSecretMounts returns the list of mounts required for 
the
@@ -103,10 +95,10 @@
  func (container *Container) UpdateContainer(hostConfig 
*containertypes.HostConfig) error {
container.Lock()
 diff --git a/daemon/container_operations_unix.go 
b/daemon/container_operations_unix.go
-index c8a0b93..036c65a 100644
+index 55bd3fc8392d..a3ab7fbd83d1 100644
 --- a/daemon/container_operations_unix.go
 +++ b/daemon/container_operations_unix.go
-@@ -168,6 +168,56 @@ func (daemon *Daemon) 

commit docker for openSUSE:Factory

2016-09-21 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2016-09-21 18:49:51

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2016-08-17 
12:06:02.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2016-09-21 
18:49:53.0 +0200
@@ -1,0 +2,125 @@
+Mon Sep 19 11:56:15 UTC 2016 - jmassaguer...@suse.com
+
+- fix go_arches definition: use global instead of define, otherwise
+  it fails to build 
+
+---
+Wed Sep 14 09:41:57 UTC 2016 - asa...@suse.com
+
+- Add dockerd(8) man page.
+
+---
+Fri Sep  9 12:42:24 UTC 2016 - th...@suse.de
+
+- add missing patch to changelog
+
+---
+Wed Sep  7 16:33:59 UTC 2016 - th...@suse.de
+
+- fix integration test case
+- add integration-cli-fix-TestInfoEnsureSucceeds.patch
+
+---
+Tue Sep  6 13:28:38 UTC 2016 - th...@suse.de
+
+- update rpmlintrc
+
+---
+Fri Sep  2 12:02:23 UTC 2016 - th...@suse.de
+
+- make test timeout configurable
+
+---
+Fri Sep  2 10:25:27 UTC 2016 - asa...@suse.com
+
+- Remove noarch from docker-test, which was causing lots of fun issues when
+  trying to run them.
+
+---
+Tue Aug 30 09:07:19 UTC 2016 - jmassaguer...@suse.com
+
+- Fix build for ppc64le: use static libgo for dockerd and docker-proxy
+  as in docker build.
+
+---
+Mon Aug 29 12:11:21 UTC 2016 - jmassaguer...@suse.com
+
+- Update docker to 1.12.1 (bsc#996015)
+
+  see changelog in https://github.com/docker/docker/releases/tag/v1.12.1
+
+---
+Fri Aug 26 12:02:35 UTC 2016 - cbrau...@suse.de
+
+- Add asau...@suse.com's test.sh test script.
+- Add integration test binary in docker.spec file. This is work done by
+  asau...@suse.com.
+
+---
+Fri Aug 26 10:43:38 UTC 2016 - asa...@suse.com
+
+- Package docker-proxy (which was split out of the docker binary in 1.12).
+  boo#995620
+
+---
+Fri Aug 26 10:00:36 UTC 2016 - jmassaguer...@suse.com
+
+- fix bsc#995102 - Docker "migrator" prevents installing "docker",
+  if docker 1.9 was installed before but there were no images
+
+---
+Fri Aug 26 08:49:15 UTC 2016 - asa...@suse.com
+
+- Update docker.service file with several changes.
+  * Reapply fix for bsc#983015 (Limit*=infinity).
+  * Specify an "OCI" runtime for our runc package explicitly. bsc#978260
+
+---
+Thu Aug 25 14:02:04 UTC 2016 - jmassaguer...@suse.com
+
+- remove disable-pprof-trace.patch: We can remove this patch because
+  we use go 1.6, either gcc6-go or gc-go. This patch was for gcc5-go
+
+---
+Wed Aug 24 12:31:23 UTC 2016 - jmassaguer...@suse.com
+
+- add go_arches in project configuration: this way, we can use the
+  same spec file but decide in the project configuration if to
+  use gc-go or gcc-go for some archs.
+
+---
+Tue Aug 23 11:35:09 UTC 2016 - jmassaguer...@suse.com
+
+- use gcc6-go instead of gcc5-go (bsc#988408)
+- build ppc64le with gc-go because this version builds with gc-go 1.6
+- remove bnc964673-boltdb-metadata-recovery.patch because it has already
+  been merged
+
+---
+Tue Aug 23 11:34:09 UTC 2016 - cbrau...@suse.com
+
+- update to v1.12.0 (bsc#995058)
+  see detailed changelog at
+https://github.com/docker/docker/releases/tag/v1.12.0
+- disable test that fail in obs build context
+- only run unit tests on architectures that provide the go list and go test
+  tools
+- disable dockerd, parser, integration test, and devicemapper related tests
+  on versions below SLE12 and openSUSE_13.2
+- bump test timeout to 10m (for aarch64)
+- run unit tests during the build
+- Adapt docker.service file.
+- adapt install sections for gccgo builds: gccgo build are not built in 
separate
+  folders for client and daemon. They both reside in dyngccgo.
+- gcc-go-patch: link against systemd when 

commit docker for openSUSE:Factory

2016-08-17 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2016-08-17 12:06:01

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2016-08-09 
22:15:57.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2016-08-17 
12:06:02.0 +0200
@@ -1,0 +2,7 @@
+Tue Aug 16 09:39:11 UTC 2016 - asa...@suse.com
+
+* Explicitly state the version dependencies for runC and containerd, to
+  avoid potential issues with incompatible component versions. These
+  must be updated *each time we do a release*. bsc#993847
+
+---



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.0ZINN2/_old  2016-08-17 12:06:04.0 +0200
+++ /var/tmp/diff_new_pack.0ZINN2/_new  2016-08-17 12:06:04.0 +0200
@@ -67,8 +67,12 @@
 Requires:   apparmor-parser
 Requires:   bridge-utils
 Requires:   ca-certificates-mozilla
-# Containerd is required as it is the only currently supported execdriver of 
Docker.
-Requires:   containerd
+# Containerd and runC are required as they are the only currently supported
+# execdrivers of Docker. NOTE: The version pinning here matches upstream's
+# Dockerfile to ensure that we don't use a slightly incompatible version of
+# runC or containerd (which would be bad).
+Requires:   containerd = 0.2.2
+Requires:   runc = 0.1.1
 # Provides mkfs.ext4 - used by Docker when devicemapper storage driver is used
 Requires:   e2fsprogs
 Requires:   git-core >= 1.7




commit docker for openSUSE:Factory

2016-08-09 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2016-08-09 22:15:50

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2016-08-03 
11:42:40.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2016-08-09 
22:15:57.0 +0200
@@ -1,0 +2,7 @@
+Mon Jul 25 05:34:50 UTC 2016 - sfl...@suse.de
+
+- Don't exit mid install, add the ability to not restart the docker
+  service during certain updates with long migration phases 
+  bsc#980555
+
+---

New:

  docker-update-message.txt



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.a5sC0I/_old  2016-08-09 22:15:58.0 +0200
+++ /var/tmp/diff_new_pack.a5sC0I/_new  2016-08-09 22:15:58.0 +0200
@@ -17,13 +17,19 @@
 # nodebuginfo
 
 
-%define docker_store  %{_localstatedir}/lib/docker
+%global docker_store  %{_localstatedir}/lib/docker
+%global docker_migration_testfile 
%{docker_store}/.suse-image-migration-v1to2-complete
+%global docker_migration_warnfile %{docker_store}/docker-update-message.txt
 %define docker_graph  %{docker_store}/graph
-%define docker_migration_testfile 
%{docker_store}/.suse-image-migration-v1to2-complete
 %define git_version 9e83765
 %define go_arches %ix86 x86_64 aarch64
 %define version_unconverted 1.11.2
 %define __arch_install_post export NO_BRP_STRIP_DEBUG=true
+# When upgrading to a new version requires the service not to be restarted
+# Due to a long migration process update last_migration_version to the new 
version
+# that will first perform the migration, last time this was needed was version
+# 1.10.1
+%global last_migration_version 1.10.1
 Name:   docker
 Version:1.11.2
 Release:0
@@ -38,6 +44,7 @@
 Source6:docker-rpmlintrc
 Source7:README_SUSE.md
 Source8:docker-audit.rules
+Source9:docker-update-message.txt
 # Required to overcome some limitations of gcc-go: 
https://groups.google.com/forum/#!msg/golang-nuts/SlGCPYkjxo4/4DjcjXRCqAkJ
 Patch101:   gcc-go-patches.patch
 Patch102:   netlink_gcc_go.patch
@@ -233,80 +240,42 @@
 install -p -m 644 man/man5/Dockerfile.5 %{buildroot}%{_mandir}/man5
 %endif
 
+install -D -m 0644 %{SOURCE9} %{buildroot}%{docker_migration_warnfile}
+
 %fdupes %{buildroot}
 
 %pre
-# We're currently inside rpmlint, which will cause us to fail the tests if it
-# happens that the Docker install in the builder requires a migration.
-if [[ -z "$BUILD_ROOT" ]]
-then
-   # In order to make sure we don't print a scary warning when we 
shouldn't we
-   # need to test these things (in this order):
-   # 1. Check that %{_localstatedir}/lib/docker actually exists (docker 
daemon has run).
-   # 2. Check that the migrator has *not* finished.
-   # 3. Check that %{_localstatedir}/lib/docker/graph exists (this is a 
<=1.9.1 thing, but
-   #will stick around if it has been migrated -- which is why we need 
the
-   #MIGRATION_TESTFILE check).
-   # 4. Check that there are images in the graph/ directory.
-   if [[ -d "%{docker_store}" && ( ! -f "%{docker_migration_testfile}" ) 
&& -d "%{docker_store}" && -n "$(find "%{docker_store}" -maxdepth 1 -type d 
2>/dev/null | grep -Ev '_tmp|^%{docker_store}$')" ]]
-then
-
-   if [ -n "$DOCKER_FORCE_INSTALL" ]
-   then
-   echo >&2 "*** IGNORING DOWNTIME WARNING! FORCING 
INSTALLATION. ***"
-   else
-
-cat >&2 <=1.10.0, the Docker image format
-has changed to be completely content-addressible. This results in several 
positive
-improvements to image operations (better caching during builds mainly). 
However,
-the migration operation may take several hours if you have a lot of large 
images
-on a Docker host. In order to ensure that you have minimum downtime, this 
update
-of Docker will not complete successfully, and you will have the opportunity to
-run a separate migration tool (which will not cause downtime for your Docker
-daemon).
-
-In order to run this migration tool, please install the 'docker-image-migrator'
-package. You can run the migration with this command, which will exit after the
-migration has been completed:
-
-$ %{_libexecdir}/docker-image-migrator/do-image-migration-v1to2.sh
-
-Because the migrator requires information about the storage driver used by 
Docker,
-the migration script will source %{_sysconfdir}/sysconfig/docker and use 
\$DOCKER_OPTS as
-arguments to the migrator. If this automated 

commit docker for openSUSE:Factory

2016-08-03 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2016-08-03 11:42:38

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2016-07-15 
12:54:24.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2016-08-03 
11:42:40.0 +0200
@@ -1,0 +2,5 @@
+Tue Jul 19 17:03:32 UTC 2016 - jmassaguer...@suse.com
+
+- remove kernel dependency (bsc#987198)
+
+---
@@ -30 +35 @@
-* Update Docker to 1.11.2. Changelog from upstream:
+* Update Docker to 1.11.2. (bsc#989566) Changelog from upstream:



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.aV7aQ7/_old  2016-08-03 11:42:41.0 +0200
+++ /var/tmp/diff_new_pack.aV7aQ7/_new  2016-08-03 11:42:41.0 +0200
@@ -67,7 +67,6 @@
 Requires:   git-core >= 1.7
 Requires:   iproute2 >= 3.5
 Requires:   iptables >= 1.4
-Requires:   kernel >= 3.8.0
 Requires:   lvm2 >= 2.2.89
 Requires:   procps
 Requires:   tar >= 1.26




commit docker for openSUSE:Factory

2016-07-15 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2016-07-15 12:54:13

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2016-07-12 
23:51:40.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2016-07-15 
12:54:24.0 +0200
@@ -1,0 +2,6 @@
+Wed Jul 13 13:41:33 UTC 2016 - cbrau...@suse.de
+
+- remove sysconfig.docker.ppc64le patch
+  setting iptables option on ppc64le works now (bsc#988707)
+
+---

Old:

  sysconfig.docker.ppc64le



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.ODQeIs/_old  2016-07-15 12:54:26.0 +0200
+++ /var/tmp/diff_new_pack.ODQeIs/_new  2016-07-15 12:54:26.0 +0200
@@ -38,8 +38,6 @@
 Source6:docker-rpmlintrc
 Source7:README_SUSE.md
 Source8:docker-audit.rules
-# TODO: remove once we figure out what is wrong with iptables on ppc64le
-Source100:  sysconfig.docker.ppc64le
 # Required to overcome some limitations of gcc-go: 
https://groups.google.com/forum/#!msg/golang-nuts/SlGCPYkjxo4/4DjcjXRCqAkJ
 Patch101:   gcc-go-patches.patch
 Patch102:   netlink_gcc_go.patch
@@ -226,11 +224,7 @@
 install -D -m 0640 %{SOURCE8} 
%{buildroot}%{_sysconfdir}/audit/rules.d/%{name}.rules
 
 # sysconfig file
-%ifarch ppc64le
-install -D -m 644 %{SOURCE100} 
%{buildroot}%{_localstatedir}/adm/fillup-templates/sysconfig.docker
-%else
 install -D -m 644 %{SOURCE4} 
%{buildroot}%{_localstatedir}/adm/fillup-templates/sysconfig.docker
-%endif
 
 %ifarch %{go_arches}
 # install manpages

++ docker.service ++
--- /var/tmp/diff_new_pack.ODQeIs/_old  2016-07-15 12:54:26.0 +0200
+++ /var/tmp/diff_new_pack.ODQeIs/_new  2016-07-15 12:54:26.0 +0200
@@ -14,12 +14,12 @@
 LimitNPROC=infinity
 LimitCORE=infinity
 # Uncomment TasksMax if your systemd version supports it.
-# Only systemd 226 and above support this version.
+# Only systemd 226 and above support this property.
 #TasksMax=infinity
 # Set delegate yes so that systemd does not reset the cgroups of docker 
containers
-Delegate=yes
-# Kill only the docker process, not all processes in the cgroup
-KillMode=process
+# Only systemd 218 and above support this property.
+#Delegate=yes
+# KillMode=process is not necessary because of how we set up containerd.
 
 [Install]
 WantedBy=multi-user.target




commit docker for openSUSE:Factory

2016-07-12 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2016-07-12 23:51:38

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2016-07-01 
09:58:44.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2016-07-12 
23:51:40.0 +0200
@@ -1,0 +2,13 @@
+Tue Jul  5 17:52:58 UTC 2016 - jmassaguer...@suse.com
+
+- fix bsc#984942: audit.rules in docker-1.9.1-58.1.x86_64.rpm has a
+  syntax error
+
+---
+Tue Jul  5 14:26:45 UTC 2016 - asa...@suse.com
+
+* Update docker.service to include changes from upstream, including the
+  soon-to-be-merged patch https://github.com/docker/docker/pull/24307,
+  which fixes bnc#983015.
+
+---



Other differences:
--
++ docker-audit.rules ++
--- /var/tmp/diff_new_pack.pJoaQL/_old  2016-07-12 23:51:42.0 +0200
+++ /var/tmp/diff_new_pack.pJoaQL/_new  2016-07-12 23:51:42.0 +0200
@@ -1,7 +1,7 @@
 ##
 # Audit rules based on CIS Docker 1.6 Benchmark v1.0.0
 # 
https://benchmarks.cisecurity.org/tools2/docker/CIS_Docker_1.6_Benchmark_v1.0.0.pdf
-# Not all of these apply to SUSE. 
+# Not all of these apply to SUSE.
 # 1.8 Audit docker daemon
 -w /usr/bin/docker -k docker
 # 1.9 Audit Docker files and directories
@@ -23,5 +23,5 @@
 # 1.17 Audit Docker files and directories - /etc/sysconfig/docker-storage
 -w /etc/sysconfig/docker-storage -k docker
 # 1.18 Audit Docker files and directories - /etc/default/docker
--w /etc/default/docker-k docker
+-w /etc/default/docker -k docker
 ## end docker audit rules

++ docker.service ++
--- /var/tmp/diff_new_pack.pJoaQL/_old  2016-07-12 23:51:42.0 +0200
+++ /var/tmp/diff_new_pack.pJoaQL/_new  2016-07-12 23:51:42.0 +0200
@@ -7,10 +7,19 @@
 [Service]
 EnvironmentFile=/etc/sysconfig/docker
 ExecStart=/usr/bin/docker daemon -H fd:// --containerd 
/run/containerd/containerd.sock $DOCKER_NETWORK_OPTIONS $DOCKER_OPTS
-LimitNOFILE=1048576
-LimitNPROC=1048576
+ExecReload=/bin/kill -s HUP $MAINPID
+# Having non-zero Limit*s causes performance problems due to accounting 
overhead
+# in the kernel. We recommend using cgroups to do container-local accounting.
+LimitNOFILE=infinity
+LimitNPROC=infinity
 LimitCORE=infinity
+# Uncomment TasksMax if your systemd version supports it.
+# Only systemd 226 and above support this version.
+#TasksMax=infinity
+# Set delegate yes so that systemd does not reset the cgroups of docker 
containers
+Delegate=yes
+# Kill only the docker process, not all processes in the cgroup
+KillMode=process
 
 [Install]
 WantedBy=multi-user.target
-




commit docker for openSUSE:Factory

2016-07-01 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2016-07-01 09:58:42

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2016-06-19 
10:49:31.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2016-07-01 
09:58:44.0 +0200
@@ -1,0 +2,5 @@
+Fri Jun 24 00:23:57 UTC 2016 - dmuel...@suse.com
+
+- readd dropped declaration for patch200
+
+---
@@ -32,0 +38,5 @@
+
+---
+Thu May 19 13:43:44 UTC 2016 - tchva...@suse.com
+
+- Pass over with spec-cleaner, no factual changes



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.pRyXFe/_old  2016-07-01 09:58:46.0 +0200
+++ /var/tmp/diff_new_pack.pRyXFe/_new  2016-07-01 09:58:46.0 +0200
@@ -14,16 +14,16 @@
 
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
+# nodebuginfo
 
 
-%define docker_store  /var/lib/docker
+%define docker_store  %{_localstatedir}/lib/docker
 %define docker_graph  %{docker_store}/graph
 %define docker_migration_testfile 
%{docker_store}/.suse-image-migration-v1to2-complete
-
 %define git_version 9e83765
 %define go_arches %ix86 x86_64 aarch64
 %define version_unconverted 1.11.2
-
+%define __arch_install_post export NO_BRP_STRIP_DEBUG=true
 Name:   docker
 Version:1.11.2
 Release:0
@@ -35,40 +35,24 @@
 Source1:docker.service
 Source3:80-docker.rules
 Source4:sysconfig.docker
-
-%if 0%{?suse_version} > 1320
-Source5:docker.socket
-%else
-Source5:docker_systemd_lt_214.socket
-%endif
-
 Source6:docker-rpmlintrc
 Source7:README_SUSE.md
 Source8:docker-audit.rules
 # TODO: remove once we figure out what is wrong with iptables on ppc64le
 Source100:  sysconfig.docker.ppc64le
-# The mount-secrets patch is be a SLE-specific feature. As such, it is 
disabled by default on openSUSE.
-# PATCH-FEATURE-SLE docker-mount-secrets.patch -- pass the SCC machine 
credentials and the /etc/SUSEConnect file to containers
-Patch200:   docker-mount-secrets.patch
 # Required to overcome some limitations of gcc-go: 
https://groups.google.com/forum/#!msg/golang-nuts/SlGCPYkjxo4/4DjcjXRCqAkJ
 Patch101:   gcc-go-patches.patch
 Patch102:   netlink_gcc_go.patch
 Patch103:   netlink_netns_powerpc.patch
+Patch200:   docker-mount-secrets.patch
 # This fixes bnc#964673. This fix is in boltdb upstream, but has yet to be
 # merged into Docker (in a vendor commit). This patch was cherry-picked from
 # bolt#555.
 Patch302:   bnc964673-boltdb-metadata-recovery.patch
-Requires(post): udev
 BuildRequires:  audit
 BuildRequires:  bash-completion
 BuildRequires:  device-mapper-devel >= 1.2.68
 BuildRequires:  glibc-devel-static
-%ifarch %go_arches
-BuildRequires:  go >= 1.5
-BuildRequires:  go-go-md2man
-%else
-BuildRequires:  gcc5-go >= 5.0
-%endif
 BuildRequires:  libapparmor-devel
 BuildRequires:  libbtrfs-devel >= 3.8
 BuildRequires:  procps
@@ -78,6 +62,8 @@
 Requires:   apparmor-parser
 Requires:   bridge-utils
 Requires:   ca-certificates-mozilla
+# Containerd is required as it is the only currently supported execdriver of 
Docker.
+Requires:   containerd
 # Provides mkfs.ext4 - used by Docker when devicemapper storage driver is used
 Requires:   e2fsprogs
 Requires:   git-core >= 1.7
@@ -88,26 +74,27 @@
 Requires:   procps
 Requires:   tar >= 1.26
 Requires:   xz >= 4.9
-# Containerd is required as it is the only currently supported execdriver of 
Docker.
-Requires:   containerd
+Requires(post): %fillup_prereq
+Requires(post): udev
 # Not necessary, but must be installed to have a smooth upgrade.
 Recommends: docker-image-migrator
 Conflicts:  lxc < 1.0
-PreReq: %fillup_prereq
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
-ExcludeArch:%ix86
-ExcludeArch:s390
+ExcludeArch:%ix86 s390 ppc
+%if 0%{?suse_version} > 1320
+Source5:docker.socket
+%else
+Source5:docker_systemd_lt_214.socket
+%endif
+%ifarch %{go_arches}
+BuildRequires:  go >= 1.5
+BuildRequires:  go-go-md2man
+%else
+BuildRequires:  gcc5-go >= 5.0
+%endif
 %if 0%{?is_opensuse}
 ExcludeArch:s390x
 %endif
-ExcludeArch:ppc
-
-# It's a bad idea to strip Go binaries (apart from making debugging impossible,
-# it also is known to cause some interesting runtime bugs). However, rpmbuild
-# will strip your binaries if it is creating 

commit docker for openSUSE:Factory

2016-06-19 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2016-06-19 10:49:28

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2016-05-23 
16:39:12.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2016-06-19 
10:49:31.0 +0200
@@ -1,0 +2,28 @@
+Wed Jun  8 14:42:08 UTC 2016 - asa...@suse.de
+
+* Removed patches:
+  - cve-2016-3697-numeric-uid.patch (merged upstream in 
gh@docker/docker#22998).
+* Update Docker to 1.11.2. Changelog from upstream:
+
+* Networking
+  * Fix a stale endpoint issue on overlay networks during ungraceful restart
+(#23015)
+  * Fix an issue where the wrong port could be reported by docker
+inspect/ps/port (#22997)
+
+* Runtime
+  * Fix a potential panic when running docker build (#23032)
+  * Fix interpretation of --user parameter (#22998)
+  * Fix a bug preventing container statistics to be correctly reported (#22955)
+  * Fix an issue preventing container to be restarted after daemon restart
+(#22947)
+  * Fix issues when running 32 bit binaries on Ubuntu 16.04 (#22922)
+  * Fix a possible deadlock on image deletion and container attach (#22918)
+  * Fix an issue where containers fail to start after a daemon restart if they
+depend on a containerized cluster store (#22561)
+  * Fix an issue causing docker ps to hang on CentOS when using devicemapper
+(#22168, #23067)
+  * Fix a bug preventing to docker exec into a container when using
+devicemapper (#22168, #23067)
+
+---

Old:

  cve-2016-3697-numeric-uid.patch
  docker-1.11.1.tar.xz

New:

  docker-1.11.2.tar.xz



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.YV7PcC/_old  2016-06-19 10:49:33.0 +0200
+++ /var/tmp/diff_new_pack.YV7PcC/_new  2016-06-19 10:49:33.0 +0200
@@ -22,10 +22,10 @@
 
 %define git_version 9e83765
 %define go_arches %ix86 x86_64 aarch64
-%define version_unconverted 1.11.1
+%define version_unconverted 1.11.2
 
 Name:   docker
-Version:1.11.1
+Version:1.11.2
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0
@@ -54,9 +54,6 @@
 Patch101:   gcc-go-patches.patch
 Patch102:   netlink_gcc_go.patch
 Patch103:   netlink_netns_powerpc.patch
-# This fixes bsc#976777. While the fix is upstream, it isn't in Docker 1.10.3 
or
-# Docker 1.11.0. This patch was squashed and cherry-picked from runc#708.
-Patch301:   cve-2016-3697-numeric-uid.patch
 # This fixes bnc#964673. This fix is in boltdb upstream, but has yet to be
 # merged into Docker (in a vendor commit). This patch was cherry-picked from
 # bolt#555.
@@ -177,8 +174,6 @@
 %patch102 -p1
 %patch103 -p1
 %endif
-# bsc#976777
-%patch301 -p1
 # bnc#964673
 %patch302 -p1
 cp %{SOURCE7} .

++ _service ++
--- /var/tmp/diff_new_pack.YV7PcC/_old  2016-06-19 10:49:33.0 +0200
+++ /var/tmp/diff_new_pack.YV7PcC/_new  2016-06-19 10:49:33.0 +0200
@@ -3,8 +3,8 @@
 https://github.com/docker/docker.git
 git
 .git
-1.11.1
-v1.11.1
+1.11.2
+v1.11.2
   
   
 docker-*.tar

++ docker-1.11.1.tar.xz -> docker-1.11.2.tar.xz ++
/work/SRC/openSUSE:Factory/docker/docker-1.11.1.tar.xz 
/work/SRC/openSUSE:Factory/.docker.new/docker-1.11.2.tar.xz differ: char 25, 
line 1




commit docker for openSUSE:Factory

2016-05-23 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2016-05-23 16:39:11

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2016-05-04 
08:20:17.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2016-05-23 
16:39:12.0 +0200
@@ -1,0 +2,20 @@
+Fri May 20 10:26:39 UTC 2016 - jmassaguer...@suse.com
+
+- Fix udev files ownership 
+
+---
+Wed May 18 14:21:09 UTC 2016 - asa...@suse.de
+
+* Make sure we *always* build unstripped Go binaries.
+
+---
+Mon May 16 13:55:07 UTC 2016 - asa...@suse.de
+
+* Add a patch to fix database soft corruption issues if the Docker dameon dies
+  in a bad state. There is a PR upstream to vendor Docker to have this fix as
+  well, but it probably won't get in until 1.11.2. bnc#964673
+  (https://github.com/docker/docker/pull/22765)
+
+  + bnc964673-boltdb-metadata-recovery.patch
+
+---

New:

  bnc964673-boltdb-metadata-recovery.patch



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.dHdJQB/_old  2016-05-23 16:39:13.0 +0200
+++ /var/tmp/diff_new_pack.dHdJQB/_new  2016-05-23 16:39:13.0 +0200
@@ -57,6 +57,11 @@
 # This fixes bsc#976777. While the fix is upstream, it isn't in Docker 1.10.3 
or
 # Docker 1.11.0. This patch was squashed and cherry-picked from runc#708.
 Patch301:   cve-2016-3697-numeric-uid.patch
+# This fixes bnc#964673. This fix is in boltdb upstream, but has yet to be
+# merged into Docker (in a vendor commit). This patch was cherry-picked from
+# bolt#555.
+Patch302:   bnc964673-boltdb-metadata-recovery.patch
+Requires(post): udev
 BuildRequires:  audit
 BuildRequires:  bash-completion
 BuildRequires:  device-mapper-devel >= 1.2.68
@@ -100,6 +105,13 @@
 %endif
 ExcludeArch:ppc
 
+# It's a bad idea to strip Go binaries (apart from making debugging impossible,
+# it also is known to cause some interesting runtime bugs). However, rpmbuild
+# will strip your binaries if it is creating debuginfo packages (as well as
+# doing it by default). So we have to manually disable both of these things.
+%undefine _build_create_debug
+%define __arch_install_post export NO_BRP_STRIP_DEBUG=true
+
 %description
 Docker complements LXC with a high-level API which operates at the process
 level. It runs unix processes with strong guarantees of isolation and
@@ -167,6 +179,8 @@
 %endif
 # bsc#976777
 %patch301 -p1
+# bnc#964673
+%patch302 -p1
 cp %{SOURCE7} .
 
 %build

++ bnc964673-boltdb-metadata-recovery.patch ++
>From 8f0e47cee034cdc08ca515d98a6733130908fc26 Mon Sep 17 00:00:00 2001
From: Aleksa Sarai 
Date: Mon, 16 May 2016 23:53:46 +1000
Subject: [PATCH] db: fix recovery from unsynced metadata

Bolt stores the two latest transactions' metadata, but previously did
not recover from validation failures in the latest by using the second
latest. Fix this by correctly handling validation failures in db.go, as
well as returning the metadata with highest txid which is also valid in
DB.meta().

Signed-off-by: Aleksa Sarai 
---
 vendor/src/github.com/boltdb/bolt/db.go | 49 +
 1 file changed, 38 insertions(+), 11 deletions(-)

diff --git a/vendor/src/github.com/boltdb/bolt/db.go 
b/vendor/src/github.com/boltdb/bolt/db.go
index 501d36aac24a..f713485ffab6 100644
--- a/vendor/src/github.com/boltdb/bolt/db.go
+++ b/vendor/src/github.com/boltdb/bolt/db.go
@@ -200,9 +200,15 @@ func Open(path string, mode os.FileMode, options *Options) 
(*DB, error) {
if _, err := db.file.ReadAt(buf[:], 0); err == nil {
m := db.pageInBuffer(buf[:], 0).meta()
if err := m.validate(); err != nil {
-   return nil, err
+   // If we can't read the page size, we can 
assume it's the same
+   // as the OS -- since that's how the page size 
was chosen in the
+   // first place.
+   // XXX: Does this cause issues with opening a 
database on a
+   //  different OS than the one it was 
created on?
+   db.pageSize = os.Getpagesize()
+   } else {
+   db.pageSize = int(m.pageSize)
}
-   db.pageSize = 

commit docker for openSUSE:Factory

2016-04-12 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2016-04-12 19:38:27

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2016-03-31 
13:03:23.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2016-04-12 
19:38:28.0 +0200
@@ -1,0 +2,14 @@
+Fri Apr  8 13:27:55 UTC 2016 - dmuel...@suse.com
+
+- use go-lang for aarch64:
+  - drop fix_platform_type_arm.patch (works around a gcc-go bug, so
+  unnecessary)
+
+---
+Thu Apr  7 09:35:40 UTC 2016 - asa...@suse.de
+
+- Add patch from upstream (https://github.com/docker/docker/pull/21723) to fix
+  compilation on Factory and Tumbleweed (which have btrfsprogs >= 4.5).
++ fix-btrfs-ioctl-structure.patch  bnc#974208
+
+---

Old:

  fix_platform_type_arm.patch

New:

  fix-btrfs-ioctl-structure.patch



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.SAfOiL/_old  2016-04-12 19:38:29.0 +0200
+++ /var/tmp/diff_new_pack.SAfOiL/_new  2016-04-12 19:38:29.0 +0200
@@ -21,7 +21,7 @@
 %define docker_migration_testfile 
%{docker_store}/.suse-image-migration-v1to2-complete
 
 %define git_version 9e83765
-%define go_arches %ix86 x86_64
+%define go_arches %ix86 x86_64 aarch64
 Name:   docker
 Version:1.10.3
 Release:0
@@ -45,10 +45,12 @@
 Source8:docker-audit.rules
 # TODO: remove once we figure out what is wrong with iptables on ppc64le
 Source100:  sysconfig.docker.ppc64le
-Patch0: fix_platform_type_arm.patch
 Patch1: gcc5_socket_workaround.patch
 Patch2: fix-docker-init.patch
 Patch3: fix-apparmor.patch
+# TODO: Remove this once we update to Docker 1.11.0. This has been merged in
+#   https://github.com/docker/docker/pull/21723
+Patch4: fix-btrfs-ioctl-structure.patch
 # Required to overcome some limitations of gcc-go: 
https://groups.google.com/forum/#!msg/golang-nuts/SlGCPYkjxo4/4DjcjXRCqAkJ
 # Right now docker passes the sha1sum of the dockerinit binary to the docker 
binary at build time
 # We cannot do that, right now a quick and really dirty way to get it running 
is
@@ -153,7 +155,6 @@
 
 %prep
 %setup -q -n %{name}-%{version}
-%patch0 -p1
 # 1330 is Tumbleweed after leap has been released
 # gcc5-go in Tumbleweed includes this commit
 # 
https://github.com/golang/gofrontend/commit/a850225433a66a58613c22185c3b09626f5545eb
@@ -166,6 +167,7 @@
 %endif
 %patch2 -p1
 %patch3 -p1
+%patch4 -p1
 %ifnarch %go_arches
 %patch101 -p1
 %patch102 -p1

++ fix-btrfs-ioctl-structure.patch ++
>From a038cccf88998814249a7a40b71a33a680e3f02f Mon Sep 17 00:00:00 2001
From: Julio Montes 
Date: Fri, 1 Apr 2016 08:58:29 -0600
Subject: [PATCH] Fix compilation errors with btrfs-progs-4.5

btrfs-progs-4.5 introduces device delete by devid
for this reason btrfs_ioctl_vol_args_v2's name was encapsulated
in a union

this patch is for setting btrfs_ioctl_vol_args_v2's name
using a C function in order to preserve compatibility
with all btrfs-progs versions

Signed-off-by: Julio Montes 
Signed-off-by: Aleksa Sarai 
---
 daemon/graphdriver/btrfs/btrfs.go | 11 ---
 1 file changed, 8 insertions(+), 3 deletions(-)

Index: docker-1.10.3/daemon/graphdriver/btrfs/btrfs.go
===
--- docker-1.10.3.orig/daemon/graphdriver/btrfs/btrfs.go
+++ docker-1.10.3/daemon/graphdriver/btrfs/btrfs.go
@@ -7,6 +7,10 @@ package btrfs
 #include 
 #include 
 #include 
+
+static void set_name_btrfs_ioctl_vol_args_v2(struct btrfs_ioctl_vol_args_v2* 
btrfs_struct, const char* value) {
+snprintf(btrfs_struct->name, BTRFS_SUBVOL_NAME_MAX, "%s", value);
+}
 */
 import "C"
 
@@ -160,9 +164,10 @@ func subvolSnapshot(src, dest, name stri
 
var args C.struct_btrfs_ioctl_vol_args_v2
args.fd = C.__s64(getDirFd(srcDir))
-   for i, c := range []byte(name) {
-   args.name[i] = C.char(c)
-   }
+
+   var cs = C.CString(name)
+   C.set_name_btrfs_ioctl_vol_args_v2(, cs)
+   C.free(unsafe.Pointer(cs))
 
_, _, errno := syscall.Syscall(syscall.SYS_IOCTL, getDirFd(destDir), 
C.BTRFS_IOC_SNAP_CREATE_V2,
uintptr(unsafe.Pointer()))



commit docker for openSUSE:Factory

2016-03-31 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2016-03-31 13:03:19

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2016-01-01 
19:50:59.0 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2016-03-31 
13:03:23.0 +0200
@@ -0,0 +1,221 @@
+---
+Tue Mar 22 15:27:26 UTC 2016 - fcaste...@suse.com
+
+- Changed systemd unit file and default sysconfig file to include network 
options,
+  this is needed to get SDN like flannel to work
+
+---
+Tue Mar 15 09:16:55 UTC 2016 - asa...@suse.de
+
+- docker.spec: update warning to mention that /etc/sysconfig/docker is sourced
+  by the migration script.
+
+---
+Mon Mar 14 10:20:19 UTC 2016 - asa...@suse.de
+
+- docker.spec: only Reccomends: the docker-image-migrator package as it is no
+  longer required for our ugly systemctl hacks.
+- docker.spec: fix up documentation to refer to the script you need to run in
+  the migrator package.
+- docker.spec: print a warning if you force the DOCKER_FORCE_INSTALL option.
+
+---
+Fri Mar 11 08:44:46 UTC 2016 - asa...@suse.de
+
+- spec: switch to new done file name from docker-image-migrator
+
+---
+Fri Mar 11 08:41:49 UTC 2016 - jmassaguer...@suse.com
+
+- update to docker 1.10.3 (bnc#970637)
+  Runtime
+Fix Docker client exiting with an "Unrecognized input header" error #20706
+Fix Docker exiting if Exec is started with both AttachStdin and Detach 
#20647
+  Distribution
+Fix a crash when pushing multiple images sharing the same layers to the 
same repository in parallel #20831
+Fix a panic when pushing images to a registry which uses a misconfigured 
token service #21030
+  Plugin system
+Fix issue preventing volume plugins to start when SELinux is enabled #20834
+Prevent Docker from exiting if a volume plugin returns a null response for 
Get requests #20682
+Fix plugin system leaking file descriptors if a plugin has an error #20680
+  Security
+Fix linux32 emulation to fail during docker build #20672 It was due to the 
personality syscall being blocked by the default seccomp profile.
+Fix Oracle XE 10g failing to start in a container #20981 It was due to the 
ipc syscall being blocked by the default seccomp profile.
+Fix user namespaces not working on Linux From Scratch #20685
+Fix issue preventing daemon to start if userns is enabled and the subuid 
or subgid files contain comments #20725
+
+  More at https://github.com/docker/docker/releases/tag/v1.10.3
+
+---
+Thu Mar 10 13:52:54 UTC 2016 - asa...@suse.de
+
+- spec: improve file-based migration checks to make sure that it doesn't cause
+  errors if running on a /var/lib/docker without /var/lib/docker/graph.
+
+---
+Wed Mar  9 13:45:14 UTC 2016 - asa...@suse.de
+
+- spec: implement file-based migration checks. The migrator will be updated to
+  match the warning message's instructions. This looks like it works with my
+  testing.
+
+---
+Mon Mar  7 14:09:17 UTC 2016 - norm...@linux.vnet.ibm.com
+
+- more patches to build on ppc64 architecture
+  update netlink_gcc_go.patch
+  new netlink_netns_powerpc.patch
+  new boltdb_bolt_powerpc.patch
+  new libnetwork_drivers_bridge_powerpc.patch to replace
+  deleted fix-ppc64le.patch
+
+---
+Tue Mar  1 17:54:41 UTC 2016 - jmassaguer...@suse.com
+
+- fix bsc#968972 - let docker manage the cgroups of the processes
+  that it launches without systemd
+
+---
+Tue Mar  1 15:28:56 UTC 2016 - jmassaguer...@suse.com
+
+- Require docker-image-migrator (bnc#968933)
+
+---
+Tue Feb 23 08:55:17 UTC 2016 - jmassaguer...@suse.com
+
+Update to version 1.10.2 (bnc#968933)
+
+  - Runtime
+Prevent systemd from deleting containers' cgroups when its configuration 
is reloaded #20518
+Fix SELinux issues by disregarding --read-only when mounting /dev/mqueue 
#20333
+Fix chown permissions used during docker cp when userns is used #20446
+Fix configuration loading issue with all booleans defaulting to true #20471
+Fix 

commit docker for openSUSE:Factory

2016-01-01 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2016-01-01 19:48:32

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2015-12-09 
22:15:08.0 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2016-01-01 
19:50:59.0 +0100
@@ -0,0 +1,4 @@
+Wed Dec 23 10:47:04 UTC 2015 - fcaste...@suse.com
+
+- Add rules for auditd. This is required to fix bnc#959405
+

New:

  docker-audit.rules



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.CvHg8p/_old  2016-01-01 19:51:01.0 +0100
+++ /var/tmp/diff_new_pack.CvHg8p/_new  2016-01-01 19:51:01.0 +0100
@@ -38,6 +38,7 @@
 
 Source6:docker-rpmlintrc
 Source7:README_SUSE.md
+Source8:docker-audit.rules
 # TODO: remove once we figure out what is wrong with iptables on ppc64le
 Source100:  sysconfig.docker.ppc64le
 Patch0: fix-docker-init.patch
@@ -54,6 +55,7 @@
 Patch104:   docker_remove_journald_to_fix_dynbinary_build_on_powerpc.patch
 Patch105:   add_bolt_arm64.patch
 Patch106:   docker_remove_journald_to_fix_dynbinary_build_on_arm64.patch
+BuildRequires:  audit
 BuildRequires:  bash-completion
 BuildRequires:  device-mapper-devel >= 1.2.68
 BuildRequires:  glibc-devel-static
@@ -210,6 +212,9 @@
 
 install -D -m 0644 %SOURCE3 
%{buildroot}%{_prefix}/lib/udev/rules.d/80-%{name}.rules
 
+# audit rules
+install -D -m 0640 %SOURCE8 
%{buildroot}%{_sysconfdir}/audit/rules.d/%{name}.rules
+
 # sysconfig file
 %ifarch ppc64le
 install -D -m 644 %SOURCE100 
%{buildroot}/var/adm/fillup-templates/sysconfig.docker
@@ -251,6 +256,7 @@
 %{_prefix}/lib/docker/dockerinit
 %{_unitdir}/%{name}.service
 %{_unitdir}/%{name}.socket
+%config %{_sysconfdir}/audit/rules.d/%{name}.rules
 %{_prefix}/lib/udev/rules.d/80-%{name}.rules
 /var/adm/fillup-templates/sysconfig.docker
 %ifarch %go_arches

++ docker-audit.rules ++
##
# Audit rules based on CIS Docker 1.6 Benchmark v1.0.0
# 
https://benchmarks.cisecurity.org/tools2/docker/CIS_Docker_1.6_Benchmark_v1.0.0.pdf
# Not all of these apply to SUSE. 
# 1.8 Audit docker daemon
-w /usr/bin/docker -k docker
# 1.9 Audit Docker files and directories
-w /var/lib/docker -k docker
# 1.10 Audit /etc/docker
-w /etc/docker -k docker
# 1.11 Audit Docker files and directories - docker-registry.service
-w /usr/lib/systemd/system/docker-registry.service -k docker
# 1.12 Audit Docker files and directories - docker.service
-w /usr/lib/systemd/system/docker.service -k docker
# 1.13 Audit Docker files and directories - /var/run/docker.sock
-w /var/run/docker.sock -k docker
# 1.14 Audit Docker files and directories - /etc/sysconfig/docker
-w /etc/sysconfig/docker -k docker
# 1.15 Audit Docker files and directories - /etc/sysconfig/docker-network
-w /etc/sysconfig/docker-network -k docker
# 1.16 Audit Docker files and directories - /etc/sysconfig/docker-registry
-w /etc/sysconfig/docker-registry -k docker
# 1.17 Audit Docker files and directories - /etc/sysconfig/docker-storage
-w /etc/sysconfig/docker-storage -k docker
# 1.18 Audit Docker files and directories - /etc/default/docker
-w /etc/default/docker-k docker
## end docker audit rules



commit docker for openSUSE:Factory

2015-12-09 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2015-12-09 19:52:31

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2015-12-06 
07:40:48.0 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2015-12-09 
22:15:08.0 +0100
@@ -1,0 +2,14 @@
+Fri Dec  4 16:08:22 UTC 2015 - norm...@linux.vnet.ibm.com
+
+-  remove 2 patches and add 5 others after 1.9.1 upgrade
+   Removed:
+docker_missing_ppc64le_netlink_linux_files.patch
+docker_rename_jump_amd64_as_jump_linux.patch
+   Added:
+add_bolt_ppc64.patch
+add_bolt_arm64.patch
+docker_remove_journald_to_fix_dynbinary_build_on_arm.patch
+docker_remove_journald_to_fix_dynbinary_build_on_powerpc.patch
+docker_remove_journald_to_fix_dynbinary_build_on_arm64.patch
+
+---

Old:

  docker_missing_ppc64le_netlink_linux_files.patch
  docker_rename_jump_amd64_as_jump_linux.patch

New:

  add_bolt_arm64.patch
  add_bolt_ppc64.patch
  docker_remove_journald_to_fix_dynbinary_build_on_arm.patch
  docker_remove_journald_to_fix_dynbinary_build_on_arm64.patch
  docker_remove_journald_to_fix_dynbinary_build_on_powerpc.patch



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.TGlde4/_old  2015-12-09 22:15:10.0 +0100
+++ /var/tmp/diff_new_pack.TGlde4/_new  2015-12-09 22:15:10.0 +0100
@@ -49,8 +49,11 @@
 # to simply disable this check
 Patch100:   ignore-dockerinit-checksum.patch
 Patch101:   gcc-go-build-static-libgo.patch
-Patch102:   docker_rename_jump_amd64_as_jump_linux.patch
-Patch103:   docker_missing_ppc64le_netlink_linux_files.patch
+Patch102:   add_bolt_ppc64.patch
+Patch103:   docker_remove_journald_to_fix_dynbinary_build_on_arm.patch
+Patch104:   docker_remove_journald_to_fix_dynbinary_build_on_powerpc.patch
+Patch105:   add_bolt_arm64.patch
+Patch106:   docker_remove_journald_to_fix_dynbinary_build_on_arm64.patch
 BuildRequires:  bash-completion
 BuildRequires:  device-mapper-devel >= 1.2.68
 BuildRequires:  glibc-devel-static
@@ -147,6 +150,9 @@
 %patch101 -p0
 %patch102 -p1
 %patch103 -p1
+%patch104 -p1
+%patch105 -p1
+%patch106 -p1
 %endif
 cp %{SOURCE7} .
 

++ add_bolt_arm64.patch ++
From: Michel Normand 
Subject: add bolt arm64
Date: Fri, 04 Dec 2015 17:07:22 +0100

add bolt arm64

Signed-off-by: Michel Normand 
---
 vendor/src/github.com/boltdb/bolt/bolt_arm64.go |4 
 1 file changed, 4 insertions(+)

Index: docker-1.9.1/vendor/src/github.com/boltdb/bolt/bolt_arm64.go
===
--- /dev/null
+++ docker-1.9.1/vendor/src/github.com/boltdb/bolt/bolt_arm64.go
@@ -0,0 +1,4 @@
+package bolt
+
+// maxMapSize represents the largest mmap size supported by Bolt.
+const maxMapSize = 0x // 256TB
++ add_bolt_ppc64.patch ++
---
 vendor/src/github.com/boltdb/bolt/bolt_ppc64.go   |4 
 vendor/src/github.com/boltdb/bolt/bolt_ppc64le.go |4 
 2 files changed, 8 insertions(+)

Index: docker-1.9.1/vendor/src/github.com/boltdb/bolt/bolt_ppc64.go
===
--- /dev/null
+++ docker-1.9.1/vendor/src/github.com/boltdb/bolt/bolt_ppc64.go
@@ -0,0 +1,4 @@
+package bolt
+
+// maxMapSize represents the largest mmap size supported by Bolt.
+const maxMapSize = 0x // 256TB
Index: docker-1.9.1/vendor/src/github.com/boltdb/bolt/bolt_ppc64le.go
===
--- /dev/null
+++ docker-1.9.1/vendor/src/github.com/boltdb/bolt/bolt_ppc64le.go
@@ -0,0 +1,4 @@
+package bolt
+
+// maxMapSize represents the largest mmap size supported by Bolt.
+const maxMapSize = 0x // 256TB
++ docker_remove_journald_to_fix_dynbinary_build_on_arm.patch ++
>From 6f6f10a75f8b447637e8a89d685452871899e9c0 Mon Sep 17 00:00:00 2001
From: Stefan Scherer 
Date: Thu, 19 Nov 2015 17:09:20 +0100
Subject: [PATCH] prevent journald from being built on ARM

Signed-off-by: Govinda Fichtner 

---
 daemon/logger/journald/journald.go |2 +-
 daemon/logger/journald/journald_unsupported.go |2 +-
 daemon/logger/journald/read.go |2 +-
 daemon/logger/journald/read_unsupported.go |2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

Index: docker-1.9.1/daemon/logger/journald/journald.go

commit docker for openSUSE:Factory

2015-12-05 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2015-12-06 07:40:47

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2015-11-24 
22:34:04.0 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2015-12-06 
07:40:48.0 +0100
@@ -1,0 +2,33 @@
+Tue Nov 24 10:53:44 UTC 2015 - fcaste...@suse.com
+
+- Upgrade to 1.9.1(bnc#956434)
+  * Runtime:
+- Do not prevent daemon from booting if images could not be restored 
(#17695)
+- Force IPC mount to unmount on daemon shutdown/init (#17539)
+- Turn IPC unmount errors into warnings (#17554)
+- Fix `docker stats` performance regression (#17638)
+- Clarify cryptic error message upon `docker logs` if `--log-driver=none` 
(#17767)
+- Fix seldom panics (#17639, #17634, #17703)
+- Fix opq whiteouts problems for files with dot prefix (#17819)
+- devicemapper: try defaulting to xfs instead of ext4 for performance 
reasons (#17903, #17918)
+- devicemapper: fix displayed fs in docker info (#17974)
+- selinux: only relabel if user requested so with the `z` option (#17450, 
#17834)
+- Do not make network calls when normalizing names (#18014)
+  *Client:
+- Fix `docker login` on windows (#17738)
+- Fix bug with `docker inspect` output when not connected to daemon 
(#17715)
+- Fix `docker inspect -f {{.HostConfig.Dns}} somecontainer` (#17680)
+  * Builder:
+- Fix regression with symlink behavior in ADD/COPY (#17710)
+  * Networking:
+- Allow passing a network ID as an argument for `--net` (#17558)
+- Fix connect to host and prevent disconnect from host for `host` network 
(#17476)
+- Fix `--fixed-cidr` issue when gateway ip falls in ip-range and ip-range 
is
+  not the first block in the network (#17853)
+- Restore deterministic `IPv6` generation from `MAC` address on default 
`bridge` network (#17890)
+- Allow port-mapping only for endpoints created on docker run (#17858)
+- Fixed an endpoint delete issue with a possible stale sbox (#18102)
+  * Distribution:
+- Correct parent chain in v2 push when v1Compatibility files on the disk 
are inconsistent (#18047)
+
+---

Old:

  docker-1.9.0.tar.xz

New:

  docker-1.9.1.tar.xz



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.Q7Bhlm/_old  2015-12-06 07:40:49.0 +0100
+++ /var/tmp/diff_new_pack.Q7Bhlm/_new  2015-12-06 07:40:49.0 +0100
@@ -16,10 +16,10 @@
 #
 
 
-%define git_version 76d6bc9
+%define git_version a34a1d5
 %define go_arches %ix86 x86_64
 Name:   docker
-Version:1.9.0
+Version:1.9.1
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0

++ _service ++
--- /var/tmp/diff_new_pack.Q7Bhlm/_old  2015-12-06 07:40:49.0 +0100
+++ /var/tmp/diff_new_pack.Q7Bhlm/_new  2015-12-06 07:40:49.0 +0100
@@ -3,8 +3,8 @@
 https://github.com/docker/docker.git
 git
 .git
-1.9.0
-v1.9.0
+1.9.1
+v1.9.1
   
   
 docker-*.tar

++ docker-1.9.0.tar.xz -> docker-1.9.1.tar.xz ++
 3854 lines of diff (skipped)




commit docker for openSUSE:Factory

2015-11-24 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2015-11-24 22:33:46

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2015-10-28 
17:30:41.0 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2015-11-24 
22:34:04.0 +0100
@@ -1,0 +2,90 @@
+Fri Nov 13 16:58:43 UTC 2015 - fcaste...@suse.com
+
+- Update to version 1.9.0 (bnc#954812):
+  * Runtime:
+- `docker stats` now returns block IO metrics (#15005)
+- `docker stats` now details network stats per interface (#15786)
+- Add `ancestor=` filter to `docker ps --filter` flag to filter
+  containers based on their ancestor images (#14570)
+- Add `label=` filter to `docker ps --filter` to filter 
containers
+  based on label (#16530)
+- Add `--kernel-memory` flag to `docker run` (#14006)
+- Add `--message` flag to `docker import` allowing to specify an optional
+  message (#15711)
+- Add `--privileged` flag to `docker exec` (#14113)
+- Add `--stop-signal` flag to `docker run` allowing to replace the 
container
+  process stopping signal (#15307)
+- Add a new `unless-stopped` restart policy (#15348)
+- Inspecting an image now returns tags (#13185)
+- Add container size information to `docker inspect` (#15796)
+- Add `RepoTags` and `RepoDigests` field to `/images/{name:.*}/json` 
(#17275)
+- Remove the deprecated `/container/ps` endpoint from the API (#15972)
+- Send and document correct HTTP codes for `/exec//start` (#16250)
+- Share shm and mqueue between containers sharing IPC namespace (#15862)
+- Event stream now shows OOM status when `--oom-kill-disable` is set 
(#16235)
+- Ensure special network files (/etc/hosts etc.) are read-only if 
bind-mounted
+  with `ro` option (#14965)
+- Improve `rmi` performance (#16890)
+- Do not update /etc/hosts for the default bridge network, except for 
links (#17325)
+- Fix conflict with duplicate container names (#17389)
+- Fix an issue with incorrect template execution in `docker inspect` 
(#17284)
+- DEPRECATE `-c` short flag variant for `--cpu-shares` in docker run 
(#16271)
+  * Client:
+- Allow `docker import` to import from local files (#11907)
+  * Builder:
+- Add a `STOPSIGNAL` Dockerfile instruction allowing to set a different
+  stop-signal for the container process (#15307)
+- Add an `ARG` Dockerfile instruction and a `--build-arg` flag to `docker 
build`
+  that allows to add build-time environment variables (#15182)
+- Improve cache miss performance (#16890)
+  * Storage:
+- devicemapper: Implement deferred deletion capability (#16381)
+  * Networking:
+- `docker network` exits experimental and is part of standard release 
(#16645)
+- New network top-level concept, with associated subcommands and API 
(#16645)
+  WARNING: the API is different from the experimental API
+- Support for multiple isolated/micro-segmented networks (#16645)
+- Built-in multihost networking using VXLAN based overlay driver (#14071)
+- Support for third-party network plugins (#13424)
+- Ability to dynamically connect containers to multiple networks (#16645)
+- Support for user-defined IP address management via pluggable IPAM 
drivers (#16910)
+- Add daemon flags `--cluster-store` and `--cluster-advertise` for 
built-in nodes discovery (#16229)
+- Add `--cluster-store-opt` for setting up TLS settings (#16644)
+- Add `--dns-opt` to the daemon (#16031)
+- DEPRECATE following container `NetworkSettings` fields in API v1.21: 
`EndpointID`, `Gateway`,
+  `GlobalIPv6Address`, `GlobalIPv6PrefixLen`, `IPAddress`, `IPPrefixLen`, 
`IPv6Gateway` and `MacAddress`.
+  Those are now specific to the `bridge` network. Use 
`NetworkSettings.Networks` to inspect
+  the networking settings of a container per network.
+  * Volumes:
+- New top-level `volume` subcommand and API (#14242)
+- Move API volume driver settings to host-specific config (#15798)
+- Print an error message if volume name is not unique (#16009)
+- Ensure volumes created from Dockerfiles always use the local volume 
driver
+  (#15507)
+- DEPRECATE auto-creating missing host paths for bind mounts (#16349)
+  * Logging:
+- Add `awslogs` logging driver for Amazon CloudWatch (#15495)
+- Add generic `tag` log option to allow customizing container/image
+  information passed to driver (e.g. show container names) (#15384)
+- Implement the `docker logs` endpoint for the journald driver (#13707)
+- DEPRECATE driver-specific log tags (e.g. `syslog-tag`, etc.) (#15384)
+  * 

commit docker for openSUSE:Factory

2015-10-28 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2015-10-28 17:30:33

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2015-10-20 
16:22:33.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2015-10-28 
17:30:41.0 +0100
@@ -1,0 +2,6 @@
+Mon Oct 26 14:02:47 UTC 2015 - norm...@linux.vnet.ibm.com
+
+- new patch to avoid ppc64le build error
+  docker_missing_ppc64le_netlink_linux_files.patch
+
+---

New:

  docker_missing_ppc64le_netlink_linux_files.patch



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.lwdgFY/_old  2015-10-28 17:30:42.0 +0100
+++ /var/tmp/diff_new_pack.lwdgFY/_new  2015-10-28 17:30:42.0 +0100
@@ -51,6 +51,7 @@
 Patch100:   ignore-dockerinit-checksum.patch
 Patch101:   gcc-go-build-static-libgo.patch
 Patch102:   docker_rename_jump_amd64_as_jump_linux.patch
+Patch103:   docker_missing_ppc64le_netlink_linux_files.patch
 BuildRequires:  bash-completion
 BuildRequires:  device-mapper-devel >= 1.2.68
 BuildRequires:  glibc-devel-static
@@ -147,6 +148,7 @@
 %patch100 -p1
 %patch101 -p0
 %patch102 -p1
+%patch103 -p1
 %endif
 cp %{SOURCE7} .
 

++ docker_missing_ppc64le_netlink_linux_files.patch ++
From: Michel Normand 
Subject: docker missing ppc64le netlink linux files
Date: Mon, 26 Oct 2015 15:00:07 +0100

docker missing ppc64le netlink linux files
patch to avoid build error like:
===
[   29s] # github.com/opencontainers/runc/libcontainer/netlink
[   29s] 
vendor/src/github.com/opencontainers/runc/libcontainer/netlink/netlink_linux.go:1260:26:
 error: incompatible types in assignment (cannot use type int8 as type uint8)
[   29s]ifr.IfruHwaddr.Data[i] = ifrDataByte(hw[i])
[   29s]   ^
===

Signed-off-by: Michel Normand 
---
 
vendor/src/github.com/docker/libnetwork/drivers/bridge/netlink_deprecated_linux_armppc64.go
 |2 +-
 
vendor/src/github.com/docker/libnetwork/drivers/bridge/netlink_deprecated_linux_notarm.go
   |2 +-
 
vendor/src/github.com/opencontainers/runc/libcontainer/netlink/netlink_linux_armppc64.go
|2 +-
 
vendor/src/github.com/opencontainers/runc/libcontainer/netlink/netlink_linux_notarm.go
  |2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

Index: 
docker-1.8.3/vendor/src/github.com/opencontainers/runc/libcontainer/netlink/netlink_linux_armppc64.go
===
--- 
docker-1.8.3.orig/vendor/src/github.com/opencontainers/runc/libcontainer/netlink/netlink_linux_armppc64.go
+++ 
docker-1.8.3/vendor/src/github.com/opencontainers/runc/libcontainer/netlink/netlink_linux_armppc64.go
@@ -1,4 +1,4 @@
-// +build arm ppc64
+// +build arm ppc64 ppc64le
 
 package netlink
 
Index: 
docker-1.8.3/vendor/src/github.com/opencontainers/runc/libcontainer/netlink/netlink_linux_notarm.go
===
--- 
docker-1.8.3.orig/vendor/src/github.com/opencontainers/runc/libcontainer/netlink/netlink_linux_notarm.go
+++ 
docker-1.8.3/vendor/src/github.com/opencontainers/runc/libcontainer/netlink/netlink_linux_notarm.go
@@ -1,4 +1,4 @@
-// +build !arm,!ppc64
+// +build !arm,!ppc64,!ppc64le
 
 package netlink
 
Index: 
docker-1.8.3/vendor/src/github.com/docker/libnetwork/drivers/bridge/netlink_deprecated_linux_armppc64.go
===
--- 
docker-1.8.3.orig/vendor/src/github.com/docker/libnetwork/drivers/bridge/netlink_deprecated_linux_armppc64.go
+++ 
docker-1.8.3/vendor/src/github.com/docker/libnetwork/drivers/bridge/netlink_deprecated_linux_armppc64.go
@@ -1,4 +1,4 @@
-// +build arm ppc64
+// +build arm ppc64 ppc64le
 
 package bridge
 
Index: 
docker-1.8.3/vendor/src/github.com/docker/libnetwork/drivers/bridge/netlink_deprecated_linux_notarm.go
===
--- 
docker-1.8.3.orig/vendor/src/github.com/docker/libnetwork/drivers/bridge/netlink_deprecated_linux_notarm.go
+++ 
docker-1.8.3/vendor/src/github.com/docker/libnetwork/drivers/bridge/netlink_deprecated_linux_notarm.go
@@ -1,4 +1,4 @@
-// +build !arm,!ppc64
+// +build !arm,!ppc64,!ppc64le
 
 package bridge
 



commit docker for openSUSE:Factory

2015-10-20 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2015-10-20 16:22:31

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2015-09-30 
05:53:27.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2015-10-20 
16:22:33.0 +0200
@@ -1,0 +2,8 @@
+Mon Oct 12 20:28:46 UTC 2015 - fcaste...@suse.com
+
+- Update docker to 1.8.3 version:
+  * Fix layer IDs lead to local graph poisoning (CVE-2014-8178) (bnc#949660)
+  * Fix manifest validation and parsing logic errors allow pull-by-digest 
validation bypass (CVE-2014-8179)
+  * Add `--disable-legacy-registry` to prevent a daemon from using a v1 
registry
+
+---

Old:

  docker-1.8.2.tar.gz

New:

  _service
  docker-1.8.3.tar.xz



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.CLBJGZ/_old  2015-10-20 16:22:34.0 +0200
+++ /var/tmp/diff_new_pack.CLBJGZ/_new  2015-10-20 16:22:34.0 +0200
@@ -16,16 +16,16 @@
 #
 
 
-%define git_version 0a8c2e3
+%define git_version f4bf5c7
 %define go_arches %ix86 x86_64
 Name:   docker
-Version:1.8.2
+Version:1.8.3
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0
 Group:  System/Management
 Url:http://www.docker.io
-Source: %{name}-%{version}.tar.gz
+Source: %{name}-%{version}.tar.xz
 Source1:docker.service
 Source3:80-docker.rules
 Source4:sysconfig.docker
@@ -60,7 +60,6 @@
 %else
 BuildRequires:  gcc5-go >= 5.0
 %endif
-BuildRequires:  fdupes
 BuildRequires:  libapparmor-devel
 BuildRequires:  libbtrfs-devel >= 3.8
 BuildRequires:  procps
@@ -127,6 +126,7 @@
 %else
 Requires:   gcc5-go >= 5.0
 %endif
+BuildRequires:  fdupes
 Requires:   apparmor-parser
 Requires:   bash-completion
 Requires:   libapparmor-devel
@@ -149,7 +149,6 @@
 %patch102 -p1
 %endif
 cp %{SOURCE7} .
-find . -name ".gitignore" | xargs rm
 
 %build
 %ifnarch %go_arches
@@ -243,6 +242,7 @@
 %{_bindir}/docker
 %{_sbindir}/rcdocker
 %{_prefix}/lib/docker/
+%{_prefix}/lib/docker/dockerinit
 %{_unitdir}/%{name}.service
 %{_unitdir}/%{name}.socket
 %{_prefix}/lib/udev/rules.d/80-%{name}.rules

++ _service ++

  
https://github.com/docker/docker.git
git
.git
1.8.3
v1.8.3
  
  
docker-*.tar
xz
  
  
docker
  

++ docker-rpmlintrc ++
--- /var/tmp/diff_new_pack.CLBJGZ/_old  2015-10-20 16:22:34.0 +0200
+++ /var/tmp/diff_new_pack.CLBJGZ/_new  2015-10-20 16:22:34.0 +0200
@@ -4,11 +4,5 @@
 addFilter ("^docker.x86_64: W: unstripped-binary-or-object 
/usr/lib/docker/dockerinit")
 addFilter ("^docker.x86_64: W: no-manual-page-for-binary docker")
 addFilter ("^docker.x86_64: W: no-manual-page-for-binary nsinit")
-addFilter ("test.noarch.*: E: devel-file-in-non-devel-package")
-addFilter ("test.noarch.*: W: pem-certificate")
-addFilter ("test.noarch.*: W: non-executable-script")
-addFilter ("test.noarch.*: W: hidden-file-or-dir")
-addFilter ("test.noarch.*: W: files-duplicate")
-addFilter ("test.noarch.*: W: script-without-shebang 
/usr/src/docker/docs/README.md")
-addFilter ("test.noarch.*: W: sourced-script-with-shebang 
/etc/bash_completion.d/docker bash")
-addFilter ("test.noarch.*: W: suse-filelist-forbidden-fhs23 /usr/src/docker")
+addFilter ("^docker-test.noarch: W:.*")
+addFilter ("^docker-test.noarch: E:.*")




commit docker for openSUSE:Factory

2015-09-29 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2015-09-30 05:53:25

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2015-09-17 
09:20:36.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2015-09-30 
05:53:27.0 +0200
@@ -9,0 +10,2 @@
+  fix bsc#946653 update do docker 1.8.2
+



Other differences:
--



commit docker for openSUSE:Factory

2015-09-17 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2015-09-17 09:20:33

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is "docker"

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2015-08-23 
17:37:26.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2015-09-17 
09:20:36.0 +0200
@@ -1,0 +2,24 @@
+Thu Sep 10 22:33:01 UTC 2015 - jmassaguer...@suse.com
+
+- Update docker to 1.8.2 version
+
+  see detailed changelog in
+
+  https://github.com/docker/docker/releases/tag/v1.8.2 
+
+- devicemapper: fix zero-sized field access 
+  Fix issue #15279: does not build with Go 1.5 tip
+  Due to golang/go@7904946
+  the devices field is dropped.
+
+  This solution works on go1.4 and go1.5
+
+  See more in https://github.com/docker/docker/pull/15404
+  
+  This fix was not included in v1.8.2. See previous link
+  on why.
+
+  fix_15279.patch: contains the patch for issue#15279
+
+
+---

Old:

  docker-1.8.1.tar.bz2

New:

  docker-1.8.2.tar.gz
  fix_15279.patch



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.rYjn3d/_old  2015-09-17 09:20:37.0 +0200
+++ /var/tmp/diff_new_pack.rYjn3d/_new  2015-09-17 09:20:37.0 +0200
@@ -16,16 +16,16 @@
 #
 
 
-%define git_version 786b29d
+%define git_version 0a8c2e3
 %define go_arches %ix86 x86_64
 Name:   docker
-Version:1.8.1
+Version:1.8.2
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0
 Group:  System/Management
 Url:http://www.docker.io
-Source: %{name}-%{version}.tar.bz2
+Source: %{name}-%{version}.tar.gz
 Source1:docker.service
 Source3:80-docker.rules
 Source4:sysconfig.docker
@@ -43,6 +43,7 @@
 Patch0: fix-docker-init.patch
 # PATCH-FIX-OPENSUSE libcontainer-apparmor-fixes.patch -- mount rules aren't 
supported in our apparmor
 Patch1: libcontainer-apparmor-fixes.patch
+Patch2: fix_15279.patch
 # Required to overcome some limitations of gcc-go: 
https://groups.google.com/forum/#!msg/golang-nuts/SlGCPYkjxo4/4DjcjXRCqAkJ
 # Right now docker passes the sha1sum of the dockerinit binary to the docker 
binary at build time
 # We cannot do that, right now a quick and really dirty way to get it running 
is
@@ -141,6 +142,7 @@
 %setup -q -n docker-%{version}
 %patch0 -p1
 %patch1 -p1
+%patch2 -p1
 %ifnarch %go_arches
 %patch100 -p1
 %patch101 -p0

++ fix_15279.patch ++
diff -Naur a/daemon/graphdriver/devmapper/deviceset.go 
b/daemon/graphdriver/devmapper/deviceset.go
--- a/daemon/graphdriver/devmapper/deviceset.go 2015-09-10 20:43:43.0 
+0200
+++ b/daemon/graphdriver/devmapper/deviceset.go 2015-09-11 00:27:54.818876198 
+0200
@@ -1482,12 +1482,16 @@
if err != nil {
return err
}
-   if d, err := devicemapper.GetDeps(devname); err == nil {
-   // Access to more Debug output
-   logrus.Debugf("[devmapper] devicemapper.GetDeps() %s: %#v", 
devname, d)
+
+   if devinfo.Exists == 0 {
+   return nil
+   }
+   if err := devicemapper.RemoveDevice(devname); err != nil {
+   return err
}
-   if devinfo.Exists != 0 {
-   return devicemapper.RemoveDevice(devname)
+
+   if d, err := devicemapper.GetDeps(devname); err == nil {
+   logrus.Warnf("[devmapper] device %s still has %d active 
dependents", devname, d.Count)
}
 
return nil
diff -Naur a/pkg/devicemapper/devmapper_wrapper.go 
b/pkg/devicemapper/devmapper_wrapper.go
--- a/pkg/devicemapper/devmapper_wrapper.go 2015-09-10 20:43:43.0 
+0200
+++ b/pkg/devicemapper/devmapper_wrapper.go 2015-09-11 00:27:54.819876198 
+0200
@@ -38,7 +38,10 @@
 */
 import "C"
 
-import "unsafe"
+import (
+   "reflect"
+   "unsafe"
+)
 
 type (
CDmTask C.struct_dm_task
@@ -184,12 +187,21 @@
if Cdeps == nil {
return nil
}
+
+   // golang issue: https://github.com/golang/go/issues/11925
+   hdr := reflect.SliceHeader{
+   Data: uintptr(unsafe.Pointer(uintptr(unsafe.Pointer(Cdeps)) + 
unsafe.Sizeof(*Cdeps))),
+   Len:  int(Cdeps.count),
+   Cap:  int(Cdeps.count),
+   }
+   devices := *(*[]C.uint64_t)(unsafe.Pointer())
+
deps := {
Count:  uint32(Cdeps.count),
Filler: uint32(Cdeps.filler),
}
-   for _, device := range Cdeps.device {
-   deps.Device = 

commit docker for openSUSE:Factory

2015-08-23 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2015-08-23 15:43:56

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is docker

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2015-08-21 
07:42:18.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2015-08-23 
17:37:26.0 +0200
@@ -1,0 +2,12 @@
+Fri Aug 21 08:46:30 UTC 2015 - norm...@linux.vnet.ibm.com
+
+- new patch as per upstream issue
+  https://github.com/docker/docker/issues/14056#issuecomment-113680944
+  docker_rename_jump_amd64_as_jump_linux.patch
+
+---
+Fri Aug 21 08:07:58 UTC 2015 - norm...@linux.vnet.ibm.com
+
+- ignore-dockerinit-checksum.patch need -p1 in spec
+
+---

New:

  docker_rename_jump_amd64_as_jump_linux.patch



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.lnYW8V/_old  2015-08-23 17:37:27.0 +0200
+++ /var/tmp/diff_new_pack.lnYW8V/_new  2015-08-23 17:37:27.0 +0200
@@ -49,6 +49,7 @@
 # to simply disable this check
 Patch100:   ignore-dockerinit-checksum.patch
 Patch101:   gcc-go-build-static-libgo.patch
+Patch102:   docker_rename_jump_amd64_as_jump_linux.patch
 BuildRequires:  bash-completion
 BuildRequires:  device-mapper-devel = 1.2.68
 BuildRequires:  glibc-devel-static
@@ -141,17 +142,20 @@
 %patch0 -p1
 %patch1 -p1
 %ifnarch %go_arches
-%patch100
-%patch101
+%patch100 -p1
+%patch101 -p0
+%patch102 -p1
 %endif
 cp %{SOURCE7} .
 find . -name .gitignore | xargs rm
 
 %build
 %ifnarch %go_arches
-mkdir /tmp/dirty-hack
-ln -s /usr/bin/go-5 /tmp/dirty-hack/go
-export PATH=/tmp/dirty-hack:$PATH
+tmphack=/tmp/dirty-hack
+[ -e $tmphack ]  rm -rf $tmphack
+mkdir $tmphack
+ln -s /usr/bin/go-5 $tmphack/go
+export PATH=$tmphack:$PATH
 %endif
 
 (cat EOF

++ docker_rename_jump_amd64_as_jump_linux.patch ++
From: Michel Normand norm...@linux.vnet.ibm.com
Subject: docker rename jump amd64 as jump linux
Date: Fri, 21 Aug 2015 10:42:37 +0200

docker rename jump amd64 as jump linux
based on https://github.com/docker/docker/issues/14056#issuecomment-113680944

Signed-off-by: Michel Normand norm...@linux.vnet.ibm.com
---
 vendor/src/github.com/opencontainers/runc/libcontainer/seccomp/jump_amd64.go | 
  68 --
 vendor/src/github.com/opencontainers/runc/libcontainer/seccomp/jump_linux.go | 
  66 +
 2 files changed, 66 insertions(+), 68 deletions(-)

Index: 
docker-1.8.1/vendor/src/github.com/opencontainers/runc/libcontainer/seccomp/jump_amd64.go
===
--- 
docker-1.8.1.orig/vendor/src/github.com/opencontainers/runc/libcontainer/seccomp/jump_amd64.go
+++ /dev/null
@@ -1,68 +0,0 @@
-// +build linux,amd64
-
-package seccomp
-
-// Using BPF filters
-//
-// ref: http://www.gsp.com/cgi-bin/man.cgi?topic=bpf
-import syscall
-
-func jumpGreaterThan(f *filter, v uint, jt sockFilter) {
-   lo := uint32(uint64(v) % 0x1)
-   hi := uint32(uint64(v) / 0x1)
-   *f = append(*f, 
scmpBpfJump(syscall.BPF_JMP+syscall.BPF_JGT+syscall.BPF_K, (hi), 4, 0))
-   *f = append(*f, 
scmpBpfJump(syscall.BPF_JMP+syscall.BPF_JEQ+syscall.BPF_K, (hi), 0, 5))
-   *f = append(*f, scmpBpfStmt(syscall.BPF_LD+syscall.BPF_MEM, 0))
-   *f = append(*f, 
scmpBpfJump(syscall.BPF_JMP+syscall.BPF_JGE+syscall.BPF_K, (lo), 0, 2))
-   *f = append(*f, scmpBpfStmt(syscall.BPF_LD+syscall.BPF_MEM, 1))
-   *f = append(*f, jt)
-   *f = append(*f, scmpBpfStmt(syscall.BPF_LD+syscall.BPF_MEM, 1))
-}
-
-func jumpEqualTo(f *filter, v uint, jt sockFilter) {
-   lo := uint32(uint64(v) % 0x1)
-   hi := uint32(uint64(v) / 0x1)
-   *f = append(*f, 
scmpBpfJump(syscall.BPF_JMP+syscall.BPF_JEQ+syscall.BPF_K, (hi), 0, 5))
-   *f = append(*f, scmpBpfStmt(syscall.BPF_LD+syscall.BPF_MEM, 0))
-   *f = append(*f, 
scmpBpfJump(syscall.BPF_JMP+syscall.BPF_JEQ+syscall.BPF_K, (lo), 0, 2))
-   *f = append(*f, scmpBpfStmt(syscall.BPF_LD+syscall.BPF_MEM, 1))
-   *f = append(*f, jt)
-   *f = append(*f, scmpBpfStmt(syscall.BPF_LD+syscall.BPF_MEM, 1))
-}
-
-func jumpLessThan(f *filter, v uint, jt sockFilter) {
-   lo := uint32(uint64(v) % 0x1)
-   hi := uint32(uint64(v) / 0x1)
-   *f = append(*f, 
scmpBpfJump(syscall.BPF_JMP+syscall.BPF_JGT+syscall.BPF_K, (hi), 6, 0))
-   *f = append(*f, 
scmpBpfJump(syscall.BPF_JMP+syscall.BPF_JEQ+syscall.BPF_K, (hi), 0, 3))
-   *f = append(*f, 

commit docker for openSUSE:Factory

2015-08-20 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2015-08-21 07:41:45

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is docker

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2015-07-25 
07:44:34.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2015-08-21 
07:42:18.0 +0200
@@ -1,0 +2,15 @@
+Thu Aug 13 09:00:25 UTC 2015 - jmassaguer...@suse.com
+
+- Update to docker 1.8.1(bsc#942369 and bsc#942370):
+  - Fix a bug where pushing multiple tags would result in invalid images
+
+- Update to docker 1.8.0:
+  see detailed changelog in
+
+  https://github.com/docker/docker/releases/tag/v1.8.0 
+
+- remove docker-netns-aarch64.patch: This patch was adding 
+   vendor/src/github.com/vishvananda/netns/netns_linux_arm64.go
+  which is now included upstream, so we don't need this patch anymore
+
+---

Old:

  docker-1.7.1.tar.bz2
  docker-netns-aarch64.patch

New:

  docker-1.8.1.tar.bz2



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.KiTZ8H/_old  2015-08-21 07:42:19.0 +0200
+++ /var/tmp/diff_new_pack.KiTZ8H/_new  2015-08-21 07:42:19.0 +0200
@@ -19,7 +19,7 @@
 %define git_version 786b29d
 %define go_arches %ix86 x86_64
 Name:   docker
-Version:1.7.1
+Version:1.8.1
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0
@@ -49,7 +49,6 @@
 # to simply disable this check
 Patch100:   ignore-dockerinit-checksum.patch
 Patch101:   gcc-go-build-static-libgo.patch
-Patch102:   docker-netns-aarch64.patch
 BuildRequires:  bash-completion
 BuildRequires:  device-mapper-devel = 1.2.68
 BuildRequires:  glibc-devel-static
@@ -145,7 +144,6 @@
 %patch100
 %patch101
 %endif
-%patch102
 cp %{SOURCE7} .
 find . -name .gitignore | xargs rm
 

++ docker-1.7.1.tar.bz2 - docker-1.8.1.tar.bz2 ++
/work/SRC/openSUSE:Factory/docker/docker-1.7.1.tar.bz2 
/work/SRC/openSUSE:Factory/.docker.new/docker-1.8.1.tar.bz2 differ: char 11, 
line 1

++ fix-docker-init.patch ++
--- /var/tmp/diff_new_pack.KiTZ8H/_old  2015-08-21 07:42:19.0 +0200
+++ /var/tmp/diff_new_pack.KiTZ8H/_new  2015-08-21 07:42:19.0 +0200
@@ -1,12 +1,10 @@
-Index: docker/hack/make/.dockerinit
-===
 docker.orig/hack/make/.dockerinit
-+++ docker/hack/make/.dockerinit
-@@ -29,5 +29,7 @@ else
+diff -Naur a/hack/make/.dockerinit b/hack/make/.dockerinit
+--- a/hack/make/.dockerinit2015-08-11 18:35:27.0 +0200
 b/hack/make/.dockerinit2015-08-12 18:14:25.743452565 +0200
+@@ -29,5 +29,6 @@
exit 1
  fi
  
 +/usr/bin/strip -s $DEST/dockerinit-$VERSION
-+
  # sha1 our new dockerinit to ensure separate docker and dockerinit always run 
in a perfect pair compiled for one another
  export DOCKER_INITSHA1=$($sha1sum $DEST/dockerinit-$VERSION | cut -d' ' -f1)

++ ignore-dockerinit-checksum.patch ++
--- /var/tmp/diff_new_pack.KiTZ8H/_old  2015-08-21 07:42:19.0 +0200
+++ /var/tmp/diff_new_pack.KiTZ8H/_new  2015-08-21 07:42:19.0 +0200
@@ -1,5 +1,6 @@
 utils/utils.go
-+++ utils/utils.go
+diff -Naur a/utils/utils.go b/utils/utils.go
+--- a/utils/utils.go   2015-08-11 18:35:27.0 +0200
 b/utils/utils.go   2015-08-12 18:06:47.930445696 +0200
 @@ -76,7 +76,7 @@
}
return os.SameFile(targetFileInfo, selfPathFileInfo)
@@ -8,4 +9,4 @@
 +  return true
  }
  
- // Figure out the path of our dockerinit (which may be SelfPath())
+ // DockerInitPath figures out the path of our dockerinit (which may be 
SelfPath())

++ libcontainer-apparmor-fixes.patch ++
--- /var/tmp/diff_new_pack.KiTZ8H/_old  2015-08-21 07:42:19.0 +0200
+++ /var/tmp/diff_new_pack.KiTZ8H/_new  2015-08-21 07:42:19.0 +0200
@@ -1,12 +1,11 @@
-Index: docker/vendor/src/github.com/docker/libcontainer/apparmor/gen.go
-===
 docker.orig/vendor/src/github.com/docker/libcontainer/apparmor/gen.go
-+++ docker/vendor/src/github.com/docker/libcontainer/apparmor/gen.go
-@@ -25,7 +25,6 @@ profile {{.Name}} flags=(attach_disconne
-   network,
-   capability,
-   file,
--  umount,
+diff -Naur a/contrib/apparmor/docker-engine b/contrib/apparmor/docker-engine
+--- a/contrib/apparmor/docker-engine   2015-08-11 18:35:27.0 +0200
 b/contrib/apparmor/docker-engine   2015-08-12 18:05:07.608444190 +0200
+@@ -13,7 +13,6 @@
+   mount - /sys/**,
+   mount - /run/docker/netns/**,
  

commit docker for openSUSE:Factory

2015-07-24 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2015-07-25 07:44:33

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is docker

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2015-07-23 
15:23:11.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2015-07-25 
07:44:34.0 +0200
@@ -1,0 +2,8 @@
+Fri Jul 24 14:24:16 UTC 2015 - jmassaguer...@suse.com
+
+- Exclude archs where docker does not build. Otherwise it gets into
+  and infinite loop when building.
+
+  We'll fix that later if we want to release for those archs. 
+
+---



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.j6fEof/_old  2015-07-25 07:44:35.0 +0200
+++ /var/tmp/diff_new_pack.j6fEof/_new  2015-07-25 07:44:35.0 +0200
@@ -83,6 +83,9 @@
 PreReq: %fillup_prereq
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 ExcludeArch:%ix86
+ExcludeArch:s390
+ExcludeArch:s390x
+ExcludeArch:ppc
 
 %description
 Docker complements LXC with a high-level API which operates at the process




commit docker for openSUSE:Factory

2015-07-23 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2015-07-23 15:23:08

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is docker

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2015-07-14 
17:44:51.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2015-07-23 
15:23:11.0 +0200
@@ -1,0 +2,29 @@
+Wed Jul 15 08:11:11 UTC 2015 - jmassaguer...@suse.com
+
+- Update to 1.7.1 (2015-07-14) (bnc#938156)
+Runtime
+
+Fix default user spawning exec process with docker exec
+Make --bridge=none not to configure the network bridge
+Publish networking stats properly
+Fix implicit devicemapper selection with static binaries
+Fix socket connections that hung intermittently
+Fix bridge interface creation on CentOS/RHEL 6.6
+Fix local dns lookups added to resolv.conf
+Fix copy command mounting volumes
+Fix read/write privileges in volumes mounted with --volumes-from
+
+Remote API
+
+Fix unmarshalling of Command and Entrypoint
+Set limit for minimum client version supported
+Validate port specification
+Return proper errors when attach/reattach fail
+
+Distribution
+
+Fix pulling private images
+Fix fallback between registry V2 and V1
+ 
+
+---

Old:

  docker-1.7.0.tar.bz2

New:

  docker-1.7.1.tar.bz2



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.BU1vPl/_old  2015-07-23 15:23:13.0 +0200
+++ /var/tmp/diff_new_pack.BU1vPl/_new  2015-07-23 15:23:13.0 +0200
@@ -16,10 +16,10 @@
 #
 
 
-%define git_version 0baf609
+%define git_version 786b29d
 %define go_arches %ix86 x86_64
 Name:   docker
-Version:1.7.0
+Version:1.7.1
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0
@@ -59,6 +59,7 @@
 %else
 BuildRequires:  gcc5-go = 5.0
 %endif
+BuildRequires:  fdupes
 BuildRequires:  libapparmor-devel
 BuildRequires:  libbtrfs-devel = 3.8
 BuildRequires:  procps
@@ -134,7 +135,7 @@
 Test package for docker. It contains the source code and the tests.
 
 %prep
-%setup -q -n docker
+%setup -q -n docker-%{version}
 %patch0 -p1
 %patch1 -p1
 %ifnarch %go_arches
@@ -212,6 +213,8 @@
 install -p -m 644 man/man5/Dockerfile.5 %{buildroot}%{_mandir}/man5
 %endif
 
+%fdupes %{buildroot}
+
 %pre
 echo creating group docker...
 groupadd -r docker 2/dev/null || :
@@ -233,7 +236,6 @@
 %{_bindir}/docker
 %{_sbindir}/rcdocker
 %{_prefix}/lib/docker/
-%{_prefix}/lib/docker/dockerinit
 %{_unitdir}/%{name}.service
 %{_unitdir}/%{name}.socket
 %{_prefix}/lib/udev/rules.d/80-%{name}.rules

++ docker-1.7.0.tar.bz2 - docker-1.7.1.tar.bz2 ++
/work/SRC/openSUSE:Factory/docker/docker-1.7.0.tar.bz2 
/work/SRC/openSUSE:Factory/.docker.new/docker-1.7.1.tar.bz2 differ: char 11, 
line 1




commit docker for openSUSE:Factory

2015-07-14 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2015-07-14 17:43:43

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is docker

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2015-05-28 
09:56:16.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2015-07-14 
17:44:51.0 +0200
@@ -1,0 +2,79 @@
+Fri Jul 10 11:22:00 UTC 2015 - jmassaguer...@suse.com
+
+- Exclude init scripts other than systemd from the test-package 
+
+---
+Wed Jul  1 12:38:50 UTC 2015 - jmassaguer...@suse.com
+
+- Exclude intel 32 bits arch. Docker does not built on that. Let's
+  make it explicit. 
+
+---
+Thu Jun 25 16:49:59 UTC 2015 - dmuel...@suse.com
+
+- rediff ignore-dockerinit-checksum.patch, gcc-go-build-static-libgo.patch
+  to make them apply again.
+- introduce go_arches for architectures that use the go compiler
+  instead of gcc-go
+- add docker-netns-aarch64.patch: Add support for AArch64
+- enable build for aarch64
+
+---
+Wed Jun 24 09:02:03 UTC 2015 - fcaste...@suse.com
+
+- Build man pages only on platforms where gc compiler is available.
+
+---
+Mon Jun 22 08:48:11 UTC 2015 - fcaste...@suse.com
+
+- Updated to 1.7.0 (2015-06-16) - bnc#935570
+  * Runtime
+- Experimental feature: support for out-of-process volume plugins
+- The userland proxy can be disabled in favor of hairpin NAT using the 
daemon’s `--userland-proxy=false` flag
+- The `exec` command supports the `-u|--user` flag to specify the new 
process owner
+- Default gateway for containers can be specified daemon-wide using the 
`--default-gateway` and `--default-gateway-v6` flags
+- The CPU CFS (Completely Fair Scheduler) quota can be set in `docker run` 
using `--cpu-quota`
+- Container block IO can be controlled in `docker run` 
using`--blkio-weight`
+- ZFS support
+- The `docker logs` command supports a `--since` argument
+- UTS namespace can be shared with the host with `docker run --uts=host`
+  * Quality
+- Networking stack was entirely rewritten as part of the libnetwork effort
+- Engine internals refactoring
+- Volumes code was entirely rewritten to support the plugins effort
+- Sending SIGUSR1 to a daemon will dump all goroutines stacks without 
exiting
+  * Build
+- Support ${variable:-value} and ${variable:+value} syntax for environment 
variables
+- Support resource management flags `--cgroup-parent`, `--cpu-period`, 
`--cpu-quota`, `--cpuset-cpus`, `--cpuset-mems`
+- git context changes with branches and directories
+- The .dockerignore file support exclusion rules
+  * Distribution
+- Client support for v2 mirroring support for the official registry
+  * Bugfixes
+- Firewalld is now supported and will automatically be used when available
+- mounting --device recursively
+- Patch 0002-Stripped-dockerinit-binary.patch renamed to fix-docker-init.patch
+  and fixed to build with latest version of docker
+
+---
+Tue Jun  9 16:35:46 UTC 2015 - jmassaguer...@suse.com
+
+- Add test subpackage and fix line numbers in patches 
+
+---
+Fri Jun  5 15:29:45 UTC 2015 - fcaste...@suse.com
+
+- Fixed ppc64le name inside of spec file
+
+---
+Fri Jun  5 15:23:47 UTC 2015 - fcaste...@suse.com
+
+- Build docker on PPC and S390x using gcc-go provided by gcc5
+  * added sysconfig.docker.ppc64le: make docker daemon start on ppc64le
+despite some iptables issues. To be removed soon
+  * ignore-dockerinit-checksum.patch: applied only when building with
+gcc-go. Required to workaround a limitation of gcc-go
+  * gcc-go-build-static-libgo.patch: used only when building with gcc-go,
+link libgo statically into docker itself.
+
+---

Old:

  0002-Stripped-dockerinit-binary.patch
  docker-1.6.2.tar.bz2

New:

  docker-1.7.0.tar.bz2
  docker-netns-aarch64.patch
  fix-docker-init.patch
  gcc-go-build-static-libgo.patch
  ignore-dockerinit-checksum.patch
  sysconfig.docker.ppc64le



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.vzmK2B/_old  2015-07-14 17:44:53.0 +0200
+++ /var/tmp/diff_new_pack.vzmK2B/_new  2015-07-14 

commit docker for openSUSE:Factory

2015-05-28 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2015-05-28 09:56:15

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is docker

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2015-05-26 
12:33:40.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2015-05-28 
09:56:16.0 +0200
@@ -1,0 +2,5 @@
+Wed May 27 10:02:51 UTC 2015 - dmacvi...@suse.de
+
+- build and install man pages
+
+---



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.Uesrn7/_old  2015-05-28 09:56:17.0 +0200
+++ /var/tmp/diff_new_pack.Uesrn7/_new  2015-05-28 09:56:17.0 +0200
@@ -44,6 +44,7 @@
 BuildRequires:  device-mapper-devel = 1.2.68
 BuildRequires:  glibc-devel-static
 BuildRequires:  go = 1.3
+BuildRequires:  go-go-md2man
 BuildRequires:  libapparmor-devel
 BuildRequires:  libbtrfs-devel = 3.8
 BuildRequires:  procps
@@ -108,6 +109,7 @@
 export DOCKER_BUILDTAGS=exclude_graphdriver_aufs apparmor selinux
 export DOCKER_GITCOMMIT=%{git_version}
 ./hack/make.sh dynbinary
+docs/man/md2man-all.sh
 
 %install
 install -d %{buildroot}%{go_contribdir}
@@ -139,6 +141,12 @@
 # sysconfig file
 install -D -m 644 %SOURCE4 
%{buildroot}/var/adm/fillup-templates/sysconfig.docker
 
+# install manpages
+install -d %{buildroot}%{_mandir}/man1
+install -p -m 644 docs/man/man1/*.1 %{buildroot}%{_mandir}/man1
+install -d %{buildroot}%{_mandir}/man5
+install -p -m 644 docs/man/man5/Dockerfile.5 %{buildroot}%{_mandir}/man5
+
 %pre
 echo creating group docker...
 groupadd -r docker 2/dev/null || :
@@ -165,6 +173,9 @@
 %{_unitdir}/%{name}.socket
 %{_prefix}/lib/udev/rules.d/80-%{name}.rules
 /var/adm/fillup-templates/sysconfig.docker
+%{_mandir}/man1/docker-*.1.gz
+%{_mandir}/man1/docker.1.gz
+%{_mandir}/man5/Dockerfile.5.gz
 
 %files bash-completion
 %defattr(-,root,root)




commit docker for openSUSE:Factory

2015-05-26 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2015-05-26 12:33:39

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is docker

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2015-05-15 
07:44:53.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2015-05-26 
12:33:40.0 +0200
@@ -1,0 +2,6 @@
+Mon May 18 15:08:59 UTC 2015 - fcaste...@suse.com
+
+- Update to version 1.6.2 (2015-05-13) [bnc#931301]
+  * Revert change prohibiting mounting into /sys
+
+---

Old:

  docker-1.6.1.tar.bz2

New:

  docker-1.6.2.tar.bz2



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.9pcD0e/_old  2015-05-26 12:33:41.0 +0200
+++ /var/tmp/diff_new_pack.9pcD0e/_new  2015-05-26 12:33:41.0 +0200
@@ -16,9 +16,9 @@
 #
 
 
-%define git_version 97cd073
+%define git_version 7c8fca2
 Name:   docker
-Version:1.6.1
+Version:1.6.2
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0

++ docker-1.6.1.tar.bz2 - docker-1.6.2.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/docker/.pc/.quilt_patches 
new/docker/.pc/.quilt_patches
--- old/docker/.pc/.quilt_patches   1970-01-01 01:00:00.0 +0100
+++ new/docker/.pc/.quilt_patches   2015-05-08 16:54:25.0 +0200
@@ -0,0 +1 @@
+patches
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/docker/.pc/.quilt_series new/docker/.pc/.quilt_series
--- old/docker/.pc/.quilt_series1970-01-01 01:00:00.0 +0100
+++ new/docker/.pc/.quilt_series2015-05-08 16:54:25.0 +0200
@@ -0,0 +1 @@
+series
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/docker/.pc/.version new/docker/.pc/.version
--- old/docker/.pc/.version 1970-01-01 01:00:00.0 +0100
+++ new/docker/.pc/.version 2015-05-08 16:54:25.0 +0200
@@ -0,0 +1 @@
+2
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/docker/.pc/0002-Stripped-dockerinit-binary.patch/hack/make/.dockerinit 
new/docker/.pc/0002-Stripped-dockerinit-binary.patch/hack/make/.dockerinit
--- old/docker/.pc/0002-Stripped-dockerinit-binary.patch/hack/make/.dockerinit  
1970-01-01 01:00:00.0 +0100
+++ new/docker/.pc/0002-Stripped-dockerinit-binary.patch/hack/make/.dockerinit  
2015-05-08 16:27:14.0 +0200
@@ -0,0 +1,33 @@
+#!/bin/bash
+set -e
+
+IAMSTATIC=true
+source $(dirname $BASH_SOURCE)/.go-autogen
+
+# dockerinit still needs to be a static binary, even if docker is dynamic
+go build \
+   -o $DEST/dockerinit-$VERSION \
+   ${BUILDFLAGS[@]} \
+   -ldflags 
+   $LDFLAGS
+   $LDFLAGS_STATIC
+   -extldflags \$EXTLDFLAGS_STATIC\
+\
+   ./dockerinit
+
+echo Created binary: $DEST/dockerinit-$VERSION
+ln -sf dockerinit-$VERSION $DEST/dockerinit
+
+sha1sum=
+if command -v sha1sum  /dev/null; then
+   sha1sum=sha1sum
+elif command -v shasum  /dev/null; then
+   # Mac OS X - why couldn't they just use the same command name and be 
happy?
+   sha1sum=shasum
+else
+   echo 2 'error: cannot find sha1sum command or equivalent'
+   exit 1
+fi
+
+# sha1 our new dockerinit to ensure separate docker and dockerinit always run 
in a perfect pair compiled for one another
+export DOCKER_INITSHA1=$($sha1sum $DEST/dockerinit-$VERSION | cut -d' ' -f1)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/docker/.pc/applied-patches 
new/docker/.pc/applied-patches
--- old/docker/.pc/applied-patches  1970-01-01 01:00:00.0 +0100
+++ new/docker/.pc/applied-patches  2015-05-08 16:54:31.0 +0200
@@ -0,0 +1,2 @@
+0002-Stripped-dockerinit-binary.patch
+libcontainer-apparmor-fixes.patch
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/docker/.pc/libcontainer-apparmor-fixes.patch/vendor/src/github.com/docker/libcontainer/apparmor/gen.go
 
new/docker/.pc/libcontainer-apparmor-fixes.patch/vendor/src/github.com/docker/libcontainer/apparmor/gen.go
--- 
old/docker/.pc/libcontainer-apparmor-fixes.patch/vendor/src/github.com/docker/libcontainer/apparmor/gen.go
  1970-01-01 01:00:00.0 +0100
+++ 
new/docker/.pc/libcontainer-apparmor-fixes.patch/vendor/src/github.com/docker/libcontainer/apparmor/gen.go
  2015-05-08 16:54:31.0 +0200
@@ -0,0 +1,81 @@
+package apparmor
+

commit docker for openSUSE:Factory

2015-05-14 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2015-05-15 07:44:24

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is docker

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2015-04-10 
09:50:52.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2015-05-15 
07:44:53.0 +0200
@@ -1,0 +2,43 @@
+Fri May  8 15:00:38 UTC 2015 - fcaste...@suse.com
+
+Updated to version 1.6.1 (2015-05-07) [bnc#930235]
+  * Security
+- Fix read/write /proc paths (CVE-2015-3630)
+- Prohibit VOLUME /proc and VOLUME / (CVE-2015-3631)
+- Fix opening of file-descriptor 1 (CVE-2015-3627)
+- Fix symlink traversal on container respawn allowing local privilege 
escalation (CVE-2015-3629)
+- Prohibit mount of /sys
+  * Runtime
+- Update Apparmor policy to not allow mounts
+- Updated libcontainer-apparmor-fixes.patch: adapt patch to reflect
+  changes introduced by docker 1.6.1
+
+---
+Thu May  7 13:33:03 UTC 2015 - devel...@develop7.info
+
+- Get rid of SocketUser and SocketGroup workarounds for docker.socket
+
+---
+Fri Apr 17 14:02:13 UTC 2015 - fcaste...@suse.com
+
+- Updated to version 1.6.0 (2015-04-07) [bnc#908033]
+  * Builder:
++ Building images from an image ID
++ build containers with resource constraints, ie `docker build 
--cpu-shares=100 --memory=1024m...`
++ `commit --change` to apply specified Dockerfile instructions while 
committing the image
++ `import --change` to apply specified Dockerfile instructions while 
importing the image
++ basic build cancellation
+  * Client:
++ Windows Support
+  * Runtime:
++ Container and image Labels
++ `--cgroup-parent` for specifying a parent cgroup to place container 
cgroup within
++ Logging drivers, `json-file`, `syslog`, or `none`
++ Pulling images by ID
++ `--ulimit` to set the ulimit on a container
++ `--default-ulimit` option on the daemon which applies to all created 
containers (and overwritten by `--ulimit` on run)
+- Updated '0002-Stripped-dockerinit-binary.patch' to reflect changes inside of
+  the latest version of Docker.
+- bnc#908033: support of Docker Registry API v2.
+
+---

Old:

  docker-1.5.0.tar.bz2

New:

  docker-1.6.1.tar.bz2
  docker_systemd_lt_214.socket



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.Eu2UJ7/_old  2015-05-15 07:44:54.0 +0200
+++ /var/tmp/diff_new_pack.Eu2UJ7/_new  2015-05-15 07:44:54.0 +0200
@@ -16,9 +16,9 @@
 #
 
 
-%define git_version a8a31ef
+%define git_version 97cd073
 Name:   docker
-Version:1.5.0
+Version:1.6.1
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0
@@ -28,7 +28,13 @@
 Source1:docker.service
 Source3:80-docker.rules
 Source4:sysconfig.docker
+
+%if 0%{?suse_version}  1320
 Source5:docker.socket
+%else
+Source5:docker_systemd_lt_214.socket
+%endif
+
 Source6:docker-rpmlintrc
 Source7:README_SUSE.md
 Patch0: 0002-Stripped-dockerinit-binary.patch

++ 0002-Stripped-dockerinit-binary.patch ++
--- /var/tmp/diff_new_pack.Eu2UJ7/_old  2015-05-15 07:44:54.0 +0200
+++ /var/tmp/diff_new_pack.Eu2UJ7/_new  2015-05-15 07:44:54.0 +0200
@@ -15,10 +15,10 @@
  hack/make/dynbinary | 1 +
  1 file changed, 1 insertion(+)
 
-Index: docker/project/make/.dockerinit
+Index: docker/hack/make/.dockerinit
 ===
 docker.orig/project/make/.dockerinit
-+++ docker/project/make/.dockerinit
+--- docker.orig/hack/make/.dockerinit
 docker/hack/make/.dockerinit
 @@ -25,5 +25,7 @@ else
exit 1
  fi

++ docker-1.5.0.tar.bz2 - docker-1.6.1.tar.bz2 ++
 102449 lines of diff (skipped)

++ docker.socket ++
--- /var/tmp/diff_new_pack.Eu2UJ7/_old  2015-05-15 07:44:56.0 +0200
+++ /var/tmp/diff_new_pack.Eu2UJ7/_new  2015-05-15 07:44:56.0 +0200
@@ -5,12 +5,8 @@
 [Socket]
 ListenStream=/var/run/docker.sock
 SocketMode=0660
-# TODO: Get rid of workaround below after adopting systemd 214+ by oS Factory
-# Socket(User|Group) are available as of systemd 214+
-#SocketUser=root
-#SocketGroup=docker
-# Fix owner manually
-ExecStartPost=/usr/bin/chown root:docker /var/run/docker.sock
+SocketUser=root
+SocketGroup=docker
 
 [Install]
 WantedBy=sockets.target

++ docker_systemd_lt_214.socket 

commit docker for openSUSE:Factory

2015-02-18 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2015-02-18 20:36:53

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is docker

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2015-01-22 
21:50:20.0 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2015-02-18 
20:36:55.0 +0100
@@ -1,0 +2,58 @@
+Wed Feb 11 13:59:01 UTC 2015 - fcaste...@suse.com
+
+ - Updated to 1.5.0 (2015-02-10):
+  * Builder:
+- Dockerfile to use for a given `docker build` can be specified with
+  the `-f` flag
+- Dockerfile and .dockerignore files can be themselves excluded as part
+  of the .dockerignore file, thus preventing modifications to these files
+  invalidating ADD or COPY instructions cache
+- ADD and COPY instructions accept relative paths
+- Dockerfile `FROM scratch` instruction is now interpreted as a no-base
+  specifier
+- Improve performance when exposing a large number of ports
+  * Hack:
+- Allow client-side only integration tests for Windows
+- Include docker-py integration tests against Docker daemon as part of our
+  test suites
+  * Packaging:
+- Support for the new version of the registry HTTP API
+- Speed up `docker push` for images with a majority of already existing
+  layers
+- Fixed contacting a private registry through a proxy
+  * Remote API:
+- A new endpoint will stream live container resource metrics and can be
+  accessed with the `docker stats` command
+- Containers can be renamed using the new `rename` endpoint and the
+  associated `docker rename` command
+- Container `inspect` endpoint show the ID of `exec` commands running in
+  this container
+- Container `inspect` endpoint show the number of times Docker
+  auto-restarted the container
+- New types of event can be streamed by the `events` endpoint: ‘OOM’
+  (container died with out of memory), ‘exec_create’, and ‘exec_start'
+- Fixed returned string fields which hold numeric characters incorrectly
+  omitting surrounding double quotes
+  * Runtime:
+- Docker daemon has full IPv6 support
+- The `docker run` command can take the `--pid=host` flag to use the host
+  PID namespace, which makes it possible for example to debug host 
processes
+  using containerized debugging tools
+- The `docker run` command can take the `--read-only` flag to make the
+  container’s root filesystem mounted as readonly, which can be used in
+  combination with volumes to force a container’s processes to only write 
to
+  locations that will be persisted
+- Container total memory usage can be limited for `docker run` using the
+  `—memory-swap` flag
+- Major stability improvements for devicemapper storage driver
+- Better integration with host system: containers will reflect changes
+  to the host's `/etc/resolv.conf` file when restarted
+- Better integration with host system: per-container iptable rules are 
moved
+  to the DOCKER chain
+- Fixed container exiting on out of memory to return an invalid exit code
+  * Other:
+- The HTTP_PROXY, HTTPS_PROXY, and NO_PROXY environment variables are
+  properly taken into account by the client when connecting to the
+  Docker daemon
+
+---

Old:

  docker-1.4.1.tar.bz2

New:

  docker-1.5.0.tar.bz2



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.pC0YoQ/_old  2015-02-18 20:36:56.0 +0100
+++ /var/tmp/diff_new_pack.pC0YoQ/_new  2015-02-18 20:36:56.0 +0100
@@ -16,9 +16,9 @@
 #
 
 
-%define git_version 5bc2ff8
+%define git_version a8a31ef
 Name:   docker
-Version:1.4.1
+Version:1.5.0
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0

++ 0002-Stripped-dockerinit-binary.patch ++
--- /var/tmp/diff_new_pack.pC0YoQ/_old  2015-02-18 20:36:56.0 +0100
+++ /var/tmp/diff_new_pack.pC0YoQ/_new  2015-02-18 20:36:56.0 +0100
@@ -15,18 +15,15 @@
  hack/make/dynbinary | 1 +
  1 file changed, 1 insertion(+)
 
-diff --git a/hack/make/dynbinary b/hack/make/dynbinary
-index 75cffe3..0143a9c 100644
 a/hack/make/dynbinary
-+++ b/hack/make/dynbinary
-@@ -15,6 +15,7 @@ if [ -z $DOCKER_CLIENTONLY ]; then
-   ./dockerinit
-   echo Created binary: $DEST/dockerinit-$VERSION
-   ln -sf dockerinit-$VERSION $DEST/dockerinit
-+  /usr/bin/strip -g $DEST/dockerinit
-   
-   hash_files $DEST/dockerinit-$VERSION
-   
--- 
-1.8.4.5

commit docker for openSUSE:Factory

2015-01-22 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2015-01-22 21:49:38

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is docker

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2014-12-21 
12:04:42.0 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2015-01-22 
21:50:20.0 +0100
@@ -1,0 +2,16 @@
+Thu Jan 15 10:00:07 UTC 2015 - fcaste...@suse.com
+
+- Updated to 1.4.1 (2014-12-15):
+  * Runtime:
+- Fix issue with volumes-from and bind mounts not being honored after
+  create (fixes bnc#913213)
+
+---
+Thu Jan 15 09:41:20 UTC 2015 - fcaste...@suse.com
+
+- Added e2fsprogs as runtime dependency, this is required when the
+  devicemapper driver is used. (bnc#913211).
+- Fixed owner  group for docker.socket (thanks to Andrei Dziahel and
+  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752555#5)
+
+---

Old:

  docker-1.4.0.tar.bz2

New:

  docker-1.4.1.tar.bz2



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.WuuYwK/_old  2015-01-22 21:50:21.0 +0100
+++ /var/tmp/diff_new_pack.WuuYwK/_new  2015-01-22 21:50:21.0 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package docker
 #
-# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -16,9 +16,9 @@
 #
 
 
-%define git_version 4595d4f
+%define git_version 5bc2ff8
 Name:   docker
-Version:1.4.0
+Version:1.4.1
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0
@@ -47,6 +47,8 @@
 Requires:   apparmor-parser
 Requires:   bridge-utils
 Requires:   ca-certificates-mozilla
+# Provides mkfs.ext4 - used by Docker when devicemapper storage driver is used
+Requires:   e2fsprogs
 Requires:   git-core = 1.7
 Requires:   iproute2 = 3.5
 Requires:   iptables = 1.4

++ docker-1.4.0.tar.bz2 - docker-1.4.1.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/docker/CHANGELOG.md new/docker/CHANGELOG.md
--- old/docker/CHANGELOG.md 2014-12-12 17:09:40.0 +0100
+++ new/docker/CHANGELOG.md 2015-01-15 10:59:21.0 +0100
@@ -1,5 +1,10 @@
 # Changelog
 
+## 1.4.1 (2014-12-15)
+
+ Runtime
+- Fix issue with volumes-from and bind mounts not being honored after create
+
 ## 1.4.0 (2014-12-11)
 
  Notable Features since 1.3.0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/docker/VERSION new/docker/VERSION
--- old/docker/VERSION  2014-12-12 17:09:42.0 +0100
+++ new/docker/VERSION  2015-01-15 10:59:22.0 +0100
@@ -1 +1 @@
-1.4.0
+1.4.1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/docker/daemon/volumes.go new/docker/daemon/volumes.go
--- old/docker/daemon/volumes.go2014-12-12 17:09:40.0 +0100
+++ new/docker/daemon/volumes.go2015-01-15 10:59:21.0 +0100
@@ -24,6 +24,7 @@
volume  *volumes.Volume
Writablebool
copyDatabool
+   from*Container
 }
 
 func (mnt *Mount) Export(resource string) (io.ReadCloser, error) {
@@ -42,9 +43,6 @@
if container.Volumes == nil || len(container.Volumes) == 0 {
container.Volumes = make(map[string]string)
container.VolumesRW = make(map[string]bool)
-   if err := container.applyVolumesFrom(); err != nil {
-   return err
-   }
}
 
return container.createVolumes()
@@ -73,13 +71,27 @@
}
}
 
-   return nil
+   // On every start, this will apply any new `VolumesFrom` entries passed 
in via HostConfig, which may override volumes set in `create`
+   return container.applyVolumesFrom()
 }
 
 func (m *Mount) initialize() error {
// No need to initialize anything since it's already been initialized
-   if _, exists := m.container.Volumes[m.MountToPath]; exists {
-   return nil
+   if hostPath, exists := m.container.Volumes[m.MountToPath]; exists {
+   // If this is a bind-mount/volumes-from, maybe it was passed in 
at start instead of create
+   // We need to make sure bind-mounts/volumes-from passed on 
start can 

commit docker for openSUSE:Factory

2014-12-21 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2014-12-21 12:05:02

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is docker

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2014-12-03 
22:49:18.0 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2014-12-21 
12:04:42.0 +0100
@@ -1,0 +2,26 @@
+Fri Dec 12 16:13:30 UTC 2014 - fcaste...@suse.com
+
+- Updated to 1.4.0 (2014-12-11):
+  * Notable Features since 1.3.0:
+- Set key=value labels to the daemon (displayed in `docker info`), applied 
with
+  new `-label` daemon flag
+- Add support for `ENV` in Dockerfile of the form: 
+  `ENV name=value name2=value2...`
+- New Overlayfs Storage Driver
+- `docker info` now returns an `ID` and `Name` field
+- Filter events by event name, container, or image
+- `docker cp` now supports copying from container volumes
+- Fixed `docker tag`, so it honors `--force` when overriding a tag for 
existing
+  image.
+- Changes introduced by 1.3.3 (2014-12-11):
+  * Security:
+- Fix path traversal vulnerability in processing of absolute symbolic 
links (CVE-2014-9356) - (bnc#909709)
+- Fix decompression of xz image archives, preventing privilege escalation 
(CVE-2014-9357) - (bnc#909710)
+- Validate image IDs (CVE-2014-9358) - (bnc#909712)
+  * Runtime:
+- Fix an issue when image archives are being read slowly
+  * Client:
+- Fix a regression related to stdin redirection
+- Fix a regression with `docker cp` when destination is the current 
directory
+
+---

Old:

  docker-1.3.2.tar.bz2

New:

  docker-1.4.0.tar.bz2



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.WzjyEX/_old  2014-12-21 12:04:44.0 +0100
+++ /var/tmp/diff_new_pack.WzjyEX/_new  2014-12-21 12:04:44.0 +0100
@@ -16,9 +16,9 @@
 #
 
 
-%define git_version 39fa2fa
+%define git_version 4595d4f
 Name:   docker
-Version:1.3.2
+Version:1.4.0
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0

++ docker-1.3.2.tar.bz2 - docker-1.4.0.tar.bz2 ++
 46218 lines of diff (skipped)

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit docker for openSUSE:Factory

2014-12-03 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2014-12-03 22:48:32

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is docker

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2014-11-10 
17:28:43.0 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2014-12-03 
22:49:18.0 +0100
@@ -1,0 +2,19 @@
+Wed Nov 26 11:27:06 UTC 2014 - fcaste...@suse.com
+
+- Updated to 1.3.2 (2014-11-20) - fixes bnc#907012 (CVE-2014-6407) and
+  bnc#907014 (CVE-2014-6408)
+  * Security:
+- Fix tar breakout vulnerability
+- Extractions are now sandboxed chroot
+- Security options are no longer committed to images
+  * Runtime:
+- Fix deadlock in `docker ps -f exited=1`
+- Fix a bug when `--volumes-from` references a container that failed to 
start
+  * Registry:
+- `--insecure-registry` now accepts CIDR notation such as 10.1.0.0/16
+- Private registries whose IPs fall in the 127.0.0.0/8 range do no need
+  the `--insecure-registry` flag
+- Skip the experimental registry v2 API when mirroring is enabled
+- Fixed minor packaging issues.
+
+---

Old:

  docker-1.3.1.tar.bz2

New:

  docker-1.3.2.tar.bz2



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.GCfmxw/_old  2014-12-03 22:49:20.0 +0100
+++ /var/tmp/diff_new_pack.GCfmxw/_new  2014-12-03 22:49:20.0 +0100
@@ -16,9 +16,9 @@
 #
 
 
-%define git_version 4e9bbfa
+%define git_version 39fa2fa
 Name:   docker
-Version:1.3.1
+Version:1.3.2
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0
@@ -121,6 +121,7 @@
 #
 install -D -m 0644 %SOURCE1 %{buildroot}%{_unitdir}/%{name}.service
 install -D -m 0644 %SOURCE5 %{buildroot}%{_unitdir}/%{name}.socket
+ln -sf /sbin/service $RPM_BUILD_ROOT/usr/sbin/rcdocker
 
 #
 # udev rules that prevents dolphin to show all docker devices and slows down
@@ -135,22 +136,23 @@
 %pre
 echo creating group docker...
 groupadd -r docker 2/dev/null || :
-%service_add_pre %{name}.service
+%service_add_pre %{name}.service %{name}.socket
 
 %post
-%service_add_post %{name}.service
+%service_add_post %{name}.service %{name}.socket
 %{fillup_only -n docker}
 
 %preun
-%service_del_preun %{name}.service
+%service_del_preun %{name}.service %{name}.socket
 
 %postun
-%service_del_postun %{name}.service
+%service_del_postun %{name}.service %{name}.socket
 
 %files
 %defattr(-,root,root)
 %doc README.md LICENSE README_SUSE.md
 %{_bindir}/docker
+%{_sbindir}/rcdocker
 %{_prefix}/lib/docker/
 %{_prefix}/lib/docker/dockerinit
 %{_unitdir}/%{name}.service

++ docker-1.3.1.tar.bz2 - docker-1.3.2.tar.bz2 ++
 2668 lines of diff (skipped)

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit docker for openSUSE:Factory

2014-11-10 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2014-11-10 17:28:33

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is docker

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2014-10-29 
21:10:14.0 +0100
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2014-11-10 
17:28:43.0 +0100
@@ -1,0 +2,21 @@
+Fri Oct 31 08:54:47 UTC 2014 - fcaste...@suse.com
+
+- Updated to version 1.3.1 2014-10-28)
+  * Security:
+- Prevent fallback to SSL protocols  TLS 1.0 for client, daemon and
+  registry [CVE-2014-5277]
+- Secure HTTPS connection to registries with certificate verification and
+  without HTTP fallback unless `--insecure-registry` is specified
+  * Runtime:
+- Fix issue where volumes would not be shared
+  * Client:
+- Fix issue with `--iptables=false` not automatically
+  setting `--ip-masq=false`
+- Fix docker run output to non-TTY stdout
+  * Builder:
+- Fix escaping `$` for environment variables
+- Fix issue with lowercase `onbuild` Dockerfile instruction
+- Restrict envrionment variable expansion to `ENV`, `ADD`, `COPY`,
+  `WORKDIR`, `EXPOSE`, `VOLUME` and `USER`
+
+---

Old:

  docker-1.3.0.tar.bz2

New:

  docker-1.3.1.tar.bz2



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.L5KiAi/_old  2014-11-10 17:28:44.0 +0100
+++ /var/tmp/diff_new_pack.L5KiAi/_new  2014-11-10 17:28:44.0 +0100
@@ -16,10 +16,9 @@
 #
 
 
-%define git_version c78088f
-
+%define git_version 4e9bbfa
 Name:   docker
-Version:1.3.0
+Version:1.3.1
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0

++ docker-1.3.0.tar.bz2 - docker-1.3.1.tar.bz2 ++
 2009 lines of diff (skipped)

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit docker for openSUSE:Factory

2014-10-29 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2014-10-29 21:09:54

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is docker

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2014-09-12 
17:06:01.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2014-10-29 
21:10:14.0 +0100
@@ -1,0 +2,15 @@
+Mon Oct 20 08:38:30 UTC 2014 - fcaste...@suse.com
+
+  - Upgraded to version 1.3.0 (2014-10-14)
+* docker `exec` allows you to run additional processes inside existing 
containers
+* docker `create` gives you the ability to create a container via the cli 
without executing a process
+* `--security-opts` options to allow user to customize container labels 
and apparmor profiles
+* docker `ps` filters
+* wildcard support to copy/add
+* move production urls to get.docker.com from get.docker.io
+* allocate ip address on the bridge inside a valid cidr
+* use drone.io for pr and ci testing
+* ability to setup an official registry mirror
+* Ability to save multiple images with docker `save`
+
+---

Old:

  docker-1.2.0.tar.bz2

New:

  docker-1.3.0.tar.bz2



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.w7qKXj/_old  2014-10-29 21:10:15.0 +0100
+++ /var/tmp/diff_new_pack.w7qKXj/_new  2014-10-29 21:10:15.0 +0100
@@ -16,10 +16,10 @@
 #
 
 
-%define git_version fa7b24f
+%define git_version c78088f
 
 Name:   docker
-Version:1.2.0
+Version:1.3.0
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0

++ docker-1.2.0.tar.bz2 - docker-1.3.0.tar.bz2 ++
/work/SRC/openSUSE:Factory/docker/docker-1.2.0.tar.bz2 
/work/SRC/openSUSE:Factory/.docker.new/docker-1.3.0.tar.bz2 differ: char 11, 
line 1

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit docker for openSUSE:Factory

2014-09-12 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2014-09-12 10:03:38

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is docker

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2014-09-01 
16:59:55.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2014-09-12 
10:04:04.0 +0200
@@ -1,0 +2,5 @@
+Thu Sep  4 15:41:39 UTC 2014 - fcaste...@suse.com
+
+- Updates to SUSE's readme file.
+
+---



Other differences:
--
++ README_SUSE.md ++
--- /var/tmp/diff_new_pack.AGLZft/_old  2014-09-12 10:04:06.0 +0200
+++ /var/tmp/diff_new_pack.AGLZft/_new  2014-09-12 10:04:06.0 +0200
@@ -106,19 +106,40 @@
 
 ## Storage drivers
 
-Docker images are made by series of stacked layers. The recommended driver is
-DeviceMapper one, which is also the default choice.
+Docker supports different storage drivers:
 
-The Docker packages ships also an experimental BTRFS driver. To use this driver
-Docker daemon must run on a BTRFS partition already prepared by the host 
system.
-
-To use the experimental BTRFS driver the Docker daemon must be started with 
this
-command:
+  * `vfs`: this driver is automatically used when the Docker host filesystem
+does not support copy-on-write. This is a simple driver which does not 
offer
+some of the advantages of Docker (like sharing layers, more on that in the
+next sections). It is highly reliable but also slow.
+  * `devicemapper`: this driver relies on the device-mapper thin provisioning
+module. It supports copy-on-write, hence it offers all the advantages of
+Docker.
+  * `btrfs`: this driver relies on Btrfs to provide all the features required
+by Docker. To use this driver the `/var/lib/docker` directory must be on a
+btrfs filesystem.
+  * `AUFS`: this driver relies on AUFS union filesystem. Neither the upstream
+kernel nor the SUSE one supports this filesystem. Hence the AUFS driver is
+not built into the SUSE Docker package.
+
+It is possible to specify which driver to use by changing the value of the
+`DOCKER_OPTS` variable defined inside of the `/etc/sysconfig/docker` file.
+This can be done either manually or using yast; by browsing to:
+  * System
+  * /etc/sysconfig Editor
+  * System
+  * Management
+  * DOCKER_OPTS
+menu and entering the `-s storage_driver` string.
 
+For example, to force the usage of the `devicemapper` driver
+enter the following text:
 ```
-docker -d -s btrfs
+DOCKER_OPTS=-s devicemapper
 ```
 
+It is recommended to have `/var/lib/docker` mounted on a different filesystem
+to not affect the Docker host OS in case of a filesystem corruption.
 
 # Setting up a Docker host
 

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit docker for openSUSE:Factory

2014-09-12 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2014-09-12 17:04:18

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is docker

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2014-09-12 
10:04:04.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2014-09-12 
17:06:01.0 +0200
@@ -1,0 +2,6 @@
+Fri Sep 12 13:21:40 UTC 2014 - cbosdon...@suse.com
+
+- Generated AppArmor profile used mount rules which aren't supported
+  in our version of AppArmor. libcontainer-apparmor-fixes.patch
+
+---

New:

  libcontainer-apparmor-fixes.patch



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.T281KZ/_old  2014-09-12 17:06:02.0 +0200
+++ /var/tmp/diff_new_pack.T281KZ/_new  2014-09-12 17:06:02.0 +0200
@@ -33,6 +33,8 @@
 Source6:docker-rpmlintrc
 Source7:README_SUSE.md
 Patch0: 0002-Stripped-dockerinit-binary.patch
+# PATCH-FIX-OPENSUSE libcontainer-apparmor-fixes.patch -- mount rules aren't 
supported in our apparmor
+Patch1: libcontainer-apparmor-fixes.patch
 BuildRequires:  bash-completion
 BuildRequires:  device-mapper-devel = 1.2.68
 BuildRequires:  glibc-devel-static
@@ -91,6 +93,7 @@
 %prep
 %setup -q -n docker
 %patch0 -p1
+%patch1 -p1
 cp %{SOURCE7} .
 
 %build

++ libcontainer-apparmor-fixes.patch ++
Index: docker/vendor/src/github.com/docker/libcontainer/apparmor/gen.go
===
--- docker.orig/vendor/src/github.com/docker/libcontainer/apparmor/gen.go
+++ docker/vendor/src/github.com/docker/libcontainer/apparmor/gen.go
@@ -25,18 +25,6 @@ profile {{.Name}} flags=(attach_disconne
   network,
   capability,
   file,
-  umount,
-
-  mount fstype=tmpfs,
-  mount fstype=mqueue,
-  mount fstype=fuse.*,
-  mount fstype=binfmt_misc - /proc/sys/fs/binfmt_misc/,
-  mount fstype=efivarfs - /sys/firmware/efi/efivars/,
-  mount fstype=fusectl - /sys/fs/fuse/connections/,
-  mount fstype=securityfs - /sys/kernel/security/,
-  mount fstype=debugfs - /sys/kernel/debug/,
-  mount fstype=proc - /proc/,
-  mount fstype=sysfs - /sys/,
 
   deny @{PROC}/sys/fs/** wklx,
   deny @{PROC}/sysrq-trigger rwklx,
@@ -45,10 +33,6 @@ profile {{.Name}} flags=(attach_disconne
   deny @{PROC}/sys/kernel/[^s][^h][^m]* wklx,
   deny @{PROC}/sys/kernel/*/** wklx,
 
-  deny mount options=(ro, remount) - /,
-  deny mount fstype=debugfs - /var/lib/ureadahead/debugfs/,
-  deny mount fstype=devpts,
-
   deny /sys/[^f]*/** wklx,
   deny /sys/f[^s]*/** wklx,
   deny /sys/fs/[^c]*/** wklx,
-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit docker for openSUSE:Factory

2014-09-01 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2014-09-01 16:59:21

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is docker

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2014-08-16 
15:38:16.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2014-09-01 
16:59:55.0 +0200
@@ -1,0 +2,19 @@
+Mon Aug 25 07:49:48 UTC 2014 - fcaste...@suse.com
+
+- Upgraded to version 1.2.0:
+  * Runtime:
+- Make /etc/hosts /etc/resolv.conf and /etc/hostname editable at runtime
+- Auto-restart containers using policies
+- Use /var/lib/docker/tmp for large temporary files
+- `--cap-add` and `--cap-drop` to tweak what linux capability you want
+- `--device` to use devices in containers
+  * Client:
+- `docker search` on private registries
+- Add `exited` filter to `docker ps --filter`
+- `docker rm -f` now kills instead of stop
+- Support for IPv6 addresses in `--dns` flag
+  * Proxy:
+- Proxy instances in separate processes
+- Small bug fix on UDP proxy
+
+---

Old:

  docker-1.1.2.tar.bz2

New:

  docker-1.2.0.tar.bz2



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.jI5LcC/_old  2014-09-01 16:59:57.0 +0200
+++ /var/tmp/diff_new_pack.jI5LcC/_new  2014-09-01 16:59:57.0 +0200
@@ -16,10 +16,10 @@
 #
 
 
-%define git_version d84a070
+%define git_version fa7b24f
 
 Name:   docker
-Version:1.1.2
+Version:1.2.0
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0
@@ -36,7 +36,7 @@
 BuildRequires:  bash-completion
 BuildRequires:  device-mapper-devel = 1.2.68
 BuildRequires:  glibc-devel-static
-BuildRequires:  go = 1.2
+BuildRequires:  go = 1.3
 BuildRequires:  libapparmor-devel
 BuildRequires:  libbtrfs-devel = 3.8
 BuildRequires:  procps
@@ -96,9 +96,7 @@
 %build
 %{go_disable_brp_strip_static_archive}
 
-export GOPATH=`pwd`/vendor
-mkdir vendor/src/github.com/dotcloud
-ln -s `pwd` vendor/src/github.com/dotcloud/
+export AUTO_GOPATH=1
 export DOCKER_BUILDTAGS=exclude_graphdriver_aufs apparmor selinux
 export DOCKER_GITCOMMIT=%{git_version}
 ./hack/make.sh dynbinary

++ docker-1.1.2.tar.bz2 - docker-1.2.0.tar.bz2 ++
/work/SRC/openSUSE:Factory/docker/docker-1.1.2.tar.bz2 
/work/SRC/openSUSE:Factory/.docker.new/docker-1.2.0.tar.bz2 differ: char 11, 
line 1

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit docker for openSUSE:Factory

2014-08-16 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2014-08-16 15:38:01

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is docker

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2014-08-01 
11:48:32.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2014-08-16 
15:38:16.0 +0200
@@ -1,0 +2,21 @@
+Fri Aug  8 15:31:41 UTC 2014 - fcaste...@suse.com
+
+- Final changes to README_SUSE.md
+
+---
+Fri Aug  8 10:28:48 UTC 2014 - fcaste...@suse.com
+
+- Added other small fixes to README_SUSE.md
+
+---
+Thu Aug  7 14:06:30 UTC 2014 - fcaste...@suse.com
+
+- Small improvements to README_SUSE.md
+
+---
+Thu Aug  7 13:29:30 UTC 2014 - fcaste...@suse.com
+
+- Removed useless sysctl rule.
+- Added README_SUSE.md
+
+---

Old:

  sysctl-docker.conf

New:

  README_SUSE.md



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.YSvcW4/_old  2014-08-16 15:38:17.0 +0200
+++ /var/tmp/diff_new_pack.YSvcW4/_new  2014-08-16 15:38:17.0 +0200
@@ -27,11 +27,11 @@
 Url:http://www.docker.io
 Source: %{name}-%{version}.tar.bz2
 Source1:docker.service
-Source2:sysctl-docker.conf
 Source3:80-docker.rules
 Source4:sysconfig.docker
 Source5:docker.socket
 Source6:docker-rpmlintrc
+Source7:README_SUSE.md
 Patch0: 0002-Stripped-dockerinit-binary.patch
 BuildRequires:  bash-completion
 BuildRequires:  device-mapper-devel = 1.2.68
@@ -91,6 +91,7 @@
 %prep
 %setup -q -n docker
 %patch0 -p1
+cp %{SOURCE7} .
 
 %build
 %{go_disable_brp_strip_static_archive}
@@ -121,8 +122,6 @@
 install -D -m 0644 %SOURCE1 %{buildroot}%{_unitdir}/%{name}.service
 install -D -m 0644 %SOURCE5 %{buildroot}%{_unitdir}/%{name}.socket
 
-install -D -m 0644 %SOURCE2 
%{buildroot}%{_sysconfdir}/sysctl.d/200-%{name}.conf
-
 #
 # udev rules that prevents dolphin to show all docker devices and slows down
 # upstream report https://bugs.kde.org/show_bug.cgi?id=329930
@@ -150,9 +149,8 @@
 
 %files
 %defattr(-,root,root)
-%doc README.md LICENSE
+%doc README.md LICENSE README_SUSE.md
 %{_bindir}/docker
-%config %{_sysconfdir}/sysctl.d/200-docker.conf
 %{_prefix}/lib/docker/
 %{_prefix}/lib/docker/dockerinit
 %{_unitdir}/%{name}.service

++ README_SUSE.md ++
# Abstract

Docker is a lightweight virtualization method to run multiple virtual units
(containers, akin to “chroot”) simultaneously on a single control host.
Containers are isolated with Kernel Control Groups (cgroups) and Kernel 
Namespaces.

Docker provides an operating system-level virtualization where the Kernel
controls the isolated containers. With other full virtualization solutions
like Xen, KVM, or libvirt the processor simulates a complete hardware
environment and controls its virtual machines.

# Terminology

## chroot

A change root (chroot, or change root jail) is a section in the file system
which is isolated from the rest of the file system. For this purpose, the chroot
command is used to change the root of the file system. A program which is
executed in such a “chroot jail” cannot access files outside the designated
directory tree.

## cgroups

Kernel Control Groups (commonly referred to as just “cgroups”) are a Kernel
feature that allows aggregating or partitioning tasks (processes) and all their
children into hierarchical organized groups to isolate resources.

## Image

A virtual machine on the host server that can run any Linux system, for
example openSUSE, SUSE Linux Enterprise Desktop, or SUSE Linux Enterprise 
Server.

A Docker image is made by a series of layers built one over the other. Each 
layer
corresponds to a permanent change committed from a container to the image.

For more details checkout [Docker's official 
documentation](http://docs.docker.com/terms/image/).

## Image Name

A name that refers to an image. The name is used by the docker commands.

## Container

A running Docker Image.

## Container ID

A ID that refers to a container. The ID is used by the docker commands.

## TAG

A string associated to a Image. It commonly used to identify a specific version
of a Image (like tags in version control systems). It is also possible to refer
the same Image with different TAGs.

## Kernel Namespaces

A Kernel feature to isolate some resources like network, users, and others for
a group of processes.

commit docker for openSUSE:Factory

2014-08-01 Thread h_root
Hello community,

here is the log from the commit of package docker for openSUSE:Factory checked 
in at 2014-08-01 11:48:31

Comparing /work/SRC/openSUSE:Factory/docker (Old)
 and  /work/SRC/openSUSE:Factory/.docker.new (New)


Package is docker

Changes:

--- /work/SRC/openSUSE:Factory/docker/docker.changes2014-07-17 
17:31:32.0 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes   2014-08-01 
11:48:32.0 +0200
@@ -1,0 +2,18 @@
+Fri Jul 25 06:17:04 UTC 2014 - fcaste...@suse.com
+
+- Updated to 1.1.2:
+  * Runtime:
+- Fix port allocation for existing containers
+- Fix containers restart on daemon restart
+- Updated conflict condition with LXC package.
+---
+Fri Jul 18 09:38:47 UTC 2014 - fcaste...@suse.com
+
+- Add apparmor-parser runtime dependency
+
+---
+Fri Jul 18 08:44:29 UTC 2014 - fcaste...@suse.com
+
+- Build with AppArmor and SELinux support
+
+---

Old:

  docker-1.1.1.tar.bz2

New:

  docker-1.1.2.tar.bz2



Other differences:
--
++ docker.spec ++
--- /var/tmp/diff_new_pack.b1l2tn/_old  2014-08-01 11:48:32.0 +0200
+++ /var/tmp/diff_new_pack.b1l2tn/_new  2014-08-01 11:48:32.0 +0200
@@ -1,4 +1,6 @@
+#
 # spec file for package docker
+#
 # Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
@@ -13,10 +15,11 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
-%define git_version dc62f3c
+
+%define git_version d84a070
 
 Name:   docker
-Version:1.1.1
+Version:1.1.2
 Release:0
 Summary:The Linux container runtime
 License:Apache-2.0
@@ -34,11 +37,13 @@
 BuildRequires:  device-mapper-devel = 1.2.68
 BuildRequires:  glibc-devel-static
 BuildRequires:  go = 1.2
+BuildRequires:  libapparmor-devel
 BuildRequires:  libbtrfs-devel = 3.8
 BuildRequires:  procps
 BuildRequires:  sqlite3-devel
 BuildRequires:  systemd-devel
 BuildRequires:  zsh
+Requires:   apparmor-parser
 Requires:   bridge-utils
 Requires:   ca-certificates-mozilla
 Requires:   git-core = 1.7
@@ -49,7 +54,7 @@
 Requires:   procps
 Requires:   tar = 1.26
 Requires:   xz = 4.9
-Conflicts:  lxc = 1.0
+Conflicts:  lxc  1.0
 PreReq: %fillup_prereq
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 ExclusiveArch:  x86_64
@@ -93,7 +98,7 @@
 export GOPATH=`pwd`/vendor
 mkdir vendor/src/github.com/dotcloud
 ln -s `pwd` vendor/src/github.com/dotcloud/
-export DOCKER_BUILDTAGS=exclude_graphdriver_aufs
+export DOCKER_BUILDTAGS=exclude_graphdriver_aufs apparmor selinux
 export DOCKER_GITCOMMIT=%{git_version}
 ./hack/make.sh dynbinary
 

++ docker-1.1.1.tar.bz2 - docker-1.1.2.tar.bz2 ++
/work/SRC/openSUSE:Factory/docker/docker-1.1.1.tar.bz2 
/work/SRC/openSUSE:Factory/.docker.new/docker-1.1.2.tar.bz2 differ: char 11, 
line 1

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org