github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
5,732 Commits 3 Branches 2 Tags 112 MiB
0dc7c85956
Commit Graph

90 Commits

Author SHA1 Message Date
Sebastiaan van Stijn
8b42adeddc
Add /proc/acpi to masked paths 
relates to CVE-2018-10892

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2018-07-06 18:38:47 +02:00
Akihiro Suda
d88de4a34f content: change Writer/ReaderAt to take OCI 
This change allows implementations to resolve the location of the actual data
using OCI descriptor fields such as MediaType.

No OCI descriptor field is written to the store.

No change on gRPC API.

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
 2018-06-01 11:51:43 +09:00
Michael Crosby
62e22a9fe7 Type alias spec in oci package 
This allows Go to build third party packages correctly without vendoring
issues what want to create their own SpecOpts.

Fixes #2289

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2018-05-17 09:18:46 -04:00
Justin Cormack
062c3a00ef
Add a WithPrivileged OCI constructor and the options needed to build it 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2018-04-04 13:25:34 +01:00
Justin Cormack
0ee2f35e43
Consistently add empty types where they are nil in spec 
In a few places we check for nil types when modifying a spec,
but in many cases we do not so we could get a panic if the
passed in type was not filled. Because the generated spec is
filled we will not notice this but users may get unexpected
panics.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2018-04-03 14:44:23 +01:00
Lantao Liu
00b600a605 Improve WithUser comments and code style. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-03-30 20:34:12 +00:00
Lantao Liu
45b0045593 Add oci.WithUser helper function. 
Signed-off-by: Lantao Liu <lantaol@google.com>
 2018-03-30 20:06:25 +00:00
Kunal Kushwaha
b12c3215a0 Licence header added 
Signed-off-by: Kunal Kushwaha <kushwaha_kunal_v7@lab.ntt.co.jp>
 2018-02-19 10:32:26 +09:00
Justin Cormack
eab5d87af1 Fix typo in variable name 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2018-02-13 15:06:49 +00:00
Brian Goff
c776b6d8d9 Use continuity fs package 
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2018-02-07 12:40:52 -05:00
Michael Crosby
d179c61231 Revert "Use jsoniteer for faster json encoding/decoding" 
This reverts commit 4233b87b89.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2018-01-29 15:47:48 -05:00
Michael Crosby
4233b87b89 Use jsoniteer for faster json encoding/decoding 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2018-01-26 16:32:55 -05:00
Michael Crosby
4e27c4d53d Add WithAllCapabilities as spec opt 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2018-01-26 14:31:32 -05:00
Paul Knopf
b4c3cd7640
Add WithEnv and WithMount oci options 
Signed-off-by: Paul Knopf <pauldotknopf@gmail.com>
 2018-01-22 16:35:31 -05:00
Michael Crosby
1f5ce14a82 Support getting uid/gid from rootfs path 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2018-01-16 14:48:29 -05:00
Michael Crosby
5b042945b0 Refactor get uid/gid from path 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2018-01-16 12:01:31 -05:00
Akihiro Suda
1645d8406d oci: simplify WithImageConfig 
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
 2018-01-12 15:46:53 +09:00
Akihiro Suda
b99dc56817 oci: add TODO comments 
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
 2018-01-12 15:36:18 +09:00
Akihiro Suda
369d7c9545 oci: fix err variable scope 
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
 2018-01-12 15:36:18 +09:00
Derek McGowan
dfd7ee122f
Clean up error logs and messages in temp mount 
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
 2018-01-05 15:37:11 -08:00
yanxuean
cb58bb885a solve incorrect unmount 
1. add WithTempMount for better unmount and remove
2. solve incorrect unmount for
   diff.DiffMounts,
   diff.Apply,
   oci.WithUsername,
   oci.WithUserID,
   remapRootFS

Signed-off-by: yanxuean <yan.xuean@zte.com.cn>
 2018-01-06 00:28:16 +08:00
Michael Crosby
a8b543f87d rmdir tmp dirs for rootfs mounts 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-12-04 13:51:11 -05:00
Michael Crosby
b0ca685874 Retry unmount on EBUSY and return errors 
This is another WIP to fix #1785.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-12-04 11:31:08 -05:00
Michael Crosby
fd2e3cd326 Remove mount namespace from shim 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-12-01 17:35:14 -05:00
Michael Crosby
a4a4c90ed3 Use strconv.Atoi for uid/gid parsing 
This follows the same logic that runc uses for parsing uid/gid values.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2017-11-30 15:22:41 -05:00
Jess Valarezo
9885edfc44 rename snapshot->snapshots pkg 
Signed-off-by: Jess Valarezo <valarezo.jessica@gmail.com>
 2017-11-29 14:55:02 -08:00
Stephen J Day
0d957b1da5
oci: allocate process if not already set 
Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2017-11-27 17:36:43 -08:00
Daniel Nephin
f6e877e8be Proposed fix for image content store 
Signed-off-by: Daniel Nephin <dnephin@gmail.com>
 2017-11-27 16:16:17 -05:00
Daniel Nephin
a21a19a658 fix windows oci package 
Signed-off-by: Daniel Nephin <dnephin@gmail.com>
 2017-11-27 16:16:17 -05:00
Daniel Nephin
081f8c7ce0 oci package passing tests 
Signed-off-by: Daniel Nephin <dnephin@gmail.com>
 2017-11-27 16:14:43 -05:00
Derek McGowan
a437d140f8
Remove oci package 
Replace functionality in client with simple tar writer

Signed-off-by: Derek McGowan <derek@mcgstyle.net>
 2017-08-11 11:48:14 -07:00
Akihiro Suda
b518f11dba client: add Import() and Export() for importing/exporting image in OCI format 
Export as a tar (Note: "-" can be used for stdout):

    $ ctr images export /tmp/oci-busybox.tar docker.io/library/busybox:latest

Import a tar (Note: "-" can be used for stdin):

    $ ctr images import foo/new:latest /tmp/oci-busybox.tar

Note: media types are not converted at the moment: e.g.
  application/vnd.docker.image.rootfs.diff.tar.gzip
  -> application/vnd.oci.image.layer.v1.tar+gzip

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
 2017-07-28 04:47:53 +00:00
Akihiro Suda
e4bc59a295 package for manipulating OCI images 
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
 2017-06-14 06:49:56 +00:00
Michael Crosby
fdbae36237 Move oci and shim to execution package 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2016-12-01 11:06:32 -08:00
Michael Crosby
c2a57e2b00 Fix build because of imports in package 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2016-12-01 10:47:47 -08:00
Michael Crosby
3551d4c0b9 Implement live restore with shim 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2016-10-06 15:18:26 -07:00
Michael Crosby
c76f883ccd Finish port of shim package 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2016-10-05 15:07:20 -07:00
Michael Crosby
be20dd0484 Update oci executor to use Opts 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2016-10-03 15:20:45 -07:00
Michael Crosby
23adfe42f9 Add loading of existing container 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2016-09-30 13:51:10 -07:00
Michael Crosby
06e42ec370 Rename runc to oci package 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
 2016-09-30 10:39:26 -07:00