Includes 6635b4f0c6,
which fixes a vulnerability in runc that allows a container escape (CVE-2019-5736)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Due to an error in the OCI specf for layerFolders, the runhcs shim was
passing the layers for LCOW in reverse order. This fixes the ordering
by simply removing the code which reversed the layers for LCOW.
Signed-off-by: Kevin Parsons <kevpar@microsoft.com>
Using the cri utility caused other project to have
containerd/cri as a dependency, only for this utility.
The new `reference.ParseDockerRef` function does the
same (other than having a different name).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: John Howard <jhoward@microsoft.com>
Needed for the containerd work on Windows and integrating the
oci package from containerd into moby.
No longer sets defaults for
- .Process.ConsoleSize
- .Windows.IgnoreFlushesDuringBoot
- .Windows.Network.AllowUnqualifiedDNSQuery
Adds helper functions and tests for
- WithWindowsIgnoreFlushesDuringBoot
- WithWindowNetworksAllowUnqualifiedDNSQuery
Updates `ctr run` on Windows to use the new helper functions,
ConsoleSize is already handled.
Adds comment showing the structure of the buckets
as stored in boltdb. Includes all bucket names, key names
and descriptions of the stored values.
Moves the metadata comment to package level to be exposed
in the godoc overview.
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
Remove pre-release files which do not match the recommended
release process. This will prevent confusion when using
previous releases for reference.
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
The noop-loop does nothing.
The containerd doesn't have any snapshotter buckets at the beginning.
If user uses specific dir as rootfs to create container, and sets
`snapshotter` key to the container, like `overlayfs` by mistake,
the gc scheduler will try to scan the snapshotter and panic.
In order to avoid this case, remove the noop-loop here.
Signed-off-by: Wei Fu <fuweid89@gmail.com>
Use full name including extension for shim binary format on Windows in order to
match any stat path faster without a fallback.
Signed-off-by: Justin Terry (VM) <juterry@microsoft.com>
`copy` permits using to mix `[]byte` and `string` arguments without
explicit conversion. I removed explicit conversion to make the code simpler.
Signed-off-by: Iskander Sharipov <quasilyte@gmail.com>
