From 78f4952bae775ef232a653b6c151580a1e95cd63 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: May 12 2016 15:00:29 +0000 Subject: import docker-1.9.1-40.el7 --- diff --git a/.docker.metadata b/.docker.metadata index 25d0eec..843bd49 100644 --- a/.docker.metadata +++ b/.docker.metadata @@ -1,5 +1,4 @@ -4f671c3bda1156be84fbd190837fdf77d280983e SOURCES/78ee77d1ede95dcbc0c021ec722ed85178dc38ed.tar.gz -ce32e087b1ee8d5d4aede237802f49edb99c298f SOURCES/b851c03ddae1db30a4acf5e4cc5e31b6a671af35.tar.gz -338fb7f77b32e2ed8bd63aa698f48466c108fc27 SOURCES/docker-selinux-8718b62.tar.gz -97bbd18c2f6eba9121fd768f88ffcd9b11d38d20 SOURCES/docker-storage-setup-c6f0553.tar.gz +2c797ff524192f7f42ecfdfc4002ab1b980616e3 SOURCES/ab77bdeb3e2c012f3b533c35205c7a322d742f94.tar.gz +c21df049e5ca6d1a73889d4a1914c70d6a462839 SOURCES/docker-selinux-032bcda.tar.gz +b0e0da091dd20fae0a530747368e8ac63ec63d36 SOURCES/docker-storage-setup-df2af94.tar.gz 42759a4937aecbd2cd1d00de8a54aa3615c3e7bc SOURCES/forward-journald-77e02a9.tar.gz diff --git a/.gitignore b/.gitignore index 102fbb1..1eb266b 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,4 @@ -SOURCES/78ee77d1ede95dcbc0c021ec722ed85178dc38ed.tar.gz -SOURCES/b851c03ddae1db30a4acf5e4cc5e31b6a671af35.tar.gz -SOURCES/docker-selinux-8718b62.tar.gz -SOURCES/docker-storage-setup-c6f0553.tar.gz +SOURCES/ab77bdeb3e2c012f3b533c35205c7a322d742f94.tar.gz +SOURCES/docker-selinux-032bcda.tar.gz +SOURCES/docker-storage-setup-df2af94.tar.gz SOURCES/forward-journald-77e02a9.tar.gz diff --git a/SOURCES/README-docker-common b/SOURCES/README-docker-common new file mode 100644 index 0000000..42616fb --- /dev/null +++ b/SOURCES/README-docker-common @@ -0,0 +1,4 @@ +docker-common installs a script at /usr/bin/docker which will point to +/usr/bin/docker-current by default. The docker daemon user could set the +DOCKERBINARY variable in /etc/sysconfig/docker to point this to +/usr/bin/docker-latest instead. diff --git a/SOURCES/docker-common.sh b/SOURCES/docker-common.sh new file mode 100644 index 0000000..b3e0908 --- /dev/null +++ b/SOURCES/docker-common.sh @@ -0,0 +1,14 @@ +#!/bin/sh +. /etc/sysconfig/docker +[ -e "${DOCKERBINARY}" ] || DOCKERBINARY=/usr/bin/docker-current +if [ ! -f /usr/bin/docker-current ]; then + DOCKERBINARY=/usr/bin/docker-latest +fi +if [[ ${DOCKERBINARY} != "/usr/bin/docker-current" && ${DOCKERBINARY} != /usr/bin/docker-latest ]]; then + echo "DOCKERBINARY has been set to an invalid value:" $DOCKERBINARY + echo "" + echo "Please set DOCKERBINARY to /usr/bin/docker-current or /usr/bin/docker-latest +by editing /etc/sysconfig/docker" +else + exec ${DOCKERBINARY} "$@" +fi diff --git a/SOURCES/docker.service b/SOURCES/docker.service index 32a6bdc..5f85a23 100644 --- a/SOURCES/docker.service +++ b/SOURCES/docker.service @@ -11,7 +11,7 @@ EnvironmentFile=-/etc/sysconfig/docker EnvironmentFile=-/etc/sysconfig/docker-storage EnvironmentFile=-/etc/sysconfig/docker-network Environment=GOTRACEBACK=crash -ExecStart=/bin/sh -c '/usr/bin/docker daemon $OPTIONS \ +ExecStart=/bin/sh -c '/usr/bin/docker-current daemon $OPTIONS \ $DOCKER_STORAGE_OPTIONS \ $DOCKER_NETWORK_OPTIONS \ $ADD_REGISTRY \ @@ -23,7 +23,7 @@ LimitNPROC=1048576 LimitCORE=infinity MountFlags=slave TimeoutStartSec=0 -Restart=on-failure +Restart=on-abnormal StandardOutput=null StandardError=null diff --git a/SOURCES/docker.sysconfig b/SOURCES/docker.sysconfig index d3938bf..4439bd8 100644 --- a/SOURCES/docker.sysconfig +++ b/SOURCES/docker.sysconfig @@ -9,7 +9,7 @@ DOCKER_CERT_PATH=/etc/docker # pull use the ADD_REGISTRY option to list a set of registries, each prepended # with --add-registry flag. The first registry added will be the first registry # searched. -#ADD_REGISTRY='--add-registry registry.access.redhat.com' +ADD_REGISTRY='--add-registry registry.access.redhat.com' # If you want to block registries from being used, uncomment the BLOCK_REGISTRY # option and give it a set of registries, each prepended with --block-registry @@ -34,3 +34,8 @@ DOCKER_CERT_PATH=/etc/docker # Controls the /etc/cron.daily/docker-logrotate cron job status. # To disable, uncomment the line below. # LOGROTATE=false +# + +# docker-latest daemon can be used by starting the docker-latest unitfile. +# To use docker-latest client, uncomment below line +#DOCKERBINARY=/usr/bin/docker-latest diff --git a/SPECS/docker.spec b/SPECS/docker.spec index 41c2be5..e6d3dab 100644 --- a/SPECS/docker.spec +++ b/SPECS/docker.spec @@ -17,29 +17,24 @@ %global project docker %global repo %{project} -%global import_path %{provider}.%{provider_tld}/%{project}/%{name} +%global import_path %{provider}.%{provider_tld}/%{project}/%{repo} # docker %global git0 https://github.com/projectatomic/docker -%global commit0 78ee77d1ede95dcbc0c021ec722ed85178dc38ed +%global commit0 ab77bdeb3e2c012f3b533c35205c7a322d742f94 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # d-s-s %global git1 https://github.com/projectatomic/docker-storage-setup -%global commit1 c6f0553f248be2523a8b1bf345529d9958e1b82e +%global commit1 df2af9439577cedc2c502512d887c8df10a33cbf %global shortcommit1 %(c=%{commit1}; echo ${c:0:7}) %global dss_libdir %{_exec_prefix}/lib/%{name}-storage-setup # docker-selinux %global git2 https://github.com/projectatomic/docker-selinux -%global commit2 8718b6204b7e9ffd151230380fe3dc71f58e14d3 +%global commit2 032bcda7b1eb6d9d75d3c0ce64d9d35cdb9c7b85 %global shortcommit2 %(c=%{commit2}; echo ${c:0:7}) -# docker-utils -%global git3 https://github.com/vbatts/docker-utils -%global commit3 b851c03ddae1db30a4acf5e4cc5e31b6a671af35 -%global shortcommit3 %(c=%{commit3}; echo ${c:0:7}) - # forward-journald %global git6 https://github.com/projectatomic/forward-journald %global commit6 77e02a9774a6ca054e41c27f6f319d701f1cbaea @@ -68,7 +63,7 @@ Name: %{repo} Version: 1.9.1 -Release: 25%{?dist} +Release: 40%{?dist} Summary: Automates deployment of containerized applications License: ASL 2.0 URL: https://%{import_path} @@ -83,13 +78,13 @@ Source4: %{name}-storage.sysconfig Source5: %{name}-logrotate.sh Source6: README.%{name}-logrotate Source7: %{name}-network.sysconfig -# Source11 is the source tarball for %%{name}tarsum and %%{name}-fetch -Source11: %{git3}/archive/%{commit3}.tar.gz # Source12 is the source tarball for %%{name}-selinux Source12: %{git2}/archive/%{commit2}/%{name}-selinux-%{shortcommit2}.tar.gz # Source13 is the source tarball for %%{name}-storage-setup Source13: %{git1}/archive/%{commit1}/%{name}-storage-setup-%{shortcommit1}.tar.gz Source14: %{git6}/archive/%{commit6}/forward-journald-%{shortcommit6}.tar.gz +Source15: %{name}-common.sh +Source16: README-%{name}-common BuildRequires: glibc-static BuildRequires: golang >= 1.4.2 BuildRequires: device-mapper-devel @@ -98,13 +93,14 @@ BuildRequires: btrfs-progs-devel BuildRequires: sqlite-devel BuildRequires: go-md2man >= 1.0.4 BuildRequires: pkgconfig(systemd) +Requires: %{name}-common = %{version}-%{release} Requires(post): systemd Requires(preun): systemd Requires(postun): systemd # need xz to work with ubuntu images Requires: xz Requires: device-mapper-libs >= 7:1.02.97 -#Requires: subscription-manager +Requires: subscription-manager Provides: lxc-%{name} = %{version}-%{release} Provides: %{name}-io = %{version}-%{release} @@ -119,10 +115,6 @@ Requires: xfsprogs # rhbz#1282898 - obsolete docker-storage-setup Obsoletes: %{name}-storage-setup <= 0.0.4-2 -# rhbz#1304038 -Conflicts: atomic-openshift < 3.2 -Conflicts: origin < 1.2 - # rhbz#1300076 Requires: %{name}-forward-journald = %{version}-%{release} @@ -179,6 +171,14 @@ SIGPIPE's on stdout or stderr cause go to generate a non-trappable SIGPIPE killing the process. This happens when journald is restarted while docker is running under systemd. +%package common +Summary: Common files for docker and docker-latest + +%description common +This package contains the common files %{_bindir}/%{name} which will point to +%{_bindir}/%{name}-current or %{_bindir}/%{name}-latest configurable via +%{_sysconfdir}/sysconfig/%{repo} + %prep %setup -qn %{name}-%{commit0} cp %{SOURCE6} . @@ -186,32 +186,30 @@ cp %{SOURCE6} . # unpack %%{name}-selinux tar zxf %{SOURCE12} -# untar %%{name}-utils tarball -tar zxf %{SOURCE11} - # untar d-s-s tar zxf %{SOURCE13} # untar forward-journald tar zxf %{SOURCE14} +cp %{SOURCE16} . + %build mkdir _build pushd _build - mkdir -p src/%{provider}.%{provider_tld}/{%{name},projectatomic,vbatts} + mkdir -p src/%{provider}.%{provider_tld}/{%{name},projectatomic} ln -s $(dirs +1 -l) src/%{import_path} - ln -s $(dirs +1 -l)/%{name}-utils-%{commit3} src/%{provider}.%{provider_tld}/vbatts/%{name}-utils ln -s $(dirs +1 -l)/forward-journald-%{commit6} src/%{provider}.%{provider_tld}/projectatomic/forward-journald popd export DOCKER_GITCOMMIT="%{shortcommit0}/%{version}" -export DOCKER_BUILDTAGS='selinux btrfs_noversion' +export DOCKER_BUILDTAGS='selinux' export GOPATH=$(pwd)/_build:$(pwd)/vendor:%{gopath}:$(pwd)/forward-journald-%{commit6}/vendor # build %%{name} binary -sed -i '/rm -r autogen/d' hack/make.sh -DOCKER_DEBUG=1 hack/make.sh dynbinary +sed -i '/LDFLAGS_STATIC/d' hack/make/.dockerinit +IAMSTATIC=false DOCKER_DEBUG=1 hack/make.sh dynbinary cp contrib/syntax/vim/LICENSE LICENSE-vim-syntax cp contrib/syntax/vim/README.md README-vim-syntax.md @@ -221,9 +219,6 @@ make SHARE="%{_datadir}" TARGETS="%{modulenames}" popd pushd $(pwd)/_build/src -# build %%{name}tarsum and %%{name}-fetch -go build %{provider}.%{provider_tld}/vbatts/%{name}-utils/cmd/%{name}-fetch -go build %{provider}.%{provider_tld}/vbatts/%{name}-utils/cmd/%{name}tarsum go build %{provider}.%{provider_tld}/projectatomic/forward-journald popd @@ -235,16 +230,11 @@ man/md2man-all.sh install -d %{buildroot}%{_bindir} install -d %{buildroot}%{_libexecdir}/%{name} -# install %%{name}tarsum and %%{name}-fetch -install -p -m 755 _build/src/%{name}-fetch %{buildroot}%{_bindir} -install -p -m 755 _build/src/%{name}tarsum %{buildroot}%{_bindir} - for x in bundles/latest; do if ! test -d $x/dynbinary; then continue fi - install -p -m 755 $x/dynbinary/%{name}-%{version} %{buildroot}%{_bindir}/%{name} - install -p -m 755 $x/dynbinary/%{name}init-%{version} %{buildroot}%{_libexecdir}/%{name}/%{name}init + install -p -m 755 $x/dynbinary/%{name}-%{version} %{buildroot}%{_bindir}/%{name}-current break done @@ -320,17 +310,16 @@ rm -rf %{buildroot}%{_sharedstatedir}/%{name}-unit-test/contrib/init/openrc/%{na # remove %%{name}-selinux rpm spec file rm -rf %{name}-selinux-%{commit2}/%{name}-selinux.spec -# don't install secrets dir -# install -d -p -m 750 %{buildroot}/%{_datadir}/rhel/secrets +# install secrets dir +install -d -p -m 750 %{buildroot}/%{_datadir}/rhel/secrets # rhbz#1110876 - update symlinks for subscription management -#ln -s %{_sysconfdir}/pki/entitlement %{buildroot}%{_datadir}/rhel/secrets/etc-pki-entitlement -#ln -s %{_sysconfdir}/rhsm %{buildroot}%{_datadir}/rhel/secrets/rhsm -#ln -s %{_sysconfdir}/yum.repos.d/redhat.repo %{buildroot}%{_datadir}/rhel/secrets/rhel7.repo +ln -s %{_sysconfdir}/pki/entitlement %{buildroot}%{_datadir}/rhel/secrets/etc-pki-entitlement +ln -s %{_sysconfdir}/rhsm %{buildroot}%{_datadir}/rhel/secrets/rhsm +ln -s %{_sysconfdir}/yum.repos.d/redhat.repo %{buildroot}%{_datadir}/rhel/secrets/rhel7.repo -#mkdir -p %{buildroot}/etc/%{name}/certs.d/redhat.{com,io} -#ln -s %{_sysconfdir}/rhsm/ca/redhat-uep.pem %{buildroot}/%{_sysconfdir}/%{name}/certs.d/redhat.com/redhat-ca.crt -#ln -s %{_sysconfdir}/rhsm/ca/redhat-uep.pem %{buildroot}/%{_sysconfdir}/%{name}/certs.d/redhat.io/redhat-ca.crt -mkdir -p %{buildroot}/etc/%{name}/certs.d +mkdir -p %{buildroot}/etc/%{name}/certs.d/redhat.{com,io} +ln -s %{_sysconfdir}/rhsm/ca/redhat-uep.pem %{buildroot}/%{_sysconfdir}/%{name}/certs.d/redhat.com/redhat-ca.crt +ln -s %{_sysconfdir}/rhsm/ca/redhat-uep.pem %{buildroot}/%{_sysconfdir}/%{name}/certs.d/redhat.io/redhat-ca.crt # install %%{name} config directory install -dp %{buildroot}%{_sysconfdir}/%{name}/ @@ -354,6 +343,10 @@ popd install -d %{buildroot}%{_bindir} install -p -m 700 _build/src/forward-journald %{buildroot}%{_bindir} +# install %%{_bindir}/%{name} +install -d %{buildroot}%{_bindir} +install -p -m 755 %{SOURCE15} %{buildroot}%{_bindir}/%{name} + %check [ ! -w /run/%{name}.sock ] || { mkdir test_dir @@ -399,23 +392,23 @@ if %{_sbindir}/selinuxenabled ; then fi fi +#define license tag if not already defined +%{!?_licensedir:%global license %doc} + %files -%doc AUTHORS CHANGELOG.md CONTRIBUTING.md MAINTAINERS NOTICE -%doc LICENSE* README*.md +%license LICENSE* +%doc AUTHORS CHANGELOG.md CONTRIBUTING.md MAINTAINERS NOTICE README*.md +%config(noreplace) %{_sysconfdir}/sysconfig/%{name}-* +%dir %{_sysconfdir}/%{name} +%{_sysconfdir}/%{name}/* %{_mandir}/man1/%{name}*.1.gz %{_mandir}/man5/*.5.gz %{_mandir}/man8/*.8.gz -%{_bindir}/%{name} -#%dir %{_datadir}/rhel -#%dir %{_datadir}/rhel/secrets -#%{_datadir}/rhel/secrets/etc-pki-entitlement -#%{_datadir}/rhel/secrets/rhel7.repo -#%{_datadir}/rhel/secrets/rhsm +%{_bindir}/%{name}-* +%dir %{_datadir}/rhel +%{_datadir}/rhel/* %{_libexecdir}/%{name} -%{_unitdir}/%{name}.service -%config(noreplace) %{_sysconfdir}/sysconfig/%{name} -%config(noreplace) %{_sysconfdir}/sysconfig/%{name}-storage -%config(noreplace) %{_sysconfdir}/sysconfig/%{name}-network +%{_unitdir}/%{name}* %{_datadir}/bash-completion/completions/%{name} %dir %{_sharedstatedir}/%{name} %{_udevrulesdir}/80-%{name}.rules @@ -429,15 +422,8 @@ fi %{_datadir}/vim/vimfiles/syntax/%{name}file.vim %dir %{_datadir}/zsh/site-functions %{_datadir}/zsh/site-functions/_%{name} -%{_sysconfdir}/%{name} -%{_bindir}/%{name}-fetch -%{_bindir}/%{name}tarsum -# %%{name}-storage-setup specific -%config(noreplace) %{_sysconfdir}/sysconfig/%{name}-storage-setup -%{_unitdir}/%{name}-storage-setup.service -%{_bindir}/%{name}-storage-setup -%{dss_libdir}/%{name}-storage-setup -%{dss_libdir}/libdss.sh +%dir %{dss_libdir} +%{dss_libdir}/* %if 0%{?with_unit_test} %files unit-test @@ -453,13 +439,103 @@ fi %{_datadir}/selinux/* %files forward-journald -%doc forward-journald-%{commit6}/LICENSE +%license forward-journald-%{commit6}/LICENSE %doc forward-journald-%{commit6}/README.md %{_bindir}/forward-journald +%files common +%doc README-%{name}-common +%{_bindir}/%{name} +%config(noreplace) %{_sysconfdir}/sysconfig/%{name} + %changelog -* Fri Apr 1 2016 Johnny Hughes - 1.9.1-25 -- - Manual CentOS debreanding +* Tue May 03 2016 Lokesh Mandvekar - 1.9.1-40 +- Resolves: #1332592 - requires docker-common = version-release +- From: Ed Santiago + +* Tue May 03 2016 Lokesh Mandvekar - 1.9.1-39 +- Resolves: #1332016, #1329743 +- built docker projectatomic/rhel7-1.9 commit ab77bde +- built docker-selinux origin/rhel-1.10 commit 032bcda + +* Wed Apr 27 2016 Lokesh Mandvekar - 1.9.1-38 +- Resolves: #1331007 - fix selinux labels for new docker execs names +- built docker-selinux commit#501ea4c + +* Tue Apr 26 2016 Lokesh Mandvekar - 1.9.1-37 +- Resolves: #1330622 - /usr/bin/docker handles docker/docker-latest +conditions +- Resolves: #1330290 - d-s-s: do not pass devices which have 'creation of +device node' in progress +- built d-s-s commit#df2af94 + +* Tue Apr 26 2016 Lokesh Mandvekar - 1.9.1-36 +- Resolves: #1330622 - don't allow $DOCKERBINARY==/usr/bin/docker + +* Tue Apr 26 2016 Lokesh Mandvekar - 1.9.1-35 +- #1330595 fix From: Ed Santiago + +* Tue Apr 26 2016 Lokesh Mandvekar - 1.9.1-34 +- Resolves: #1330595 +- use correct exec path for docker-current in unitfile + +* Mon Apr 25 2016 Lokesh Mandvekar - 1.9.1-33 +- Resolves: #1328219 - include docker-common subpackage +- docker-common is a runtime requirement for both docker and docker-latest + +* Thu Apr 21 2016 Lokesh Mandvekar - 1.9.1-32 +- update upstream URL +- Resolves: #1329423 - skip /dev setup in container when it's bind mounted in +- Resolves: #1329452 - CVE-2016-3697 +- built docker @projectatomic/rhel7-1.9 commit#639e055 +- built docker-selinux commit#39c092c +- built d-s-s commit#04a3847 +- built forward-journald commit#77e02a9 + +* Thu Apr 21 2016 Lokesh Mandvekar - 1.9.1-31 +- test-fix for https://github.com/openshift/openshift-ansible/issues/1779 + +* Mon Apr 18 2016 Lokesh Mandvekar - 1.9.1-30 +- Bump release - previous git log had 2 docker commit values +- built docker @projectatomic/rhel7-1.9 commit#a1c9058 +- built docker-selinux commit#39c092c +- built d-s-s commit#04a3847 +- built forward-journald commit#77e02a9 + +* Mon Apr 18 2016 Lokesh Mandvekar - 1.9.1-29 +- Resolves: #1283718, #1277982, #1126555 #1134424, #1186066, + #1228777, #1255060, #1256832, #1261565, #1264562, #1266307, + #1266525 #1266902 #1268059 #1272143 #1277982 #1283718 #1300033, + #1303110 #1309739 #1316651 #1319783 +- remove conflicts with atomic-openshift and origin +- built docker @projectatomic/rhel7-1.9 commit#a1c9058 +- built docker-selinux commit#39c092c +- built d-s-s commit#04a3847 +- built forward-journald commit#77e02a9 +- do not even build dockerinit + +* Sun Apr 10 2016 Lokesh Mandvekar - 1.9.1-28 +- built docker @projectatomic/rhel7-1.9 commit#b795b73 +- built docker-selinux commit#39c092c +- built d-s-s commit#ac50cee +- built docker-utils commit#b851c03 +- built v1.10-migrator commit#c417a6a +- built forward-journald commit#77e02a9 + +* Sun Apr 10 2016 Lokesh Mandvekar - 1.9.1-27 +- split docker-utils into a subpackage so docker-latest can reuse it. +- docker requires docker-utils at runtime +- do not ship dockerinit +- spec cleanups + +* Mon Apr 04 2016 Lokesh Mandvekar - 1.9.1-26 +- Resolves: rhbz#1323819 - allow images with VOLUME(s) when binds destination +override volume definition +- built docker @projectatomic/rhel7-1.9 commit#b795b73 +- built docker-selinux commit#e72d8d7 +- built d-s-s commit#346018e +- built docker-utils commit#b851c03 +- built forward-journald commit#77e02a9 * Wed Mar 23 2016 Lokesh Mandvekar - 1.9.1-25 - Resolves: rhbz#1320302 - Backport fix for --cgroup-parent in docker