packages/docker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
100 Commits 1 Branch 0 Tags
Commit Graph

40 Commits

Author SHA1 Message Date
chenjiankun
2e888b9837 docker: repalce unix.Rmdir with os.RemoveAll when remove mount point dir 
fix #I7G1LL
 2023-06-29 16:16:05 +08:00
chenjiankun
9b293e9221 docker: fix blockThreshold full bug 
Reference:dcfe23a038
 2023-06-27 16:59:43 +08:00
zhongjiawei
2e483250b2 docker:thinpool full because docker daemon restart when docker pull 
Signed-off-by: zhongjiawei <zhongjiawei1@huawei.com>
 2023-06-08 16:32:46 +08:00
zhongjiawei
3b459012b6 docker:fix CVE-2023-28840 CVE-2023-28841 CVE-2023-28842 2023-04-06 16:19:21 +08:00
zhongjiawei
59f6a66701 docker:sync some patches 2023-03-29 15:16:12 +08:00
zhaozhen
9cd20b596b add loongarch64 support for docker 2023-03-16 20:03:19 +08:00
zhongjiawei
ff3bcc697b docker: try http for docker manifest insecure 2023-03-15 17:24:08 +08:00
JackChan8
5ecf0ca3e7 docker: fix container missing after restarting dockerd twice 
fix #I6MJ4X
 2023-03-14 19:27:35 +08:00
Song Zhang
8ed0a65d0b docker stats: fix 'panic: close of closed channel' 
bugfix: https://gitee.com/src-openeuler/docker/issues/I6LNNW?from=project-issue

Signed-off-by: Song Zhang <zhangsong34@huawei.com>
 2023-03-10 15:42:11 +08:00
chenjiankun
b78a50c378 docker: set freezer.state to Thawed to increase freeze chances 
docker pause/unpause with parallel docker exec can lead to freezing
state, set freezer.state to Thawed to increase freeze chances
 2023-02-17 16:39:45 +08:00
zhongjiawei
365eb0b196 docker:do not stop health check before sending signal 2022-12-01 15:19:28 +08:00
chenjiankun
07ce32f65f docker: fix dockerd core when release network 
fix #I627ON
 2022-11-22 20:49:27 +08:00
chenjiankun
6a3861c8c1 docker: cleanup netns file when stop docker daemon 
fix #I5W2XY
 2022-11-22 14:50:42 +08:00
chenjiankun
54c9d1260f docker: ensure layer digest folder removed if ls.driver.Remove fails 
If image pull fails of context canceled, image layer will perform a
rollback operation. When image layer is released, the diff folder of layer
will be removed first, and then the digest folder will be removed.
If the diff folder fails to be removed, such as operation not permitted or
interrupted by others, both the digest folder and diff folder will remain
on the disk, this will cause image not be complete and not repairable.

So we should remove the digest folder first for image layers rollback
and ensure image can be re-pulled completely.
 2022-09-15 17:31:01 +08:00
chenjiankun
fc3bc485d1 docker: fix CVE-2022-36109 
fix #I5QLCS
 2022-09-15 11:24:04 +08:00
chenjiankun
214570099c docker: Add an ExitPid field for State struct to record exit process id 
fix #I5OBUW
 2022-09-13 20:38:42 +08:00
chenjiankun
542207bf0a docker: fix terminal abnormal after docker run 
fix #I5OBZ9
fix #I5LDB4
fix #I5FTB4
 2022-09-13 19:58:50 +08:00
zhongjiawei
777a2b05b8 fix CVE-2021-41092 
fix #I5D1C0
fix CVE-2021-41092
 2022-06-29 14:52:33 +08:00
zjw
69f6dc243f fix CVE-2021-41091 
fix #I5CA8V
fix CVE-2021-41091
 2022-06-29 09:57:50 +08:00
zjw
9d4f69f055 fix CVE-2021-41089 
fix #I5CA8X
 2022-06-29 09:54:58 +08:00
zjw
2b2be77fce close channel in write side to avoid panic in docker stats 
fix #I5ATMV
 2022-06-29 09:50:20 +08:00
zjw
6b4b0f7702 fix status inconsistent after restart container 
fix #I5AIPF
fix #I5AD5N
 2022-06-29 09:45:41 +08:00
chenjiankun
e676158bba sync from openEuler-22.03-LTS 2022-06-28 16:29:12 +08:00
duyiwei
632b430ea3 fix CVE-2022-24769 2022-06-10 15:13:38 +08:00
xiadanni
447f294a20 docker:update seccomp whitelist to Linux 5.10 syscall list 
Signed-off-by: xiadanni <xiadanni1@huawei.com>
 2021-09-26 23:57:52 +08:00
WangFengTu
aa6647526e fix dangling unpigz 
Signed-off-by: WangFengTu <wangfengtu@huawei.com>
 2021-08-30 09:19:11 +08:00
WangFengTu
82696f6e38 rollback if docker restart when doing BlkDiscard 
Signed-off-by: WangFengTu <wangfengtu@huawei.com>
 2021-04-01 16:25:19 +08:00
xiadanni
1bae2e5ea3 docker:sync bugfix and fix CVE-2021-21284 2021-21285 
1.fix execCommands leak in health-check
2.check containerd pid before kill it
3.fix CVE-2021-21284
4.fix CVE-2021-21285

Change-Id: I2fe1dd40281f1786ecc63ff19d416b113710e611
Signed-off-by: xiadanni <xiadanni1@huawei.com>
 2021-03-18 15:40:53 +08:00
jingrui
af6293703d docker: sync bugfix 
Change-Id: I4dc92059d90415199fcd143d75cc68cfdb67c430
Signed-off-by: jingrui <jingrui@huawei.com>
 2021-01-19 14:03:29 +08:00
yangyanchao
4780a2ff0e docker:components:add config files for riscv 
Signe:-off-by: yangyanchao <yangyanchao6@huawei.com>
 2021-01-04 10:45:04 +08:00
f00231050
27493a1bf2 docker: fix registry not try hostname issue 
reason: when mirror is matched, only matched mirror endpoint is added to endpoint list, but the hostname itself is not in the list, which is not compatible with the case of docker.io, docker.io will be appended to the last of the endpoint list.
 2020-12-21 09:46:50 +08:00
liuzekun
294a810705 docker: sync patches from internal 
Signed-off-by: liuzekun <liuzekun@huawei.com>
 2020-11-28 09:37:25 +08:00
jingrui
a7fbe55e45 docker: sync daemon pkg to cli vendor 
Change-Id: I3f272af66670959fc7d42d5be2526ebf7f9eecfb
Signed-off-by: jingrui <jingrui@huawei.com>
 2020-07-06 18:56:50 +08:00
xiadanni1
07877c6fda docker: use git-commit to store commit ID 
Change-Id: Id13ecdba61708f62595d6db593c670c304abf0bb
Signed-off-by: xiadanni1 <xiadanni1@huawei.com>
 2020-06-16 02:07:26 +08:00
liuzekun
c0d5f8afd5 docker: check whether exit file is exist before kill process directly 
kill process directly should check whether exit file is exist already,
for avoid kill the new process which reused this pid

Signed-off-by: liuzekun <liuzekun@huawei.com>
 2020-04-10 17:13:31 +08:00
liuzekun
9f71f40e9f docker: 'delete event' is not need to process in daemon processEvent 
Signed-off-by: liuzekun <liuzekun@huawei.com>
 2020-04-10 11:01:16 +08:00
Grooooot
76b6c4c1b3 docker: Delete stale containerd object on start failure 
containerd has two objects with regard to containers.
This is a "container" object which is metadata and a "task" which is
manging the actual runtime state.

When docker starts a container, it creates both the container metadata
and the task at the same time. So when a container exists, docker deletes
both of these objects as well.

This ensures that if, on start, when we go to create the container metadata object
in containerd, if there is an error due to a name conflict taht we go
ahead and clean that up and try again.

backport from upstream: https://github.com/moby/moby/pull/38364

Signed-off-by: Grooooot <isula@huawei.com>
 2020-03-17 10:49:57 +08:00
Grooooot
e7de2c79b3 docker: add patches 
Signed-off-by: Grooooot <isula@huawei.com>
 2020-03-05 15:13:09 +08:00
dogsheng
be56a4fe89 Package init 2019-12-25 19:10:46 +08:00
overweight
6138d366d1 Package init 2019-09-30 10:37:25 -04:00