diff --git a/dev-dont-modify.patch b/dev-dont-modify.patch new file mode 100644 index 0000000..1bb3213 --- /dev/null +++ b/dev-dont-modify.patch @@ -0,0 +1,62 @@ +From c9d58506297ed6c86c9d8a91d861e4de3772e699 Mon Sep 17 00:00:00 2001 +From: Mrunal Patel +Date: Tue, 7 Jul 2015 17:46:44 -0400 +Subject: [PATCH] Don't make modifications to /dev there are no devices in the + configuration + +Signed-off-by: Mrunal Patel +--- + libcontainer/rootfs_linux.go | 26 ++++++++++++++++---------- + 1 file changed, 16 insertions(+), 10 deletions(-) + +diff --git a/libcontainer/rootfs_linux.go b/libcontainer/rootfs_linux.go +index 88aa77d..21f380d 100644 +--- a/libcontainer/rootfs_linux.go ++++ b/libcontainer/rootfs_linux.go +@@ -27,6 +27,8 @@ func setupRootfs(config *configs.Config, console *linuxConsole) (err error) { + if err := prepareRoot(config); err != nil { + return newSystemError(err) + } ++ ++ setupDev := len(config.Devices) == 0 + for _, m := range config.Mounts { + for _, precmd := range m.PremountCmds { + if err := mountCmd(precmd); err != nil { +@@ -43,14 +45,16 @@ func setupRootfs(config *configs.Config, console *linuxConsole) (err error) { + } + } + } +- if err := createDevices(config); err != nil { +- return newSystemError(err) +- } +- if err := setupPtmx(config, console); err != nil { +- return newSystemError(err) +- } +- if err := setupDevSymlinks(config.Rootfs); err != nil { +- return newSystemError(err) ++ if !setupDev { ++ if err := createDevices(config); err != nil { ++ return newSystemError(err) ++ } ++ if err := setupPtmx(config, console); err != nil { ++ return newSystemError(err) ++ } ++ if err := setupDevSymlinks(config.Rootfs); err != nil { ++ return newSystemError(err) ++ } + } + if err := syscall.Chdir(config.Rootfs); err != nil { + return newSystemError(err) +@@ -63,8 +67,10 @@ func setupRootfs(config *configs.Config, console *linuxConsole) (err error) { + if err != nil { + return newSystemError(err) + } +- if err := reOpenDevNull(config.Rootfs); err != nil { +- return newSystemError(err) ++ if !setupDev { ++ if err := reOpenDevNull(config.Rootfs); err != nil { ++ return newSystemError(err) ++ } + } + if config.Readonlyfs { + if err := setReadonly(); err != nil { diff --git a/dev-setup.patch b/dev-setup.patch new file mode 100644 index 0000000..3081065 --- /dev/null +++ b/dev-setup.patch @@ -0,0 +1,25 @@ +From 4911b588627619b0e5c9cec5180b5aeea1e5fcd9 Mon Sep 17 00:00:00 2001 +From: Mrunal Patel +Date: Mon, 28 Sep 2015 18:28:16 -0400 +Subject: [PATCH] Skip /dev setup in container when it is bind mounted in + +We need to set the device array to nil to skip /dev setup in runc/libcontainer. +See https://github.com/opencontainers/runc/commit/c9d58506297ed6c86c9d8a91d861e4de3772e699 + +Signed-off-by: Mrunal Patel +--- + daemon/execdriver/native/create.go | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/daemon/execdriver/native/create.go b/daemon/execdriver/native/create.go +index d76dbd2..063fd28 100644 +--- a/daemon/execdriver/native/create.go ++++ b/daemon/execdriver/native/create.go +@@ -260,6 +260,7 @@ func (d *Driver) setupMounts(container *configs.Config, c *execdriver.Command) e + for _, m := range container.Mounts { + if _, ok := userMounts[m.Destination]; !ok { + if mountDev && strings.HasPrefix(m.Destination, "/dev/") { ++ container.Devices = nil + continue + } + defaultMounts = append(defaultMounts, m) diff --git a/docker.spec b/docker.spec index 7fb6a32..6f41e07 100644 --- a/docker.spec +++ b/docker.spec @@ -54,7 +54,7 @@ Name: %{repo} Version: 1.8.2 -Release: 5.git%{d_shortcommit}%{?dist} +Release: 6.git%{d_shortcommit}%{?dist} Summary: Automates deployment of containerized applications License: ASL 2.0 URL: http://www.%{repo}.com @@ -595,6 +595,12 @@ fi %changelog * Thu Oct 01 2015 Lokesh Mandvekar - 1.8.2-6.gitcb216be +- built docker @rhatdan/fedora-1.8 commit#cb216be +- built docker-selinux master commit#2ed73eb +- built d-s-s master commit#6898d43 +- built docker-utils master commit#dab51ac + +* Thu Oct 01 2015 Lokesh Mandvekar - 1.8.2-6.gitcb216be - Resolves: rhbz#1267975 * Thu Oct 01 2015 Lokesh Mandvekar - 1.8.2-5.gitcb216be