diff --git a/Dockerfile b/Dockerfile index 56da7fe1b0..71d5017517 100644 --- a/Dockerfile +++ b/Dockerfile @@ -96,8 +96,7 @@ RUN set -x \ ENV PATH /osxcross/target/bin:$PATH # install seccomp -# this can be changed to the ubuntu package libseccomp-dev if dockerinit is removed, -# we need libseccomp.a (which the package does not provide) for dockerinit +# TODO: switch to libseccomp-dev since dockerinit is gone ENV SECCOMP_VERSION 2.2.3 RUN set -x \ && export SECCOMP_PATH="$(mktemp -d)" \ @@ -114,7 +113,7 @@ RUN set -x \ # Install Go # IMPORTANT: If the version of Go is updated, the Windows to Linux CI machines -# will need updating, to avoid errors. Ping #docker-maintainers on IRC +# will need updating, to avoid errors. Ping #docker-maintainers on IRC # with a heads-up. ENV GO_VERSION 1.5.3 RUN curl -fsSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" \ diff --git a/Dockerfile.armhf b/Dockerfile.armhf index 3239edb9c5..1bef8ecbcb 100644 --- a/Dockerfile.armhf +++ b/Dockerfile.armhf @@ -111,8 +111,7 @@ RUN git clone https://github.com/golang/lint.git /go/src/github.com/golang/lint && go install -v github.com/golang/lint/golint # install seccomp -# this can be changed to the ubuntu package libseccomp-dev if dockerinit is removed, -# we need libseccomp.a (which the package does not provide) for dockerinit +# TODO: switch to libseccomp-dev since dockerinit is gone ENV SECCOMP_VERSION 2.2.3 RUN set -x \ && export SECCOMP_PATH="$(mktemp -d)" \ diff --git a/Dockerfile.gccgo b/Dockerfile.gccgo index 6d184f0d14..856489d527 100644 --- a/Dockerfile.gccgo +++ b/Dockerfile.gccgo @@ -42,8 +42,7 @@ RUN cd /usr/local/lvm2 \ # see https://git.fedorahosted.org/cgit/lvm2.git/tree/INSTALL # install seccomp -# this can be changed to the ubuntu package libseccomp-dev if dockerinit is removed, -# we need libseccomp.a (which the package does not provide) for dockerinit +# TODO: switch to libseccomp-dev since dockerinit is gone ENV SECCOMP_VERSION v2.2.3 RUN set -x \ && export SECCOMP_PATH=$(mktemp -d) \ diff --git a/api/client/info.go b/api/client/info.go index 42f06826e3..4c61633df4 100644 --- a/api/client/info.go +++ b/api/client/info.go @@ -74,8 +74,6 @@ func (cli *DockerCli) CmdInfo(args ...string) error { fmt.Fprintf(cli.out, " Goroutines: %d\n", info.NGoroutines) fmt.Fprintf(cli.out, " System Time: %s\n", info.SystemTime) fmt.Fprintf(cli.out, " EventsListeners: %d\n", info.NEventsListener) - fmt.Fprintf(cli.out, " Init SHA1: %s\n", info.InitSha1) - fmt.Fprintf(cli.out, " Init Path: %s\n", info.InitPath) fmt.Fprintf(cli.out, " Docker Root Dir: %s\n", info.DockerRootDir) } diff --git a/container/container_unix.go b/container/container_unix.go index 9510a247c4..3db1444f2c 100644 --- a/container/container_unix.go +++ b/container/container_unix.go @@ -63,10 +63,6 @@ func (container *Container) CreateDaemonEnvironment(linkedEnv []string) []string env := []string{ "PATH=" + system.DefaultPathEnv, "HOSTNAME=" + fullHostname, - // Note: we don't set HOME here because it'll get autoset intelligently - // based on the value of USER inside dockerinit, but only if it isn't - // set already (ie, that can be overridden by setting HOME via -e or ENV - // in a Dockerfile). } if container.Config.Tty { env = append(env, "TERM=xterm") diff --git a/contrib/builder/rpm/generate.sh b/contrib/builder/rpm/generate.sh index 323502c6d0..00749b092d 100755 --- a/contrib/builder/rpm/generate.sh +++ b/contrib/builder/rpm/generate.sh @@ -118,9 +118,7 @@ for version in "${versions[@]}"; do echo >> "$version/Dockerfile" - # fedora does not have a libseccomp.a for compiling static dockerinit - # ONLY install libseccomp.a from source, this can be removed once dockerinit is removed - # TODO remove this manual seccomp compilation once dockerinit is gone or no longer needs to be statically compiled + # TODO remove this since dockerinit is finally gone case "$from" in fedora:*) awk '$1 == "ENV" && $2 == "SECCOMP_VERSION" { print; exit }' ../../../Dockerfile >> "$version/Dockerfile" diff --git a/daemon/container_operations_unix.go b/daemon/container_operations_unix.go index 04496133a7..8eaedcca81 100644 --- a/daemon/container_operations_unix.go +++ b/daemon/container_operations_unix.go @@ -254,7 +254,6 @@ func (daemon *Daemon) populateCommand(c *container.Container, env []string) erro c.Command = &execdriver.Command{ CommonCommand: execdriver.CommonCommand{ ID: c.ID, - InitPath: "/.dockerinit", MountLabel: c.GetMountLabel(), Network: en, ProcessConfig: processConfig, diff --git a/daemon/container_operations_windows.go b/daemon/container_operations_windows.go index 23bc6459cd..b812bfc5f4 100644 --- a/daemon/container_operations_windows.go +++ b/daemon/container_operations_windows.go @@ -124,7 +124,6 @@ func (daemon *Daemon) populateCommand(c *container.Container, env []string) erro CommonCommand: execdriver.CommonCommand{ ID: c.ID, Rootfs: c.BaseFS, - InitPath: "/.dockerinit", WorkingDir: c.Config.WorkingDir, Network: en, MountLabel: c.GetMountLabel(), diff --git a/daemon/daemon_unix.go b/daemon/daemon_unix.go index 8f948e0a74..11dc7c7c71 100644 --- a/daemon/daemon_unix.go +++ b/daemon/daemon_unix.go @@ -688,8 +688,7 @@ func initBridgeDriver(controller libnetwork.NetworkController, config *Config) e } // setupInitLayer populates a directory with mountpoints suitable -// for bind-mounting dockerinit into the container. The mountpoint is simply an -// empty file at /.dockerinit +// for bind-mounting things into the container. // // This extra layer is used by all containers as the top-most ro layer. It protects // the container from unwanted side-effects on the rw layer. @@ -699,7 +698,6 @@ func setupInitLayer(initLayer string, rootUID, rootGID int) error { "/dev/shm": "dir", "/proc": "dir", "/sys": "dir", - "/.dockerinit": "file", "/.dockerenv": "file", "/etc/resolv.conf": "file", "/etc/hosts": "file", diff --git a/daemon/execdriver/driver.go b/daemon/execdriver/driver.go index 465e038ec2..ba47b74e72 100644 --- a/daemon/execdriver/driver.go +++ b/daemon/execdriver/driver.go @@ -131,7 +131,6 @@ type CommonProcessConfig struct { type CommonCommand struct { ContainerPid int `json:"container_pid"` // the pid for the process inside a container ID string `json:"id"` - InitPath string `json:"initpath"` // dockerinit MountLabel string `json:"mount_label"` // TODO Windows. More involved, but can be factored out Mounts []Mount `json:"mounts"` Network *Network `json:"network"` diff --git a/daemon/info.go b/daemon/info.go index 008ac20a5f..20d8356d44 100644 --- a/daemon/info.go +++ b/daemon/info.go @@ -49,11 +49,6 @@ func (daemon *Daemon) SystemInfo() (*types.Info, error) { logrus.Errorf("Could not read system memory info: %v", err) } - // if we still have the original dockerinit binary from before - // we copied it locally, let's return the path to that, since - // that's more intuitive (the copied path is trivial to derive - // by hand given VERSION) - initPath := utils.DockerInitPath("") sysInfo := sysinfo.New(true) var cRunning, cPaused, cStopped int32 @@ -94,8 +89,6 @@ func (daemon *Daemon) SystemInfo() (*types.Info, error) { OSType: platform.OSType, Architecture: platform.Architecture, RegistryConfig: daemon.RegistryService.Config, - InitSha1: dockerversion.InitSHA1, - InitPath: initPath, NCPU: runtime.NumCPU(), MemTotal: meminfo.MemTotal, DockerRootDir: daemon.configStore.Root, diff --git a/dockerinit/dockerinit.go b/dockerinit/dockerinit.go deleted file mode 100644 index 8a0be56884..0000000000 --- a/dockerinit/dockerinit.go +++ /dev/null @@ -1,11 +0,0 @@ -package main - -import ( - _ "github.com/docker/docker/daemon/execdriver/native" - "github.com/docker/docker/pkg/reexec" -) - -func main() { - // Running in init mode - reexec.Init() -} diff --git a/dockerversion/version_lib.go b/dockerversion/version_lib.go index 1d5862d310..6644bce200 100644 --- a/dockerversion/version_lib.go +++ b/dockerversion/version_lib.go @@ -9,8 +9,5 @@ const ( GitCommit string = "library-import" Version string = "library-import" BuildTime string = "library-import" - IAmStatic string = "library-import" - InitSHA1 string = "library-import" - InitPath string = "library-import" ) diff --git a/hack/.vendor-helpers.sh b/hack/.vendor-helpers.sh index e3be72bc81..fcc745c4da 100755 --- a/hack/.vendor-helpers.sh +++ b/hack/.vendor-helpers.sh @@ -76,7 +76,6 @@ _dockerfile_env() { clean() { local packages=( "${PROJECT}/docker" # package main - "${PROJECT}/dockerinit" # package main "${PROJECT}/integration-cli" # external tests ) local dockerPlatforms=( ${DOCKER_ENGINE_OSARCH:="linux/amd64"} $(_dockerfile_env DOCKER_CROSSPLATFORMS) ) diff --git a/hack/make.sh b/hack/make.sh index dc6cffa173..6e007ccf20 100755 --- a/hack/make.sh +++ b/hack/make.sh @@ -237,7 +237,6 @@ test_env() { HOME="$ABS_DEST/fake-HOME" \ PATH="$PATH" \ TEMP="$TEMP" \ - TEST_DOCKERINIT_PATH="$TEST_DOCKERINIT_PATH" \ "$@" } diff --git a/hack/make/.build-deb/rules b/hack/make/.build-deb/rules index 2c7f6c4fbc..892821509c 100755 --- a/hack/make/.build-deb/rules +++ b/hack/make/.build-deb/rules @@ -17,14 +17,12 @@ override_dh_auto_test: ./bundles/$(VERSION)/dynbinary/docker -v override_dh_strip: - # the SHA1 of dockerinit is important: don't strip it - # also, Go has lots of problems with stripping, so just don't + # Go has lots of problems with stripping, so just don't override_dh_auto_install: mkdir -p debian/docker-engine/usr/bin cp -aT "$$(readlink -f bundles/$(VERSION)/dynbinary/docker)" debian/docker-engine/usr/bin/docker mkdir -p debian/docker-engine/usr/lib/docker - cp -aT "$$(readlink -f bundles/$(VERSION)/dynbinary/dockerinit)" debian/docker-engine/usr/lib/docker/dockerinit override_dh_installinit: # use "docker" as our service name, not "docker-engine" diff --git a/hack/make/.build-rpm/docker-engine.spec b/hack/make/.build-rpm/docker-engine.spec index 2fc1406a9f..53b7cd7a7b 100644 --- a/hack/make/.build-rpm/docker-engine.spec +++ b/hack/make/.build-rpm/docker-engine.spec @@ -11,11 +11,6 @@ URL: https://dockerproject.org Vendor: Docker Packager: Docker -# docker builds in a checksum of dockerinit into docker, -# # so stripping the binaries breaks docker -%global __os_install_post %{_rpmconfigdir}/brp-compress -%global debug_package %{nil} - # is_systemd conditional %if 0%{?fedora} >= 21 || 0%{?centos} >= 7 || 0%{?rhel} >= 7 || 0%{?suse_version} >= 1300 %global is_systemd 1 @@ -124,10 +119,6 @@ export DOCKER_GITCOMMIT=%{_gitcommit} install -d $RPM_BUILD_ROOT/%{_bindir} install -p -m 755 bundles/%{_origversion}/dynbinary/docker-%{_origversion} $RPM_BUILD_ROOT/%{_bindir}/docker -# install dockerinit -install -d $RPM_BUILD_ROOT/%{_libexecdir}/docker -install -p -m 755 bundles/%{_origversion}/dynbinary/dockerinit-%{_origversion} $RPM_BUILD_ROOT/%{_libexecdir}/docker/dockerinit - # install udev rules install -d $RPM_BUILD_ROOT/%{_sysconfdir}/udev/rules.d install -p -m 644 contrib/udev/80-docker.rules $RPM_BUILD_ROOT/%{_sysconfdir}/udev/rules.d/80-docker.rules @@ -175,7 +166,6 @@ install -p -m 644 contrib/syntax/nano/Dockerfile.nanorc $RPM_BUILD_ROOT/usr/shar %files %doc AUTHORS CHANGELOG.md CONTRIBUTING.md LICENSE MAINTAINERS NOTICE README.md /%{_bindir}/docker -/%{_libexecdir}/docker/dockerinit /%{_sysconfdir}/udev/rules.d/80-docker.rules %if 0%{?is_systemd} /%{_unitdir}/docker.service diff --git a/hack/make/.dockerinit b/hack/make/.dockerinit deleted file mode 100644 index 4a62ee1add..0000000000 --- a/hack/make/.dockerinit +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -set -e - -IAMSTATIC="true" -source "${MAKEDIR}/.go-autogen" - -# dockerinit still needs to be a static binary, even if docker is dynamic -go build \ - -o "$DEST/dockerinit-$VERSION" \ - "${BUILDFLAGS[@]}" \ - -ldflags " - $LDFLAGS - $LDFLAGS_STATIC - -extldflags \"$EXTLDFLAGS_STATIC\" - " \ - ./dockerinit - -echo "Created binary: $DEST/dockerinit-$VERSION" -ln -sf "dockerinit-$VERSION" "$DEST/dockerinit" - -sha1sum= -if command -v sha1sum &> /dev/null; then - sha1sum=sha1sum -elif command -v shasum &> /dev/null; then - # Mac OS X - why couldn't they just use the same command name and be happy? - sha1sum=shasum -else - echo >&2 'error: cannot find sha1sum command or equivalent' - exit 1 -fi - -# sha1 our new dockerinit to ensure separate docker and dockerinit always run in a perfect pair compiled for one another -export DOCKER_INITSHA1=$($sha1sum "$DEST/dockerinit-$VERSION" | cut -d' ' -f1) diff --git a/hack/make/.dockerinit-gccgo b/hack/make/.dockerinit-gccgo deleted file mode 100644 index 3caa526216..0000000000 --- a/hack/make/.dockerinit-gccgo +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -set -e - -IAMSTATIC="true" -source "${MAKEDIR}/.go-autogen" - -# dockerinit still needs to be a static binary, even if docker is dynamic -go build --compiler=gccgo \ - -o "$DEST/dockerinit-$VERSION" \ - "${BUILDFLAGS[@]}" \ - --gccgoflags " - -g - -Wl,--no-export-dynamic - $EXTLDFLAGS_STATIC - -lnetgo - " \ - ./dockerinit - -echo "Created binary: $DEST/dockerinit-$VERSION" -ln -sf "dockerinit-$VERSION" "$DEST/dockerinit" - -sha1sum= -if command -v sha1sum &> /dev/null; then - sha1sum=sha1sum -else - echo >&2 'error: cannot find sha1sum command or equivalent' - exit 1 -fi - -# sha1 our new dockerinit to ensure separate docker and dockerinit always run in a perfect pair compiled for one another -export DOCKER_INITSHA1=$($sha1sum "$DEST/dockerinit-$VERSION" | cut -d' ' -f1) diff --git a/hack/make/.go-autogen b/hack/make/.go-autogen index 71f8370b5c..c8e13b4796 100644 --- a/hack/make/.go-autogen +++ b/hack/make/.go-autogen @@ -14,10 +14,7 @@ const ( GitCommit string = "$GITCOMMIT" Version string = "$VERSION" BuildTime string = "$BUILDTIME" - IAmStatic string = "${IAMSTATIC:-true}" - InitSHA1 string = "$DOCKER_INITSHA1" - InitPath string = "$DOCKER_INITPATH" ) // AUTOGENERATED FILE; see $BASH_SOURCE DVEOF @@ -44,9 +41,9 @@ When make binary is run, the Dockerfile prepares the build environment by: make.sh invokes hack/make/.go-autogen to: - - Run rsrc to create a binary file (autogen/winresources/rsrc.syso) that - contains the manifest and icon. This file is automatically picked up by - 'go build', so no post-processing steps are required. The sources for + - Run rsrc to create a binary file (autogen/winresources/rsrc.syso) that + contains the manifest and icon. This file is automatically picked up by + 'go build', so no post-processing steps are required. The sources for rsrc.syso are under hack/make/.resources-windows. */ diff --git a/hack/make/dynbinary b/hack/make/dynbinary index e5fc0be262..1d1a8e3d95 100644 --- a/hack/make/dynbinary +++ b/hack/make/dynbinary @@ -1,16 +1,6 @@ #!/bin/bash set -e -if [ -z "$DOCKER_CLIENTONLY" ]; then - source "${MAKEDIR}/.dockerinit" - - hash_files "$DEST/dockerinit-$VERSION" -else - # DOCKER_CLIENTONLY must be truthy, so we don't need to bother with dockerinit :) - export DOCKER_INITSHA1="" -fi -# DOCKER_INITSHA1 is exported so that other bundlescripts can easily access it later without recalculating it - ( export IAMSTATIC="false" export LDFLAGS_STATIC_DOCKER='' diff --git a/hack/make/dyngccgo b/hack/make/dyngccgo index 07476370b1..a9019e8cfa 100644 --- a/hack/make/dyngccgo +++ b/hack/make/dyngccgo @@ -1,16 +1,6 @@ #!/bin/bash set -e -if [ -z "$DOCKER_CLIENTONLY" ]; then - source "${MAKEDIR}/.dockerinit-gccgo" - - hash_files "$DEST/dockerinit-$VERSION" -else - # DOCKER_CLIENTONLY must be truthy, so we don't need to bother with dockerinit :) - export DOCKER_INITSHA1="" -fi -# DOCKER_INITSHA1 is exported so that other bundlescripts can easily access it later without recalculating it - ( export IAMSTATIC="false" export EXTLDFLAGS_STATIC='' diff --git a/integration-cli/docker_cli_diff_test.go b/integration-cli/docker_cli_diff_test.go index 4f29d36975..e0d0914f6c 100644 --- a/integration-cli/docker_cli_diff_test.go +++ b/integration-cli/docker_cli_diff_test.go @@ -27,10 +27,10 @@ func (s *DockerSuite) TestDiffFilenameShownInOutput(c *check.C) { } // test to ensure GH #3840 doesn't occur any more -func (s *DockerSuite) TestDiffEnsureDockerinitFilesAreIgnored(c *check.C) { +func (s *DockerSuite) TestDiffEnsureInitLayerFilesAreIgnored(c *check.C) { testRequires(c, DaemonIsLinux) // this is a list of files which shouldn't show up in `docker diff` - dockerinitFiles := []string{"/etc/resolv.conf", "/etc/hostname", "/etc/hosts", "/.dockerinit", "/.dockerenv"} + initLayerFiles := []string{"/etc/resolv.conf", "/etc/hostname", "/etc/hosts", "/.dockerenv"} containerCount := 5 // we might not run into this problem from the first run, so start a few containers @@ -41,7 +41,7 @@ func (s *DockerSuite) TestDiffEnsureDockerinitFilesAreIgnored(c *check.C) { cleanCID := strings.TrimSpace(out) out, _ = dockerCmd(c, "diff", cleanCID) - for _, filename := range dockerinitFiles { + for _, filename := range initLayerFiles { c.Assert(out, checker.Not(checker.Contains), filename) } } diff --git a/pkg/mount/mountinfo_linux_test.go b/pkg/mount/mountinfo_linux_test.go index 812d12e826..bd100e1d49 100644 --- a/pkg/mount/mountinfo_linux_test.go +++ b/pkg/mount/mountinfo_linux_test.go @@ -224,7 +224,6 @@ const ( 43 16 0:34 / /proc/fs/nfsd rw,nosuid,nodev,noexec,relatime - nfsd nfsd rw 44 15 0:35 / /home/tianon/.gvfs rw,nosuid,nodev,relatime - fuse.gvfs-fuse-daemon gvfs-fuse-daemon rw,user_id=1000,group_id=1000 68 15 0:3336 / /var/lib/docker/aufs/mnt/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd rw,relatime - aufs none rw,si=9b4a7640128db39c -85 68 8:6 /var/lib/docker/init/dockerinit-0.7.2-dev//deleted /var/lib/docker/aufs/mnt/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd/.dockerinit rw,noatime,nodiratime - ext4 /dev/sda6 rw,data=ordered 86 68 8:6 /var/lib/docker/containers/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd/config.env /var/lib/docker/aufs/mnt/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd/.dockerenv rw,noatime,nodiratime - ext4 /dev/sda6 rw,data=ordered 87 68 8:6 /etc/resolv.conf /var/lib/docker/aufs/mnt/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd/etc/resolv.conf rw,noatime,nodiratime - ext4 /dev/sda6 rw,data=ordered 88 68 8:6 /var/lib/docker/containers/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd/hostname /var/lib/docker/aufs/mnt/3597a1a6d6298c1decc339ebb90aad6f7d6ba2e15af3131b1f85e7ee4787a0cd/etc/hostname rw,noatime,nodiratime - ext4 /dev/sda6 rw,data=ordered diff --git a/utils/utils.go b/utils/utils.go index 340b9e4cfb..49f50ddd43 100644 --- a/utils/utils.go +++ b/utils/utils.go @@ -1,124 +1,17 @@ package utils import ( - "crypto/sha1" - "encoding/hex" "fmt" - "io" "io/ioutil" "os" - "os/exec" - "path/filepath" "runtime" "strings" "github.com/docker/distribution/registry/api/errcode" - "github.com/docker/docker/dockerversion" "github.com/docker/docker/pkg/archive" "github.com/docker/docker/pkg/stringid" ) -// SelfPath figures out the absolute path of our own binary (if it's still around). -func SelfPath() string { - path, err := exec.LookPath(os.Args[0]) - if err != nil { - if os.IsNotExist(err) { - return "" - } - if execErr, ok := err.(*exec.Error); ok && os.IsNotExist(execErr.Err) { - return "" - } - panic(err) - } - path, err = filepath.Abs(path) - if err != nil { - if os.IsNotExist(err) { - return "" - } - panic(err) - } - return path -} - -func dockerInitSha1(target string) string { - f, err := os.Open(target) - if err != nil { - return "" - } - defer f.Close() - h := sha1.New() - _, err = io.Copy(h, f) - if err != nil { - return "" - } - return hex.EncodeToString(h.Sum(nil)) -} - -func isValidDockerInitPath(target string, selfPath string) bool { // target and selfPath should be absolute (InitPath and SelfPath already do this) - if target == "" { - return false - } - if dockerversion.IAmStatic == "true" { - if selfPath == "" { - return false - } - if target == selfPath { - return true - } - targetFileInfo, err := os.Lstat(target) - if err != nil { - return false - } - selfPathFileInfo, err := os.Lstat(selfPath) - if err != nil { - return false - } - return os.SameFile(targetFileInfo, selfPathFileInfo) - } - return dockerversion.InitSHA1 != "" && dockerInitSha1(target) == dockerversion.InitSHA1 -} - -// DockerInitPath figures out the path of our dockerinit (which may be SelfPath()) -func DockerInitPath(localCopy string) string { - selfPath := SelfPath() - if isValidDockerInitPath(selfPath, selfPath) { - // if we're valid, don't bother checking anything else - return selfPath - } - var possibleInits = []string{ - localCopy, - dockerversion.InitPath, - filepath.Join(filepath.Dir(selfPath), "dockerinit"), - - // FHS 3.0 Draft: "/usr/libexec includes internal binaries that are not intended to be executed directly by users or shell scripts. Applications may use a single subdirectory under /usr/libexec." - // https://www.linuxbase.org/betaspecs/fhs/fhs.html#usrlibexec - "/usr/libexec/docker/dockerinit", - "/usr/local/libexec/docker/dockerinit", - - // FHS 2.3: "/usr/lib includes object files, libraries, and internal binaries that are not intended to be executed directly by users or shell scripts." - // https://refspecs.linuxfoundation.org/FHS_2.3/fhs-2.3.html#USRLIBLIBRARIESFORPROGRAMMINGANDPA - "/usr/lib/docker/dockerinit", - "/usr/local/lib/docker/dockerinit", - } - for _, dockerInit := range possibleInits { - if dockerInit == "" { - continue - } - path, err := exec.LookPath(dockerInit) - if err == nil { - path, err = filepath.Abs(path) - if err != nil { - // LookPath already validated that this file exists and is executable (following symlinks), so how could Abs fail? - panic(err) - } - if isValidDockerInitPath(path, selfPath) { - return path - } - } - } - return "" -} - var globalTestID string // TestDirectory creates a new temporary directory and returns its path.