Update libcontainer to 4a72e540feb67091156b907c4700e580a99f5a9d

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>

daemon/execdriver/native/template/default_template.go

@@ -40,6 +40,26 @@ func New() *configs.Config {
 			AllowAllDevices: false,
 		},
 		Mounts: []*configs.Mount{
+			{
+				Source:      "proc",
+				Destination: "/proc",
+				Device:      "proc",
+				Flags:       defaultMountFlags,
+			},
+			{
+				Source:      "tmpfs",
+				Destination: "/dev",
+				Device:      "tmpfs",
+				Flags:       syscall.MS_NOSUID | syscall.MS_STRICTATIME,
+				Data:        "mode=755",
+			},
+			{
+				Source:      "devpts",
+				Destination: "/dev/pts",
+				Device:      "devpts",
+				Flags:       syscall.MS_NOSUID | syscall.MS_NOEXEC,
+				Data:        "newinstance,ptmxmode=0666,mode=0620,gid=5",
+			},
 			{
 				Device:      "tmpfs",
 				Source:      "shm",

hack/vendor.sh

@@ -75,7 +75,7 @@ rm -rf src/github.com/docker/distribution
 mkdir -p src/github.com/docker/distribution
 mv tmp-digest src/github.com/docker/distribution/digest
 
-clone git github.com/docker/libcontainer 52a8c004ca94cf98f6866536de828c71eb42d1ec
+clone git github.com/docker/libcontainer 4a72e540feb67091156b907c4700e580a99f5a9d
 # see src/github.com/docker/libcontainer/update-vendor.sh which is the "source of truth" for libcontainer deps (just like this file)
 rm -rf src/github.com/docker/libcontainer/vendor
 eval "$(grep '^clone ' src/github.com/docker/libcontainer/update-vendor.sh | grep -v 'github.com/codegangsta/cli' | grep -v 'github.com/Sirupsen/logrus')"

vendor/src/github.com/coreos/go-systemd/activation/listeners.go

@@ -30,7 +30,7 @@ func Listeners(unsetEnv bool) ([]net.Listener, error) {
 		var err error
 		listeners[i], err = net.FileListener(f)
 		if err != nil {
-			return nil, fmt.Errorf("Error setting up FileListener for fd %d: %v", f.Fd(), err)
+			return nil, fmt.Errorf("Error setting up FileListener for fd %d: %s", f.Fd(), err.Error())
 		}
 	}
 

vendor/src/github.com/docker/libcontainer/container.go

@@ -96,7 +96,7 @@ type Container interface {
 	//
 	// errors:
 	// Systemerror - System error.
-	Set() error
+	Set(config configs.Config) error
 
 	// Start a process inside the container. Returns error if process fails to
 	// start. You can track process lifecycle with passed Process structure.

vendor/src/github.com/docker/libcontainer/container_linux.go

@@ -78,9 +78,10 @@ func (c *linuxContainer) Stats() (*Stats, error) {
 	return stats, nil
 }
 
-func (c *linuxContainer) Set() error {
+func (c *linuxContainer) Set(config configs.Config) error {
 	c.m.Lock()
 	defer c.m.Unlock()
+	c.config = &config
 	return c.cgroupManager.Set(c.config)
 }
 

vendor/src/github.com/docker/libcontainer/factory_linux.go

@@ -10,7 +10,9 @@ import (
 	"os/exec"
 	"path/filepath"
 	"regexp"
+	"syscall"
 
+	"github.com/docker/docker/pkg/mount"
 	"github.com/docker/libcontainer/cgroups"
 	"github.com/docker/libcontainer/cgroups/fs"
 	"github.com/docker/libcontainer/cgroups/systemd"
@@ -78,6 +80,20 @@ func Cgroupfs(l *LinuxFactory) error {
 	return nil
 }
 
+// TmpfsRoot is an option func to mount LinuxFactory.Root to tmpfs.
+func TmpfsRoot(l *LinuxFactory) error {
+	mounted, err := mount.Mounted(l.Root)
+	if err != nil {
+		return err
+	}
+	if !mounted {
+		if err := syscall.Mount("tmpfs", l.Root, "tmpfs", 0, ""); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
 // New returns a linux based container factory based in the root directory and
 // configures the factory with the provided option funcs.
 func New(root string, options ...func(*LinuxFactory) error) (Factory, error) {

vendor/src/github.com/docker/libcontainer/factory_linux_test.go

@@ -9,6 +9,7 @@ import (
 	"path/filepath"
 	"testing"
 
+	"github.com/docker/docker/pkg/mount"
 	"github.com/docker/libcontainer/configs"
 )
 
@@ -17,9 +18,6 @@ func newTestRoot() (string, error) {
 	if err != nil {
 		return "", err
 	}
-	if err := os.MkdirAll(dir, 0700); err != nil {
-		return "", err
-	}
 	return dir, nil
 }
 
@@ -49,6 +47,58 @@ func TestFactoryNew(t *testing.T) {
 	}
 }
 
+func TestFactoryNewTmpfs(t *testing.T) {
+	root, rerr := newTestRoot()
+	if rerr != nil {
+		t.Fatal(rerr)
+	}
+	defer os.RemoveAll(root)
+	factory, err := New(root, Cgroupfs, TmpfsRoot)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if factory == nil {
+		t.Fatal("factory should not be nil")
+	}
+	lfactory, ok := factory.(*LinuxFactory)
+	if !ok {
+		t.Fatal("expected linux factory returned on linux based systems")
+	}
+	if lfactory.Root != root {
+		t.Fatalf("expected factory root to be %q but received %q", root, lfactory.Root)
+	}
+
+	if factory.Type() != "libcontainer" {
+		t.Fatalf("unexpected factory type: %q, expected %q", factory.Type(), "libcontainer")
+	}
+	mounted, err := mount.Mounted(lfactory.Root)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if !mounted {
+		t.Fatalf("Factory Root is not mounted")
+	}
+	mounts, err := mount.GetMounts()
+	if err != nil {
+		t.Fatal(err)
+	}
+	var found bool
+	for _, m := range mounts {
+		if m.Mountpoint == lfactory.Root {
+			if m.Fstype != "tmpfs" {
+				t.Fatalf("Fstype of root: %s, expected %s", m.Fstype, "tmpfs")
+			}
+			if m.Source != "tmpfs" {
+				t.Fatalf("Source of root: %s, expected %s", m.Source, "tmpfs")
+			}
+			found = true
+		}
+	}
+	if !found {
+		t.Fatalf("Factory Root is not listed in mounts list")
+	}
+}
+
 func TestFactoryLoadNotExists(t *testing.T) {
 	root, rerr := newTestRoot()
 	if rerr != nil {

vendor/src/github.com/docker/libcontainer/integration/template_test.go

@@ -60,6 +60,26 @@ func newTemplateConfig(rootfs string) *configs.Config {
 		Devices:  configs.DefaultAutoCreatedDevices,
 		Hostname: "integration",
 		Mounts: []*configs.Mount{
+			{
+				Source:      "proc",
+				Destination: "/proc",
+				Device:      "proc",
+				Flags:       defaultMountFlags,
+			},
+			{
+				Source:      "tmpfs",
+				Destination: "/dev",
+				Device:      "tmpfs",
+				Flags:       syscall.MS_NOSUID | syscall.MS_STRICTATIME,
+				Data:        "mode=755",
+			},
+			{
+				Source:      "devpts",
+				Destination: "/dev/pts",
+				Device:      "devpts",
+				Flags:       syscall.MS_NOSUID | syscall.MS_NOEXEC,
+				Data:        "newinstance,ptmxmode=0666,mode=0620,gid=5",
+			},
 			{
 				Device:      "tmpfs",
 				Source:      "shm",

vendor/src/github.com/docker/libcontainer/nsinit/config.go

@@ -234,6 +234,26 @@ func getTemplate() *configs.Config {
 			"/proc/sys", "/proc/sysrq-trigger", "/proc/irq", "/proc/bus",
 		},
 		Mounts: []*configs.Mount{
+			{
+				Source:      "proc",
+				Destination: "/proc",
+				Device:      "proc",
+				Flags:       defaultMountFlags,
+			},
+			{
+				Source:      "tmpfs",
+				Destination: "/dev",
+				Device:      "tmpfs",
+				Flags:       syscall.MS_NOSUID | syscall.MS_STRICTATIME,
+				Data:        "mode=755",
+			},
+			{
+				Source:      "devpts",
+				Destination: "/dev/pts",
+				Device:      "devpts",
+				Flags:       syscall.MS_NOSUID | syscall.MS_NOEXEC,
+				Data:        "newinstance,ptmxmode=0666,mode=0620,gid=5",
+			},
 			{
 				Device:      "tmpfs",
 				Source:      "shm",

vendor/src/github.com/docker/libcontainer/rootfs_linux.go

@@ -17,37 +17,14 @@ import (
 
 const defaultMountFlags = syscall.MS_NOEXEC | syscall.MS_NOSUID | syscall.MS_NODEV
 
-var baseMounts = []*configs.Mount{
-	{
-		Source:      "proc",
-		Destination: "/proc",
-		Device:      "proc",
-		Flags:       defaultMountFlags,
-	},
-	{
-		Source:      "tmpfs",
-		Destination: "/dev",
-		Device:      "tmpfs",
-		Flags:       syscall.MS_NOSUID | syscall.MS_STRICTATIME,
-		Data:        "mode=755",
-	},
-	{
-		Source:      "devpts",
-		Destination: "/dev/pts",
-		Device:      "devpts",
-		Flags:       syscall.MS_NOSUID | syscall.MS_NOEXEC,
-		Data:        "newinstance,ptmxmode=0666,mode=0620,gid=5",
-	},
-}
-
 // setupRootfs sets up the devices, mount points, and filesystems for use inside a
 // new mount namespace.
 func setupRootfs(config *configs.Config, console *linuxConsole) (err error) {
 	if err := prepareRoot(config); err != nil {
 		return newSystemError(err)
 	}
-	for _, m := range append(baseMounts, config.Mounts...) {
-		if err := mount(m, config.Rootfs, config.MountLabel); err != nil {
+	for _, m := range config.Mounts {
+		if err := mountToRootfs(m, config.Rootfs, config.MountLabel); err != nil {
 			return newSystemError(err)
 		}
 	}
@@ -85,7 +62,7 @@ func setupRootfs(config *configs.Config, console *linuxConsole) (err error) {
 	return nil
 }
 
-func mount(m *configs.Mount, rootfs, mountLabel string) error {
+func mountToRootfs(m *configs.Mount, rootfs, mountLabel string) error {
 	var (
 		dest = m.Destination
 		data = label.FormatMountLabel(m.Data, mountLabel)

vendor/src/github.com/docker/libcontainer/user/user_test.go

@@ -198,7 +198,7 @@ this is just some garbage data
 
 		execUser, err := GetExecUser(test.ref, &defaultExecUser, passwd, group)
 		if err != nil {
-			t.Logf("got unexpected error when parsing '%s': %v", test.ref, err)
+			t.Logf("got unexpected error when parsing '%s': %s", test.ref, err.Error())
 			t.Fail()
 			continue
 		}
@@ -337,7 +337,7 @@ this is just some garbage data
 
 		execUser, err := GetExecUser(test.ref, &defaultExecUser, passwd, group)
 		if err != nil {
-			t.Logf("got unexpected error when parsing '%s': %v", test.ref, err)
+			t.Logf("got unexpected error when parsing '%s': %s", test.ref, err.Error())
 			t.Fail()
 			continue
 		}