Disabled remote access to dockerd. Preferred usage is over ssh.

2022-11-09 12:21:53 -05:00 · 2013-02-12 08:37:12 -08:00 · 2013-02-12 08:37:12 -08:00 · f330c2a248
commit f330c2a248
parent bded592a15
3 changed files with 20 additions and 12 deletions
--- a/docker/docker.go
+++ b/docker/docker.go
@ -8,7 +8,6 @@ import (
 	"os"
 	"syscall"
 	"unsafe"
-	"fmt"
 )


@ -161,10 +160,6 @@ func Fatal(err error) {

 func main() {
 	var err error
-	if os.Getenv("DOCKER") == "" {
-		fmt.Printf("Can't connect. Please set environment variable DOCKER to ip:port, eg. 'localhost:4242'.\n")
-		os.Exit(1)
-	}
 	if IsTerminal(0) && os.Getenv("NORAW") == "" {
 		oldState, err = MakeRaw(0)
 		if err != nil {
@ -172,7 +167,11 @@ func main() {
 		}
 		defer Restore(0, oldState)
 	}
-	conn, err := rcli.CallTCP(os.Getenv("DOCKER"), os.Args[1:]...)
+	// FIXME: we want to use unix sockets here, but net.UnixConn doesn't expose
+	// CloseWrite(), which we need to cleanly signal that stdin is closed without
+	// closing the connection.
+	// See http://code.google.com/p/go/issues/detail?id=3345
+	conn, err := rcli.Call("tcp", "127.0.0.1:4242", os.Args[1:]...)
 	if err != nil {
 		Fatal(err)
 	}
--- a/dockerd/dockerd.go
+++ b/dockerd/dockerd.go
@ -740,7 +740,11 @@ func main() {
 			log.Fatal(err)
 		}
 	}()
-	if err := rcli.ListenAndServeTCP(":4242", d); err != nil {
+	// FIXME: we want to use unix sockets here, but net.UnixConn doesn't expose
+	// CloseWrite(), which we need to cleanly signal that stdin is closed without
+	// closing the connection.
+	// See http://code.google.com/p/go/issues/detail?id=3345
+	if err := rcli.ListenAndServe("tcp", "127.0.0.1:4242", d); err != nil {
 		log.Fatal(err)
 	}
 }
--- a/rcli/tcp.go
+++ b/rcli/tcp.go
@ -10,12 +10,15 @@ import (
 	"bufio"
 )

-func CallTCP(addr string, args ...string) (*net.TCPConn, error) {
+// Connect to a remote endpoint using protocol `proto` and address `addr`,
+// issue a single call, and return the result.
+// `proto` may be "tcp", "unix", etc. See the `net` package for available protocols.
+func Call(proto, addr string, args ...string) (*net.TCPConn, error) {
 	cmd, err := json.Marshal(args)
 	if err != nil {
 		return nil, err
 	}
-	conn, err := net.Dial("tcp", addr)
+	conn, err := net.Dial(proto, addr)
 	if err != nil {
 		return nil, err
 	}
@ -25,12 +28,14 @@ func CallTCP(addr string, args ...string) (*net.TCPConn, error) {
 	return conn.(*net.TCPConn), nil
 }

-func ListenAndServeTCP(addr string, service Service) error {
-	listener, err := net.Listen("tcp", addr)
+// Listen on `addr`, using protocol `proto`, for incoming rcli calls,
+// and pass them to `service`.
+func ListenAndServe(proto, addr string, service Service) error {
+	listener, err := net.Listen(proto, addr)
 	if err != nil {
 		return err
 	}
-	log.Printf("Listening for RCLI/TCP on %s\n", addr)
+	log.Printf("Listening for RCLI/%s on %s\n", proto, addr)
 	defer listener.Close()
 	for {
 		if conn, err := listener.Accept(); err != nil {