mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
c3d7a0c603
These HostConfig properties were not validated until the OCI spec for the container
was created, which meant that `container run` and `docker create` would accept
invalid values, and the invalid value would not be detected until `start` was
called, returning a 500 "internal server error", as well as errors from containerd
("cleanup: failed to delete container from containerd: no such container") in the
daemon logs.
As a result, a faulty container was created, and the container state remained
in the `created` state.
This patch:
- Updates `oci.WithNamespaces()` to return the correct `errdefs.InvalidParameter`
- Updates `verifyPlatformContainerSettings()` to validate these settings, so that
an error is returned when _creating_ the container.
Before this patch:
docker run -dit --ipc=shared --name foo busybox
2a00d74e9fbb7960c4718def8f6c74fa8ee754030eeb93ee26a516e27d4d029f
docker: Error response from daemon: Invalid IPC mode: shared.
docker ps -a --filter name=foo
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2a00d74e9fbb busybox "sh" About a minute ago Created foo
After this patch:
docker run -dit --ipc=shared --name foo busybox
docker: Error response from daemon: invalid IPC mode: shared.
docker ps -a --filter name=foo
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
An integration test was added to verify the new validation, which can be run with:
make BIND_DIR=. TEST_FILTER=TestCreateInvalidHostConfig DOCKER_GRAPHDRIVER=vfs test-integration
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
|
||
|---|---|---|
| .. | ||
| attach_test.go | ||
| checkpoint_test.go | ||
| container_test.go | ||
| copy_test.go | ||
| create_test.go | ||
| daemon_linux_test.go | ||
| daemon_test.go | ||
| devices_windows_test.go | ||
| diff_test.go | ||
| exec_test.go | ||
| export_test.go | ||
| health_test.go | ||
| inspect_test.go | ||
| ipcmode_linux_test.go | ||
| kill_test.go | ||
| links_linux_test.go | ||
| logs_test.go | ||
| main_test.go | ||
| mounts_linux_test.go | ||
| nat_test.go | ||
| pause_test.go | ||
| pidmode_linux_test.go | ||
| ps_test.go | ||
| remove_test.go | ||
| rename_test.go | ||
| resize_test.go | ||
| restart_test.go | ||
| run_cgroupns_linux_test.go | ||
| run_linux_test.go | ||
| stats_test.go | ||
| stop_linux_test.go | ||
| stop_test.go | ||
| stop_windows_test.go | ||
| update_linux_test.go | ||
| update_test.go | ||
| wait_test.go | ||