kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity
moby--moby/daemon
History
Eric Windisch 80d99236c1 Move AppArmor policy to contrib & deb packaging 
The automatic installation of AppArmor policies prevents the
management of custom, site-specific apparmor policies for the
default container profile. Furthermore, this change will allow
a future policy for the engine itself to be written without demanding
the engine be able to arbitrarily create and manage AppArmor policies.

- Add deb package suggests for apparmor.
- Ubuntu postinst use aa-status & fix policy path
- Add the policies to the debian packages.
- Add apparmor tests for writing proc files
Additional restrictions against modifying files in proc
are enforced by AppArmor. Ensure that AppArmor is preventing
access to these files, not simply Docker's configuration of proc.
- Remove /proc/k?mem from AA policy
The path to mem and kmem are in /dev, not /proc
and cannot be restricted successfully through AppArmor.
The device cgroup will need to be sufficient here.
- Load contrib/apparmor during integration tests
Note that this is somewhat dirty because we
cannot restore the host to its original configuration.
However, it should be noted that prior to this patch
series, the Docker daemon itself was loading apparmor
policy from within the tests, so this is no dirtier or
uglier than the status-quo.

Signed-off-by: Eric Windisch <eric@windisch.us>
2015-07-21 11:05:53 -04:00
..
events New package daemon/events 2015-04-07 08:43:14 -07:00
execdriver Move AppArmor policy to contrib & deb packaging 2015-07-21 11:05:53 -04:00
graphdriver Merge pull request #14693 from LK4D4/update_libcontainer 2015-07-17 13:02:04 -07:00
logger add support for maximum log size, and max number of log files 2015-07-02 06:26:06 -07:00
network Move /nat to /pkg/nat 2015-06-30 17:43:17 +01:00
attach.go Fix regression in containers attach/wsattach api, return not found before hijacking 2015-07-01 18:16:17 +02:00
changes.go Refactor server to use daemon as the service layer in controllers 2015-05-02 03:12:58 +02:00
commit.go Windows: Graph driver implementation 2015-07-10 14:33:11 -07:00
config.go Merge pull request #14604 from Microsoft/10662-addbridge 2015-07-16 08:44:40 -07:00
config_experimental.go Vendoring in libnetwork for native multihost networking 2015-06-22 04:15:41 -07:00
config_linux.go Windows: Plumb through -b on daemon 2015-07-13 12:41:48 -07:00
config_stub.go Vendoring in libnetwork for native multihost networking 2015-06-22 04:15:41 -07:00
config_windows.go Windows: Plumb through -b on daemon 2015-07-13 12:41:48 -07:00
container.go Merge pull request #11485 from wlan0/rollover_log 2015-07-17 22:41:26 +02:00
container_unit_test.go Move /nat to /pkg/nat 2015-06-30 17:43:17 +01:00
container_unix.go Update libcontainer 2015-07-16 16:02:26 -07:00
container_windows.go Windows: Plumb through -b on daemon 2015-07-13 12:41:48 -07:00
copy.go Refactor server to use daemon as the service layer in controllers 2015-05-02 03:12:58 +02:00
create.go Update libcontainer 2015-07-16 16:02:26 -07:00
daemon.go Update libcontainer 2015-07-16 16:02:26 -07:00
daemon_aufs.go Move graph.SetupInitLayer to daemon package where it is used 2015-06-16 16:50:56 -07:00
daemon_btrfs.go Windows: Don't build Linux graph drivers 2015-06-08 15:09:33 -07:00
daemon_devicemapper.go Windows: Don't build Linux graph drivers 2015-06-08 15:09:33 -07:00
daemon_no_aufs.go Windows: Don't build Linux graph drivers 2015-06-08 15:09:33 -07:00
daemon_overlay.go Windows: Don't build Linux graph drivers 2015-06-08 15:09:33 -07:00
daemon_test.go Allow to downgrade local volumes from > 1.7 to 1.6. 2015-06-09 18:04:59 -07:00
daemon_unit_test.go
daemon_unix.go Update libcontainer 2015-07-16 16:02:26 -07:00
daemon_windows.go Windows: Plumb through -b on daemon 2015-07-13 12:41:48 -07:00
daemon_zfs.go Windows: No ZFS graphdriver 2015-05-14 15:57:45 -07:00
debugtrap_unix.go Windows: Win32 event for sigusr1 linux equivalence 2015-07-06 18:58:53 -07:00
debugtrap_unsupported.go Windows: Win32 event for sigusr1 linux equivalence 2015-07-06 18:58:53 -07:00
debugtrap_windows.go Windows: Win32 event for sigusr1 linux equivalence 2015-07-06 18:58:53 -07:00
delete.go Show error message when todisk failed 2015-07-02 18:24:35 +08:00
exec.go Quieter debug logging for clean exec commands 2015-07-13 10:36:36 -07:00
exec_linux.go Windows: Split ContainerExecCreate 2015-05-06 16:19:27 -07:00
exec_windows.go Windows: Split ContainerExecCreate 2015-05-06 16:19:27 -07:00
export.go Cleanup container LogEvent calls 2015-06-01 12:39:28 -07:00
history.go History.Swap Use parallel assignment to swap elements, as it's 2015-03-25 00:13:13 +03:00
image_delete.go fix 8926: rmi dangling is unsafe when pulling 2015-07-17 11:39:57 -04:00
info.go Update graph to use vendored distribution client for the v2 codepath 2015-07-16 13:13:47 -04:00
inspect.go Remove exec config from container after exit 2015-07-08 10:55:42 -07:00
kill.go Cleanup container LogEvent calls 2015-06-01 12:39:28 -07:00
list.go Merge pull request #14306 from Microsoft/validatepsfilter 2015-07-10 15:43:01 -04:00
logdrivers_linux.go Add new logging driver: fluentd 2015-06-26 11:03:11 +09:00
logdrivers_windows.go Windows: Factor out syslog and journald 2015-05-14 10:34:09 -07:00
logs.go add support for maximum log size, and max number of log files 2015-07-02 06:26:06 -07:00
monitor.go Show error message when todisk failed 2015-07-02 18:24:35 +08:00
pause.go Cleanup container LogEvent calls 2015-06-01 12:39:28 -07:00
README.md
rename.go Cleanup container LogEvent calls 2015-06-01 12:39:28 -07:00
resize.go Refactor server to use daemon as the service layer in controllers 2015-05-02 03:12:58 +02:00
restart.go Cleanup container LogEvent calls 2015-06-01 12:39:28 -07:00
start.go Add verify config to verifyContainerSettings 2015-06-13 09:31:19 +08:00
state.go Validate status= filter to docker ps 2015-07-02 16:12:42 -07:00
state_test.go Fix vet errors about unkeyed fields 2014-12-12 10:44:59 -08:00
stats.go Update libcontainer 2015-07-16 16:02:26 -07:00
stats_collector_unix.go Update libcontainer 2015-07-16 16:02:26 -07:00
stats_collector_windows.go Windows: Factor out stat collector 2015-06-01 09:11:03 -07:00
stats_linux.go Update libcontainer 2015-07-16 16:02:26 -07:00
stats_windows.go Update libcontainer 2015-07-16 16:02:26 -07:00
stop.go Cleanup container LogEvent calls 2015-06-01 12:39:28 -07:00
top.go Cleanup container LogEvent calls 2015-06-01 12:39:28 -07:00
unpause.go Cleanup container LogEvent calls 2015-06-01 12:39:28 -07:00
utils_nounix.go Windows: Tidy up daemon\utils*.go 2015-07-09 18:47:32 -07:00
utils_test.go Windows: Tidy up daemon\utils*.go 2015-07-09 18:47:32 -07:00
utils_unix.go Update libcontainer 2015-07-16 16:02:26 -07:00
volumes.go Update libcontainer 2015-07-16 16:02:26 -07:00
volumes_experimental.go Mount bind volumes coming from the old volumes configuration. 2015-05-28 14:06:17 -07:00
volumes_experimental_unit_test.go apply selinux labels volume patch on volumes refactor 2015-05-27 12:50:16 -07:00
volumes_linux.go Allow to downgrade local volumes from > 1.7 to 1.6. 2015-06-09 18:04:59 -07:00
volumes_stubs.go Mount bind volumes coming from the old volumes configuration. 2015-05-28 14:06:17 -07:00
volumes_stubs_unit_test.go apply selinux labels volume patch on volumes refactor 2015-05-27 12:50:16 -07:00
volumes_unit_test.go Allow named volumes for external drivers. 2015-05-21 20:34:17 -07:00
volumes_windows.go Allow to downgrade local volumes from > 1.7 to 1.6. 2015-06-09 18:04:59 -07:00
wait.go Move container.WaitStop, AttachWithLogs and WsAttachWithLogs to daemon service in api server 2015-05-11 19:56:41 +02:00

README.md

This directory contains code pertaining to running containers and storing images

Code pertaining to running containers:

  • execdriver
  • networkdriver

Code pertaining to storing images:

  • graphdriver