Debian

Available patches from Ubuntu

To see Ubuntu differences wrt. to Debian, write down a grep-dctrl query identifying the packages you're interested in:
grep-dctrl -n -sPackage Sources.Debian
(e.g. -FPackage linux-ntfs or linux-ntfs)

Modified packages are listed below:

Debian ( Changelog | PTS | Bugs ) Ubuntu ( Changelog | txt | LP | Bugs ) | Diff from Ubuntu

Source: desktop-base

desktop-base (8.0.2ubuntu1) vivid; urgency=medium * Merge from Debian unstable. Remaining changes: - Makefile: Don't install grub/grub_background.sh, as it installs a Debian-branded background for GRUB. -- Logan Rosen <logan@ubuntu.com> Sun, 14 Dec 2014 00:57:24 -0500

Modifications :
  1. Download patch debian/control

    --- 8.0.2/debian/control 2014-12-13 19:40:14.000000000 +0000 +++ 8.0.2ubuntu1/debian/control 2014-12-14 05:53:47.000000000 +0000 @@ -1,7 +1,8 @@ Source: desktop-base Section: x11 Priority: optional -Maintainer: Gustavo Franco <stratus@debian.org> +Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> +XSBC-Original-Maintainer: Gustavo Franco <stratus@debian.org> Uploaders: Loïc Minier <lool@dooz.org>, Fathi Boudra <fabo@debian.org>, Yves-Alexis Perez <corsac@debian.org>,
  2. Download patch Makefile

    --- 8.0.2/Makefile 2014-12-13 19:44:10.000000000 +0000 +++ 8.0.2ubuntu1/Makefile 2014-12-14 05:54:09.000000000 +0000 @@ -115,7 +115,6 @@ install: $(INSTALL) grub/joy-grub.png $(DESTDIR)/usr/share/images/desktop-base/ $(INSTALL) grub/spacefun-grub.png $(DESTDIR)/usr/share/images/desktop-base/ $(INSTALL) grub/spacefun-grub-widescreen.png $(DESTDIR)/usr/share/images/desktop-base/ - $(INSTALL) grub/grub_background.sh $(DESTDIR)/usr/share/desktop-base/ # plymouth install -d $(DESTDIR)/usr/share/plymouth/themes/spacefun

Debian ( Changelog | PTS | Bugs ) Ubuntu ( Changelog | txt | LP | Bugs ) | Diff from Ubuntu

Source: docker.io

docker.io (17.03.2-0ubuntu1) bionic; urgency=medium * Update to 17.03.2 upstream release -- Tianon Gravi <tianon@debian.org> Wed, 01 Nov 2017 12:30:17 -0700 docker.io (1.13.1-0ubuntu6) artful; urgency=medium * Add missing "runc" patches for LXD-enablement -- Tianon Gravi <tianon@debian.org> Wed, 11 Oct 2017 19:38:03 -0700 docker.io (1.13.1-0ubuntu5) artful; urgency=medium * Replace "runc" dependency with a multiorig copy of Docker's exact supported commit contents (installed as "/usr/bin/docker-runc" mirroring upstream's package) * Replace "containerd" in the same way (with the exact upstream-supported commit, binaries installed as "/usr/bin/docker-containerd*") -- Tianon Gravi <tianon@debian.org> Fri, 29 Sep 2017 13:22:39 -0700 docker.io (1.13.1-0ubuntu4) artful; urgency=medium * d/tests/docker-in-lxd: Better handle DNS with systemd-resolved. -- Stéphane Graber <stgraber@ubuntu.com> Thu, 21 Sep 2017 01:12:33 -0400 docker.io (1.13.1-0ubuntu3) artful; urgency=medium * d/tests/docker-in-lxd: check for network-up has a race condition when systemd-resolved is used. Add an additional check for a real DNS server in systemd-resolve --status. -- Steve Langasek <steve.langasek@ubuntu.com> Fri, 15 Sep 2017 23:32:16 -0700 docker.io (1.13.1-0ubuntu2) artful; urgency=medium * d/tests/docker-in-lxd: copy more apt config into container * d/golang-github-docker-docker-dev.install: install missing packages. (LP: #1714564) * d/control: Add Build-Depend on tzdata. -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Mon, 04 Sep 2017 13:31:34 +1200 docker.io (1.13.1-0ubuntu1) artful; urgency=medium * Update to 1.13.1 upstream release - refresh patches (removing many that are applied upstream in 1.13+) - use dh_clean (via debian/clean) instead of explicit "rm" in rules - pull in explicit libnetwork sources for "docker-proxy" - drop unnecessary dh_golang usage (only used for Built-Using calculation) - update "upstream-version-gitcommits" with a more recent list of commits - add "tini" for building "docker-init" (used by "docker run --init") - prefer Go 1.7 explicitly if it's available -- Tianon Gravi <tianon@debian.org> Tue, 22 Aug 2017 09:30:24 -0700 docker.io (1.12.6-0ubuntu7) artful; urgency=medium * Make sure to set security.nesting for the LXD autopkgtest. -- Stéphane Graber <stgraber@ubuntu.com> Tue, 06 Jun 2017 14:55:34 -0600 docker.io (1.12.6-0ubuntu6) artful; urgency=medium * Fix FTBFS on Go 1.8. -- Stéphane Graber <stgraber@ubuntu.com> Mon, 05 Jun 2017 16:21:16 -0600 docker.io (1.12.6-0ubuntu5) artful; urgency=medium * Update LXD autopkgtest now that the "docker" profile is deprecated. -- Stéphane Graber <stgraber@ubuntu.com> Mon, 05 Jun 2017 15:59:18 -0600 docker.io (1.12.6-0ubuntu4) zesty; urgency=medium * Revert 1.12.6-0ubuntu2 as it does not achieve the stated goal on both s390x and armhf. And lxc/lxd adt runners are too restrictive to e.g. import an ubuntu-base container for a minimal functional test. -- Dimitri John Ledkov <xnox@ubuntu.com> Tue, 14 Mar 2017 09:41:30 +0000 docker.io (1.12.6-0ubuntu3) zesty; urgency=medium * debian/tests/docker-in-lxd: Fix a latent version comparison bug that was causing migration failures due to the script thinking it was dealing with an old LXD (< 2.2) when it was really dealing with a recent LXD (>= 2.10). The fix is to use `lxc info` to check if the network extension is supported, rather than trying to compare version strings. -- Tyler Hicks <tyhicks@canonical.com> Fri, 10 Mar 2017 17:40:22 +0000 docker.io (1.12.6-0ubuntu2) zesty; urgency=medium * Remove isolation-machine restriction from adt smoke-test testcase. Should pass on s390x lxd runners; will fails on armhf runners but that is not a regressions since previously all tests were simply skipped on armhf. LP: #1658150 -- Dimitri John Ledkov <xnox@ubuntu.com> Wed, 01 Feb 2017 10:08:00 +0000 docker.io (1.12.6-0ubuntu1) zesty; urgency=medium * Update to 1.12.6 upstream release (LP: #1655906) - add a few new privileged tests to "skip-privileged-unit-tests.patch" * Adjust runc Depends to ensure fix for CVE-2016-9962 is included -- Tianon Gravi <tianon@debian.org> Fri, 13 Jan 2017 11:57:24 +1300 docker.io (1.12.3-0ubuntu4) zesty; urgency=medium * Explicity depend on the version of runc that was built with seccomp support. -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Mon, 12 Dec 2016 11:15:01 +1300 docker.io (1.12.3-0ubuntu3) zesty; urgency=medium [ Michael Hudson-Doyle ] * d/test/docker-in-lxd: make test for "is network up" more robust. [ Stefan Bader ] * Backport upstream 1.13 change to keep existing bridges untouched (LP: #1647376) - upstream-1.13-Vendor-libnetwork-51d88e9ae63f.patch -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Thu, 08 Dec 2016 11:53:36 +1300 docker.io (1.12.3-0ubuntu2) zesty; urgency=medium [ Tianon Gravi ] * Enable seccomp support (LP: #1639407) -- Steve Langasek <steve.langasek@ubuntu.com> Wed, 30 Nov 2016 12:34:22 -0800 docker.io (1.12.3-0ubuntu1) zesty; urgency=medium * Update to 1.12.3 upstream release - https://github.com/docker/docker/releases/tag/v1.12.2 - https://github.com/docker/docker/releases/tag/v1.12.3 -- Tianon Gravi <tianon@debian.org> Tue, 15 Nov 2016 15:50:32 -0800 docker.io (1.12.1-0ubuntu15) yakkety; urgency=medium * d/test/docker-in-lxd: use images:ubuntu/${suite}/${arch} instead of ubuntu-daily:${suite} because the former does not have cloud-init in it to rewrite /etc/apt/sources.list at unexpected times. -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Mon, 10 Oct 2016 21:38:17 +1300 docker.io (1.12.1-0ubuntu14) yakkety; urgency=medium * d/test/docker-in-lxd: cope with changes in lxd 2.3. -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Mon, 10 Oct 2016 15:30:42 +1300 docker.io (1.12.1-0ubuntu13) yakkety; urgency=medium * d/tests/docker-in-lxd: copy apt config from host to container rather than just enabling all of the -proposed pocket. -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Tue, 27 Sep 2016 12:23:56 +1300 docker.io (1.12.1-0ubuntu12) yakkety; urgency=medium * Final(?) docker-in-lxd fix: of course, alpine:latest is only the name of the image on amd64. -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Mon, 19 Sep 2016 20:34:59 +1200 docker.io (1.12.1-0ubuntu11) yakkety; urgency=medium * Even more docker-in-lxd fixes. -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Mon, 19 Sep 2016 14:14:33 +1200 docker.io (1.12.1-0ubuntu10) yakkety; urgency=medium * Yet another docker-in-lxd fix. -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Fri, 16 Sep 2016 19:02:41 +1200 docker.io (1.12.1-0ubuntu9) yakkety; urgency=medium * Proxy related fix for docker-in-lxd. -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Fri, 16 Sep 2016 18:59:54 +1200 docker.io (1.12.1-0ubuntu8) yakkety; urgency=medium * Re-enable docker-in-lxd again after many fixes. -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Fri, 16 Sep 2016 12:26:04 +1200 docker.io (1.12.1-0ubuntu7) yakkety; urgency=medium * d/tests/control: disable docker-in-lxd again, does not work in production infrastructure. -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Thu, 08 Sep 2016 09:41:13 +1200 docker.io (1.12.1-0ubuntu6) yakkety; urgency=medium * d/tests/control: docker-in-lxd needs to depend on lxd-client as well. -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Wed, 07 Sep 2016 21:18:18 +1200 docker.io (1.12.1-0ubuntu5) yakkety; urgency=medium * Ignore failure to set oom_score_adj, as happens in an unprivileged container. * Use $DOCKER_OPTS in service file again. * Add an autopkgtest to test docker-in-lxd. -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Wed, 07 Sep 2016 15:36:50 +1200 docker.io (1.12.1-0ubuntu4) yakkety; urgency=medium * Fix service file. -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Wed, 07 Sep 2016 14:13:12 +1200 docker.io (1.12.1-0ubuntu3) yakkety; urgency=medium * Skip "TestOverlay50LayerRead" on "overlay" driver too (in "skip-privileged-unit-tests.patch") -- Tianon Gravi <tianon@debian.org> Mon, 29 Aug 2016 16:00:00 -0700 docker.io (1.12.1-0ubuntu2) yakkety; urgency=medium * Add new "overlay2" driver's tests to "skip-privileged-unit-tests.patch" (FTBFS fix) -- Tianon Gravi <tianon@debian.org> Fri, 26 Aug 2016 10:20:24 -0700 docker.io (1.12.1-0ubuntu1) yakkety; urgency=medium * Update to 1.12.1 upstream release (LP: #1602243) - refresh "cgroupfs-mount-convenience-copy.patch" - remove "fatal-error-old-kernels.patch"; applied upstream, https://github.com/docker/docker/commit/51b23d88422918c24291f5876df35f91b23a446a - refresh "change-system-unit-env-file.patch" - refresh "21491--systemd-tasksmax.patch" - remove "22000--ignore-invalid-host-header.patch"; applied upstream, https://github.com/docker/docker/pull/22000 https://github.com/docker/docker/pull/22888 https://github.com/docker/docker/pull/23046 - refresh "remove-docker-prefix.patch" - refresh "skip-privileged-unit-tests.patch"; add new privileged tests, + TestMakeRemoteContext + TestMakeSumTarContext + TestDispatch + TestEmptyDockerfile + TestDockerfileOutsideTheBuildContext + TestRealodNoOpts - replace "lxd--20902--docker-in-userns.patch" with the upstream-applied "lxd--25672--docker-in-userns.patch" - remove "lxd--runc-617.patch"; no longer necessary (due to kernel fixes), https://github.com/opencontainers/runc/pull/617#issuecomment-223654149 - remove "21714--no-aufs-in-userns.patch"; applied upstream, https://github.com/docker/docker/pull/21714 - add "man" to "DH_GOLANG_EXCLUDES" (has new "generate.go" which imports the non-vendored "github.com/spf13/cobra/doc", causing dh_golang to choke) - add "docker-proxy-vendor.patch" to account for "vendor/..." vs "vendor/src/..." - install new explicit "dockerd" and "docker-proxy" binaries - update containerd dependency (>= 0.2.3) - update runc dependency (>= 1.0.0-rc1) * Update "debian/watch" to use "uscan.tianon.xyz" so older versions are still easily fetchable without excess work outside uscan -- Tianon Gravi <tianon@debian.org> Wed, 24 Aug 2016 11:48:34 -0700 docker.io (1.11.2-0ubuntu6) yakkety; urgency=medium * Merge from Debian Unstable: - more README.Debian notes (including a fixed href) - new "docker-doc" package which contains the documentation - use "dh-golang" for building (generates appropriate Built-Using) - run upstream unit tests during dh_auto_test - convert upstream-discouraged "/etc/default/docker" to comments-only - utilize dh_install (w/dh-exec) more fully to simplify debian/rules - fix "/etc/docker" permissions for co-existence with docker-registry - remove "/var/lib/docker" on purge * Remaining Ubuntu delta: - non-pruned vendor/ (included in golang-github-docker-docker-dev) - Docker-in-userns patches * Changes from pending Debian upload: - build from within GOPATH so Go packages are resolved properly - split "dh_auto_build-arch" from "dh_auto_build-indep" - include vendor/ in golang-github-docker-docker-dev (since we don't necessarily have the appropriate packages for Depends on that package) -- Tianon Gravi <tianon@debian.org> Fri, 19 Aug 2016 10:15:14 -0700

Modifications :
  1. Download patch containerd/hack/benchmark.go

    --- 1.13.1~ds2-3/containerd/hack/benchmark.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/hack/benchmark.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,75 @@ +// single app that will run containers in containerd and output +// the total time in seconds that it took for the execution. +// go run benchmark.go -count 1000 -bundle /containers/redis +package main + +import ( + "flag" + "net" + "strconv" + "sync" + "time" + + "github.com/Sirupsen/logrus" + "github.com/docker/containerd/api/grpc/types" + netcontext "golang.org/x/net/context" + "google.golang.org/grpc" +) + +func init() { + flag.StringVar(&bundle, "bundle", "/containers/redis", "the bundle path") + flag.StringVar(&addr, "addr", "/run/containerd/containerd.sock", "address to the container d instance") + flag.IntVar(&count, "count", 1000, "number of containers to run") + flag.Parse() +} + +var ( + count int + bundle, addr string + group = sync.WaitGroup{} + jobs = make(chan string, 20) +) + +func getClient() types.APIClient { + dialOpts := []grpc.DialOption{grpc.WithInsecure()} + dialOpts = append(dialOpts, + grpc.WithDialer(func(addr string, timeout time.Duration) (net.Conn, error) { + return net.DialTimeout("unix", addr, timeout) + }, + )) + conn, err := grpc.Dial(addr, dialOpts...) + if err != nil { + logrus.Fatal(err) + } + return types.NewAPIClient(conn) +} + +func main() { + client := getClient() + for i := 0; i < 100; i++ { + group.Add(1) + go worker(client) + } + start := time.Now() + for i := 0; i < count; i++ { + id := strconv.Itoa(i) + jobs <- id + } + close(jobs) + group.Wait() + end := time.Now() + duration := end.Sub(start).Seconds() + logrus.Info(duration) +} + +func worker(client types.APIClient) { + defer group.Done() + for id := range jobs { + if _, err := client.CreateContainer(netcontext.Background(), &types.CreateContainerRequest{ + Id: id, + BundlePath: bundle, + }); err != nil { + logrus.Error(err) + } + } +}
  2. Download patch containerd/api/grpc/types/api.pb.go
  3. Download patch cli/command/formatter/stats_test.go

    --- 1.13.1~ds2-3/cli/command/formatter/stats_test.go 2017-11-15 04:19:40.000000000 +0000 +++ 17.03.2-0ubuntu1/cli/command/formatter/stats_test.go 2017-06-01 21:14:48.000000000 +0000 @@ -21,16 +21,16 @@ func TestContainerStatsContext(t *testin {StatsEntry{Container: containerID}, containerID, containerHeader, ctx.Container}, {StatsEntry{CPUPercentage: 5.5}, "5.50%", cpuPercHeader, ctx.CPUPerc}, {StatsEntry{CPUPercentage: 5.5, IsInvalid: true}, "--", cpuPercHeader, ctx.CPUPerc}, - {StatsEntry{NetworkRx: 0.31, NetworkTx: 12.3}, "0.31B / 12.3B", netIOHeader, ctx.NetIO}, + {StatsEntry{NetworkRx: 0.31, NetworkTx: 12.3}, "0.31 B / 12.3 B", netIOHeader, ctx.NetIO}, {StatsEntry{NetworkRx: 0.31, NetworkTx: 12.3, IsInvalid: true}, "--", netIOHeader, ctx.NetIO}, - {StatsEntry{BlockRead: 0.1, BlockWrite: 2.3}, "0.1B / 2.3B", blockIOHeader, ctx.BlockIO}, + {StatsEntry{BlockRead: 0.1, BlockWrite: 2.3}, "0.1 B / 2.3 B", blockIOHeader, ctx.BlockIO}, {StatsEntry{BlockRead: 0.1, BlockWrite: 2.3, IsInvalid: true}, "--", blockIOHeader, ctx.BlockIO}, {StatsEntry{MemoryPercentage: 10.2}, "10.20%", memPercHeader, ctx.MemPerc}, {StatsEntry{MemoryPercentage: 10.2, IsInvalid: true}, "--", memPercHeader, ctx.MemPerc}, {StatsEntry{MemoryPercentage: 10.2, OSType: "windows"}, "--", memPercHeader, ctx.MemPerc}, - {StatsEntry{Memory: 24, MemoryLimit: 30}, "24B / 30B", memUseHeader, ctx.MemUsage}, + {StatsEntry{Memory: 24, MemoryLimit: 30}, "24 B / 30 B", memUseHeader, ctx.MemUsage}, {StatsEntry{Memory: 24, MemoryLimit: 30, IsInvalid: true}, "-- / --", memUseHeader, ctx.MemUsage}, - {StatsEntry{Memory: 24, MemoryLimit: 30, OSType: "windows"}, "24B", winMemUseHeader, ctx.MemUsage}, + {StatsEntry{Memory: 24, MemoryLimit: 30, OSType: "windows"}, "24 B", winMemUseHeader, ctx.MemUsage}, {StatsEntry{PidsCurrent: 10}, "10", pidsHeader, ctx.PIDs}, {StatsEntry{PidsCurrent: 10, IsInvalid: true}, "--", pidsHeader, ctx.PIDs}, {StatsEntry{PidsCurrent: 10, OSType: "windows"}, "--", pidsHeader, ctx.PIDs}, @@ -67,11 +67,17 @@ func TestContainerStatsContextWrite(t *t { Context{Format: "table {{.MemUsage}}"}, `MEM USAGE / LIMIT -20B / 20B +20 B / 20 B -- / -- `, }, { + Context{Format: "{{.Container}} {{.ID}} {{.Name}}"}, + `container1 abcdef foo +container2 -- +`, + }, + { Context{Format: "{{.Container}} {{.CPUPerc}}"}, `container1 20.00% container2 -- @@ -83,6 +89,8 @@ container2 -- stats := []StatsEntry{ { Container: "container1", + ID: "abcdef", + Name: "/foo", CPUPercentage: 20, Memory: 20, MemoryLimit: 20, @@ -129,7 +137,7 @@ func TestContainerStatsContextWriteWindo { Context{Format: "table {{.MemUsage}}"}, `PRIV WORKING SET -20B +20 B -- / -- `, },
  4. Download patch containerd/runtime/runtime_test.go

    --- 1.13.1~ds2-3/containerd/runtime/runtime_test.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/runtime/runtime_test.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,181 @@ +package runtime + +import ( + "context" + "flag" + "fmt" + "io" + "os" + "os/exec" + "path/filepath" + "syscall" + "testing" + "time" + + utils "github.com/docker/containerd/testutils" +) + +var ( + devNull = "/dev/null" + stdin io.WriteCloser + runtimeTool = flag.String("runtime", "runc", "Runtime to use for this test") +) + +// Create containerd state and oci bundles directory +func setup() error { + if err := os.MkdirAll(utils.StateDir, 0755); err != nil { + return err + } + + if err := os.MkdirAll(utils.BundlesRoot, 0755); err != nil { + return err + } + return nil +} + +// Creates the bundleDir with rootfs, io fifo dir and a default spec. +// On success, returns the bundlePath +func setupBundle(bundleName string) (string, error) { + bundlePath := filepath.Join(utils.BundlesRoot, bundleName) + if err := os.MkdirAll(bundlePath, 0755); err != nil { + fmt.Println("Unable to create bundlePath due to ", err) + return "", err + } + + io := filepath.Join(bundlePath, "io") + if err := os.MkdirAll(io, 0755); err != nil { + fmt.Println("Unable to create io dir due to ", err) + return "", err + } + + if err := utils.GenerateReferenceSpecs(bundlePath); err != nil { + fmt.Println("Unable to generate OCI reference spec: ", err) + return "", err + } + + if err := utils.CreateBusyboxBundle(bundleName); err != nil { + fmt.Println("CreateBusyboxBundle error: ", err) + return "", err + } + + return bundlePath, nil +} + +func setupStdio(cwd string, bundlePath string, bundleName string) (Stdio, error) { + s := NewStdio(devNull, devNull, devNull) + + pid := "init" + for stdName, stdPath := range map[string]*string{ + "stdin": &s.Stdin, + "stdout": &s.Stdout, + "stderr": &s.Stderr, + } { + *stdPath = filepath.Join(cwd, bundlePath, "io", bundleName+"-"+pid+"-"+stdName) + if err := syscall.Mkfifo(*stdPath, 0755); err != nil && !os.IsExist(err) { + fmt.Println("Mkfifo error: ", err) + return s, err + } + } + + err := attachStdio(s) + if err != nil { + fmt.Println("attachStdio error: ", err) + return s, err + } + + return s, nil +} + +func attachStdio(s Stdio) error { + stdinf, err := os.OpenFile(s.Stdin, syscall.O_RDWR, 0) + if err != nil { + return err + } + stdin = stdinf + stdoutf, err := os.OpenFile(s.Stdout, syscall.O_RDWR, 0) + if err != nil { + return err + } + go io.Copy(os.Stdout, stdoutf) + stderrf, err := os.OpenFile(s.Stderr, syscall.O_RDWR, 0) + if err != nil { + return err + } + go io.Copy(os.Stderr, stderrf) + return nil +} + +func teardownBundle(bundleName string) { + containerRoot := filepath.Join(utils.StateDir, bundleName) + os.RemoveAll(containerRoot) + + bundlePath := filepath.Join(utils.BundlesRoot, bundleName) + os.RemoveAll(bundlePath) + return +} + +// Remove containerd state and oci bundles directory +func teardown() { + os.RemoveAll(utils.StateDir) + os.RemoveAll(utils.BundlesRoot) +} + +func BenchmarkBusyboxSh(b *testing.B) { + bundleName := "busybox-sh" + + wd := utils.GetTestOutDir() + if err := os.Chdir(wd); err != nil { + b.Fatalf("Could not change working directory: %v", err) + } + + if err := setup(); err != nil { + b.Fatalf("Error setting up test: %v", err) + } + defer teardown() + + for n := 0; n < b.N; n++ { + bundlePath, err := setupBundle(bundleName) + if err != nil { + return + } + + s, err := setupStdio(wd, bundlePath, bundleName) + if err != nil { + return + } + + c, err := New(ContainerOpts{ + Root: utils.StateDir, + ID: bundleName, + Bundle: filepath.Join(wd, bundlePath), + Runtime: *runtimeTool, + Shim: "containerd-shim", + Timeout: 15 * time.Second, + }) + + if err != nil { + b.Fatalf("Error creating a New container: ", err) + } + + benchmarkStartContainer(b, c, s, bundleName) + + teardownBundle(bundleName) + } +} + +func benchmarkStartContainer(b *testing.B, c Container, s Stdio, bundleName string) { + p, err := c.Start(context.Background(), "", s) + if err != nil { + b.Fatalf("Error starting container %v", err) + } + + kill := exec.Command(c.Runtime(), "kill", bundleName, "KILL") + kill.Run() + + p.Wait() + c.Delete() + + // wait for kill to finish. selected wait time is arbitrary + time.Sleep(500 * time.Millisecond) + +}
  5. Download patch containerd/integration-test/start_solaris_test.go
  6. Download patch containerd/containerd/main_linux.go

    --- 1.13.1~ds2-3/containerd/containerd/main_linux.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/containerd/main_linux.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,45 @@ +package main + +import ( + "os" + "runtime" + "time" + + "github.com/Sirupsen/logrus" + "github.com/cloudfoundry/gosigar" + "github.com/docker/containerd/osutils" + "github.com/rcrowley/go-metrics" +) + +func processMetrics() { + var ( + g = metrics.NewGauge() + fg = metrics.NewGauge() + memg = metrics.NewGauge() + ) + metrics.DefaultRegistry.Register("goroutines", g) + metrics.DefaultRegistry.Register("fds", fg) + metrics.DefaultRegistry.Register("memory-used", memg) + collect := func() { + // update number of goroutines + g.Update(int64(runtime.NumGoroutine())) + // collect the number of open fds + fds, err := osutils.GetOpenFds(os.Getpid()) + if err != nil { + logrus.WithField("error", err).Error("containerd: get open fd count") + } + fg.Update(int64(fds)) + // get the memory used + m := sigar.ProcMem{} + if err := m.Get(os.Getpid()); err != nil { + logrus.WithField("error", err).Error("containerd: get pid memory information") + } + memg.Update(int64(m.Size)) + } + go func() { + collect() + for range time.Tick(30 * time.Second) { + collect() + } + }() +}
  7. Download patch containerd/osutils/fds.go

    --- 1.13.1~ds2-3/containerd/osutils/fds.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/osutils/fds.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,18 @@ +// +build !windows,!darwin + +package osutils + +import ( + "io/ioutil" + "path/filepath" + "strconv" +) + +// GetOpenFds returns the number of open fds for the process provided by pid +func GetOpenFds(pid int) (int, error) { + dirs, err := ioutil.ReadDir(filepath.Join("/proc", strconv.Itoa(pid), "fd")) + if err != nil { + return -1, err + } + return len(dirs), nil +}
  8. Download patch containerd/.gitignore

    --- 1.13.1~ds2-3/containerd/.gitignore 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/.gitignore 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,7 @@ +*.exe +/containerd/containerd +/containerd-shim/containerd-shim +/bin/ +/ctr/ctr +/hack/benchmark +/output
  9. Download patch containerd/containerd-shim/console.go

    --- 1.13.1~ds2-3/containerd/containerd-shim/console.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/containerd-shim/console.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,56 @@ +// +build !solaris + +package main + +import ( + "fmt" + "os" + "syscall" + "unsafe" +) + +// NewConsole returns an initialized console that can be used within a container by copying bytes +// from the master side to the slave that is attached as the tty for the container's init process. +func newConsole(uid, gid int) (*os.File, string, error) { + master, err := os.OpenFile("/dev/ptmx", syscall.O_RDWR|syscall.O_NOCTTY|syscall.O_CLOEXEC, 0) + if err != nil { + return nil, "", err + } + console, err := ptsname(master) + if err != nil { + return nil, "", err + } + if err := unlockpt(master); err != nil { + return nil, "", err + } + if err := os.Chmod(console, 0600); err != nil { + return nil, "", err + } + if err := os.Chown(console, uid, gid); err != nil { + return nil, "", err + } + return master, console, nil +} + +func ioctl(fd uintptr, flag, data uintptr) error { + if _, _, err := syscall.Syscall(syscall.SYS_IOCTL, fd, flag, data); err != 0 { + return err + } + return nil +} + +// unlockpt unlocks the slave pseudoterminal device corresponding to the master pseudoterminal referred to by f. +// unlockpt should be called before opening the slave side of a pty. +func unlockpt(f *os.File) error { + var u int32 + return ioctl(f.Fd(), syscall.TIOCSPTLCK, uintptr(unsafe.Pointer(&u))) +} + +// ptsname retrieves the name of the first available pts for the given master. +func ptsname(f *os.File) (string, error) { + var n int32 + if err := ioctl(f.Fd(), syscall.TIOCGPTN, uintptr(unsafe.Pointer(&n))); err != nil { + return "", err + } + return fmt.Sprintf("/dev/pts/%d", n), nil +}
  10. Download patch containerd/docs/daemon.md

    --- 1.13.1~ds2-3/containerd/docs/daemon.md 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/docs/daemon.md 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,27 @@ +# Daemon options + +``` +$ containerd -h + +NAME: + containerd - High performance container daemon + +USAGE: + containerd [global options] command [command options] [arguments...] + +VERSION: + 0.1.0 commit: 54c213e8a719d734001beb2cb8f130c84cc3bd20 + +COMMANDS: + help, h Shows a list of commands or help for one command + +GLOBAL OPTIONS: + --debug enable debug output in the logs + --state-dir "/run/containerd" runtime state directory + --metrics-interval "5m0s" interval for flushing metrics to the store + --listen, -l "/run/containerd/containerd.sock" Address on which GRPC API will listen + --runtime, -r "runc" name of the OCI compliant runtime to use when executing containers + --graphite-address Address of graphite server + --help, -h show help + --version, -v print the version +```
  11. Download patch containerd/LICENSE.docs
  12. Download patch client/client.go

    --- 1.13.1~ds2-3/client/client.go 2017-02-08 05:58:41.000000000 +0000 +++ 17.03.2-0ubuntu1/client/client.go 2017-06-01 21:14:48.000000000 +0000 @@ -58,7 +58,7 @@ import ( ) // DefaultVersion is the version of the current stable API -const DefaultVersion string = "1.25" +const DefaultVersion string = "1.27" // Client is the API client that performs all operations // against a docker server.
  13. Download patch client/container_create_test.go

    --- 1.13.1~ds2-3/client/container_create_test.go 2017-02-08 05:58:41.000000000 +0000 +++ 17.03.2-0ubuntu1/client/container_create_test.go 2017-06-01 21:14:48.000000000 +0000 @@ -74,3 +74,45 @@ func TestContainerCreateWithName(t *test t.Fatalf("expected `container_id`, got %s", r.ID) } } + +// TestContainerCreateAutoRemove validates that a client using API 1.24 always disables AutoRemove. When using API 1.25 +// or up, AutoRemove should not be disabled. +func TestContainerCreateAutoRemove(t *testing.T) { + autoRemoveValidator := func(expectedValue bool) func(req *http.Request) (*http.Response, error) { + return func(req *http.Request) (*http.Response, error) { + var config configWrapper + + if err := json.NewDecoder(req.Body).Decode(&config); err != nil { + return nil, err + } + if config.HostConfig.AutoRemove != expectedValue { + return nil, fmt.Errorf("expected AutoRemove to be %v, got %v", expectedValue, config.HostConfig.AutoRemove) + } + b, err := json.Marshal(container.ContainerCreateCreatedBody{ + ID: "container_id", + }) + if err != nil { + return nil, err + } + return &http.Response{ + StatusCode: http.StatusOK, + Body: ioutil.NopCloser(bytes.NewReader(b)), + }, nil + } + } + + client := &Client{ + client: newMockClient(autoRemoveValidator(false)), + version: "1.24", + } + if _, err := client.ContainerCreate(context.Background(), nil, &container.HostConfig{AutoRemove: true}, nil, ""); err != nil { + t.Fatal(err) + } + client = &Client{ + client: newMockClient(autoRemoveValidator(true)), + version: "1.25", + } + if _, err := client.ContainerCreate(context.Background(), nil, &container.HostConfig{AutoRemove: true}, nil, ""); err != nil { + t.Fatal(err) + } +}
  14. Download patch client/container_create.go

    --- 1.13.1~ds2-3/client/container_create.go 2017-02-08 05:58:41.000000000 +0000 +++ 17.03.2-0ubuntu1/client/container_create.go 2017-06-01 21:14:48.000000000 +0000 @@ -7,6 +7,7 @@ import ( "github.com/docker/docker/api/types/container" "github.com/docker/docker/api/types/network" + "github.com/docker/docker/api/types/versions" "golang.org/x/net/context" ) @@ -25,6 +26,11 @@ func (cli *Client) ContainerCreate(ctx c return response, err } + // When using API 1.24 and under, the client is responsible for removing the container + if hostConfig != nil && versions.LessThan(cli.ClientVersion(), "1.25") { + hostConfig.AutoRemove = false + } + query := url.Values{} if containerName != "" { query.Set("name", containerName)
  15. Download patch cli/command/system/info.go

    --- 1.13.1~ds2-3/cli/command/system/info.go 2017-02-08 05:58:41.000000000 +0000 +++ 17.03.2-0ubuntu1/cli/command/system/info.go 2017-06-01 21:14:48.000000000 +0000 @@ -6,8 +6,6 @@ import ( "strings" "time" - "golang.org/x/net/context" - "github.com/docker/docker/api/types" "github.com/docker/docker/api/types/swarm" "github.com/docker/docker/cli" @@ -17,6 +15,7 @@ import ( "github.com/docker/docker/utils/templates" "github.com/docker/go-units" "github.com/spf13/cobra" + "golang.org/x/net/context" ) type infoOptions struct { @@ -66,11 +65,6 @@ func prettyPrintInfo(dockerCli *command. if info.DriverStatus != nil { for _, pair := range info.DriverStatus { fmt.Fprintf(dockerCli.Out(), " %s: %s\n", pair[0], pair[1]) - - // print a warning if devicemapper is using a loopback file - if pair[0] == "Data loop file" { - fmt.Fprintln(dockerCli.Err(), " WARNING: Usage of loopback devices is strongly discouraged for production use. Use `--storage-opt dm.thinpooldev` to specify a custom block storage device.") - } } } @@ -228,50 +222,13 @@ func prettyPrintInfo(dockerCli *command. fmt.Fprintf(dockerCli.Out(), "Registry: %v\n", info.IndexServerAddress) } - // Only output these warnings if the server does not support these features - if info.OSType != "windows" { - if !info.MemoryLimit { - fmt.Fprintln(dockerCli.Err(), "WARNING: No memory limit support") - } - if !info.SwapLimit { - fmt.Fprintln(dockerCli.Err(), "WARNING: No swap limit support") - } - if !info.KernelMemory { - fmt.Fprintln(dockerCli.Err(), "WARNING: No kernel memory limit support") - } - if !info.OomKillDisable { - fmt.Fprintln(dockerCli.Err(), "WARNING: No oom kill disable support") - } - if !info.CPUCfsQuota { - fmt.Fprintln(dockerCli.Err(), "WARNING: No cpu cfs quota support") - } - if !info.CPUCfsPeriod { - fmt.Fprintln(dockerCli.Err(), "WARNING: No cpu cfs period support") - } - if !info.CPUShares { - fmt.Fprintln(dockerCli.Err(), "WARNING: No cpu shares support") - } - if !info.CPUSet { - fmt.Fprintln(dockerCli.Err(), "WARNING: No cpuset support") - } - if !info.IPv4Forwarding { - fmt.Fprintln(dockerCli.Err(), "WARNING: IPv4 forwarding is disabled") - } - if !info.BridgeNfIptables { - fmt.Fprintln(dockerCli.Err(), "WARNING: bridge-nf-call-iptables is disabled") - } - if !info.BridgeNfIP6tables { - fmt.Fprintln(dockerCli.Err(), "WARNING: bridge-nf-call-ip6tables is disabled") - } - } - if info.Labels != nil { fmt.Fprintln(dockerCli.Out(), "Labels:") for _, attribute := range info.Labels { fmt.Fprintf(dockerCli.Out(), " %s\n", attribute) } // TODO: Engine labels with duplicate keys has been deprecated in 1.13 and will be error out - // after 3 release cycles (1.16). For now, a WARNING will be generated. The following will + // after 3 release cycles (17.12). For now, a WARNING will be generated. The following will // be removed eventually. labelMap := map[string]string{} for _, label := range info.Labels { @@ -317,11 +274,85 @@ func prettyPrintInfo(dockerCli *command. } } - fmt.Fprintf(dockerCli.Out(), "Live Restore Enabled: %v\n", info.LiveRestoreEnabled) + fmt.Fprintf(dockerCli.Out(), "Live Restore Enabled: %v\n\n", info.LiveRestoreEnabled) + + // Only output these warnings if the server does not support these features + if info.OSType != "windows" { + printStorageDriverWarnings(dockerCli, info) + + if !info.MemoryLimit { + fmt.Fprintln(dockerCli.Err(), "WARNING: No memory limit support") + } + if !info.SwapLimit { + fmt.Fprintln(dockerCli.Err(), "WARNING: No swap limit support") + } + if !info.KernelMemory { + fmt.Fprintln(dockerCli.Err(), "WARNING: No kernel memory limit support") + } + if !info.OomKillDisable { + fmt.Fprintln(dockerCli.Err(), "WARNING: No oom kill disable support") + } + if !info.CPUCfsQuota { + fmt.Fprintln(dockerCli.Err(), "WARNING: No cpu cfs quota support") + } + if !info.CPUCfsPeriod { + fmt.Fprintln(dockerCli.Err(), "WARNING: No cpu cfs period support") + } + if !info.CPUShares { + fmt.Fprintln(dockerCli.Err(), "WARNING: No cpu shares support") + } + if !info.CPUSet { + fmt.Fprintln(dockerCli.Err(), "WARNING: No cpuset support") + } + if !info.IPv4Forwarding { + fmt.Fprintln(dockerCli.Err(), "WARNING: IPv4 forwarding is disabled") + } + if !info.BridgeNfIptables { + fmt.Fprintln(dockerCli.Err(), "WARNING: bridge-nf-call-iptables is disabled") + } + if !info.BridgeNfIP6tables { + fmt.Fprintln(dockerCli.Err(), "WARNING: bridge-nf-call-ip6tables is disabled") + } + } return nil } +func printStorageDriverWarnings(dockerCli *command.DockerCli, info types.Info) { + if info.DriverStatus == nil { + return + } + + for _, pair := range info.DriverStatus { + if pair[0] == "Data loop file" { + fmt.Fprintf(dockerCli.Err(), "WARNING: %s: usage of loopback devices is strongly discouraged for production use.\n Use `--storage-opt dm.thinpooldev` to specify a custom block storage device.\n", info.Driver) + } + if pair[0] == "Supports d_type" && pair[1] == "false" { + backingFs := getBackingFs(info) + + msg := fmt.Sprintf("WARNING: %s: the backing %s filesystem is formatted without d_type support, which leads to incorrect behavior.\n", info.Driver, backingFs) + if backingFs == "xfs" { + msg += " Reformat the filesystem with ftype=1 to enable d_type support.\n" + } + msg += " Running without d_type support will not be supported in future releases." + fmt.Fprintln(dockerCli.Err(), msg) + } + } +} + +func getBackingFs(info types.Info) string { + if info.DriverStatus == nil { + return "" + } + + for _, pair := range info.DriverStatus { + if pair[0] == "Backing Filesystem" { + return pair[1] + } + } + return "" +} + func formatInfo(dockerCli *command.DockerCli, info types.Info, format string) error { tmpl, err := templates.Parse(format) if err != nil {
  16. Download patch containerd/docs/cli.md

    --- 1.13.1~ds2-3/containerd/docs/cli.md 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/docs/cli.md 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,159 @@ +# Client CLI + +There is a default cli named `ctr` based on the GRPC api. +This cli will allow you to create and manage containers run with containerd. + +``` +$ ctr -h +NAME: + ctr - High performance container daemon cli + +USAGE: + ctr [global options] command [command options] [arguments...] + +VERSION: + 0.1.0 commit: 54c213e8a719d734001beb2cb8f130c84cc3bd20 + +COMMANDS: + checkpoints list all checkpoints + containers interact with running containers + events receive events from the containerd daemon + state get a raw dump of the containerd state + help, h Shows a list of commands or help for one command + +GLOBAL OPTIONS: + --debug enable debug output in the logs + --address "/run/containerd/containerd.sock" address of GRPC API + --help, -h show help + --version, -v print the version +``` + +## Starting a container + +``` +$ ctr containers start -h +NAME: + ctr containers start - start a container + +USAGE: + ctr containers start [command options] [arguments...] + +OPTIONS: + --checkpoint, -c checkpoint to start the container from + --attach, -a connect to the stdio of the container + --label, -l [--label option --label option] set labels for the container +``` + +```bash +$ sudo ctr containers start redis /containers/redis +``` + +`/containers/redis` is the path to an OCI bundle. [See the bundle docs for more information.](bundle.md) + +## Listing containers + +```bash +$ sudo ctr containers +ID PATH STATUS PROCESSES +1 /containers/redis running 14063 +19 /containers/redis running 14100 +14 /containers/redis running 14117 +4 /containers/redis running 14030 +16 /containers/redis running 14061 +3 /containers/redis running 14024 +12 /containers/redis running 14097 +10 /containers/redis running 14131 +18 /containers/redis running 13977 +13 /containers/redis running 13979 +15 /containers/redis running 13998 +5 /containers/redis running 14021 +9 /containers/redis running 14075 +6 /containers/redis running 14107 +2 /containers/redis running 14135 +11 /containers/redis running 13978 +17 /containers/redis running 13989 +8 /containers/redis running 14053 +7 /containers/redis running 14022 +0 /containers/redis running 14006 +``` + +## Kill a container's process + +``` +$ ctr containers kill -h +NAME: + ctr containers kill - send a signal to a container or its processes + +USAGE: + ctr containers kill [command options] [arguments...] + +OPTIONS: + --pid, -p "init" pid of the process to signal within the container + --signal, -s "15" signal to send to the container +``` + +## Exec another process into a container + +``` +$ ctr containers exec -h +NAME: + ctr containers exec - exec another process in an existing container + +USAGE: + ctr containers exec [command options] [arguments...] + +OPTIONS: + --id container id to add the process to + --pid process id for the new process + --attach, -a connect to the stdio of the container + --cwd current working directory for the process + --tty, -t create a terminal for the process + --env, -e [--env option --env option] environment variables for the process + --uid, -u "0" user id of the user for the process + --gid, -g "0" group id of the user for the process +``` + +## Stats for a container + +``` +$ ctr containers stats -h +NAME: + ctr containers stats - get stats for running container + +USAGE: + ctr containers stats [arguments...] +``` + +## List checkpoints + +``` +$ sudo ctr checkpoints redis +NAME TCP UNIX SOCKETS SHELL +test false false false +test2 false false false +``` + +## Create a new checkpoint + +``` +$ ctr checkpoints create -h +NAME: + ctr checkpoints create - create a new checkpoint for the container + +USAGE: + ctr checkpoints create [command options] [arguments...] + +OPTIONS: + --tcp persist open tcp connections + --unix-sockets perist unix sockets + --exit exit the container after the checkpoint completes successfully + --shell checkpoint shell jobs +``` + +## Get events + +``` +$ sudo ctr events +TYPE ID PID STATUS +exit redis 24761 0 +```
  17. Download patch containerd/docs/telemetry.md

    --- 1.13.1~ds2-3/containerd/docs/telemetry.md 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/docs/telemetry.md 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,31 @@ +# Telemetry + +Currently containerd only outputs metrics to stdout but will support dumping to various backends in the future. + +``` +[containerd] 2015/12/16 11:48:28 timer container-start-time +[containerd] 2015/12/16 11:48:28 count: 22 +[containerd] 2015/12/16 11:48:28 min: 25425883 +[containerd] 2015/12/16 11:48:28 max: 113077691 +[containerd] 2015/12/16 11:48:28 mean: 68386923.27 +[containerd] 2015/12/16 11:48:28 stddev: 20928453.26 +[containerd] 2015/12/16 11:48:28 median: 65489003.50 +[containerd] 2015/12/16 11:48:28 75%: 82393210.50 +[containerd] 2015/12/16 11:48:28 95%: 112267814.75 +[containerd] 2015/12/16 11:48:28 99%: 113077691.00 +[containerd] 2015/12/16 11:48:28 99.9%: 113077691.00 +[containerd] 2015/12/16 11:48:28 1-min rate: 0.00 +[containerd] 2015/12/16 11:48:28 5-min rate: 0.01 +[containerd] 2015/12/16 11:48:28 15-min rate: 0.01 +[containerd] 2015/12/16 11:48:28 mean rate: 0.03 +[containerd] 2015/12/16 11:48:28 counter containers +[containerd] 2015/12/16 11:48:28 count: 1 +[containerd] 2015/12/16 11:48:28 counter events +[containerd] 2015/12/16 11:48:28 count: 87 +[containerd] 2015/12/16 11:48:28 counter events-subscribers +[containerd] 2015/12/16 11:48:28 count: 2 +[containerd] 2015/12/16 11:48:28 gauge goroutines +[containerd] 2015/12/16 11:48:28 value: 38 +[containerd] 2015/12/16 11:48:28 gauge fds +[containerd] 2015/12/16 11:48:28 value: 18 +```
  18. Download patch containerd/ctr/sort.go

    --- 1.13.1~ds2-3/containerd/ctr/sort.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/ctr/sort.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,27 @@ +package main + +import ( + "sort" + + "github.com/docker/containerd/api/grpc/types" +) + +func sortContainers(c []*types.Container) { + sort.Sort(&containerSorter{c}) +} + +type containerSorter struct { + c []*types.Container +} + +func (s *containerSorter) Len() int { + return len(s.c) +} + +func (s *containerSorter) Swap(i, j int) { + s.c[i], s.c[j] = s.c[j], s.c[i] +} + +func (s *containerSorter) Less(i, j int) bool { + return s.c[i].Id < s.c[j].Id +}
  19. Download patch cli/command/container/run.go

    --- 1.13.1~ds2-3/cli/command/container/run.go 2017-02-08 05:58:41.000000000 +0000 +++ 17.03.2-0ubuntu1/cli/command/container/run.go 2017-06-01 21:14:48.000000000 +0000 @@ -74,9 +74,8 @@ func runRun(dockerCli *command.DockerCli cmdPath := "run" var ( - flAttach *opttypes.ListOpts - ErrConflictAttachDetach = fmt.Errorf("Conflicting options: -a and -d") - ErrConflictRestartPolicyAndAutoRemove = fmt.Errorf("Conflicting options: --restart and --rm") + flAttach *opttypes.ListOpts + ErrConflictAttachDetach = fmt.Errorf("Conflicting options: -a and -d") ) config, hostConfig, networkingConfig, err := runconfigopts.Parse(flags, copts) @@ -87,9 +86,6 @@ func runRun(dockerCli *command.DockerCli return cli.StatusError{StatusCode: 125} } - if hostConfig.AutoRemove && !hostConfig.RestartPolicy.IsNone() { - return ErrConflictRestartPolicyAndAutoRemove - } if hostConfig.OomKillDisable != nil && *hostConfig.OomKillDisable && hostConfig.Memory == 0 { fmt.Fprintf(stderr, "WARNING: Disabling the OOM killer on containers without setting a '-m/--memory' limit may be dangerous.\n") } @@ -140,6 +136,9 @@ func runRun(dockerCli *command.DockerCli ctx, cancelFun := context.WithCancel(context.Background()) + // preserve AutoRemove state. createContainer() / ContainerCreate() disables daemon-side auto-remove on API < 1.25 + autoRemove := hostConfig.AutoRemove + createResponse, err := createContainer(ctx, dockerCli, config, hostConfig, networkingConfig, hostConfig.ContainerIDFile, opts.name) if err != nil { reportError(stderr, cmdPath, err.Error(), true) @@ -211,7 +210,7 @@ func runRun(dockerCli *command.DockerCli }) } - statusChan := waitExitOrRemoved(ctx, dockerCli, createResponse.ID, hostConfig.AutoRemove) + statusChan := waitExitOrRemoved(ctx, dockerCli, createResponse.ID, autoRemove) //start the container if err := client.ContainerStart(ctx, createResponse.ID, types.ContainerStartOptions{}); err != nil { @@ -224,7 +223,7 @@ func runRun(dockerCli *command.DockerCli } reportError(stderr, cmdPath, err.Error(), false) - if hostConfig.AutoRemove { + if autoRemove { // wait container to be removed <-statusChan }
  20. Download patch client/client_test.go

    --- 1.13.1~ds2-3/client/client_test.go 2017-11-15 04:19:40.000000000 +0000 +++ 17.03.2-0ubuntu1/client/client_test.go 2017-06-01 21:14:48.000000000 +0000 @@ -32,7 +32,7 @@ func TestNewEnvClient(t *testing.T) { envs: map[string]string{ "DOCKER_CERT_PATH": "invalid/path", }, - expectedError: "Could not load X509 key pair: open invalid/path/cert.pem: no such file or directory", + expectedError: "Could not load X509 key pair: open invalid/path/cert.pem: no such file or directory. Make sure the key is not encrypted", }, { envs: map[string]string{
  21. Download patch cli/compose/convert/service.go

    --- 1.13.1~ds2-3/cli/compose/convert/service.go 2017-02-08 05:58:41.000000000 +0000 +++ 17.03.2-0ubuntu1/cli/compose/convert/service.go 2017-06-01 21:14:48.000000000 +0000 @@ -17,6 +17,8 @@ import ( "github.com/docker/go-connections/nat" ) +const defaultNetwork = "default" + // Services from compose-file types to engine API types // TODO: fix secrets API so that SecretAPIClient is not required here func Services( @@ -157,18 +159,15 @@ func convertServiceNetworks( name string, ) ([]swarm.NetworkAttachmentConfig, error) { if len(networks) == 0 { - return []swarm.NetworkAttachmentConfig{ - { - Target: namespace.Scope("default"), - Aliases: []string{name}, - }, - }, nil + networks = map[string]*composetypes.ServiceNetworkConfig{ + defaultNetwork: {}, + } } nets := []swarm.NetworkAttachmentConfig{} for networkName, network := range networks { networkConfig, ok := networkConfigs[networkName] - if !ok { + if !ok && networkName != defaultNetwork { return []swarm.NetworkAttachmentConfig{}, fmt.Errorf( "service %q references network %q, which is not declared", name, networkName) } @@ -219,19 +218,27 @@ func convertServiceSecrets( if gid == "" { gid = "0" } + mode := secret.Mode + if mode == nil { + mode = uint32Ptr(0444) + } opts = append(opts, &types.SecretRequestOption{ Source: source, Target: target, UID: uid, GID: gid, - Mode: os.FileMode(secret.Mode), + Mode: os.FileMode(*mode), }) } return servicecli.ParseSecrets(client, opts) } +func uint32Ptr(value uint32) *uint32 { + return &value +} + func convertExtraHosts(extraHosts map[string]string) []string { hosts := []string{} for host, ip := range extraHosts {
  22. Download patch containerd/runtime/process_solaris.go

    --- 1.13.1~ds2-3/containerd/runtime/process_solaris.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/runtime/process_solaris.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,34 @@ +// +build solaris + +package runtime + +import ( + "bytes" + "encoding/json" + "fmt" + "os/exec" + + runtimespec "github.com/opencontainers/runtime-spec/specs-go" +) + +// On Solaris we already have a state file maintained by the framework. +// This is read by runz state. We just call that instead of maintaining +// a separate file. +func (p *process) getPidFromFile() (int, error) { + //we get this information from runz state + cmd := exec.Command("runc", "state", p.container.ID()) + outBuf, errBuf := new(bytes.Buffer), new(bytes.Buffer) + cmd.Stdout, cmd.Stderr = outBuf, errBuf + + if err := cmd.Run(); err != nil { + // TODO: Improve logic + return -1, errContainerNotFound + } + response := runtimespec.State{} + decoder := json.NewDecoder(outBuf) + if err := decoder.Decode(&response); err != nil { + return -1, fmt.Errorf("unable to decode json response: %+v", err) + } + p.pid = response.Pid + return p.pid, nil +}
  23. Download patch api/server/httputils/errors.go

    --- 1.13.1~ds2-3/api/server/httputils/errors.go 2017-02-08 05:58:41.000000000 +0000 +++ 17.03.2-0ubuntu1/api/server/httputils/errors.go 2017-06-01 21:14:48.000000000 +0000 @@ -63,6 +63,8 @@ func GetHTTPErrorStatusCode(err error) i {"unauthorized", http.StatusUnauthorized}, {"hasn't been activated", http.StatusForbidden}, {"this node", http.StatusServiceUnavailable}, + {"needs to be unlocked", http.StatusServiceUnavailable}, + {"certificates have expired", http.StatusServiceUnavailable}, } { if strings.Contains(errStr, status.keyword) { statusCode = status.code
  24. Download patch containerd/integration-test/check_test.go
  25. Download patch containerd/containerd-shim/process_linux.go

    --- 1.13.1~ds2-3/containerd/containerd-shim/process_linux.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/containerd-shim/process_linux.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,131 @@ +// +build !solaris + +package main + +import ( + "fmt" + "io" + "os/exec" + "syscall" + "time" + + "github.com/tonistiigi/fifo" + "golang.org/x/net/context" +) + +// setPDeathSig sets the parent death signal to SIGKILL so that if the +// shim dies the container process also dies. +func setPDeathSig() *syscall.SysProcAttr { + return &syscall.SysProcAttr{ + Pdeathsig: syscall.SIGKILL, + } +} + +// openIO opens the pre-created fifo's for use with the container +// in RDWR so that they remain open if the other side stops listening +func (p *process) openIO() error { + p.stdio = &stdio{} + var ( + uid = p.state.RootUID + gid = p.state.RootGID + ) + + ctx, _ := context.WithTimeout(context.Background(), 15*time.Second) + + stdinCloser, err := fifo.OpenFifo(ctx, p.state.Stdin, syscall.O_WRONLY|syscall.O_NONBLOCK, 0) + if err != nil { + return err + } + p.stdinCloser = stdinCloser + + if p.state.Terminal { + master, console, err := newConsole(uid, gid) + if err != nil { + return err + } + p.console = master + p.consolePath = console + stdin, err := fifo.OpenFifo(ctx, p.state.Stdin, syscall.O_RDONLY, 0) + if err != nil { + return err + } + go io.Copy(master, stdin) + stdoutw, err := fifo.OpenFifo(ctx, p.state.Stdout, syscall.O_WRONLY, 0) + if err != nil { + return err + } + stdoutr, err := fifo.OpenFifo(ctx, p.state.Stdout, syscall.O_RDONLY, 0) + if err != nil { + return err + } + p.Add(1) + go func() { + io.Copy(stdoutw, master) + master.Close() + stdoutr.Close() + stdoutw.Close() + p.Done() + }() + return nil + } + i, err := p.initializeIO(uid) + if err != nil { + return err + } + p.shimIO = i + // non-tty + for name, dest := range map[string]func(wc io.WriteCloser, rc io.Closer){ + p.state.Stdout: func(wc io.WriteCloser, rc io.Closer) { + p.Add(1) + go func() { + io.Copy(wc, i.Stdout) + p.Done() + wc.Close() + rc.Close() + }() + }, + p.state.Stderr: func(wc io.WriteCloser, rc io.Closer) { + p.Add(1) + go func() { + io.Copy(wc, i.Stderr) + p.Done() + wc.Close() + rc.Close() + }() + }, + } { + fw, err := fifo.OpenFifo(ctx, name, syscall.O_WRONLY, 0) + if err != nil { + return fmt.Errorf("containerd-shim: opening %s failed: %s", name, err) + } + fr, err := fifo.OpenFifo(ctx, name, syscall.O_RDONLY, 0) + if err != nil { + return fmt.Errorf("containerd-shim: opening %s failed: %s", name, err) + } + dest(fw, fr) + } + + f, err := fifo.OpenFifo(ctx, p.state.Stdin, syscall.O_RDONLY, 0) + if err != nil { + return fmt.Errorf("containerd-shim: opening %s failed: %s", p.state.Stdin, err) + } + go func() { + io.Copy(i.Stdin, f) + i.Stdin.Close() + f.Close() + }() + + return nil +} + +func (p *process) killAll() error { + if !p.state.Exec { + cmd := exec.Command(p.runtime, append(p.state.RuntimeArgs, "kill", "--all", p.id, "SIGKILL")...) + cmd.SysProcAttr = setPDeathSig() + out, err := cmd.CombinedOutput() + if err != nil { + return fmt.Errorf("%s: %v", out, err) + } + } + return nil +}
  26. Download patch api/server/router/container/container_routes.go

    --- 1.13.1~ds2-3/api/server/router/container/container_routes.go 2017-02-08 05:58:41.000000000 +0000 +++ 17.03.2-0ubuntu1/api/server/router/container/container_routes.go 2017-06-01 21:14:48.000000000 +0000 @@ -369,6 +369,11 @@ func (s *containerRouter) postContainers version := httputils.VersionFromContext(ctx) adjustCPUShares := versions.LessThan(version, "1.19") + // When using API 1.24 and under, the client is responsible for removing the container + if hostConfig != nil && versions.LessThan(version, "1.25") { + hostConfig.AutoRemove = false + } + ccr, err := s.backend.ContainerCreate(types.ContainerCreateConfig{ Name: name, Config: config,
  27. Download patch containerd/integration-test/container_utils_test.go
  28. Download patch containerd/hack/validate-lint

    --- 1.13.1~ds2-3/containerd/hack/validate-lint 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/hack/validate-lint 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,9 @@ +#!/bin/bash + +lint_error=$(golint ./... | grep -v vendor | grep -v .pb. | tee /dev/stderr) + +if [ "$lint_error" != "" ]; then + exit 1 +fi + +exit 0
  29. Download patch containerd/runtime/container_linux.go

    --- 1.13.1~ds2-3/containerd/runtime/container_linux.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/runtime/container_linux.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,186 @@ +package runtime + +import ( + "bufio" + "bytes" + "encoding/json" + "fmt" + "os" + "os/exec" + "path/filepath" + "strings" + "syscall" + + "github.com/docker/containerd/specs" + ocs "github.com/opencontainers/runtime-spec/specs-go" +) + +func findCgroupMountpointAndRoot(pid int, subsystem string) (string, string, error) { + f, err := os.Open(fmt.Sprintf("/proc/%d/mountinfo", pid)) + if err != nil { + return "", "", err + } + defer f.Close() + + scanner := bufio.NewScanner(f) + for scanner.Scan() { + txt := scanner.Text() + fields := strings.Split(txt, " ") + for _, opt := range strings.Split(fields[len(fields)-1], ",") { + if opt == subsystem { + return fields[4], fields[3], nil + } + } + } + if err := scanner.Err(); err != nil { + return "", "", err + } + + return "", "", fmt.Errorf("cgroup path for %s not found", subsystem) +} + +func parseCgroupFile(path string) (map[string]string, error) { + f, err := os.Open(path) + if err != nil { + return nil, err + } + defer f.Close() + + s := bufio.NewScanner(f) + cgroups := make(map[string]string) + + for s.Scan() { + if err := s.Err(); err != nil { + return nil, err + } + + text := s.Text() + parts := strings.Split(text, ":") + + for _, subs := range strings.Split(parts[1], ",") { + cgroups[subs] = parts[2] + } + } + return cgroups, nil +} + +func (c *container) OOM() (OOM, error) { + p := c.processes[InitProcessID] + if p == nil { + return nil, fmt.Errorf("no init process found") + } + + mountpoint, hostRoot, err := findCgroupMountpointAndRoot(os.Getpid(), "memory") + if err != nil { + return nil, err + } + + cgroups, err := parseCgroupFile(fmt.Sprintf("/proc/%d/cgroup", p.pid)) + if err != nil { + return nil, err + } + + root, ok := cgroups["memory"] + if !ok { + return nil, fmt.Errorf("no memory cgroup for container %s", c.ID()) + } + + // Take care of the case were we're running inside a container + // ourself + root = strings.TrimPrefix(root, hostRoot) + + return c.getMemoryEventFD(filepath.Join(mountpoint, root)) +} + +func (c *container) Pids() ([]int, error) { + var pids []int + args := c.runtimeArgs + args = append(args, "ps", "--format=json", c.id) + out, err := exec.Command(c.runtime, args...).CombinedOutput() + if err != nil { + return nil, fmt.Errorf("%s: %q", err.Error(), out) + } + if err := json.Unmarshal(out, &pids); err != nil { + return nil, err + } + return pids, nil +} + +func u64Ptr(i uint64) *uint64 { return &i } + +func (c *container) UpdateResources(r *Resource) error { + sr := ocs.Resources{ + Memory: &ocs.Memory{ + Limit: u64Ptr(uint64(r.Memory)), + Reservation: u64Ptr(uint64(r.MemoryReservation)), + Swap: u64Ptr(uint64(r.MemorySwap)), + Kernel: u64Ptr(uint64(r.KernelMemory)), + KernelTCP: u64Ptr(uint64(r.KernelTCPMemory)), + }, + CPU: &ocs.CPU{ + Shares: u64Ptr(uint64(r.CPUShares)), + Quota: u64Ptr(uint64(r.CPUQuota)), + Period: u64Ptr(uint64(r.CPUPeriod)), + Cpus: &r.CpusetCpus, + Mems: &r.CpusetMems, + }, + BlockIO: &ocs.BlockIO{ + Weight: &r.BlkioWeight, + }, + } + + srStr := bytes.NewBuffer(nil) + if err := json.NewEncoder(srStr).Encode(&sr); err != nil { + return err + } + + args := c.runtimeArgs + args = append(args, "update", "-r", "-", c.id) + cmd := exec.Command(c.runtime, args...) + cmd.Stdin = srStr + b, err := cmd.CombinedOutput() + if err != nil { + return fmt.Errorf(string(b)) + } + return nil +} + +func getRootIDs(s *specs.Spec) (int, int, error) { + if s == nil { + return 0, 0, nil + } + var hasUserns bool + for _, ns := range s.Linux.Namespaces { + if ns.Type == ocs.UserNamespace { + hasUserns = true + break + } + } + if !hasUserns { + return 0, 0, nil + } + uid := hostIDFromMap(0, s.Linux.UIDMappings) + gid := hostIDFromMap(0, s.Linux.GIDMappings) + return uid, gid, nil +} + +func (c *container) getMemoryEventFD(root string) (*oom, error) { + f, err := os.Open(filepath.Join(root, "memory.oom_control")) + if err != nil { + return nil, err + } + defer f.Close() + fd, _, serr := syscall.RawSyscall(syscall.SYS_EVENTFD2, 0, syscall.FD_CLOEXEC, 0) + if serr != 0 { + return nil, serr + } + if err := c.writeEventFD(root, int(f.Fd()), int(fd)); err != nil { + syscall.Close(int(fd)) + return nil, err + } + return &oom{ + root: root, + id: c.id, + eventfd: int(fd), + }, nil +}
  30. Download patch containerd/NOTICE

    --- 1.13.1~ds2-3/containerd/NOTICE 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/NOTICE 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,16 @@ +Docker +Copyright 2012-2015 Docker, Inc. + +This product includes software developed at Docker, Inc. (https://www.docker.com). + +The following is courtesy of our legal counsel: + + +Use and transfer of Docker may be subject to certain restrictions by the +United States and other governments. +It is your responsibility to ensure that your use and/or transfer does not +violate applicable laws. + +For more information, please see https://www.bis.doc.gov + +See also https://www.apache.org/dev/crypto.html and/or seek legal counsel.
  31. Download patch containerd/docs/bundle.md
  32. Download patch cli/command/container/stats_helpers.go

    --- 1.13.1~ds2-3/cli/command/container/stats_helpers.go 2017-02-08 05:58:41.000000000 +0000 +++ 17.03.2-0ubuntu1/cli/command/container/stats_helpers.go 2017-06-01 21:14:48.000000000 +0000 @@ -179,10 +179,14 @@ func calculateCPUPercentUnix(previousCPU cpuDelta = float64(v.CPUStats.CPUUsage.TotalUsage) - float64(previousCPU) // calculate the change for the entire system between readings systemDelta = float64(v.CPUStats.SystemUsage) - float64(previousSystem) + onlineCPUs = float64(v.CPUStats.OnlineCPUs) ) + if onlineCPUs == 0.0 { + onlineCPUs = float64(len(v.CPUStats.CPUUsage.PercpuUsage)) + } if systemDelta > 0.0 && cpuDelta > 0.0 { - cpuPercent = (cpuDelta / systemDelta) * float64(len(v.CPUStats.CPUUsage.PercpuUsage)) * 100.0 + cpuPercent = (cpuDelta / systemDelta) * onlineCPUs * 100.0 } return cpuPercent }
  33. Download patch containerd/runtime/container_solaris.go

    --- 1.13.1~ds2-3/containerd/runtime/container_solaris.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/runtime/container_solaris.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,48 @@ +package runtime + +import ( + "bytes" + "encoding/json" + "fmt" + "os/exec" + "strings" + + "github.com/docker/containerd/specs" + ocs "github.com/opencontainers/runtime-spec/specs-go" +) + +func getRootIDs(s *specs.Spec) (int, int, error) { + return 0, 0, nil +} + +func (c *container) OOM() (OOM, error) { + return nil, nil +} + +func (c *container) Pids() ([]int, error) { + var pids []int + + // TODO: This could be racy. Needs more investigation. + //we get this information from runz state + cmd := exec.Command(c.runtime, "state", c.id) + outBuf, errBuf := new(bytes.Buffer), new(bytes.Buffer) + cmd.Stdout, cmd.Stderr = outBuf, errBuf + + if err := cmd.Run(); err != nil { + if strings.Contains(errBuf.String(), "Container not found") { + return nil, errContainerNotFound + } + return nil, fmt.Errorf("Error is: %+v\n", err) + } + response := ocs.State{} + decoder := json.NewDecoder(outBuf) + if err := decoder.Decode(&response); err != nil { + return nil, fmt.Errorf("unable to decode json response: %+v", err) + } + pids = append(pids, response.Pid) + return pids, nil +} + +func (c *container) UpdateResources(r *Resource) error { + return nil +}
  34. Download patch containerd/Makefile

    --- 1.13.1~ds2-3/containerd/Makefile 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/Makefile 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,103 @@ +BUILDTAGS= + +PROJECT=github.com/docker/containerd + +GIT_COMMIT := $(shell git rev-parse HEAD 2> /dev/null || true) +GIT_BRANCH := $(shell git rev-parse --abbrev-ref HEAD 2> /dev/null) + +LDFLAGS := -X github.com/docker/containerd.GitCommit=${GIT_COMMIT} ${LDFLAGS} + +TEST_TIMEOUT ?= 5m +TEST_SUITE_TIMEOUT ?= 10m + +RUNTIME ?= runc + +# if this session isn't interactive, then we don't want to allocate a +# TTY, which would fail, but if it is interactive, we do want to attach +# so that the user can send e.g. ^C through. +INTERACTIVE := $(shell [ -t 0 ] && echo 1 || echo 0) +ifeq ($(INTERACTIVE), 1) + DOCKER_FLAGS += -t +endif + +TESTBENCH_ARTIFACTS_DIR := output/test-artifacts +TESTBENCH_BUNDLE_DIR := $(TESTBENCH_ARTIFACTS_DIR)/archives + +DOCKER_IMAGE := containerd-dev$(if $(GIT_BRANCH),:$(GIT_BRANCH)) +DOCKER_RUN := docker run --privileged --rm -i $(DOCKER_FLAGS) "$(DOCKER_IMAGE)" + + +export GOPATH:=$(CURDIR)/vendor:$(GOPATH) + +all: client daemon shim + +static: client-static daemon-static shim-static + +bin: + mkdir -p bin/ + +clean: + rm -rf bin && rm -rf output + +client: bin + cd ctr && go build -ldflags "${LDFLAGS}" -o ../bin/ctr + +client-static: + cd ctr && go build -ldflags "-w -extldflags -static ${LDFLAGS}" -tags "$(BUILDTAGS)" -o ../bin/ctr + +daemon: bin + cd containerd && go build -ldflags "${LDFLAGS}" -tags "$(BUILDTAGS)" -o ../bin/containerd + +daemon-static: + cd containerd && go build -ldflags "-w -extldflags -static ${LDFLAGS}" -tags "$(BUILDTAGS)" -o ../bin/containerd + +shim: bin + cd containerd-shim && go build -tags "$(BUILDTAGS)" -ldflags "-w ${LDFLAGS}" -o ../bin/containerd-shim + +shim-static: + cd containerd-shim && go build -ldflags "-w -extldflags -static ${LDFLAGS}" -tags "$(BUILDTAGS)" -o ../bin/containerd-shim + +$(TESTBENCH_BUNDLE_DIR)/busybox.tar: + mkdir -p $(TESTBENCH_BUNDLE_DIR) + curl -sSL 'https://github.com/jpetazzo/docker-busybox/raw/buildroot-2014.11/rootfs.tar' -o $(TESTBENCH_BUNDLE_DIR)/busybox.tar + +bundles-rootfs: $(TESTBENCH_BUNDLE_DIR)/busybox.tar + +dbuild: $(TESTBENCH_BUNDLE_DIR)/busybox.tar + @docker build --rm --force-rm -t "$(DOCKER_IMAGE)" . + +dtest: dbuild + $(DOCKER_RUN) make test + +dbench: dbuild + $(DOCKER_RUN) make bench + +install: + cp bin/* /usr/local/bin/ + +protoc: + protoc -I ./api/grpc/types ./api/grpc/types/api.proto --go_out=plugins=grpc:api/grpc/types + +fmt: + @gofmt -s -l . | grep -v vendor | grep -v .pb. | tee /dev/stderr + +lint: + @hack/validate-lint + +shell: dbuild + $(DOCKER_RUN) bash + +test: validate install bundles-rootfs + go test -bench=. -v $(shell go list ./... | grep -v /vendor | grep -v /integration-test ) -runtime=$(RUNTIME) +ifneq ($(wildcard /.dockerenv), ) + cd integration-test ; \ +go test -check.v -check.timeout=$(TEST_TIMEOUT) $(TESTFLAGS) timeout=$(TEST_SUITE_TIMEOUT) github.com/docker/containerd/integration-test +endif + +bench: shim validate install bundles-rootfs + go test -bench=. -v $(shell go list ./... | grep -v /vendor | grep -v /integration-test) -runtime=$(RUNTIME) + +validate: fmt lint + +uninstall: + $(foreach file,containerd containerd-shim ctr,rm /usr/local/bin/$(file);)
  35. Download patch cli/command/formatter/container_test.go

    --- 1.13.1~ds2-3/cli/command/formatter/container_test.go 2017-11-15 04:19:40.000000000 +0000 +++ 17.03.2-0ubuntu1/cli/command/formatter/container_test.go 2017-06-01 21:14:48.000000000 +0000 @@ -54,8 +54,8 @@ func TestContainerPsContext(t *testing.T {types.Container{Created: unix}, true, time.Unix(unix, 0).String(), createdAtHeader, ctx.CreatedAt}, {types.Container{Ports: []types.Port{{PrivatePort: 8080, PublicPort: 8080, Type: "tcp"}}}, true, "8080/tcp", portsHeader, ctx.Ports}, {types.Container{Status: "RUNNING"}, true, "RUNNING", statusHeader, ctx.Status}, - {types.Container{SizeRw: 10}, true, "10B", sizeHeader, ctx.Size}, - {types.Container{SizeRw: 10, SizeRootFs: 20}, true, "10B (virtual 20B)", sizeHeader, ctx.Size}, + {types.Container{SizeRw: 10}, true, "10 B", sizeHeader, ctx.Size}, + {types.Container{SizeRw: 10, SizeRootFs: 20}, true, "10 B (virtual 20 B)", sizeHeader, ctx.Size}, {types.Container{}, true, "", labelsHeader, ctx.Labels}, {types.Container{Labels: map[string]string{"cpu": "6", "storage": "ssd"}}, true, "cpu=6,storage=ssd", labelsHeader, ctx.Labels}, {types.Container{Created: unix}, true, "About a minute", runningForHeader, ctx.RunningFor}, @@ -160,8 +160,8 @@ func TestContainerContextWrite(t *testin { Context{Format: NewContainerFormat("table", false, true)}, `CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES SIZE -containerID1 ubuntu "" 24 hours ago foobar_baz 0B -containerID2 ubuntu "" 24 hours ago foobar_bar 0B +containerID1 ubuntu "" 24 hours ago foobar_baz 0 B +containerID2 ubuntu "" 24 hours ago foobar_bar 0 B `, }, { @@ -220,7 +220,7 @@ status: names: foobar_baz labels: ports: -size: 0B +size: 0 B container_id: containerID2 image: ubuntu @@ -230,7 +230,7 @@ status: names: foobar_bar labels: ports: -size: 0B +size: 0 B `, expectedTime, expectedTime), }, @@ -333,8 +333,8 @@ func TestContainerContextWriteJSON(t *te } expectedCreated := time.Unix(unix, 0).String() expectedJSONs := []map[string]interface{}{ - {"Command": "\"\"", "CreatedAt": expectedCreated, "ID": "containerID1", "Image": "ubuntu", "Labels": "", "LocalVolumes": "0", "Mounts": "", "Names": "foobar_baz", "Networks": "", "Ports": "", "RunningFor": "About a minute", "Size": "0B", "Status": ""}, - {"Command": "\"\"", "CreatedAt": expectedCreated, "ID": "containerID2", "Image": "ubuntu", "Labels": "", "LocalVolumes": "0", "Mounts": "", "Names": "foobar_bar", "Networks": "", "Ports": "", "RunningFor": "About a minute", "Size": "0B", "Status": ""}, + {"Command": "\"\"", "CreatedAt": expectedCreated, "ID": "containerID1", "Image": "ubuntu", "Labels": "", "LocalVolumes": "0", "Mounts": "", "Names": "foobar_baz", "Networks": "", "Ports": "", "RunningFor": "About a minute", "Size": "0 B", "Status": ""}, + {"Command": "\"\"", "CreatedAt": expectedCreated, "ID": "containerID2", "Image": "ubuntu", "Labels": "", "LocalVolumes": "0", "Mounts": "", "Names": "foobar_bar", "Networks": "", "Ports": "", "RunningFor": "About a minute", "Size": "0 B", "Status": ""}, } out := bytes.NewBufferString("") err := ContainerWrite(Context{Format: "{{json .}}", Output: out}, containers)
  36. Download patch containerd/hack/vendor.sh

    --- 1.13.1~ds2-3/containerd/hack/vendor.sh 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/hack/vendor.sh 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,38 @@ +#!/usr/bin/env bash +set -e + +rm -rf vendor/ +source 'hack/.vendor-helpers.sh' + +clone git github.com/Sirupsen/logrus 4b6ea7319e214d98c938f12692336f7ca9348d6b +clone git github.com/cloudfoundry/gosigar 3ed7c74352dae6dc00bdc8c74045375352e3ec05 +clone git github.com/codegangsta/cli 9fec0fad02befc9209347cc6d620e68e1b45f74d +clone git github.com/coreos/go-systemd 7b2428fec40033549c68f54e26e89e7ca9a9ce31 +clone git github.com/cyberdelia/go-metrics-graphite 7e54b5c2aa6eaff4286c44129c3def899dff528c +clone git github.com/docker/docker 2f6e3b0ba027b558adabd41344fee59db4441011 +clone git github.com/docker/go-units 5d2041e26a699eaca682e2ea41c8f891e1060444 +clone git github.com/godbus/dbus e2cf28118e66a6a63db46cf6088a35d2054d3bb0 +clone git github.com/golang/glog 23def4e6c14b4da8ac2ed8007337bc5eb5007998 +clone git github.com/golang/protobuf 1f49d83d9aa00e6ce4fc8258c71cc7786aec968a +clone git github.com/opencontainers/runc 51371867a01c467f08af739783b8beafc154c4d7 https://github.com/docker/runc.git +clone git github.com/opencontainers/runtime-spec 1c7c27d043c2a5e513a44084d2b10d77d1402b8c +clone git github.com/rcrowley/go-metrics eeba7bd0dd01ace6e690fa833b3f22aaec29af43 +clone git github.com/satori/go.uuid f9ab0dce87d815821e221626b772e3475a0d2749 +clone git github.com/syndtr/gocapability 2c00daeb6c3b45114c80ac44119e7b8801fdd852 +clone git github.com/vishvananda/netlink adb0f53af689dd38f1443eba79489feaacf0b22e +clone git github.com/Azure/go-ansiterm 70b2c90b260171e829f1ebd7c17f600c11858dbe +clone git golang.org/x/net 991d3e32f76f19ee6d9caadb3a22eae8d23315f7 https://github.com/golang/net.git +clone git golang.org/x/sys d4feaf1a7e61e1d9e79e6c4e76c6349e9cab0a03 https://github.com/golang/sys.git +clone git google.golang.org/grpc v1.0.1-GA https://github.com/grpc/grpc-go.git +clone git github.com/seccomp/libseccomp-golang 1b506fc7c24eec5a3693cdcbed40d9c226cfc6a1 +clone git github.com/tonistiigi/fifo b45391ebcd3d282404092c04a2b015b37df12383 +clone git github.com/pkg/errors 839d9e913e063e28dfd0e6c7b7512793e0a48be9 + +clone git github.com/vdemeester/shakers 24d7f1d6a71aa5d9cbe7390e4afb66b7eef9e1b3 +clone git github.com/go-check/check a625211d932a2a643d0d17352095f03fb7774663 https://github.com/cpuguy83/check.git + +# dependencies of docker/pkg/listeners +clone git github.com/docker/go-connections v0.2.0 +clone git github.com/Microsoft/go-winio v0.3.2 + +clean
  37. Download patch builder/tarsum_test.go

    --- 1.13.1~ds2-3/builder/tarsum_test.go 2017-11-15 04:19:40.000000000 +0000 +++ 17.03.2-0ubuntu1/builder/tarsum_test.go 2017-11-15 04:19:39.000000000 +0000 @@ -193,7 +193,10 @@ func TestRemoveDirectory(t *testing.T) { } func TestMakeTarSumContext(t *testing.T) { - t.Skip("DM - skipping privileged test") + if testing.Short() { + t.Skip("Skipping privileged test in short mode") + } + contextDir, cleanup := createTestTempDir(t, "", "builder-tarsum-test") defer cleanup()
  38. Download patch containerd/docs/bundle-changes.md

    --- 1.13.1~ds2-3/containerd/docs/bundle-changes.md 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/docs/bundle-changes.md 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,12 @@ +# containerd changes to the bundle + +Containerd will make changes to the container's bundle by adding additional files or folders by default with +options to change the output. + +The current change that it makes is if you create a checkpoint of a container, the checkpoints will be saved +by default in the container bundle at `{bundle}/checkpoints/{checkpoint name}`. +A user can also populate this directory and provide the checkpoint name on the create request so that the container is started from this checkpoint. + + +As of this point, containerd has no other additions to the bundle. +Runtime state is currently stored in a tmpfs filesystem like `/run`.
  39. Download patch cli/compose/template/template_test.go

    --- 1.13.1~ds2-3/cli/compose/template/template_test.go 2017-11-15 04:19:40.000000000 +0000 +++ 17.03.2-0ubuntu1/cli/compose/template/template_test.go 2017-06-01 21:14:48.000000000 +0000 @@ -18,7 +18,7 @@ func defaultMapping(name string) (string func TestEscaped(t *testing.T) { result, err := Substitute("$${foo}", defaultMapping) - assert.Nil(t, err) + assert.NoError(t, err) assert.Equal(t, "${foo}", result) } @@ -43,7 +43,7 @@ func TestInvalid(t *testing.T) { func TestNoValueNoDefault(t *testing.T) { for _, template := range []string{"This ${missing} var", "This ${BAR} var"} { result, err := Substitute(template, defaultMapping) - assert.Nil(t, err) + assert.NoError(t, err) assert.Equal(t, "This var", result) } } @@ -51,7 +51,7 @@ func TestNoValueNoDefault(t *testing.T) func TestValueNoDefault(t *testing.T) { for _, template := range []string{"This $FOO var", "This ${FOO} var"} { result, err := Substitute(template, defaultMapping) - assert.Nil(t, err) + assert.NoError(t, err) assert.Equal(t, "This first var", result) } } @@ -59,25 +59,25 @@ func TestValueNoDefault(t *testing.T) { func TestNoValueWithDefault(t *testing.T) { for _, template := range []string{"ok ${missing:-def}", "ok ${missing-def}"} { result, err := Substitute(template, defaultMapping) - assert.Nil(t, err) + assert.NoError(t, err) assert.Equal(t, "ok def", result) } } func TestEmptyValueWithSoftDefault(t *testing.T) { result, err := Substitute("ok ${BAR:-def}", defaultMapping) - assert.Nil(t, err) + assert.NoError(t, err) assert.Equal(t, "ok def", result) } func TestEmptyValueWithHardDefault(t *testing.T) { result, err := Substitute("ok ${BAR-def}", defaultMapping) - assert.Nil(t, err) + assert.NoError(t, err) assert.Equal(t, "ok ", result) } func TestNonAlphanumericDefault(t *testing.T) { result, err := Substitute("ok ${BAR:-/non:-alphanumeric}", defaultMapping) - assert.Nil(t, err) + assert.NoError(t, err) assert.Equal(t, "ok /non:-alphanumeric", result) }
  40. Download patch containerd/MAINTAINERS

    --- 1.13.1~ds2-3/containerd/MAINTAINERS 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/MAINTAINERS 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,41 @@ +# Containerd maintainers file +# +# This file describes who runs the docker/containerd project and how. +# This is a living document - if you see something out of date or missing, speak up! +# +# It is structured to be consumable by both humans and programs. +# To extract its contents programmatically, use any TOML-compliant parser. +# +# This file is compiled into the MAINTAINERS file in docker/opensource. +# +[Org] + [Org."Core maintainers"] + people = [ + "crosbymichael", + "tonistiigi", + "mlaventure", + ] + +[people] + +# A reference list of all people associated with the project. +# All other sections should refer to people by their canonical key +# in the people section. + + # ADD YOURSELF HERE IN ALPHABETICAL ORDER + + [people.crosbymichael] + Name = "Michael Crosby" + Email = "crosbymichael@gmail.com" + GitHub = "crosbymichael" + + [people.tonistiigi] + Name = "Tõnis Tiigi" + Email = "tonis@docker.com" + GitHub = "tonistiigi" + + [people.mlaventure] + Name = "Kenfe-Mickaël Laventure" + Email = "mickael.laventure@docker.com" + GitHub = "mlaventure" +
  41. Download patch containerd/Dockerfile

    --- 1.13.1~ds2-3/containerd/Dockerfile 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/Dockerfile 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,70 @@ +FROM debian:jessie + +# allow replacing httpredir mirror +ARG APT_MIRROR=httpredir.debian.org +RUN sed -i s/httpredir.debian.org/$APT_MIRROR/g /etc/apt/sources.list + +RUN apt-get update && apt-get install -y \ + build-essential \ + ca-certificates \ + curl \ + git \ + make \ + jq \ + pkg-config \ + apparmor \ + libapparmor-dev \ + --no-install-recommends \ + && rm -rf /var/lib/apt/lists/* + +# Install Go +ENV GO_VERSION 1.7.1 +RUN curl -sSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar -v -C /usr/local -xz +ENV PATH /go/bin:/usr/local/go/bin:$PATH +ENV GOPATH /go:/go/src/github.com/docker/containerd/vendor + +ENV GO_TOOLS_COMMIT 823804e1ae08dbb14eb807afc7db9993bc9e3cc3 +# Grab Go's cover tool for dead-simple code coverage testing +# Grab Go's vet tool for examining go code to find suspicious constructs +# and help prevent errors that the compiler might not catch +RUN git clone https://github.com/golang/tools.git /go/src/golang.org/x/tools \ + && (cd /go/src/golang.org/x/tools && git checkout -q $GO_TOOLS_COMMIT) \ + && go install -v golang.org/x/tools/cmd/cover \ + && go install -v golang.org/x/tools/cmd/vet +# Grab Go's lint tool +ENV GO_LINT_COMMIT 32a87160691b3c96046c0c678fe57c5bef761456 +RUN git clone https://github.com/golang/lint.git /go/src/github.com/golang/lint \ + && (cd /go/src/github.com/golang/lint && git checkout -q $GO_LINT_COMMIT) \ + && go install -v github.com/golang/lint/golint + +WORKDIR /go/src/github.com/docker/containerd + +# install seccomp: the version shipped in trusty is too old +ENV SECCOMP_VERSION 2.3.1 +RUN set -x \ + && export SECCOMP_PATH="$(mktemp -d)" \ + && curl -fsSL "https://github.com/seccomp/libseccomp/releases/download/v${SECCOMP_VERSION}/libseccomp-${SECCOMP_VERSION}.tar.gz" \ + | tar -xzC "$SECCOMP_PATH" --strip-components=1 \ + && ( \ + cd "$SECCOMP_PATH" \ + && ./configure --prefix=/usr/local \ + && make \ + && make install \ + && ldconfig \ + ) \ + && rm -rf "$SECCOMP_PATH" + +# Install runc +ENV RUNC_COMMIT 51371867a01c467f08af739783b8beafc154c4d7 +RUN set -x \ + && export GOPATH="$(mktemp -d)" \ + && git clone git://github.com/docker/runc.git "$GOPATH/src/github.com/opencontainers/runc" \ + && cd "$GOPATH/src/github.com/opencontainers/runc" \ + && git checkout -q "$RUNC_COMMIT" \ + && make BUILDTAGS="seccomp apparmor selinux" && make install + +COPY . /go/src/github.com/docker/containerd + +WORKDIR /go/src/github.com/docker/containerd + +RUN make all install
  42. Download patch containerd/containerd/main.go
  43. Download patch api/types/stats.go

    --- 1.13.1~ds2-3/api/types/stats.go 2017-02-08 05:58:41.000000000 +0000 +++ 17.03.2-0ubuntu1/api/types/stats.go 2017-06-01 21:14:48.000000000 +0000 @@ -47,6 +47,9 @@ type CPUStats struct { // System Usage. Linux only. SystemUsage uint64 `json:"system_cpu_usage,omitempty"` + // Online CPUs. Linux only. + OnlineCPUs uint32 `json:"online_cpus,omitempty"` + // Throttling Data. Linux only. ThrottlingData ThrottlingData `json:"throttling_data,omitempty"` }
  44. Download patch containerd/osutils/reaper.go

    --- 1.13.1~ds2-3/containerd/osutils/reaper.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/osutils/reaper.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,51 @@ +// +build !windows + +package osutils + +import "syscall" + +// Exit is the wait4 information from an exited process +type Exit struct { + Pid int + Status int +} + +// Reap reaps all child processes for the calling process and returns their +// exit information +func Reap(wait bool) (exits []Exit, err error) { + var ( + ws syscall.WaitStatus + rus syscall.Rusage + ) + flag := syscall.WNOHANG + if wait { + flag = 0 + } + for { + pid, err := syscall.Wait4(-1, &ws, flag, &rus) + if err != nil { + if err == syscall.ECHILD { + return exits, nil + } + return exits, err + } + if pid <= 0 { + return exits, nil + } + exits = append(exits, Exit{ + Pid: pid, + Status: exitStatus(ws), + }) + } +} + +const exitSignalOffset = 128 + +// exitStatus returns the correct exit status for a process based on if it +// was signaled or exited cleanly +func exitStatus(status syscall.WaitStatus) int { + if status.Signaled() { + return exitSignalOffset + int(status.Signal()) + } + return status.ExitStatus() +}
  45. Download patch containerd/runtime/process.go
  46. Download patch containerd/integration-test/events_test.go

    --- 1.13.1~ds2-3/containerd/integration-test/events_test.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/integration-test/events_test.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,63 @@ +package main + +import ( + "fmt" + "time" + + "github.com/docker/containerd/api/grpc/types" + "github.com/docker/docker/pkg/integration/checker" + "github.com/go-check/check" +) + +func (cs *ContainerdSuite) TestEventsId(t *check.C) { + if err := CreateBusyboxBundle("busybox-ls", []string{"ls"}); err != nil { + t.Fatal(err) + } + + from := time.Now() + + for i := 0; i < 10; i++ { + _, err := cs.RunContainer(fmt.Sprintf("ls-%d", i), "busybox-ls") + if err != nil { + t.Fatal(err) + } + } + + containerID := "ls-4" + + events, err := cs.Events(from, true, containerID) + if err != nil { + t.Fatal(err) + } + + evs := []*types.Event{} + for { + e, err := events.Recv() + if err != nil { + if err.Error() == "EOF" { + break + } + t.Fatal(err) + } + evs = append(evs, e) + } + + t.Assert(len(evs), checker.Equals, 2) + for idx, evt := range []types.Event{ + { + Type: "start-container", + Id: containerID, + Status: 0, + Pid: "", + }, + { + Type: "exit", + Id: containerID, + Status: 0, + Pid: "init", + }, + } { + evt.Timestamp = evs[idx].Timestamp + t.Assert(*evs[idx], checker.Equals, evt) + } +}
  47. Download patch containerd/integration-test/bundle_utils_test.go

    --- 1.13.1~ds2-3/containerd/integration-test/bundle_utils_test.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/integration-test/bundle_utils_test.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,130 @@ +package main + +import ( + "encoding/json" + "fmt" + "os" + "os/exec" + "path/filepath" + "reflect" + "runtime" + + utils "github.com/docker/containerd/testutils" + ocs "github.com/opencontainers/runtime-spec/specs-go" +) + +type OciProcessArgs struct { + Cmd string + Args []string +} + +type Bundle struct { + Source string + Name string + Spec ocs.Spec + Path string +} + +var bundleMap map[string]Bundle + +// untarRootfs untars the given `source` tarPath into `destination/rootfs` +func untarRootfs(source string, destination string) error { + var tar *exec.Cmd + if runtime.GOOS == "solaris" { + destination = filepath.Join(destination, "/rootfs/root") + tar = exec.Command("gtar", "-C", destination, "-xf", source) + } else { + destination = filepath.Join(destination, "rootfs") + tar = exec.Command("tar", "-C", destination, "-xf", source) + } + + if err := os.MkdirAll(destination, 0755); err != nil { + return nil + } + return tar.Run() +} + +// CreateBundleWithFilter generate a new oci-bundle named `name` from +// the provide `source` rootfs. It starts from the default spec +// generated by `runc spec`, overrides the `spec.Process.Args` value +// with `args` and set `spec.Process.Terminal` to false. It then apply +// `filter()` to the resulting spec if it is provided. +func CreateBundleWithFilter(source, name string, args []string, filter func(spec *ocs.Spec)) error { + // Generate the spec + var spec ocs.Spec + f, err := os.Open(utils.RefOciSpecsPath) + if err != nil { + return fmt.Errorf("Failed to open default spec: %v", err) + } + if err := json.NewDecoder(f).Decode(&spec); err != nil { + return fmt.Errorf("Failed to load default spec: %v", err) + } + f.Close() + + spec.Process.Args = args + spec.Process.Terminal = false + if filter != nil { + filter(&spec) + } + + bundlePath := filepath.Join(utils.BundlesRoot, name) + nb := Bundle{source, name, spec, bundlePath} + + // Check that we don't already have such a bundle + if b, ok := bundleMap[name]; ok { + if reflect.DeepEqual(b, nb) == false { + return fmt.Errorf("A bundle name named '%s' already exist but with different properties! %#v != %#v", + name, b, nb) + } + return nil + } + + // Nothing should be there, but just in case + os.RemoveAll(bundlePath) + + var sourceStr string + if runtime.GOOS == "solaris" { + sourceStr = source + ".tar.gz" + } else { + sourceStr = source + ".tar" + } + + if err := untarRootfs(filepath.Join(utils.ArchivesDir, sourceStr), bundlePath); err != nil { + return fmt.Errorf("Failed to untar %s.tar: %v", source, err) + } + + // create a place for the io fifo + if err := os.Mkdir(filepath.Join(bundlePath, "io"), 0755); err != nil { + return fmt.Errorf("Failed to create bundle io directory: %v", err) + } + + // Write the updated spec to the right location + config, e := os.Create(filepath.Join(bundlePath, "config.json")) + if e != nil { + return fmt.Errorf("Failed to create oci spec: %v", e) + } + defer config.Close() + + if err := json.NewEncoder(config).Encode(&spec); err != nil { + return fmt.Errorf("Failed to encore oci spec: %v", e) + } + + bundleMap[name] = nb + return nil +} + +func GetBundle(name string) *Bundle { + bundle, ok := bundleMap[name] + if !ok { + return nil + } + return &bundle +} + +func CreateBusyboxBundle(name string, args []string) error { + return CreateBundleWithFilter("busybox", name, args, nil) +} + +func CreateSolarisBundle(name string, args []string) error { + return CreateBundleWithFilter("rootfs", name, args, nil) +}
  48. Download patch builder/tarsum.go

    --- 1.13.1~ds2-3/builder/tarsum.go 2017-02-08 05:58:41.000000000 +0000 +++ 17.03.2-0ubuntu1/builder/tarsum.go 2017-06-01 21:14:48.000000000 +0000 @@ -104,7 +104,8 @@ func MakeTarSumContext(tarStream io.Read return nil, err } - if err := chrootarchive.Untar(sum, root, nil); err != nil { + err = chrootarchive.Untar(sum, root, nil) + if err != nil { return nil, err }
  49. Download patch containerd/hack/containerd.service

    --- 1.13.1~ds2-3/containerd/hack/containerd.service 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/hack/containerd.service 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,11 @@ +[Unit] +Description=containerd +Documentation=https://containerd.tools +After=network.target + +[Service] +ExecStart=/usr/local/bin/containerd +Delegate=yes + +[Install] +WantedBy=multi-user.target
  50. Download patch containerd/archutils/epoll.go

    --- 1.13.1~ds2-3/containerd/archutils/epoll.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/archutils/epoll.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,22 @@ +// +build linux,!arm64 + +package archutils + +import ( + "syscall" +) + +// EpollCreate1 directly calls syscall.EpollCreate1 +func EpollCreate1(flag int) (int, error) { + return syscall.EpollCreate1(flag) +} + +// EpollCtl directly calls syscall.EpollCtl +func EpollCtl(epfd int, op int, fd int, event *syscall.EpollEvent) error { + return syscall.EpollCtl(epfd, op, fd, event) +} + +// EpollWait directly calls syscall.EpollWait +func EpollWait(epfd int, events []syscall.EpollEvent, msec int) (int, error) { + return syscall.EpollWait(epfd, events, msec) +}
  51. Download patch cmd/dockerd/daemon_linux.go

    --- 1.13.1~ds2-3/cmd/dockerd/daemon_linux.go 2017-11-15 04:19:40.000000000 +0000 +++ 17.03.2-0ubuntu1/cmd/dockerd/daemon_linux.go 2017-06-01 21:14:48.000000000 +0000 @@ -7,5 +7,5 @@ import systemdDaemon "github.com/coreos/ // notifySystem sends a message to the host when the server is ready to be used func notifySystem() { // Tell the init daemon we are accepting requests - go systemdDaemon.SdNotify(false, "READY=1") + go systemdDaemon.SdNotify("READY=1") }
  52. Download patch containerd/archutils/epoll_arm64.go

    --- 1.13.1~ds2-3/containerd/archutils/epoll_arm64.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/archutils/epoll_arm64.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,73 @@ +// +build linux,arm64 + +package archutils + +// #include <sys/epoll.h> +/* +int EpollCreate1(int flag) { + return epoll_create1(flag); +} + +int EpollCtl(int efd, int op,int sfd, int events, int fd) { + struct epoll_event event; + event.events = events; + event.data.fd = fd; + + return epoll_ctl(efd, op, sfd, &event); +} + +struct event_t { + uint32_t events; + int fd; +}; + +struct epoll_event events[128]; +int run_epoll_wait(int fd, struct event_t *event) { + int n, i; + n = epoll_wait(fd, events, 128, -1); + for (i = 0; i < n; i++) { + event[i].events = events[i].events; + event[i].fd = events[i].data.fd; + } + return n; +} +*/ +import "C" + +import ( + "fmt" + "syscall" + "unsafe" +) + +// EpollCreate1 calls a C implementation +func EpollCreate1(flag int) (int, error) { + fd := int(C.EpollCreate1(C.int(flag))) + if fd < 0 { + return fd, fmt.Errorf("failed to create epoll, errno is %d", fd) + } + return fd, nil +} + +// EpollCtl calls a C implementation +func EpollCtl(epfd int, op int, fd int, event *syscall.EpollEvent) error { + errno := C.EpollCtl(C.int(epfd), C.int(syscall.EPOLL_CTL_ADD), C.int(fd), C.int(event.Events), C.int(event.Fd)) + if errno < 0 { + return fmt.Errorf("Failed to ctl epoll") + } + return nil +} + +// EpollWait calls a C implementation +func EpollWait(epfd int, events []syscall.EpollEvent, msec int) (int, error) { + var c_events [128]C.struct_event_t + n := int(C.run_epoll_wait(C.int(epfd), (*C.struct_event_t)(unsafe.Pointer(&c_events)))) + if n < 0 { + return int(n), fmt.Errorf("Failed to wait epoll") + } + for i := 0; i < n; i++ { + events[i].Fd = int32(c_events[i].fd) + events[i].Events = uint32(c_events[i].events) + } + return int(n), nil +}
  53. Download patch containerd/osutils/prctl.go

    --- 1.13.1~ds2-3/containerd/osutils/prctl.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/osutils/prctl.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,48 @@ +// +build linux + +// Package osutils provide access to the Get Child and Set Child prctl +// flags. +// See http://man7.org/linux/man-pages/man2/prctl.2.html +package osutils + +import ( + "syscall" + "unsafe" +) + +// PR_SET_CHILD_SUBREAPER allows setting the child subreaper. +// If arg2 is nonzero, set the "child subreaper" attribute of the +// calling process; if arg2 is zero, unset the attribute. When a +// process is marked as a child subreaper, all of the children +// that it creates, and their descendants, will be marked as +// having a subreaper. In effect, a subreaper fulfills the role +// of init(1) for its descendant processes. Upon termination of +// a process that is orphaned (i.e., its immediate parent has +// already terminated) and marked as having a subreaper, the +// nearest still living ancestor subreaper will receive a SIGCHLD +// signal and be able to wait(2) on the process to discover its +// termination status. +const prSetChildSubreaper = 36 + +// PR_GET_CHILD_SUBREAPER allows retrieving the current child +// subreaper. +// Return the "child subreaper" setting of the caller, in the +// location pointed to by (int *) arg2. +const prGetChildSubreaper = 37 + +// GetSubreaper returns the subreaper setting for the calling process +func GetSubreaper() (int, error) { + var i uintptr + if _, _, err := syscall.RawSyscall(syscall.SYS_PRCTL, prGetChildSubreaper, uintptr(unsafe.Pointer(&i)), 0); err != 0 { + return -1, err + } + return int(i), nil +} + +// SetSubreaper sets the value i as the subreaper setting for the calling process +func SetSubreaper(i int) error { + if _, _, err := syscall.RawSyscall(syscall.SYS_PRCTL, prSetChildSubreaper, uintptr(i), 0); err != 0 { + return err + } + return nil +}
  54. Download patch containerd/containerd-shim/process.go
  55. Download patch containerd/ctr/Makefile

    --- 1.13.1~ds2-3/containerd/ctr/Makefile 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/ctr/Makefile 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,2 @@ +all: + go build
  56. Download patch containerd/LICENSE.code

    --- 1.13.1~ds2-3/containerd/LICENSE.code 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/LICENSE.code 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,191 @@ + + Apache License + Version 2.0, January 2004 + https://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + Copyright 2013-2016 Docker, Inc. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + https://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License.
  57. Download patch CHANGELOG.md

    --- 1.13.1~ds2-3/CHANGELOG.md 2017-02-08 05:58:41.000000000 +0000 +++ 17.03.2-0ubuntu1/CHANGELOG.md 2017-06-01 21:14:48.000000000 +0000 @@ -5,6 +5,106 @@ information on the list of deprecated fl https://docs.docker.com/engine/deprecated/ where target removal dates can also be found. +## 17.03.2-ce (2017-05-29) + +### Networking + +- Fix a concurrency issue preventing network creation [#33273](https://github.com/moby/moby/pull/33273) + +### Runtime + +- Relabel secrets path to avoid a Permission Denied on selinux enabled systems [#33236](https://github.com/moby/moby/pull/33236) (ref [#32529](https://github.com/moby/moby/pull/32529) +- Fix cases where local volume were not properly relabeled if needed [#33236](https://github.com/moby/moby/pull/33236) (ref [#29428](https://github.com/moby/moby/pull/29428)) +- Fix an issue while upgrading if a plugin rootfs was still mounted [#33236](https://github.com/moby/moby/pull/33236) (ref [#32525](https://github.com/moby/moby/pull/32525)) +- Fix an issue where volume wouldn't default to the `rprivate` propagation mode [#33236](https://github.com/moby/moby/pull/33236) (ref [#32851](https://github.com/moby/moby/pull/32851)) +- Fix a panic that could occur when a volume driver could not be retrieved [#33236](https://github.com/moby/moby/pull/33236) (ref [#32347](https://github.com/moby/moby/pull/32347)) ++ Add a warning in `docker info` when the `overlay` or `overlay2` graphdriver is used on a filesystem without `d_type` support [#33236](https://github.com/moby/moby/pull/33236) (ref [#31290](https://github.com/moby/moby/pull/31290)) +- Fix an issue with backporting mount spec to older volumes [#33207](https://github.com/moby/moby/pull/33207) +- Fix issue where a failed unmount can lead to data loss on local volume remove [#33120](https://github.com/moby/moby/pull/33120) + +### Swarm Mode + +- Fix a case where tasks could get killed unexpectedly [#33118](https://github.com/moby/moby/pull/33118) +- Fix an issue preventing to deploy services if the registry cannot be reached despite the needed images being locally present [#33117](https://github.com/moby/moby/pull/33117) + +## 17.03.1-ce (2017-03-27) + +### Remote API (v1.27) & Client + +* Fix autoremove on older api [#31692](https://github.com/docker/docker/pull/31692) +* Fix default network customization for a stack [#31258](https://github.com/docker/docker/pull/31258/) +* Correct CPU usage calculation in presence of offline CPUs and newer Linux [#31802](https://github.com/docker/docker/pull/31802) +* Fix issue where service healthcheck is `{}` in remote API [#30197](https://github.com/docker/docker/pull/30197) + +### Runtime + +* Update runc to 54296cf40ad8143b62dbcaa1d90e520a2136ddfe [#31666](https://github.com/docker/docker/pull/31666) + * Ignore cgroup2 mountpoints [opencontainers/runc#1266](https://github.com/opencontainers/runc/pull/1266) +* Update containerd to 4ab9917febca54791c5f071a9d1f404867857fcc [#31662](https://github.com/docker/docker/pull/31662) [#31852](https://github.com/docker/docker/pull/31852) + * Register healtcheck service before calling restore() [docker/containerd#609](https://github.com/docker/containerd/pull/609) +* Fix `docker exec` not working after unattended upgrades that reload apparmor profiles [#31773](https://github.com/docker/docker/pull/31773) +* Fix unmounting layer without merge dir with Overlay2 [#31069](https://github.com/docker/docker/pull/31069) +* Do not ignore "volume in use" errors when force-delete [#31450](https://github.com/docker/docker/pull/31450) + +### Swarm Mode + +* Update swarmkit to 17756457ad6dc4d8a639a1f0b7a85d1b65a617bb [#31807](https://github.com/docker/docker/pull/31807) + * Scheduler now correctly considers tasks which have been assigned to a node but aren't yet running [docker/swarmkit#1980](https://github.com/docker/swarmkit/pull/1980) + * Allow removal of a network when only dead tasks reference it [docker/swarmkit#2018](https://github.com/docker/swarmkit/pull/2018) + * Retry failed network allocations less aggressively [docker/swarmkit#2021](https://github.com/docker/swarmkit/pull/2021) + * Avoid network allocation for tasks that are no longer running [docker/swarmkit#2017](https://github.com/docker/swarmkit/pull/2017) + * Bookkeeping fixes inside network allocator allocator [docker/swarmkit#2019](https://github.com/docker/swarmkit/pull/2019) [docker/swarmkit#2020](https://github.com/docker/swarmkit/pull/2020) +* Avoid timing out service create or update when a registry is slow to respond [#31861](https://github.com/docker/docker/pull/31861) + +### Windows + +* Cleanup HCS on restore [#31503](https://github.com/docker/docker/pull/31503) + +## 17.03.0-ce (2017-03-01) + +**IMPORTANT**: Starting with this release, Docker is on a monthly release cycle and uses a +new YY.MM versioning scheme to reflect this. Two channels are available: monthly and quarterly. +Any given monthly release will only receive security and bugfixes until the next monthly +release is available. Quarterly releases receive security and bugfixes for 4 months after +initial release. This release includes bugfixes for 1.13.1 but +there are no major feature additions and the API version stays the same. +Upgrading from Docker 1.13.1 to 17.03.0 is expected to be simple and low-risk. + +### Client + +* Fix panic in `docker stats --format` [#30776](https://github.com/docker/docker/pull/30776) + +### Contrib + +* Update various `bash` and `zsh` completion scripts [#30823](https://github.com/docker/docker/pull/30823), [#30945](https://github.com/docker/docker/pull/30945) and more... +* Block obsolete socket families in default seccomp profile - mitigates unpatched kernels' CVE-2017-6074 [#29076](https://github.com/docker/docker/pull/29076) + +### Networking + +* Fix bug on overlay encryption keys rotation in cross-datacenter swarm [#30727](https://github.com/docker/docker/pull/30727) +* Fix side effect panic in overlay encryption and network control plane communication failure ("No installed keys could decrypt the message") on frequent swarm leader re-election [#25608](https://github.com/docker/docker/pull/25608) +* Several fixes around system responsiveness and datapath programming when using overlay network with external kv-store [docker/libnetwork#1639](https://github.com/docker/libnetwork/pull/1639), [docker/libnetwork#1632](https://github.com/docker/libnetwork/pull/1632) and more... +* Discard incoming plain vxlan packets for encrypted overlay network [#31170](https://github.com/docker/docker/pull/31170) +* Release the network attachment on allocation failure [#31073](https://github.com/docker/docker/pull/31073) +* Fix port allocation when multiple published ports map to the same target port [docker/swarmkit#1835](https://github.com/docker/swarmkit/pull/1835) + +### Runtime + +* Fix a deadlock in docker logs [#30223](https://github.com/docker/docker/pull/30223) +* Fix cpu spin waiting for log write events [#31070](https://github.com/docker/docker/pull/31070) +* Fix a possible crash when using journald [#31231](https://github.com/docker/docker/pull/31231) [#31263](https://github.com/docker/docker/pull/31263) +* Fix a panic on close of nil channel [#31274](https://github.com/docker/docker/pull/31274) +* Fix duplicate mount point for `--volumes-from` in `docker run` [#29563](https://github.com/docker/docker/pull/29563) +* Fix `--cache-from` does not cache last step [#31189](https://github.com/docker/docker/pull/31189) + +### Swarm Mode + +* Shutdown leaks an error when the container was never started [#31279](https://github.com/docker/docker/pull/31279) +* Fix possibility of tasks getting stuck in the "NEW" state during a leader failover [docker/swarmkit#1938](https://github.com/docker/swarmkit/pull/1938) +* Fix extraneous task creations for global services that led to confusing replica counts in `docker service ls` [docker/swarmkit#1957](https://github.com/docker/swarmkit/pull/1957) +* Fix problem that made rolling updates slow when `task-history-limit` was set to 1 [docker/swarmkit#1948](https://github.com/docker/swarmkit/pull/1948) +* Restart tasks elsewhere, if appropriate, when they are shut down as a result of nodes no longer satisfying constraints [docker/swarmkit#1958](https://github.com/docker/swarmkit/pull/1958) + ## 1.13.1 (2017-02-08) **IMPORTANT**: On Linux distributions where `devicemapper` was the default storage driver, @@ -1434,7 +1534,7 @@ that allows to add build-time environmen - devicemapper: Implement deferred deletion capability (#16381) -## Networking +### Networking + `docker network` exits experimental and is part of standard release (#16645) + New network top-level concept, with associated subcommands and API (#16645)
  58. Download patch containerd/runtime/process_linux.go

    --- 1.13.1~ds2-3/containerd/runtime/process_linux.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/runtime/process_linux.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,22 @@ +// +build linux + +package runtime + +import ( + "io/ioutil" + "path/filepath" + "strconv" +) + +func (p *process) getPidFromFile() (int, error) { + data, err := ioutil.ReadFile(filepath.Join(p.root, "pid")) + if err != nil { + return -1, err + } + i, err := strconv.Atoi(string(data)) + if err != nil { + return -1, errInvalidPidInt + } + p.pid = i + return i, nil +}
  59. Download patch containerd/ctr/events.go

    --- 1.13.1~ds2-3/containerd/ctr/events.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/ctr/events.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,63 @@ +package main + +import ( + "fmt" + "os" + "text/tabwriter" + "time" + + "github.com/codegangsta/cli" + "github.com/docker/containerd/api/grpc/types" + "github.com/golang/protobuf/ptypes" + netcontext "golang.org/x/net/context" +) + +var eventsCommand = cli.Command{ + Name: "events", + Usage: "receive events from the containerd daemon", + Flags: []cli.Flag{ + cli.StringFlag{ + Name: "timestamp,t", + Usage: "get events from a specific time stamp in RFC3339Nano format", + }, + }, + Action: func(context *cli.Context) { + var ( + t = time.Time{} + c = getClient(context) + ) + if ts := context.String("timestamp"); ts != "" { + from, err := time.Parse(time.RFC3339Nano, ts) + if err != nil { + fatal(err.Error(), 1) + } + t = from + } + tsp, err := ptypes.TimestampProto(t) + if err != nil { + fatal(err.Error(), 1) + } + events, err := c.Events(netcontext.Background(), &types.EventsRequest{ + Timestamp: tsp, + }) + if err != nil { + fatal(err.Error(), 1) + } + w := tabwriter.NewWriter(os.Stdout, 31, 1, 1, ' ', 0) + fmt.Fprint(w, "TIME\tTYPE\tID\tPID\tSTATUS\n") + w.Flush() + for { + e, err := events.Recv() + if err != nil { + fatal(err.Error(), 1) + } + t, err := ptypes.Timestamp(e.Timestamp) + if err != nil { + fmt.Fprintf(os.Stderr, "Unable to convert timestamp") + t = time.Time{} + } + fmt.Fprintf(w, "%s\t%s\t%s\t%s\t%d\n", t.Format(time.RFC3339Nano), e.Type, e.Id, e.Pid, e.Status) + w.Flush() + } + }, +}
  60. Download patch containerd/containerd/main_solaris.go

    --- 1.13.1~ds2-3/containerd/containerd/main_solaris.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/containerd/main_solaris.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,4 @@ +package main + +func processMetrics() { +}
  61. Download patch containerd/docs/attach.md

    --- 1.13.1~ds2-3/containerd/docs/attach.md 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/docs/attach.md 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,36 @@ +# Attaching to STDIO or TTY + +The model for STDIO, TTY, and logging is a little different in containerd. +Because of the various methods that consumers want on the logging side these types of decisions +are pushed to the client. +Containerd API is developed for access on a single host therefore many things like paths on the host system are acceptable in the API. +For the STDIO model the client requesting to start a container provides the paths for the IO. + +## Logging + +If no options are specified on create all STDIO of the processes launched by containerd will be sent to `/dev/null`. +If you want containerd to send the STDIO of the processes to a file, you can pass paths to the files in the create container method defined by this proto in the stdin, stdout, and stderr fields: + +```proto +message CreateContainerRequest { + string id = 1; // ID of container + string bundlePath = 2; // path to OCI bundle + string stdin = 3; // path to the file where stdin will be read (optional) + string stdout = 4; // path to file where stdout will be written (optional) + string stderr = 5; // path to file where stderr will be written (optional) + string console = 6; // path to the console for a container (optional) + string checkpoint = 7; // checkpoint name if you want to create immediate checkpoint (optional) +} +``` + +## Attach + +In order to have attach like functionality for your containers you use the same API request but named pipes or fifos can be used to achieve this type of functionality. +The default CLI for containerd does this if you specify the `--attach` flag on `create` or `start`. +It will create fifos for each of the containers stdio which the CLI can read and write to. +This can be used to create an interactive session with the container, `bash` for example, or to have a blocking way to collect the container's STDIO and forward it to your logging facilities. + +## TTY + +The tty model is the same as above only the client creates a pty and provides to other side to containerd in the create request in the `console` field. +Containerd will provide the pty to the container to use and the session can be opened with the container after it starts.
  62. Download patch containerd/CONTRIBUTING.md

    --- 1.13.1~ds2-3/containerd/CONTRIBUTING.md 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/CONTRIBUTING.md 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,55 @@ +# Contributing + +## Sign your work + +The sign-off is a simple line at the end of the explanation for the patch. Your +signature certifies that you wrote the patch or otherwise have the right to pass +it on as an open-source patch. The rules are pretty simple: if you can certify +the below (from [developercertificate.org](http://developercertificate.org/)): + +``` +Developer Certificate of Origin +Version 1.1 + +Copyright (C) 2004, 2006 The Linux Foundation and its contributors. +660 York Street, Suite 102, +San Francisco, CA 94110 USA + +Everyone is permitted to copy and distribute verbatim copies of this +license document, but changing it is not allowed. + +Developer's Certificate of Origin 1.1 + +By making a contribution to this project, I certify that: + +(a) The contribution was created in whole or in part by me and I + have the right to submit it under the open source license + indicated in the file; or + +(b) The contribution is based upon previous work that, to the best + of my knowledge, is covered under an appropriate open source + license and I have the right under that license to submit that + work with modifications, whether created in whole or in part + by me, under the same open source license (unless I am + permitted to submit under a different license), as indicated + in the file; or + +(c) The contribution was provided directly to me by some other + person who certified (a), (b) or (c) and I have not modified + it. + +(d) I understand and agree that this project and the contribution + are public and that a record of the contribution (including all + personal information I submit with it, including my sign-off) is + maintained indefinitely and may be redistributed consistent with + this project or the open source license(s) involved. +``` + +Then you just add a line to every git commit message: + + Signed-off-by: Joe Smith <joe.smith@email.com> + +Use your real name (sorry, no pseudonyms or anonymous contributions.) + +If you set your `user.name` and `user.email` git configs, you can sign your +commit automatically with `git commit -s`.
  63. Download patch cli/compose/types/types.go

    --- 1.13.1~ds2-3/cli/compose/types/types.go 2017-02-08 05:58:41.000000000 +0000 +++ 17.03.2-0ubuntu1/cli/compose/types/types.go 2017-06-01 21:14:48.000000000 +0000 @@ -199,7 +199,7 @@ type ServiceSecretConfig struct { Target string UID string GID string - Mode uint32 + Mode *uint32 } // UlimitsConfig the ulimit configuration
  64. Download patch containerd/api/grpc/server/server_solaris.go

    --- 1.13.1~ds2-3/containerd/api/grpc/server/server_solaris.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/api/grpc/server/server_solaris.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,41 @@ +package server + +import ( + "fmt" + + "github.com/docker/containerd/api/grpc/types" + "github.com/docker/containerd/specs" + "github.com/docker/containerd/supervisor" + "golang.org/x/net/context" +) + +var clockTicksPerSecond uint64 + +func (s *apiServer) AddProcess(ctx context.Context, r *types.AddProcessRequest) (*types.AddProcessResponse, error) { + process := &specs.ProcessSpec{ + Terminal: r.Terminal, + Args: r.Args, + Env: r.Env, + Cwd: r.Cwd, + } + if r.Id == "" { + return nil, fmt.Errorf("container id cannot be empty") + } + if r.Pid == "" { + return nil, fmt.Errorf("process id cannot be empty") + } + e := &supervisor.AddProcessTask{} + e.ID = r.Id + e.PID = r.Pid + e.ProcessSpec = process + e.Stdin = r.Stdin + e.Stdout = r.Stdout + e.Stderr = r.Stderr + e.StartResponse = make(chan supervisor.StartResponse, 1) + s.sv.SendTask(e) + if err := <-e.ErrorCh(); err != nil { + return nil, err + } + <-e.StartResponse + return &types.AddProcessResponse{}, nil +}
  65. Download patch cli/command/formatter/image_test.go

    --- 1.13.1~ds2-3/cli/command/formatter/image_test.go 2017-11-15 04:19:40.000000000 +0000 +++ 17.03.2-0ubuntu1/cli/command/formatter/image_test.go 2017-06-01 21:14:48.000000000 +0000 @@ -34,7 +34,7 @@ func TestImageContext(t *testing.T) { {imageContext{ i: types.ImageSummary{Size: 10, VirtualSize: 10}, trunc: true, - }, "10B", sizeHeader, ctx.Size}, + }, "10 B", sizeHeader, ctx.Size}, {imageContext{ i: types.ImageSummary{Created: unix}, trunc: true, @@ -109,9 +109,9 @@ func TestImageContextWrite(t *testing.T) }, }, `REPOSITORY TAG IMAGE ID CREATED SIZE -image tag1 imageID1 24 hours ago 0B -image tag2 imageID2 24 hours ago 0B -<none> <none> imageID3 24 hours ago 0B +image tag1 imageID1 24 hours ago 0 B +image tag2 imageID2 24 hours ago 0 B +<none> <none> imageID3 24 hours ago 0 B `, }, { @@ -159,9 +159,9 @@ image <none> Digest: true, }, `REPOSITORY TAG DIGEST IMAGE ID CREATED SIZE -image tag1 sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf imageID1 24 hours ago 0B -image tag2 <none> imageID2 24 hours ago 0B -<none> <none> <none> imageID3 24 hours ago 0B +image tag1 sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf imageID1 24 hours ago 0 B +image tag2 <none> imageID2 24 hours ago 0 B +<none> <none> <none> imageID3 24 hours ago 0 B `, }, { @@ -184,19 +184,19 @@ image tag2 tag: tag1 image_id: imageID1 created_at: %s -virtual_size: 0B +virtual_size: 0 B repository: image tag: tag2 image_id: imageID2 created_at: %s -virtual_size: 0B +virtual_size: 0 B repository: <none> tag: <none> image_id: imageID3 created_at: %s -virtual_size: 0B +virtual_size: 0 B `, expectedTime, expectedTime, expectedTime), }, @@ -212,21 +212,21 @@ tag: tag1 digest: sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf image_id: imageID1 created_at: %s -virtual_size: 0B +virtual_size: 0 B repository: image tag: tag2 digest: <none> image_id: imageID2 created_at: %s -virtual_size: 0B +virtual_size: 0 B repository: <none> tag: <none> digest: <none> image_id: imageID3 created_at: %s -virtual_size: 0B +virtual_size: 0 B `, expectedTime, expectedTime, expectedTime), },
  66. Download patch containerd/integration-test/start_linux_test.go
  67. Download patch containerd/api/grpc/types/api.proto
  68. Download patch containerd/containerd-shim/main.go

    --- 1.13.1~ds2-3/containerd/containerd-shim/main.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/containerd-shim/main.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,164 @@ +package main + +import ( + "flag" + "fmt" + "os" + "os/signal" + "path/filepath" + "runtime" + "syscall" + + "github.com/docker/containerd/osutils" + "github.com/docker/docker/pkg/term" +) + +func writeMessage(f *os.File, level string, err error) { + fmt.Fprintf(f, `{"level": "%s","msg": "%s"}`, level, err) +} + +type controlMessage struct { + Type int + Width int + Height int +} + +// containerd-shim is a small shim that sits in front of a runtime implementation +// that allows it to be repartented to init and handle reattach from the caller. +// +// the cwd of the shim should be the path to the state directory where the shim +// can locate fifos and other information. +// Arg0: id of the container +// Arg1: bundle path +// Arg2: runtime binary +func main() { + flag.Parse() + cwd, err := os.Getwd() + if err != nil { + panic(err) + } + f, err := os.OpenFile(filepath.Join(cwd, "shim-log.json"), os.O_CREATE|os.O_WRONLY|os.O_APPEND|os.O_SYNC, 0666) + if err != nil { + panic(err) + } + if err := start(f); err != nil { + // this means that the runtime failed starting the container and will have the + // proper error messages in the runtime log so we should to treat this as a + // shim failure because the sim executed properly + if err == errRuntime { + f.Close() + return + } + // log the error instead of writing to stderr because the shim will have + // /dev/null as it's stdio because it is supposed to be reparented to system + // init and will not have anyone to read from it + writeMessage(f, "error", err) + f.Close() + os.Exit(1) + } +} + +func start(log *os.File) error { + // start handling signals as soon as possible so that things are properly reaped + // or if runtime exits before we hit the handler + signals := make(chan os.Signal, 2048) + signal.Notify(signals) + // set the shim as the subreaper for all orphaned processes created by the container + if err := osutils.SetSubreaper(1); err != nil { + return err + } + // open the exit pipe + f, err := os.OpenFile("exit", syscall.O_WRONLY, 0) + if err != nil { + return err + } + defer f.Close() + control, err := os.OpenFile("control", syscall.O_RDWR, 0) + if err != nil { + return err + } + defer control.Close() + p, err := newProcess(flag.Arg(0), flag.Arg(1), flag.Arg(2)) + if err != nil { + return err + } + defer func() { + if err := p.Close(); err != nil { + writeMessage(log, "warn", err) + } + }() + if err := p.create(); err != nil { + p.delete() + return err + } + msgC := make(chan controlMessage, 32) + go func() { + for { + var m controlMessage + if _, err := fmt.Fscanf(control, "%d %d %d\n", &m.Type, &m.Width, &m.Height); err != nil { + continue + } + msgC <- m + } + }() + if runtime.GOOS == "solaris" { + return nil + } + var exitShim bool + for { + select { + case s := <-signals: + switch s { + case syscall.SIGCHLD: + exits, _ := osutils.Reap(false) + for _, e := range exits { + // check to see if runtime is one of the processes that has exited + if e.Pid == p.pid() { + exitShim = true + writeInt("exitStatus", e.Status) + } + } + } + // runtime has exited so the shim can also exit + if exitShim { + // kill all processes in the container incase it was not running in + // its own PID namespace + p.killAll() + // wait for all the processes and IO to finish + p.Wait() + // delete the container from the runtime + p.delete() + // the close of the exit fifo will happen when the shim exits + return nil + } + case msg := <-msgC: + switch msg.Type { + case 0: + // close stdin + if p.stdinCloser != nil { + p.stdinCloser.Close() + } + case 1: + if p.console == nil { + continue + } + ws := term.Winsize{ + Width: uint16(msg.Width), + Height: uint16(msg.Height), + } + term.SetWinsize(p.console.Fd(), &ws) + } + } + } + return nil +} + +func writeInt(path string, i int) error { + f, err := os.Create(path) + if err != nil { + return err + } + defer f.Close() + _, err = fmt.Fprintf(f, "%d", i) + return err +}
  69. Download patch containerd/ctr/container.go
  70. Download patch containerd/containerd-shim/console_solaris.go

    --- 1.13.1~ds2-3/containerd/containerd-shim/console_solaris.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/containerd-shim/console_solaris.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,14 @@ +// +build solaris + +package main + +import ( + "errors" + "os" +) + +// NewConsole returns an initalized console that can be used within a container by copying bytes +// from the master side to the slave that is attached as the tty for the container's init process. +func newConsole(uid, gid int) (*os.File, string, error) { + return nil, "", errors.New("newConsole not implemented on Solaris") +}
  71. Download patch cli/compose/convert/service_test.go

    --- 1.13.1~ds2-3/cli/compose/convert/service_test.go 2017-02-08 05:58:41.000000000 +0000 +++ 17.03.2-0ubuntu1/cli/compose/convert/service_test.go 2017-06-01 21:14:48.000000000 +0000 @@ -145,10 +145,9 @@ func TestConvertHealthcheckDisableWithTe func TestConvertServiceNetworksOnlyDefault(t *testing.T) { networkConfigs := networkMap{} - networks := map[string]*composetypes.ServiceNetworkConfig{} configs, err := convertServiceNetworks( - networks, networkConfigs, NewNamespace("foo"), "service") + nil, networkConfigs, NewNamespace("foo"), "service") expected := []swarm.NetworkAttachmentConfig{ { @@ -201,6 +200,31 @@ func TestConvertServiceNetworks(t *testi assert.DeepEqual(t, []swarm.NetworkAttachmentConfig(sortedConfigs), expected) } +func TestConvertServiceNetworksCustomDefault(t *testing.T) { + networkConfigs := networkMap{ + "default": composetypes.NetworkConfig{ + External: composetypes.External{ + External: true, + Name: "custom", + }, + }, + } + networks := map[string]*composetypes.ServiceNetworkConfig{} + + configs, err := convertServiceNetworks( + networks, networkConfigs, NewNamespace("foo"), "service") + + expected := []swarm.NetworkAttachmentConfig{ + { + Target: "custom", + Aliases: []string{"service"}, + }, + } + + assert.NilError(t, err) + assert.DeepEqual(t, []swarm.NetworkAttachmentConfig(configs), expected) +} + type byTargetSort []swarm.NetworkAttachmentConfig func (s byTargetSort) Len() int {
  72. Download patch containerd/README.md

    --- 1.13.1~ds2-3/containerd/README.md 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/README.md 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,72 @@ +# containerd + +containerd is a daemon to control runC, built for performance and density. +containerd leverages runC's advanced features such as seccomp and user namespace support as well +as checkpoint and restore for cloning and live migration of containers. + +## Getting started + +The easiest way to start using containerd is to download binaries from the [releases page](https://github.com/docker/containerd/releases). + +The included `ctr` command-line tool allows you interact with the containerd daemon: + +``` +$ sudo ctr containers start redis /containers/redis +$ sudo ctr containers list +ID PATH STATUS PROCESSES +redis /containers/redis running 14063 +``` + +`/containers/redis` is the path to an OCI bundle. [See the docs for more information.](docs/bundle.md) + +## Docs + + * [Client CLI reference (`ctr`)](docs/cli.md) + * [Daemon CLI reference (`containerd`)](docs/daemon.md) + * [Creating OCI bundles](docs/bundle.md) + * [containerd changes to the bundle](docs/bundle-changes.md) + * [Attaching to STDIO or TTY](docs/attach.md) + * [Telemetry and metrics](docs/telemetry.md) + +All documentation is contained in the `/docs` directory in this repository. + +## Building + +You will need to make sure that you have Go installed on your system and the containerd repository is cloned +in your `$GOPATH`. You will also need to make sure that you have all the dependencies cloned as well. +Currently, contributing to containerd is not for the first time devs as many dependencies are not vendored and +work is being completed at a high rate. + +After that just run `make` and the binaries for the daemon and client will be localed in the `bin/` directory. + +## Performance + +Starting 1000 containers concurrently runs at 126-140 containers per second. + +Overall start times: + +``` +[containerd] 2015/12/04 15:00:54 count: 1000 +[containerd] 2015/12/04 14:59:54 min: 23ms +[containerd] 2015/12/04 14:59:54 max: 355ms +[containerd] 2015/12/04 14:59:54 mean: 78ms +[containerd] 2015/12/04 14:59:54 stddev: 34ms +[containerd] 2015/12/04 14:59:54 median: 73ms +[containerd] 2015/12/04 14:59:54 75%: 91ms +[containerd] 2015/12/04 14:59:54 95%: 123ms +[containerd] 2015/12/04 14:59:54 99%: 287ms +[containerd] 2015/12/04 14:59:54 99.9%: 355ms +``` + +## Roadmap + +The current roadmap and milestones for alpha and beta completion are in the github issues on this repository. Please refer to these issues for what is being worked on and completed for the various stages of development. + +## Copyright and license + +Copyright © 2016 Docker, Inc. All rights reserved, except as follows. Code +is released under the Apache 2.0 license. The README.md file, and files in the +"docs" folder are licensed under the Creative Commons Attribution 4.0 +International License under the terms and conditions set forth in the file +"LICENSE.docs". You may obtain a duplicate copy of the same license, titled +CC-BY-SA-4.0, at http://creativecommons.org/licenses/by/4.0/.
  73. Download patch containerd/ctr/const.go

    --- 1.13.1~ds2-3/containerd/ctr/const.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/ctr/const.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,12 @@ +package main + +// ctr wide constants +const ( + // ExitStatusOK indicates successful completion + ExitStatusOK = 0 + + // ExitStatusMissingArg indicates failure due to missing argument(s) + ExitStatusMissingArg = 1 + // ExitStatusUnsupported indicates failure due to unsupported subcommand(s) + ExitStatusUnsupported = 2 +)
  74. Download patch builder/dockerfile/internals_test.go

    --- 1.13.1~ds2-3/builder/dockerfile/internals_test.go 2017-11-15 04:19:40.000000000 +0000 +++ 17.03.2-0ubuntu1/builder/dockerfile/internals_test.go 2017-11-15 04:19:39.000000000 +0000 @@ -11,7 +11,10 @@ import ( ) func TestEmptyDockerfile(t *testing.T) { - t.Skip("DM - skipping privileged test") + if testing.Short() { + t.Skip("Skipping privileged test in short mode") + } + contextDir, cleanup := createTestTempDir(t, "", "builder-dockerfile-test") defer cleanup() @@ -21,7 +24,6 @@ func TestEmptyDockerfile(t *testing.T) { } func TestSymlinkDockerfile(t *testing.T) { - t.Skip("DM - skipping privileged test") contextDir, cleanup := createTestTempDir(t, "", "builder-dockerfile-test") defer cleanup() @@ -37,7 +39,10 @@ func TestSymlinkDockerfile(t *testing.T) } func TestDockerfileOutsideTheBuildContext(t *testing.T) { - t.Skip("DM - skipping privileged test") + if testing.Short() { + t.Skip("Skipping privileged test in short mode") + } + contextDir, cleanup := createTestTempDir(t, "", "builder-dockerfile-test") defer cleanup() @@ -47,7 +52,6 @@ func TestDockerfileOutsideTheBuildContex } func TestNonExistingDockerfile(t *testing.T) { - t.Skip("DM - skipping privileged test") contextDir, cleanup := createTestTempDir(t, "", "builder-dockerfile-test") defer cleanup() @@ -57,6 +61,10 @@ func TestNonExistingDockerfile(t *testin } func readAndCheckDockerfile(t *testing.T, testName, contextDir, dockerfilePath, expectedError string) { + if testing.Short() { + t.Skip("Skipping privileged test in short mode") + } + tarStream, err := archive.Tar(contextDir, archive.Uncompressed) if err != nil {
  75. Download patch AUTHORS
  76. Download patch containerd/runtime/container.go
  77. Download patch containerd/osutils/prctl_solaris.go

    --- 1.13.1~ds2-3/containerd/osutils/prctl_solaris.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/osutils/prctl_solaris.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,19 @@ +// +build solaris + +package osutils + +import ( + "errors" +) + +//Solaris TODO + +// GetSubreaper returns the subreaper setting for the calling process +func GetSubreaper() (int, error) { + return 0, errors.New("osutils GetSubreaper not implemented on Solaris") +} + +// SetSubreaper sets the value i as the subreaper setting for the calling process +func SetSubreaper(i int) error { + return nil +}
  78. Download patch containerd/api/grpc/server/server.go
  79. Download patch cli/command/container/diff.go

    --- 1.13.1~ds2-3/cli/command/container/diff.go 2017-02-08 05:58:41.000000000 +0000 +++ 17.03.2-0ubuntu1/cli/command/container/diff.go 2017-06-01 21:14:48.000000000 +0000 @@ -21,7 +21,7 @@ func NewDiffCommand(dockerCli *command.D return &cobra.Command{ Use: "diff CONTAINER", - Short: "Inspect changes on a container's filesystem", + Short: "Inspect changes to files or directories on a container's filesystem", Args: cli.ExactArgs(1), RunE: func(cmd *cobra.Command, args []string) error { opts.container = args[0]
  80. Download patch cmd/dockerd/daemon.go

    --- 1.13.1~ds2-3/cmd/dockerd/daemon.go 2017-02-08 05:58:41.000000000 +0000 +++ 17.03.2-0ubuntu1/cmd/dockerd/daemon.go 2017-06-01 21:14:48.000000000 +0000 @@ -433,7 +433,7 @@ func loadDaemonCliConfig(opts daemonOpti // This is deprecated in 1.13, and, be removed after 3 release cycles. // The following will check the conflict of labels, and report a warning for deprecation. // - // TODO: After 3 release cycles (1.16) an error will be returned, and labels will be + // TODO: After 3 release cycles (17.12) an error will be returned, and labels will be // sanitized to consolidate duplicate key-value pairs (config.Labels = newLabels): // // newLabels, err := daemon.GetConflictFreeLabels(config.Labels)
  81. Download patch cli/command/service/opts_test.go

    --- 1.13.1~ds2-3/cli/command/service/opts_test.go 2017-11-15 04:19:40.000000000 +0000 +++ 17.03.2-0ubuntu1/cli/command/service/opts_test.go 2017-06-01 21:14:48.000000000 +0000 @@ -12,7 +12,7 @@ import ( func TestMemBytesString(t *testing.T) { var mem memBytes = 1048576 - assert.Equal(t, mem.String(), "1MiB") + assert.Equal(t, mem.String(), "1 MiB") } func TestMemBytesSetAndValue(t *testing.T) {
  82. Download patch builder/remote_test.go

    --- 1.13.1~ds2-3/builder/remote_test.go 2017-11-15 04:19:40.000000000 +0000 +++ 17.03.2-0ubuntu1/builder/remote_test.go 2017-11-15 04:19:39.000000000 +0000 @@ -152,7 +152,10 @@ func TestInspectResponseEmptyContentType } func TestMakeRemoteContext(t *testing.T) { - t.Skip("DM - skipping privileged test") + if testing.Short() { + t.Skip("Skipping privileged test in short mode") + } + contextDir, cleanup := createTestTempDir(t, "", "builder-tarsum-test") defer cleanup()
  83. Download patch api/server/router/swarm/cluster_routes.go

    --- 1.13.1~ds2-3/api/server/router/swarm/cluster_routes.go 2017-02-08 05:58:41.000000000 +0000 +++ 17.03.2-0ubuntu1/api/server/router/swarm/cluster_routes.go 2017-06-01 21:14:48.000000000 +0000 @@ -65,7 +65,8 @@ func (sr *swarmRouter) updateCluster(ctx rawVersion := r.URL.Query().Get("version") version, err := strconv.ParseUint(rawVersion, 10, 64) if err != nil { - return fmt.Errorf("Invalid swarm version '%s': %s", rawVersion, err.Error()) + err := fmt.Errorf("invalid swarm version '%s': %v", rawVersion, err) + return errors.NewBadRequestError(err) } var flags types.UpdateFlags @@ -73,7 +74,8 @@ func (sr *swarmRouter) updateCluster(ctx if value := r.URL.Query().Get("rotateWorkerToken"); value != "" { rot, err := strconv.ParseBool(value) if err != nil { - return fmt.Errorf("invalid value for rotateWorkerToken: %s", value) + err := fmt.Errorf("invalid value for rotateWorkerToken: %s", value) + return errors.NewBadRequestError(err) } flags.RotateWorkerToken = rot @@ -82,7 +84,8 @@ func (sr *swarmRouter) updateCluster(ctx if value := r.URL.Query().Get("rotateManagerToken"); value != "" { rot, err := strconv.ParseBool(value) if err != nil { - return fmt.Errorf("invalid value for rotateManagerToken: %s", value) + err := fmt.Errorf("invalid value for rotateManagerToken: %s", value) + return errors.NewBadRequestError(err) } flags.RotateManagerToken = rot @@ -91,7 +94,7 @@ func (sr *swarmRouter) updateCluster(ctx if value := r.URL.Query().Get("rotateManagerUnlockKey"); value != "" { rot, err := strconv.ParseBool(value) if err != nil { - return fmt.Errorf("invalid value for rotateManagerUnlockKey: %s", value) + return errors.NewBadRequestError(fmt.Errorf("invalid value for rotateManagerUnlockKey: %s", value)) } flags.RotateManagerUnlockKey = rot @@ -184,7 +187,8 @@ func (sr *swarmRouter) updateService(ctx rawVersion := r.URL.Query().Get("version") version, err := strconv.ParseUint(rawVersion, 10, 64) if err != nil { - return fmt.Errorf("Invalid service version '%s': %s", rawVersion, err.Error()) + err := fmt.Errorf("invalid service version '%s': %v", rawVersion, err) + return errors.NewBadRequestError(err) } // Get returns "" if the header does not exist @@ -294,7 +298,8 @@ func (sr *swarmRouter) updateNode(ctx co rawVersion := r.URL.Query().Get("version") version, err := strconv.ParseUint(rawVersion, 10, 64) if err != nil { - return fmt.Errorf("Invalid node version '%s': %s", rawVersion, err.Error()) + err := fmt.Errorf("invalid node version '%s': %v", rawVersion, err) + return errors.NewBadRequestError(err) } if err := sr.backend.UpdateNode(vars["id"], version, node); err != nil {
  84. Download patch containerd/runtime/stats.go

    --- 1.13.1~ds2-3/containerd/runtime/stats.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/runtime/stats.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,87 @@ +package runtime + +import "time" + +// Stat holds a container statistics +type Stat struct { + // Timestamp is the time that the statistics where collected + Timestamp time.Time + CPU CPU `json:"cpu"` + Memory Memory `json:"memory"` + Pids Pids `json:"pids"` + Blkio Blkio `json:"blkio"` + Hugetlb map[string]Hugetlb `json:"hugetlb"` +} + +// Hugetlb holds information regarding a container huge tlb usage +type Hugetlb struct { + Usage uint64 `json:"usage,omitempty"` + Max uint64 `json:"max,omitempty"` + Failcnt uint64 `json:"failcnt"` +} + +// BlkioEntry represents a single record for a Blkio stat +type BlkioEntry struct { + Major uint64 `json:"major,omitempty"` + Minor uint64 `json:"minor,omitempty"` + Op string `json:"op,omitempty"` + Value uint64 `json:"value,omitempty"` +} + +// Blkio regroups all the Blkio related stats +type Blkio struct { + IoServiceBytesRecursive []BlkioEntry `json:"ioServiceBytesRecursive,omitempty"` + IoServicedRecursive []BlkioEntry `json:"ioServicedRecursive,omitempty"` + IoQueuedRecursive []BlkioEntry `json:"ioQueueRecursive,omitempty"` + IoServiceTimeRecursive []BlkioEntry `json:"ioServiceTimeRecursive,omitempty"` + IoWaitTimeRecursive []BlkioEntry `json:"ioWaitTimeRecursive,omitempty"` + IoMergedRecursive []BlkioEntry `json:"ioMergedRecursive,omitempty"` + IoTimeRecursive []BlkioEntry `json:"ioTimeRecursive,omitempty"` + SectorsRecursive []BlkioEntry `json:"sectorsRecursive,omitempty"` +} + +// Pids holds the stat of the pid usage of the machine +type Pids struct { + Current uint64 `json:"current,omitempty"` + Limit uint64 `json:"limit,omitempty"` +} + +// Throttling holds a cpu throttling information +type Throttling struct { + Periods uint64 `json:"periods,omitempty"` + ThrottledPeriods uint64 `json:"throttledPeriods,omitempty"` + ThrottledTime uint64 `json:"throttledTime,omitempty"` +} + +// CPUUsage holds information regarding cpu usage +type CPUUsage struct { + // Units: nanoseconds. + Total uint64 `json:"total,omitempty"` + Percpu []uint64 `json:"percpu,omitempty"` + Kernel uint64 `json:"kernel"` + User uint64 `json:"user"` +} + +// CPU regroups both a CPU usage and throttling information +type CPU struct { + Usage CPUUsage `json:"usage,omitempty"` + Throttling Throttling `json:"throttling,omitempty"` +} + +// MemoryEntry regroups statistic about a given type of memory +type MemoryEntry struct { + Limit uint64 `json:"limit"` + Usage uint64 `json:"usage,omitempty"` + Max uint64 `json:"max,omitempty"` + Failcnt uint64 `json:"failcnt"` +} + +// Memory holds information regarding the different type of memories available +type Memory struct { + Cache uint64 `json:"cache,omitempty"` + Usage MemoryEntry `json:"usage,omitempty"` + Swap MemoryEntry `json:"swap,omitempty"` + Kernel MemoryEntry `json:"kernel,omitempty"` + KernelTCP MemoryEntry `json:"kernelTCP,omitempty"` + Raw map[string]uint64 `json:"raw,omitempty"` +}
  85. Download patch containerd/integration-test/exec_test.go
  86. Download patch containerd/ctr/main.go

    --- 1.13.1~ds2-3/containerd/ctr/main.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/ctr/main.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,90 @@ +package main + +import ( + "fmt" + "os" + "time" + + netcontext "golang.org/x/net/context" + + "github.com/Sirupsen/logrus" + "github.com/codegangsta/cli" + "github.com/docker/containerd" + "github.com/docker/containerd/api/grpc/types" +) + +const usage = `High performance container daemon cli` + +type exit struct { + Code int +} + +func main() { + // We want our defer functions to be run when calling fatal() + defer func() { + if e := recover(); e != nil { + if ex, ok := e.(exit); ok == true { + os.Exit(ex.Code) + } + panic(e) + } + }() + app := cli.NewApp() + app.Name = "ctr" + if containerd.GitCommit != "" { + app.Version = fmt.Sprintf("%s commit: %s", containerd.Version, containerd.GitCommit) + } else { + app.Version = containerd.Version + } + app.Usage = usage + app.Flags = []cli.Flag{ + cli.BoolFlag{ + Name: "debug", + Usage: "enable debug output in the logs", + }, + cli.StringFlag{ + Name: "address", + Value: "unix:///run/containerd/containerd.sock", + Usage: "proto://address of GRPC API", + }, + cli.DurationFlag{ + Name: "conn-timeout", + Value: 1 * time.Second, + Usage: "GRPC connection timeout", + }, + } + app.Commands = []cli.Command{ + checkpointCommand, + containersCommand, + eventsCommand, + stateCommand, + versionCommand, + } + app.Before = func(context *cli.Context) error { + if context.GlobalBool("debug") { + logrus.SetLevel(logrus.DebugLevel) + } + return nil + } + if err := app.Run(os.Args); err != nil { + logrus.Fatal(err) + } +} + +var versionCommand = cli.Command{ + Name: "version", + Usage: "return the daemon version", + Action: func(context *cli.Context) { + c := getClient(context) + resp, err := c.GetServerVersion(netcontext.Background(), &types.GetServerVersionRequest{}) + if err != nil { + fatal(err.Error(), 1) + } + fmt.Printf("daemon version %d.%d.%d commit: %s\n", resp.Major, resp.Minor, resp.Patch, resp.Revision) + }, +} + +func fatal(err string, code int) { + fmt.Fprintf(os.Stderr, "[ctr] %s\n", err) + panic(exit{code}) +}
  87. Download patch builder/dockerfile/evaluator_test.go

    --- 1.13.1~ds2-3/builder/dockerfile/evaluator_test.go 2017-11-15 04:19:40.000000000 +0000 +++ 17.03.2-0ubuntu1/builder/dockerfile/evaluator_test.go 2017-11-15 04:19:39.000000000 +0000 @@ -131,7 +131,10 @@ func initDispatchTestCases() []dispatchT } func TestDispatch(t *testing.T) { - t.Skip("DM - skipping privileged test") + if testing.Short() { + t.Skip("Skipping privileged test in short mode") + } + testCases := initDispatchTestCases() for _, testCase := range testCases {
  88. Download patch containerd/api/grpc/server/server_linux.go

    --- 1.13.1~ds2-3/containerd/api/grpc/server/server_linux.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/api/grpc/server/server_linux.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,60 @@ +package server + +import ( + "fmt" + + "github.com/docker/containerd/api/grpc/types" + "github.com/docker/containerd/specs" + "github.com/docker/containerd/supervisor" + "github.com/opencontainers/runc/libcontainer/system" + ocs "github.com/opencontainers/runtime-spec/specs-go" + "golang.org/x/net/context" +) + +var clockTicksPerSecond = uint64(system.GetClockTicks()) + +func (s *apiServer) AddProcess(ctx context.Context, r *types.AddProcessRequest) (*types.AddProcessResponse, error) { + process := &specs.ProcessSpec{ + Terminal: r.Terminal, + Args: r.Args, + Env: r.Env, + Cwd: r.Cwd, + } + process.User = ocs.User{ + UID: r.User.Uid, + GID: r.User.Gid, + AdditionalGids: r.User.AdditionalGids, + } + process.Capabilities = r.Capabilities + process.ApparmorProfile = r.ApparmorProfile + process.SelinuxLabel = r.SelinuxLabel + process.NoNewPrivileges = r.NoNewPrivileges + for _, rl := range r.Rlimits { + process.Rlimits = append(process.Rlimits, ocs.Rlimit{ + Type: rl.Type, + Soft: rl.Soft, + Hard: rl.Hard, + }) + } + if r.Id == "" { + return nil, fmt.Errorf("container id cannot be empty") + } + if r.Pid == "" { + return nil, fmt.Errorf("process id cannot be empty") + } + e := &supervisor.AddProcessTask{} + e.ID = r.Id + e.PID = r.Pid + e.ProcessSpec = process + e.Stdin = r.Stdin + e.Stdout = r.Stdout + e.Stderr = r.Stderr + e.StartResponse = make(chan supervisor.StartResponse, 1) + e.Ctx = ctx + s.sv.SendTask(e) + if err := <-e.ErrorCh(); err != nil { + return nil, err + } + sr := <-e.StartResponse + return &types.AddProcessResponse{SystemPid: uint32(sr.ExecPid)}, nil +}
  89. Download patch containerd/hack/.vendor-helpers.sh

    --- 1.13.1~ds2-3/containerd/hack/.vendor-helpers.sh 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/hack/.vendor-helpers.sh 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,111 @@ +#!/usr/bin/env bash + +PROJECT=github.com/docker/containerd + +# Downloads dependencies into vendor/ directory +mkdir -p vendor + +export GOPATH="$GOPATH:${PWD}/vendor" + +find='find' +if [ "$(go env GOHOSTOS)" = 'windows' ]; then + find='/usr/bin/find' +fi + +clone() { + local vcs="$1" + local pkg="$2" + local rev="$3" + local url="$4" + + : ${url:=https://$pkg} + local target="vendor/src/$pkg" + + echo -n "$pkg @ $rev: " + + if [ -d "$target" ]; then + echo -n 'rm old, ' + rm -rf "$target" + fi + + echo -n 'clone, ' + case "$vcs" in + git) + git clone --quiet --no-checkout "$url" "$target" + ( cd "$target" && git checkout --quiet "$rev" && git reset --quiet --hard "$rev" ) + ;; + hg) + hg clone --quiet --updaterev "$rev" "$url" "$target" + ;; + esac + + echo -n 'rm VCS, ' + ( cd "$target" && rm -rf .{git,hg} ) + + echo -n 'rm vendor, ' + ( cd "$target" && rm -rf vendor Godeps/_workspace ) + + echo done +} + +clean() { + local packages=( + "${PROJECT}/containerd" # package main + "${PROJECT}/ctr" # package main + "${PROJECT}/containerd-shim" # package main + "${PROJECT}/integration-test" # package main + ) + local platforms=( linux/amd64 linux/386 windows/amd64 windows/386 darwin/amd64 ) + local buildTagCombos=( + 'libcontainer runc seccomp' + ) + + echo + + echo -n 'collecting import graph, ' + local IFS=$'\n' + local imports=( $( + for platform in "${platforms[@]}"; do + export GOOS="${platform%/*}"; + export GOARCH="${platform##*/}"; + for buildTags in "${buildTagCombos[@]}"; do + go list -e -tags "$buildTags" -f '{{join .Deps "\n"}}' "${packages[@]}" + go list -e -tags "$buildTags" -f '{{join .TestImports "\n"}}' "${packages[@]}" + done + done | grep -vE "^${PROJECT}" | sort -u + ) ) + imports=( $(go list -e -f '{{if not .Standard}}{{.ImportPath}}{{end}}' "${imports[@]}") ) + unset IFS + + echo -n 'pruning unused packages, ' + findArgs=( + # for some reason go list doesn't detect this as a dependency + -path vendor/src/github.com/vdemeester/shakers + ) + for import in "${imports[@]}"; do + [ "${#findArgs[@]}" -eq 0 ] || findArgs+=( -or ) + findArgs+=( -path "vendor/src/$import" ) + done + local IFS=$'\n' + local prune=( $($find vendor -depth -type d -not '(' "${findArgs[@]}" ')') ) + unset IFS + for dir in "${prune[@]}"; do + $find "$dir" -maxdepth 1 -not -type d -not -name 'LICENSE*' -not -name 'COPYING*' -exec rm -v -f '{}' ';' + rmdir "$dir" 2>/dev/null || true + done + + echo -n 'pruning unused files, ' + $find vendor -type f -name '*_test.go' -exec rm -v '{}' ';' + + echo done +} + +# Fix up hard-coded imports that refer to Godeps paths so they'll work with our vendoring +fix_rewritten_imports () { + local pkg="$1" + local remove="${pkg}/Godeps/_workspace/src/" + local target="vendor/src/$pkg" + + echo "$pkg: fixing rewritten imports" + $find "$target" -name \*.go -exec sed -i -e "s|\"${remove}|\"|g" {} \; +}
  90. Download patch containerd/ctr/checkpoint_linux.go

    --- 1.13.1~ds2-3/containerd/ctr/checkpoint_linux.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/ctr/checkpoint_linux.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,165 @@ +package main + +import ( + "fmt" + "os" + "text/tabwriter" + + "github.com/codegangsta/cli" + "github.com/docker/containerd/api/grpc/types" + netcontext "golang.org/x/net/context" +) + +var checkpointSubCmds = []cli.Command{ + listCheckpointCommand, + createCheckpointCommand, + deleteCheckpointCommand, +} + +var checkpointCommand = cli.Command{ + Name: "checkpoints", + Usage: "list all checkpoints", + ArgsUsage: "COMMAND [arguments...]", + Subcommands: checkpointSubCmds, + Description: func() string { + desc := "\n COMMAND:\n" + for _, command := range checkpointSubCmds { + desc += fmt.Sprintf(" %-10.10s%s\n", command.Name, command.Usage) + } + return desc + }(), + Action: listCheckpoints, +} + +var listCheckpointCommand = cli.Command{ + Name: "list", + Usage: "list all checkpoints for a container", + Action: listCheckpoints, + Flags: []cli.Flag{ + cli.StringFlag{ + Name: "checkpoint-dir", + Value: "", + Usage: "path to checkpoint directory", + }, + }, +} + +func listCheckpoints(context *cli.Context) { + var ( + c = getClient(context) + id = context.Args().First() + ) + if id == "" { + fatal("container id cannot be empty", ExitStatusMissingArg) + } + resp, err := c.ListCheckpoint(netcontext.Background(), &types.ListCheckpointRequest{ + Id: id, + CheckpointDir: context.String("checkpoint-dir"), + }) + if err != nil { + fatal(err.Error(), 1) + } + w := tabwriter.NewWriter(os.Stdout, 20, 1, 3, ' ', 0) + fmt.Fprint(w, "NAME\tTCP\tUNIX SOCKETS\tSHELL\n") + for _, c := range resp.Checkpoints { + fmt.Fprintf(w, "%s\t%v\t%v\t%v\n", c.Name, c.Tcp, c.UnixSockets, c.Shell) + } + if err := w.Flush(); err != nil { + fatal(err.Error(), 1) + } +} + +var createCheckpointCommand = cli.Command{ + Name: "create", + Usage: "create a new checkpoint for the container", + Flags: []cli.Flag{ + cli.BoolFlag{ + Name: "tcp", + Usage: "persist open tcp connections", + }, + cli.BoolFlag{ + Name: "unix-sockets", + Usage: "persist unix sockets", + }, + cli.BoolFlag{ + Name: "exit", + Usage: "exit the container after the checkpoint completes successfully", + }, + cli.BoolFlag{ + Name: "shell", + Usage: "checkpoint shell jobs", + }, + cli.StringFlag{ + Name: "checkpoint-dir", + Value: "", + Usage: "directory to store checkpoints", + }, + cli.StringSliceFlag{ + Name: "empty-ns", + Usage: "create a namespace, but don't restore its properties", + }, + }, + Action: func(context *cli.Context) { + var ( + containerID = context.Args().Get(0) + name = context.Args().Get(1) + ) + if containerID == "" { + fatal("container id at cannot be empty", ExitStatusMissingArg) + } + if name == "" { + fatal("checkpoint name cannot be empty", ExitStatusMissingArg) + } + c := getClient(context) + checkpoint := types.Checkpoint{ + Name: name, + Exit: context.Bool("exit"), + Tcp: context.Bool("tcp"), + Shell: context.Bool("shell"), + UnixSockets: context.Bool("unix-sockets"), + } + + emptyNSes := context.StringSlice("empty-ns") + checkpoint.EmptyNS = append(checkpoint.EmptyNS, emptyNSes...) + + if _, err := c.CreateCheckpoint(netcontext.Background(), &types.CreateCheckpointRequest{ + Id: containerID, + CheckpointDir: context.String("checkpoint-dir"), + Checkpoint: &checkpoint, + }); err != nil { + fatal(err.Error(), 1) + } + }, +} + +var deleteCheckpointCommand = cli.Command{ + Name: "delete", + Usage: "delete a container's checkpoint", + Flags: []cli.Flag{ + cli.StringFlag{ + Name: "checkpoint-dir", + Value: "", + Usage: "path to checkpoint directory", + }, + }, + Action: func(context *cli.Context) { + var ( + containerID = context.Args().Get(0) + name = context.Args().Get(1) + ) + if containerID == "" { + fatal("container id at cannot be empty", ExitStatusMissingArg) + } + if name == "" { + fatal("checkpoint name cannot be empty", ExitStatusMissingArg) + } + c := getClient(context) + if _, err := c.DeleteCheckpoint(netcontext.Background(), &types.DeleteCheckpointRequest{ + Id: containerID, + Name: name, + CheckpointDir: context.String("checkpoint-dir"), + }); err != nil { + fatal(err.Error(), 1) + } + }, +}
  91. Download patch cli/command/formatter/stats.go

    --- 1.13.1~ds2-3/cli/command/formatter/stats.go 2017-02-08 05:58:41.000000000 +0000 +++ 17.03.2-0ubuntu1/cli/command/formatter/stats.go 2017-06-01 21:14:48.000000000 +0000 @@ -145,8 +145,10 @@ func (c *containerStatsContext) Containe func (c *containerStatsContext) Name() string { c.AddHeader(nameHeader) - name := c.s.Name[1:] - return name + if len(c.s.Name) > 1 { + return c.s.Name[1:] + } + return "--" } func (c *containerStatsContext) ID() string {
  92. Download patch containerd/containerd-shim/process_solaris.go

    --- 1.13.1~ds2-3/containerd/containerd-shim/process_solaris.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/containerd-shim/process_solaris.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,70 @@ +// +build solaris + +package main + +import ( + "io" + "os" + "syscall" +) + +// setPDeathSig is a no-op on Solaris as Pdeathsig is not defined. +func setPDeathSig() *syscall.SysProcAttr { + return nil +} + +// TODO: Update to using fifo's package in openIO. Need to +// 1. Merge and vendor changes in the package to use sys/unix. +// 2. Figure out why context.Background is timing out. +// openIO opens the pre-created fifo's for use with the container +// in RDWR so that they remain open if the other side stops listening +func (p *process) openIO() error { + p.stdio = &stdio{} + var ( + uid = p.state.RootUID + ) + i, err := p.initializeIO(uid) + if err != nil { + return err + } + p.shimIO = i + // Both tty and non-tty mode are handled by the runtime using + // the following pipes + for name, dest := range map[string]func(f *os.File){ + p.state.Stdout: func(f *os.File) { + p.Add(1) + go func() { + io.Copy(f, i.Stdout) + p.Done() + }() + }, + p.state.Stderr: func(f *os.File) { + p.Add(1) + go func() { + io.Copy(f, i.Stderr) + p.Done() + }() + }, + } { + f, err := os.OpenFile(name, syscall.O_RDWR, 0) + if err != nil { + return err + } + dest(f) + } + + f, err := os.OpenFile(p.state.Stdin, syscall.O_RDONLY, 0) + if err != nil { + return err + } + go func() { + io.Copy(i.Stdin, f) + i.Stdin.Close() + }() + + return nil +} + +func (p *process) killAll() error { + return nil +}
  93. Download patch cli/compose/schema/bindata.go

    --- 1.13.1~ds2-3/cli/compose/schema/bindata.go 2017-02-08 05:58:41.000000000 +0000 +++ 17.03.2-0ubuntu1/cli/compose/schema/bindata.go 2017-06-01 21:14:48.000000000 +0000 @@ -69,7 +69,7 @@ func (fi bindataFileInfo) Sys() interfac return nil } -var _dataConfig_schema_v30Json = []byte("\x1f\x8b\x08\x00\x00\x09\x6e\x88\x00\xff\xec\x5a\x4f\x8f\xdb\xb8\x0e\xbf\xe7\x53\x18\x6e\x6f\xcd\xcc\x14\x78\xc5\x03\x5e\x6f\xef\xb8\xa7\xdd\xf3\x0e\x5c\x43\xb1\x99\x44\x1d\x59\x52\x29\x39\x9d\xb4\xc8\x77\x5f\xc8\xff\x22\x2b\x92\xe5\x24\xee\xb6\x87\x9e\x66\x62\x91\x14\xff\xe9\x47\x8a\xf6\xf7\x55\x92\xa4\x6f\x55\xb1\x87\x8a\xa4\x1f\x93\x74\xaf\xb5\xfc\xf8\xf4\xf4\x59\x09\xfe\xd0\x3e\x7d\x14\xb8\x7b\x2a\x91\x6c\xf5\xc3\xfb\x0f\x4f\xed\xb3\x37\xe9\xda\xf0\xd1\xd2\xb0\x14\x82\x6f\xe9\x2e\x6f\x57\xf2\xc3\x7f\x1e\xdf\x3f\x1a\xf6\x96\x44\x1f\x25\x18\x22\xb1\xf9\x0c\x85\x6e\x9f\x21\x7c\xa9\x29\x82\x61\x7e\x4e\x0f\x80\x8a\x0a\x9e\x66\xeb\x95\x59\x93\x28\x24\xa0\xa6\xa0\xd2\x8f\x89\x51\x2e\x49\x06\x92\xfe\x81\x25\x56\x69\xa4\x7c\x97\x36\x8f\x4f\x8d\x84\x24\x49\x15\xe0\x81\x16\x96\x84\x41\xd5\x37\x4f\x67\xf9\x4f\x03\xd9\xda\x95\x6a\x29\xdb\x3c\x97\x44\x6b\x40\xfe\xd7\xa5\x6e\xcd\xf2\xa7\x67\xf2\xf0\xed\xff\x0f\x7f\xbf\x7f\xf8\xdf\x63\xfe\x90\xbd\x7b\x3b\x5a\x36\xfe\x45\xd8\xb6\xdb\x97\xb0\xa5\x9c\x6a\x2a\xf8\xb0\x7f\x3a\x50\x9e\xba\xff\x4e\xc3\xc6\xa4\x2c\x1b\x62\xc2\x46\x7b\x6f\x09\x53\x30\xb6\x99\x83\xfe\x2a\xf0\x25\x66\xf3\x40\xf6\x93\x6c\xee\xf6\xf7\xd8\x3c\x36\xe7\x20\x58\x5d\x45\x23\xd8\x53\xfd\x24\x63\xda\xed\xef\x8b\xdf\xaa\x37\x7a\x92\xb6\xa5\xb0\xf6\x6e\x14\x1c\x65\xbb\xcf\x55\xbe\x6c\x0b\xfb\x6a\x70\x56\xc0\x4b\x25\x48\x26\x8e\xe6\x59\xc0\x1f\x2d\x41\x05\x5c\xa7\x83\x0b\x92\x24\xdd\xd4\x94\x95\xae\x47\x05\x87\x3f\x8d\x88\x67\xeb\x61\x92\x7c\x77\x0f\xb6\x25\xa7\x59\x1f\xfd\x0a\x07\x7c\x58\x0f\xd8\x32\xac\x17\x82\x6b\x78\xd5\x8d\x51\xd3\x5b\xb7\x2e\x10\xc5\x0b\xe0\x96\x32\x98\xcb\x41\x70\xa7\x26\x5c\xc6\xa8\xd2\xb9\xc0\xbc\xa4\x85\x4e\x4f\x0e\xfb\x85\xbc\x78\x3e\x0d\xac\xd6\xaf\x6c\xe5\x11\x98\x16\x44\xe6\xa4\x2c\x47\x76\x10\x44\x72\x4c\xd7\x49\x4a\x35\x54\xca\x6f\x62\x92\xd6\x9c\x7e\xa9\xe1\x8f\x8e\x44\x63\x0d\xae\xdc\x12\x85\x5c\x5e\xf0\x0e\x45\x2d\x73\x49\xd0\x24\xd8\xb4\xfb\xd3\x42\x54\x15\xe1\x4b\x65\xdd\x35\x76\xcc\xf0\xbc\xe0\x9a\x50\x0e\x98\x73\x52\xc5\x12\xc9\x9c\x3a\xe0\xa5\xca\xdb\xfa\x37\x99\x46\xdb\xbc\xe5\x57\x8e\x80\xa1\x18\x2e\x1a\x8f\x92\x4f\x25\x76\x2b\xc6\xa4\xb6\xd1\x2d\x75\x18\x73\x05\x04\x8b\xfd\x8d\xfc\xa2\x22\x94\xcf\xf1\x1d\x70\x8d\x47\x29\x68\x9b\x2f\xbf\x5c\x22\x00\x3f\xe4\x03\x96\x5c\xed\x06\xe0\x07\x8a\x82\x57\xfd\x69\x98\x03\x30\x03\xc8\x1b\xfe\x57\x29\x14\xb8\x8e\x71\x0c\xb4\x97\x06\x53\x47\x3e\xe9\x39\x9e\x7b\xc3\xd7\x49\xca\xeb\x6a\x03\x68\x5a\xba\x11\xe5\x56\x60\x45\x8c\xb2\xfd\xde\xd6\xf2\xc8\xd3\x9e\xcc\xb3\x1d\x68\xdb\x60\xca\x3a\x61\x39\xa3\xfc\x65\xf9\x14\x87\x57\x8d\x24\xdf\x0b\xa5\xe7\x63\xb8\xc5\xbe\x07\xc2\xf4\xbe\xd8\x43\xf1\x32\xc1\x6e\x53\x8d\xb8\x85\xd2\x73\x92\x9c\x56\x64\x17\x27\x92\x45\x8c\x84\x91\x0d\xb0\x9b\xec\x5c\xd4\xf9\x96\x58\xb1\xdb\x19\xd2\x50\xc6\x5d\x74\x2e\xdd\x72\xac\xe6\x97\x48\x0f\x80\x73\x0b\xb8\x90\xe7\x86\xcb\x5d\x8c\x37\x20\x49\xbc\xfb\x1c\x91\x7e\x7a\x6c\x9b\xcf\x89\x53\xd5\xfc\xc7\x58\x9a\xb9\xed\x42\xe2\xd4\x7d\xdf\x13\xc7\xc2\x79\x0d\xc5\x28\x2a\x15\x29\x4c\xdf\x80\xa0\x02\x71\x3d\x93\x76\xcd\x7e\x5e\x89\x32\x94\xa0\x17\xc4\xae\x6f\x82\x48\x7d\x75\x21\x4c\x6e\xea\x1f\x67\x85\x2e\x7a\x81\x88\x58\x13\x52\x6f\xae\x9a\x67\x75\xe3\x29\xd6\xd0\x11\x46\x89\x82\xf8\x61\x0f\x3a\x72\x24\x8d\xca\xc3\x87\x99\x39\xe1\xe3\xfd\xef\x24\x6f\x80\x35\x28\x73\x7e\x8f\x1c\x11\x75\x56\xa5\x39\x6e\x3e\x45\xb2\xc8\x69\xfb\xc1\x2d\xbc\xa4\x65\x18\x2b\x1a\x84\xb0\x0f\x98\x14\xa8\x2f\x4e\xd7\xbf\x53\xee\xdb\xad\xef\xae\xf6\x12\xe9\x81\x32\xd8\xc1\xf8\xd6\xb2\x11\x82\x01\xe1\x23\xe8\x41\x20\x65\x2e\x38\x3b\xce\xa0\x54\x9a\x60\xf4\x42\xa1\xa0\xa8\x91\xea\x63\x2e\xa4\x5e\xbc\xcf\x50\xfb\x2a\x57\xf4\x1b\x8c\xa3\x79\xc6\xfb\x4e\x50\x36\xe2\x39\xaa\x42\xdf\x56\xaf\x95\x2e\x29\xcf\x85\x04\x1e\xf5\x8e\xd2\x42\xe6\x3b\x24\x05\xe4\x12\x90\x8a\xd2\x67\xe0\xda\x8e\x75\x59\x23\x31\xfb\x5f\x8a\x51\x74\xc7\x09\x8b\x39\x5a\x57\x72\x7b\xe3\xc5\x42\xeb\x78\xb8\x6b\x46\x2b\x1a\x3e\x07\x1e\x80\x9d\x51\x03\x5a\xfc\xf7\xc3\xfe\x04\xe4\x9f\x35\xa5\x5c\xc3\x0e\xd0\x87\x94\x13\x5d\xc7\x74\xd3\x31\xa3\xdb\xd8\x13\x1c\x07\x74\x42\x8f\x86\x41\x89\xad\xf6\x33\xf8\x7a\x11\xaf\x5e\xa3\xe1\x6f\x23\x6f\xdd\x29\x92\x79\xe9\xaf\x82\x73\x57\x8d\x2c\x88\xa8\x27\x2f\xa2\xd6\x2a\xda\x18\x36\x34\x5c\x4d\x35\x35\x03\xa9\x35\xc5\x5c\x14\x2f\x4c\xa3\x64\x0e\x41\x49\xfd\xda\xae\x1c\xcb\xae\x98\x23\x3b\x77\x96\x5e\x80\x6f\xa2\x68\x93\x46\x27\xb0\xd3\xd3\xcd\x8e\x28\x38\x79\xa4\x8a\x6c\x9c\x99\x9b\xef\x70\x9b\x6c\xc4\x43\x1c\x63\x10\x34\x52\x27\x2e\x1d\xda\x8e\xf0\x04\xd4\xaf\x39\x38\xd0\xb4\x02\x51\xfb\x6b\xd6\xca\xce\xef\x8e\x29\xb5\x26\xb3\x91\xa0\x5a\x94\x6e\x4c\x9f\x87\xa0\xf6\xfd\x45\x34\x70\x73\x0e\x09\x82\x64\xb4\x20\x2a\x06\x44\x77\x5c\x50\x6b\x59\x12\x0d\x79\xfb\xa2\xea\x2a\xe8\x9f\xc0\x7c\x49\x90\x30\x06\x8c\xaa\x6a\x0e\x86\xa6\x25\x30\x72\xbc\xa9\x7c\x36\xec\x5b\x42\x59\x8d\x90\x93\x42\x77\xef\xc2\x22\x39\x97\x56\x82\x53\x2d\xbc\x08\x31\x6f\xcb\x8a\xbc\xe6\xfd\xb6\x0d\x89\xf7\xc0\x04\xdb\xba\xb9\x77\x4b\x2b\x13\x94\xa8\xb1\xb8\x70\xf6\xcd\x21\x3a\xd7\xfa\x40\xc6\xf4\x3b\x5e\x98\x8e\xa0\x0c\x92\x0c\x57\xff\x28\x7f\xb4\xb4\x74\x7d\x66\x2e\x05\xa3\xc5\x71\x29\x0b\x0b\xc1\x5b\x27\xcf\x49\x88\x3b\x33\xd0\xa4\x83\x69\x85\x2a\xa9\xa3\x87\xb5\x61\xf8\x4a\x79\x29\xbe\x5e\xb1\xe1\x72\xa9\x24\x19\x29\xc0\xc1\xbb\x7b\x1d\xad\x34\x12\xca\xf5\xd5\xe5\xfc\x5e\xb3\xee\xa8\xe6\x43\x7e\x46\x50\x7f\xa0\x8b\xbf\x49\x0d\x20\x7d\x21\xeb\xe8\x3c\xa8\x82\x4a\xa0\x37\x01\x17\x78\xf3\x1d\x33\xb1\x27\x5b\xa0\xaa\xcd\x1a\x20\x76\x54\xe6\xbe\xb8\xf8\x6d\x23\x3e\x24\xcc\xe2\x80\x44\x25\xa9\x96\x3a\x1d\xb3\x47\xaa\xa9\xb7\x06\x27\xd3\xa3\x88\x24\x3c\x8e\x88\x69\x1d\xd7\xbd\xa3\x50\xf5\x86\xc3\x64\x47\x65\xf9\xd3\xf7\x9e\x77\xfe\x35\xe5\x14\xbe\x94\xdc\x07\x7a\xfd\xdb\x90\x40\x54\x9f\x87\x9e\x79\x3d\xf8\x2a\x9b\x1d\xe2\xe0\xab\x88\xe5\xf4\xbf\xb2\xc1\xbb\x03\x33\xba\x2f\x37\x22\x90\xd1\x51\xfd\x46\x8c\xdf\xf9\x75\x65\x7e\x39\x43\x2a\x2b\xcf\x2e\xef\x8f\x53\x29\x31\x7b\x3a\xdf\x71\x64\x63\x35\x5c\x32\xcf\x07\x74\x63\xb4\x9d\x1a\x4a\xf4\x24\x81\x69\xad\xb3\x69\xe7\xc4\x69\xcb\x17\xcc\xf0\xc7\x77\x13\x35\x65\xea\x2d\xda\x0f\x02\xe3\x05\x06\x3e\xfe\x98\x3a\x8d\x68\xef\xdd\xcb\xaf\xc0\x02\xa0\x66\xf1\x5f\x7c\x13\x66\xec\xe4\xc7\x8b\xf9\xc6\xf7\xf1\xd0\xae\xfd\x9e\x2b\x1b\xf9\xc7\x21\x69\xdf\x49\x5b\x90\x92\xd9\xbd\x79\x28\x8c\xde\x2f\xc5\xdc\x91\x61\xff\xc5\x56\xe6\x87\xab\x95\xfd\xb7\xf9\xba\x6e\x75\x5a\xfd\x13\x00\x00\xff\xff\x46\xf7\x7b\x23\xe5\x2a\x00\x00") +var _dataConfig_schema_v30Json = []byte("\x1f\x8b\x08\x00\x00\x09\x6e\x88\x00\xff\xec\x5a\x4b\x8f\xdb\x38\x12\xbe\xfb\x57\x08\x4a\x6e\x71\x77\x07\xd8\x60\x81\xcd\x6d\x8f\x7b\xda\x39\x4f\x43\x11\x68\xa9\x6c\x33\x4d\x91\x4c\x91\x72\xda\x09\xfc\xdf\x07\xd4\xcb\x14\x4d\x8a\xb2\xad\x3c\x30\x98\x53\xb7\xc5\xaa\x62\xbd\xf8\x55\xb1\xa4\xef\xab\x24\x49\xdf\xaa\x62\x0f\x15\x49\x3f\x26\xe9\x5e\x6b\xf9\xf1\xe9\xe9\xb3\x12\xfc\xa1\x7d\xfa\x28\x70\xf7\x54\x22\xd9\xea\x87\xf7\x1f\x9e\xda\x67\x6f\xd2\xb5\xe1\xa3\xa5\x61\x29\x04\xdf\xd2\x5d\xde\xae\xe4\x87\x7f\x3d\xbe\x7f\x34\xec\x2d\x89\x3e\x4a\x30\x44\x62\xf3\x19\x0a\xdd\x3e\x43\xf8\x52\x53\x04\xc3\xfc\x9c\x1e\x00\x15\x15\x3c\xcd\xd6\x2b\xb3\x26\x51\x48\x40\x4d\x41\xa5\x1f\x13\xa3\x5c\x92\x0c\x24\xfd\x03\x4b\xac\xd2\x48\xf9\x2e\x6d\x1e\x9f\x1a\x09\x49\x92\x2a\xc0\x03\x2d\x2c\x09\x83\xaa\x6f\x9e\xce\xf2\x9f\x06\xb2\xb5\x2b\xd5\x52\xb6\x79\x2e\x89\xd6\x80\xfc\x8f\x4b\xdd\x9a\xe5\x4f\xcf\xe4\xe1\xdb\x7f\x1f\xfe\x7c\xff\xf0\x9f\xc7\xfc\x21\x7b\xf7\x76\xb4\x6c\xfc\x8b\xb0\x6d\xb7\x2f\x61\x4b\x39\xd5\x54\xf0\x61\xff\x74\xa0\x3c\x75\xff\x9d\x86\x8d\x49\x59\x36\xc4\x84\x8d\xf6\xde\x12\xa6\x60\x6c\x33\x07\xfd\x55\xe0\x4b\xcc\xe6\x81\xec\x17\xd9\xdc\xed\xef\xb1\x79\x6c\xce\x41\xb0\xba\x8a\x46\xb0\xa7\xfa\x45\xc6\xb4\xdb\xdf\x17\xbf\x55\x6f\xf4\x24\x6d\x4b\x61\xed\xdd\x28\x38\xca\x76\x9f\xab\x7c\xd9\x16\xf6\xd5\xe0\xac\x80\x97\x4a\x90\x4c\x1c\xcd\xb3\x80\x3f\x5a\x82\x0a\xb8\x4e\x07\x17\x24\x49\xba\xa9\x29\x2b\x5d\x8f\x0a\x0e\xff\x37\x22\x9e\xad\x87\x49\xf2\xdd\x3d\xd8\x96\x9c\x66\x7d\xf4\x2b\x1c\xf0\x61\x3d\x60\xcb\xb0\x5e\x08\xae\xe1\x55\x37\x46\x4d\x6f\xdd\xba\x40\x14\x2f\x80\x5b\xca\x60\x2e\x07\xc1\x9d\x9a\x70\x19\xa3\x4a\xe7\x02\xf3\x92\x16\x3a\x3d\x39\xec\x17\xf2\xe2\xf9\x34\xb0\x5a\xbf\xb2\x95\x47\x60\x5a\x10\x99\x93\xb2\x1c\xd9\x41\x10\xc9\x31\x5d\x27\x29\xd5\x50\x29\xbf\x89\x49\x5a\x73\xfa\xa5\x86\xff\x75\x24\x1a\x6b\x70\xe5\x96\x28\xe4\xf2\x82\x77\x28\x6a\x99\x4b\x82\x26\xc1\xa6\xdd\x9f\x16\xa2\xaa\x08\x5f\x2a\xeb\xae\xb1\x63\x86\xe7\x05\xd7\x84\x72\xc0\x9c\x93\x2a\x96\x48\xe6\xd4\x01\x2f\x55\xde\xd6\xbf\xc9\x34\xda\xe6\x2d\xbf\x72\x04\x0c\xc5\x70\xd1\x78\x94\x7c\x2a\xb1\x5b\x31\x26\xb5\x8d\x6e\xa9\xc3\x98\x2b\x20\x58\xec\x6f\xe4\x17\x15\xa1\x7c\x8e\xef\x80\x6b\x3c\x4a\x41\xdb\x7c\xf9\xed\x12\x01\xf8\x21\x1f\xb0\xe4\x6a\x37\x00\x3f\x50\x14\xbc\xea\x4f\xc3\x1c\x80\x19\x40\xde\xf0\xbf\x4a\xa1\xc0\x75\x8c\x63\xa0\xbd\x34\x98\x3a\xf2\x49\xcf\xf1\xdc\x1b\xbe\x4e\x52\x5e\x57\x1b\x40\xd3\xd2\x8d\x28\xb7\x02\x2b\x62\x94\xed\xf7\xb6\x96\x47\x9e\xf6\x64\x9e\xed\x40\xdb\x06\x53\xd6\x09\xcb\x19\xe5\x2f\xcb\xa7\x38\xbc\x6a\x24\xf9\x5e\x28\x3d\x1f\xc3\x2d\xf6\x3d\x10\xa6\xf7\xc5\x1e\x8a\x97\x09\x76\x9b\x6a\xc4\x2d\x94\x9e\x93\xe4\xb4\x22\xbb\x38\x91\x2c\x62\x24\x8c\x6c\x80\xdd\x64\xe7\xa2\xce\xb7\xc4\x8a\xdd\xce\x90\x86\x32\xee\xa2\x73\xe9\x96\x63\x35\xbf\x44\x7a\x00\x9c\x5b\xc0\x85\x3c\x37\x5c\xee\x62\xbc\x01\x49\xe2\xdd\xe7\x88\xf4\xd3\x63\xdb\x7c\x4e\x9c\xaa\xe6\x3f\xc6\xd2\xcc\x6d\x17\x12\xa7\xee\xfb\x9e\x38\x16\xce\x6b\x28\x46\x51\xa9\x48\x61\xfa\x06\x04\x15\x88\xeb\x99\xb4\x6b\xf6\xf3\x4a\x94\xa1\x04\xbd\x20\x76\x7d\x13\x44\xea\xab\x0b\x61\x72\x53\xff\x38\x2b\x74\xd1\x0b\x44\xc4\x9a\x90\x7a\x73\xd5\x3c\xab\x1b\x4f\xb1\x86\x8e\x30\x4a\x14\xc4\x0f\x7b\xd0\x91\x23\x69\x54\x1e\x3e\xcc\xcc\x09\x1f\xef\xbf\x27\x79\x03\xac\x41\x99\xf3\x7b\xe4\x88\xa8\xb3\x2a\xcd\x71\xf3\x29\x92\x45\x4e\xdb\x0f\x6e\xe1\x25\x2d\xc3\x58\xd1\x20\x84\x7d\xc0\xa4\x40\x7d\x71\xba\x7e\x4e\xb9\x6f\xb7\xbe\xbb\xda\x4b\xa4\x07\xca\x60\x07\xe3\x5b\xcb\x46\x08\x06\x84\x8f\xa0\x07\x81\x94\xb9\xe0\xec\x38\x83\x52\x69\x82\xd1\x0b\x85\x82\xa2\x46\xaa\x8f\xb9\x90\x7a\xf1\x3e\x43\xed\xab\x5c\xd1\x6f\x30\x8e\xe6\x19\xef\x3b\x41\xd9\x88\xe7\xa8\x0a\x7d\x5b\xbd\x56\xba\xa4\x3c\x17\x12\x78\xd4\x3b\x4a\x0b\x99\xef\x90\x14\x90\x4b\x40\x2a\x4a\x9f\x81\x6b\x3b\xd6\x65\x8d\xc4\xec\x7f\x29\x46\xd1\x1d\x27\x2c\xe6\x68\x5d\xc9\xed\x8d\x17\x0b\xad\xe3\xe1\xae\x19\xad\x68\xf8\x1c\x78\x00\x76\x46\x0d\x68\xf1\xdf\x0f\xfb\x13\x90\x7f\xd6\x94\x72\x0d\x3b\x40\x1f\x52\x4e\x74\x1d\xd3\x4d\xc7\x8c\x6e\x63\x4f\x70\x1c\xd0\x09\x3d\x1a\x06\x25\xb6\xda\xcf\xe0\xeb\x45\xbc\x7a\x8d\x86\xbf\x8d\xbc\x75\xa7\x48\xe6\xa5\xbf\x0a\xce\x5d\x35\xb2\x20\xa2\x9e\xbc\x88\x5a\xab\x68\x63\xd8\xd0\x70\x35\xd5\xd4\x0c\xa4\xd6\x14\x73\x51\xbc\x30\x8d\x92\x39\x04\x25\xf5\x6b\xbb\x72\x2c\xbb\x62\x8e\xec\xdc\x59\x7a\x01\xbe\x89\xa2\x4d\x1a\x9d\xc0\x4e\x4f\x37\x3b\xa2\xe0\xe4\x91\x2a\xb2\x71\x66\x6e\xbe\xc3\x6d\xb2\x11\x0f\x71\x8c\x41\xd0\x48\x9d\xb8\x74\x68\x3b\xc2\x13\x50\xbf\xe7\xe0\x40\xd3\x0a\x44\xed\xaf\x59\x2b\x3b\xbf\x3b\xa6\xd4\x9a\xcc\x46\x82\x6a\x51\xba\x31\x7d\x1e\x82\xda\xf7\x17\xd1\xc0\xcd\x39\x24\x08\x92\xd1\x82\xa8\x18\x10\xdd\x71\x41\xad\x65\x49\x34\xe4\xed\x8b\xaa\xab\xa0\x7f\x02\xf3\x25\x41\xc2\x18\x30\xaa\xaa\x39\x18\x9a\x96\xc0\xc8\xf1\xa6\xf2\xd9\xb0\x6f\x09\x65\x35\x42\x4e\x0a\xdd\xbd\x0b\x8b\xe4\x5c\x5a\x09\x4e\xb5\xf0\x22\xc4\xbc\x2d\x2b\xf2\x9a\xf7\xdb\x36\x24\xde\x03\x13\x6c\xeb\xe6\xde\x2d\xad\x4c\x50\xa2\xc6\xe2\xc2\xd9\x37\x87\xe8\x5c\xeb\x03\x19\xd3\xef\x78\x61\x3a\x82\x32\x48\x32\x5c\xfd\xa3\xfc\xd1\xd2\xd2\xf5\x99\xb9\x14\x8c\x16\xc7\xa5\x2c\x2c\x04\x6f\x9d\x3c\x27\x21\xee\xcc\x40\x93\x0e\xa6\x15\xaa\xa4\x8e\x1e\xd6\x86\xe1\x2b\xe5\xa5\xf8\x7a\xc5\x86\xcb\xa5\x92\x64\xa4\x00\x07\xef\xee\x75\xb4\xd2\x48\x28\xd7\x57\x97\xf3\x7b\xcd\xba\xa3\x9a\x0f\xf9\x19\x41\xfd\x81\x2e\xfe\x26\x35\x80\xf4\x85\xac\xa3\xf3\xa0\x0a\x2a\x81\xde\x04\x5c\xe0\xcd\x77\xcc\xc4\x9e\x6c\x81\xaa\x36\x6b\x80\xd8\x51\x99\xfb\xe2\xe2\xb7\x8d\xf8\x90\x30\x8b\x03\x12\x95\xa4\x5a\xea\x74\xcc\x1e\xa9\xa6\xde\x1a\x9c\x4c\x8f\x22\x92\xf0\x38\x22\xa6\x75\x5c\xf7\x8e\x42\xd5\x1b\x0e\x93\x1d\x95\xe5\x4f\xdf\x7b\xde\xf9\xd7\x94\x53\xf8\x52\x72\x1f\xe8\xf5\x6f\x43\x02\x51\x7d\x1e\x7a\xe6\xf5\xe0\xab\x6c\x76\x88\x83\xaf\x22\x96\xd3\xbf\x69\xdf\xdd\x11\x81\xaf\xcf\xbf\xb2\x13\xbc\x03\x5c\xba\x4f\x3c\x22\xd8\xd2\x51\xfd\x03\x2d\x7f\x93\x44\xfc\x79\xf9\xe5\x4c\xb3\xac\x3c\xbb\xbc\x68\x4e\xa5\xc4\xec\x31\x7e\xc7\x91\x8d\xd5\x70\xc9\x3c\x5f\xda\x8d\x61\x79\x6a\x7a\xd1\x93\x04\xc6\xba\xce\xa6\x9d\x13\xa7\x2d\x5f\x30\xc3\x1f\xdf\x4d\x14\x9f\xa9\xd7\x6d\x3f\x08\xb5\x17\x98\x0c\xf9\x63\xea\x74\xac\xbd\x77\x2f\x3f\x17\x0b\x80\x9a\xc5\x7f\xf1\xf1\x98\xb1\x93\x1f\x2f\x06\x21\xdf\xc7\xd3\xbd\xf6\xc3\xaf\x6c\xe4\x1f\x87\xa4\x7d\x79\x6d\x41\x4a\x66\x37\xf1\xa1\x30\x7a\x3f\x29\x73\x67\x8b\xfd\xa7\x5d\x99\x1f\xae\x56\xf6\xdf\xe6\x33\xbc\xd5\x69\xf5\x57\x00\x00\x00\xff\xff\x78\x30\xec\x51\x0e\x2b\x00\x00") func dataConfig_schema_v30JsonBytes() ([]byte, error) { return bindataRead(
  94. Download patch containerd/runtime/runtime.go

    --- 1.13.1~ds2-3/containerd/runtime/runtime.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/runtime/runtime.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,131 @@ +package runtime + +import ( + "errors" + "time" + + "github.com/docker/containerd/specs" +) + +var ( + // ErrContainerExited is returned when access to an exited + // container is attempted + ErrContainerExited = errors.New("containerd: container has exited") + // ErrProcessNotExited is returned when trying to retrieve the exit + // status of an alive process + ErrProcessNotExited = errors.New("containerd: process has not exited") + // ErrContainerNotStarted is returned when a container fails to + // start without error from the shim or the OCI runtime + ErrContainerNotStarted = errors.New("containerd: container not started") + // ErrContainerStartTimeout is returned if a container takes too + // long to start + ErrContainerStartTimeout = errors.New("containerd: container did not start before the specified timeout") + // ErrShimExited is returned if the shim or the contianer's init process + // exits before completing + ErrShimExited = errors.New("containerd: shim exited before container process was started") + + errNoPidFile = errors.New("containerd: no process pid file found") + errInvalidPidInt = errors.New("containerd: process pid is invalid") + errContainerNotFound = errors.New("containerd: container not found") + errNotImplemented = errors.New("containerd: not implemented") +) + +const ( + // ExitFile holds the name of the pipe used to monitor process + // exit + ExitFile = "exit" + // ExitStatusFile holds the name of the file where the container + // exit code is to be written + ExitStatusFile = "exitStatus" + // StateFile holds the name of the file where the container state + // is written + StateFile = "state.json" + // ControlFile holds the name of the pipe used to control the shim + ControlFile = "control" + // InitProcessID holds the special ID used for the very first + // container's process + InitProcessID = "init" + // StartTimeFile holds the name of the file in which the process + // start time is saved + StartTimeFile = "starttime" + + // UnknownStatus is the value returned when a process exit + // status cannot be determined + UnknownStatus = 255 +) + +// Checkpoint holds information regarding a container checkpoint +type Checkpoint struct { + // Timestamp is the time that checkpoint happened + Created time.Time `json:"created"` + // Name is the name of the checkpoint + Name string `json:"name"` + // TCP checkpoints open tcp connections + TCP bool `json:"tcp"` + // UnixSockets persists unix sockets in the checkpoint + UnixSockets bool `json:"unixSockets"` + // Shell persists tty sessions in the checkpoint + Shell bool `json:"shell"` + // Exit exits the container after the checkpoint is finished + Exit bool `json:"exit"` + // EmptyNS tells CRIU to omit a specified namespace + EmptyNS []string `json:"emptyNS,omitempty"` +} + +// PlatformProcessState container platform-specific fields in the ProcessState structure +type PlatformProcessState struct { + Checkpoint string `json:"checkpoint"` + RootUID int `json:"rootUID"` + RootGID int `json:"rootGID"` +} + +// State represents a container state +type State string + +// Resource regroups the various container limits that can be updated +type Resource struct { + CPUShares int64 + BlkioWeight uint16 + CPUPeriod int64 + CPUQuota int64 + CpusetCpus string + CpusetMems string + KernelMemory int64 + KernelTCPMemory int64 + Memory int64 + MemoryReservation int64 + MemorySwap int64 +} + +// Possible container states +const ( + Paused = State("paused") + Stopped = State("stopped") + Running = State("running") +) + +type state struct { + Bundle string `json:"bundle"` + Labels []string `json:"labels"` + Stdin string `json:"stdin"` + Stdout string `json:"stdout"` + Stderr string `json:"stderr"` + Runtime string `json:"runtime"` + RuntimeArgs []string `json:"runtimeArgs"` + Shim string `json:"shim"` + NoPivotRoot bool `json:"noPivotRoot"` +} + +// ProcessState holds the process OCI specs along with various fields +// required by containerd +type ProcessState struct { + specs.ProcessSpec + Exec bool `json:"exec"` + Stdin string `json:"containerdStdin"` + Stdout string `json:"containerdStdout"` + Stderr string `json:"containerdStderr"` + RuntimeArgs []string `json:"runtimeArgs"` + NoPivotRoot bool `json:"noPivotRoot"` + + PlatformProcessState +}
  95. Download patch containerd/docs/api.md

    --- 1.13.1~ds2-3/containerd/docs/api.md 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/docs/api.md 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,6 @@ +# API + +The API for containerd is with GRPC over a unix socket located at the default location of `/run/containerd/containerd.sock`. + +At this time please refer to the [proto at](https://github.com/docker/containerd/blob/master/api/grpc/types/api.proto) for the API methods and types. +There is a Go implementation and types checked into this repository but alternate language implementations can be created using the grpc and protoc toolchain.
  96. Download patch api/common.go

    --- 1.13.1~ds2-3/api/common.go 2017-02-08 05:58:41.000000000 +0000 +++ 17.03.2-0ubuntu1/api/common.go 2017-06-01 21:14:48.000000000 +0000 @@ -21,7 +21,7 @@ import ( // Common constants for daemon and client. const ( // DefaultVersion of Current REST API - DefaultVersion string = "1.26" + DefaultVersion string = "1.27" // NoBaseImageSpecifier is the symbol used by the FROM // command to specify that no base image is to be used.
  97. Download patch containerd/ctr/checkpoint_solaris.go

    --- 1.13.1~ds2-3/containerd/ctr/checkpoint_solaris.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/ctr/checkpoint_solaris.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,36 @@ +package main + +import ( + "fmt" + + "github.com/codegangsta/cli" +) + +var checkpointSubCmds = []cli.Command{ + listCheckpointCommand, +} + +var checkpointCommand = cli.Command{ + Name: "checkpoints", + Usage: "list all checkpoints", + ArgsUsage: "COMMAND [arguments...]", + Subcommands: checkpointSubCmds, + Description: func() string { + desc := "\n COMMAND:\n" + for _, command := range checkpointSubCmds { + desc += fmt.Sprintf(" %-10.10s%s\n", command.Name, command.Usage) + } + return desc + }(), + Action: listCheckpoints, +} + +var listCheckpointCommand = cli.Command{ + Name: "list", + Usage: "list all checkpoints for a container", + Action: listCheckpoints, +} + +func listCheckpoints(context *cli.Context) { + fatal("checkpoint command is not supported on Solaris", ExitStatusUnsupported) +}
  98. Download patch containerd/api/http/pprof/pprof.go

    --- 1.13.1~ds2-3/containerd/api/http/pprof/pprof.go 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/api/http/pprof/pprof.go 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,19 @@ +package pprof + +import ( + // expvar init routine adds the "/debug/vars" handler + _ "expvar" + "net/http" + // net/http/pprof installs the "/debug/pprof/{block,heap,goroutine,threadcreate}" handler + _ "net/http/pprof" + + "github.com/Sirupsen/logrus" +) + +// Enable registers the "/debug/pprof" handler +func Enable(address string) { + http.Handle("/", http.RedirectHandler("/debug/pprof", http.StatusMovedPermanently)) + + go http.ListenAndServe(address, nil) + logrus.Debug("pprof listening in address %s", address) +}
  99. Download patch api/swagger.yaml
  100. Download patch containerd/Jenkinsfile

    --- 1.13.1~ds2-3/containerd/Jenkinsfile 1970-01-01 00:00:00.000000000 +0000 +++ 17.03.2-0ubuntu1/containerd/Jenkinsfile 2017-03-15 14:55:45.000000000 +0000 @@ -0,0 +1,13 @@ +wrappedNode(label: "linux && x86_64") { + deleteDir() + checkout scm + + stage "build image" + def img = docker.build("dockerbuildbot/containerd:${gitCommit()}") + try { + stage "run tests" + sh "docker run --privileged --rm --name '${env.BUILD_TAG}' ${img.id} make test" + } finally { + sh "docker rmi -f ${img.id} ||:" + } +}
  101. ...

Debian ( Changelog | PTS | Bugs ) Ubuntu ( Changelog | txt | LP | Bugs ) | Diff from Ubuntu

Source: golang-1.7

golang-1.7 (1.7.4-2ubuntu1) zesty; urgency=medium * Merge from Debian unstable. Remaining changes: - Do not distribute un-built from source race detector runtime files and recommend golang-race-detector-runtime instead (see Debian bug #807455). - Build Go standard library into a shared library. - Patches (all backports from upstream tip) for problems with Go shared libraries: + d/patches/0001-cmd-compile-runtime-make-the-go.itab.-symbols-module.patch + d/patches/0002-runtime-resolve-type-offsets-using-source-module.patch + d/patches/0003-runtime-make-module-typemaps-visible-to-the-GC.patch + d/patches/0004-cmd-compile-mark-go.itab.-symbols-local-earlier.patch + d/patches/0005-cmd-compile-runtime-a-different-approach-to-duplicat.patch -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Wed, 05 Apr 2017 13:13:40 +1200

Modifications :
  1. Download patch misc/cgo/testshared/src/exe/exe.go

    --- 1.7.4-2/misc/cgo/testshared/src/exe/exe.go 2016-12-01 21:16:26.000000000 +0000 +++ 1.7.4-2ubuntu1/misc/cgo/testshared/src/exe/exe.go 2017-04-05 11:38:59.000000000 +0000 @@ -2,11 +2,34 @@ package main import ( "depBase" + "os" + "reflect" "runtime" ) +// Having a function declared in the main package triggered +// golang.org/issue/18250 +func DeclaredInMain() { +} + +type C struct { +} + +func F() *C { + return nil +} + func main() { defer depBase.ImplementedInAsm() + // This code below causes various go.itab.* symbols to be generated in + // the executable. Similar code in ../depBase/dep.go results in + // exercising https://github.com/golang/go/issues/17594 + reflect.TypeOf(os.Stdout).Elem() runtime.GC() depBase.V = depBase.F() + 1 + + var c *C + if reflect.TypeOf(F).Out(0) != reflect.TypeOf(c) { + panic("bad reflection results, see golang.org/issue/18252") + } }
  2. Download patch debian/patches/0004-cmd-compile-mark-go.itab.-symbols-local-earlier.patch

    --- 1.7.4-2/debian/patches/0004-cmd-compile-mark-go.itab.-symbols-local-earlier.patch 1970-01-01 00:00:00.000000000 +0000 +++ 1.7.4-2ubuntu1/debian/patches/0004-cmd-compile-mark-go.itab.-symbols-local-earlier.patch 2017-04-05 01:13:29.000000000 +0000 @@ -0,0 +1,34 @@ +From 9a28d18e5b6c3c342f2b49ee6b4564abbad3c6ef Mon Sep 17 00:00:00 2001 +From: Michael Hudson-Doyle <michael.hudson@canonical.com> +Date: Fri, 28 Oct 2016 15:08:28 +1300 +Subject: [PATCH 4/4] cmd/compile: mark go.itab.* symbols local earlier + +This feels a bit like a layering violation, but as the bug report shows +it is sometimes necessary. + +Fixes #17642 + +Change-Id: I4ba060bb1ce73a527ce276e5a769c44692b50016 +Reviewed-on: https://go-review.googlesource.com/32236 +Run-TryBot: Michael Hudson-Doyle <michael.hudson@canonical.com> +TryBot-Result: Gobot Gobot <gobot@golang.org> +Reviewed-by: David Crawshaw <crawshaw@golang.org> +--- + src/cmd/compile/internal/gc/reflect.go | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/cmd/compile/internal/gc/reflect.go b/src/cmd/compile/internal/gc/reflect.go +index 4457c66..5ad65fb 100644 +--- a/src/cmd/compile/internal/gc/reflect.go ++++ b/src/cmd/compile/internal/gc/reflect.go +@@ -976,6 +976,7 @@ func itabname(t, itype *Type) *Node { + Fatalf("itabname %v", t) + } + s := Pkglookup(Tconv(t, FmtLeft)+","+Tconv(itype, FmtLeft), itabpkg) ++ Linksym(s).Local = true + if s.Def == nil { + n := newname(s) + n.Type = Types[TUINT8] +-- +2.7.4 +
  3. Download patch src/runtime/runtime2.go

    --- 1.7.4-2/src/runtime/runtime2.go 2016-12-01 21:16:28.000000000 +0000 +++ 1.7.4-2ubuntu1/src/runtime/runtime2.go 2017-04-05 11:38:59.000000000 +0000 @@ -619,7 +619,7 @@ type itab struct { _type *_type link *itab bad int32 - unused int32 + inhash int32 // has this itab been added to hash? fun [1]uintptr // variable sized }
  4. Download patch .pc/0005-cmd-compile-runtime-a-different-approach-to-duplicat.patch/src/cmd/compile/internal/gc/reflect.go
  5. Download patch .pc/0001-cmd-compile-runtime-make-the-go.itab.-symbols-module.patch/src/runtime/iface.go
  6. Download patch debian/rules

    --- 1.7.4-2/debian/rules 2017-04-04 23:52:45.000000000 +0000 +++ 1.7.4-2ubuntu1/debian/rules 2017-04-05 01:12:55.000000000 +0000 @@ -18,6 +18,10 @@ ifneq (,$(findstring nocheck,$(DEB_BUILD RUN_TESTS := false endif +shlib_archs = $(shell GOVER=$(GOVER) perl debian/helpers/getshlibarches.pl) + +multiarch := $(shell dpkg-architecture -qDEB_HOST_MULTIARCH) + %: +dh --parallel $(opt_no_act) $@ @@ -47,7 +51,7 @@ override_dh_auto_clean: gencontrol override_dh_prep: dh_prep - @set -e; cd debian; for x in golang-X.Y-*; do \ + @set -e; cd debian; for x in *golang-X.Y-*; do \ sed -e 's/X.Y/$(GOVER)/g' $$x > golang-$(GOVER)-$${x##golang-X.Y-}; \ done @@ -80,7 +84,13 @@ override_dh_install-indep: dh_install --fail-missing override_dh_install-arch: + set -ex; \ + export PATH="$(GOROOT)/bin:$$PATH"; \ + $(CURDIR)/debian/helpers/installshlib.sh dh_install --fail-missing + # Remove .syso files of the race detector; they are binary files that + # are not built from source in the go source distribution. + find $(CURDIR)/debian/golang-$(GOVER)-src/usr/share/go-$(GOVER)/src/runtime/race -type f -name '*.syso' -delete # Remove Plan9 rc(1) scripts find debian/golang-$(GOVER)-src/usr/share/go-$(GOVER)/src -type f -name '*.rc' -delete # Remove empty /usr/share/go-$(GOVER)/src from golang-$(GOVER)-go, it is provided by golang-$(GOVER)-src @@ -95,12 +105,21 @@ override_dh_strip: override_dh_shlibdeps: dh_shlibdeps -Xtestdata -Xtest +override_dh_makeshlibs: + LDIR=$(CURDIR)/debian/libgolang-$(GOVER)-std1/usr/lib/$(multiarch); \ + HASH=$$(LD_LIBRARY_PATH=$$LDIR:$$LD_LIBRARY_PATH $(CURDIR)/bin/readabihash $$LDIR/libgolang-$(GOVER)-std.so.1); \ + dh_makeshlibs -Vlibgolang-$(GOVER)-std1-$$HASH; \ + echo "golang:Provides=libgolang-$(GOVER)-std1-$$HASH" >> $(CURDIR)/debian/libgolang-$(GOVER)-std1.substvars + override_dh_auto_build-arch: [ -f VERSION ] || echo "debian snapshot +$$(dpkg-parsechangelog -SVersion)" > VERSION export GOROOT_BOOTSTRAP=$$(env -i go env GOROOT) \ && cd src \ && $(CURDIR)/debian/helpers/goenv.sh \ bash ./make.bash --no-banner + $(CURDIR)/bin/go install -v -buildmode=shared \ + -ldflags '-extldflags "-Wl,-soname=libgolang-$(GOVER)-std.so.1"' \ + std opt_no_act := ifneq (,$(findstring n,$(MAKEFLAGS)))
  7. Download patch .pc/0005-cmd-compile-runtime-a-different-approach-to-duplicat.patch/src/runtime/runtime2.go
  8. Download patch .pc/0003-runtime-make-module-typemaps-visible-to-the-GC.patch/src/runtime/type.go
  9. Download patch debian/control

    --- 1.7.4-2/debian/control 2017-04-04 23:54:58.000000000 +0000 +++ 1.7.4-2ubuntu1/debian/control 2017-04-05 01:12:55.000000000 +0000 @@ -5,7 +5,8 @@ Source: golang-1.7 Section: devel Priority: optional -Maintainer: Go Compiler Team <pkg-golang-devel@lists.alioth.debian.org> +Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> +XSBC-Original-Maintainer: Go Compiler Team <pkg-golang-devel@lists.alioth.debian.org> Uploaders: Michael Stapelberg <stapelberg@debian.org>, Paul Tagliamonte <paultag@debian.org>, Tianon Gravi <tianon@debian.org>, @@ -24,7 +25,11 @@ Depends: golang-1.7-src (>= ${source:Ver ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends} -Recommends: g++, gcc, libc6-dev, pkg-config +Recommends: g++, + gcc, + golang-1.7-race-detector-runtime [amd64], + libc6-dev, + pkg-config Suggests: bzr, ca-certificates, git, mercurial, subversion Description: Go programming language compiler, linker, compiled stdlib The Go programming language is an open source project to make programmers more @@ -96,3 +101,25 @@ Description: Go programming language com . This package is a metapackage that, when installed, guarantees that (most of) a full Go development environment is installed. + +Package: libgolang-1.7-std1 +Architecture: amd64 arm64 armhf i386 ppc64el s390x +Pre-Depends: ${misc:Pre-Depends} +Provides: ${golang:Provides} +Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends} +Description: Go standard shared library + This package contains the Go standard library built as a shared library. + Packages should not depend on this package directly but rather the ABI-stamped + value in Provides:. dpkg-shlibdeps will do this automatically. + +Package: golang-1.7-go-shared-dev +Architecture: amd64 arm64 armhf i386 ppc64el s390x +Pre-Depends: ${misc:Pre-Depends} +Depends: golang-1.7-go (= ${binary:Version}), + libgolang-1.7-std1 (= ${binary:Version}), + ${misc:Depends}, + ${perl:Depends}, + ${shlibs:Depends} +Description: Go standard shared library support files + This package contains the files necessary to link against the shared + library packaged in libgolang-1.7-std1.
  10. Download patch .pc/0005-cmd-compile-runtime-a-different-approach-to-duplicat.patch/misc/cgo/testshared/src/exe/exe.go

    --- 1.7.4-2/.pc/0005-cmd-compile-runtime-a-different-approach-to-duplicat.patch/misc/cgo/testshared/src/exe/exe.go 1970-01-01 00:00:00.000000000 +0000 +++ 1.7.4-2ubuntu1/.pc/0005-cmd-compile-runtime-a-different-approach-to-duplicat.patch/misc/cgo/testshared/src/exe/exe.go 2017-04-05 11:38:59.000000000 +0000 @@ -0,0 +1,18 @@ +package main + +import ( + "depBase" + "os" + "reflect" + "runtime" +) + +func main() { + defer depBase.ImplementedInAsm() + // This code below causes various go.itab.* symbols to be generated in + // the executable. Similar code in ../depBase/dep.go results in + // exercising https://github.com/golang/go/issues/17594 + reflect.TypeOf(os.Stdout).Elem() + runtime.GC() + depBase.V = depBase.F() + 1 +}
  11. Download patch misc/cgo/testshared/src/depBase/dep.go

    --- 1.7.4-2/misc/cgo/testshared/src/depBase/dep.go 2016-12-01 21:16:26.000000000 +0000 +++ 1.7.4-2ubuntu1/misc/cgo/testshared/src/depBase/dep.go 2017-04-05 11:38:59.000000000 +0000 @@ -1,5 +1,10 @@ package depBase +import ( + "os" + "reflect" +) + var V int = 1 var HasMask []string = []string{"hi"} @@ -13,6 +18,10 @@ type Dep struct { } func (d *Dep) Method() int { + // This code below causes various go.itab.* symbols to be generated in + // the shared library. Similar code in ../exe/exe.go results in + // exercising https://github.com/golang/go/issues/17594 + reflect.TypeOf(os.Stdout).Elem() return 10 }
  12. Download patch debian/libgolang-X.Y-std1.lintian-overrides

    --- 1.7.4-2/debian/libgolang-X.Y-std1.lintian-overrides 1970-01-01 00:00:00.000000000 +0000 +++ 1.7.4-2ubuntu1/debian/libgolang-X.Y-std1.lintian-overrides 2017-04-05 01:12:55.000000000 +0000 @@ -0,0 +1,3 @@ +# Go shared libraries are not linked by the system linker so +# the .so symlinks are not where lintian expects. +libgolang-std1: dev-pkg-without-shlib-symlink
  13. Download patch debian/control.in

    --- 1.7.4-2/debian/control.in 2017-04-04 23:52:45.000000000 +0000 +++ 1.7.4-2ubuntu1/debian/control.in 2017-04-05 01:12:55.000000000 +0000 @@ -1,7 +1,8 @@ Source: golang-X.Y Section: devel Priority: optional -Maintainer: Go Compiler Team <pkg-golang-devel@lists.alioth.debian.org> +Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> +XSBC-Original-Maintainer: Go Compiler Team <pkg-golang-devel@lists.alioth.debian.org> Uploaders: Michael Stapelberg <stapelberg@debian.org>, Paul Tagliamonte <paultag@debian.org>, Tianon Gravi <tianon@debian.org>, @@ -20,7 +21,11 @@ Depends: golang-X.Y-src (>= ${source:Ver ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends} -Recommends: g++, gcc, libc6-dev, pkg-config +Recommends: g++, + gcc, + golang-X.Y-race-detector-runtime [amd64], + libc6-dev, + pkg-config Suggests: bzr, ca-certificates, git, mercurial, subversion Description: Go programming language compiler, linker, compiled stdlib The Go programming language is an open source project to make programmers more @@ -92,3 +97,25 @@ Description: Go programming language com . This package is a metapackage that, when installed, guarantees that (most of) a full Go development environment is installed. + +Package: libgolang-X.Y-std1 +Architecture: amd64 arm64 armhf i386 ppc64el s390x +Pre-Depends: ${misc:Pre-Depends} +Provides: ${golang:Provides} +Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends} +Description: Go standard shared library + This package contains the Go standard library built as a shared library. + Packages should not depend on this package directly but rather the ABI-stamped + value in Provides:. dpkg-shlibdeps will do this automatically. + +Package: golang-X.Y-go-shared-dev +Architecture: amd64 arm64 armhf i386 ppc64el s390x +Pre-Depends: ${misc:Pre-Depends} +Depends: golang-X.Y-go (= ${binary:Version}), + libgolang-X.Y-std1 (= ${binary:Version}), + ${misc:Depends}, + ${perl:Depends}, + ${shlibs:Depends} +Description: Go standard shared library support files + This package contains the files necessary to link against the shared + library packaged in libgolang-X.Y-std1.
  14. Download patch .pc/applied-patches

    --- 1.7.4-2/.pc/applied-patches 2017-04-05 11:38:58.113753608 +0000 +++ 1.7.4-2ubuntu1/.pc/applied-patches 2017-04-05 11:38:59.125781348 +0000 @@ -1,2 +1,7 @@ cl-29995--tzdata-2016g.patch cl-37964--tzdata-2017a.patch +0001-cmd-compile-runtime-make-the-go.itab.-symbols-module.patch +0002-runtime-resolve-type-offsets-using-source-module.patch +0003-runtime-make-module-typemaps-visible-to-the-GC.patch +0004-cmd-compile-mark-go.itab.-symbols-local-earlier.patch +0005-cmd-compile-runtime-a-different-approach-to-duplicat.patch
  15. Download patch .pc/0003-runtime-make-module-typemaps-visible-to-the-GC.patch/src/runtime/symtab.go
  16. Download patch .pc/0001-cmd-compile-runtime-make-the-go.itab.-symbols-module.patch/src/cmd/compile/internal/gc/reflect.go
  17. Download patch src/cmd/compile/internal/gc/reflect.go

    --- 1.7.4-2/src/cmd/compile/internal/gc/reflect.go 2016-12-01 21:16:26.000000000 +0000 +++ 1.7.4-2ubuntu1/src/cmd/compile/internal/gc/reflect.go 2017-04-05 11:38:59.000000000 +0000 @@ -1385,7 +1385,7 @@ func dumptypestructs() { // } o := dsymptr(i.sym, 0, dtypesym(i.itype), 0) o = dsymptr(i.sym, o, dtypesym(i.t), 0) - o += Widthptr + 8 // skip link/bad/unused fields + o += Widthptr + 8 // skip link/bad/inhash fields o += len(imethods(i.itype)) * Widthptr // skip fun method pointers // at runtime the itab will contain pointers to types, other itabs and // method functions. None are allocated on heap, so we can use obj.NOPTR.
  18. Download patch debian/patches/0005-cmd-compile-runtime-a-different-approach-to-duplicat.patch

    --- 1.7.4-2/debian/patches/0005-cmd-compile-runtime-a-different-approach-to-duplicat.patch 1970-01-01 00:00:00.000000000 +0000 +++ 1.7.4-2ubuntu1/debian/patches/0005-cmd-compile-runtime-a-different-approach-to-duplicat.patch 2017-04-05 01:13:30.000000000 +0000 @@ -0,0 +1,141 @@ +From b6c826a037d3e16d68cd5732717971b72a8344d1 Mon Sep 17 00:00:00 2001 +From: Michael Hudson-Doyle <michael.hudson@canonical.com> +Date: Mon, 12 Dec 2016 13:31:56 +1300 +Subject: [PATCH 5/5] cmd/compile, runtime: a different approach to duplicate + itabs + +golang.org/issue/17594 was caused by additab being called more than once for +an itab. golang.org/cl/32131 fixed that by making the itabs local symbols, +but that in turn causes golang.org/issue/18252 because now there are now +multiple itab symbols in a process for a given (type,interface) pair and +different code paths can end up referring to different itabs which breaks +lots of reflection stuff. So this makes itabs global again and just takes +care to only call additab once for each itab. + +Fixes #18252 + +Change-Id: I781a193e2f8dd80af145a3a971f6a25537f633ea +Reviewed-on: https://go-review.googlesource.com/34173 +Run-TryBot: Michael Hudson-Doyle <michael.hudson@canonical.com> +TryBot-Result: Gobot Gobot <gobot@golang.org> +Reviewed-by: David Crawshaw <crawshaw@golang.org> +--- + misc/cgo/testshared/src/exe/exe.go | 17 +++++++++++++++++ + src/cmd/compile/internal/gc/reflect.go | 7 +++---- + src/runtime/iface.go | 14 +++++++++----- + src/runtime/runtime2.go | 2 +- + 4 files changed, 30 insertions(+), 10 deletions(-) + +diff --git a/misc/cgo/testshared/src/exe/exe.go b/misc/cgo/testshared/src/exe/exe.go +index 31fbedd..4337271 100644 +--- a/misc/cgo/testshared/src/exe/exe.go ++++ b/misc/cgo/testshared/src/exe/exe.go +@@ -7,6 +7,18 @@ import ( + "runtime" + ) + ++// Having a function declared in the main package triggered ++// golang.org/issue/18250 ++func DeclaredInMain() { ++} ++ ++type C struct { ++} ++ ++func F() *C { ++ return nil ++} ++ + func main() { + defer depBase.ImplementedInAsm() + // This code below causes various go.itab.* symbols to be generated in +@@ -15,4 +27,9 @@ func main() { + reflect.TypeOf(os.Stdout).Elem() + runtime.GC() + depBase.V = depBase.F() + 1 ++ ++ var c *C ++ if reflect.TypeOf(F).Out(0) != reflect.TypeOf(c) { ++ panic("bad reflection results, see golang.org/issue/18252") ++ } + } +diff --git a/src/cmd/compile/internal/gc/reflect.go b/src/cmd/compile/internal/gc/reflect.go +index 5ad65fb..6267a13 100644 +--- a/src/cmd/compile/internal/gc/reflect.go ++++ b/src/cmd/compile/internal/gc/reflect.go +@@ -976,7 +976,6 @@ func itabname(t, itype *Type) *Node { + Fatalf("itabname %v", t) + } + s := Pkglookup(Tconv(t, FmtLeft)+","+Tconv(itype, FmtLeft), itabpkg) +- Linksym(s).Local = true + if s.Def == nil { + n := newname(s) + n.Type = Types[TUINT8] +@@ -1386,15 +1385,15 @@ func dumptypestructs() { + // } + o := dsymptr(i.sym, 0, dtypesym(i.itype), 0) + o = dsymptr(i.sym, o, dtypesym(i.t), 0) +- o += Widthptr + 8 // skip link/bad/unused fields ++ o += Widthptr + 8 // skip link/bad/inhash fields + o += len(imethods(i.itype)) * Widthptr // skip fun method pointers + // at runtime the itab will contain pointers to types, other itabs and + // method functions. None are allocated on heap, so we can use obj.NOPTR. +- ggloblsym(i.sym, int32(o), int16(obj.DUPOK|obj.NOPTR|obj.LOCAL)) ++ ggloblsym(i.sym, int32(o), int16(obj.DUPOK|obj.NOPTR)) + + ilink := Pkglookup(Tconv(i.t, FmtLeft)+","+Tconv(i.itype, FmtLeft), itablinkpkg) + dsymptr(ilink, 0, i.sym, 0) +- ggloblsym(ilink, int32(Widthptr), int16(obj.DUPOK|obj.RODATA|obj.LOCAL)) ++ ggloblsym(ilink, int32(Widthptr), int16(obj.DUPOK|obj.RODATA)) + } + + // generate import strings for imported packages +diff --git a/src/runtime/iface.go b/src/runtime/iface.go +index ff977bb..c6ab5a1 100644 +--- a/src/runtime/iface.go ++++ b/src/runtime/iface.go +@@ -138,11 +138,8 @@ func additab(m *itab, locked, canfail bool) { + throw("invalid itab locking") + } + h := itabhash(inter, typ) +- if m == hash[h] { +- println("duplicate itab for", typ.string(), "and", inter.typ.string()) +- throw("duplicate itabs") +- } + m.link = hash[h] ++ m.inhash = 1 + atomicstorep(unsafe.Pointer(&hash[h]), unsafe.Pointer(m)) + } + +@@ -150,7 +147,14 @@ func itabsinit() { + lock(&ifaceLock) + for m := &firstmoduledata; m != nil; m = m.next { + for _, i := range m.itablinks { +- additab(i, true, false) ++ // itablinks is a slice of pointers to the itabs used in this ++ // module. A given itab may be used in more than one module ++ // and thanks to the way global symbol resolution works, the ++ // pointed-to itab may already have been inserted into the ++ // global 'hash'. ++ if i.inhash == 0 { ++ additab(i, true, false) ++ } + } + } + unlock(&ifaceLock) +diff --git a/src/runtime/runtime2.go b/src/runtime/runtime2.go +index 6119e75..a3d062d 100644 +--- a/src/runtime/runtime2.go ++++ b/src/runtime/runtime2.go +@@ -619,7 +619,7 @@ type itab struct { + _type *_type + link *itab + bad int32 +- unused int32 ++ inhash int32 // has this itab been added to hash? + fun [1]uintptr // variable sized + } + +-- +2.7.4 +
  19. Download patch .pc/0001-cmd-compile-runtime-make-the-go.itab.-symbols-module.patch/misc/cgo/testshared/src/depBase/dep.go

    --- 1.7.4-2/.pc/0001-cmd-compile-runtime-make-the-go.itab.-symbols-module.patch/misc/cgo/testshared/src/depBase/dep.go 1970-01-01 00:00:00.000000000 +0000 +++ 1.7.4-2ubuntu1/.pc/0001-cmd-compile-runtime-make-the-go.itab.-symbols-module.patch/misc/cgo/testshared/src/depBase/dep.go 2016-12-01 21:16:26.000000000 +0000 @@ -0,0 +1,22 @@ +package depBase + +var V int = 1 + +var HasMask []string = []string{"hi"} + +type HasProg struct { + array [1024]*byte +} + +type Dep struct { + X int +} + +func (d *Dep) Method() int { + return 10 +} + +func F() int { + defer func() {}() + return V +}
  20. Download patch debian/patches/series

    --- 1.7.4-2/debian/patches/series 2017-04-04 23:52:52.000000000 +0000 +++ 1.7.4-2ubuntu1/debian/patches/series 2017-04-05 01:13:30.000000000 +0000 @@ -1,2 +1,7 @@ cl-29995--tzdata-2016g.patch cl-37964--tzdata-2017a.patch +0001-cmd-compile-runtime-make-the-go.itab.-symbols-module.patch +0002-runtime-resolve-type-offsets-using-source-module.patch +0003-runtime-make-module-typemaps-visible-to-the-GC.patch +0004-cmd-compile-mark-go.itab.-symbols-local-earlier.patch +0005-cmd-compile-runtime-a-different-approach-to-duplicat.patch
  21. Download patch .pc/0002-runtime-resolve-type-offsets-using-source-module.patch/src/runtime/type.go
  22. Download patch .pc/0001-cmd-compile-runtime-make-the-go.itab.-symbols-module.patch/misc/cgo/testshared/src/exe/exe.go

    --- 1.7.4-2/.pc/0001-cmd-compile-runtime-make-the-go.itab.-symbols-module.patch/misc/cgo/testshared/src/exe/exe.go 1970-01-01 00:00:00.000000000 +0000 +++ 1.7.4-2ubuntu1/.pc/0001-cmd-compile-runtime-make-the-go.itab.-symbols-module.patch/misc/cgo/testshared/src/exe/exe.go 2016-12-01 21:16:26.000000000 +0000 @@ -0,0 +1,12 @@ +package main + +import ( + "depBase" + "runtime" +) + +func main() { + defer depBase.ImplementedInAsm() + runtime.GC() + depBase.V = depBase.F() + 1 +}
  23. Download patch debian/patches/0002-runtime-resolve-type-offsets-using-source-module.patch

    --- 1.7.4-2/debian/patches/0002-runtime-resolve-type-offsets-using-source-module.patch 1970-01-01 00:00:00.000000000 +0000 +++ 1.7.4-2ubuntu1/debian/patches/0002-runtime-resolve-type-offsets-using-source-module.patch 2017-04-05 01:13:29.000000000 +0000 @@ -0,0 +1,86 @@ +From 34c480afa89a4efa917f30592d8c095dbaf7612e Mon Sep 17 00:00:00 2001 +From: David Crawshaw <crawshaw@golang.org> +Date: Tue, 1 Nov 2016 15:28:55 -0400 +Subject: [PATCH] runtime: resolve type offsets using source module + +The runtime.typeEquals function is used during typelinksinit to +determine the canonical set of *_type values to use throughout the +runtime. As such, it is run against non-canonical *_type values, that +is, types from modules that are duplicates of a type from another +module that was loaded earlier in the program life. + +These non-canonical *_type values sometimes contain pointers. These +pointers are pointing to position-independent data, and so they are set +by ld.so using dynamic relocations when the module is loaded. As such, +the pointer can point to the equivalent memory from a previous module. + +This means if typesEqual follows a pointer inside a *_type, it can end +up at a piece of memory from another module. If it reads a typeOff or +nameOff from that memory and attempts to resolve it against the +non-canonical *_type from the later module, it will end up with a +reference to junk memory. + +Instead, resolve against the pointer the offset was read from, so the +data is valid. + +Fixes #17709. +Should no longer matter after #17724 is resolved in a later Go. + +Change-Id: Ie88b151a3407d82ac030a97b5b6a19fc781901cb +Reviewed-on: https://go-review.googlesource.com/32513 +Run-TryBot: David Crawshaw <crawshaw@golang.org> +Reviewed-by: Keith Randall <khr@golang.org> +--- + src/runtime/type.go | 18 +++++++++++++----- + 1 file changed, 13 insertions(+), 5 deletions(-) + +--- a/src/runtime/type.go ++++ b/src/runtime/type.go +@@ -199,11 +199,11 @@ + return resolveNameOff(unsafe.Pointer(t), off) + } + +-func (t *_type) typeOff(off typeOff) *_type { ++func resolveTypeOff(ptrInModule unsafe.Pointer, off typeOff) *_type { + if off == 0 { + return nil + } +- base := uintptr(unsafe.Pointer(t)) ++ base := uintptr(ptrInModule) + var md *moduledata + for next := &firstmoduledata; next != nil; next = next.next { + if base >= next.types && base < next.etypes { +@@ -235,6 +235,10 @@ + return (*_type)(unsafe.Pointer(res)) + } + ++func (t *_type) typeOff(off typeOff) *_type { ++ return resolveTypeOff(unsafe.Pointer(t), off) ++} ++ + func (t *_type) textOff(off textOff) unsafe.Pointer { + base := uintptr(unsafe.Pointer(t)) + var md *moduledata +@@ -573,15 +577,19 @@ + for i := range it.mhdr { + tm := &it.mhdr[i] + vm := &iv.mhdr[i] +- tname := it.typ.nameOff(tm.name) +- vname := iv.typ.nameOff(vm.name) ++ // Note the mhdr array can be relocated from ++ // another module. See #17724. ++ tname := resolveNameOff(unsafe.Pointer(tm), tm.name) ++ vname := resolveNameOff(unsafe.Pointer(vm), vm.name) + if tname.name() != vname.name() { + return false + } + if tname.pkgPath() != vname.pkgPath() { + return false + } +- if !typesEqual(it.typ.typeOff(tm.ityp), iv.typ.typeOff(vm.ityp)) { ++ tityp := resolveTypeOff(unsafe.Pointer(tm), tm.ityp) ++ vityp := resolveTypeOff(unsafe.Pointer(vm), vm.ityp) ++ if !typesEqual(tityp, vityp) { + return false + } + }
  24. Download patch debian/gbp.conf.in

    --- 1.7.4-2/debian/gbp.conf.in 2017-04-04 23:52:45.000000000 +0000 +++ 1.7.4-2ubuntu1/debian/gbp.conf.in 2017-04-05 01:13:29.000000000 +0000 @@ -1,5 +1,5 @@ [DEFAULT] -debian-branch = golang-X.Y +debian-branch = ubuntu-X.Y debian-tag = debian/%(version)s upstream-branch = upstream-X.Y upstream-tag = upstream/%(version)s
  25. Download patch debian/patches/0003-runtime-make-module-typemaps-visible-to-the-GC.patch

    --- 1.7.4-2/debian/patches/0003-runtime-make-module-typemaps-visible-to-the-GC.patch 1970-01-01 00:00:00.000000000 +0000 +++ 1.7.4-2ubuntu1/debian/patches/0003-runtime-make-module-typemaps-visible-to-the-GC.patch 2017-04-05 01:13:29.000000000 +0000 @@ -0,0 +1,64 @@ +From 0bd8d2b00cf42a8bf89fdbc71e1dc4bbab9d53d8 Mon Sep 17 00:00:00 2001 +From: David Crawshaw <crawshaw@golang.org> +Date: Sun, 30 Oct 2016 21:19:59 -0400 +Subject: [PATCH 3/4] runtime: make module typemaps visible to the GC + +The map[typeOff]*_type object is created at run time and stored in +the moduledata. The moduledata object is marked by the linker as +SNOPTRDATA, so the reference is ignored by the GC. Running +misc/cgo/testplugin/test.bash with GOGC=1 will eventually collect +the typemap and crash. + +This bug probably comes up in -linkshared binaries in Go 1.7. +I don't know why we haven't seen a report about this yet. + +Fixes #17680 + +Change-Id: I0e9b5c006010e8edd51d9471651620ba665248d3 +Reviewed-on: https://go-review.googlesource.com/32430 +TryBot-Result: Gobot Gobot <gobot@golang.org> +Reviewed-by: Michael Hudson-Doyle <michael.hudson@canonical.com> +Reviewed-by: Ian Lance Taylor <iant@golang.org> +--- + src/runtime/symtab.go | 9 +++++++++ + src/runtime/type.go | 4 +++- + 2 files changed, 12 insertions(+), 1 deletion(-) + +diff --git a/src/runtime/symtab.go b/src/runtime/symtab.go +index 4f6fae2..022e33b 100644 +--- a/src/runtime/symtab.go ++++ b/src/runtime/symtab.go +@@ -218,6 +218,15 @@ type modulehash struct { + runtimehash *string + } + ++// pinnedTypemaps are the map[typeOff]*_type from the moduledata objects. ++// ++// These typemap objects are allocated at run time on the heap, but the ++// only direct reference to them is in the moduledata, created by the ++// linker and marked SNOPTRDATA so it is ignored by the GC. ++// ++// To make sure the map isn't collected, we keep a second reference here. ++var pinnedTypemaps []map[typeOff]*_type ++ + var firstmoduledata moduledata // linker symbol + var lastmoduledatap *moduledata // linker symbol + +diff --git a/src/runtime/type.go b/src/runtime/type.go +index b54483b..fd100a7 100644 +--- a/src/runtime/type.go ++++ b/src/runtime/type.go +@@ -481,7 +481,9 @@ func typelinksinit() { + // prior module, prefer that prior type by adding the offset + // to this module's typemap. + md := modules[len(modules)-1] +- md.typemap = make(map[typeOff]*_type, len(md.typelinks)) ++ tm := make(map[typeOff]*_type, len(md.typelinks)) ++ pinnedTypemaps = append(pinnedTypemaps, tm) ++ md.typemap = tm + for _, tl := range md.typelinks { + t := (*_type)(unsafe.Pointer(md.types + uintptr(tl))) + for _, candidate := range typehash[t.hash] { +-- +2.7.4 +
  26. Download patch .pc/0004-cmd-compile-mark-go.itab.-symbols-local-earlier.patch/src/cmd/compile/internal/gc/reflect.go
  27. Download patch debian/helpers/readabihash.go

    --- 1.7.4-2/debian/helpers/readabihash.go 1970-01-01 00:00:00.000000000 +0000 +++ 1.7.4-2ubuntu1/debian/helpers/readabihash.go 2017-04-05 01:12:55.000000000 +0000 @@ -0,0 +1,85 @@ +package main + +import ( + "debug/elf" + "encoding/binary" + "fmt" + "io" + "log" + "os" +) + +func rnd(v int32, r int32) int32 { + if r <= 0 { + return v + } + v += r - 1 + c := v % r + if c < 0 { + c += r + } + v -= c + return v +} + +func readwithpad(r io.Reader, sz int32) ([]byte, error) { + full := rnd(sz, 4) + data := make([]byte, full) + _, err := r.Read(data) + if err != nil { + return nil, err + } + data = data[:sz] + return data, nil +} + +func readnote(filename, name string, type_ int32) ([]byte, error) { + f, err := elf.Open(filename) + if err != nil { + return nil, err + } + for _, sect := range f.Sections { + if sect.Type != elf.SHT_NOTE { + continue + } + r := sect.Open() + for { + var namesize, descsize, nt_type int32 + err = binary.Read(r, f.ByteOrder, &namesize) + if err != nil { + if err == io.EOF { + break + } + return nil, fmt.Errorf("read namesize failed", err) + } + err = binary.Read(r, f.ByteOrder, &descsize) + if err != nil { + return nil, fmt.Errorf("read descsize failed", err) + } + err = binary.Read(r, f.ByteOrder, &nt_type) + if err != nil { + return nil, fmt.Errorf("read type failed", err) + } + nt_name, err := readwithpad(r, namesize) + if err != nil { + return nil, fmt.Errorf("read name failed", err) + } + desc, err := readwithpad(r, descsize) + if err != nil { + return nil, fmt.Errorf("read desc failed", err) + } + if name == string(nt_name) && type_ == nt_type { + return desc, nil + } + } + } + return nil, nil +} + +func main() { + desc, err := readnote(os.Args[1], "Go\x00\x00", 2) + if err != nil { + log.Fatalf("readnote failed: %v", err) + } + fmt.Printf("%x\n", desc) +}
  28. Download patch debian/helpers/installshlib.sh

    --- 1.7.4-2/debian/helpers/installshlib.sh 1970-01-01 00:00:00.000000000 +0000 +++ 1.7.4-2ubuntu1/debian/helpers/installshlib.sh 2017-04-05 01:12:55.000000000 +0000 @@ -0,0 +1,17 @@ +#!/bin/bash +set -eux +GOARCH=$(./bin/go env GOARCH) + +./bin/go build -o ./bin/readabihash -linkshared -ldflags="-r ''" debian/helpers/readabihash.go + +TRIPLET=$(dpkg-architecture -qDEB_HOST_MULTIARCH) + +mkdir -p debian/libgolang-${GOVER}-std1/usr/lib/${TRIPLET} +mv pkg/linux_${GOARCH}_dynlink/libstd.so debian/libgolang-${GOVER}-std1/usr/lib/${TRIPLET}/libgolang-${GOVER}-std.so.1 + +ln -s ../../../${TRIPLET}/libgolang-${GOVER}-std.so.1 pkg/linux_${GOARCH}_dynlink/libstd.so + +mkdir -p debian/golang-${GOVER}-go-shared-dev/usr/lib/go-${GOVER}/pkg/ +mv pkg/linux_${GOARCH}_dynlink/ debian/golang-${GOVER}-go-shared-dev/usr/lib/go-${GOVER}/pkg/ + +cp bin/readabihash debian/golang-${GOVER}-go-shared-dev/usr/lib/go-${GOVER}/pkg/
  29. Download patch debian/gbp.conf

    --- 1.7.4-2/debian/gbp.conf 2017-04-04 23:54:58.000000000 +0000 +++ 1.7.4-2ubuntu1/debian/gbp.conf 2017-04-05 01:13:29.000000000 +0000 @@ -3,7 +3,7 @@ # [DEFAULT] -debian-branch = golang-1.7 +debian-branch = ubuntu-1.7 debian-tag = debian/%(version)s upstream-branch = upstream-1.7 upstream-tag = upstream/%(version)s
  30. Download patch src/runtime/iface.go

    --- 1.7.4-2/src/runtime/iface.go 2016-12-01 21:16:28.000000000 +0000 +++ 1.7.4-2ubuntu1/src/runtime/iface.go 2017-04-05 11:38:59.000000000 +0000 @@ -139,6 +139,7 @@ func additab(m *itab, locked, canfail bo } h := itabhash(inter, typ) m.link = hash[h] + m.inhash = 1 atomicstorep(unsafe.Pointer(&hash[h]), unsafe.Pointer(m)) } @@ -146,7 +147,14 @@ func itabsinit() { lock(&ifaceLock) for m := &firstmoduledata; m != nil; m = m.next { for _, i := range m.itablinks { - additab(i, true, false) + // itablinks is a slice of pointers to the itabs used in this + // module. A given itab may be used in more than one module + // and thanks to the way global symbol resolution works, the + // pointed-to itab may already have been inserted into the + // global 'hash'. + if i.inhash == 0 { + additab(i, true, false) + } } } unlock(&ifaceLock)
  31. Download patch debian/patches/0001-cmd-compile-runtime-make-the-go.itab.-symbols-module.patch

    --- 1.7.4-2/debian/patches/0001-cmd-compile-runtime-make-the-go.itab.-symbols-module.patch 1970-01-01 00:00:00.000000000 +0000 +++ 1.7.4-2ubuntu1/debian/patches/0001-cmd-compile-runtime-make-the-go.itab.-symbols-module.patch 2017-04-05 01:12:55.000000000 +0000 @@ -0,0 +1,85 @@ +Description: cmd/compile, runtime: make the go.itab.* symbols module-local + Otherwise, the way the ELF dynamic linker works means that you can end up with + the same itab being passed to additab twice, leading to the itab linked list + having a cycle in it. Add a test to additab in runtime to catch this when it + happens, not some arbitrary and surprsing time later. + . + Fixes #17594 +Author: Michael Hudson-Doyle <michael.hudson@ubuntu.com> +Origin: https://go.googlesource.com/go/+/8b07ec20f7a971edce9eaf413b20e453c50858c6 +Bug: https://github.com/golang/go/issues/17594 +Last-Update: 2016-10-28 + +--- a/misc/cgo/testshared/src/depBase/dep.go ++++ b/misc/cgo/testshared/src/depBase/dep.go +@@ -1,5 +1,10 @@ + package depBase + ++import ( ++ "os" ++ "reflect" ++) ++ + var V int = 1 + + var HasMask []string = []string{"hi"} +@@ -13,6 +18,10 @@ + } + + func (d *Dep) Method() int { ++ // This code below causes various go.itab.* symbols to be generated in ++ // the shared library. Similar code in ../exe/exe.go results in ++ // exercising https://github.com/golang/go/issues/17594 ++ reflect.TypeOf(os.Stdout).Elem() + return 10 + } + +--- a/misc/cgo/testshared/src/exe/exe.go ++++ b/misc/cgo/testshared/src/exe/exe.go +@@ -2,11 +2,17 @@ + + import ( + "depBase" ++ "os" ++ "reflect" + "runtime" + ) + + func main() { + defer depBase.ImplementedInAsm() ++ // This code below causes various go.itab.* symbols to be generated in ++ // the executable. Similar code in ../depBase/dep.go results in ++ // exercising https://github.com/golang/go/issues/17594 ++ reflect.TypeOf(os.Stdout).Elem() + runtime.GC() + depBase.V = depBase.F() + 1 + } +--- a/src/cmd/compile/internal/gc/reflect.go ++++ b/src/cmd/compile/internal/gc/reflect.go +@@ -1389,11 +1389,11 @@ + o += len(imethods(i.itype)) * Widthptr // skip fun method pointers + // at runtime the itab will contain pointers to types, other itabs and + // method functions. None are allocated on heap, so we can use obj.NOPTR. +- ggloblsym(i.sym, int32(o), int16(obj.DUPOK|obj.NOPTR)) ++ ggloblsym(i.sym, int32(o), int16(obj.DUPOK|obj.NOPTR|obj.LOCAL)) + + ilink := Pkglookup(Tconv(i.t, FmtLeft)+","+Tconv(i.itype, FmtLeft), itablinkpkg) + dsymptr(ilink, 0, i.sym, 0) +- ggloblsym(ilink, int32(Widthptr), int16(obj.DUPOK|obj.RODATA)) ++ ggloblsym(ilink, int32(Widthptr), int16(obj.DUPOK|obj.RODATA|obj.LOCAL)) + } + + // generate import strings for imported packages +--- a/src/runtime/iface.go ++++ b/src/runtime/iface.go +@@ -138,6 +138,10 @@ + throw("invalid itab locking") + } + h := itabhash(inter, typ) ++ if m == hash[h] { ++ println("duplicate itab for", typ.string(), "and", inter.typ.string()) ++ throw("duplicate itabs") ++ } + m.link = hash[h] + atomicstorep(unsafe.Pointer(&hash[h]), unsafe.Pointer(m)) + }
  32. Download patch src/runtime/type.go

    --- 1.7.4-2/src/runtime/type.go 2016-12-01 21:16:28.000000000 +0000 +++ 1.7.4-2ubuntu1/src/runtime/type.go 2017-04-05 11:38:59.000000000 +0000 @@ -199,11 +199,11 @@ func (t *_type) nameOff(off nameOff) nam return resolveNameOff(unsafe.Pointer(t), off) } -func (t *_type) typeOff(off typeOff) *_type { +func resolveTypeOff(ptrInModule unsafe.Pointer, off typeOff) *_type { if off == 0 { return nil } - base := uintptr(unsafe.Pointer(t)) + base := uintptr(ptrInModule) var md *moduledata for next := &firstmoduledata; next != nil; next = next.next { if base >= next.types && base < next.etypes { @@ -235,6 +235,10 @@ func (t *_type) typeOff(off typeOff) *_t return (*_type)(unsafe.Pointer(res)) } +func (t *_type) typeOff(off typeOff) *_type { + return resolveTypeOff(unsafe.Pointer(t), off) +} + func (t *_type) textOff(off textOff) unsafe.Pointer { base := uintptr(unsafe.Pointer(t)) var md *moduledata @@ -477,7 +481,9 @@ func typelinksinit() { // prior module, prefer that prior type by adding the offset // to this module's typemap. md := modules[len(modules)-1] - md.typemap = make(map[typeOff]*_type, len(md.typelinks)) + tm := make(map[typeOff]*_type, len(md.typelinks)) + pinnedTypemaps = append(pinnedTypemaps, tm) + md.typemap = tm for _, tl := range md.typelinks { t := (*_type)(unsafe.Pointer(md.types + uintptr(tl))) for _, candidate := range typehash[t.hash] { @@ -573,15 +579,19 @@ func typesEqual(t, v *_type) bool { for i := range it.mhdr { tm := &it.mhdr[i] vm := &iv.mhdr[i] - tname := it.typ.nameOff(tm.name) - vname := iv.typ.nameOff(vm.name) + // Note the mhdr array can be relocated from + // another module. See #17724. + tname := resolveNameOff(unsafe.Pointer(tm), tm.name) + vname := resolveNameOff(unsafe.Pointer(vm), vm.name) if tname.name() != vname.name() { return false } if tname.pkgPath() != vname.pkgPath() { return false } - if !typesEqual(it.typ.typeOff(tm.ityp), iv.typ.typeOff(vm.ityp)) { + tityp := resolveTypeOff(unsafe.Pointer(tm), tm.ityp) + vityp := resolveTypeOff(unsafe.Pointer(vm), vm.ityp) + if !typesEqual(tityp, vityp) { return false } }
  33. Download patch .pc/0005-cmd-compile-runtime-a-different-approach-to-duplicat.patch/src/runtime/iface.go
  34. Download patch src/runtime/symtab.go

    --- 1.7.4-2/src/runtime/symtab.go 2016-12-01 21:16:28.000000000 +0000 +++ 1.7.4-2ubuntu1/src/runtime/symtab.go 2017-04-05 11:38:59.000000000 +0000 @@ -218,6 +218,15 @@ type modulehash struct { runtimehash *string } +// pinnedTypemaps are the map[typeOff]*_type from the moduledata objects. +// +// These typemap objects are allocated at run time on the heap, but the +// only direct reference to them is in the moduledata, created by the +// linker and marked SNOPTRDATA so it is ignored by the GC. +// +// To make sure the map isn't collected, we keep a second reference here. +var pinnedTypemaps []map[typeOff]*_type + var firstmoduledata moduledata // linker symbol var lastmoduledatap *moduledata // linker symbol

Debian ( Changelog | PTS | Bugs ) Ubuntu ( Changelog | txt | LP | Bugs ) | Diff from Ubuntu

Source: golang-1.8

golang-1.8 (1.8.3-2ubuntu1) artful; urgency=medium * Merge from Debian unstable. Remaining changes: - Do not distribute un-built from source race detector runtime files and recommend golang-race-detector-runtime instead (see Debian bug #807455). - Build Go standard library into a shared library. - Backport d/patches/cl-40401--more-robust-ABI-hash.patch from upstream to make the ABIs of shared libraries slightly more robust. - Backport d/patches/i386-shlib-fix.patch from upstream to fix a problem with shared libraries on i386. -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Tue, 15 Aug 2017 13:03:20 +1200

Modifications :
  1. Download patch .pc/cl-40401--more-robust-ABI-hash.patch/misc/cgo/testshared/shared_test.go
  2. Download patch src/cmd/internal/obj/x86/obj6.go

    --- 1.8.3-2/src/cmd/internal/obj/x86/obj6.go 2017-05-24 18:15:12.000000000 +0000 +++ 1.8.3-2ubuntu1/src/cmd/internal/obj/x86/obj6.go 2017-08-24 00:11:44.000000000 +0000 @@ -322,15 +322,13 @@ func progedit(ctxt *obj.Link, p *obj.Pro // Rewrite p, if necessary, to access global data via the global offset table. func rewriteToUseGot(ctxt *obj.Link, p *obj.Prog) { - var add, lea, mov obj.As + var lea, mov obj.As var reg int16 if p.Mode == 64 { - add = AADDQ lea = ALEAQ mov = AMOVQ reg = REG_R15 } else { - add = AADDL lea = ALEAL mov = AMOVL reg = REG_CX @@ -347,8 +345,10 @@ func rewriteToUseGot(ctxt *obj.Link, p * // ADUFFxxx $offset // becomes // $MOV runtime.duffxxx@GOT, $reg - // $ADD $offset, $reg + // $LEA $offset($reg), $reg // CALL $reg + // (we use LEAx rather than ADDx because ADDx clobbers + // flags and duffzero on 386 does not otherwise do so) var sym *obj.LSym if p.As == obj.ADUFFZERO { sym = obj.Linklookup(ctxt, "runtime.duffzero", 0) @@ -365,9 +365,10 @@ func rewriteToUseGot(ctxt *obj.Link, p * p.To.Offset = 0 p.To.Sym = nil p1 := obj.Appendp(ctxt, p) - p1.As = add - p1.From.Type = obj.TYPE_CONST + p1.As = lea + p1.From.Type = obj.TYPE_MEM p1.From.Offset = offset + p1.From.Reg = reg p1.To.Type = obj.TYPE_REG p1.To.Reg = reg p2 := obj.Appendp(ctxt, p1)
  3. Download patch debian/rules

    --- 1.8.3-2/debian/rules 2017-07-24 20:51:01.000000000 +0000 +++ 1.8.3-2ubuntu1/debian/rules 2017-08-15 01:01:11.000000000 +0000 @@ -18,6 +18,10 @@ ifneq (,$(findstring nocheck,$(DEB_BUILD RUN_TESTS := false endif +shlib_archs = $(shell GOVER=$(GOVER) perl debian/helpers/getshlibarches.pl) + +multiarch := $(shell dpkg-architecture -qDEB_HOST_MULTIARCH) + %: +dh --parallel $(opt_no_act) $@ @@ -47,7 +51,7 @@ override_dh_auto_clean: gencontrol override_dh_prep: dh_prep - @set -e; cd debian; for x in golang-X.Y-*; do \ + @set -e; cd debian; for x in *golang-X.Y-*; do \ sed -e 's/X.Y/$(GOVER)/g' $$x > golang-$(GOVER)-$${x##golang-X.Y-}; \ done @@ -80,7 +84,13 @@ override_dh_install-indep: dh_install --fail-missing override_dh_install-arch: + set -ex; \ + export PATH="$(GOROOT)/bin:$$PATH"; \ + $(CURDIR)/debian/helpers/installshlib.sh dh_install --fail-missing + # Remove .syso files of the race detector; they are binary files that + # are not built from source in the go source distribution. + find $(CURDIR)/debian/golang-$(GOVER)-src/usr/share/go-$(GOVER)/src/runtime/race -type f -name '*.syso' -delete # Remove Plan9 rc(1) scripts find debian/golang-$(GOVER)-src/usr/share/go-$(GOVER)/src -type f -name '*.rc' -delete # Remove empty /usr/share/go-$(GOVER)/src from golang-$(GOVER)-go, it is provided by golang-$(GOVER)-src @@ -95,12 +105,21 @@ override_dh_strip: override_dh_shlibdeps: dh_shlibdeps -Xtestdata -Xtest +override_dh_makeshlibs: + LDIR=$(CURDIR)/debian/libgolang-$(GOVER)-std1/usr/lib/$(multiarch); \ + HASH=$$(LD_LIBRARY_PATH=$$LDIR:$$LD_LIBRARY_PATH $(CURDIR)/bin/readabihash $$LDIR/libgolang-$(GOVER)-std.so.1); \ + dh_makeshlibs -Vlibgolang-$(GOVER)-std1-$$HASH; \ + echo "golang:Provides=libgolang-$(GOVER)-std1-$$HASH" >> $(CURDIR)/debian/libgolang-$(GOVER)-std1.substvars + override_dh_auto_build-arch: [ -f VERSION ] || echo "debian snapshot +$$(dpkg-parsechangelog -SVersion)" > VERSION export GOROOT_BOOTSTRAP=$$(env -i go env GOROOT) \ && cd src \ && $(CURDIR)/debian/helpers/goenv.sh \ bash ./make.bash --no-banner + $(CURDIR)/bin/go install -v -buildmode=shared \ + -ldflags '-extldflags "-Wl,-soname=libgolang-$(GOVER)-std.so.1"' \ + std opt_no_act := ifneq (,$(findstring n,$(MAKEFLAGS)))
  4. Download patch debian/control

    --- 1.8.3-2/debian/control 2017-07-24 20:51:01.000000000 +0000 +++ 1.8.3-2ubuntu1/debian/control 2017-08-15 01:01:11.000000000 +0000 @@ -5,7 +5,8 @@ Source: golang-1.8 Section: devel Priority: optional -Maintainer: Go Compiler Team <pkg-golang-devel@lists.alioth.debian.org> +Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> +XSBC-Original-Maintainer: Go Compiler Team <pkg-golang-devel@lists.alioth.debian.org> Uploaders: Michael Stapelberg <stapelberg@debian.org>, Paul Tagliamonte <paultag@debian.org>, Tianon Gravi <tianon@debian.org>, @@ -24,7 +25,11 @@ Depends: golang-1.8-src (>= ${source:Ver ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends} -Recommends: g++, gcc, libc6-dev, pkg-config +Recommends: g++, + gcc, + golang-1.8-race-detector-runtime [amd64], + libc6-dev, + pkg-config Suggests: bzr, ca-certificates, git, mercurial, subversion Description: Go programming language compiler, linker, compiled stdlib The Go programming language is an open source project to make programmers more @@ -96,3 +101,25 @@ Description: Go programming language com . This package is a metapackage that, when installed, guarantees that (most of) a full Go development environment is installed. + +Package: libgolang-1.8-std1 +Architecture: amd64 arm64 armhf i386 ppc64el s390x +Pre-Depends: ${misc:Pre-Depends} +Provides: ${golang:Provides} +Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends} +Description: Go standard shared library + This package contains the Go standard library built as a shared library. + Packages should not depend on this package directly but rather the ABI-stamped + value in Provides:. dpkg-shlibdeps will do this automatically. + +Package: golang-1.8-go-shared-dev +Architecture: amd64 arm64 armhf i386 ppc64el s390x +Pre-Depends: ${misc:Pre-Depends} +Depends: golang-1.8-go (= ${binary:Version}), + libgolang-1.8-std1 (= ${binary:Version}), + ${misc:Depends}, + ${perl:Depends}, + ${shlibs:Depends} +Description: Go standard shared library support files + This package contains the files necessary to link against the shared + library packaged in libgolang-1.8-std1.
  5. Download patch src/cmd/link/internal/ld/lib.go
  6. Download patch debian/libgolang-X.Y-std1.lintian-overrides

    --- 1.8.3-2/debian/libgolang-X.Y-std1.lintian-overrides 1970-01-01 00:00:00.000000000 +0000 +++ 1.8.3-2ubuntu1/debian/libgolang-X.Y-std1.lintian-overrides 2017-08-15 01:01:11.000000000 +0000 @@ -0,0 +1,3 @@ +# Go shared libraries are not linked by the system linker so +# the .so symlinks are not where lintian expects. +libgolang-std1: dev-pkg-without-shlib-symlink
  7. Download patch debian/control.in

    --- 1.8.3-2/debian/control.in 2017-07-24 20:51:01.000000000 +0000 +++ 1.8.3-2ubuntu1/debian/control.in 2017-08-15 01:01:11.000000000 +0000 @@ -1,7 +1,8 @@ Source: golang-X.Y Section: devel Priority: optional -Maintainer: Go Compiler Team <pkg-golang-devel@lists.alioth.debian.org> +Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> +XSBC-Original-Maintainer: Go Compiler Team <pkg-golang-devel@lists.alioth.debian.org> Uploaders: Michael Stapelberg <stapelberg@debian.org>, Paul Tagliamonte <paultag@debian.org>, Tianon Gravi <tianon@debian.org>, @@ -20,7 +21,11 @@ Depends: golang-X.Y-src (>= ${source:Ver ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends} -Recommends: g++, gcc, libc6-dev, pkg-config +Recommends: g++, + gcc, + golang-X.Y-race-detector-runtime [amd64], + libc6-dev, + pkg-config Suggests: bzr, ca-certificates, git, mercurial, subversion Description: Go programming language compiler, linker, compiled stdlib The Go programming language is an open source project to make programmers more @@ -92,3 +97,25 @@ Description: Go programming language com . This package is a metapackage that, when installed, guarantees that (most of) a full Go development environment is installed. + +Package: libgolang-X.Y-std1 +Architecture: amd64 arm64 armhf i386 ppc64el s390x +Pre-Depends: ${misc:Pre-Depends} +Provides: ${golang:Provides} +Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends} +Description: Go standard shared library + This package contains the Go standard library built as a shared library. + Packages should not depend on this package directly but rather the ABI-stamped + value in Provides:. dpkg-shlibdeps will do this automatically. + +Package: golang-X.Y-go-shared-dev +Architecture: amd64 arm64 armhf i386 ppc64el s390x +Pre-Depends: ${misc:Pre-Depends} +Depends: golang-X.Y-go (= ${binary:Version}), + libgolang-X.Y-std1 (= ${binary:Version}), + ${misc:Depends}, + ${perl:Depends}, + ${shlibs:Depends} +Description: Go standard shared library support files + This package contains the files necessary to link against the shared + library packaged in libgolang-X.Y-std1.
  8. Download patch .pc/applied-patches

    --- 1.8.3-2/.pc/applied-patches 2017-08-24 00:11:43.386431442 +0000 +++ 1.8.3-2ubuntu1/.pc/applied-patches 2017-08-24 00:11:44.458461131 +0000 @@ -1 +1,3 @@ +i386-shlib-fix.patch +cl-40401--more-robust-ABI-hash.patch 0001-Fix-FTBFS-with-Perl-526.patch
  9. Download patch .pc/cl-40401--more-robust-ABI-hash.patch/src/cmd/link/internal/ld/lib.go
  10. Download patch misc/cgo/testshared/shared_test.go

    --- 1.8.3-2/misc/cgo/testshared/shared_test.go 2017-05-24 18:15:12.000000000 +0000 +++ 1.8.3-2ubuntu1/misc/cgo/testshared/shared_test.go 2017-08-24 00:11:44.000000000 +0000 @@ -759,6 +759,13 @@ func appendFile(path, content string) { } } +func writeFile(path, content string) { + err := ioutil.WriteFile(path, []byte(content), 0644) + if err != nil { + log.Fatalf("ioutil.WriteFile failed: %v", err) + } +} + func TestABIChecking(t *testing.T) { goCmd(t, "install", "-buildmode=shared", "-linkshared", "depBase") goCmd(t, "install", "-linkshared", "exe") @@ -797,9 +804,10 @@ func TestABIChecking(t *testing.T) { run(t, "rebuilt exe", "./bin/exe") // If we make a change which does not break ABI (such as adding an unexported - // function) and rebuild libdepBase.so, exe still works. + // function) and rebuild libdepBase.so, exe still works, even if new function + // is in a file by itself. resetFileStamps() - appendFile("src/depBase/dep.go", "func noABIBreak() {}\n") + writeFile("src/depBase/dep2.go", "package depBase\nfunc noABIBreak() {}\n") goCmd(t, "install", "-buildmode=shared", "-linkshared", "depBase") run(t, "after non-ABI breaking change", "./bin/exe") }
  11. Download patch .pc/i386-shlib-fix.patch/src/cmd/internal/obj/x86/obj6.go
  12. Download patch debian/patches/series

    --- 1.8.3-2/debian/patches/series 2017-07-24 20:51:01.000000000 +0000 +++ 1.8.3-2ubuntu1/debian/patches/series 2017-08-15 01:01:50.000000000 +0000 @@ -1 +1,3 @@ +i386-shlib-fix.patch +cl-40401--more-robust-ABI-hash.patch 0001-Fix-FTBFS-with-Perl-526.patch
  13. Download patch debian/gbp.conf.in

    --- 1.8.3-2/debian/gbp.conf.in 2017-07-24 20:51:01.000000000 +0000 +++ 1.8.3-2ubuntu1/debian/gbp.conf.in 2017-08-15 01:01:11.000000000 +0000 @@ -1,9 +1,9 @@ [DEFAULT] -debian-branch = golang-X.Y +debian-branch = ubuntu-X.Y debian-tag = debian/%(version)s upstream-branch = upstream-X.Y upstream-tag = upstream/%(version)s pristine-tar = True -[dch] +[git-dch] meta = 1
  14. Download patch debian/patches/i386-shlib-fix.patch

    --- 1.8.3-2/debian/patches/i386-shlib-fix.patch 1970-01-01 00:00:00.000000000 +0000 +++ 1.8.3-2ubuntu1/debian/patches/i386-shlib-fix.patch 2017-08-15 01:01:11.000000000 +0000 @@ -0,0 +1,63 @@ +commit a735b8bec8fd3782748777ad9bb2e49bcaf10e4f +Author: Michael Hudson-Doyle <michael.hudson@canonical.com> +Date: Thu Apr 27 11:56:42 2017 +1200 + + cmd/internal/obj/x86: use LEAx rather than ADDx when calling DUFFxxxx via GOT + + DUFFZERO on 386 is not marked as clobbering flags, but rewriteToUseGot rewrote + "ADUFFZERO $offset" to "MOVL runtime.duffxxx@GOT, CX; ADDL $offset, CX; CALL CX" + which does. Luckily the fix is easier than figuring out what the problem was: + replace the ADDL $offset, CX with LEAL $offset(CX), CX. + + On amd64 DUFFZERO clobbers flags, on arm, arm64 and ppc64 ADD does not clobber + flags and s390x does not use the duff functions, so I'm fairly confident this + is the only fix required. + + I don't know how to write a test though. + + Change-Id: I69b0958f5f45771d61db5f5ecb4ded94e8960d4d + +--- a/src/cmd/internal/obj/x86/obj6.go ++++ b/src/cmd/internal/obj/x86/obj6.go +@@ -322,15 +322,13 @@ + + // Rewrite p, if necessary, to access global data via the global offset table. + func rewriteToUseGot(ctxt *obj.Link, p *obj.Prog) { +- var add, lea, mov obj.As ++ var lea, mov obj.As + var reg int16 + if p.Mode == 64 { +- add = AADDQ + lea = ALEAQ + mov = AMOVQ + reg = REG_R15 + } else { +- add = AADDL + lea = ALEAL + mov = AMOVL + reg = REG_CX +@@ -347,8 +345,10 @@ + // ADUFFxxx $offset + // becomes + // $MOV runtime.duffxxx@GOT, $reg +- // $ADD $offset, $reg ++ // $LEA $offset($reg), $reg + // CALL $reg ++ // (we use LEAx rather than ADDx because ADDx clobbers ++ // flags and duffzero on 386 does not otherwise do so) + var sym *obj.LSym + if p.As == obj.ADUFFZERO { + sym = obj.Linklookup(ctxt, "runtime.duffzero", 0) +@@ -365,9 +365,10 @@ + p.To.Offset = 0 + p.To.Sym = nil + p1 := obj.Appendp(ctxt, p) +- p1.As = add +- p1.From.Type = obj.TYPE_CONST ++ p1.As = lea ++ p1.From.Type = obj.TYPE_MEM + p1.From.Offset = offset ++ p1.From.Reg = reg + p1.To.Type = obj.TYPE_REG + p1.To.Reg = reg + p2 := obj.Appendp(ctxt, p1)
  15. Download patch debian/patches/cl-40401--more-robust-ABI-hash.patch

    --- 1.8.3-2/debian/patches/cl-40401--more-robust-ABI-hash.patch 1970-01-01 00:00:00.000000000 +0000 +++ 1.8.3-2ubuntu1/debian/patches/cl-40401--more-robust-ABI-hash.patch 2017-08-15 01:01:11.000000000 +0000 @@ -0,0 +1,89 @@ +From 533ed967c6e842b4f9b9b503d20b3af698a4e022 Mon Sep 17 00:00:00 2001 +From: Michael Hudson-Doyle <michael.hudson@canonical.com> +Date: Wed, 12 Apr 2017 16:08:46 +1200 +Subject: [PATCH] cmd/link: only include the version info and export data in ABI hash + +Previously the "ABI hash" for a package (used to determine if a loaded shared +library has the ABI expected by its loader) was the hash of the entire +__.PKGDEF file. But that means it depends on the build ID generated by the go +tool for the package, which means that if a file is added (even a .c or .h +file!) to the package, the ABI changes, perhaps uncessarily. + +Fixes #19920 + +Change-Id: If919481e1a03afb350c8a9c7a0666bb90ee90270 +Reviewed-on: https://go-review.googlesource.com/40401 +Run-TryBot: Michael Hudson-Doyle <michael.hudson@canonical.com> +TryBot-Result: Gobot Gobot <gobot@golang.org> +Reviewed-by: Ian Lance Taylor <iant@golang.org> +--- + +--- a/misc/cgo/testshared/shared_test.go ++++ b/misc/cgo/testshared/shared_test.go +@@ -759,6 +759,13 @@ + } + } + ++func writeFile(path, content string) { ++ err := ioutil.WriteFile(path, []byte(content), 0644) ++ if err != nil { ++ log.Fatalf("ioutil.WriteFile failed: %v", err) ++ } ++} ++ + func TestABIChecking(t *testing.T) { + goCmd(t, "install", "-buildmode=shared", "-linkshared", "depBase") + goCmd(t, "install", "-linkshared", "exe") +@@ -797,9 +804,10 @@ + run(t, "rebuilt exe", "./bin/exe") + + // If we make a change which does not break ABI (such as adding an unexported +- // function) and rebuild libdepBase.so, exe still works. ++ // function) and rebuild libdepBase.so, exe still works, even if new function ++ // is in a file by itself. + resetFileStamps() +- appendFile("src/depBase/dep.go", "func noABIBreak() {}\n") ++ writeFile("src/depBase/dep2.go", "package depBase\nfunc noABIBreak() {}\n") + goCmd(t, "install", "-buildmode=shared", "-linkshared", "depBase") + run(t, "after non-ABI breaking change", "./bin/exe") + } +--- a/src/cmd/link/internal/ld/lib.go ++++ b/src/cmd/link/internal/ld/lib.go +@@ -709,10 +709,35 @@ + } + + h := sha1.New() +- if _, err := io.CopyN(h, f, atolwhex(arhdr.size)); err != nil { +- Errorf(nil, "bad read of %s for hash generation: %v", lib.File, err) ++ ++ // To compute the hash of a package, we hash the first line of ++ // __.PKGDEF (which contains the toolchain version and any ++ // GOEXPERIMENT flags) and the export data (which is between ++ // the first two occurences of "\n$$"). ++ ++ pkgDefBytes := make([]byte, atolwhex(arhdr.size)) ++ _, err = io.ReadFull(f, pkgDefBytes) ++ if err != nil { ++ Errorf(nil, "%s: error reading package data: %v", lib.File, err) ++ return ++ } ++ firstEOL := bytes.Index(pkgDefBytes, []byte("\n")) ++ if firstEOL < 0 { ++ Errorf(nil, "cannot parse package data of %s for hash generation, no newline found", lib.File) ++ return ++ } ++ firstDoubleDollar := bytes.Index(pkgDefBytes, []byte("\n$$")) ++ if firstDoubleDollar < 0 { ++ Errorf(nil, "cannot parse package data of %s for hash generation, no \\n$$ found", lib.File) ++ return ++ } ++ secondDoubleDollar := bytes.Index(pkgDefBytes[firstDoubleDollar+1:], []byte("\n$$")) ++ if secondDoubleDollar < 0 { ++ Errorf(nil, "cannot parse package data of %s for hash generation, only one \\n$$ found", lib.File) + return + } ++ h.Write(pkgDefBytes[0:firstEOL]) ++ h.Write(pkgDefBytes[firstDoubleDollar : firstDoubleDollar+secondDoubleDollar]) + lib.hash = hex.EncodeToString(h.Sum(nil)) + } +
  16. Download patch debian/helpers/readabihash.go

    --- 1.8.3-2/debian/helpers/readabihash.go 1970-01-01 00:00:00.000000000 +0000 +++ 1.8.3-2ubuntu1/debian/helpers/readabihash.go 2017-08-15 01:01:11.000000000 +0000 @@ -0,0 +1,85 @@ +package main + +import ( + "debug/elf" + "encoding/binary" + "fmt" + "io" + "log" + "os" +) + +func rnd(v int32, r int32) int32 { + if r <= 0 { + return v + } + v += r - 1 + c := v % r + if c < 0 { + c += r + } + v -= c + return v +} + +func readwithpad(r io.Reader, sz int32) ([]byte, error) { + full := rnd(sz, 4) + data := make([]byte, full) + _, err := r.Read(data) + if err != nil { + return nil, err + } + data = data[:sz] + return data, nil +} + +func readnote(filename, name string, type_ int32) ([]byte, error) { + f, err := elf.Open(filename) + if err != nil { + return nil, err + } + for _, sect := range f.Sections { + if sect.Type != elf.SHT_NOTE { + continue + } + r := sect.Open() + for { + var namesize, descsize, nt_type int32 + err = binary.Read(r, f.ByteOrder, &namesize) + if err != nil { + if err == io.EOF { + break + } + return nil, fmt.Errorf("read namesize failed", err) + } + err = binary.Read(r, f.ByteOrder, &descsize) + if err != nil { + return nil, fmt.Errorf("read descsize failed", err) + } + err = binary.Read(r, f.ByteOrder, &nt_type) + if err != nil { + return nil, fmt.Errorf("read type failed", err) + } + nt_name, err := readwithpad(r, namesize) + if err != nil { + return nil, fmt.Errorf("read name failed", err) + } + desc, err := readwithpad(r, descsize) + if err != nil { + return nil, fmt.Errorf("read desc failed", err) + } + if name == string(nt_name) && type_ == nt_type { + return desc, nil + } + } + } + return nil, nil +} + +func main() { + desc, err := readnote(os.Args[1], "Go\x00\x00", 2) + if err != nil { + log.Fatalf("readnote failed: %v", err) + } + fmt.Printf("%x\n", desc) +}
  17. Download patch debian/helpers/installshlib.sh

    --- 1.8.3-2/debian/helpers/installshlib.sh 1970-01-01 00:00:00.000000000 +0000 +++ 1.8.3-2ubuntu1/debian/helpers/installshlib.sh 2017-08-15 01:01:11.000000000 +0000 @@ -0,0 +1,17 @@ +#!/bin/bash +set -eux +GOARCH=$(./bin/go env GOARCH) + +./bin/go build -o ./bin/readabihash -linkshared -ldflags="-r ''" debian/helpers/readabihash.go + +TRIPLET=$(dpkg-architecture -qDEB_HOST_MULTIARCH) + +mkdir -p debian/libgolang-${GOVER}-std1/usr/lib/${TRIPLET} +mv pkg/linux_${GOARCH}_dynlink/libstd.so debian/libgolang-${GOVER}-std1/usr/lib/${TRIPLET}/libgolang-${GOVER}-std.so.1 + +ln -s ../../../${TRIPLET}/libgolang-${GOVER}-std.so.1 pkg/linux_${GOARCH}_dynlink/libstd.so + +mkdir -p debian/golang-${GOVER}-go-shared-dev/usr/lib/go-${GOVER}/pkg/ +mv pkg/linux_${GOARCH}_dynlink/ debian/golang-${GOVER}-go-shared-dev/usr/lib/go-${GOVER}/pkg/ + +cp bin/readabihash debian/golang-${GOVER}-go-shared-dev/usr/lib/go-${GOVER}/pkg/
  18. Download patch debian/gbp.conf

    --- 1.8.3-2/debian/gbp.conf 2017-07-24 20:51:01.000000000 +0000 +++ 1.8.3-2ubuntu1/debian/gbp.conf 2017-08-15 01:01:11.000000000 +0000 @@ -3,11 +3,11 @@ # [DEFAULT] -debian-branch = golang-1.8 +debian-branch = ubuntu-1.8 debian-tag = debian/%(version)s upstream-branch = upstream-1.8 upstream-tag = upstream/%(version)s pristine-tar = True -[dch] +[git-dch] meta = 1

Debian ( Changelog | PTS | Bugs ) Ubuntu ( Changelog | txt | LP | Bugs ) | Diff from Ubuntu

Source: golang-1.9

golang-1.9 (1.9.2-3ubuntu1) bionic; urgency=medium * Merge from Debian unstable. Remaining change: - Do not distribute un-built from source race detector runtime files and recommend golang-race-detector-runtime instead (see Debian bug #807455). -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Tue, 31 Oct 2017 13:21:14 +1300

Modifications :
  1. Download patch debian/rules

    --- 1.9.2-3/debian/rules 2017-10-30 22:09:15.000000000 +0000 +++ 1.9.2-3ubuntu1/debian/rules 2017-10-31 00:20:40.000000000 +0000 @@ -81,6 +81,9 @@ override_dh_install-indep: override_dh_install-arch: dh_install --fail-missing + # Remove .syso files of the race detector; they are binary files that + # are not built from source in the go source distribution. + find $(CURDIR)/debian/golang-$(GOVER)-src/usr/share/go-$(GOVER)/src/runtime/race -type f -name '*.syso' -delete # Remove Plan9 rc(1) scripts find debian/golang-$(GOVER)-src/usr/share/go-$(GOVER)/src -type f -name '*.rc' -delete # Remove empty /usr/share/go-$(GOVER)/src from golang-$(GOVER)-go, it is provided by golang-$(GOVER)-src
  2. Download patch debian/control

    --- 1.9.2-3/debian/control 2017-10-30 23:42:50.000000000 +0000 +++ 1.9.2-3ubuntu1/debian/control 2017-10-31 00:22:50.000000000 +0000 @@ -5,7 +5,8 @@ Source: golang-1.9 Section: devel Priority: optional -Maintainer: Go Compiler Team <pkg-golang-devel@lists.alioth.debian.org> +Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> +XSBC-Original-Maintainer: Go Compiler Team <pkg-golang-devel@lists.alioth.debian.org> Uploaders: Michael Stapelberg <stapelberg@debian.org>, Paul Tagliamonte <paultag@debian.org>, Tianon Gravi <tianon@debian.org>, @@ -24,7 +25,11 @@ Depends: golang-1.9-src (>= ${source:Ver ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends} -Recommends: g++, gcc, libc6-dev, pkg-config +Recommends: g++, + gcc, + golang-1.9-race-detector-runtime [amd64], + libc6-dev, + pkg-config Suggests: bzr, ca-certificates, git, mercurial, subversion Description: Go programming language compiler, linker, compiled stdlib The Go programming language is an open source project to make programmers more
  3. Download patch debian/control.in

    --- 1.9.2-3/debian/control.in 2017-10-30 22:03:15.000000000 +0000 +++ 1.9.2-3ubuntu1/debian/control.in 2017-10-31 00:20:40.000000000 +0000 @@ -1,7 +1,8 @@ Source: golang-X.Y Section: devel Priority: optional -Maintainer: Go Compiler Team <pkg-golang-devel@lists.alioth.debian.org> +Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> +XSBC-Original-Maintainer: Go Compiler Team <pkg-golang-devel@lists.alioth.debian.org> Uploaders: Michael Stapelberg <stapelberg@debian.org>, Paul Tagliamonte <paultag@debian.org>, Tianon Gravi <tianon@debian.org>, @@ -20,7 +21,11 @@ Depends: golang-X.Y-src (>= ${source:Ver ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends} -Recommends: g++, gcc, libc6-dev, pkg-config +Recommends: g++, + gcc, + golang-X.Y-race-detector-runtime [amd64], + libc6-dev, + pkg-config Suggests: bzr, ca-certificates, git, mercurial, subversion Description: Go programming language compiler, linker, compiled stdlib The Go programming language is an open source project to make programmers more
  4. Download patch debian/gbp.conf.in

    --- 1.9.2-3/debian/gbp.conf.in 2017-10-30 22:03:15.000000000 +0000 +++ 1.9.2-3ubuntu1/debian/gbp.conf.in 2017-10-31 00:20:39.000000000 +0000 @@ -1,5 +1,5 @@ [DEFAULT] -debian-branch = golang-X.Y +debian-branch = ubuntu-X.Y debian-tag = debian/%(version)s upstream-branch = upstream-X.Y upstream-tag = upstream/%(version)s
  5. Download patch debian/gbp.conf

    --- 1.9.2-3/debian/gbp.conf 2017-10-30 23:42:50.000000000 +0000 +++ 1.9.2-3ubuntu1/debian/gbp.conf 2017-10-31 00:22:50.000000000 +0000 @@ -3,7 +3,7 @@ # [DEFAULT] -debian-branch = golang-1.9 +debian-branch = ubuntu-1.9 debian-tag = debian/%(version)s upstream-branch = upstream-1.9 upstream-tag = upstream/%(version)s

Debian ( Changelog | PTS | Bugs ) Ubuntu ( Changelog | txt | LP | Bugs ) | Diff from Ubuntu

Source: golang-defaults

golang-defaults (2:1.8~1ubuntu1) artful; urgency=medium * Merge with Debian experimental. Remaining changes: - Build and recommend golang-race-detector-runtime on amd64. - Add golang-go-shared-dev and golang-any-shared-dev. - Build golang-go and related packages on s390x. -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Mon, 24 Apr 2017 10:59:33 +1200

Modifications :
  1. Download patch debian/control

    --- 2:1.8~1/debian/control 2017-03-15 08:17:16.000000000 +0000 +++ 2:1.8~1ubuntu1/debian/control 2017-04-23 23:13:44.000000000 +0000 @@ -1,7 +1,8 @@ Source: golang-defaults Section: devel Priority: optional -Maintainer: Go Compiler Team <pkg-golang-devel@lists.alioth.debian.org> +Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> +XSBC-Original-Maintainer: Go Compiler Team <pkg-golang-devel@lists.alioth.debian.org> Uploaders: Michael Stapelberg <stapelberg@debian.org>, Paul Tagliamonte <paultag@debian.org>, Tianon Gravi <tianon@debian.org>, @@ -13,7 +14,7 @@ Vcs-Browser: https://anonscm.debian.org/ Vcs-Git: https://anonscm.debian.org/git/pkg-golang/golang-defaults.git Package: golang-go -Architecture: amd64 arm64 armel armhf i386 ppc64 ppc64el +Architecture: amd64 arm64 armel armhf i386 ppc64 ppc64el s390x Conflicts: gccgo-go Depends: golang-${golang:GOVER}-go, golang-src (>= ${source:Version}), @@ -50,6 +51,7 @@ Replaces: golang-doc (<< 2:1.6.1+1~), golang-go-windows-amd64, golang-go.tools (<< 1:0.0~git20151026.0.0f9d71c-1~), golang-golang-x-tools (<< 1:0.0~git20151026.0.0f9d71c-1~) +Recommends: golang-race-detector-runtime [amd64] Description: Go programming language compiler, linker, compiled stdlib The Go programming language is an open source project to make programmers more productive. Go is expressive, concise, clean, and efficient. Its concurrency @@ -104,7 +106,7 @@ Description: Go programming language -- It conflicts with golang-go. Package: golang-src -Architecture: amd64 arm64 armel armhf i386 ppc64 ppc64el +Architecture: amd64 arm64 armel armhf i386 ppc64 ppc64el s390x Depends: golang-${golang:GOVER}-src, ${misc:Depends} Description: Go programming language - source files The Go programming language is an open source project to make programmers more @@ -147,7 +149,7 @@ Depends: golang-${golang:GOVER}, golang-go (>= ${source:Version}), golang-src (>= ${source:Version}), ${misc:Depends} -Architecture: amd64 arm64 armel armhf i386 ppc64 ppc64el +Architecture: amd64 arm64 armel armhf i386 ppc64 ppc64el s390x Description: Go programming language compiler - metapackage The Go programming language is an open source project to make programmers more productive. Go is expressive, concise, clean, and @@ -161,3 +163,38 @@ Description: Go programming language com . This package is a metapackage that, when installed, guarantees that (most of) a full Go development environment is installed. + +Package: golang-race-detector-runtime +Architecture: amd64 +Depends: golang-${golang:GOVER}-race-detector-runtime, ${misc:Depends} +Description: Runtime support for Go's race detector + The runtime support for the race detector is included as a binary + file in the go source distribution so this package exists to build it + from source on trusted infrastructure. + . + Installing this package will make the -race flag to the go tool functional. + . + This is a dependency package that depends on the race detector runtime for the + default version of Go. + +Package: golang-go-shared-dev +Architecture: amd64 arm64 armhf i386 ppc64el s390x +Depends: golang-${golang:GOVER}-go-shared-dev, golang-go, ${misc:Depends} +Description: Go standard shared library support files + Files necessary to link against the shared library version of the Go + standard library. + . + This is a dependency package that depends on the support files for the + default version of Go. + +Package: golang-any-shared-dev +Architecture: any +Depends: golang-any, + golang-go-shared-dev [amd64 arm64 armhf i386 ppc64el s390x], + ${misc:Depends} +Description: Go standard shared library support files + Files necessary to link against the shared library version of the Go + standard library. + . + This is a dependency package that depends on the support files for the + default version of Go, or gccgo if no version of Go is available.
  1. desktop-base
  2. docker.io
  3. golang-1.7
  4. golang-1.8
  5. golang-1.9
  6. golang-defaults