[docker-io/f21] Resolves: rhbz#1145660, rhbz#1139415

Lokesh Mandvekar lsm5 at fedoraproject.org
Fri Sep 26 22:42:53 UTC 2014 

commit 4e572a4f93ee6c1bbb8592adb3768e79920950b3
Author: Lokesh Mandvekar <lsm5 at fedoraproject.org>
Date:   Thu Sep 25 14:35:55 2014 -0500

    Resolves: rhbz#1145660, rhbz#1139415
    
    NVR: docker-io-1.2.0-3
    
    rhbz#1145660: support for /etc/sysconfig/docker-storage
    rhbz#1139415: correct bash completion install path
    
    Also ignores selinux if disabled.
    https://github.com/docker/docker/commit/9e2eb0f1cc3c4ef000e139f1d85a20f0e00971e6
    
    Signed-off-by: Lokesh Mandvekar <lsm5 at fedoraproject.org>
    
    	modified:   docker-io.spec
    	new file:   docker-storage.sysconfig
    	modified:   docker.service
    	new file:   ignore-selinux-if-disabled.patch

 docker-io.spec                   |   25 +++++++++++++----
 docker-storage.sysconfig         |   14 ++++++++++
 docker.service                   |    3 +-
 ignore-selinux-if-disabled.patch |   54 ++++++++++++++++++++++++++++++++++++++
 4 files changed, 89 insertions(+), 7 deletions(-)
---
diff --git a/docker-io.spec b/docker-io.spec
index e62fe40..1a4576a 100644
--- a/docker-io.spec
+++ b/docker-io.spec
@@ -11,7 +11,7 @@
 
 Name:           docker-io
 Version:        1.2.0
-Release:        2%{?dist}
+Release:        3%{?dist}
 Summary:        Automates deployment of containerized applications
 License:        ASL 2.0
 URL:            http://www.docker.com
@@ -20,9 +20,10 @@ ExclusiveArch:  x86_64
 Source0:        https://github.com/docker/docker/archive/v%{version}.tar.gz
 Source1:        docker.service
 Source2:        docker.sysconfig
+Source3:        docker-storage.sysconfig
+Patch0:         ignore-selinux-if-disabled.patch
 # though final name for sysconf/sysvinit files is simply 'docker',
 # having .sysvinit and .sysconfig makes things clear
-BuildRequires:  gcc
 BuildRequires:  glibc-static
 # ensure build uses golang 1.2-7 and above
 # http://code.google.com/p/go/source/detail?r=a15f344a9efa35ef168c8feaa92a15a1cdc93db5
@@ -161,6 +162,8 @@ find . -name "*.go" \
         -print |\
         xargs sed -i 's/github.com\/docker\/docker\/vendor\/src\/code.google.com\/p\/go\/src\/pkg\///g'
 sed -i 's/go-md2man -in "$FILE" -out/pandoc -s -t man "$FILE" -o/g' docs/man/md2man-all.sh
+%patch0 -p1
+rm daemon/daemon.go.orig
 
 %build
 # set up temporary build gopath, and put our directory there
@@ -192,8 +195,8 @@ install -d %{buildroot}%{_mandir}/man5
 install -p -m 644 docs/man/man5/Dockerfile.5 %{buildroot}%{_mandir}/man5
 
 # install bash completion
-install -d %{buildroot}%{_sysconfdir}/bash_completion.d
-install -p -m 644 contrib/completion/bash/docker %{buildroot}%{_sysconfdir}/bash_completion.d/docker.bash
+install -dp %{buildroot}%{_datadir}/bash_completion/completions
+install -p -m 644 contrib/completion/bash/docker %{buildroot}%{_datadir}/bash_completion/completions
 
 # install zsh completion
 # this has been included in upstream zsh, will be removed once it's included
@@ -223,6 +226,7 @@ install -p -m 644 contrib/init/systemd/docker.socket %{buildroot}%{_unitdir}
 # for additional args
 install -d %{buildroot}%{_sysconfdir}/sysconfig/
 install -p -m 644 %{SOURCE2} %{buildroot}%{_sysconfdir}/sysconfig/docker
+install -p -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/sysconfig/docker-storage
 
 # sources
 install -d -p %{buildroot}/%{gopath}/src/%{import_path}
@@ -250,6 +254,7 @@ exit 0
 %doc AUTHORS CHANGELOG.md CONTRIBUTING.md LICENSE MAINTAINERS NOTICE README.md 
 %doc LICENSE-vim-syntax README-vim-syntax.md
 %config(noreplace) %{_sysconfdir}/sysconfig/docker
+%config(noreplace) %{_sysconfdir}/sysconfig/docker-storage
 %{_mandir}/man1/docker*.1.gz
 %{_mandir}/man5/Dockerfile.5.gz
 %{_bindir}/docker
@@ -257,8 +262,8 @@ exit 0
 %{_libexecdir}/docker/dockerinit
 %{_unitdir}/docker.service
 %{_unitdir}/docker.socket
-%dir %{_sysconfdir}/bash_completion.d
-%{_sysconfdir}/bash_completion.d/docker.bash
+%dir %{_datadir}/bash_completion/completions
+%{_datadir}/bash_completion/completions/docker
 %{_datadir}/zsh/site-functions/_docker
 %dir %{_sharedstatedir}/docker
 %dir %{_sysconfdir}/udev/rules.d
@@ -459,6 +464,14 @@ exit 0
 %{gopath}/src/%{import_path}/pkg/version/*.go
 
 %changelog
+* Thu Sep 25 2014 Lokesh Mandvekar <lsm5 at fedoraproject.org> - 1.2.0-3
+- Resolves: rhbz#1145660 - support /etc/sysconfig/docker-storage 
+  From: Colin Walters <walters at redhat.com>
+- patch to ignore selinux if it's disabled
+  https://github.com/docker/docker/commit/9e2eb0f1cc3c4ef000e139f1d85a20f0e00971e6
+  From: Dan Walsh <dwalsh at redhat.com>
+- Resolves: rhbz#1139415 - correct path for bash completion
+
 * Sun Aug 24 2014 Lokesh Mandvekar <lsm5 at fedoraproject.org> - 1.2.0-2
 - Provides docker only for f21 and above
 
diff --git a/docker-storage.sysconfig b/docker-storage.sysconfig
new file mode 100644
index 0000000..3dc1654
--- /dev/null
+++ b/docker-storage.sysconfig
@@ -0,0 +1,14 @@
+# This file may be automatically generated by an installation program.
+
+# By default, Docker uses a loopback-mounted sparse file in
+# /var/lib/docker.  The loopback makes it slower, and there are some
+# restrictive defaults, such as 100GB max storage.
+
+# If your installation did not set a custom storage for Docker, you
+# may do it below.
+
+# Example: Use a custom pair of raw logical volumes (one for metadata,
+# one for data).
+# DOCKER_STORAGE_OPTIONS = --storage-opt dm.metadatadev=/dev/mylogvol/my-docker-metadata --storage-opt dm.datadev=/dev/mylogvol/my-docker-data
+
+DOCKER_STORAGE_OPTIONS=
diff --git a/docker.service b/docker.service
index 9b6c614..100e824 100644
--- a/docker.service
+++ b/docker.service
@@ -7,7 +7,8 @@ Requires=docker.socket
 [Service]
 Type=notify
 EnvironmentFile=-/etc/sysconfig/docker
-ExecStart=/usr/bin/docker -d -H fd:// $OPTIONS
+EnvironmentFile=-/etc/sysconfig/docker-storage
+ExecStart=/usr/bin/docker -d -H fd:// $OPTIONS $DOCKER_STORAGE_OPTIONS
 LimitNOFILE=1048576
 LimitNPROC=1048576
 
diff --git a/ignore-selinux-if-disabled.patch b/ignore-selinux-if-disabled.patch
new file mode 100644
index 0000000..42630fe
--- /dev/null
+++ b/ignore-selinux-if-disabled.patch
@@ -0,0 +1,54 @@
+From 9e2eb0f1cc3c4ef000e139f1d85a20f0e00971e6 Mon Sep 17 00:00:00 2001
+From: Dan Walsh <dwalsh at redhat.com>
+Date: Tue, 23 Sep 2014 07:46:02 -0400
+Subject: [PATCH] --selinux-enabled flag should be ignored on Disabled SELinux
+ systems
+
+On Fedora and RHEL we ship selinux-enabled flag in the docker.service config,
+but if people setup the /var/lib/docker as btrfs and disable SELinux,
+we should not block the daemon from running.
+
+Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh at redhat.com> (github: rhatdan)
+---
+ daemon/daemon.go        | 2 +-
+ daemon/utils_linux.go   | 4 ++++
+ daemon/utils_nolinux.go | 4 ++++
+ 3 files changed, 9 insertions(+), 1 deletion(-)
+
+diff --git a/daemon/daemon.go b/daemon/daemon.go
+index 9515a1a..bf78f10 100644
+--- a/daemon/daemon.go
++++ b/daemon/daemon.go
+@@ -775,7 +775,7 @@ func NewDaemonFromDirectory(config *Config, eng *engine.Engine) (*Daemon, error)
+ 	log.Debugf("Using graph driver %s", driver)
+ 
+ 	// As Docker on btrfs and SELinux are incompatible at present, error on both being enabled
+-	if config.EnableSelinuxSupport && driver.String() == "btrfs" {
++	if selinuxEnabled() && config.EnableSelinuxSupport && driver.String() == "btrfs" {
+ 		return nil, fmt.Errorf("SELinux is not supported with the BTRFS graph driver!")
+ 	}
+ 
+diff --git a/daemon/utils_linux.go b/daemon/utils_linux.go
+index bff2a78..fb35152 100644
+--- a/daemon/utils_linux.go
++++ b/daemon/utils_linux.go
+@@ -11,3 +11,7 @@ func selinuxSetDisabled() {
+ func selinuxFreeLxcContexts(label string) {
+ 	selinux.FreeLxcContexts(label)
+ }
++
++func selinuxEnabled() bool {
++	return selinux.SelinuxEnabled()
++}
+diff --git a/daemon/utils_nolinux.go b/daemon/utils_nolinux.go
+index 399376d..25a56ad 100644
+--- a/daemon/utils_nolinux.go
++++ b/daemon/utils_nolinux.go
+@@ -7,3 +7,7 @@ func selinuxSetDisabled() {
+ 
+ func selinuxFreeLxcContexts(label string) {
+ }
++
++func selinuxEnabled() bool {
++	return false
++}

More information about the scm-commits mailing list