[docker-io/f20] Resolves: rhbz#1145660, rhbz#1139415
Lokesh Mandvekar
lsm5 at fedoraproject.org
Fri Sep 26 22:59:13 UTC 2014
commit 2521d2ee40ff74fb392ade27770d70fab621b90e
Author: Lokesh Mandvekar <lsm5 at fedoraproject.org>
Date: Thu Sep 25 14:35:55 2014 -0500
Resolves: rhbz#1145660, rhbz#1139415
NVR: docker-io-1.2.0-3
rhbz#1145660: support for /etc/sysconfig/docker-storage
rhbz#1139415: correct bash completion install path
Also ignores selinux if disabled.
https://github.com/docker/docker/commit/9e2eb0f1cc3c4ef000e139f1d85a20f0e00971e6
Signed-off-by: Lokesh Mandvekar <lsm5 at fedoraproject.org>
modified: docker-io.spec
new file: docker-storage.sysconfig
modified: docker.service
new file: ignore-selinux-if-disabled.patch
docker-io.spec | 25 +++++++++++++----
docker-storage.sysconfig | 14 ++++++++++
docker.service | 3 +-
ignore-selinux-if-disabled.patch | 54 ++++++++++++++++++++++++++++++++++++++
4 files changed, 89 insertions(+), 7 deletions(-)
---
diff --git a/docker-io.spec b/docker-io.spec
index e62fe40..1a4576a 100644
--- a/docker-io.spec
+++ b/docker-io.spec
@@ -11,7 +11,7 @@
Name: docker-io
Version: 1.2.0
-Release: 2%{?dist}
+Release: 3%{?dist}
Summary: Automates deployment of containerized applications
License: ASL 2.0
URL: http://www.docker.com
@@ -20,9 +20,10 @@ ExclusiveArch: x86_64
Source0: https://github.com/docker/docker/archive/v%{version}.tar.gz
Source1: docker.service
Source2: docker.sysconfig
+Source3: docker-storage.sysconfig
+Patch0: ignore-selinux-if-disabled.patch
# though final name for sysconf/sysvinit files is simply 'docker',
# having .sysvinit and .sysconfig makes things clear
-BuildRequires: gcc
BuildRequires: glibc-static
# ensure build uses golang 1.2-7 and above
# http://code.google.com/p/go/source/detail?r=a15f344a9efa35ef168c8feaa92a15a1cdc93db5
@@ -161,6 +162,8 @@ find . -name "*.go" \
-print |\
xargs sed -i 's/github.com\/docker\/docker\/vendor\/src\/code.google.com\/p\/go\/src\/pkg\///g'
sed -i 's/go-md2man -in "$FILE" -out/pandoc -s -t man "$FILE" -o/g' docs/man/md2man-all.sh
+%patch0 -p1
+rm daemon/daemon.go.orig
%build
# set up temporary build gopath, and put our directory there
@@ -192,8 +195,8 @@ install -d %{buildroot}%{_mandir}/man5
install -p -m 644 docs/man/man5/Dockerfile.5 %{buildroot}%{_mandir}/man5
# install bash completion
-install -d %{buildroot}%{_sysconfdir}/bash_completion.d
-install -p -m 644 contrib/completion/bash/docker %{buildroot}%{_sysconfdir}/bash_completion.d/docker.bash
+install -dp %{buildroot}%{_datadir}/bash_completion/completions
+install -p -m 644 contrib/completion/bash/docker %{buildroot}%{_datadir}/bash_completion/completions
# install zsh completion
# this has been included in upstream zsh, will be removed once it's included
@@ -223,6 +226,7 @@ install -p -m 644 contrib/init/systemd/docker.socket %{buildroot}%{_unitdir}
# for additional args
install -d %{buildroot}%{_sysconfdir}/sysconfig/
install -p -m 644 %{SOURCE2} %{buildroot}%{_sysconfdir}/sysconfig/docker
+install -p -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/sysconfig/docker-storage
# sources
install -d -p %{buildroot}/%{gopath}/src/%{import_path}
@@ -250,6 +254,7 @@ exit 0
%doc AUTHORS CHANGELOG.md CONTRIBUTING.md LICENSE MAINTAINERS NOTICE README.md
%doc LICENSE-vim-syntax README-vim-syntax.md
%config(noreplace) %{_sysconfdir}/sysconfig/docker
+%config(noreplace) %{_sysconfdir}/sysconfig/docker-storage
%{_mandir}/man1/docker*.1.gz
%{_mandir}/man5/Dockerfile.5.gz
%{_bindir}/docker
@@ -257,8 +262,8 @@ exit 0
%{_libexecdir}/docker/dockerinit
%{_unitdir}/docker.service
%{_unitdir}/docker.socket
-%dir %{_sysconfdir}/bash_completion.d
-%{_sysconfdir}/bash_completion.d/docker.bash
+%dir %{_datadir}/bash_completion/completions
+%{_datadir}/bash_completion/completions/docker
%{_datadir}/zsh/site-functions/_docker
%dir %{_sharedstatedir}/docker
%dir %{_sysconfdir}/udev/rules.d
@@ -459,6 +464,14 @@ exit 0
%{gopath}/src/%{import_path}/pkg/version/*.go
%changelog
+* Thu Sep 25 2014 Lokesh Mandvekar <lsm5 at fedoraproject.org> - 1.2.0-3
+- Resolves: rhbz#1145660 - support /etc/sysconfig/docker-storage
+ From: Colin Walters <walters at redhat.com>
+- patch to ignore selinux if it's disabled
+ https://github.com/docker/docker/commit/9e2eb0f1cc3c4ef000e139f1d85a20f0e00971e6
+ From: Dan Walsh <dwalsh at redhat.com>
+- Resolves: rhbz#1139415 - correct path for bash completion
+
* Sun Aug 24 2014 Lokesh Mandvekar <lsm5 at fedoraproject.org> - 1.2.0-2
- Provides docker only for f21 and above
diff --git a/docker-storage.sysconfig b/docker-storage.sysconfig
new file mode 100644
index 0000000..3dc1654
--- /dev/null
+++ b/docker-storage.sysconfig
@@ -0,0 +1,14 @@
+# This file may be automatically generated by an installation program.
+
+# By default, Docker uses a loopback-mounted sparse file in
+# /var/lib/docker. The loopback makes it slower, and there are some
+# restrictive defaults, such as 100GB max storage.
+
+# If your installation did not set a custom storage for Docker, you
+# may do it below.
+
+# Example: Use a custom pair of raw logical volumes (one for metadata,
+# one for data).
+# DOCKER_STORAGE_OPTIONS = --storage-opt dm.metadatadev=/dev/mylogvol/my-docker-metadata --storage-opt dm.datadev=/dev/mylogvol/my-docker-data
+
+DOCKER_STORAGE_OPTIONS=
diff --git a/docker.service b/docker.service
index 9b6c614..100e824 100644
--- a/docker.service
+++ b/docker.service
@@ -7,7 +7,8 @@ Requires=docker.socket
[Service]
Type=notify
EnvironmentFile=-/etc/sysconfig/docker
-ExecStart=/usr/bin/docker -d -H fd:// $OPTIONS
+EnvironmentFile=-/etc/sysconfig/docker-storage
+ExecStart=/usr/bin/docker -d -H fd:// $OPTIONS $DOCKER_STORAGE_OPTIONS
LimitNOFILE=1048576
LimitNPROC=1048576
diff --git a/ignore-selinux-if-disabled.patch b/ignore-selinux-if-disabled.patch
new file mode 100644
index 0000000..42630fe
--- /dev/null
+++ b/ignore-selinux-if-disabled.patch
@@ -0,0 +1,54 @@
+From 9e2eb0f1cc3c4ef000e139f1d85a20f0e00971e6 Mon Sep 17 00:00:00 2001
+From: Dan Walsh <dwalsh at redhat.com>
+Date: Tue, 23 Sep 2014 07:46:02 -0400
+Subject: [PATCH] --selinux-enabled flag should be ignored on Disabled SELinux
+ systems
+
+On Fedora and RHEL we ship selinux-enabled flag in the docker.service config,
+but if people setup the /var/lib/docker as btrfs and disable SELinux,
+we should not block the daemon from running.
+
+Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh at redhat.com> (github: rhatdan)
+---
+ daemon/daemon.go | 2 +-
+ daemon/utils_linux.go | 4 ++++
+ daemon/utils_nolinux.go | 4 ++++
+ 3 files changed, 9 insertions(+), 1 deletion(-)
+
+diff --git a/daemon/daemon.go b/daemon/daemon.go
+index 9515a1a..bf78f10 100644
+--- a/daemon/daemon.go
++++ b/daemon/daemon.go
+@@ -775,7 +775,7 @@ func NewDaemonFromDirectory(config *Config, eng *engine.Engine) (*Daemon, error)
+ log.Debugf("Using graph driver %s", driver)
+
+ // As Docker on btrfs and SELinux are incompatible at present, error on both being enabled
+- if config.EnableSelinuxSupport && driver.String() == "btrfs" {
++ if selinuxEnabled() && config.EnableSelinuxSupport && driver.String() == "btrfs" {
+ return nil, fmt.Errorf("SELinux is not supported with the BTRFS graph driver!")
+ }
+
+diff --git a/daemon/utils_linux.go b/daemon/utils_linux.go
+index bff2a78..fb35152 100644
+--- a/daemon/utils_linux.go
++++ b/daemon/utils_linux.go
+@@ -11,3 +11,7 @@ func selinuxSetDisabled() {
+ func selinuxFreeLxcContexts(label string) {
+ selinux.FreeLxcContexts(label)
+ }
++
++func selinuxEnabled() bool {
++ return selinux.SelinuxEnabled()
++}
+diff --git a/daemon/utils_nolinux.go b/daemon/utils_nolinux.go
+index 399376d..25a56ad 100644
+--- a/daemon/utils_nolinux.go
++++ b/daemon/utils_nolinux.go
+@@ -7,3 +7,7 @@ func selinuxSetDisabled() {
+
+ func selinuxFreeLxcContexts(label string) {
+ }
++
++func selinuxEnabled() bool {
++ return false
++}
More information about the scm-commits
mailing list