linuxkit

mirror of https://github.com/linuxkit/linuxkit.git synced 2025-07-19 09:16:29 +00:00

Author	SHA1	Message	Date
Avi Deitcher	f227b73a39	changed some packages to force new package versions, rebuild with sbom Signed-off-by: Avi Deitcher <avi@deitcher.net>	2023-11-16 10:28:22 +02:00
Avi Deitcher	b26c169797	Merge pull request #3920 from vouch-opensource/fix/service-restarts-with-memlogd Allow service restarts when using memlogd	2023-11-14 06:23:58 -08:00
Avi Deitcher	0e2f17a05a	correctly handle fields in cmdline for cgroupsv2 Signed-off-by: Avi Deitcher <avi@deitcher.net>	2023-10-25 18:33:28 +03:00
Avi Deitcher	5a9755a433	move poweroff to full-fledged package Signed-off-by: Avi Deitcher <avi@deitcher.net>	2023-07-24 20:06:14 +03:00
Avi Deitcher	997c074db6	expose logread function Signed-off-by: Avi Deitcher <avi@deitcher.net>	2023-06-30 06:02:16 +03:00
Avi Deitcher	8e790a5417	Merge pull request #3937 from deitch/logread-exit-not-panic logread should not panic on an EOF, instead exiting gracefully	2023-06-20 00:03:43 -07:00
Avi Deitcher	b7002c0eb2	logread should not panic on an EOF, instead exiting gracefully Signed-off-by: Avi Deitcher <avi@deitcher.net>	2023-06-19 17:50:35 +03:00
Avi Deitcher	4ee6387366	updated containerd-dev and downstream dependencies Signed-off-by: Avi Deitcher <avi@deitcher.net>	2023-06-19 14:17:43 +03:00
Avi Deitcher	3aeac872a0	update pkg/metadata with better logging Signed-off-by: Avi Deitcher <avi@deitcher.net>	2023-06-13 12:10:48 +03:00
Avi Deitcher	b633950059	replace ancient debian version in binfmt Signed-off-by: Avi Deitcher <avi@deitcher.net>	2023-06-12 15:58:04 +03:00
Avi Deitcher	d4b5d5df79	include main.Version in binaries Signed-off-by: Avi Deitcher <avi@deitcher.net>	2023-06-12 14:02:30 +03:00
Stijn Opheide	247d919a81	remove file at fifo logging location if it exists Signed-off-by: Stijn Opheide <stijn@opheide.be>	2023-04-18 14:28:01 +02:00
Erik Nordmark	c79558cc5a	Retain /lib/apk/db for SBOM tools (#3913 ) This allows SBOM tools to look at /lib/apk/db/installed to determine which package versions are included in the container. This should probably be applied across all of the linuxkit containers. Signed-off-by: eriknordmark <erik@zededa.com>	2023-03-14 18:27:09 -04:00
Birol Bilgin	d4a8e284f6	added vmware metadata provider (#3526 ) cloud-init data from vmware guest info as it described in the link below https://github.com/vmware/cloud-init-vmware-guestinfo Signed-off-by: Birol Bilgin <birolbilgin@gmail.com> Co-authored-by: Birol Bilgin <birol.bilgin@basefarm.com>	2023-03-04 19:50:46 +02:00
Itxaka	ea6268dd74	Bump go-diskfs to latest (#3902 ) Also fix cdrom provider use of the new diskfs Signed-off-by: Itxaka <itxaka@spectrocloud.com> Signed-off-by: Itxaka <itxaka@spectrocloud.com> Co-authored-by: Itxaka <itxaka@spectrocloud.com>	2023-01-23 16:19:32 +02:00
David Gageot	f9f1ec7de4	Fix swap.sh (#3897 ) The script used to compare “10M” with “10” as if they were both integers. Signed-off-by: David Gageot <david.gageot@docker.com> Signed-off-by: David Gageot <david.gageot@docker.com>	2023-01-12 09:50:47 +00:00
Avi Deitcher	e668b25a82	Alpine 317 (#3888 )	2023-01-05 07:26:50 +02:00
Avi Deitcher	a91c4a77b0	Logwrite sync with memlogd (#3890 ) * sync logwrite with memlogd Signed-off-by: Avi Deitcher <avi@deitcher.net> * update linuxkit/logwrite and linuxkit/memlogd dependencies Signed-off-by: Avi Deitcher <avi@deitcher.net> Signed-off-by: Avi Deitcher <avi@deitcher.net>	2023-01-03 10:47:42 +02:00
Avi Deitcher	154f943d01	switch from flags to cobra (#3884 ) Signed-off-by: Avi Deitcher <avi@deitcher.net> Signed-off-by: Avi Deitcher <avi@deitcher.net>	2022-12-29 10:31:57 +02:00
Petr Fedchenkov	893bee6b81	Fix return code of rungetty.sh (#3881 ) * Fix return code of rungetty.sh In case of INITGETTY defined we will return exit code 1 which is not expected Signed-off-by: Petr Fedchenkov <giggsoff@gmail.com> * Update getty sha Signed-off-by: Petr Fedchenkov <giggsoff@gmail.com> * restore package cache in LinuxKit Build Tests Signed-off-by: Petr Fedchenkov <giggsoff@gmail.com> Signed-off-by: Petr Fedchenkov <giggsoff@gmail.com>	2022-12-15 12:12:19 +02:00
Michael Aldridge	06aaba5e05	pkg/sshd: Remove default bind of /root/.ssh Signed-off-by: Michael Aldridge <aldridge.mac@gmail.com>	2022-11-09 18:50:44 -06:00
Avi Deitcher	45e299ce91	Merge pull request #3848 from dgageot/remove-more-dead-code-pkg Remove dead or redundant code (packages)	2022-10-10 20:55:02 +03:00
David Gageot	39807bb0bd	Remove dead or redundant code Signed-off-by: David Gageot <david.gageot@docker.com>	2022-10-09 15:33:42 +02:00
David Gageot	810c3e788f	Prefer nil empty slices Signed-off-by: David Gageot <david.gageot@docker.com>	2022-10-09 15:02:23 +02:00
David Gageot	d4e132021a	Remove 99% of deprecated ioutil usage Signed-off-by: David Gageot <david.gageot@docker.com>	2022-10-09 13:10:38 +02:00
David Gageot	998ad7eea1	Fix comments Signed-off-by: David Gageot <david.gageot@docker.com>	2022-10-08 22:41:20 +02:00
David Gageot	acbef4424a	Make the linter happy Signed-off-by: David Gageot <david.gageot@docker.com>	2022-07-22 15:02:19 +02:00
David Gageot	0b136bf80d	Write log entries as json Signed-off-by: David Gageot <david.gageot@docker.com>	2022-07-22 14:41:23 +02:00
David Scott	8070434cad	Merge pull request #3542 from thaJeztah/configurable_socket pkg/trim-after-delete: make docker socket path configurable	2022-07-17 03:26:52 -07:00
Petr Fedchenkov	afefea9740	Add CAP_NET_ADMIN capability to sysctl With linux kernel 5.15+ change of proc/sys/net/ipv4/ip_forward require CAP_NET_ADMIN (https://github.com/torvalds/linux/commit/8292d7f6). We do not use ip_forward now, but we should be ready for future changes of conf files. Signed-off-by: Petr Fedchenkov <giggsoff@gmail.com>	2022-06-28 16:55:32 +03:00
Avi Deitcher	58486bbe88	remove silent from Makefile so we can see what command it is doing; sort dirs for consistency Signed-off-by: Avi Deitcher <avi@deitcher.net>	2022-06-07 21:16:13 +03:00
Avi Deitcher	857f53cdff	test pkg/dummy Signed-off-by: Avi Deitcher <avi@deitcher.net>	2022-06-07 21:16:13 +03:00
Avi Deitcher	faf5a68ad6	runc to 1.1 Signed-off-by: Avi Deitcher <avi@deitcher.net>	2022-03-21 14:01:54 +02:00
Avi Deitcher	0b39a484b1	containerd-dev separate Signed-off-by: Avi Deitcher <avi@deitcher.net>	2022-03-21 01:20:45 +02:00
David Scott	c4d7f5d993	service: handle creating cgroupv2 cgroups These are easier to create than cgroupv1 cgroups as they are only a single mkdir. Detect which mode we are in by looking for the presence of the cgroupv2-only cgroup.controllers file. Signed-off-by: David Scott <dave@recoil.org>	2022-03-13 19:37:05 +00:00
Avi Deitcher	6fbed84347	getty with hvc0 Signed-off-by: Avi Deitcher <avi@deitcher.net>	2022-02-28 19:24:45 +02:00
Marcus Weiner	e26aa2e490	Move metadata package to go modules Signed-off-by: Marcus Weiner <marcus.weiner@gmail.com>	2022-01-11 21:11:49 +00:00
Dave Tucker	2cf5cf65b0	format: Use go modules Signed-off-by: Dave Tucker <dave@dtucker.co.uk>	2022-01-11 21:11:49 +00:00
Dave Tucker	013416f923	rngd: Use go modules Signed-off-by: Dave Tucker <dave@dtucker.co.uk>	2022-01-11 21:11:49 +00:00
Dave Tucker	01e242cad1	trim-after-delete: Add go.mod Signed-off-by: Dave Tucker <dave@dtucker.co.uk>	2022-01-11 21:11:48 +00:00
Dave Tucker	158461502a	sysfs: Add go.mod Signed-off-by: Dave Tucker <dave@dtucker.co.uk>	2022-01-11 21:11:48 +00:00
Dave Tucker	3244052389	sysctl: Add go.mod Signed-off-by: Dave Tucker <dave@dtucker.co.uk>	2022-01-11 21:11:48 +00:00
Dave Tucker	af7b87e99a	mount: Use Go Modules Signed-off-by: Dave Tucker <dave@dtucker.co.uk>	2022-01-11 21:11:43 +00:00
Dave Tucker	93df9f736c	memlogd: Use Go Modules Signed-off-by: Dave Tucker <dave@dtucker.co.uk>	2022-01-11 20:18:39 +00:00
Dave Tucker	3594ec48d4	logwrite: Use Go Modules Signed-off-by: Dave Tucker <dave@dtucker.co.uk>	2022-01-11 20:18:38 +00:00
Dave Tucker	0ee4d71562	kmsg: Use Go Modules Signed-off-by: Dave Tucker <dave@dtucker.co.uk>	2022-01-11 20:18:38 +00:00
Dave Tucker	65da053ac3	host-timesync-daemon: Use Go Modules Signed-off-by: Dave Tucker <dave@dtucker.co.uk>	2022-01-11 20:18:38 +00:00
Dave Tucker	599aedc9c5	format: Use Go Modules Signed-off-by: Dave Tucker <dave@dtucker.co.uk>	2022-01-11 20:18:38 +00:00
Dave Tucker	4ededf5ca3	extend: Migrate to Go Modules Signed-off-by: Dave Tucker <dave@dtucker.co.uk>	2022-01-11 20:18:38 +00:00
Dave Tucker	b22a7853a0	binfmt: Migrate to Go Modules Signed-off-by: Dave Tucker <dave@dtucker.co.uk>	2022-01-11 20:18:38 +00:00
Dave Tucker	fcaab549fe	init: Migrate to Go Modules Moves vendoring over to Go modules. Fixes issues found by Go Vet in Go 1.16 Signed-off-by: Dave Tucker <dave@dtucker.co.uk>	2022-01-11 20:18:37 +00:00
Rolf Neugebauer	b5bf29c0f6	Merge pull request #3747 from sprat/fix-sshd Fix sshd	2022-01-01 22:46:56 +00:00
Avi Deitcher	210a308602	Merge pull request #3746 from sprat/fix-openntpd openntpd: the "-s" flag is obsolete, this generates some error messages in the ntpd logs	2021-12-29 21:24:02 +02:00
Sylvain Prat	a71a52b57c	SSHd: allow access to all devices & fix a warning with tini Signed-off-by: Sylvain Prat <sylvain.prat@gmail.com>	2021-12-22 19:03:43 +01:00
Sylvain Prat	42a3f80bec	The "-s" flag is obsolete, this generates some errors messages in the ntpd logs Signed-off-by: Sylvain Prat <sylvain.prat@gmail.com>	2021-12-22 17:13:59 +01:00
Frédéric Dalleau	3e38a8c323	Bump runc to 1.0.3 Signed-off-by: Frédéric Dalleau <frederic.dalleau@docker.com>	2021-12-16 19:10:58 +01:00
Sylvain Prat	1c3e40ea2b	Fixes #3738 : add missing devices to acpid According to busybox' acpid code, acpid should be allowed to access /dev/input/event*, so we all all "input" devices (whose major number is 13) Signed-off-by: Sylvain Prat <sylvain.prat@gmail.com>	2021-12-09 21:05:34 +01:00
Avi Deitcher	4e7abb5250	document and simplify some releasing Signed-off-by: Avi Deitcher <avi@deitcher.net>	2021-11-29 16:39:06 +02:00
Emmanuel Briney	e254145257	Use RFC3339Nano for timestamps Signed-off-by: Emmanuel Briney <emmanuel.briney@docker.com>	2021-11-26 16:41:51 +01:00
Avi Deitcher	7549a63c9f	pkgs: Update packages to the latest linuxkit/alpine Signed-off-by: Avi Deitcher <avi@deitcher.net>	2021-11-09 14:02:42 +02:00
Tonis Tiigi	5af7c526ec	init: add support for cgroupv2 Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>	2021-10-24 23:03:51 -07:00
David Scott	476d5a0f2e	Update alpine for containerd Signed-off-by: David Scott <dave@recoil.org>	2021-10-21 11:34:59 +01:00
David Scott	7434e5f5aa	pkg/kmsg: grant access to /dev/kmsg Signed-off-by: David Scott <dave@recoil.org>	2021-10-18 21:02:44 +01:00
David Scott	6bc99c5ff2	pkg/metadata: grant access to all block devices Signed-off-by: David Scott <dave@recoil.org>	2021-10-18 21:02:36 +01:00
David Scott	9209808ac3	pkg/losetup: grant access to all block devices Signed-off-by: David Scott <dave@recoil.org>	2021-10-18 21:02:18 +01:00
David Scott	344d974ae1	pkg/extend: grant access to all block devices Signed-off-by: David Scott <dave@recoil.org>	2021-10-18 21:02:11 +01:00
David Scott	71fa9f2cae	pkg/dm-crypt: grant access to all devices The package needs block devices e.g. for /dev/sda It also needs character devices for /dev/mapper/ Signed-off-by: David Scott <dave@recoil.org>	2021-10-18 21:01:01 +01:00
David Scott	5895976b33	tools/mkimage: grant access to block devices Signed-off-by: David Scott <dave@recoil.org>	2021-10-18 21:00:55 +01:00
David Scott	0cfaa9ce65	runc: update to v1.0.2 Signed-off-by: David Scott <dave@recoil.org>	2021-10-18 21:00:04 +01:00
Rolf Neugebauer	6efae97c20	Update alpine for containerd Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>	2021-10-16 16:57:15 +01:00
David Scott	7d76051bb0	runc: update to v1.0.0-rc95 Signed-off-by: David Scott <dave@recoil.org>	2021-10-16 16:57:15 +01:00
David Scott	46ea02f65b	moby: device "all" will add to the cgroup whitelist After the runc security advisory[1] the default cgroup device whitelist was changed. In previous versions every container had "rwm" (read, write, mknod) for every device ("a" for all). Typically this was overridden by container engines like Docker. In LinuxKit we left the permissive default. In recent `runc` versions the default allow-all rule was removed, so a container can only access a device if it is specifically granted access, which LinuxKit handles via a device: entry. However it is inconvenient for pkg/format, pkg/mount, pkg/swap to list all possible block devices up-front. Therefore we add the ability to grant access to an entire class of device with a single rule: ``` - path: all type: b ``` Obviously a paranoid user can still override this with a specific major/minor number in a device: rule. [1] https://github.com/opencontainers/runc/security/advisories/GHSA-g54h-m393-cpwq Signed-off-by: David Scott <dave@recoil.org>	2021-10-14 16:14:21 +01:00
David Scott	24db42dd68	moby: add a Devices array to the image yml According to https://github.com/linuxkit/linuxkit/pull/3684#issuecomment-860128095 runc removed the console as a default device, so now it must be specified explicitly in the OCI config. See `60e21ec26e` The similar code in moby/moby is here: https://github.com/moby/moby/blob/master/oci/devices_linux.go This patch allows packages to declare a `devices` array, which can contain `/dev/console` etc. Signed-off-by: David Scott <dave@recoil.org>	2021-10-14 16:14:05 +01:00
David Scott	e463855425	trim-after-delete: avoid building on s390x Signed-off-by: David Scott <dave@recoil.org>	2021-05-18 13:39:20 +01:00
Anca Iordache	d326c1b2e6	Add more event types to trigger fstrim Signed-off-by: Anca Iordache <anca.iordache@docker.com>	2021-05-12 16:12:14 +02:00
Avi Deitcher	ef3e45ac02	pkgs: Update packages to the latest linuxkit/alpine Signed-off-by: Avi Deitcher <avi@deitcher.net>	2021-04-28 09:13:18 +03:00
Sebastiaan van Stijn	a63ff3c480	pkg/trim-after-delete: make docker socket path configurable Docker Desktop proxies the docker socket at its default location (/var/run/docker.sock), but allows connecting to the non-proxied socket through /var/run/docker.sock.raw. This patch allows the trim-after-delete utility to customize the docker socket path, so that it can connect to the non-proxied socket. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2021-04-21 13:11:12 +02:00
Rolf Neugebauer	e48d5294ee	Merge pull request #3539 from djs55/trim-after-delete-container trim-after-delete: handle containers and volumes as well as images	2021-04-05 13:21:02 +01:00
Michael Aldridge	b820b0a129	Support metaldata metadata provider Signed-off-by: Michael Aldridge <aldridge.mac@gmail.com>	2021-01-21 23:03:49 -08:00
Petr Fedchenkov	564a4ece26	strip containerd binaries Signed-off-by: Petr Fedchenkov <giggsoff@gmail.com>	2021-01-06 19:04:49 +03:00
Avi Deitcher	203cbd9b9f	multiple containerd options Signed-off-by: Avi Deitcher <avi@deitcher.net>	2020-10-21 11:11:48 +03:00
Avi Deitcher	54be4048f0	fix reversed equals error Signed-off-by: Avi Deitcher <avi@deitcher.net>	2020-10-19 20:54:14 +03:00
Avi Deitcher	865ed8a1ce	add containerd cli opts Signed-off-by: Avi Deitcher <avi@deitcher.net>	2020-10-19 14:49:15 +03:00
David Scott	76c7f6c1a6	trim-after-delete: also handle containers and volumes We already run the command after an image delete but - a container delete - a volume delete will also free space on the filesystem. Co-authored-by: Sebastiaan van Stijn <github@gone.nl> Signed-off-by: David Scott <dave@recoil.org>	2020-10-16 16:56:53 +01:00
Avi Deitcher	a1427d0b7b	Merge pull request #3558 from deitch/containerd-141 containerd 1.4.1 from latest version of lkt/alpine	2020-10-08 10:39:44 +03:00
Avi Deitcher	3143c04de9	containerd 1.4.1 from latest version of lkt/alpine Signed-off-by: Avi Deitcher <avi@deitcher.net>	2020-10-07 20:33:08 +03:00
Avi Deitcher	26d46d6c82	include openssh-client in sshd pkg Signed-off-by: Avi Deitcher <avi@deitcher.net>	2020-10-07 20:15:28 +03:00
Rolf Neugebauer	ea8ecd146d	pkgs: Update packages to the latest linuxkit/alpine Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>	2020-05-10 14:52:05 +01:00
Rolf Neugebauer	47063eee62	Merge pull request #3512 from saljam/master metadata: add support for digitalocean	2020-05-08 11:53:50 +01:00
Justin Cormack	c01f72d556	Add Risc-V support and only ship binaries we use Ported from https://github.com/docker/binfmt/pull/21 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2020-05-07 11:53:30 +01:00
Rolf Neugebauer	dbcf2611a0	Merge pull request #3515 from justincormack/qemu-up Update to Qemu 4.2.0 from Debian testing	2020-05-06 23:27:53 +01:00
Ilya Dmitrichenko	86fb6ba0aa	pkg/init: Mount /sys/fs/bpf NOTE: This will be a shared mount, due to root being turned into a shared with `MC_REC` set: `mount("", "/", "", rec\|shared, "")`. For some reason setting `shared` when mounting `/sys/fs/bpf` doesn't work at all, perhaps that's just a kernel feature. Signed-off-by: Ilya Dmitrichenko <errordeveloper@gmail.com>	2020-05-06 11:06:54 +01:00
Justin Cormack	d2f55af35c	Update to Qemu 4.2.0 from Debian testing This has fixed a lot of outstanding emulation issues, see comments in https://github.com/docker/binfmt/pull/24 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2020-05-04 16:22:52 +01:00
salman aljammaz	35ae4e028c	metadata: add support for digitalocean This adds support for fetching metadata and user data from the DigitalOcean metadata service. https://www.digitalocean.com/docs/droplets/resources/metadata/ Signed-off-by: salman aljammaz <s@aljmz.com>	2020-05-02 11:24:11 -04:00
Avi Deitcher	3678adeca8	find cloud-init on cdrom by label Signed-off-by: Avi Deitcher <avi@deitcher.net>	2020-04-27 17:00:42 +03:00
Rolf Neugebauer	2427145dfc	pkg/init: Revert "workaround bad containerd bug" This reverts commit `6653c3387e`. Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>	2020-04-26 22:49:48 +01:00
Rolf Neugebauer	1b8cb8b235	pkg/runc: Update to v1.0.0-rc10 Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>	2020-04-26 22:47:48 +01:00
Rolf Neugebauer	db1f9c8dc8	pkgs" Update containerd to v1.3.4 Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>	2020-04-26 22:47:48 +01:00
Federico Pellegatta	6133c561fd	Add GUID Partition Table (GPT) support to extend and mount packages Signed-off-by: Federico Pellegatta <12744504+federico-pellegatta@users.noreply.github.com>	2020-04-24 12:54:48 +02:00
Federico Pellegatta	5fc196c289	Add partition table type selector (defaulted to DOS/MBR) to format package Signed-off-by: Federico Pellegatta <12744504+federico-pellegatta@users.noreply.github.com>	2020-04-23 10:16:36 +02:00

1 2 3 4 5 ...

715 Commits