On 'linuxkit run packet' ssh into the SOS for the newly created
machine. This requires that you have set up your ssh keys and
have at least once logged into the ssh so that the host keys
are present in the 'known_hosts' file.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
This option configures the machine to always PXE boot. By
default it would only PXE boot for the first time.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
If a packet account is shared between users, this makes it
clearer who created the machine.
Also, switch "moby" to "linuxkit"
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
Chown clears suid bits even for root on Linux.
Also move a few functions to x/sys/unix from syscall, to be
more arm64 friendly.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
To enable this bump github.com/Azure/go-ansiterm and github.com/docker/docker
to their latest version which have switched to lower case.
This in turn requires bumping golang.org/x/sys since github.com/docker/docker/pkg/term
now uses `unix.IoctlGetTermios`. I picked the revision from docker/docker's vendor.conf.
Signed-off-by: Ian Campbell <ijc@docker.com>
Runc is master as of this morning, slightly newer than what is vendored into
containerd v1.0.0-alpha3 but the differences[0] seemed benign and/or good to have.
Signed-off-by: Ian Campbell <ijc@docker.com>
[0] 429a538712...45bde006ca
In line with BIOS ISO changes previously.
Remove boot options, user can add if required, they made boot very slow.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
The PR to enable notary signing has been merged. Also update
documentation as `got get` should now also work.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
On arm64 the serial console is a ttyAMA0. Non-existing
consoles are ignored, so this should work on x86 and arm64.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
- When executing on aarch64, use it as the default arch
- When selecting aarch64 on a non aarch64 system set the
CPU flag to a default value (not 'host').
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
This requires that users have `CAP_SYSLOG` in order to access `dmesg`.
This means that containers by default have no access to `dmesg` (which
can leak information about the host or other containers) unless they
have this capability added.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
