rancher/os
1
0
Fork 1
mirror of https://github.com/rancher/os.git synced 2025-07-02 01:31:48 +00:00
Code Issues Releases Wiki Activity

Update rancher/docker-from-scratch

Browse Source
This commit is contained in:
Josh Curl 2016-02-18 16:35:53 -08:00
parent cd8ab49579
commit 90c8de9c0a
4 changed files with 89 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
trash.yml
View File

@ -66,7 +66,7 @@ import:
version: 1349b37bd56f4f5ce2690b5b2c0f53f88a261c67 version: 1349b37bd56f4f5ce2690b5b2c0f53f88a261c67
- package: github.com/rancher/docker-from-scratch - package: github.com/rancher/docker-from-scratch
version: v1.10.1 version: 62ceebcf43725e484e598b2879d1aa33b4a5133a
- package: github.com/rancher/netconf - package: github.com/rancher/netconf
version: d7d620ef4ea62a9d04b51c7b3d9dc83fe7ffaa1b version: d7d620ef4ea62a9d04b51c7b3d9dc83fe7ffaa1b

1
vendor/github.com/rancher/docker-from-scratch/Dockerfile.dapper generated vendored
View File

@ -1,5 +1,6 @@
FROM golang:1.5.3 FROM golang:1.5.3
RUN apt-get update && apt-get -y install libselinux-dev pkg-config
RUN curl -o /usr/local/bin/docker -L https://get.docker.com/builds/Linux/x86_64/docker-1.9.1 && \ RUN curl -o /usr/local/bin/docker -L https://get.docker.com/builds/Linux/x86_64/docker-1.9.1 && \
chmod +x /usr/local/bin/docker chmod +x /usr/local/bin/docker

81
vendor/github.com/rancher/docker-from-scratch/scratch.go generated vendored
View File

@ -14,6 +14,7 @@ import (
log "github.com/Sirupsen/logrus" log "github.com/Sirupsen/logrus"
"github.com/docker/libnetwork/resolvconf" "github.com/docker/libnetwork/resolvconf"
"github.com/rancher/docker-from-scratch/selinux"
"github.com/rancher/docker-from-scratch/util" "github.com/rancher/docker-from-scratch/util"
"github.com/rancher/netconf" "github.com/rancher/netconf"
) )
@ -37,6 +38,9 @@ var (
{"none", "/sys", "sysfs", ""}, {"none", "/sys", "sysfs", ""},
{"none", "/sys/fs/cgroup", "tmpfs", ""}, {"none", "/sys/fs/cgroup", "tmpfs", ""},
} }
optionalMounts = [][]string{
{"none", "/sys/fs/selinux", "selinuxfs", ""},
}
systemdMounts = [][]string{ systemdMounts = [][]string{
{"systemd", "/sys/fs/cgroup/systemd", "cgroup", "none,name=systemd"}, {"systemd", "/sys/fs/cgroup/systemd", "cgroup", "none,name=systemd"},
} }
@ -56,6 +60,7 @@ type Config struct {
EmulateSystemd bool EmulateSystemd bool
NoFiles uint64 NoFiles uint64
Environment []string Environment []string
GraphDirectory string
} }
func createMounts(mounts ...[]string) error { func createMounts(mounts ...[]string) error {
@ -70,6 +75,16 @@ func createMounts(mounts ...[]string) error {
return nil return nil
} }
func createOptionalMounts(mounts ...[]string) {
for _, mount := range mounts {
log.Debugf("Mounting %s %s %s %s", mount[0], mount[1], mount[2], mount[3])
err := util.Mount(mount[0], mount[1], mount[2], mount[3])
if err != nil {
log.Debugf("Unable to mount %s %s %s %s: %s", mount[0], mount[1], mount[2], mount[3], err)
}
}
}
func createDirs(dirs ...string) error { func createDirs(dirs ...string) error {
for _, dir := range dirs { for _, dir := range dirs {
if _, err := os.Stat(dir); os.IsNotExist(err) { if _, err := os.Stat(dir); os.IsNotExist(err) {
@ -213,6 +228,22 @@ func copyDefault(folder, name string) error {
return nil return nil
} }
func copyDefaultFolder(folder string) error {
defaultFolder := path.Join(defaultPrefix, folder)
files, _ := ioutil.ReadDir(defaultFolder)
for _, file := range files {
if file.IsDir() {
continue
}
if err := copyDefault(folder, file.Name()); err != nil {
return err
}
}
return nil
}
func defaultFiles(files ...string) error { func defaultFiles(files ...string) error {
for _, file := range files { for _, file := range files {
dir := path.Dir(file) dir := path.Dir(file)
@ -225,6 +256,14 @@ func defaultFiles(files ...string) error {
return nil return nil
} }
func defaultFolders(folders ...string) error {
for _, folder := range folders {
copyDefaultFolder(folder)
}
return nil
}
func CopyFile(src, folder, name string) error { func CopyFile(src, folder, name string) error {
if _, err := os.Stat(src); os.IsNotExist(err) { if _, err := os.Stat(src); os.IsNotExist(err) {
return nil return nil
@ -330,6 +369,8 @@ func ParseConfig(config *Config, args ...string) []string {
if err != nil { if err != nil {
config.BridgeMtu = mtu config.BridgeMtu = mtu
} }
} else if strings.HasPrefix(arg, "-g") || strings.HasPrefix(arg, "--graph") {
config.GraphDirectory = util.GetValue(i, args)
} }
} }
@ -363,11 +404,17 @@ func PrepareFs(config *Config) error {
return err return err
} }
createOptionalMounts(optionalMounts...)
if err := mountCgroups(config.CgroupHierarchy); err != nil { if err := mountCgroups(config.CgroupHierarchy); err != nil {
return err return err
} }
if err := createLayout(); err != nil { if err := createLayout(config); err != nil {
return err
}
if err := firstPrepare(); err != nil {
return err return err
} }
@ -405,11 +452,23 @@ func touchSockets(args ...string) error {
return nil return nil
} }
func createLayout() error { func createLayout(config *Config) error {
if err := createDirs("/tmp", "/root/.ssh", "/var"); err != nil { if err := createDirs("/tmp", "/root/.ssh", "/var"); err != nil {
return err return err
} }
graphDirectory := config.GraphDirectory
if config.GraphDirectory == "" {
graphDirectory = "/var/lib/docker"
}
if err := createDirs(graphDirectory); err != nil {
return err
}
selinux.SetFileContext(graphDirectory, "system_u:object_r:var_lib_t:s0")
return CreateSymlinks([][]string{ return CreateSymlinks([][]string{
{"usr/lib", "/lib"}, {"usr/lib", "/lib"},
{"usr/sbin", "/sbin"}, {"usr/sbin", "/sbin"},
@ -417,7 +476,7 @@ func createLayout() error {
}) })
} }
func prepare(config *Config, docker string, args ...string) error { func firstPrepare() error {
os.Setenv("PATH", "/sbin:/usr/sbin:/usr/bin") os.Setenv("PATH", "/sbin:/usr/sbin:/usr/bin")
if err := defaultFiles( if err := defaultFiles(
@ -428,6 +487,15 @@ func prepare(config *Config, docker string, args ...string) error {
return err return err
} }
if err := defaultFolders(
"/etc/selinux",
"/etc/selinux/ros",
"/etc/selinux/ros/policy",
"/etc/selinux/ros/contexts",
); err != nil {
return err
}
if err := createPasswd(); err != nil { if err := createPasswd(); err != nil {
return err return err
} }
@ -436,6 +504,11 @@ func prepare(config *Config, docker string, args ...string) error {
return err return err
} }
return nil
}
func secondPrepare(config *Config, docker string, args ...string) error {
if err := setupNetworking(config); err != nil { if err := setupNetworking(config); err != nil {
return err return err
} }
@ -548,7 +621,7 @@ func setUlimit(cfg *Config) error {
} }
func runOrExec(config *Config, docker string, args ...string) (*exec.Cmd, error) { func runOrExec(config *Config, docker string, args ...string) (*exec.Cmd, error) {
if err := prepare(config, docker, args...); err != nil { if err := secondPrepare(config, docker, args...); err != nil {
return nil, err return nil, err
} }

10
vendor/github.com/rancher/docker-from-scratch/selinux/selinux.go generated vendored Normal file
View File

@ -0,0 +1,10 @@
package selinux
// #cgo pkg-config: libselinux
// #include <selinux/selinux.h>
import "C"
func SetFileContext(path string, context string) (int, error) {
ret, err := C.setfilecon(C.CString(path), C.CString(context))
return int(ret), err
}