diff --git a/debian/NEWS b/debian/NEWS new file mode 100644 index 0000000..d926b4e --- /dev/null +++ b/debian/NEWS @@ -0,0 +1,41 @@ +docker.io (20.10.2-0ubuntu2) hirsute; urgency=medium + + As of version 20.10.2-0ubuntu2, upgrading the docker.io package will fail if + any containers are still using AUFS. It will be necessary to take some + measures to move existing containers away from aufs and delete the directory + /var/lib/docker/aufs before upgrading can succeed. See the previous NEWS + entry for instructions on moving away from AUFS. + + Note: Option 3 from the previous NEWS entry is no longer going to be a valid + option moving forward. Users will have to either migrate their + containers to a supported storage driver or maintain their own kernel + builds with AUFS support. + + -- William 'jawn-smith' Wilson Wed, 24 Feb 2021 16:06:03 -0600 + +docker.io (1.8.3~ds1-3) unstable; urgency=medium + + As of src:linux 4.0+ (specifically, >= 3.18-1~exp1), AUFS support is no longer + included in official Debian-compiled kernels. What this means to Docker users + is that if your existing images are stored within the "AUFS" graph driver that + once you update your kernel, your images (and containers) will become + inaccessible (due to the kernel not having the necessary aufs modules to mount + them). To recover from this, there are a couple options (detailed below). + + 1. Use the included nuke script to blow away your existing "/var/lib/docker" + contents and start fresh with Linux 4.0+: + + service docker stop + /usr/share/docker.io/contrib/nuke-graph-directory.sh /var/lib/docker + service docker start + + 2. Use "docker save" (see "docker help save" for usage) before booting 4.0+ to + preserve your images on-disk as tar files, then follow the nuke step from + the previous option followed by using "docker load" to re-load your images. + + 3. Update to src:linux >= 4.1.1-1~exp1 ("aufs: Apply patches to enable + building aufs out-of-tree"), and then compile the aufs modules out-of-tree + (a package for doing this module compilation automatically doesn't yet + exist at the time of this writing, but might in the future). + + -- Tianon Gravi Tue, 01 Dec 2015 01:02:44 -0800 diff --git a/debian/README.Debian b/debian/README.Debian new file mode 100644 index 0000000..0e17f66 --- /dev/null +++ b/debian/README.Debian @@ -0,0 +1,47 @@ +Docker on Debian +================ + +To enable docker memory limitation, the kernel needs to be loaded with +boot parameters: cgroup_enable=memory swapaccount=1. + +This is because enabling memory cgroup support has some run-time overhead, +and kernel maintainers don't want to slow down systems unnecessarily. + +http://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg764104.html +https://github.com/docker/docker/issues/396 + +To instruct the kernel to enable memory cgroup support, edit +/etc/default/grub and extend GRUB_CMDLINE_LINUX_DEFAULT like: + +GRUB_CMDLINE_LINUX_DEFAULT="cgroup_enable=memory swapaccount=1" + +Then run update-grub, and reboot. + + +It's worth pointing out that upstream maintains a "check-config.sh" script for +verifying not only proper kernel configuration (which isn't terribly relevant in +the Debian context), but also the host system configuration, especially and +including whether a properly mounted cgroup hierarchy can be found. If you're +using cgroupfs-mount or systemd, chances are very high that you have one, but if +not, you're likely to see strange behavior. + +In the docker.io package, one can find the "check-config.sh" script under +"/usr/share/docker.io/contrib/check-config.sh", which when run (does NOT require +root/sudo) will report on problems with your installation/configuration. + + +As noted in the upstream documentation (https://docs.docker.io), Docker will +allow non-root users in the "docker" group to access "docker.sock" and thus +communicate with the daemon. To add yourself to the "docker" group, use +something like: + +adduser YOURUSER docker + +As also noted in the upstream documentation, the "docker" group (and any other +means of accessing the Docker API) is root-equivalent. If you don't trust a +user with root on your box, you shouldn't trust them with Docker either. +If you are interested in further information about the security aspects of +Docker, please be sure to read the "Docker Security" article in the +upstream documentation: + + https://docs.docker.com/engine/security/security/ diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..73ea6ad --- /dev/null +++ b/debian/changelog @@ -0,0 +1,5 @@ +docker.io (20.10.16-ok1) yangtze; urgency=medium + + * Initial release. + + -- Luoyaoming Fri, 16 Dec 2022 10:05:31 +0800 diff --git a/debian/clean b/debian/clean new file mode 100644 index 0000000..232f3a5 --- /dev/null +++ b/debian/clean @@ -0,0 +1,8 @@ +.gocache/ +.gopath/ +cli/build/ +cli/man/man*/ +engine/bundles/ +engine/dockerversion/*_autogen*.go +libnetwork/docker-proxy +tini/build/ diff --git a/debian/compat b/debian/compat new file mode 100644 index 0000000..b4de394 --- /dev/null +++ b/debian/compat @@ -0,0 +1 @@ +11 diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..ce11b94 --- /dev/null +++ b/debian/control @@ -0,0 +1,127 @@ +Source: docker.io +Section: admin +Priority: optional +Maintainer: Openkylin Developers +XSBC-Original-Maintainer: Paul Tagliamonte +Uploaders: Openkylin Developers +Build-Conflicts: golang-github-docker-docker-dev +Build-Depends: bash-completion, + ca-certificates, + cmake, + debconf (>= 0.5), + debhelper (>= 11), + dh-apparmor, + dh-exec, + dh-golang, + git, + golang-go, + libapparmor-dev, + libbtrfs-dev | btrfs-progs (<< 4.16.1~), + libdevmapper-dev (>= 2:1.02.68~), + libltdl-dev, + libseccomp-dev, + libsystemd-dev (>= 209~), + pkg-config, + procps, + tzdata +Standards-Version: 3.9.8 +Homepage: https://www.docker.com/community-edition +Vcs-Git: https://gitee.com/openkylin/docker.io.git +Vcs-Browser: https://gitee.com/openkylin/docker.io +XS-Go-Import-Path: github.com/docker/docker + +Package: docker.io +Architecture: amd64 arm64 armhf i386 ppc64el riscv64 s390x +Depends: adduser, + containerd (>= 1.2.6-0), + iptables, + ${misc:Depends}, + ${shlibs:Depends} +Recommends: ca-certificates, + git, + pigz, + ubuntu-fan, + xz-utils, + ${apparmor:Recommends} +Replaces: docker (<< 1.5~) +Breaks: docker (<< 1.5~) +Suggests: aufs-tools, + btrfs-progs, + cgroupfs-mount | cgroup-lite, + debootstrap, + docker-doc, + rinse, + zfs-fuse | zfsutils +Built-Using: ${libc:Built-Using}, ${misc:Built-Using} +Description: Linux container runtime + Docker complements kernel namespacing with a high-level API which operates at + the process level. It runs unix processes with strong guarantees of isolation + and repeatability across servers. + . + Docker is a great building block for automating distributed systems: + large-scale web deployments, database clusters, continuous deployment systems, + private PaaS, service-oriented architectures, etc. + . + This package contains the daemon and client. Using docker.io on non-amd64 hosts + is not supported at this time. Please be careful when using it on anything + besides amd64. + . + Also, note that kernel version 3.8 or above is required for proper operation of + the daemon process, and that any lower versions may have subtle and/or glaring + issues. + +Package: vim-syntax-docker +Architecture: all +Depends: vim, ${misc:Depends} +Recommends: vim-addon-manager +Suggests: docker.io +Description: Docker container engine - Vim highlighting syntax files + This package provides syntax files for the Vim editor for editing Dockerfiles + from the Docker container engine. + +Package: golang-github-docker-docker-dev +Architecture: all +Depends: golang-github-ishidawataru-sctp-dev, + golang-github-docker-docker-credential-helpers-dev, + golang-github-seccomp-libseccomp-golang-dev, + ${misc:Depends} +Replaces: golang-docker-dev (<< 1.8.2~ds1-0) +Breaks: golang-docker-dev (<< 1.8.2~ds1-0) +Provides: golang-docker-dev +Description: Externally reusable Go packages included with Docker + These packages are intentionally developed by upstream in such a way that they + are reusable to projects outside Docker and only rely on each other or other + external dependencies to be built. + +Package: golang-docker-dev +Section: oldlibs +Priority: optional +Architecture: all +Depends: golang-github-docker-docker-dev, ${misc:Depends} +Description: Transitional package for golang-github-docker-docker-dev + This is a transitional package to ease upgrades to the + golang-github-docker-docker-dev package. It can safely be removed. + +Package: docker-doc +Provides: docker.io-doc +Section: doc +Architecture: all +Depends: ${misc:Depends} +Description: Linux container runtime -- documentation + Docker complements kernel namespacing with a high-level API which operates at + the process level. It runs unix processes with strong guarantees of isolation + and repeatability across servers. + . + Docker is a great building block for automating distributed systems: + large-scale web deployments, database clusters, continuous deployment systems, + private PaaS, service-oriented architectures, etc. + . + This package contains the daemon and client. Using docker.io on non-amd64 hosts + is not supported at this time. Please be careful when using it on anything + besides amd64. + . + Also, note that kernel version 3.8 or above is required for proper operation of + the daemon process, and that any lower versions may have subtle and/or glaring + issues. + . + This package provides documentation for Docker. diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..47aef8c --- /dev/null +++ b/debian/copyright @@ -0,0 +1,1073 @@ +Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: Docker +Upstream-Contact: Docker, Inc. +Source: https://github.com/docker/docker + +# values gathered via "git grep -inE 'license|copyright'" (should be in the order that command spits out) +# (don't forget that we're multiorig, so need all tarball licenses!!) + +Files: * +Copyright: 2012-2016 Docker, Inc. +License: Apache-2.0 + +Files: tini/* +Copyright: 2015 Thomas Orozco +License: Expat + +Files: debian/* +Copyright: 2013-2014 Daniel Mizyrycki + 2013-2014 Paul Tagliamonte + 2012-2014 Michael Stapelberg + 2013-2016 Tianon Gravi + 2013-2014 Johan Euphrosine + 2014 Prach Pongpanich + 2016 Tim Potter + 2016 Dmitry Smirnov + 2016 Michael Hudson-Doyle +License: Apache-2.0 + +Files: contrib/completion/zsh/* +Copyright: 2013-2014 Felix Riedel +License: BSD-3-clause-Generic + +Files: contrib/init/openrc/docker.initd +Copyright: 1999-2013 Gentoo Foundation +License: GPL-2 + +Files: contrib/selinux*/* +Copyright: 2012-2016 Docker Inc. +License: GPL-2 +Comment: + No explicit copyright statement; assuming upstream copyright. + +Files: contrib/syntax/vim/* +Copyright: 2013 Honza Pokorny +License: BSD-2-clause + +# pkg/aaparser/*.go include references to "Copyright" that are referring to the output of another tool (not the copyright of these files themselves) + +Files: pkg/symlink/fs.go +Copyright: 2014-2016 The Docker & Go Authors +License: BSD-3-clause-Google + +Files: vendor/github.com/Azure/go-ansiterm/* +Copyright: 2015 Microsoft Corporation +License: Expat + +Files: vendor/github.com/BurntSushi/toml/* +Copyright: 2013–2016 Andrew Gallant +License: WTFPL-2.0 + +Files: vendor/github.com/BurntSushi/toml/type_fields.go +Copyright: 2010 The Go Authors +License: BSD-3-clause-Google + +Files: vendor/github.com/Graylog2/go-gelf/* +Copyright: 2012 SocialCode +License: Expat + +Files: vendor/github.com/Microsoft/go-winio/* +Copyright: 2015 Microsoft +License: Expat + +Files: vendor/github.com/Microsoft/go-winio/archive/tar/* +Copyright: 2012 The Go Authors +License: BSD-3-clause-Google + +Files: vendor/github.com/Microsoft/hcsshim/* +Copyright: 2015 Microsoft +License: Expat + +Files: vendor/github.com/Microsoft/hcsshim/mksyscall_windows.go +Copyright: 2013 The Go Authors +License: BSD-3-clause-Google + +Files: vendor/github.com/RackSec/srslog/* +Copyright: 2015 Rackspace +License: BSD-3-clause-Google + +Files: vendor/github.com/Sirupsen/logrus/* +Copyright: 2014 Simon Eskildsen +License: Expat + +Files: vendor/github.com/Sirupsen/logrus/alt_exit.go +Copyright: 2012 Miki Tebeka +License: Expat + +Files: vendor/github.com/Sirupsen/logrus/terminal_*.go +Copyright: 2011 The Go Authors +License: BSD-3-clause-Google + +Files: vendor/github.com/agl/ed25519/* +Copyright: 2012 The Go Authors +License:BSD-3-clause-Google + +Files: vendor/github.com/armon/go-metrics/* +Copyright: 2013 Armon Dadgar +License: Expat + +Files: vendor/github.com/armon/go-radix/* +Copyright: 2014 Armon Dadgar +License: Expat + +Files: vendor/github.com/beorn7/perks/* +Copyright: 2013 Blake Mizerany +License: Expat + +Files: vendor/github.com/boltdb/bolt/* +Copyright: 2013 Ben Johnson +License: Expat + +Files: vendor/github.com/cloudflare/cfssl/* +Copyright: 2014 CloudFlare Inc. +License: Expat + +Files: vendor/github.com/coreos/etcd/* +Copyright: 2013-2015 CoreOS Inc. + 2014 Google Inc. + 2015 The etcd Authors +License: Apache-2.0 + +Files: vendor/github.com/coreos/etcd/client/cancelreq.go + vendor/github.com/coreos/etcd/pkg/pathutil/path.go +Copyright: 2015 The Go Authors +License: BSD-3-clause-Google + +Files: vendor/github.com/coreos/go-systemd/* +Copyright: 2013-2015 CoreOS Inc. + 2015 RedHat, Inc. +License: Apache-2.0 + +Files: vendor/github.com/coreos/pkg/* +Copyright: 2014 CoreOS, Inc +License: Apache-2.0 + +Files: vendor/github.com/davecgh/go-spew/* +Copyright: 2012-2013 Dave Collins +License: ISC + +Files: vendor/github.com/deckarep/golang-set/* +Copyright: 2013 Ralph Caraveo +License: Expat + +Files: vendor/github.com/docker/containerd/* + containerd/* +Copyright: 2012-2015 Docker, Inc. +License: Apache-2.0 + +Files: vendor/github.com/docker/distribution/* +Copyright: 2014-2016 Docker, Inc. +License: Apache-2.0 + +Files: vendor/github.com/docker/docker-credential-helpers/* +Copyright: 2016 David Calavera +License: Expat + +Files: vendor/github.com/docker/go-connections/* +Copyright: 2015 Docker, Inc. +License: Apache-2.0 + +Files: vendor/github.com/docker/go-events/* +Copyright: 2016 Docker, Inc. +License: Apache-2.0 + +Files: vendor/github.com/docker/go-metrics/* +Copyright: 2012-2015 Docker, Inc. +License: Apache-2.0 + +Files: vendor/github.com/docker/go-units/* +Copyright: 2015 Docker, Inc. +License: Apache-2.0 + +Files: vendor/github.com/docker/go/* +Copyright: 2012 The Go Authors + 2015 Jessie Frazelle +License: BSD-3-Clause-Google + +Files: vendor/github.com/docker/libnetwork/* + libnetwork/* +Copyright: 2014 Docker Inc. +License: Apache-2.0 + +Files: vendor/github.com/docker/libtrust/* +Copyright: 2014 Docker Inc. +License: Apache-2.0 + +Files: vendor/github.com/docker/notary/* +Copyright: 2015 Docker, Inc. +License: Apache-2.0 + +Files: vendor/github.com/docker/notary/tuf/* +Copyright: 2015 Docker, Inc. + 2014-2015 Prime Directive, Inc. +License: BSD-3-clause-Prime + +Files: vendor/github.com/docker/swarmkit/* +Copyright: 2014 Docker Inc. +License: Apache-2.0 + +Files: vendor/github.com/docker/swarmkit/api/duration/duration.proto + vendor/github.com/docker/swarmkit/api/timestamp/timestamp.proto + vendor/github.com/docker/swarmkit/protobuf/ptypes/duration.go +Copyright: 2008 Google Inc. +License: BSD-3-clause-Google + +Files: vendor/github.com/fluent/fluent-logger-golang/* +Copyright: 2013 Tatsuo Kaniwa +License: Apache-2.0 + +Files: vendor/github.com/flynn-archive/go-shlex/* +Copyright: 2012 Google Inc. +License: Apache-2.0 + +Files: vendor/github.com/fsnotify/fsnotify/* +Copyright: 2010 The Go Authors + 2012 fsnotify Authors +License: BSD-3-clause-Google + +Files: vendor/github.com/go-check/check/* +Copyright: 2010-2013 Gustavo Niemeyer +License: BSD-2-clause + +Files: vendor/github.com/go-check/check/benchmark.go +Copyright: 2012 The Go Authors +License: BSD-3-clause-Google + +Files: vendor/github.com/go-ini/ini/* +Copyright: 2014 Unknwon +License: Apache-2.0 + +Files: vendor/github.com/godbus/dbus/* +Copyright: 2013 Georg Reinke + 2013 Google +License: BSD-2-clause + +Files: vendor/github.com/gogo/protobuf/* +Copyright: 2013, The GoGo Authors + 2010 The Go Authors +License: BSD-3-clause-Google + +Files: vendor/github.com/golang/mock/* +Copyright: 2010 Google Inc. +License: Apache-2.0 + +Files: vendor/github.com/golang/protobuf/* +Copyright: 2010 The Go Authors +License: BSD-3-clause-Google + +# https://github.com/google/certificate-transparency/blob/c5649b7459cf167ec89bfbc4ff589f4f9086393e/AUTHORS +Files: vendor/github.com/google/certificate-transparency/* +Copyright: Comodo CA Limited + Ed Maste + Fiaz Hossain + Google Inc. + Jeff Trawick + Katriel Cohn-Gordon + Laël Cellier + Mark Schloesser + NORDUnet A/S + Nicholas Galbreath + Oliver Weidner + PrimeKey Solutions AB + Ruslan Kovalov + Venafi, Inc. + Vladimir Rutsky + Ximin Luo +License: Apache-2.0 + +Files: vendor/github.com/google/certificate-transparency/cpp/third_party/curl/* +Copyright: 1996-2013 Daniel Stenberg +License: Expat + +Files: vendor/github.com/google/certificate-transparency/cpp/third_party/isec_partners/* +Copyright: 2012 iSEC Partners +License: Expat + +Files: vendor/github.com/google/certificate-transparency/go/* +Copyright: 2009 The Go Authors +License: BSD-3-clause-Google + +Files: vendor/github.com/gorilla/* +Copyright: 2012 Rodrigo Moraes +License: BSD-3-clause-Google + +Files: vendor/github.com/hashicorp/* +Copyright: 2013-2016 HashiCorp +License: MPL-2.0 + +Files: vendor/github.com/hashicorp/go-msgpack/* +Copyright: 2012-2013 Ugorji Nwoke +License: BSD-3-clause-Generic + +Files: vendor/github.com/imdario/mergo/* +Copyright: 2013 Dario Castañé + 2009 The Go Authors +License: BSD-3-clause-Google + +Files: vendor/github.com/inconshreveable/mousetrap/* +Copyright: 2014 Alan Shreve +License: Apache-2.0 + +Files: vendor/github.com/jmespath/go-jmespath/* +Copyright: 2015 James Saryerwinnie +License: Apache-2.0 + +Files: vendor/github.com/mattn/go-sqlite3/* +Copyright: 2014 Yasuhiro Matsumoto +License: Expat + +Files: vendor/github.com/matttproud/golang_protobuf_extensions/* +Copyright: 2013 Matt T. Proud +License: Apache-2.0 + +Files: vendor/github.com/miekg/dns/* +Copyright: 2009-2015 Miek Gieben + 2014 CloudFlare + 2009 The Go Authors +License: BSD-3-Clause-Google + +Files: vendor/github.com/miekg/pkcs11/* +Copyright: 2013 Miek Gieben +License: BSD-3-clause-miekg + +Files: vendor/github.com/miekg/pkcs11/pkcs11*.h +Copyright: 1994 RSA Security Inc. +License: Cryptoki + +Files: vendor/github.com/mistifyio/go-zfs/* +Copyright: 2014, OmniTI Computer Consulting, Inc. +License: Apache-2.0 + +Files: vendor/github.com/mitchellh/mapstructure/* +Copyright: 2013 Mitchell Hashimoto +License: Expat + +Files: vendor/github.com/opencontainers/runc/* + runc/* +Copyright: 2012 Docker, Inc. +License: Apache-2.0 + +Files: vendor/github.com/opencontainers/runtime-spec/* +Copyright: 2015 The Linux Foundation +License: Apache-2.0 + +Files: vendor/github.com/pborman/uuid/* +Copyright: 2009 Google Inc. +License: BSD-3-clause-Google + +Files: vendor/github.com/pivotal-golang/clock/* +Copyright: 2015 CloudFoundry.org Foundation, Inc. + 2015 Pivotal Software, Inc. +License: Apache-2.0 + +Files: vendor/github.com/pkg/errors/* +Copyright: 2015 Dave Cheney +License: BSD-2-clause + +Files: vendor/github.com/pmezard/go-difflib/* +Copyright: 2013 Patrick Mezard +License: BSD-3-clause-Generic + +Files: vendor/github.com/prometheus/* +Copyright: 2012-2015 The Prometheus Authors + 2011 Open Knowledge Foundation Ltd. + 2013-2015 Blake Mizerany, Björn Rabenstein + 2010 The Go Authors + 2013 Matt T. Proud +License: Apache-2.0 + +Files: vendor/github.com/samuel/go-zookeeper/* +Copyright: 2012-2013 Samuel Stauffer +License: BSD-3-clause-Generic + +Files: vendor/github.com/seccomp/libseccomp-golang/* +Copyright: 2015 Matthew Heon + 2015 Paul Moore +License: BSD-2-clause + +Files: vendor/github.com/spf13/cobra/* +Copyright: 2013 Steve Francia +License: Apache-2.0 + +Files: vendor/github.com/spf13/pflag/* +Copyright: 2012 Alex Ogier + 2012 The Go Authors +License: BSD-3-clause-Google + +Files: vendor/github.com/stretchr/testify/* +Copyright: 2012-2013 Mat Ryer and Tyler Bunnell +License: Expat + +Files: vendor/github.com/syndtr/gocapability/* +Copyright: 2013 Suryandaru Triandana +License: BSD-2-clause-gocapability + +Files: vendor/github.com/tchap/go-patricia/* +Copyright: 2014 Ondřej Kupka +License: Expat + +Files: vendor/github.com/tinylib/msgp/* +Copyright: 2014 Philip Hofer + 2009 The Go Authors +License: Expat + +Files: vendor/github.com/tonistiigi/fifo/* +Copyright: 2016 Tõnis Tiigi +License: Expat + +Files: vendor/github.com/ugorji/go/* +Copyright: 2012-2015 Ugorji Nwoke +License: Expat + +Files: vendor/github.com/vbatts/tar-split/* +Copyright: 2015 Vincent Batts +License: Expat + +Files: vendor/github.com/vbatts/tar-split/archive/tar/* +Copyright: 2009 The Go Authors + 2015 Vincent Batts +License: BSD-3-clause-Google + +Files: vendor/github.com/vdemeester/shakers/* +Copyright: 2015-2016 Vincent Demeester +License: Apache-2.0 + +Files: vendor/github.com/vishvananda/* +Copyright: 2014 Vishvananda Ishaya + 2014 Docker, Inc. +License: Apache-2.0 + +Files: vendor/github.com/xeipuuv/gojsonpointer/* +Copyright: 2015 xeipuuv +License: Apache-2.0 + +Files: vendor/golang.org/x/* +Copyright: 2009 The Go Authors +License: BSD-3-clause-Google + +Files: vendor/golang.org/x/oauth2/* +Copyright: 2014-2015 The oauth2 Authors + 2014-2016 The Go Authors +License: BSD-3-clause-Google + +Files: vendor/google.golang.org/* +Copyright: 2011 Google Inc. +License: BSD-3-clause-Google + +Files: vendor/gopkg.in/yaml.v2/* +Copyright: 2011-2014 Canonical Inc. +License: LGPL-3 + +License: Apache-2.0 + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + . + http://www.apache.org/licenses/LICENSE-2.0 + . + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + . + On Debian systems, the complete text of the Apache version 2.0 license + can be found in "/usr/share/common-licenses/Apache-2.0". + +License: GPL-2 + This file is part of Buildbot. Buildbot is free software: you can + redistribute it and/or modify it under the terms of the GNU General Public + License as published by the Free Software Foundation, version 2. + . + This program is distributed in the hope that it will be useful, but WITHOUT + ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS + FOR A PARTICULAR PURPOSE. See the GNU General Public License for more + details. + . + You should have received a copy of the GNU General Public License along with + this program; if not, write to the Free Software Foundation, Inc., 51 + Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + . + On Debian systems, the complete text of the Apache version 2.0 license + can be found in "/usr/share/common-licenses/GPL-2". + +License: BSD-2-clause + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + . + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + . + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR + ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +License: BSD-3-clause-Google + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are + met: + . + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above + copyright notice, this list of conditions and the following disclaimer + in the documentation and/or other materials provided with the + distribution. + * Neither the name of Google Inc. nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + . + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +License: BSD-3-clause-Prime + All rights reserved. + . + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are + met: + . + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above + copyright notice, this list of conditions and the following disclaimer + in the documentation and/or other materials provided with the + distribution. + * Neither the name of Prime Directive, Inc. nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + . + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +License: BSD-3-clause-Generic + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + * Neither the name of the nor the + names of its contributors may be used to endorse or promote products + derived from this software without specific prior written permission. + . + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + DISCLAIMED. IN NO EVENT SHALL BE LIABLE FOR ANY + DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +License: Expat + Permission is hereby granted, free of charge, to any person obtaining a copy + of this software and associated documentation files (the "Software"), to deal + in the Software without restriction, including without limitation the rights + to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + copies of the Software, and to permit persons to whom the Software is + furnished to do so, subject to the following conditions: + . + The above copyright notice and this permission notice shall be included in all + copies or substantial portions of the Software. + . + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + SOFTWARE. + +License: WTFPL-2.0 + DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE + Version 2, December 2004 + . + Copyright (C) 2004 Sam Hocevar + . + Everyone is permitted to copy and distribute verbatim or modified + copies of this license document, and changing it is allowed as long + as the name is changed. + . + DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + . + 0. You just DO WHAT THE FUCK YOU WANT TO. + +License: BSD-2-clause-gocapability + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are + met: + . + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + . + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +License: MPL-2.0 + Mozilla Public License, version 2.0 + . + 1. Definitions + . + 1.1. “Contributor” + . + means each individual or legal entity that creates, contributes to the + creation of, or owns Covered Software. + . + 1.2. “Contributor Version” + . + means the combination of the Contributions of others (if any) used by a + Contributor and that particular Contributor’s Contribution. + . + 1.3. “Contribution” + . + means Covered Software of a particular Contributor. + . + 1.4. “Covered Software” + . + means Source Code Form to which the initial Contributor has attached the + notice in Exhibit A, the Executable Form of such Source Code Form, and + Modifications of such Source Code Form, in each case including portions + thereof. + . + 1.5. “Incompatible With Secondary Licenses” + means + . + a. that the initial Contributor has attached the notice described in + Exhibit B to the Covered Software; or + . + b. that the Covered Software was made available under the terms of version + 1.1 or earlier of the License, but not also under the terms of a + Secondary License. + . + 1.6. “Executable Form” + . + means any form of the work other than Source Code Form. + . + 1.7. “Larger Work” + . + means a work that combines Covered Software with other material, in a separate + file or files, that is not Covered Software. + . + 1.8. “License” + . + means this document. + . + 1.9. “Licensable” + . + means having the right to grant, to the maximum extent possible, whether at the + time of the initial grant or subsequently, any and all of the rights conveyed by + this License. + . + 1.10. “Modifications” + . + means any of the following: + . + a. any file in Source Code Form that results from an addition to, deletion + from, or modification of the contents of Covered Software; or + . + b. any new file in Source Code Form that contains any Covered Software. + . + 1.11. “Patent Claims” of a Contributor + . + means any patent claim(s), including without limitation, method, process, + and apparatus claims, in any patent Licensable by such Contributor that + would be infringed, but for the grant of the License, by the making, + using, selling, offering for sale, having made, import, or transfer of + either its Contributions or its Contributor Version. + . + 1.12. “Secondary License” + . + means either the GNU General Public License, Version 2.0, the GNU Lesser + General Public License, Version 2.1, the GNU Affero General Public + License, Version 3.0, or any later versions of those licenses. + . + 1.13. “Source Code Form” + . + means the form of the work preferred for making modifications. + . + 1.14. “You” (or “Your”) + . + means an individual or a legal entity exercising rights under this + License. For legal entities, “You” includes any entity that controls, is + controlled by, or is under common control with You. For purposes of this + definition, “control” means (a) the power, direct or indirect, to cause + the direction or management of such entity, whether by contract or + otherwise, or (b) ownership of more than fifty percent (50%) of the + outstanding shares or beneficial ownership of such entity. + . + . + 2. License Grants and Conditions + . + 2.1. Grants + . + Each Contributor hereby grants You a world-wide, royalty-free, + non-exclusive license: + . + a. under intellectual property rights (other than patent or trademark) + Licensable by such Contributor to use, reproduce, make available, + modify, display, perform, distribute, and otherwise exploit its + Contributions, either on an unmodified basis, with Modifications, or as + part of a Larger Work; and + . + b. under Patent Claims of such Contributor to make, use, sell, offer for + sale, have made, import, and otherwise transfer either its Contributions + or its Contributor Version. + . + 2.2. Effective Date + . + The licenses granted in Section 2.1 with respect to any Contribution become + effective for each Contribution on the date the Contributor first distributes + such Contribution. + . + 2.3. Limitations on Grant Scope + . + The licenses granted in this Section 2 are the only rights granted under this + License. No additional rights or licenses will be implied from the distribution + or licensing of Covered Software under this License. Notwithstanding Section + 2.1(b) above, no patent license is granted by a Contributor: + . + a. for any code that a Contributor has removed from Covered Software; or + . + b. for infringements caused by: (i) Your and any other third party’s + modifications of Covered Software, or (ii) the combination of its + Contributions with other software (except as part of its Contributor + Version); or + . + c. under Patent Claims infringed by Covered Software in the absence of its + Contributions. + . + This License does not grant any rights in the trademarks, service marks, or + logos of any Contributor (except as may be necessary to comply with the + notice requirements in Section 3.4). + . + 2.4. Subsequent Licenses + . + No Contributor makes additional grants as a result of Your choice to + distribute the Covered Software under a subsequent version of this License + (see Section 10.2) or under the terms of a Secondary License (if permitted + under the terms of Section 3.3). + . + 2.5. Representation + . + Each Contributor represents that the Contributor believes its Contributions + are its original creation(s) or it has sufficient rights to grant the + rights to its Contributions conveyed by this License. + . + 2.6. Fair Use + . + This License is not intended to limit any rights You have under applicable + copyright doctrines of fair use, fair dealing, or other equivalents. + . + 2.7. Conditions + . + Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in + Section 2.1. + . + . + 3. Responsibilities + . + 3.1. Distribution of Source Form + . + All distribution of Covered Software in Source Code Form, including any + Modifications that You create or to which You contribute, must be under the + terms of this License. You must inform recipients that the Source Code Form + of the Covered Software is governed by the terms of this License, and how + they can obtain a copy of this License. You may not attempt to alter or + restrict the recipients’ rights in the Source Code Form. + . + 3.2. Distribution of Executable Form + . + If You distribute Covered Software in Executable Form then: + . + a. such Covered Software must also be made available in Source Code Form, + as described in Section 3.1, and You must inform recipients of the + Executable Form how they can obtain a copy of such Source Code Form by + reasonable means in a timely manner, at a charge no more than the cost + of distribution to the recipient; and + . + b. You may distribute such Executable Form under the terms of this License, + or sublicense it under different terms, provided that the license for + the Executable Form does not attempt to limit or alter the recipients’ + rights in the Source Code Form under this License. + . + 3.3. Distribution of a Larger Work + . + You may create and distribute a Larger Work under terms of Your choice, + provided that You also comply with the requirements of this License for the + Covered Software. If the Larger Work is a combination of Covered Software + with a work governed by one or more Secondary Licenses, and the Covered + Software is not Incompatible With Secondary Licenses, this License permits + You to additionally distribute such Covered Software under the terms of + such Secondary License(s), so that the recipient of the Larger Work may, at + their option, further distribute the Covered Software under the terms of + either this License or such Secondary License(s). + . + 3.4. Notices + . + You may not remove or alter the substance of any license notices (including + copyright notices, patent notices, disclaimers of warranty, or limitations + of liability) contained within the Source Code Form of the Covered + Software, except that You may alter any license notices to the extent + required to remedy known factual inaccuracies. + . + 3.5. Application of Additional Terms + . + You may choose to offer, and to charge a fee for, warranty, support, + indemnity or liability obligations to one or more recipients of Covered + Software. However, You may do so only on Your own behalf, and not on behalf + of any Contributor. You must make it absolutely clear that any such + warranty, support, indemnity, or liability obligation is offered by You + alone, and You hereby agree to indemnify every Contributor for any + liability incurred by such Contributor as a result of warranty, support, + indemnity or liability terms You offer. You may include additional + disclaimers of warranty and limitations of liability specific to any + jurisdiction. + . + 4. Inability to Comply Due to Statute or Regulation + . + If it is impossible for You to comply with any of the terms of this License + with respect to some or all of the Covered Software due to statute, judicial + order, or regulation then You must: (a) comply with the terms of this License + to the maximum extent possible; and (b) describe the limitations and the code + they affect. Such description must be placed in a text file included with all + distributions of the Covered Software under this License. Except to the + extent prohibited by statute or regulation, such description must be + sufficiently detailed for a recipient of ordinary skill to be able to + understand it. + . + 5. Termination + . + 5.1. The rights granted under this License will terminate automatically if You + fail to comply with any of its terms. However, if You become compliant, + then the rights granted under this License from a particular Contributor + are reinstated (a) provisionally, unless and until such Contributor + explicitly and finally terminates Your grants, and (b) on an ongoing basis, + if such Contributor fails to notify You of the non-compliance by some + reasonable means prior to 60 days after You have come back into compliance. + Moreover, Your grants from a particular Contributor are reinstated on an + ongoing basis if such Contributor notifies You of the non-compliance by + some reasonable means, this is the first time You have received notice of + non-compliance with this License from such Contributor, and You become + compliant prior to 30 days after Your receipt of the notice. + . + 5.2. If You initiate litigation against any entity by asserting a patent + infringement claim (excluding declaratory judgment actions, counter-claims, + and cross-claims) alleging that a Contributor Version directly or + indirectly infringes any patent, then the rights granted to You by any and + all Contributors for the Covered Software under Section 2.1 of this License + shall terminate. + . + 5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user + license agreements (excluding distributors and resellers) which have been + validly granted by You or Your distributors under this License prior to + termination shall survive termination. + . + 6. Disclaimer of Warranty + . + Covered Software is provided under this License on an “as is” basis, without + warranty of any kind, either expressed, implied, or statutory, including, + without limitation, warranties that the Covered Software is free of defects, + merchantable, fit for a particular purpose or non-infringing. The entire + risk as to the quality and performance of the Covered Software is with You. + Should any Covered Software prove defective in any respect, You (not any + Contributor) assume the cost of any necessary servicing, repair, or + correction. This disclaimer of warranty constitutes an essential part of this + License. No use of any Covered Software is authorized under this License + except under this disclaimer. + . + 7. Limitation of Liability + . + Under no circumstances and under no legal theory, whether tort (including + negligence), contract, or otherwise, shall any Contributor, or anyone who + distributes Covered Software as permitted above, be liable to You for any + direct, indirect, special, incidental, or consequential damages of any + character including, without limitation, damages for lost profits, loss of + goodwill, work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses, even if such party shall have been + informed of the possibility of such damages. This limitation of liability + shall not apply to liability for death or personal injury resulting from such + party’s negligence to the extent applicable law prohibits such limitation. + Some jurisdictions do not allow the exclusion or limitation of incidental or + consequential damages, so this exclusion and limitation may not apply to You. + . + 8. Litigation + . + Any litigation relating to this License may be brought only in the courts of + a jurisdiction where the defendant maintains its principal place of business + and such litigation shall be governed by laws of that jurisdiction, without + reference to its conflict-of-law provisions. Nothing in this Section shall + prevent a party’s ability to bring cross-claims or counter-claims. + . + 9. Miscellaneous + . + This License represents the complete agreement concerning the subject matter + hereof. If any provision of this License is held to be unenforceable, such + provision shall be reformed only to the extent necessary to make it + enforceable. Any law or regulation which provides that the language of a + contract shall be construed against the drafter shall not be used to construe + this License against a Contributor. + . + . + 10. Versions of the License + . + 10.1. New Versions + . + Mozilla Foundation is the license steward. Except as provided in Section + 10.3, no one other than the license steward has the right to modify or + publish new versions of this License. Each version will be given a + distinguishing version number. + . + 10.2. Effect of New Versions + . + You may distribute the Covered Software under the terms of the version of + the License under which You originally received the Covered Software, or + under the terms of any subsequent version published by the license + steward. + . + 10.3. Modified Versions + . + If you create software not governed by this License, and you want to + create a new license for such software, you may create and use a modified + version of this License if you rename the license and remove any + references to the name of the license steward (except to note that such + modified license differs from this License). + . + 10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses + If You choose to distribute Source Code Form that is Incompatible With + Secondary Licenses under the terms of this version of the License, the + notice described in Exhibit B of this License must be attached. + . + Exhibit A - Source Code Form License Notice + . + This Source Code Form is subject to the + terms of the Mozilla Public License, v. + 2.0. If a copy of the MPL was not + distributed with this file, You can + obtain one at + http://mozilla.org/MPL/2.0/. + . + If it is not possible or desirable to put the notice in a particular file, then + You may include the notice in a location (such as a LICENSE file in a relevant + directory) where a recipient would be likely to look for such a notice. + . + You may add additional accurate notices of copyright ownership. + . + Exhibit B - “Incompatible With Secondary Licenses” Notice + . + This Source Code Form is “Incompatible + With Secondary Licenses”, as defined by + the Mozilla Public License, v. 2.0. + +License: Cryptoki + License to copy and use this software is granted provided that it is identified + as "RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki)" in all + material mentioning or referencing this software. + . + License is also granted to make and use derivative works provided that such + works are identified as "derived from the RSA Security Inc. PKCS #11 + Cryptographic Token Interface (Cryptoki)" in all material mentioning or + referencing the derived work. + . + RSA Security Inc. makes no representations concerning either the + merchantability of this software or the suitability of this software for any + particular purpose. It is provided "as is" without express or implied warranty + of any kind. + +License: BSD-3-clause-miekg + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + . + * Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + * Neither the name of Miek Gieben nor the names of its contributors may be + used to endorse or promote products derived from this software without + specific prior written permission. + . + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR + ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +License: ISC + Permission to use, copy, modify, and distribute this software for any + purpose with or without fee is hereby granted, provided that the above + copyright notice and this permission notice appear in all copies. + . + THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +License: LGPL-3 + This package is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 3 of the License, or (at your option) any later version. + . + This package is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + . + You should have received a copy of the GNU General Public License + along with this program. If not, see . + . + On Debian systems, the complete text of the GNU Lesser General + Public License can be found in "/usr/share/common-licenses/LGPL-3". diff --git a/debian/docker-doc.docs b/debian/docker-doc.docs new file mode 100644 index 0000000..607bf67 --- /dev/null +++ b/debian/docker-doc.docs @@ -0,0 +1,2 @@ +cli/docs/* +engine/docs/* diff --git a/debian/docker.io.bash-completion b/debian/docker.io.bash-completion new file mode 100644 index 0000000..009937f --- /dev/null +++ b/debian/docker.io.bash-completion @@ -0,0 +1 @@ +cli/contrib/completion/bash/docker diff --git a/debian/docker.io.dirs b/debian/docker.io.dirs new file mode 100644 index 0000000..4d7117b --- /dev/null +++ b/debian/docker.io.dirs @@ -0,0 +1 @@ +etc/docker diff --git a/debian/docker.io.docker.service b/debian/docker.io.docker.service new file mode 100644 index 0000000..2611c71 --- /dev/null +++ b/debian/docker.io.docker.service @@ -0,0 +1,48 @@ +[Unit] +Description=Docker Application Container Engine +Documentation=https://docs.docker.com +After=network-online.target firewalld.service containerd.service +Wants=network-online.target +Requires=docker.socket +Wants=containerd.service + +[Service] +Type=notify +# the default is not to use systemd for cgroups because the delegate issues still +# exists and systemd currently does not support the cgroup feature set required +# for containers run by docker +ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock +ExecReload=/bin/kill -s HUP $MAINPID +TimeoutSec=0 +RestartSec=2 +Restart=always + +# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229. +# Both the old, and new location are accepted by systemd 229 and up, so using the old location +# to make them work for either version of systemd. +StartLimitBurst=3 + +# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230. +# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make +# this option work for either version of systemd. +StartLimitInterval=60s + +# Having non-zero Limit*s causes performance problems due to accounting overhead +# in the kernel. We recommend using cgroups to do container-local accounting. +LimitNOFILE=infinity +LimitNPROC=infinity +LimitCORE=infinity + +# Comment TasksMax if your systemd version does not support it. +# Only systemd 226 and above support this option. +TasksMax=infinity + +# set delegate yes so that systemd does not reset the cgroups of docker containers +Delegate=yes + +# kill only the docker process, not all processes in the cgroup +KillMode=process +OOMScoreAdjust=-500 + +[Install] +WantedBy=multi-user.target diff --git a/debian/docker.io.docker.socket b/debian/docker.io.docker.socket new file mode 100644 index 0000000..9db5049 --- /dev/null +++ b/debian/docker.io.docker.socket @@ -0,0 +1,11 @@ +[Unit] +Description=Docker Socket for the API + +[Socket] +ListenStream=/var/run/docker.sock +SocketMode=0660 +SocketUser=root +SocketGroup=docker + +[Install] +WantedBy=sockets.target diff --git a/debian/docker.io.docs b/debian/docker.io.docs new file mode 100644 index 0000000..073f189 --- /dev/null +++ b/debian/docker.io.docs @@ -0,0 +1 @@ +engine/README.md diff --git a/debian/docker.io.install b/debian/docker.io.install new file mode 100755 index 0000000..0949ac7 --- /dev/null +++ b/debian/docker.io.install @@ -0,0 +1,11 @@ +#!/usr/bin/dh-exec + +# https://github.com/docker/docker-ce/blob/v19.03.2/components/packaging/deb/common/rules#L36 +cli/build/docker => usr/bin/docker +engine/bundles/dynbinary-daemon/dockerd => usr/bin/dockerd +libnetwork/docker-proxy => usr/bin/docker-proxy +tini/build/tini-static => usr/bin/docker-init + +cli/contrib/completion/zsh/_docker usr/share/zsh/vendor-completions/ +engine/contrib/check-config.sh usr/share/docker.io/contrib/ +engine/contrib/nuke-graph-directory.sh usr/share/docker.io/contrib/ diff --git a/debian/docker.io.maintscript b/debian/docker.io.maintscript new file mode 100644 index 0000000..421ce02 --- /dev/null +++ b/debian/docker.io.maintscript @@ -0,0 +1,5 @@ +mv_conffile /etc/bash_completion.d/docker.io /etc/bash_completion.d/docker 1.2.0~ +mv_conffile /etc/default/docker.io /etc/default/docker 1.2.0~ +mv_conffile /etc/init.d/docker.io /etc/init.d/docker 1.2.0~ +mv_conffile /etc/init/docker.io.conf /etc/init/docker.conf 1.2.0~ +rm_conffile /etc/bash_completion.d/docker 1.11.2~ diff --git a/debian/docker.io.manpages b/debian/docker.io.manpages new file mode 100644 index 0000000..4b81866 --- /dev/null +++ b/debian/docker.io.manpages @@ -0,0 +1 @@ +cli/man/man*/* diff --git a/debian/docker.io.postinst b/debian/docker.io.postinst new file mode 100644 index 0000000..68149f5 --- /dev/null +++ b/debian/docker.io.postinst @@ -0,0 +1,109 @@ +#!/bin/sh +set -e + +. /usr/share/debconf/confmodule + +case "$1" in + configure) + if [ -z "$2" ]; then + # make sure the "docker" system group exists for "docker.socket" to apply it as the group on "docker.sock" + if ! getent group docker > /dev/null 2>&1; then + addgroup --system docker + fi + fi + + # Ensure config directory permissions + # On a fresh install, $2 = '' and dpkg "le-nl" treat that as a + # greater version, so the body is not executed. + if dpkg --compare-versions "$2" le-nl '1.11.2~ds1-1'; then + if [ "$(stat -c '%a' /etc/docker)" = '700' ]; then + chmod 0755 /etc/docker + fi + fi + + # ZFS handling: create a dedicated ZFS docker dataset to handle all children containers in a single, + # persistent, place. + # Also check if zfs executable exists and if it is in $PATH. + # The zfs command is provided by zfs-fuse | zfsutils and they + # are runtime Suggested dependencies which means they are not + # necessarily available during configuration time (LP: #1910133). + if [ -x "$(command -v zfs)" ] && modinfo zfs >/dev/null 2>&1; then + # if there is no mountpoint /var/lib/docker: + # 1: create /var/lib/docker if doesn’t exist (zfs mount?) + # /var/lib with canmount off if doesn’t exist + # /var with canmount off if doesn’t exist + rpool="$(zfs mount | awk '$2=="/" {print $1}'| cut -d/ -f1)" + + if [ -n "$rpool" ]; then + dockermnt="$(findmnt -n -o SOURCE /var/lib/docker || true)" + + # Create /var/lib/docker if doesn’t exist + if echo "$dockermnt" | grep -qE '^$|/ROOT/'; then + zfs create -o canmount=off "$rpool"/var 2>/dev/null || true + zfs create -o canmount=off "$rpool"/var/lib 2>/dev/null || true + if dpkg --compare-versions "$2" le-nl '19.03.8-0ubuntu2'; then + invoke-rc.d docker stop || true + mv /var/lib/docker /var/lib/docker.migrating + fi + zfs create "$rpool"/var/lib/docker 2>/dev/null || true + dockermnt="$rpool"/var/lib/docker + fi + + if dpkg --compare-versions "$2" le-nl '19.03.8-0ubuntu2'; then + mv /var/lib/docker.migrating/* /var/lib/docker/ + rmdir /var/lib/docker.migrating/ + # Migrate datasets + for dataset in $(zfs list -H -t filesystem -o name,mountpoint,canmount -r "$rpool"/ROOT | grep -E "/var/lib/[0-9a-f]{64}(-init)?\slegacy\son" | cut -f1); do + dockerid=${dataset##*/} + zfs rename "$dataset" "$dockermnt/$dockerid" || true + done + # Purge their zsys history datasets + for dataset in $(zfs list -H -t snapshot -o name -r "$rpool"/var/lib/docker | grep "@autozsys_"); do + zfs destroy -R "$dataset" || true + done + invoke-rc.d docker start || true + fi + fi + fi + + ;; + abort-*) + # How'd we get here?? + exit 1 + ;; + *) + ;; +esac + +# restart Docker if it's running (thus this is an upgrade) and the user (via debconf) tells us they're OK with that +db_version 2.0 +db_fset docker.io/restart seen false +if [ -n "$2" ] && [ "$1" = 'configure' ] && { + # either: + # - we're doing "dpkg-reconfigure" (and thus need to "db_input" to make sure users can change their answer between installs/upgrades) + # - we're doing install/upgrade and Docker is running (and thus it matters whether or not the user wants us to restart Docker for them) + [ -n "${DEBCONF_RECONFIGURE:-}" ] \ + || invoke-rc.d --disclose-deny docker status > /dev/null 2>&1 +}; then + db_input high docker.io/restart || : + db_go || : + if [ -z "${DEBCONF_RECONFIGURE:-}" ]; then + # only perform the actual restart if we're doing install/upgrade (not during interactive "dpkg-reconfigure") + db_get docker.io/restart + if [ "$RET" = 'true' ]; then + # Docker daemon appears to be running and should be restarted + invoke-rc.d docker restart || : + fi + fi +fi +db_stop + +#DEBHELPER# + +# because we had to use "dh_installinit --no-start", we get to make sure the daemon is started on first install (and upgrades thereafter, if it isn't running) +# (this is adapted from debhelper's "autoscripts/postinst-init") +if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ]; then + if [ -z "${DEBCONF_RECONFIGURE:-}" ] && ! invoke-rc.d docker status > /dev/null 2>&1 ; then + invoke-rc.d docker start || : + fi +fi diff --git a/debian/docker.io.postrm b/debian/docker.io.postrm new file mode 100644 index 0000000..f01f7c7 --- /dev/null +++ b/debian/docker.io.postrm @@ -0,0 +1,17 @@ +#!/bin/sh +set -e + +#DEBHELPER# + +case "$1" in + purge) + # if we have our saved "nuke-graph-directory.sh", let's use it + # see also docker.io.prerm + if [ -x /var/lib/docker/nuke-graph-directory.sh ]; then + /var/lib/docker/nuke-graph-directory.sh /var/lib/docker + fi + ;; + + *) + ;; +esac diff --git a/debian/docker.io.preinst b/debian/docker.io.preinst new file mode 100644 index 0000000..8edefd8 --- /dev/null +++ b/debian/docker.io.preinst @@ -0,0 +1,10 @@ +#!/bin/sh +set -e + +if [ -e "/var/lib/docker/aufs" ]; then + echo "The aufs storage-driver is no longer supported." + echo "Please ensure that none of your containers are" + echo "using the aufs storage driver, remove the directory" + echo "/var/lib/docker/aufs and try again." + exit 1 +fi diff --git a/debian/docker.io.prerm b/debian/docker.io.prerm new file mode 100644 index 0000000..3f40bd7 --- /dev/null +++ b/debian/docker.io.prerm @@ -0,0 +1,29 @@ +#!/bin/sh +set -e + +case "$1" in + remove) + # if we're removing, we need to save "nuke-graph-directory.sh" so that + # we can still purge "/var/lib/docker" later if necessary + # see also docker.io.postrm + if \ + [ -d /var/lib/docker ] \ + && [ -x /usr/share/docker.io/contrib/nuke-graph-directory.sh ] \ + ; then + if cp -v /usr/share/docker.io/contrib/nuke-graph-directory.sh /var/lib/docker/; then + chmod +x /var/lib/docker/nuke-graph-directory.sh || : + fi + fi + ;; + + *) + ;; +esac + +#DEBHELPER# + +# because we had to use "dh_installinit --no-start", we get to make sure the daemon is stopped on uninstall +# (this is adapted from debhelper's "autoscripts/prerm-init-norestart") +if [ "$1" = remove ]; then + invoke-rc.d docker stop +fi diff --git a/debian/docker.io.templates b/debian/docker.io.templates new file mode 100644 index 0000000..f64a585 --- /dev/null +++ b/debian/docker.io.templates @@ -0,0 +1,14 @@ +Template: docker.io/restart +Type: boolean +Default: false +Description: Automatically restart Docker daemon? + If Docker is upgraded without restarting the Docker daemon, Docker will often + have trouble starting new containers, and in some cases even maintaining the + containers it is currently running. See https://launchpad.net/bugs/1658691 for + an example of this breakage. + . + Normally, upgrading the package would simply restart the associated daemon(s). + In the case of the Docker daemon, that would also imply stopping all running + containers (which will only be restarted if they're part of a "service", have + an appropriate restart policy configured, or have some other means of being + restarted such as an external systemd unit). diff --git a/debian/gbp.conf b/debian/gbp.conf new file mode 100644 index 0000000..b465658 --- /dev/null +++ b/debian/gbp.conf @@ -0,0 +1,15 @@ +[DEFAULT] +cleaner = fakeroot debian/rules clean +pristine-tar = True +merge = False +debian-tag = %(version)s + +[git-buildpackage] +export-dir = ../build-area/ +tarball-dir = ../tarballs/ + +[dch] +id-length = 0 +meta = True +auto = True +full = True diff --git a/debian/golang-github-docker-docker-dev.install b/debian/golang-github-docker-docker-dev.install new file mode 100755 index 0000000..5e9741b --- /dev/null +++ b/debian/golang-github-docker-docker-dev.install @@ -0,0 +1,23 @@ +#!/usr/bin/dh-exec + +engine/api usr/share/gocode/src/github.com/docker/docker/ +engine/client usr/share/gocode/src/github.com/docker/docker/ +engine/dockerversion usr/share/gocode/src/github.com/docker/docker/ +engine/errdefs usr/share/gocode/src/github.com/docker/docker/ +engine/image usr/share/gocode/src/github.com/docker/docker/ +engine/oci usr/share/gocode/src/github.com/docker/docker/ +engine/opts usr/share/gocode/src/github.com/docker/docker/ +engine/pkg usr/share/gocode/src/github.com/docker/docker/ +engine/registry usr/share/gocode/src/github.com/docker/docker/ +engine/rootless usr/share/gocode/src/github.com/docker/docker/ +engine/vendor usr/share/gocode/src/github.com/docker/docker/ +cli/cli usr/share/gocode/src/github.com/docker/cli/ +cli/opts usr/share/gocode/src/github.com/docker/cli/ +libnetwork/datastore usr/share/gocode/src/github.com/docker/libnetwork/ +libnetwork/discoverapi usr/share/gocode/src/github.com/docker/libnetwork/ +libnetwork/ipamutils usr/share/gocode/src/github.com/docker/libnetwork/ +libnetwork/ns usr/share/gocode/src/github.com/docker/libnetwork/ +libnetwork/options usr/share/gocode/src/github.com/docker/libnetwork/ +libnetwork/resolvconf usr/share/gocode/src/github.com/docker/libnetwork/ +libnetwork/testutils usr/share/gocode/src/github.com/docker/libnetwork/ +libnetwork/types usr/share/gocode/src/github.com/docker/libnetwork/ diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..3a7a2cc --- /dev/null +++ b/debian/rules @@ -0,0 +1,133 @@ +#!/usr/bin/make -f +# -*- makefile -*- + +include /usr/share/dpkg/pkg-info.mk + +export VERSION := $(DEB_VERSION_UPSTREAM) + +export DOCKER_GITCOMMIT := $(DEB_VERSION) + +# temporary build path (see http://golang.org/doc/code.html#GOPATH) +OUR_GOPATH := $(CURDIR)/.gopath +export GOPATH := $(OUR_GOPATH) +export GOCACHE := $(CURDIR)/.gocache + +# https://blog.golang.org/go116-module-changes (TODO figure out a new solution for Go 1.17+) +export GO111MODULE := auto + +# AppArmor can be optionally used in Debian and is there by default in Ubuntu, so we need support for it compiled into our binary +# same story with SELinux +export DOCKER_BUILDTAGS := apparmor seccomp selinux + +ifneq (,$(filter parallel=%, $(DEB_BUILD_OPTIONS))) + NUMJOBS := $(patsubst parallel=%, %, $(filter parallel=%, $(DEB_BUILD_OPTIONS))) + MAKEFLAGS += -j '$(NUMJOBS)' +endif + +override_dh_gencontrol: + # if we're on Ubuntu, we need to Recommends: apparmor + echo 'apparmor:Recommends=$(shell dpkg-vendor --is Ubuntu && echo apparmor)' >> debian/docker.io.substvars + echo 'libc:Built-Using=$(shell dpkg-query -f '$${source:Package} (= $${source:Version})' -W libc-dev-bin)' >> debian/docker.io.substvars + # use "dh_golang" to generate "misc:Built-Using" (via "go list") + DH_GOLANG_BUILDPKG=' \ + -tags "$(DOCKER_BUILDTAGS)" \ + github.com/docker/docker/cmd/dockerd \ + github.com/docker/cli/cmd/docker \ + github.com/docker/libnetwork/cmd/proxy \ + ' dh_golang --builddirectory='$(OUR_GOPATH:$(CURDIR)/%=%)' + dh_gencontrol + +override_dh_auto_configure: + # set up GOPATH symlink farm + # libnetwork + mkdir -p '$(OUR_GOPATH)/src/github.com/docker' + ln -sfT '$(CURDIR)/libnetwork' '$(OUR_GOPATH)/src/github.com/docker/libnetwork' + # cli + mkdir -p '$(OUR_GOPATH)/src/github.com/docker' + ln -sfT '$(CURDIR)/cli' '$(OUR_GOPATH)/src/github.com/docker/cli' + # engine + mkdir -p '$(OUR_GOPATH)/src/github.com/docker' + ln -sfT '$(CURDIR)/engine' '$(OUR_GOPATH)/src/github.com/docker/docker' + +override_dh_auto_build: _build-tini _build-proxy _build-cli _build-manpages _build-engine + @# + +# several "supporting binaries" need to be built and installed +# (https://github.com/docker/docker-ce/tree/v19.03.6/components/engine/hack/dockerfile/install) + +_build-tini: # (docker-init) + mkdir -p tini/build + cd tini/build \ + && cmake .. \ + && make tini-static + +_build-proxy: # (from libnetwork) + go build -o libnetwork/docker-proxy github.com/docker/libnetwork/cmd/proxy + +_build-cli: + DISABLE_WARN_OUTSIDE_CONTAINER=1 \ + make -C cli \ + LDFLAGS='' \ + VERSION='$(VERSION)' \ + GITCOMMIT='$(DOCKER_GITCOMMIT)' \ + dynbinary + +# https://github.com/docker/docker-ce/blob/v19.03.6/components/cli/scripts/docs/generate-man.sh +# (replacing hard-coded "/tmp/gen-manpages" with "debian/tmp/gen-manpages") +_build-manpages: + cd '$(OUR_GOPATH)/src/github.com/docker/cli' \ + && export PATH='$(OUR_GOPATH)/bin':"$$PATH" \ + && sed 's!/tmp/gen-manpages!$(CURDIR)/debian/tmp/gen-manpages!g' scripts/docs/generate-man.sh \ + && sed 's!/go/bin/go-md2man!$(OUR_GOPATH)/bin/go-md2man!g' scripts/docs/generate-man.sh \ + | bash + +_build-engine: + cd engine \ + && PRODUCT=docker ./hack/make.sh dynbinary + +# basic smoke test to ensure binaries built successfully +# (especially since their actual tests are *really* involved) +override_dh_auto_test: + # tini + ./tini/build/tini-static --version + # cli + ./cli/build/docker --version + # engine + ./engine/bundles/dynbinary-daemon/dockerd --version + +override_dh_strip: + # Go has lots of problems with stripping, so just don't + +override_dh_auto_install: + # we use dh_install / dh-exec for installing files where they need to be + +# "--no-start" because we have a debconf prompt to determine whether to restart during upgrades +# (which means we get to handle both "start" and "stop" ourselves too) +override_dh_installinit: + dh_installinit --name=docker --no-start + +override_dh_installsystemd: + # We take care of determining whether the docker.io service should be + # restarted during upgrades or not ourselves, based on the debconf + # choice made by the user during installation. For this reason, we + # invoke dh_installsystemd with "--no-stop-on-upgrade" in order + # to avoid indiscriminately stopping the service during upgrades. + dh_installsystemd --name=docker --no-start -pdocker.io --no-stop-on-upgrade docker.service + dh_installsystemd --name=docker --no-start -pdocker.io --no-stop-on-upgrade docker.socket + +override_dh_installudev: + # use priority z80 to match the upstream priority of 80 + dh_installudev --priority=z80 + +override_dh_install: + dh_install + dh_apparmor --profile-name=docker.io -pdocker.io + +override_dh_shlibdeps: + dh_shlibdeps --dpkg-shlibdeps-params=--ignore-missing-info + +override_dh_auto_clean: + @# stop debhelper from doing "make clean" + +%: + dh $@ --with=bash-completion diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 0000000..163aaf8 --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/debian/source/options b/debian/source/options new file mode 100644 index 0000000..c13ea03 --- /dev/null +++ b/debian/source/options @@ -0,0 +1 @@ +create-empty-orig diff --git a/debian/tests/basic-smoke b/debian/tests/basic-smoke new file mode 100755 index 0000000..08d7524 --- /dev/null +++ b/debian/tests/basic-smoke @@ -0,0 +1,20 @@ +#!/bin/bash + +. debian/tests/common + +defer 'journalctl -u docker | tail' + +# make sure Docker itself is working before we go too deep down the rabbit hole +docker version + +debootstrap \ + --variant=minbase \ + stable \ + "$tempDir" \ + http://httpredir.debian.org/debian + +tar -cC "$tempDir" . | docker import - debian +defer 'docker rmi debian' + +docker run --name test debian true +defer 'docker rm -f test' diff --git a/debian/tests/common b/debian/tests/common new file mode 100644 index 0000000..4115bca --- /dev/null +++ b/debian/tests/common @@ -0,0 +1,16 @@ +set -eux +set -o pipefail + +exitTraps=( 'true' ) +doExit() { + for exitTrap in "${exitTraps[@]}"; do + eval "$exitTrap" || true + done +} +trap 'doExit' EXIT +defer() { + exitTraps=( "$@" "${exitTraps[@]}" ) +} + +tempDir="$(mktemp -d)" +defer "rm -rf '$tempDir'" diff --git a/debian/tests/control b/debian/tests/control new file mode 100644 index 0000000..0b99d9f --- /dev/null +++ b/debian/tests/control @@ -0,0 +1,11 @@ +Tests: basic-smoke +Depends: debian-archive-keyring, debootstrap, @ +Restrictions: allow-stderr isolation-machine needs-root + +Tests: docker-in-lxd +Depends: dctrl-tools, lxd +Restrictions: allow-stderr isolation-machine needs-root + +#Tests: integration +#Depends: ca-certificates, curl, git, golang-check.v1-dev, jq, @, @builddeps@ +#Restrictions: allow-stderr isolation-machine needs-root rw-build-tree diff --git a/debian/tests/docker-in-lxd b/debian/tests/docker-in-lxd new file mode 100755 index 0000000..c793caf --- /dev/null +++ b/debian/tests/docker-in-lxd @@ -0,0 +1,219 @@ +#!/bin/bash + +. debian/tests/common + +arch=$(dpkg --print-architecture) +release=$(lsb_release -rs) +suite=$(lsb_release -cs) + +if [ "$arch" = "i386" -a "$release" \> "19.04" ]; then + exit 0 +fi + +# This stolen from lxd's debconf magic. +random_ipv4() { + while :; do + SUBNET="10.$(shuf -i 1-255 -n 1).$(shuf -i 0-255 -n 1)" + + # Check if well known + if [ "${SUBNET}" = "10.10.10" ]; then + continue + fi + + # Check if used locally + if ip -4 route show | grep -q ${SUBNET}; then + continue + fi + + # Attempt to see if used behind the gateway + if ping -n -q ${SUBNET}.1 -c 1 -W 1 >/dev/null 2>&1; then + continue + fi + + if ping -n -q ${SUBNET}.254 -c 1 -W 1 >/dev/null 2>&1; then + continue + fi + + break + done + + echo ${SUBNET} +} + +# Detect LXD API extensions +lxd_extension() { + lxc info | grep -q "^\- ${1}$" +} + +# Copy the local apt package archive over to the lxd container. +# This function assumes that the container is named "docker". +copy_local_apt_files() { + for local_source in $(apt-get indextargets | grep-dctrl -F URI -e '^file:/' -sURI); do + local_source=${local_source#file:} + local_dir=$(dirname "${local_source}") + lxc exec docker -- mkdir -p "${local_dir}" + tar -cC "${local_dir}" . | lxc exec docker -- tar -xC "${local_dir}" + done +} + +time lxd waitready --timeout 600 + +# Attempt to auto-configure ipv4, but only when really running under +# autopkgtest. +if [ -n "${AUTOPKGTEST_TMP:-}" ]; then + lxd init --auto + if lxd_extension "network"; then + if ! lxc profile device list default | grep -q eth0; then + lxc network create adt-br0 + lxc network attach-profile adt-br0 default eth0 + fi + else + sleep 10 + systemctl stop lxd-bridge + SUBNET=$(random_ipv4) + cat < /etc/default/lxd-bridge +USE_LXD_BRIDGE="true" +LXD_BRIDGE="lxdbr0" +UPDATE_PROFILE="true" +LXD_IPV4_ADDR="${SUBNET}.1" +LXD_IPV4_NETMASK="255.255.255.0" +LXD_IPV4_NETWORK="${SUBNET}.1/24" +LXD_IPV4_DHCP_RANGE="${SUBNET}.2,${SUBNET}.254" +LXD_IPV4_DHCP_MAX="252" +LXD_IPV4_NAT="true" +LXD_IPV6_ADDR="" +LXD_IPV6_MASK="" +LXD_IPV6_NETWORK="" +LXD_IPV6_NAT="false" +LXD_IPV6_PROXY="false" +EOF + systemctl start lxd-bridge + fi +fi + +if [ -n "${http_proxy:-}" ]; then + lxc config set core.proxy_http $http_proxy +fi +if [ -n "${https_proxy:-}" ]; then + lxc config set core.proxy_https $https_proxy +fi +if [ -n "${noproxy:-}" ]; then + lxc config set core.proxy_ignore_hosts $noproxy +fi + +lxc launch ubuntu-daily:${suite}/${arch} docker -c security.nesting=true + +defer 'lxc delete --force docker' + +# autopkgtest will have done some complicated things to ensure that "apt +# install docker.io" installs the version that should be tested in the +# host. But we want to test that version of docker in the container, so +# replace the entire apt configuration of the container with that of the host +# (after waiting for cloud-init to avoid racing with its attempts to rewrite +# the apt config). +lxc exec docker -- cloud-init status --wait +lxc exec docker -- rm -rf /etc/apt +lxc exec docker -- mkdir /etc/apt +tar -cC /etc/apt . | lxc exec docker -- tar -xC /etc/apt + +copy_local_apt_files + +if [ -n "${http_proxy:-}" ]; then + lxc exec docker -- mkdir -p /etc/systemd/system/docker.service.d + cat <