MIRRORS/meta-virtualization
1
0
Fork 0
mirror of git://git.yoctoproject.org/meta-virtualization.git synced 2025-07-19 12:50:22 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

docker engine not running

Browse Source 
In yocto builds, preprocessing of binaries can happen after the install
phase.  Some of these can modify the size/sha1sum of the binaries.
e.g. A new .gnu_debuglink can happen

docker will not start because of these modifications. Docker initially
does a sha1sum of dockerinit to identify the dockerinit that it was built
with, this is done for security and for compatibility reasons. Since
this checking is disabled, we should rely on rpm tests for validation
of the binary instead.

Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
This commit is contained in:
Amy Fong 2015-04-09 14:19:48 -04:00 committed by Bruce Ashfield
parent 23e15f52a0
commit 960aff31ba
2 changed files with 58 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
recipes-containers/docker/docker_git.bb
View File

@ -24,6 +24,7 @@ SRC_URI = "\
file://docker.service \
file://docker.init \
file://hi.Dockerfile \
file://disable_sha1sum_startup.patch \
"
# The golang-cross embeds a compiler invocation for the pre-parser

57
recipes-containers/docker/files/disable_sha1sum_startup.patch Normal file
View File

@ -0,0 +1,57 @@
docker engine not running
In yocto builds, preprocessing of binaries can happen after the install phase.
Some of these can modify the size/sha1sum of the binaries.
e.g. A new .gnu_debuglink can happen
docker will not start because of these modifications. Docker initially
does a sha1sum of dockerinit to identify the dockerinit that it was built
with, this is done for security and for compatibility reasons. Since
this checking is disabled, we should rely on rpm tests for validation
of the binary instead.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
---
utils/utils.go | 17 +----------------
1 file changed, 1 insertion(+), 16 deletions(-)
--- a/utils/utils.go
+++ b/utils/utils.go
@@ -4,7 +4,6 @@
"bufio"
"bytes"
"crypto/rand"
- "crypto/sha1"
"crypto/sha256"
"encoding/hex"
"fmt"
@@ -76,20 +75,6 @@
return path
}
-func dockerInitSha1(target string) string {
- f, err := os.Open(target)
- if err != nil {
- return ""
- }
- defer f.Close()
- h := sha1.New()
- _, err = io.Copy(h, f)
- if err != nil {
- return ""
- }
- return hex.EncodeToString(h.Sum(nil))
-}
-
func isValidDockerInitPath(target string, selfPath string) bool { // target and selfPath should be absolute (InitPath and SelfPath already do this)
if target == "" {
return false
@@ -111,7 +96,7 @@
}
return os.SameFile(targetFileInfo, selfPathFileInfo)
}
- return dockerversion.INITSHA1 != "" && dockerInitSha1(target) == dockerversion.INITSHA1
+ return true
}
// Figure out the path of our dockerinit (which may be SelfPath())