Commit Graph

9209 Commits

Author SHA1 Message Date
David Karlsson 259aa90059 docs: rewrite section on filesystem mounts
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-12 10:44:07 +01:00
David Karlsson 52716c813b docs: move --tmpfs to docker run reference
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-12 10:44:07 +01:00
David Karlsson 5ede4c82ac docs: minor improvements to the healthcheck section
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-12 10:44:07 +01:00
David Karlsson 7585d66a07 docs: rewrite section on overriding environment variables
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-12 10:44:07 +01:00
David Karlsson 3eeac20593 docs: rewrite section on exposing ports
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-12 10:44:01 +01:00
David Karlsson b01e287527 docs: rewrite section on default entrypoint
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:18:53 +01:00
David Karlsson c695ad9d74 docs: rewrite section on overriding image defaults
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:18:53 +01:00
David Karlsson 4a6cde8859 docs: move --log-driver to docker run reference
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:18:51 +01:00
David Karlsson 72df1960e1 docs: move --cgroup-parent to docker run reference
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:17:21 +01:00
David Karlsson 9e75a4cf61 docs: move --init to docker run reference
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:17:21 +01:00
David Karlsson 92c664b0dc docs: move info about --security-opt to docker run reference
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:17:21 +01:00
David Karlsson f98444490f docs: move --rm to docker run reference
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:17:21 +01:00
David Karlsson 32189ca273 docs: improve description about container exit codes
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:17:21 +01:00
David Karlsson dbffa0d121 docs: move --restart to docker run reference
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:17:21 +01:00
David Karlsson 73620975d0 docs: simplify container networking intro
Create an easier to digest introduction to container networking,
move the bulk of information to the networking overview page.

Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:17:21 +01:00
David Karlsson 5dd6e9a4d4 docs: move --ipc to docker run reference
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:17:21 +01:00
David Karlsson ff62bf47b0 docs: move --uts to docker run reference
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:17:21 +01:00
David Karlsson d66fe78810 docs: move --pid to docker run reference
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:17:21 +01:00
David Karlsson 03dc8832ed docs: improve docs on container identification
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:17:21 +01:00
David Karlsson fad227d3fd docs: move info about fg/bg flags to run reference
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:17:21 +01:00
David Karlsson 2f48f41fcb docs: improve introduction to docker run
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:17:21 +01:00
Sebastiaan van Stijn 4dd5c23d6e
Merge pull request #4663 from robmry/4648-clearer_ipv6_in_add-host
Permit '=' separator and '[ipv6]' in --add-host
2023-12-11 16:40:58 +01:00
Sebastiaan van Stijn 623d9b1f68
Merge pull request #4703 from thaJeztah/update_deprecations
docs/deprecated.md: add missing versions for  "-g / --graph" and devicemapper removal to table
2023-12-08 13:02:52 +01:00
Sebastiaan van Stijn 3f519b8241
docs/deprecated.md: add version for "-g" / "--graph" removal
commit 304c100ed2 updated the deprecation
status for these options, but forgot to update the status in the table.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-07 22:34:38 +01:00
Sebastiaan van Stijn 6dc92b6678
docs/deprecate.md: add version for devicemapper removal to table
commit 5d6612798a updated the deprecation
status for devicemapper to "removed", but forgot to update the status
in the table.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-07 22:30:28 +01:00
robmry a682b8e655 Permit '=' separator and '[ipv6]' in --add-host
Fixes #4648

Make it easier to specify IPv6 addresses in the '--add-host' option by
permitting 'host=ip' in addition to 'host:ip', and allowing square
brackets around the address.

For example:

    --add-host=my-hostname:127.0.0.1
    --add-host=my-hostname:::1
    --add-host=my-hostname=::1
    --add-host=my-hostname:[::1]

To avoid compatibility problems, the CLI will replace an '=' separator
with ':', and strip brackets, before sending the request to the API.

Signed-off-by: Rob Murray <rob.murray@docker.com>
2023-12-07 18:29:19 +00:00
Sebastiaan van Stijn af23916995
Merge pull request #4701 from docker/dependabot/github_actions/actions/setup-go-5
build(deps): bump actions/setup-go from 4 to 5
2023-12-07 17:42:18 +01:00
dependabot[bot] 626e64ccfd
build(deps): bump actions/setup-go from 4 to 5
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-07 08:17:34 +00:00
Sebastiaan van Stijn 73ef44fbdb
Merge pull request #4697 from thaJeztah/bump_engine
vendor: github.com/docker/docker 4046ae5e2fd4 (v25.0.0-dev)
2023-12-06 15:00:48 +01:00
Sebastiaan van Stijn 0cf7bff0be
vendor: github.com/docker/docker 4046ae5e2fd4 (v25.0.0-dev)
full diff: 029519a149...4046ae5e2f

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-06 02:06:38 +01:00
Sebastiaan van Stijn cddd1869a8
Merge pull request #4694 from thaJeztah/update_golang_1.21.5
update to go1.21.5
2023-12-06 00:41:55 +01:00
Sebastiaan van Stijn c47141bde0
Merge pull request #4684 from dvdksn/fix-build-prune-cache-warn
prune: fix build cache prune warning
2023-12-06 00:18:19 +01:00
Sebastiaan van Stijn bdb45a9c2d
update to go1.21.5
go1.21.5 (released 2023-12-05) includes security fixes to the go command,
and the net/http and path/filepath packages, as well as bug fixes to the
compiler, the go command, the runtime, and the crypto/rand, net, os, and
syscall packages. See the Go 1.21.5 milestone on our issue tracker for
details:

- https://github.com/golang/go/issues?q=milestone%3AGo1.21.5+label%3ACherryPickApproved
- full diff: https://github.com/golang/go/compare/go1.21.5...go1.21.5

from the security mailing:

[security] Go 1.21.5 and Go 1.20.12 are released

Hello gophers,

We have just released Go versions 1.21.5 and 1.20.12, minor point releases.

These minor releases include 3 security fixes following the security policy:

- net/http: limit chunked data overhead

  A malicious HTTP sender can use chunk extensions to cause a receiver
  reading from a request or response body to read many more bytes from
  the network than are in the body.

  A malicious HTTP client can further exploit this to cause a server to
  automatically read a large amount of data (up to about 1GiB) when a
  handler fails to read the entire body of a request.

  Chunk extensions are a little-used HTTP feature which permit including
  additional metadata in a request or response body sent using the chunked
  encoding. The net/http chunked encoding reader discards this metadata.
  A sender can exploit this by inserting a large metadata segment with
  each byte transferred. The chunk reader now produces an error if the
  ratio of real body to encoded bytes grows too small.

  Thanks to Bartek Nowotarski for reporting this issue.

  This is CVE-2023-39326 and Go issue https://go.dev/issue/64433.

- cmd/go: go get may unexpectedly fallback to insecure git

  Using go get to fetch a module with the ".git" suffix may unexpectedly
  fallback to the insecure "git://" protocol if the module is unavailable
  via the secure "https://" and "git+ssh://" protocols, even if GOINSECURE
  is not set for said module. This only affects users who are not using
  the module proxy and are fetching modules directly (i.e. GOPROXY=off).

  Thanks to David Leadbeater for reporting this issue.

  This is CVE-2023-45285 and Go issue https://go.dev/issue/63845.

- path/filepath: retain trailing \ when cleaning paths like \\?\c:\

  Go 1.20.11 and Go 1.21.4 inadvertently changed the definition of the
  volume name in Windows paths starting with \\?\, resulting in
  filepath.Clean(\\?\c:\) returning \\?\c: rather than \\?\c:\ (among
  other effects). The previous behavior has been restored.

  This is an update to CVE-2023-45283 and Go issue https://go.dev/issue/64028.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-05 23:53:29 +01:00
Sebastiaan van Stijn afc62d8d1c
update to go1.21.4
Reverts "update to go1.21.4" due to regressions / breaking changes."

This reverts commit 4cf1c50ad1.
This re-applies commit 6472dabe4c.

----

update to go1.21.4

go1.21.4 (released 2023-11-07) includes security fixes to the path/filepath package, as well as bug fixes to the linker, the runtime, the compiler, and the go/types, net/http, and runtime/cgo packages. See the Go 1.21.4 milestone on our issue tracker for details:

- https://github.com/golang/go/issues?q=milestone%3AGo1.21.4+label%3ACherryPickApproved
- full diff: https://github.com/golang/go/compare/go1.21.3...go1.21.4

from the security mailing:

[security] Go 1.21.4 and Go 1.20.11 are released

Hello gophers,

We have just released Go versions 1.21.4 and 1.20.11, minor point releases.

These minor releases include 2 security fixes following the security policy:

- path/filepath: recognize `\??\` as a Root Local Device path prefix.

  On Windows, a path beginning with `\??\` is a Root Local Device path equivalent
  to a path beginning with `\\?\`. Paths with a `\??\` prefix may be used to
  access arbitrary locations on the system. For example, the path `\??\c:\x`
  is equivalent to the more common path c:\x.

  The filepath package did not recognize paths with a `\??\` prefix as special.

  Clean could convert a rooted path such as `\a\..\??\b` into
  the root local device path `\??\b`. It will now convert this
  path into `.\??\b`.

  `IsAbs` did not report paths beginning with `\??\` as absolute.
  It now does so.

  VolumeName now reports the `\??\` prefix as a volume name.

  `Join(`\`, `??`, `b`)` could convert a seemingly innocent
  sequence of path elements into the root local device path
  `\??\b`. It will now convert this to `\.\??\b`.

  This is CVE-2023-45283 and https://go.dev/issue/63713.

- path/filepath: recognize device names with trailing spaces and superscripts

  The `IsLocal` function did not correctly detect reserved names in some cases:

  - reserved names followed by spaces, such as "COM1 ".
  - "COM" or "LPT" followed by a superscript 1, 2, or 3.

  `IsLocal` now correctly reports these names as non-local.

  This is CVE-2023-45284 and https://go.dev/issue/63713.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-05 23:52:56 +01:00
David Karlsson 8bbc97c867 prune: fix build cache prune warning
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-05 20:11:15 +01:00
Sebastiaan van Stijn 0acee94354
Merge pull request #4687 from TheRealGramdalf/dockerd-ref-patch
Fix typo in dockerd reference documentation
2023-12-03 14:50:41 +01:00
TheRealGramdalf e93ec2f6a6 Fix typo in dockerd reference documentation
Signed-off-by: Graeme Wiebe <graeme.wiebe@gmail.com>
2023-12-02 15:18:27 -08:00
Sebastiaan van Stijn ecf9bd3870
Merge pull request #4686 from thaJeztah/update_engine2
vendor: github.com/docker/docker 029519a1498b (v25.0.0-dev)
2023-12-01 16:45:05 +01:00
Sebastiaan van Stijn f807c9494b
Merge pull request #4690 from thaJeztah/bump_mux
vendor: github.com/gorilla/mux v1.8.1
2023-12-01 16:44:41 +01:00
Sebastiaan van Stijn 5a04708880
vendor: github.com/docker/docker 029519a1498b (v25.0.0-dev)
full diff: cfdca8dc1d...029519a149

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-01 16:32:47 +01:00
Sebastiaan van Stijn aa9fdb4dd0
vendor: github.com/gorilla/mux v1.8.1
full diff: https://github.com/gorilla/mux/compare/v1.8.0...v1.8.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-01 16:12:20 +01:00
Sebastiaan van Stijn 0c46ef0c3a
Merge pull request #4689 from perlun/patch-1
exec.md: remove misleading part
2023-12-01 14:52:22 +01:00
Per Lundberg a431b1dda6
exec.md: remove misleading part
"By default" implies that this is something which could be
disabled for an individual `docker exec` call. This doesn't seem
to be the case, so removing the "by default" part would make
these docs clearer to me.

Signed-off-by: Per Lundberg <per.lundberg@hibox.tv>
2023-12-01 15:32:41 +02:00
Sebastiaan van Stijn c1455b6751
Merge pull request #4683 from thaJeztah/remove_ce_ee
Readme: remove reference to "Docker EE"
2023-11-28 12:52:36 +01:00
Sebastiaan van Stijn 654ff3ae00
Merge pull request #4681 from thaJeztah/noraw
docs: remove "{% raw %}" / "{% endraw %}" Jekyl (liquid) leftovers
2023-11-28 10:25:31 +01:00
Sebastiaan van Stijn b62b5d48f2
Readme: remove reference to "Docker EE"
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-28 10:23:11 +01:00
Sebastiaan van Stijn 48e889023f
Merge pull request #4679 from thaJeztah/fix_flag_typo
docs/man: fix -name flag with single hyphen
2023-11-27 22:12:05 +01:00
Sebastiaan van Stijn 354f62f0c5
docs: reference/commandlin/cli: remove redundant italic
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-27 22:05:49 +01:00
Sebastiaan van Stijn e2626200aa
docs: remove "{% raw %}" / "{% endraw %}" Jekyl (liquid) leftovers
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-27 22:05:39 +01:00
Sebastiaan van Stijn 174cbb588f
docs/man: fix -name flag with single hyphen
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-27 20:58:55 +01:00