Index: sysutils/docker-freebsd/Makefile =================================================================== --- sysutils/docker-freebsd/Makefile +++ sysutils/docker-freebsd/Makefile @@ -1,39 +1,28 @@ -# Created by: kmoore@FreeBSD.org # $FreeBSD$ PORTNAME= docker-freebsd -PORTVERSION= 20150625 -PORTREVISION= 2 +DISTVERSIONPREFIX= v +DISTVERSION= 19.03.2 CATEGORIES= sysutils MAINTAINER= joneum@FreeBSD.org -COMMENT= Docker containment system +COMMENT= Docker Engine based on moby LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE -BROKEN= fails to build +BUILD_DEPENDS= bash:shells/bash -BUILD_DEPENDS= bash:shells/bash \ - sqlite3:databases/sqlite3 -RUN_DEPENDS= bash:shells/bash \ - sqlite3:databases/sqlite3 +USES= go -USES= go:run - USE_GITHUB= yes -GH_ACCOUNT= kvasdopil -GH_PROJECT= docker -GH_TAGNAME= 582db78 +GH_ACCOUNT= docker +GH_PROJECT= engine +GH_SUBDIR= src/github.com/docker/docker -PLIST_FILES= bin/docker -USE_RC_SUBR= docker +GO_TARGET= ./cmd/dockerd do-build: - @cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} AUTO_GOPATH=1 DOCKER_GITCOMMIT=${GH_TAGNAME} ./hack/make.sh binary - -do-install: - @${MKDIR} ${STAGEDIR}${PREFIX}/bin - ${INSTALL_PROGRAM} ${WRKSRC}/bundles/latest/binary/docker ${STAGEDIR}${PREFIX}/bin/ + @cd ${GO_WRKSRC} && export DOCKER_GITCOMMIT=${GH_TAGNAME} && ${SETENV} ${GO_ENV} ./hack/make.sh binary .include Index: sysutils/docker-freebsd/distinfo =================================================================== --- sysutils/docker-freebsd/distinfo +++ sysutils/docker-freebsd/distinfo @@ -1,2 +1,3 @@ -SHA256 (kvasdopil-docker-20150625-582db78_GH0.tar.gz) = a750d344af4af3d30b1a3373f382ab597a2a7aa4a0bb5c22d650d0c5cc9ac506 -SIZE (kvasdopil-docker-20150625-582db78_GH0.tar.gz) = 7292884 +TIMESTAMP = 1567673816 +SHA256 (docker-engine-v19.03.2_GH0.tar.gz) = 7fbd2ac9101026163479023f548acea1537e107b829fd8a0674b1b88a4feecff +SIZE (docker-engine-v19.03.2_GH0.tar.gz) = 9136789 Index: sysutils/docker-freebsd/files/docker.in =================================================================== --- sysutils/docker-freebsd/files/docker.in +++ /dev/null @@ -1,83 +0,0 @@ -#!/bin/sh - -# PROVIDE: docker -# REQUIRE: DAEMON -# KEYWORD: nojail shutdown - -. /etc/rc.subr - -name="docker" -rcvar="docker_enable" - -stop_cmd="docker_stop" -start_cmd="docker_start" -command="%%PREFIX%%/bin/docker" - -load_rc_config $name - -: ${docker_enable=NO} -: ${docker_dir=/usr/docker} -: ${docker_nat_pf=YES} -: ${docker_nat_iface=NONE} -: ${docker_flags=} - -docker_start() -{ - if [ ! -d "${docker_dir}" ] ; then - echo "Missing ${docker_dir}! Please create / mount a ZFS dataset at this location." - exit 1 - fi - - if [ -e "/var/run/docker.pid" ] ; then - pgrep -F /var/run/docker.pid 2>/dev/null >/dev/null - if [ $? -eq 0 ] ; then - echo "Docker already running? /var/run/docker.pid" - exit 1 - fi - fi - - echo "Starting docker..." - daemon -p /var/run/docker.pid ${command} -d -e jail -s zfs -g ${docker_dir} -D ${docker_flags} >/var/log/docker.log 2>/var/log/docker.log - - # Check for linux 64bit support and enable - kldstat | grep -q 'linux64' - if [ $? -ne 0 -a -e "/boot/kernel/linux64.ko" ] ; then - kldload linux64 - fi - - # Check for NAT support via PF - # This is an ugly experimental hack for now, eventually will go away - if [ "${docker_nat_pf}" != "YES" ] ; then return ; fi - - # Load PF if not already - kldstat | grep -q 'pf.ko' - if [ $? -ne 0 -a -e "/boot/kernel/pf.ko" ] ; then - kldload pf - fi - - # Check if PF rules already loaded - /sbin/pfctl -s nat 2>/dev/null | grep -q 172.17 - if [ $? -eq 0 ] ; then return ; fi - - if [ "${docker_nat_iface}" != "NONE" ] ; then - iface="${docker_nat_iface}" - else - iface=`/usr/bin/netstat -f inet -nrW | grep '^default' | awk '{ print $6 }'` - fi - echo "nat on ${iface} from 172.17.0.0/16 to any -> (${iface})" > /tmp/pf-nat-docker.$$ - /sbin/pfctl -f /tmp/pf-nat-docker.$$ 2>/dev/null - /sbin/pfctl -e 2>/dev/null - rm /tmp/pf-nat-docker.$$ - -} - -docker_stop() -{ - if [ -e "/var/run/docker.pid" ] ; then - echo "Stopping docker..." - pkill -F /var/run/docker.pid - fi -} - -run_rc_command "$1" - Index: sysutils/docker-freebsd/files/patch-builder_dockerfile_internals__freebsd.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-builder_dockerfile_internals__freebsd.go @@ -0,0 +1,95 @@ +Fix build on FreeBSD by copying linux implementation: + +builder/dockerfile/internals.go:193:19: undefined: parseChownFlag + +--- builder/dockerfile/internals_freebsd.go.orig 2019-03-08 14:02:51 UTC ++++ builder/dockerfile/internals_freebsd.go +@@ -0,0 +1,88 @@ ++package dockerfile // import "github.com/docker/docker/builder/dockerfile" ++ ++import ( ++ "path/filepath" ++ "strconv" ++ "strings" ++ ++ "github.com/docker/docker/pkg/idtools" ++ "github.com/docker/docker/pkg/symlink" ++ lcUser "github.com/opencontainers/runc/libcontainer/user" ++ "github.com/pkg/errors" ++) ++ ++func parseChownFlag(builder *Builder, state *dispatchState, chown, ctrRootPath string, identityMapping *idtools.IdentityMapping) (idtools.Identity, error) { ++ var userStr, grpStr string ++ parts := strings.Split(chown, ":") ++ if len(parts) > 2 { ++ return idtools.Identity{}, errors.New("invalid chown string format: " + chown) ++ } ++ if len(parts) == 1 { ++ // if no group specified, use the user spec as group as well ++ userStr, grpStr = parts[0], parts[0] ++ } else { ++ userStr, grpStr = parts[0], parts[1] ++ } ++ ++ passwdPath, err := symlink.FollowSymlinkInScope(filepath.Join(ctrRootPath, "etc", "passwd"), ctrRootPath) ++ if err != nil { ++ return idtools.Identity{}, errors.Wrapf(err, "can't resolve /etc/passwd path in container rootfs") ++ } ++ groupPath, err := symlink.FollowSymlinkInScope(filepath.Join(ctrRootPath, "etc", "group"), ctrRootPath) ++ if err != nil { ++ return idtools.Identity{}, errors.Wrapf(err, "can't resolve /etc/group path in container rootfs") ++ } ++ uid, err := lookupUser(userStr, passwdPath) ++ if err != nil { ++ return idtools.Identity{}, errors.Wrapf(err, "can't find uid for user "+userStr) ++ } ++ gid, err := lookupGroup(grpStr, groupPath) ++ if err != nil { ++ return idtools.Identity{}, errors.Wrapf(err, "can't find gid for group "+grpStr) ++ } ++ ++ // convert as necessary because of user namespaces ++ chownPair, err := identityMapping.ToHost(idtools.Identity{UID: uid, GID: gid}) ++ if err != nil { ++ return idtools.Identity{}, errors.Wrapf(err, "unable to convert uid/gid to host mapping") ++ } ++ return chownPair, nil ++} ++ ++func lookupUser(userStr, filepath string) (int, error) { ++ // if the string is actually a uid integer, parse to int and return ++ // as we don't need to translate with the help of files ++ uid, err := strconv.Atoi(userStr) ++ if err == nil { ++ return uid, nil ++ } ++ users, err := lcUser.ParsePasswdFileFilter(filepath, func(u lcUser.User) bool { ++ return u.Name == userStr ++ }) ++ if err != nil { ++ return 0, err ++ } ++ if len(users) == 0 { ++ return 0, errors.New("no such user: " + userStr) ++ } ++ return users[0].Uid, nil ++} ++ ++func lookupGroup(groupStr, filepath string) (int, error) { ++ // if the string is actually a gid integer, parse to int and return ++ // as we don't need to translate with the help of files ++ gid, err := strconv.Atoi(groupStr) ++ if err == nil { ++ return gid, nil ++ } ++ groups, err := lcUser.ParseGroupFileFilter(filepath, func(g lcUser.Group) bool { ++ return g.Name == groupStr ++ }) ++ if err != nil { ++ return 0, err ++ } ++ if len(groups) == 0 { ++ return 0, errors.New("no such group: " + groupStr) ++ } ++ return groups[0].Gid, nil ++} Index: sysutils/docker-freebsd/files/patch-daemon_daemon__unix.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-daemon_daemon__unix.go @@ -0,0 +1,157 @@ +--- daemon/daemon_unix.go.orig 2019-06-18 21:30:11 UTC ++++ daemon/daemon_unix.go +@@ -36,7 +36,7 @@ import ( + volumemounts "github.com/docker/docker/volume/mounts" + "github.com/docker/libnetwork" + nwconfig "github.com/docker/libnetwork/config" +- "github.com/docker/libnetwork/drivers/bridge" ++ //"github.com/docker/libnetwork/drivers/bridge" + "github.com/docker/libnetwork/netlabel" + "github.com/docker/libnetwork/netutils" + "github.com/docker/libnetwork/options" +@@ -910,143 +910,12 @@ func driverOptions(config *config.Config) []nwconfig.O + } + + func initBridgeDriver(controller libnetwork.NetworkController, config *config.Config) error { +- bridgeName := bridge.DefaultBridgeName +- if config.BridgeConfig.Iface != "" { +- bridgeName = config.BridgeConfig.Iface +- } +- netOption := map[string]string{ +- bridge.BridgeName: bridgeName, +- bridge.DefaultBridge: strconv.FormatBool(true), +- netlabel.DriverMTU: strconv.Itoa(config.Mtu), +- bridge.EnableIPMasquerade: strconv.FormatBool(config.BridgeConfig.EnableIPMasq), +- bridge.EnableICC: strconv.FormatBool(config.BridgeConfig.InterContainerCommunication), +- } +- +- // --ip processing +- if config.BridgeConfig.DefaultIP != nil { +- netOption[bridge.DefaultBindingIP] = config.BridgeConfig.DefaultIP.String() +- } +- +- var ( +- ipamV4Conf *libnetwork.IpamConf +- ipamV6Conf *libnetwork.IpamConf +- ) +- +- ipamV4Conf = &libnetwork.IpamConf{AuxAddresses: make(map[string]string)} +- +- nwList, nw6List, err := netutils.ElectInterfaceAddresses(bridgeName) +- if err != nil { +- return errors.Wrap(err, "list bridge addresses failed") +- } +- +- nw := nwList[0] +- if len(nwList) > 1 && config.BridgeConfig.FixedCIDR != "" { +- _, fCIDR, err := net.ParseCIDR(config.BridgeConfig.FixedCIDR) +- if err != nil { +- return errors.Wrap(err, "parse CIDR failed") +- } +- // Iterate through in case there are multiple addresses for the bridge +- for _, entry := range nwList { +- if fCIDR.Contains(entry.IP) { +- nw = entry +- break +- } +- } +- } +- +- ipamV4Conf.PreferredPool = lntypes.GetIPNetCanonical(nw).String() +- hip, _ := lntypes.GetHostPartIP(nw.IP, nw.Mask) +- if hip.IsGlobalUnicast() { +- ipamV4Conf.Gateway = nw.IP.String() +- } +- +- if config.BridgeConfig.IP != "" { +- ipamV4Conf.PreferredPool = config.BridgeConfig.IP +- ip, _, err := net.ParseCIDR(config.BridgeConfig.IP) +- if err != nil { +- return err +- } +- ipamV4Conf.Gateway = ip.String() +- } else if bridgeName == bridge.DefaultBridgeName && ipamV4Conf.PreferredPool != "" { +- logrus.Infof("Default bridge (%s) is assigned with an IP address %s. Daemon option --bip can be used to set a preferred IP address", bridgeName, ipamV4Conf.PreferredPool) +- } +- +- if config.BridgeConfig.FixedCIDR != "" { +- _, fCIDR, err := net.ParseCIDR(config.BridgeConfig.FixedCIDR) +- if err != nil { +- return err +- } +- +- ipamV4Conf.SubPool = fCIDR.String() +- } +- +- if config.BridgeConfig.DefaultGatewayIPv4 != nil { +- ipamV4Conf.AuxAddresses["DefaultGatewayIPv4"] = config.BridgeConfig.DefaultGatewayIPv4.String() +- } +- +- var deferIPv6Alloc bool +- if config.BridgeConfig.FixedCIDRv6 != "" { +- _, fCIDRv6, err := net.ParseCIDR(config.BridgeConfig.FixedCIDRv6) +- if err != nil { +- return err +- } +- +- // In case user has specified the daemon flag --fixed-cidr-v6 and the passed network has +- // at least 48 host bits, we need to guarantee the current behavior where the containers' +- // IPv6 addresses will be constructed based on the containers' interface MAC address. +- // We do so by telling libnetwork to defer the IPv6 address allocation for the endpoints +- // on this network until after the driver has created the endpoint and returned the +- // constructed address. Libnetwork will then reserve this address with the ipam driver. +- ones, _ := fCIDRv6.Mask.Size() +- deferIPv6Alloc = ones <= 80 +- +- if ipamV6Conf == nil { +- ipamV6Conf = &libnetwork.IpamConf{AuxAddresses: make(map[string]string)} +- } +- ipamV6Conf.PreferredPool = fCIDRv6.String() +- +- // In case the --fixed-cidr-v6 is specified and the current docker0 bridge IPv6 +- // address belongs to the same network, we need to inform libnetwork about it, so +- // that it can be reserved with IPAM and it will not be given away to somebody else +- for _, nw6 := range nw6List { +- if fCIDRv6.Contains(nw6.IP) { +- ipamV6Conf.Gateway = nw6.IP.String() +- break +- } +- } +- } +- +- if config.BridgeConfig.DefaultGatewayIPv6 != nil { +- if ipamV6Conf == nil { +- ipamV6Conf = &libnetwork.IpamConf{AuxAddresses: make(map[string]string)} +- } +- ipamV6Conf.AuxAddresses["DefaultGatewayIPv6"] = config.BridgeConfig.DefaultGatewayIPv6.String() +- } +- +- v4Conf := []*libnetwork.IpamConf{ipamV4Conf} +- v6Conf := []*libnetwork.IpamConf{} +- if ipamV6Conf != nil { +- v6Conf = append(v6Conf, ipamV6Conf) +- } +- // Initialize default network on "bridge" with the same name +- _, err = controller.NewNetwork("bridge", "bridge", "", +- libnetwork.NetworkOptionEnableIPv6(config.BridgeConfig.EnableIPv6), +- libnetwork.NetworkOptionDriverOpts(netOption), +- libnetwork.NetworkOptionIpam("default", "", v4Conf, v6Conf, nil), +- libnetwork.NetworkOptionDeferIPv6Alloc(deferIPv6Alloc)) +- if err != nil { +- return fmt.Errorf("Error creating default \"bridge\" network: %v", err) +- } +- return nil ++ return fmt.Errorf("Bridge network driver not supported on FreeBSD (yet)") + } + + // Remove default bridge interface if present (--bridge=none use case) + func removeDefaultBridgeInterface() { +- if lnk, err := netlink.LinkByName(bridge.DefaultBridgeName); err == nil { +- if err := netlink.LinkDel(lnk); err != nil { +- logrus.Warnf("Failed to remove bridge interface (%s): %v", bridge.DefaultBridgeName, err) +- } +- } ++ return fmt.Errorf("Bridge network driver not supported on FreeBSD (yet)") + } + + func setupInitLayer(idMapping *idtools.IdentityMapping) func(containerfs.ContainerFS) error { Index: sysutils/docker-freebsd/files/patch-daemon_graphdriver_driver__freebsd.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-daemon_graphdriver_driver__freebsd.go @@ -0,0 +1,67 @@ +Fix build error on FreeBSD: + +daemon/graphdriver/driver_freebsd.go:17:38: cannot use &buf (type *unix.Statfs_t) as type *syscall.Statfs_t in argument to syscall.Statfs + +--- daemon/graphdriver/driver_freebsd.go.orig 2019-02-26 00:29:56 UTC ++++ daemon/graphdriver/driver_freebsd.go +@@ -1,8 +1,7 @@ + package graphdriver // import "github.com/docker/docker/daemon/graphdriver" + + import ( +- "syscall" +- ++ "github.com/docker/docker/pkg/mount" + "golang.org/x/sys/unix" + ) + +@@ -11,10 +10,49 @@ var ( + priority = "zfs" + ) + ++// GetFSMagic returns the filesystem id given the path. ++func GetFSMagic(rootpath string) (FsMagic, error) { ++ var buf unix.Statfs_t ++ if err := unix.Statfs(rootpath, &buf); err != nil { ++ return 0, err ++ } ++ return FsMagic(buf.Type), nil ++} ++ ++// NewFsChecker returns a checker configured for the provided FsMagic ++func NewFsChecker(t FsMagic) Checker { ++ return &fsChecker{ ++ t: t, ++ } ++} ++ ++type fsChecker struct { ++ t FsMagic ++} ++ ++func (c *fsChecker) IsMounted(path string) bool { ++ m, _ := Mounted(c.t, path) ++ return m ++} ++ ++// NewDefaultChecker returns a check that parses /proc/mountinfo to check ++// if the specified path is mounted. ++func NewDefaultChecker() Checker { ++ return &defaultChecker{} ++} ++ ++type defaultChecker struct { ++} ++ ++func (c *defaultChecker) IsMounted(path string) bool { ++ m, _ := mount.Mounted(path) ++ return m ++} ++ + // Mounted checks if the given path is mounted as the fs type + func Mounted(fsType FsMagic, mountPath string) (bool, error) { + var buf unix.Statfs_t +- if err := syscall.Statfs(mountPath, &buf); err != nil { ++ if err := unix.Statfs(mountPath, &buf); err != nil { + return false, err + } + return FsMagic(buf.Type) == fsType, nil Index: sysutils/docker-freebsd/files/patch-libcontainerd_libcontainerd__freebsd.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-libcontainerd_libcontainerd__freebsd.go @@ -0,0 +1,19 @@ +This is a copy from libcontainerd_linux.go + +--- libcontainerd/libcontainerd_freebsd.go.orig 2019-06-24 09:47:19 UTC ++++ libcontainerd/libcontainerd_freebsd.go +@@ -0,0 +1,14 @@ ++package libcontainerd // import "github.com/docker/docker/libcontainerd" ++ ++import ( ++ "context" ++ ++ "github.com/containerd/containerd" ++ "github.com/docker/docker/libcontainerd/remote" ++ libcontainerdtypes "github.com/docker/docker/libcontainerd/types" ++) ++ ++// NewClient creates a new libcontainerd client from a containerd client ++func NewClient(ctx context.Context, cli *containerd.Client, stateDir, ns string, b libcontainerdtypes.Backend) (libcontainerdtypes.Client, error) { ++ return remote.NewClient(ctx, cli, stateDir, ns, b) ++} Index: sysutils/docker-freebsd/files/patch-libcontainerd_remote_client__freebsd.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-libcontainerd_remote_client__freebsd.go @@ -0,0 +1,129 @@ +--- libcontainerd/remote/client_freebsd.go.orig 2019-06-24 18:09:27 UTC ++++ libcontainerd/remote/client_freebsd.go +@@ -0,0 +1,126 @@ ++package remote // import "github.com/docker/docker/libcontainerd/remote" ++ ++import ( ++ "context" ++ "fmt" ++ "os" ++ "path/filepath" ++ "strings" ++ ++ "github.com/containerd/containerd" ++ "github.com/containerd/containerd/cio" ++ "github.com/containerd/containerd/containers" ++ libcontainerdtypes "github.com/docker/docker/libcontainerd/types" ++ "github.com/docker/docker/pkg/idtools" ++ "github.com/opencontainers/runtime-spec/specs-go" ++ "github.com/sirupsen/logrus" ++) ++ ++const runtimeName = "io.containerd.runtime.v1.linux" ++ ++func summaryFromInterface(i interface{}) (*libcontainerdtypes.Summary, error) { ++ return &libcontainerdtypes.Summary{}, nil ++} ++ ++func (c *client) UpdateResources(ctx context.Context, containerID string, resources *libcontainerdtypes.Resources) error { ++ p, err := c.getProcess(ctx, containerID, libcontainerdtypes.InitProcessName) ++ if err != nil { ++ return err ++ } ++ ++ // go doesn't like the alias in 1.8, this means this need to be ++ // platform specific ++ return p.(containerd.Task).Update(ctx, containerd.WithResources((*specs.LinuxResources)(resources))) ++} ++ ++func hostIDFromMap(id uint32, mp []specs.LinuxIDMapping) int { ++ for _, m := range mp { ++ if id >= m.ContainerID && id <= m.ContainerID+m.Size-1 { ++ return int(m.HostID + id - m.ContainerID) ++ } ++ } ++ return 0 ++} ++ ++func getSpecUser(ociSpec *specs.Spec) (int, int) { ++ var ( ++ uid int ++ gid int ++ ) ++ ++ for _, ns := range ociSpec.Linux.Namespaces { ++ if ns.Type == specs.UserNamespace { ++ uid = hostIDFromMap(0, ociSpec.Linux.UIDMappings) ++ gid = hostIDFromMap(0, ociSpec.Linux.GIDMappings) ++ break ++ } ++ } ++ ++ return uid, gid ++} ++ ++// WithBundle creates the bundle for the container ++func WithBundle(bundleDir string, ociSpec *specs.Spec) containerd.NewContainerOpts { ++ return func(ctx context.Context, client *containerd.Client, c *containers.Container) error { ++ if c.Labels == nil { ++ c.Labels = make(map[string]string) ++ } ++ uid, gid := getSpecUser(ociSpec) ++ if uid == 0 && gid == 0 { ++ c.Labels[DockerContainerBundlePath] = bundleDir ++ return idtools.MkdirAllAndChownNew(bundleDir, 0755, idtools.Identity{UID: 0, GID: 0}) ++ } ++ ++ p := string(filepath.Separator) ++ components := strings.Split(bundleDir, string(filepath.Separator)) ++ for _, d := range components[1:] { ++ p = filepath.Join(p, d) ++ fi, err := os.Stat(p) ++ if err != nil && !os.IsNotExist(err) { ++ return err ++ } ++ if os.IsNotExist(err) || fi.Mode()&1 == 0 { ++ p = fmt.Sprintf("%s.%d.%d", p, uid, gid) ++ if err := idtools.MkdirAndChown(p, 0700, idtools.Identity{UID: uid, GID: gid}); err != nil && !os.IsExist(err) { ++ return err ++ } ++ } ++ } ++ if c.Labels == nil { ++ c.Labels = make(map[string]string) ++ } ++ c.Labels[DockerContainerBundlePath] = p ++ return nil ++ } ++} ++ ++func newFIFOSet(bundleDir, processID string, withStdin, withTerminal bool) *cio.FIFOSet { ++ config := cio.Config{ ++ Terminal: withTerminal, ++ Stdout: filepath.Join(bundleDir, processID+"-stdout"), ++ } ++ paths := []string{config.Stdout} ++ ++ if withStdin { ++ config.Stdin = filepath.Join(bundleDir, processID+"-stdin") ++ paths = append(paths, config.Stdin) ++ } ++ if !withTerminal { ++ config.Stderr = filepath.Join(bundleDir, processID+"-stderr") ++ paths = append(paths, config.Stderr) ++ } ++ closer := func() error { ++ for _, path := range paths { ++ if err := os.RemoveAll(path); err != nil { ++ logrus.Warnf("libcontainerd: failed to remove fifo %v: %v", path, err) ++ } ++ } ++ return nil ++ } ++ ++ return cio.NewFIFOSet(config, closer) ++} ++ ++func (c *client) newDirectIO(ctx context.Context, fifos *cio.FIFOSet) (*cio.DirectIO, error) { ++ return cio.NewDirectIO(ctx, fifos) ++} Index: sysutils/docker-freebsd/files/patch-libcontainerd_supervisor_remote__daemon__freebsd.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-libcontainerd_supervisor_remote__daemon__freebsd.go @@ -0,0 +1,72 @@ +--- libcontainerd/supervisor/remote_daemon_freebsd.go.orig 2019-06-24 18:36:48 UTC ++++ libcontainerd/supervisor/remote_daemon_freebsd.go +@@ -0,0 +1,69 @@ ++package supervisor // import "github.com/docker/docker/libcontainerd/supervisor" ++ ++import ( ++ "os" ++ "path/filepath" ++ "syscall" ++ "time" ++ ++ "github.com/containerd/containerd/defaults" ++ "github.com/docker/docker/pkg/system" ++) ++ ++const ( ++ sockFile = "containerd.sock" ++ debugSockFile = "containerd-debug.sock" ++) ++ ++func (r *remote) setDefaults() { ++ if r.GRPC.Address == "" { ++ r.GRPC.Address = filepath.Join(r.stateDir, sockFile) ++ } ++ if r.GRPC.MaxRecvMsgSize == 0 { ++ r.GRPC.MaxRecvMsgSize = defaults.DefaultMaxRecvMsgSize ++ } ++ if r.GRPC.MaxSendMsgSize == 0 { ++ r.GRPC.MaxSendMsgSize = defaults.DefaultMaxSendMsgSize ++ } ++ if r.Debug.Address == "" { ++ r.Debug.Address = filepath.Join(r.stateDir, debugSockFile) ++ } ++ if r.OOMScore == 0 { ++ r.OOMScore = -999 ++ } ++ ++ for key, conf := range r.pluginConfs.Plugins { ++ if conf == nil { ++ r.DisabledPlugins = append(r.DisabledPlugins, key) ++ delete(r.pluginConfs.Plugins, key) ++ } ++ } ++} ++ ++func (r *remote) stopDaemon() { ++ // Ask the daemon to quit ++ syscall.Kill(r.daemonPid, syscall.SIGTERM) ++ // Wait up to 15secs for it to stop ++ for i := time.Duration(0); i < shutdownTimeout; i += time.Second { ++ if !system.IsProcessAlive(r.daemonPid) { ++ break ++ } ++ time.Sleep(time.Second) ++ } ++ ++ if system.IsProcessAlive(r.daemonPid) { ++ r.logger.WithField("pid", r.daemonPid).Warn("daemon didn't stop within 15 secs, killing it") ++ syscall.Kill(r.daemonPid, syscall.SIGKILL) ++ } ++} ++ ++func (r *remote) killDaemon() { ++ // Try to get a stack trace ++ syscall.Kill(r.daemonPid, syscall.SIGUSR1) ++ <-time.After(100 * time.Millisecond) ++ system.KillProcess(r.daemonPid) ++} ++ ++func (r *remote) platformCleanup() { ++ os.Remove(filepath.Join(r.stateDir, sockFile)) ++} Index: sysutils/docker-freebsd/files/patch-libcontainerd_supervisor_utils__freebsd.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-libcontainerd_supervisor_utils__freebsd.go @@ -0,0 +1,14 @@ +--- libcontainerd/supervisor/utils_freebsd.go.orig 2019-06-24 18:38:41 UTC ++++ libcontainerd/supervisor/utils_freebsd.go +@@ -0,0 +1,11 @@ ++package supervisor // import "github.com/docker/docker/libcontainerd/supervisor" ++ ++import "syscall" ++ ++// containerdSysProcAttr returns the SysProcAttr to use when exec'ing ++// containerd ++func containerdSysProcAttr() *syscall.SysProcAttr { ++ return &syscall.SysProcAttr{ ++ Setsid: true, ++ } ++} Index: sysutils/docker-freebsd/files/patch-libcontainerd_types_types__freebsd.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-libcontainerd_types_types__freebsd.go @@ -0,0 +1,27 @@ +--- libcontainerd/types/types_freebsd.go.orig 2019-06-24 11:36:48 UTC ++++ libcontainerd/types/types_freebsd.go +@@ -0,0 +1,24 @@ ++package types // import "github.com/docker/docker/libcontainerd/types" ++ ++import ( ++ "time" ++ ++ "github.com/opencontainers/runtime-spec/specs-go" ++) ++ ++// Summary is not used on FreeBSD ++type Summary struct{} ++ ++// Stats holds metrics properties as returned by containerd ++type Stats struct {} ++ ++// InterfaceToStats returns a stats object from the platform-specific interface. ++func InterfaceToStats(read time.Time, v interface{}) *Stats { ++ return &Stats{} ++} ++ ++// Resources defines updatable container resource values. TODO: it must match containerd upcoming API ++type Resources specs.LinuxResources ++ ++// Checkpoints contains the details of a checkpoint ++type Checkpoints struct{} Index: sysutils/docker-freebsd/files/patch-pkg_archive_archive__unix.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-pkg_archive_archive__unix.go @@ -0,0 +1,11 @@ +--- pkg/archive/archive_unix.go.orig 2019-06-24 10:21:29 UTC ++++ pkg/archive/archive_unix.go +@@ -96,7 +96,7 @@ func handleTarTypeBlockCharFifo(hdr *tar.Header, path + mode |= unix.S_IFIFO + } + +- return system.Mknod(path, mode, int(system.Mkdev(hdr.Devmajor, hdr.Devminor))) ++ return system.Mknod(path, mode, uint64(system.Mkdev(hdr.Devmajor, hdr.Devminor))) + } + + func handleLChmod(hdr *tar.Header, path string, hdrInfo os.FileInfo) error { Index: sysutils/docker-freebsd/files/patch-pkg_archive_changes__unix.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-pkg_archive_changes__unix.go @@ -0,0 +1,11 @@ +--- pkg/archive/changes_unix.go.orig 2019-06-18 21:30:11 UTC ++++ pkg/archive/changes_unix.go +@@ -35,7 +35,7 @@ func (info *FileInfo) isDir() bool { + } + + func getIno(fi os.FileInfo) uint64 { +- return fi.Sys().(*syscall.Stat_t).Ino ++ return uint64(fi.Sys().(*syscall.Stat_t).Ino) + } + + func hasHardlinks(fi os.FileInfo) bool { Index: sysutils/docker-freebsd/files/patch-pkg_chrootarchive_chroot__unix.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-pkg_chrootarchive_chroot__unix.go @@ -0,0 +1,11 @@ +--- pkg/chrootarchive/chroot_unix.go.orig 2019-08-22 20:57:25 UTC ++++ pkg/chrootarchive/chroot_unix.go +@@ -14,3 +14,8 @@ func chroot(path string) error { + func realChroot(path string) error { + return chroot(path) + } ++ ++ ++func realChroot(path string) error { ++ return chroot(path) ++} Index: sysutils/docker-freebsd/files/patch-pkg_mount_mountinfo__freebsd.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-pkg_mount_mountinfo__freebsd.go @@ -0,0 +1,11 @@ +--- pkg/mount/mountinfo_freebsd.go.orig 2019-02-06 23:39:49 UTC ++++ pkg/mount/mountinfo_freebsd.go +@@ -37,7 +37,7 @@ func parseMountTable(filter FilterFunc) ([]*Info, erro + + if filter != nil { + // filter out entries we're not interested in +- skip, stop = filter(p) ++ skip, stop = filter(&mountinfo) + if skip { + continue + } Index: sysutils/docker-freebsd/files/patch-pkg_system_meminfo__unsupported.go =================================================================== --- sysutils/docker-freebsd/files/patch-pkg_system_meminfo__unsupported.go +++ /dev/null @@ -1,9 +0,0 @@ ---- pkg/system/meminfo_unsupported.go.orig 2015-06-08 13:34:30 UTC -+++ pkg/system/meminfo_unsupported.go -@@ -3,5 +3,5 @@ - package system - - func ReadMemInfo() (*MemInfo, error) { -- return nil, ErrNotSupportedPlatform -+ return &MemInfo{}, ErrNotSupportedPlatform - } Index: sysutils/docker-freebsd/files/patch-pkg_system_mknod.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-pkg_system_mknod.go @@ -0,0 +1,11 @@ +--- pkg/system/mknod.go.orig 2019-06-18 21:30:11 UTC ++++ pkg/system/mknod.go +@@ -8,7 +8,7 @@ import ( + + // Mknod creates a filesystem node (file, device special file or named pipe) named path + // with attributes specified by mode and dev. +-func Mknod(path string, mode uint32, dev int) error { ++func Mknod(path string, mode uint32, dev uint64) error { + return unix.Mknod(path, mode, dev) + } + Index: sysutils/docker-freebsd/files/patch-plugin_manager__freebsd.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-plugin_manager__freebsd.go @@ -0,0 +1,33 @@ +Fix build on FreeBSD by copying Windows stub + +--- plugin/manager_freebsd.go.orig 2019-03-08 09:00:07 UTC ++++ plugin/manager_freebsd.go +@@ -0,0 +1,28 @@ ++package plugin // import "github.com/docker/docker/plugin" ++ ++import ( ++ "fmt" ++ ++ "github.com/docker/docker/plugin/v2" ++ specs "github.com/opencontainers/runtime-spec/specs-go" ++) ++ ++func (pm *Manager) enable(p *v2.Plugin, c *controller, force bool) error { ++ return fmt.Errorf("Not implemented") ++} ++ ++func (pm *Manager) initSpec(p *v2.Plugin) (*specs.Spec, error) { ++ return nil, fmt.Errorf("Not implemented") ++} ++ ++func (pm *Manager) disable(p *v2.Plugin, c *controller) error { ++ return fmt.Errorf("Not implemented") ++} ++ ++func (pm *Manager) restore(p *v2.Plugin, c *controller) error { ++ return fmt.Errorf("Not implemented") ++} ++ ++// Shutdown plugins ++func (pm *Manager) Shutdown() { ++} Index: sysutils/docker-freebsd/files/patch-runconfig_config.go =================================================================== --- sysutils/docker-freebsd/files/patch-runconfig_config.go +++ /dev/null @@ -1,21 +0,0 @@ ---- runconfig/config.go.orig 2015-06-08 13:34:30 UTC -+++ runconfig/config.go -@@ -132,15 +132,15 @@ type Config struct { - - type ContainerConfigWrapper struct { - *Config -- *hostConfigWrapper -+ *HostConfigWrapper - } - - func (c ContainerConfigWrapper) HostConfig() *HostConfig { -- if c.hostConfigWrapper == nil { -+ if c.HostConfigWrapper == nil { - return new(HostConfig) - } - -- return c.hostConfigWrapper.GetHostConfig() -+ return c.HostConfigWrapper.GetHostConfig() - } - - func DecodeContainerConfig(src io.Reader) (*Config, *HostConfig, error) { Index: sysutils/docker-freebsd/files/patch-runconfig_hostconfig.go =================================================================== --- sysutils/docker-freebsd/files/patch-runconfig_hostconfig.go +++ /dev/null @@ -1,33 +0,0 @@ ---- runconfig/hostconfig.go.orig 2015-06-08 13:34:30 UTC -+++ runconfig/hostconfig.go -@@ -234,18 +234,18 @@ type HostConfig struct { - func MergeConfigs(config *Config, hostConfig *HostConfig) *ContainerConfigWrapper { - return &ContainerConfigWrapper{ - config, -- &hostConfigWrapper{InnerHostConfig: hostConfig}, -+ &HostConfigWrapper{InnerHostConfig: hostConfig}, - } - } - --type hostConfigWrapper struct { -+type HostConfigWrapper struct { - InnerHostConfig *HostConfig `json:"HostConfig,omitempty"` - Cpuset string `json:",omitempty"` // Deprecated. Exported for backwards compatibility. - - *HostConfig // Deprecated. Exported to read attrubutes from json that are not in the inner host config structure. - } - --func (w hostConfigWrapper) GetHostConfig() *HostConfig { -+func (w HostConfigWrapper) GetHostConfig() *HostConfig { - hc := w.HostConfig - - if hc == nil && w.InnerHostConfig != nil { -@@ -274,7 +274,7 @@ func (w hostConfigWrapper) GetHostConfig - func DecodeHostConfig(src io.Reader) (*HostConfig, error) { - decoder := json.NewDecoder(src) - -- var w hostConfigWrapper -+ var w HostConfigWrapper - if err := decoder.Decode(&w); err != nil { - return nil, err - } Index: sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_containerd_archive_tar__unix.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_containerd_archive_tar__unix.go @@ -0,0 +1,11 @@ +--- vendor/github.com/containerd/containerd/archive/tar_unix.go.orig 2019-06-18 21:30:11 UTC ++++ vendor/github.com/containerd/containerd/archive/tar_unix.go +@@ -122,7 +122,7 @@ func handleTarTypeBlockCharFifo(hdr *tar.Header, path + mode |= unix.S_IFIFO + } + +- return unix.Mknod(path, mode, int(unix.Mkdev(uint32(hdr.Devmajor), uint32(hdr.Devminor)))) ++ return unix.Mknod(path, mode, unix.Mkdev(uint32(hdr.Devmajor), uint32(hdr.Devminor))) + } + + func handleLChmod(hdr *tar.Header, path string, hdrInfo os.FileInfo) error { Index: sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_containerd_runtime_v1_linux_bundle.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_containerd_runtime_v1_linux_bundle.go @@ -0,0 +1,8 @@ +--- vendor/github.com/containerd/containerd/runtime/v1/linux/bundle.go.orig 2019-02-26 21:02:47 UTC ++++ vendor/github.com/containerd/containerd/runtime/v1/linux/bundle.go +@@ -1,4 +1,4 @@ +-// +build linux ++// +build linux freebsd + + /* + Copyright The containerd Authors. Index: sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_containerd_runtime_v1_linux_process.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_containerd_runtime_v1_linux_process.go @@ -0,0 +1,8 @@ +--- vendor/github.com/containerd/containerd/runtime/v1/linux/process.go.orig 2019-02-06 23:39:49 UTC ++++ vendor/github.com/containerd/containerd/runtime/v1/linux/process.go +@@ -1,4 +1,4 @@ +-// +build linux ++// +build linux freebsd + + /* + Copyright The containerd Authors. Index: sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_containerd_runtime_v1_linux_runtime.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_containerd_runtime_v1_linux_runtime.go @@ -0,0 +1,8 @@ +--- vendor/github.com/containerd/containerd/runtime/v1/linux/runtime.go.orig 2019-02-06 23:39:49 UTC ++++ vendor/github.com/containerd/containerd/runtime/v1/linux/runtime.go +@@ -1,4 +1,4 @@ +-// +build linux ++// +build linux freebsd + + /* + Copyright The containerd Authors. Index: sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_containerd_runtime_v1_linux_task.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_containerd_runtime_v1_linux_task.go @@ -0,0 +1,8 @@ +--- vendor/github.com/containerd/containerd/runtime/v1/linux/task.go.orig 2019-02-06 23:39:49 UTC ++++ vendor/github.com/containerd/containerd/runtime/v1/linux/task.go +@@ -1,4 +1,4 @@ +-// +build linux ++// +build linux freebsd + + /* + Copyright The containerd Authors. Index: sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_continuity_devices_devices__unix.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_continuity_devices_devices__unix.go @@ -0,0 +1,11 @@ +--- vendor/github.com/containerd/continuity/devices/devices_unix.go.orig 2019-06-18 21:30:11 UTC ++++ vendor/github.com/containerd/continuity/devices/devices_unix.go +@@ -55,7 +55,7 @@ func Mknod(p string, mode os.FileMode, maj, min int) e + m |= unix.S_IFIFO + } + +- return unix.Mknod(p, m, int(dev)) ++ return unix.Mknod(p, m, dev) + } + + // syscallMode returns the syscall-specific mode bits from Go's portable mode bits. Index: sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_continuity_fs_copy__unix.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_continuity_fs_copy__unix.go @@ -0,0 +1,9 @@ +--- vendor/github.com/containerd/continuity/fs/copy_unix.go.orig 2019-06-18 21:30:11 UTC ++++ vendor/github.com/containerd/continuity/fs/copy_unix.go +@@ -108,5 +108,5 @@ func copyDevice(dst string, fi os.FileInfo) error { + if !ok { + return errors.New("unsupported stat type") + } +- return unix.Mknod(dst, uint32(fi.Mode()), int(st.Rdev)) ++ return unix.Mknod(dst, uint32(fi.Mode()), st.Rdev) + } Index: sysutils/docker-freebsd/files/patch-vendor_github.com_docker_libnetwork_ns_init__freebsd.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-vendor_github.com_docker_libnetwork_ns_init__freebsd.go @@ -0,0 +1,4 @@ +--- vendor/github.com/docker/libnetwork/ns/init_freebsd.go.orig 2019-02-26 20:59:24 UTC ++++ vendor/github.com/docker/libnetwork/ns/init_freebsd.go +@@ -0,0 +1 @@ ++package ns Index: sysutils/docker-freebsd/files/patch-vendor_github.com_docker_libnetwork_portmapper_mapper__freebsd.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-vendor_github.com_docker_libnetwork_portmapper_mapper__freebsd.go @@ -0,0 +1,34 @@ +--- vendor/github.com/docker/libnetwork/portmapper/mapper_freebsd.go.orig 2019-06-24 18:33:51 UTC ++++ vendor/github.com/docker/libnetwork/portmapper/mapper_freebsd.go +@@ -0,0 +1,31 @@ ++package portmapper ++ ++import ( ++ "net" ++ "sync" ++ ++ "github.com/docker/libnetwork/portallocator" ++) ++ ++// PortMapper manages the network address translation ++type PortMapper struct { ++ bridgeName string ++ ++ // udp:ip:port ++ currentMappings map[string]*mapping ++ lock sync.Mutex ++ ++ proxyPath string ++ ++ Allocator *portallocator.PortAllocator ++} ++ ++// AppendForwardingTableEntry adds a port mapping to the forwarding table ++func (pm *PortMapper) AppendForwardingTableEntry(proto string, sourceIP net.IP, sourcePort int, containerIP string, containerPort int) error { ++ return nil ++} ++ ++// DeleteForwardingTableEntry removes a port mapping from the forwarding table ++func (pm *PortMapper) DeleteForwardingTableEntry(proto string, sourceIP net.IP, sourcePort int, containerIP string, containerPort int) error { ++ return nil ++} Index: sysutils/docker-freebsd/files/patch-vendor_github.com_docker_libnetwork_portmapper_proxy__freebsd.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-vendor_github.com_docker_libnetwork_portmapper_proxy__freebsd.go @@ -0,0 +1,41 @@ +--- vendor/github.com/docker/libnetwork/portmapper/proxy_freebsd.go.orig 2019-06-24 18:17:46 UTC ++++ vendor/github.com/docker/libnetwork/portmapper/proxy_freebsd.go +@@ -0,0 +1,38 @@ ++package portmapper ++ ++import ( ++ "net" ++ "os/exec" ++ "strconv" ++ "syscall" ++) ++ ++func newProxyCommand(proto string, hostIP net.IP, hostPort int, containerIP net.IP, containerPort int, proxyPath string) (userlandProxy, error) { ++ path := proxyPath ++ if proxyPath == "" { ++ cmd, err := exec.LookPath(userlandProxyCommandName) ++ if err != nil { ++ return nil, err ++ } ++ path = cmd ++ } ++ ++ args := []string{ ++ path, ++ "-proto", proto, ++ "-host-ip", hostIP.String(), ++ "-host-port", strconv.Itoa(hostPort), ++ "-container-ip", containerIP.String(), ++ "-container-port", strconv.Itoa(containerPort), ++ } ++ ++ return &proxyCommand{ ++ cmd: &exec.Cmd{ ++ Path: path, ++ Args: args, ++ SysProcAttr: &syscall.SysProcAttr{ ++ Pdeathsig: syscall.SIGTERM, // send a sigterm to the proxy if the daemon process dies ++ }, ++ }, ++ }, nil ++} Index: sysutils/docker-freebsd/files/patch-vendor_github.com_docker_libnetwork_resolver__freebsd.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-vendor_github.com_docker_libnetwork_resolver__freebsd.go @@ -0,0 +1,15 @@ +--- vendor/github.com/docker/libnetwork/resolver_freebsd.go.orig 2019-06-24 19:16:48 UTC ++++ vendor/github.com/docker/libnetwork/resolver_freebsd.go +@@ -0,0 +1,12 @@ ++package libnetwork ++ ++import ( ++ "fmt" ++) ++ ++func init() { ++} ++ ++func (r *resolver) setupIPTable() error { ++ return fmt.Errorf("IPTables not supported on FreeBSD") ++} Index: sysutils/docker-freebsd/files/patch-vendor_github.com_docker_libnetwork_resolver__unix.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-vendor_github.com_docker_libnetwork_resolver__unix.go @@ -0,0 +1,8 @@ +--- vendor/github.com/docker/libnetwork/resolver_unix.go.orig 2019-06-18 21:30:11 UTC ++++ vendor/github.com/docker/libnetwork/resolver_unix.go +@@ -1,4 +1,4 @@ +-// +build !windows ++// +build !freebsd + + package libnetwork + Index: sysutils/docker-freebsd/files/patch-vendor_github.com_docker_swarmkit_manager_allocator_cnmallocator_drivers__unsupported.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-vendor_github.com_docker_swarmkit_manager_allocator_cnmallocator_drivers__unsupported.go @@ -0,0 +1,15 @@ +Fix build error on FreeBSD + +swarmkit/manager/allocator/cnmallocator/drivers_unsupported.go:9:7: const initializer cannot be nil + +--- vendor/github.com/docker/swarmkit/manager/allocator/cnmallocator/drivers_unsupported.go.orig 2019-03-08 08:00:27 UTC ++++ vendor/github.com/docker/swarmkit/manager/allocator/cnmallocator/drivers_unsupported.go +@@ -6,7 +6,7 @@ import ( + "github.com/docker/swarmkit/manager/allocator/networkallocator" + ) + +-const initializers = nil ++var initializers = []initializer{} + + // PredefinedNetworks returns the list of predefined network structures + func PredefinedNetworks() []networkallocator.PredefinedNetworkData { Index: sysutils/docker-freebsd/files/patch-vendor_github.com_docker_swarmkit_node_node.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-vendor_github.com_docker_swarmkit_node_node.go @@ -0,0 +1,23 @@ +--- vendor/github.com/docker/swarmkit/node/node.go.orig 2019-06-18 21:30:11 UTC ++++ vendor/github.com/docker/swarmkit/node/node.go +@@ -20,7 +20,6 @@ import ( + + "github.com/docker/docker/pkg/plugingetter" + "github.com/docker/go-metrics" +- "github.com/docker/libnetwork/drivers/overlay/overlayutils" + "github.com/docker/swarmkit/agent" + "github.com/docker/swarmkit/agent/exec" + "github.com/docker/swarmkit/api" +@@ -273,11 +272,7 @@ func (n *Node) currentRole() api.NodeRole { + + // configVXLANUDPPort sets vxlan port in libnetwork + func configVXLANUDPPort(ctx context.Context, vxlanUDPPort uint32) { +- if err := overlayutils.ConfigVXLANUDPPort(vxlanUDPPort); err != nil { +- log.G(ctx).WithError(err).Error("failed to configure VXLAN UDP port") +- return +- } +- logrus.Infof("initialized VXLAN UDP port to %d ", vxlanUDPPort) ++ logrus.Infof("VXLAN UDP not supported on FreeBSD") + } + + func (n *Node) run(ctx context.Context) (err error) { Index: sysutils/docker-freebsd/files/patch-vendor_github.com_godbus_dbus_transport__freebsd.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-vendor_github.com_godbus_dbus_transport__freebsd.go @@ -0,0 +1,9 @@ +--- vendor/github.com/godbus/dbus/transport_freebsd.go.orig 2019-02-26 21:19:13 UTC ++++ vendor/github.com/godbus/dbus/transport_freebsd.go +@@ -0,0 +1,6 @@ ++package dbus ++ ++func (t *unixTransport) SendNullByte() error { ++ _, err := t.Write([]byte{0}) ++ return err ++} Index: sysutils/docker-freebsd/files/patch-vendor_github.com_moby_buildkit_executor_oci_spec__unix.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-vendor_github.com_moby_buildkit_executor_oci_spec__unix.go @@ -0,0 +1,20 @@ +--- vendor/github.com/moby/buildkit/executor/oci/spec_unix.go.orig 2019-08-22 20:57:25 UTC ++++ vendor/github.com/moby/buildkit/executor/oci/spec_unix.go +@@ -8,7 +8,6 @@ import ( + "sync" + + "github.com/containerd/containerd/containers" +- "github.com/containerd/containerd/contrib/seccomp" + "github.com/containerd/containerd/mount" + "github.com/containerd/containerd/namespaces" + "github.com/containerd/containerd/oci" +@@ -40,7 +39,8 @@ func GenerateSpec(ctx context.Context, meta executor.M + if meta.SecurityMode == pb.SecurityMode_INSECURE { + opts = append(opts, entitlements.WithInsecureSpec()) + } else if system.SeccompSupported() && meta.SecurityMode == pb.SecurityMode_SANDBOX { +- opts = append(opts, seccomp.WithDefaultProfile()) ++ // TODO ++ return nil, nil, errors.New("TODO Seccomp Sandbox not supported on FreeBSD") + } + + switch processMode { Index: sysutils/docker-freebsd/files/patch-vendor_github.com_moby_buildkit_executor_runcexecutor_executor.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-vendor_github.com_moby_buildkit_executor_runcexecutor_executor.go @@ -0,0 +1,21 @@ +--- vendor/github.com/moby/buildkit/executor/runcexecutor/executor.go.orig 2019-08-22 20:57:25 UTC ++++ vendor/github.com/moby/buildkit/executor/runcexecutor/executor.go +@@ -22,7 +22,6 @@ import ( + "github.com/moby/buildkit/identity" + "github.com/moby/buildkit/solver/pb" + "github.com/moby/buildkit/util/network" +- rootlessspecconv "github.com/moby/buildkit/util/rootless/specconv" + "github.com/pkg/errors" + "github.com/sirupsen/logrus" + ) +@@ -246,9 +245,7 @@ func (w *runcExecutor) Exec(ctx context.Context, meta + + spec.Process.OOMScoreAdj = w.oomScoreAdj + if w.rootless { +- if err := rootlessspecconv.ToRootless(spec); err != nil { +- return err +- } ++ return errors.New("TODO: Rootless not implemented in FreeBSD!") + } + + if err := json.NewEncoder(f).Encode(spec); err != nil { Index: sysutils/docker-freebsd/files/patch-vendor_github.com_moby_buildkit_snapshot_localmounter__freebsd.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-vendor_github.com_moby_buildkit_snapshot_localmounter__freebsd.go @@ -0,0 +1,29 @@ +--- vendor/github.com/moby/buildkit/snapshot/localmounter_freebsd.go.orig 2019-03-06 19:37:34 UTC ++++ vendor/github.com/moby/buildkit/snapshot/localmounter_freebsd.go +@@ -0,0 +1,26 @@ ++package snapshot ++ ++import ( ++ "os" ++ ++ "github.com/containerd/containerd/mount" ++) ++ ++func (lm *localMounter) Unmount() error { ++ lm.mu.Lock() ++ defer lm.mu.Unlock() ++ ++ if lm.target != "" { ++ if err := mount.Unmount(lm.target, 0); err != nil { ++ return err ++ } ++ os.RemoveAll(lm.target) ++ lm.target = "" ++ } ++ ++ if lm.mountable != nil { ++ return lm.mountable.Release() ++ } ++ ++ return nil ++} Index: sysutils/docker-freebsd/files/patch-vendor_github.com_moby_buildkit_snapshot_localmounter__unix.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-vendor_github.com_moby_buildkit_snapshot_localmounter__unix.go @@ -0,0 +1,8 @@ +--- vendor/github.com/moby/buildkit/snapshot/localmounter_unix.go.orig 2019-02-26 00:29:56 UTC ++++ vendor/github.com/moby/buildkit/snapshot/localmounter_unix.go +@@ -1,4 +1,4 @@ +-// +build !windows ++// +build !windows,!freebsd + + package snapshot + Index: sysutils/docker-freebsd/files/patch-vendor_github.com_moby_buildkit_util_entitlements_security__freebsd.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-vendor_github.com_moby_buildkit_util_entitlements_security__freebsd.go @@ -0,0 +1,70 @@ +--- vendor/github.com/moby/buildkit/util/entitlements/security_freebsd.go.orig 2019-06-24 18:24:33 UTC ++++ vendor/github.com/moby/buildkit/util/entitlements/security_freebsd.go +@@ -0,0 +1,67 @@ ++package entitlements ++ ++import ( ++ "context" ++ ++ "github.com/containerd/containerd/containers" ++ "github.com/containerd/containerd/oci" ++ specs "github.com/opencontainers/runtime-spec/specs-go" ++) ++ ++// WithInsecureSpec sets spec with All capability. ++func WithInsecureSpec() oci.SpecOpts { ++ return func(_ context.Context, _ oci.Client, _ *containers.Container, s *specs.Spec) error { ++ addCaps := []string{ ++ "CAP_FSETID", ++ "CAP_KILL", ++ "CAP_FOWNER", ++ "CAP_MKNOD", ++ "CAP_CHOWN", ++ "CAP_DAC_OVERRIDE", ++ "CAP_NET_RAW", ++ "CAP_SETGID", ++ "CAP_SETUID", ++ "CAP_SETPCAP", ++ "CAP_SETFCAP", ++ "CAP_NET_BIND_SERVICE", ++ "CAP_SYS_CHROOT", ++ "CAP_AUDIT_WRITE", ++ "CAP_MAC_ADMIN", ++ "CAP_MAC_OVERRIDE", ++ "CAP_DAC_READ_SEARCH", ++ "CAP_SYS_PTRACE", ++ "CAP_SYS_MODULE", ++ "CAP_SYSLOG", ++ "CAP_SYS_RAWIO", ++ "CAP_SYS_ADMIN", ++ "CAP_LINUX_IMMUTABLE", ++ "CAP_SYS_BOOT", ++ "CAP_SYS_NICE", ++ "CAP_SYS_PACCT", ++ "CAP_SYS_TTY_CONFIG", ++ "CAP_SYS_TIME", ++ "CAP_WAKE_ALARM", ++ "CAP_AUDIT_READ", ++ "CAP_AUDIT_CONTROL", ++ "CAP_SYS_RESOURCE", ++ "CAP_BLOCK_SUSPEND", ++ "CAP_IPC_LOCK", ++ "CAP_IPC_OWNER", ++ "CAP_LEASE", ++ "CAP_NET_ADMIN", ++ "CAP_NET_BROADCAST", ++ } ++ for _, cap := range addCaps { ++ s.Process.Capabilities.Bounding = append(s.Process.Capabilities.Bounding, cap) ++ s.Process.Capabilities.Ambient = append(s.Process.Capabilities.Ambient, cap) ++ s.Process.Capabilities.Effective = append(s.Process.Capabilities.Effective, cap) ++ s.Process.Capabilities.Inheritable = append(s.Process.Capabilities.Inheritable, cap) ++ s.Process.Capabilities.Permitted = append(s.Process.Capabilities.Permitted, cap) ++ } ++ s.Linux.ReadonlyPaths = []string{} ++ s.Linux.MaskedPaths = []string{} ++ s.Process.ApparmorProfile = "" ++ ++ return nil ++ } ++} Index: sysutils/docker-freebsd/files/patch-vendor_github.com_tonistiigi_fsutil_copy_copy__unix.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-vendor_github.com_tonistiigi_fsutil_copy_copy__unix.go @@ -0,0 +1,9 @@ +--- vendor/github.com/tonistiigi/fsutil/copy/copy_unix.go.orig 2019-06-18 21:30:11 UTC ++++ vendor/github.com/tonistiigi/fsutil/copy/copy_unix.go +@@ -64,5 +64,5 @@ func copyDevice(dst string, fi os.FileInfo) error { + if !ok { + return errors.New("unsupported stat type") + } +- return unix.Mknod(dst, uint32(fi.Mode()), int(st.Rdev)) ++ return unix.Mknod(dst, uint32(fi.Mode()), st.Rdev) + } Index: sysutils/docker-freebsd/files/patch-vendor_github.com_tonistiigi_fsutil_diskwriter__unix.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-vendor_github.com_tonistiigi_fsutil_diskwriter__unix.go @@ -0,0 +1,11 @@ +--- vendor/github.com/tonistiigi/fsutil/diskwriter_unix.go.orig 2019-02-26 00:29:56 UTC ++++ vendor/github.com/tonistiigi/fsutil/diskwriter_unix.go +@@ -45,7 +45,7 @@ func handleTarTypeBlockCharFifo(path string, stat *typ + mode |= syscall.S_IFBLK + } + +- if err := syscall.Mknod(path, mode, int(mkdev(stat.Devmajor, stat.Devminor))); err != nil { ++ if err := syscall.Mknod(path, mode, uint64(mkdev(stat.Devmajor, stat.Devminor))); err != nil { + return err + } + return nil Index: sysutils/docker-freebsd/files/patch-vendor_github.com_tonistiigi_fsutil_stat__unix.go =================================================================== --- /dev/null +++ sysutils/docker-freebsd/files/patch-vendor_github.com_tonistiigi_fsutil_stat__unix.go @@ -0,0 +1,11 @@ +--- vendor/github.com/tonistiigi/fsutil/stat_unix.go.orig 2019-06-18 21:30:11 UTC ++++ vendor/github.com/tonistiigi/fsutil/stat_unix.go +@@ -45,7 +45,7 @@ func setUnixOpt(fi os.FileInfo, stat *types.Stat, path + stat.Devminor = int64(minor(uint64(s.Rdev))) + } + +- ino := s.Ino ++ ino := uint64(s.Ino) + linked := false + if seenFiles != nil { + if s.Nlink > 1 { Index: sysutils/docker-freebsd/pkg-descr =================================================================== --- sysutils/docker-freebsd/pkg-descr +++ sysutils/docker-freebsd/pkg-descr @@ -1,12 +1,4 @@ -Docker is an open source project to pack, ship and run any -application as a lightweight container. +Moby is an open-source project created by Docker to enable and accelerate +software containerization. -Docker containers are both hardware-agnostic and platform-agnostic. -This means they can run anywhere, from your laptop to the largest -EC2 compute instance and everything in between - and they don't -require you to use a particular language, framework or packaging -system. That makes them great building blocks for deploying and -scaling web apps, databases, and backend services without depending -on a particular stack or provider. - -WWW: https://github.com/kvasdopil/docker +WWW: https://github.com/docker/engine Index: sysutils/docker-freebsd/pkg-message =================================================================== --- sysutils/docker-freebsd/pkg-message +++ /dev/null @@ -1,26 +0,0 @@ -[ -{ type: install - message: </docker - -And lastly enable the docker daemon -# sysrc -f /etc/rc.conf docker_enable="YES" -# service docker start - -(WARNING) - -Starting the docker service will also add the following PF rule: - -nat on ${iface} from 172.17.0.0/16 to any -> (${iface}) - -Where $iface is the default NIC on the system, or the value -of $docker_nat_iface. This is for network connectivity to docker -containers in this early port. This should not be needed in future -versions of docker. -EOM -} -]