D21570.id61822.diff
No OneTemporary
Actions

Size

53 KB

Referenced Files

None

Subscribers

None

D21570.id61822.diff
View Options

	Index: sysutils/docker-freebsd/Makefile
	===================================================================
	--- sysutils/docker-freebsd/Makefile
	+++ sysutils/docker-freebsd/Makefile
	@@ -1,39 +1,29 @@
	-# Created by: kmoore@FreeBSD.org
	# $FreeBSD$

	-PORTNAME= docker-freebsd
	-PORTVERSION= 20150625
	-PORTREVISION= 2
	+PORTNAME= docker-engine
	+DISTVERSIONPREFIX= v
	+DISTVERSION= 19.03.2
	CATEGORIES= sysutils

	-MAINTAINER= joneum@FreeBSD.org
	-COMMENT= Docker containment system
	+MAINTAINER= decke@FreeBSD.org
	+COMMENT= Docker Engine based on moby

	LICENSE= APACHE20
	LICENSE_FILE= ${WRKSRC}/LICENSE

	-BROKEN= fails to build
	+BUILD_DEPENDS= bash:shells/bash

	-BUILD_DEPENDS= bash:shells/bash \
	- sqlite3:databases/sqlite3
	-RUN_DEPENDS= bash:shells/bash \
	- sqlite3:databases/sqlite3
	+USES= go

	-USES= go:run
	-
	USE_GITHUB= yes
	-GH_ACCOUNT= kvasdopil
	-GH_PROJECT= docker
	-GH_TAGNAME= 582db78
	+GH_ACCOUNT= docker
	+GH_PROJECT= engine
	+GH_SUBDIR= src/github.com/docker/docker

	-PLIST_FILES= bin/docker
	-USE_RC_SUBR= docker
	+GO_PKGNAME= github.com/docker/docker
	+GO_TARGET= ${GO_PKGNAME}/cmd/dockerd

	do-build:
	- @cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} AUTO_GOPATH=1 DOCKER_GITCOMMIT=${GH_TAGNAME} ./hack/make.sh binary
	-
	-do-install:
	- @${MKDIR} ${STAGEDIR}${PREFIX}/bin
	- ${INSTALL_PROGRAM} ${WRKSRC}/bundles/latest/binary/docker ${STAGEDIR}${PREFIX}/bin/
	+ @cd ${GO_WRKSRC} && export DOCKER_GITCOMMIT=${GH_TAGNAME} && ${SETENV} ${GO_ENV} ./hack/make.sh binary

	.include <bsd.port.mk>
	Index: sysutils/docker-freebsd/distinfo
	===================================================================
	--- sysutils/docker-freebsd/distinfo
	+++ sysutils/docker-freebsd/distinfo
	@@ -1,2 +1,3 @@
	-SHA256 (kvasdopil-docker-20150625-582db78_GH0.tar.gz) = a750d344af4af3d30b1a3373f382ab597a2a7aa4a0bb5c22d650d0c5cc9ac506
	-SIZE (kvasdopil-docker-20150625-582db78_GH0.tar.gz) = 7292884
	+TIMESTAMP = 1567673816
	+SHA256 (docker-engine-v19.03.2_GH0.tar.gz) = 7fbd2ac9101026163479023f548acea1537e107b829fd8a0674b1b88a4feecff
	+SIZE (docker-engine-v19.03.2_GH0.tar.gz) = 9136789
	Index: sysutils/docker-freebsd/files/docker.in
	===================================================================
	--- sysutils/docker-freebsd/files/docker.in
	+++ /dev/null
	@@ -1,83 +0,0 @@
	-#!/bin/sh
	-
	-# PROVIDE: docker
	-# REQUIRE: DAEMON
	-# KEYWORD: nojail shutdown
	-
	-. /etc/rc.subr
	-
	-name="docker"
	-rcvar="docker_enable"
	-
	-stop_cmd="docker_stop"
	-start_cmd="docker_start"
	-command="%%PREFIX%%/bin/docker"
	-
	-load_rc_config $name
	-
	-: ${docker_enable=NO}
	-: ${docker_dir=/usr/docker}
	-: ${docker_nat_pf=YES}
	-: ${docker_nat_iface=NONE}
	-: ${docker_flags=}
	-
	-docker_start()
	-{
	- if [ ! -d "${docker_dir}" ] ; then
	- echo "Missing ${docker_dir}! Please create / mount a ZFS dataset at this location."
	- exit 1
	- fi
	-
	- if [ -e "/var/run/docker.pid" ] ; then
	- pgrep -F /var/run/docker.pid 2>/dev/null >/dev/null
	- if [ $? -eq 0 ] ; then
	- echo "Docker already running? /var/run/docker.pid"
	- exit 1
	- fi
	- fi
	-
	- echo "Starting docker..."
	- daemon -p /var/run/docker.pid ${command} -d -e jail -s zfs -g ${docker_dir} -D ${docker_flags} >/var/log/docker.log 2>/var/log/docker.log
	-
	- # Check for linux 64bit support and enable
	- kldstat \| grep -q 'linux64'
	- if [ $? -ne 0 -a -e "/boot/kernel/linux64.ko" ] ; then
	- kldload linux64
	- fi
	-
	- # Check for NAT support via PF
	- # This is an ugly experimental hack for now, eventually will go away
	- if [ "${docker_nat_pf}" != "YES" ] ; then return ; fi
	-
	- # Load PF if not already
	- kldstat \| grep -q 'pf.ko'
	- if [ $? -ne 0 -a -e "/boot/kernel/pf.ko" ] ; then
	- kldload pf
	- fi
	-
	- # Check if PF rules already loaded
	- /sbin/pfctl -s nat 2>/dev/null \| grep -q 172.17
	- if [ $? -eq 0 ] ; then return ; fi
	-
	- if [ "${docker_nat_iface}" != "NONE" ] ; then
	- iface="${docker_nat_iface}"
	- else
	- iface=`/usr/bin/netstat -f inet -nrW \| grep '^default' \| awk '{ print $6 }'`
	- fi
	- echo "nat on ${iface} from 172.17.0.0/16 to any -> (${iface})" > /tmp/pf-nat-docker.$$
	- /sbin/pfctl -f /tmp/pf-nat-docker.$$ 2>/dev/null
	- /sbin/pfctl -e 2>/dev/null
	- rm /tmp/pf-nat-docker.$$
	-
	-}
	-
	-docker_stop()
	-{
	- if [ -e "/var/run/docker.pid" ] ; then
	- echo "Stopping docker..."
	- pkill -F /var/run/docker.pid
	- fi
	-}
	-
	-run_rc_command "$1"
	-
	Index: sysutils/docker-freebsd/files/patch-builder_dockerfile_internals__freebsd.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-builder_dockerfile_internals__freebsd.go
	@@ -0,0 +1,95 @@
	+Fix build on FreeBSD by copying linux implementation:
	+
	+builder/dockerfile/internals.go:193:19: undefined: parseChownFlag
	+
	+--- builder/dockerfile/internals_freebsd.go.orig 2019-03-08 14:02:51 UTC
	++++ builder/dockerfile/internals_freebsd.go
	+@@ -0,0 +1,88 @@
	++package dockerfile // import "github.com/docker/docker/builder/dockerfile"
	++
	++import (
	++ "path/filepath"
	++ "strconv"
	++ "strings"
	++
	++ "github.com/docker/docker/pkg/idtools"
	++ "github.com/docker/docker/pkg/symlink"
	++ lcUser "github.com/opencontainers/runc/libcontainer/user"
	++ "github.com/pkg/errors"
	++)
	++
	++func parseChownFlag(builder Builder, state dispatchState, chown, ctrRootPath string, identityMapping *idtools.IdentityMapping) (idtools.Identity, error) {
	++ var userStr, grpStr string
	++ parts := strings.Split(chown, ":")
	++ if len(parts) > 2 {
	++ return idtools.Identity{}, errors.New("invalid chown string format: " + chown)
	++ }
	++ if len(parts) == 1 {
	++ // if no group specified, use the user spec as group as well
	++ userStr, grpStr = parts[0], parts[0]
	++ } else {
	++ userStr, grpStr = parts[0], parts[1]
	++ }
	++
	++ passwdPath, err := symlink.FollowSymlinkInScope(filepath.Join(ctrRootPath, "etc", "passwd"), ctrRootPath)
	++ if err != nil {
	++ return idtools.Identity{}, errors.Wrapf(err, "can't resolve /etc/passwd path in container rootfs")
	++ }
	++ groupPath, err := symlink.FollowSymlinkInScope(filepath.Join(ctrRootPath, "etc", "group"), ctrRootPath)
	++ if err != nil {
	++ return idtools.Identity{}, errors.Wrapf(err, "can't resolve /etc/group path in container rootfs")
	++ }
	++ uid, err := lookupUser(userStr, passwdPath)
	++ if err != nil {
	++ return idtools.Identity{}, errors.Wrapf(err, "can't find uid for user "+userStr)
	++ }
	++ gid, err := lookupGroup(grpStr, groupPath)
	++ if err != nil {
	++ return idtools.Identity{}, errors.Wrapf(err, "can't find gid for group "+grpStr)
	++ }
	++
	++ // convert as necessary because of user namespaces
	++ chownPair, err := identityMapping.ToHost(idtools.Identity{UID: uid, GID: gid})
	++ if err != nil {
	++ return idtools.Identity{}, errors.Wrapf(err, "unable to convert uid/gid to host mapping")
	++ }
	++ return chownPair, nil
	++}
	++
	++func lookupUser(userStr, filepath string) (int, error) {
	++ // if the string is actually a uid integer, parse to int and return
	++ // as we don't need to translate with the help of files
	++ uid, err := strconv.Atoi(userStr)
	++ if err == nil {
	++ return uid, nil
	++ }
	++ users, err := lcUser.ParsePasswdFileFilter(filepath, func(u lcUser.User) bool {
	++ return u.Name == userStr
	++ })
	++ if err != nil {
	++ return 0, err
	++ }
	++ if len(users) == 0 {
	++ return 0, errors.New("no such user: " + userStr)
	++ }
	++ return users[0].Uid, nil
	++}
	++
	++func lookupGroup(groupStr, filepath string) (int, error) {
	++ // if the string is actually a gid integer, parse to int and return
	++ // as we don't need to translate with the help of files
	++ gid, err := strconv.Atoi(groupStr)
	++ if err == nil {
	++ return gid, nil
	++ }
	++ groups, err := lcUser.ParseGroupFileFilter(filepath, func(g lcUser.Group) bool {
	++ return g.Name == groupStr
	++ })
	++ if err != nil {
	++ return 0, err
	++ }
	++ if len(groups) == 0 {
	++ return 0, errors.New("no such group: " + groupStr)
	++ }
	++ return groups[0].Gid, nil
	++}
	Index: sysutils/docker-freebsd/files/patch-daemon_daemon__unix.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-daemon_daemon__unix.go
	@@ -0,0 +1,157 @@
	+--- daemon/daemon_unix.go.orig 2019-06-18 21:30:11 UTC
	++++ daemon/daemon_unix.go
	+@@ -36,7 +36,7 @@ import (
	+ volumemounts "github.com/docker/docker/volume/mounts"
	+ "github.com/docker/libnetwork"
	+ nwconfig "github.com/docker/libnetwork/config"
	+- "github.com/docker/libnetwork/drivers/bridge"
	++ //"github.com/docker/libnetwork/drivers/bridge"
	+ "github.com/docker/libnetwork/netlabel"
	+ "github.com/docker/libnetwork/netutils"
	+ "github.com/docker/libnetwork/options"
	+@@ -910,143 +910,12 @@ func driverOptions(config *config.Config) []nwconfig.O
	+ }
	+
	+ func initBridgeDriver(controller libnetwork.NetworkController, config *config.Config) error {
	+- bridgeName := bridge.DefaultBridgeName
	+- if config.BridgeConfig.Iface != "" {
	+- bridgeName = config.BridgeConfig.Iface
	+- }
	+- netOption := map[string]string{
	+- bridge.BridgeName: bridgeName,
	+- bridge.DefaultBridge: strconv.FormatBool(true),
	+- netlabel.DriverMTU: strconv.Itoa(config.Mtu),
	+- bridge.EnableIPMasquerade: strconv.FormatBool(config.BridgeConfig.EnableIPMasq),
	+- bridge.EnableICC: strconv.FormatBool(config.BridgeConfig.InterContainerCommunication),
	+- }
	+-
	+- // --ip processing
	+- if config.BridgeConfig.DefaultIP != nil {
	+- netOption[bridge.DefaultBindingIP] = config.BridgeConfig.DefaultIP.String()
	+- }
	+-
	+- var (
	+- ipamV4Conf *libnetwork.IpamConf
	+- ipamV6Conf *libnetwork.IpamConf
	+- )
	+-
	+- ipamV4Conf = &libnetwork.IpamConf{AuxAddresses: make(map[string]string)}
	+-
	+- nwList, nw6List, err := netutils.ElectInterfaceAddresses(bridgeName)
	+- if err != nil {
	+- return errors.Wrap(err, "list bridge addresses failed")
	+- }
	+-
	+- nw := nwList[0]
	+- if len(nwList) > 1 && config.BridgeConfig.FixedCIDR != "" {
	+- _, fCIDR, err := net.ParseCIDR(config.BridgeConfig.FixedCIDR)
	+- if err != nil {
	+- return errors.Wrap(err, "parse CIDR failed")
	+- }
	+- // Iterate through in case there are multiple addresses for the bridge
	+- for _, entry := range nwList {
	+- if fCIDR.Contains(entry.IP) {
	+- nw = entry
	+- break
	+- }
	+- }
	+- }
	+-
	+- ipamV4Conf.PreferredPool = lntypes.GetIPNetCanonical(nw).String()
	+- hip, _ := lntypes.GetHostPartIP(nw.IP, nw.Mask)
	+- if hip.IsGlobalUnicast() {
	+- ipamV4Conf.Gateway = nw.IP.String()
	+- }
	+-
	+- if config.BridgeConfig.IP != "" {
	+- ipamV4Conf.PreferredPool = config.BridgeConfig.IP
	+- ip, _, err := net.ParseCIDR(config.BridgeConfig.IP)
	+- if err != nil {
	+- return err
	+- }
	+- ipamV4Conf.Gateway = ip.String()
	+- } else if bridgeName == bridge.DefaultBridgeName && ipamV4Conf.PreferredPool != "" {
	+- logrus.Infof("Default bridge (%s) is assigned with an IP address %s. Daemon option --bip can be used to set a preferred IP address", bridgeName, ipamV4Conf.PreferredPool)
	+- }
	+-
	+- if config.BridgeConfig.FixedCIDR != "" {
	+- _, fCIDR, err := net.ParseCIDR(config.BridgeConfig.FixedCIDR)
	+- if err != nil {
	+- return err
	+- }
	+-
	+- ipamV4Conf.SubPool = fCIDR.String()
	+- }
	+-
	+- if config.BridgeConfig.DefaultGatewayIPv4 != nil {
	+- ipamV4Conf.AuxAddresses["DefaultGatewayIPv4"] = config.BridgeConfig.DefaultGatewayIPv4.String()
	+- }
	+-
	+- var deferIPv6Alloc bool
	+- if config.BridgeConfig.FixedCIDRv6 != "" {
	+- _, fCIDRv6, err := net.ParseCIDR(config.BridgeConfig.FixedCIDRv6)
	+- if err != nil {
	+- return err
	+- }
	+-
	+- // In case user has specified the daemon flag --fixed-cidr-v6 and the passed network has
	+- // at least 48 host bits, we need to guarantee the current behavior where the containers'
	+- // IPv6 addresses will be constructed based on the containers' interface MAC address.
	+- // We do so by telling libnetwork to defer the IPv6 address allocation for the endpoints
	+- // on this network until after the driver has created the endpoint and returned the
	+- // constructed address. Libnetwork will then reserve this address with the ipam driver.
	+- ones, _ := fCIDRv6.Mask.Size()
	+- deferIPv6Alloc = ones <= 80
	+-
	+- if ipamV6Conf == nil {
	+- ipamV6Conf = &libnetwork.IpamConf{AuxAddresses: make(map[string]string)}
	+- }
	+- ipamV6Conf.PreferredPool = fCIDRv6.String()
	+-
	+- // In case the --fixed-cidr-v6 is specified and the current docker0 bridge IPv6
	+- // address belongs to the same network, we need to inform libnetwork about it, so
	+- // that it can be reserved with IPAM and it will not be given away to somebody else
	+- for _, nw6 := range nw6List {
	+- if fCIDRv6.Contains(nw6.IP) {
	+- ipamV6Conf.Gateway = nw6.IP.String()
	+- break
	+- }
	+- }
	+- }
	+-
	+- if config.BridgeConfig.DefaultGatewayIPv6 != nil {
	+- if ipamV6Conf == nil {
	+- ipamV6Conf = &libnetwork.IpamConf{AuxAddresses: make(map[string]string)}
	+- }
	+- ipamV6Conf.AuxAddresses["DefaultGatewayIPv6"] = config.BridgeConfig.DefaultGatewayIPv6.String()
	+- }
	+-
	+- v4Conf := []*libnetwork.IpamConf{ipamV4Conf}
	+- v6Conf := []*libnetwork.IpamConf{}
	+- if ipamV6Conf != nil {
	+- v6Conf = append(v6Conf, ipamV6Conf)
	+- }
	+- // Initialize default network on "bridge" with the same name
	+- _, err = controller.NewNetwork("bridge", "bridge", "",
	+- libnetwork.NetworkOptionEnableIPv6(config.BridgeConfig.EnableIPv6),
	+- libnetwork.NetworkOptionDriverOpts(netOption),
	+- libnetwork.NetworkOptionIpam("default", "", v4Conf, v6Conf, nil),
	+- libnetwork.NetworkOptionDeferIPv6Alloc(deferIPv6Alloc))
	+- if err != nil {
	+- return fmt.Errorf("Error creating default \"bridge\" network: %v", err)
	+- }
	+- return nil
	++ return fmt.Errorf("Bridge network driver not supported on FreeBSD (yet)")
	+ }
	+
	+ // Remove default bridge interface if present (--bridge=none use case)
	+ func removeDefaultBridgeInterface() {
	+- if lnk, err := netlink.LinkByName(bridge.DefaultBridgeName); err == nil {
	+- if err := netlink.LinkDel(lnk); err != nil {
	+- logrus.Warnf("Failed to remove bridge interface (%s): %v", bridge.DefaultBridgeName, err)
	+- }
	+- }
	++ return fmt.Errorf("Bridge network driver not supported on FreeBSD (yet)")
	+ }
	+
	+ func setupInitLayer(idMapping *idtools.IdentityMapping) func(containerfs.ContainerFS) error {
	Index: sysutils/docker-freebsd/files/patch-daemon_graphdriver_driver__freebsd.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-daemon_graphdriver_driver__freebsd.go
	@@ -0,0 +1,67 @@
	+Fix build error on FreeBSD:
	+
	+daemon/graphdriver/driver_freebsd.go:17:38: cannot use &buf (type unix.Statfs_t) as type syscall.Statfs_t in argument to syscall.Statfs
	+
	+--- daemon/graphdriver/driver_freebsd.go.orig 2019-02-26 00:29:56 UTC
	++++ daemon/graphdriver/driver_freebsd.go
	+@@ -1,8 +1,7 @@
	+ package graphdriver // import "github.com/docker/docker/daemon/graphdriver"
	+
	+ import (
	+- "syscall"
	+-
	++ "github.com/docker/docker/pkg/mount"
	+ "golang.org/x/sys/unix"
	+ )
	+
	+@@ -11,10 +10,49 @@ var (
	+ priority = "zfs"
	+ )
	+
	++// GetFSMagic returns the filesystem id given the path.
	++func GetFSMagic(rootpath string) (FsMagic, error) {
	++ var buf unix.Statfs_t
	++ if err := unix.Statfs(rootpath, &buf); err != nil {
	++ return 0, err
	++ }
	++ return FsMagic(buf.Type), nil
	++}
	++
	++// NewFsChecker returns a checker configured for the provided FsMagic
	++func NewFsChecker(t FsMagic) Checker {
	++ return &fsChecker{
	++ t: t,
	++ }
	++}
	++
	++type fsChecker struct {
	++ t FsMagic
	++}
	++
	++func (c *fsChecker) IsMounted(path string) bool {
	++ m, _ := Mounted(c.t, path)
	++ return m
	++}
	++
	++// NewDefaultChecker returns a check that parses /proc/mountinfo to check
	++// if the specified path is mounted.
	++func NewDefaultChecker() Checker {
	++ return &defaultChecker{}
	++}
	++
	++type defaultChecker struct {
	++}
	++
	++func (c *defaultChecker) IsMounted(path string) bool {
	++ m, _ := mount.Mounted(path)
	++ return m
	++}
	++
	+ // Mounted checks if the given path is mounted as the fs type
	+ func Mounted(fsType FsMagic, mountPath string) (bool, error) {
	+ var buf unix.Statfs_t
	+- if err := syscall.Statfs(mountPath, &buf); err != nil {
	++ if err := unix.Statfs(mountPath, &buf); err != nil {
	+ return false, err
	+ }
	+ return FsMagic(buf.Type) == fsType, nil
	Index: sysutils/docker-freebsd/files/patch-libcontainerd_libcontainerd__freebsd.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-libcontainerd_libcontainerd__freebsd.go
	@@ -0,0 +1,19 @@
	+This is a copy from libcontainerd_linux.go
	+
	+--- libcontainerd/libcontainerd_freebsd.go.orig 2019-06-24 09:47:19 UTC
	++++ libcontainerd/libcontainerd_freebsd.go
	+@@ -0,0 +1,14 @@
	++package libcontainerd // import "github.com/docker/docker/libcontainerd"
	++
	++import (
	++ "context"
	++
	++ "github.com/containerd/containerd"
	++ "github.com/docker/docker/libcontainerd/remote"
	++ libcontainerdtypes "github.com/docker/docker/libcontainerd/types"
	++)
	++
	++// NewClient creates a new libcontainerd client from a containerd client
	++func NewClient(ctx context.Context, cli *containerd.Client, stateDir, ns string, b libcontainerdtypes.Backend) (libcontainerdtypes.Client, error) {
	++ return remote.NewClient(ctx, cli, stateDir, ns, b)
	++}
	Index: sysutils/docker-freebsd/files/patch-libcontainerd_remote_client__freebsd.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-libcontainerd_remote_client__freebsd.go
	@@ -0,0 +1,129 @@
	+--- libcontainerd/remote/client_freebsd.go.orig 2019-06-24 18:09:27 UTC
	++++ libcontainerd/remote/client_freebsd.go
	+@@ -0,0 +1,126 @@
	++package remote // import "github.com/docker/docker/libcontainerd/remote"
	++
	++import (
	++ "context"
	++ "fmt"
	++ "os"
	++ "path/filepath"
	++ "strings"
	++
	++ "github.com/containerd/containerd"
	++ "github.com/containerd/containerd/cio"
	++ "github.com/containerd/containerd/containers"
	++ libcontainerdtypes "github.com/docker/docker/libcontainerd/types"
	++ "github.com/docker/docker/pkg/idtools"
	++ "github.com/opencontainers/runtime-spec/specs-go"
	++ "github.com/sirupsen/logrus"
	++)
	++
	++const runtimeName = "io.containerd.runtime.v1.linux"
	++
	++func summaryFromInterface(i interface{}) (*libcontainerdtypes.Summary, error) {
	++ return &libcontainerdtypes.Summary{}, nil
	++}
	++
	++func (c client) UpdateResources(ctx context.Context, containerID string, resources libcontainerdtypes.Resources) error {
	++ p, err := c.getProcess(ctx, containerID, libcontainerdtypes.InitProcessName)
	++ if err != nil {
	++ return err
	++ }
	++
	++ // go doesn't like the alias in 1.8, this means this need to be
	++ // platform specific
	++ return p.(containerd.Task).Update(ctx, containerd.WithResources((*specs.LinuxResources)(resources)))
	++}
	++
	++func hostIDFromMap(id uint32, mp []specs.LinuxIDMapping) int {
	++ for _, m := range mp {
	++ if id >= m.ContainerID && id <= m.ContainerID+m.Size-1 {
	++ return int(m.HostID + id - m.ContainerID)
	++ }
	++ }
	++ return 0
	++}
	++
	++func getSpecUser(ociSpec *specs.Spec) (int, int) {
	++ var (
	++ uid int
	++ gid int
	++ )
	++
	++ for _, ns := range ociSpec.Linux.Namespaces {
	++ if ns.Type == specs.UserNamespace {
	++ uid = hostIDFromMap(0, ociSpec.Linux.UIDMappings)
	++ gid = hostIDFromMap(0, ociSpec.Linux.GIDMappings)
	++ break
	++ }
	++ }
	++
	++ return uid, gid
	++}
	++
	++// WithBundle creates the bundle for the container
	++func WithBundle(bundleDir string, ociSpec *specs.Spec) containerd.NewContainerOpts {
	++ return func(ctx context.Context, client containerd.Client, c containers.Container) error {
	++ if c.Labels == nil {
	++ c.Labels = make(map[string]string)
	++ }
	++ uid, gid := getSpecUser(ociSpec)
	++ if uid == 0 && gid == 0 {
	++ c.Labels[DockerContainerBundlePath] = bundleDir
	++ return idtools.MkdirAllAndChownNew(bundleDir, 0755, idtools.Identity{UID: 0, GID: 0})
	++ }
	++
	++ p := string(filepath.Separator)
	++ components := strings.Split(bundleDir, string(filepath.Separator))
	++ for _, d := range components[1:] {
	++ p = filepath.Join(p, d)
	++ fi, err := os.Stat(p)
	++ if err != nil && !os.IsNotExist(err) {
	++ return err
	++ }
	++ if os.IsNotExist(err) \|\| fi.Mode()&1 == 0 {
	++ p = fmt.Sprintf("%s.%d.%d", p, uid, gid)
	++ if err := idtools.MkdirAndChown(p, 0700, idtools.Identity{UID: uid, GID: gid}); err != nil && !os.IsExist(err) {
	++ return err
	++ }
	++ }
	++ }
	++ if c.Labels == nil {
	++ c.Labels = make(map[string]string)
	++ }
	++ c.Labels[DockerContainerBundlePath] = p
	++ return nil
	++ }
	++}
	++
	++func newFIFOSet(bundleDir, processID string, withStdin, withTerminal bool) *cio.FIFOSet {
	++ config := cio.Config{
	++ Terminal: withTerminal,
	++ Stdout: filepath.Join(bundleDir, processID+"-stdout"),
	++ }
	++ paths := []string{config.Stdout}
	++
	++ if withStdin {
	++ config.Stdin = filepath.Join(bundleDir, processID+"-stdin")
	++ paths = append(paths, config.Stdin)
	++ }
	++ if !withTerminal {
	++ config.Stderr = filepath.Join(bundleDir, processID+"-stderr")
	++ paths = append(paths, config.Stderr)
	++ }
	++ closer := func() error {
	++ for _, path := range paths {
	++ if err := os.RemoveAll(path); err != nil {
	++ logrus.Warnf("libcontainerd: failed to remove fifo %v: %v", path, err)
	++ }
	++ }
	++ return nil
	++ }
	++
	++ return cio.NewFIFOSet(config, closer)
	++}
	++
	++func (c client) newDirectIO(ctx context.Context, fifos cio.FIFOSet) (*cio.DirectIO, error) {
	++ return cio.NewDirectIO(ctx, fifos)
	++}
	Index: sysutils/docker-freebsd/files/patch-libcontainerd_supervisor_remote__daemon__freebsd.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-libcontainerd_supervisor_remote__daemon__freebsd.go
	@@ -0,0 +1,72 @@
	+--- libcontainerd/supervisor/remote_daemon_freebsd.go.orig 2019-06-24 18:36:48 UTC
	++++ libcontainerd/supervisor/remote_daemon_freebsd.go
	+@@ -0,0 +1,69 @@
	++package supervisor // import "github.com/docker/docker/libcontainerd/supervisor"
	++
	++import (
	++ "os"
	++ "path/filepath"
	++ "syscall"
	++ "time"
	++
	++ "github.com/containerd/containerd/defaults"
	++ "github.com/docker/docker/pkg/system"
	++)
	++
	++const (
	++ sockFile = "containerd.sock"
	++ debugSockFile = "containerd-debug.sock"
	++)
	++
	++func (r *remote) setDefaults() {
	++ if r.GRPC.Address == "" {
	++ r.GRPC.Address = filepath.Join(r.stateDir, sockFile)
	++ }
	++ if r.GRPC.MaxRecvMsgSize == 0 {
	++ r.GRPC.MaxRecvMsgSize = defaults.DefaultMaxRecvMsgSize
	++ }
	++ if r.GRPC.MaxSendMsgSize == 0 {
	++ r.GRPC.MaxSendMsgSize = defaults.DefaultMaxSendMsgSize
	++ }
	++ if r.Debug.Address == "" {
	++ r.Debug.Address = filepath.Join(r.stateDir, debugSockFile)
	++ }
	++ if r.OOMScore == 0 {
	++ r.OOMScore = -999
	++ }
	++
	++ for key, conf := range r.pluginConfs.Plugins {
	++ if conf == nil {
	++ r.DisabledPlugins = append(r.DisabledPlugins, key)
	++ delete(r.pluginConfs.Plugins, key)
	++ }
	++ }
	++}
	++
	++func (r *remote) stopDaemon() {
	++ // Ask the daemon to quit
	++ syscall.Kill(r.daemonPid, syscall.SIGTERM)
	++ // Wait up to 15secs for it to stop
	++ for i := time.Duration(0); i < shutdownTimeout; i += time.Second {
	++ if !system.IsProcessAlive(r.daemonPid) {
	++ break
	++ }
	++ time.Sleep(time.Second)
	++ }
	++
	++ if system.IsProcessAlive(r.daemonPid) {
	++ r.logger.WithField("pid", r.daemonPid).Warn("daemon didn't stop within 15 secs, killing it")
	++ syscall.Kill(r.daemonPid, syscall.SIGKILL)
	++ }
	++}
	++
	++func (r *remote) killDaemon() {
	++ // Try to get a stack trace
	++ syscall.Kill(r.daemonPid, syscall.SIGUSR1)
	++ <-time.After(100 * time.Millisecond)
	++ system.KillProcess(r.daemonPid)
	++}
	++
	++func (r *remote) platformCleanup() {
	++ os.Remove(filepath.Join(r.stateDir, sockFile))
	++}
	Index: sysutils/docker-freebsd/files/patch-libcontainerd_supervisor_utils__freebsd.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-libcontainerd_supervisor_utils__freebsd.go
	@@ -0,0 +1,14 @@
	+--- libcontainerd/supervisor/utils_freebsd.go.orig 2019-06-24 18:38:41 UTC
	++++ libcontainerd/supervisor/utils_freebsd.go
	+@@ -0,0 +1,11 @@
	++package supervisor // import "github.com/docker/docker/libcontainerd/supervisor"
	++
	++import "syscall"
	++
	++// containerdSysProcAttr returns the SysProcAttr to use when exec'ing
	++// containerd
	++func containerdSysProcAttr() *syscall.SysProcAttr {
	++ return &syscall.SysProcAttr{
	++ Setsid: true,
	++ }
	++}
	Index: sysutils/docker-freebsd/files/patch-libcontainerd_types_types__freebsd.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-libcontainerd_types_types__freebsd.go
	@@ -0,0 +1,27 @@
	+--- libcontainerd/types/types_freebsd.go.orig 2019-06-24 11:36:48 UTC
	++++ libcontainerd/types/types_freebsd.go
	+@@ -0,0 +1,24 @@
	++package types // import "github.com/docker/docker/libcontainerd/types"
	++
	++import (
	++ "time"
	++
	++ "github.com/opencontainers/runtime-spec/specs-go"
	++)
	++
	++// Summary is not used on FreeBSD
	++type Summary struct{}
	++
	++// Stats holds metrics properties as returned by containerd
	++type Stats struct {}
	++
	++// InterfaceToStats returns a stats object from the platform-specific interface.
	++func InterfaceToStats(read time.Time, v interface{}) *Stats {
	++ return &Stats{}
	++}
	++
	++// Resources defines updatable container resource values. TODO: it must match containerd upcoming API
	++type Resources specs.LinuxResources
	++
	++// Checkpoints contains the details of a checkpoint
	++type Checkpoints struct{}
	Index: sysutils/docker-freebsd/files/patch-pkg_archive_archive__unix.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-pkg_archive_archive__unix.go
	@@ -0,0 +1,11 @@
	+--- pkg/archive/archive_unix.go.orig 2019-06-24 10:21:29 UTC
	++++ pkg/archive/archive_unix.go
	+@@ -96,7 +96,7 @@ func handleTarTypeBlockCharFifo(hdr *tar.Header, path
	+ mode \|= unix.S_IFIFO
	+ }
	+
	+- return system.Mknod(path, mode, int(system.Mkdev(hdr.Devmajor, hdr.Devminor)))
	++ return system.Mknod(path, mode, uint64(system.Mkdev(hdr.Devmajor, hdr.Devminor)))
	+ }
	+
	+ func handleLChmod(hdr *tar.Header, path string, hdrInfo os.FileInfo) error {
	Index: sysutils/docker-freebsd/files/patch-pkg_archive_changes__unix.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-pkg_archive_changes__unix.go
	@@ -0,0 +1,11 @@
	+--- pkg/archive/changes_unix.go.orig 2019-06-18 21:30:11 UTC
	++++ pkg/archive/changes_unix.go
	+@@ -35,7 +35,7 @@ func (info *FileInfo) isDir() bool {
	+ }
	+
	+ func getIno(fi os.FileInfo) uint64 {
	+- return fi.Sys().(*syscall.Stat_t).Ino
	++ return uint64(fi.Sys().(*syscall.Stat_t).Ino)
	+ }
	+
	+ func hasHardlinks(fi os.FileInfo) bool {
	Index: sysutils/docker-freebsd/files/patch-pkg_chrootarchive_chroot__unix.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-pkg_chrootarchive_chroot__unix.go
	@@ -0,0 +1,11 @@
	+--- pkg/chrootarchive/chroot_unix.go.orig 2019-08-22 20:57:25 UTC
	++++ pkg/chrootarchive/chroot_unix.go
	+@@ -14,3 +14,8 @@ func chroot(path string) error {
	+ func realChroot(path string) error {
	+ return chroot(path)
	+ }
	++
	++
	++func realChroot(path string) error {
	++ return chroot(path)
	++}
	Index: sysutils/docker-freebsd/files/patch-pkg_mount_mountinfo__freebsd.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-pkg_mount_mountinfo__freebsd.go
	@@ -0,0 +1,11 @@
	+--- pkg/mount/mountinfo_freebsd.go.orig 2019-02-06 23:39:49 UTC
	++++ pkg/mount/mountinfo_freebsd.go
	+@@ -37,7 +37,7 @@ func parseMountTable(filter FilterFunc) ([]*Info, erro
	+
	+ if filter != nil {
	+ // filter out entries we're not interested in
	+- skip, stop = filter(p)
	++ skip, stop = filter(&mountinfo)
	+ if skip {
	+ continue
	+ }
	Index: sysutils/docker-freebsd/files/patch-pkg_system_meminfo__unsupported.go
	===================================================================
	--- sysutils/docker-freebsd/files/patch-pkg_system_meminfo__unsupported.go
	+++ /dev/null
	@@ -1,9 +0,0 @@
	---- pkg/system/meminfo_unsupported.go.orig 2015-06-08 13:34:30 UTC
	-+++ pkg/system/meminfo_unsupported.go
	-@@ -3,5 +3,5 @@
	- package system
	-
	- func ReadMemInfo() (*MemInfo, error) {
	-- return nil, ErrNotSupportedPlatform
	-+ return &MemInfo{}, ErrNotSupportedPlatform
	- }
	Index: sysutils/docker-freebsd/files/patch-pkg_system_mknod.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-pkg_system_mknod.go
	@@ -0,0 +1,11 @@
	+--- pkg/system/mknod.go.orig 2019-06-18 21:30:11 UTC
	++++ pkg/system/mknod.go
	+@@ -8,7 +8,7 @@ import (
	+
	+ // Mknod creates a filesystem node (file, device special file or named pipe) named path
	+ // with attributes specified by mode and dev.
	+-func Mknod(path string, mode uint32, dev int) error {
	++func Mknod(path string, mode uint32, dev uint64) error {
	+ return unix.Mknod(path, mode, dev)
	+ }
	+
	Index: sysutils/docker-freebsd/files/patch-plugin_manager__freebsd.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-plugin_manager__freebsd.go
	@@ -0,0 +1,33 @@
	+Fix build on FreeBSD by copying Windows stub
	+
	+--- plugin/manager_freebsd.go.orig 2019-03-08 09:00:07 UTC
	++++ plugin/manager_freebsd.go
	+@@ -0,0 +1,28 @@
	++package plugin // import "github.com/docker/docker/plugin"
	++
	++import (
	++ "fmt"
	++
	++ "github.com/docker/docker/plugin/v2"
	++ specs "github.com/opencontainers/runtime-spec/specs-go"
	++)
	++
	++func (pm Manager) enable(p v2.Plugin, c *controller, force bool) error {
	++ return fmt.Errorf("Not implemented")
	++}
	++
	++func (pm Manager) initSpec(p v2.Plugin) (*specs.Spec, error) {
	++ return nil, fmt.Errorf("Not implemented")
	++}
	++
	++func (pm Manager) disable(p v2.Plugin, c *controller) error {
	++ return fmt.Errorf("Not implemented")
	++}
	++
	++func (pm Manager) restore(p v2.Plugin, c *controller) error {
	++ return fmt.Errorf("Not implemented")
	++}
	++
	++// Shutdown plugins
	++func (pm *Manager) Shutdown() {
	++}
	Index: sysutils/docker-freebsd/files/patch-runconfig_config.go
	===================================================================
	--- sysutils/docker-freebsd/files/patch-runconfig_config.go
	+++ /dev/null
	@@ -1,21 +0,0 @@
	---- runconfig/config.go.orig 2015-06-08 13:34:30 UTC
	-+++ runconfig/config.go
	-@@ -132,15 +132,15 @@ type Config struct {
	-
	- type ContainerConfigWrapper struct {
	- *Config
	-- *hostConfigWrapper
	-+ *HostConfigWrapper
	- }
	-
	- func (c ContainerConfigWrapper) HostConfig() *HostConfig {
	-- if c.hostConfigWrapper == nil {
	-+ if c.HostConfigWrapper == nil {
	- return new(HostConfig)
	- }
	-
	-- return c.hostConfigWrapper.GetHostConfig()
	-+ return c.HostConfigWrapper.GetHostConfig()
	- }
	-
	- func DecodeContainerConfig(src io.Reader) (Config, HostConfig, error) {
	Index: sysutils/docker-freebsd/files/patch-runconfig_hostconfig.go
	===================================================================
	--- sysutils/docker-freebsd/files/patch-runconfig_hostconfig.go
	+++ /dev/null
	@@ -1,33 +0,0 @@
	---- runconfig/hostconfig.go.orig 2015-06-08 13:34:30 UTC
	-+++ runconfig/hostconfig.go
	-@@ -234,18 +234,18 @@ type HostConfig struct {
	- func MergeConfigs(config Config, hostConfig HostConfig) *ContainerConfigWrapper {
	- return &ContainerConfigWrapper{
	- config,
	-- &hostConfigWrapper{InnerHostConfig: hostConfig},
	-+ &HostConfigWrapper{InnerHostConfig: hostConfig},
	- }
	- }
	-
	--type hostConfigWrapper struct {
	-+type HostConfigWrapper struct {
	- InnerHostConfig *HostConfig `json:"HostConfig,omitempty"`
	- Cpuset string `json:",omitempty"` // Deprecated. Exported for backwards compatibility.
	-
	- *HostConfig // Deprecated. Exported to read attrubutes from json that are not in the inner host config structure.
	- }
	-
	--func (w hostConfigWrapper) GetHostConfig() *HostConfig {
	-+func (w HostConfigWrapper) GetHostConfig() *HostConfig {
	- hc := w.HostConfig
	-
	- if hc == nil && w.InnerHostConfig != nil {
	-@@ -274,7 +274,7 @@ func (w hostConfigWrapper) GetHostConfig
	- func DecodeHostConfig(src io.Reader) (*HostConfig, error) {
	- decoder := json.NewDecoder(src)
	-
	-- var w hostConfigWrapper
	-+ var w HostConfigWrapper
	- if err := decoder.Decode(&w); err != nil {
	- return nil, err
	- }
	Index: sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_containerd_archive_tar__unix.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_containerd_archive_tar__unix.go
	@@ -0,0 +1,11 @@
	+--- vendor/github.com/containerd/containerd/archive/tar_unix.go.orig 2019-06-18 21:30:11 UTC
	++++ vendor/github.com/containerd/containerd/archive/tar_unix.go
	+@@ -122,7 +122,7 @@ func handleTarTypeBlockCharFifo(hdr *tar.Header, path
	+ mode \|= unix.S_IFIFO
	+ }
	+
	+- return unix.Mknod(path, mode, int(unix.Mkdev(uint32(hdr.Devmajor), uint32(hdr.Devminor))))
	++ return unix.Mknod(path, mode, unix.Mkdev(uint32(hdr.Devmajor), uint32(hdr.Devminor)))
	+ }
	+
	+ func handleLChmod(hdr *tar.Header, path string, hdrInfo os.FileInfo) error {
	Index: sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_containerd_runtime_v1_linux_bundle.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_containerd_runtime_v1_linux_bundle.go
	@@ -0,0 +1,8 @@
	+--- vendor/github.com/containerd/containerd/runtime/v1/linux/bundle.go.orig 2019-02-26 21:02:47 UTC
	++++ vendor/github.com/containerd/containerd/runtime/v1/linux/bundle.go
	+@@ -1,4 +1,4 @@
	+-// +build linux
	++// +build linux freebsd
	+
	+ /*
	+ Copyright The containerd Authors.
	Index: sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_containerd_runtime_v1_linux_process.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_containerd_runtime_v1_linux_process.go
	@@ -0,0 +1,8 @@
	+--- vendor/github.com/containerd/containerd/runtime/v1/linux/process.go.orig 2019-02-06 23:39:49 UTC
	++++ vendor/github.com/containerd/containerd/runtime/v1/linux/process.go
	+@@ -1,4 +1,4 @@
	+-// +build linux
	++// +build linux freebsd
	+
	+ /*
	+ Copyright The containerd Authors.
	Index: sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_containerd_runtime_v1_linux_runtime.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_containerd_runtime_v1_linux_runtime.go
	@@ -0,0 +1,8 @@
	+--- vendor/github.com/containerd/containerd/runtime/v1/linux/runtime.go.orig 2019-02-06 23:39:49 UTC
	++++ vendor/github.com/containerd/containerd/runtime/v1/linux/runtime.go
	+@@ -1,4 +1,4 @@
	+-// +build linux
	++// +build linux freebsd
	+
	+ /*
	+ Copyright The containerd Authors.
	Index: sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_containerd_runtime_v1_linux_task.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_containerd_runtime_v1_linux_task.go
	@@ -0,0 +1,8 @@
	+--- vendor/github.com/containerd/containerd/runtime/v1/linux/task.go.orig 2019-02-06 23:39:49 UTC
	++++ vendor/github.com/containerd/containerd/runtime/v1/linux/task.go
	+@@ -1,4 +1,4 @@
	+-// +build linux
	++// +build linux freebsd
	+
	+ /*
	+ Copyright The containerd Authors.
	Index: sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_continuity_devices_devices__unix.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_continuity_devices_devices__unix.go
	@@ -0,0 +1,11 @@
	+--- vendor/github.com/containerd/continuity/devices/devices_unix.go.orig 2019-06-18 21:30:11 UTC
	++++ vendor/github.com/containerd/continuity/devices/devices_unix.go
	+@@ -55,7 +55,7 @@ func Mknod(p string, mode os.FileMode, maj, min int) e
	+ m \|= unix.S_IFIFO
	+ }
	+
	+- return unix.Mknod(p, m, int(dev))
	++ return unix.Mknod(p, m, dev)
	+ }
	+
	+ // syscallMode returns the syscall-specific mode bits from Go's portable mode bits.
	Index: sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_continuity_fs_copy__unix.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-vendor_github.com_containerd_continuity_fs_copy__unix.go
	@@ -0,0 +1,9 @@
	+--- vendor/github.com/containerd/continuity/fs/copy_unix.go.orig 2019-06-18 21:30:11 UTC
	++++ vendor/github.com/containerd/continuity/fs/copy_unix.go
	+@@ -108,5 +108,5 @@ func copyDevice(dst string, fi os.FileInfo) error {
	+ if !ok {
	+ return errors.New("unsupported stat type")
	+ }
	+- return unix.Mknod(dst, uint32(fi.Mode()), int(st.Rdev))
	++ return unix.Mknod(dst, uint32(fi.Mode()), st.Rdev)
	+ }
	Index: sysutils/docker-freebsd/files/patch-vendor_github.com_docker_libnetwork_ns_init__freebsd.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-vendor_github.com_docker_libnetwork_ns_init__freebsd.go
	@@ -0,0 +1,4 @@
	+--- vendor/github.com/docker/libnetwork/ns/init_freebsd.go.orig 2019-02-26 20:59:24 UTC
	++++ vendor/github.com/docker/libnetwork/ns/init_freebsd.go
	+@@ -0,0 +1 @@
	++package ns
	Index: sysutils/docker-freebsd/files/patch-vendor_github.com_docker_libnetwork_portmapper_mapper__freebsd.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-vendor_github.com_docker_libnetwork_portmapper_mapper__freebsd.go
	@@ -0,0 +1,34 @@
	+--- vendor/github.com/docker/libnetwork/portmapper/mapper_freebsd.go.orig 2019-06-24 18:33:51 UTC
	++++ vendor/github.com/docker/libnetwork/portmapper/mapper_freebsd.go
	+@@ -0,0 +1,31 @@
	++package portmapper
	++
	++import (
	++ "net"
	++ "sync"
	++
	++ "github.com/docker/libnetwork/portallocator"
	++)
	++
	++// PortMapper manages the network address translation
	++type PortMapper struct {
	++ bridgeName string
	++
	++ // udp:ip:port
	++ currentMappings map[string]*mapping
	++ lock sync.Mutex
	++
	++ proxyPath string
	++
	++ Allocator *portallocator.PortAllocator
	++}
	++
	++// AppendForwardingTableEntry adds a port mapping to the forwarding table
	++func (pm *PortMapper) AppendForwardingTableEntry(proto string, sourceIP net.IP, sourcePort int, containerIP string, containerPort int) error {
	++ return nil
	++}
	++
	++// DeleteForwardingTableEntry removes a port mapping from the forwarding table
	++func (pm *PortMapper) DeleteForwardingTableEntry(proto string, sourceIP net.IP, sourcePort int, containerIP string, containerPort int) error {
	++ return nil
	++}
	Index: sysutils/docker-freebsd/files/patch-vendor_github.com_docker_libnetwork_portmapper_proxy__freebsd.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-vendor_github.com_docker_libnetwork_portmapper_proxy__freebsd.go
	@@ -0,0 +1,41 @@
	+--- vendor/github.com/docker/libnetwork/portmapper/proxy_freebsd.go.orig 2019-06-24 18:17:46 UTC
	++++ vendor/github.com/docker/libnetwork/portmapper/proxy_freebsd.go
	+@@ -0,0 +1,38 @@
	++package portmapper
	++
	++import (
	++ "net"
	++ "os/exec"
	++ "strconv"
	++ "syscall"
	++)
	++
	++func newProxyCommand(proto string, hostIP net.IP, hostPort int, containerIP net.IP, containerPort int, proxyPath string) (userlandProxy, error) {
	++ path := proxyPath
	++ if proxyPath == "" {
	++ cmd, err := exec.LookPath(userlandProxyCommandName)
	++ if err != nil {
	++ return nil, err
	++ }
	++ path = cmd
	++ }
	++
	++ args := []string{
	++ path,
	++ "-proto", proto,
	++ "-host-ip", hostIP.String(),
	++ "-host-port", strconv.Itoa(hostPort),
	++ "-container-ip", containerIP.String(),
	++ "-container-port", strconv.Itoa(containerPort),
	++ }
	++
	++ return &proxyCommand{
	++ cmd: &exec.Cmd{
	++ Path: path,
	++ Args: args,
	++ SysProcAttr: &syscall.SysProcAttr{
	++ Pdeathsig: syscall.SIGTERM, // send a sigterm to the proxy if the daemon process dies
	++ },
	++ },
	++ }, nil
	++}
	Index: sysutils/docker-freebsd/files/patch-vendor_github.com_docker_libnetwork_resolver__freebsd.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-vendor_github.com_docker_libnetwork_resolver__freebsd.go
	@@ -0,0 +1,15 @@
	+--- vendor/github.com/docker/libnetwork/resolver_freebsd.go.orig 2019-06-24 19:16:48 UTC
	++++ vendor/github.com/docker/libnetwork/resolver_freebsd.go
	+@@ -0,0 +1,12 @@
	++package libnetwork
	++
	++import (
	++ "fmt"
	++)
	++
	++func init() {
	++}
	++
	++func (r *resolver) setupIPTable() error {
	++ return fmt.Errorf("IPTables not supported on FreeBSD")
	++}
	Index: sysutils/docker-freebsd/files/patch-vendor_github.com_docker_libnetwork_resolver__unix.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-vendor_github.com_docker_libnetwork_resolver__unix.go
	@@ -0,0 +1,8 @@
	+--- vendor/github.com/docker/libnetwork/resolver_unix.go.orig 2019-06-18 21:30:11 UTC
	++++ vendor/github.com/docker/libnetwork/resolver_unix.go
	+@@ -1,4 +1,4 @@
	+-// +build !windows
	++// +build !freebsd
	+
	+ package libnetwork
	+
	Index: sysutils/docker-freebsd/files/patch-vendor_github.com_docker_swarmkit_manager_allocator_cnmallocator_drivers__unsupported.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-vendor_github.com_docker_swarmkit_manager_allocator_cnmallocator_drivers__unsupported.go
	@@ -0,0 +1,15 @@
	+Fix build error on FreeBSD
	+
	+swarmkit/manager/allocator/cnmallocator/drivers_unsupported.go:9:7: const initializer cannot be nil
	+
	+--- vendor/github.com/docker/swarmkit/manager/allocator/cnmallocator/drivers_unsupported.go.orig 2019-03-08 08:00:27 UTC
	++++ vendor/github.com/docker/swarmkit/manager/allocator/cnmallocator/drivers_unsupported.go
	+@@ -6,7 +6,7 @@ import (
	+ "github.com/docker/swarmkit/manager/allocator/networkallocator"
	+ )
	+
	+-const initializers = nil
	++var initializers = []initializer{}
	+
	+ // PredefinedNetworks returns the list of predefined network structures
	+ func PredefinedNetworks() []networkallocator.PredefinedNetworkData {
	Index: sysutils/docker-freebsd/files/patch-vendor_github.com_docker_swarmkit_node_node.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-vendor_github.com_docker_swarmkit_node_node.go
	@@ -0,0 +1,23 @@
	+--- vendor/github.com/docker/swarmkit/node/node.go.orig 2019-06-18 21:30:11 UTC
	++++ vendor/github.com/docker/swarmkit/node/node.go
	+@@ -20,7 +20,6 @@ import (
	+
	+ "github.com/docker/docker/pkg/plugingetter"
	+ "github.com/docker/go-metrics"
	+- "github.com/docker/libnetwork/drivers/overlay/overlayutils"
	+ "github.com/docker/swarmkit/agent"
	+ "github.com/docker/swarmkit/agent/exec"
	+ "github.com/docker/swarmkit/api"
	+@@ -273,11 +272,7 @@ func (n *Node) currentRole() api.NodeRole {
	+
	+ // configVXLANUDPPort sets vxlan port in libnetwork
	+ func configVXLANUDPPort(ctx context.Context, vxlanUDPPort uint32) {
	+- if err := overlayutils.ConfigVXLANUDPPort(vxlanUDPPort); err != nil {
	+- log.G(ctx).WithError(err).Error("failed to configure VXLAN UDP port")
	+- return
	+- }
	+- logrus.Infof("initialized VXLAN UDP port to %d ", vxlanUDPPort)
	++ logrus.Infof("VXLAN UDP not supported on FreeBSD")
	+ }
	+
	+ func (n *Node) run(ctx context.Context) (err error) {
	Index: sysutils/docker-freebsd/files/patch-vendor_github.com_godbus_dbus_transport__freebsd.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-vendor_github.com_godbus_dbus_transport__freebsd.go
	@@ -0,0 +1,9 @@
	+--- vendor/github.com/godbus/dbus/transport_freebsd.go.orig 2019-02-26 21:19:13 UTC
	++++ vendor/github.com/godbus/dbus/transport_freebsd.go
	+@@ -0,0 +1,6 @@
	++package dbus
	++
	++func (t *unixTransport) SendNullByte() error {
	++ _, err := t.Write([]byte{0})
	++ return err
	++}
	Index: sysutils/docker-freebsd/files/patch-vendor_github.com_moby_buildkit_executor_oci_spec__unix.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-vendor_github.com_moby_buildkit_executor_oci_spec__unix.go
	@@ -0,0 +1,20 @@
	+--- vendor/github.com/moby/buildkit/executor/oci/spec_unix.go.orig 2019-08-22 20:57:25 UTC
	++++ vendor/github.com/moby/buildkit/executor/oci/spec_unix.go
	+@@ -8,7 +8,6 @@ import (
	+ "sync"
	+
	+ "github.com/containerd/containerd/containers"
	+- "github.com/containerd/containerd/contrib/seccomp"
	+ "github.com/containerd/containerd/mount"
	+ "github.com/containerd/containerd/namespaces"
	+ "github.com/containerd/containerd/oci"
	+@@ -40,7 +39,8 @@ func GenerateSpec(ctx context.Context, meta executor.M
	+ if meta.SecurityMode == pb.SecurityMode_INSECURE {
	+ opts = append(opts, entitlements.WithInsecureSpec())
	+ } else if system.SeccompSupported() && meta.SecurityMode == pb.SecurityMode_SANDBOX {
	+- opts = append(opts, seccomp.WithDefaultProfile())
	++ // TODO
	++ return nil, nil, errors.New("TODO Seccomp Sandbox not supported on FreeBSD")
	+ }
	+
	+ switch processMode {
	Index: sysutils/docker-freebsd/files/patch-vendor_github.com_moby_buildkit_executor_runcexecutor_executor.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-vendor_github.com_moby_buildkit_executor_runcexecutor_executor.go
	@@ -0,0 +1,21 @@
	+--- vendor/github.com/moby/buildkit/executor/runcexecutor/executor.go.orig 2019-08-22 20:57:25 UTC
	++++ vendor/github.com/moby/buildkit/executor/runcexecutor/executor.go
	+@@ -22,7 +22,6 @@ import (
	+ "github.com/moby/buildkit/identity"
	+ "github.com/moby/buildkit/solver/pb"
	+ "github.com/moby/buildkit/util/network"
	+- rootlessspecconv "github.com/moby/buildkit/util/rootless/specconv"
	+ "github.com/pkg/errors"
	+ "github.com/sirupsen/logrus"
	+ )
	+@@ -246,9 +245,7 @@ func (w *runcExecutor) Exec(ctx context.Context, meta
	+
	+ spec.Process.OOMScoreAdj = w.oomScoreAdj
	+ if w.rootless {
	+- if err := rootlessspecconv.ToRootless(spec); err != nil {
	+- return err
	+- }
	++ return errors.New("TODO: Rootless not implemented in FreeBSD!")
	+ }
	+
	+ if err := json.NewEncoder(f).Encode(spec); err != nil {
	Index: sysutils/docker-freebsd/files/patch-vendor_github.com_moby_buildkit_snapshot_localmounter__freebsd.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-vendor_github.com_moby_buildkit_snapshot_localmounter__freebsd.go
	@@ -0,0 +1,29 @@
	+--- vendor/github.com/moby/buildkit/snapshot/localmounter_freebsd.go.orig 2019-03-06 19:37:34 UTC
	++++ vendor/github.com/moby/buildkit/snapshot/localmounter_freebsd.go
	+@@ -0,0 +1,26 @@
	++package snapshot
	++
	++import (
	++ "os"
	++
	++ "github.com/containerd/containerd/mount"
	++)
	++
	++func (lm *localMounter) Unmount() error {
	++ lm.mu.Lock()
	++ defer lm.mu.Unlock()
	++
	++ if lm.target != "" {
	++ if err := mount.Unmount(lm.target, 0); err != nil {
	++ return err
	++ }
	++ os.RemoveAll(lm.target)
	++ lm.target = ""
	++ }
	++
	++ if lm.mountable != nil {
	++ return lm.mountable.Release()
	++ }
	++
	++ return nil
	++}
	Index: sysutils/docker-freebsd/files/patch-vendor_github.com_moby_buildkit_snapshot_localmounter__unix.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-vendor_github.com_moby_buildkit_snapshot_localmounter__unix.go
	@@ -0,0 +1,8 @@
	+--- vendor/github.com/moby/buildkit/snapshot/localmounter_unix.go.orig 2019-02-26 00:29:56 UTC
	++++ vendor/github.com/moby/buildkit/snapshot/localmounter_unix.go
	+@@ -1,4 +1,4 @@
	+-// +build !windows
	++// +build !windows,!freebsd
	+
	+ package snapshot
	+
	Index: sysutils/docker-freebsd/files/patch-vendor_github.com_moby_buildkit_util_entitlements_security__freebsd.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-vendor_github.com_moby_buildkit_util_entitlements_security__freebsd.go
	@@ -0,0 +1,70 @@
	+--- vendor/github.com/moby/buildkit/util/entitlements/security_freebsd.go.orig 2019-06-24 18:24:33 UTC
	++++ vendor/github.com/moby/buildkit/util/entitlements/security_freebsd.go
	+@@ -0,0 +1,67 @@
	++package entitlements
	++
	++import (
	++ "context"
	++
	++ "github.com/containerd/containerd/containers"
	++ "github.com/containerd/containerd/oci"
	++ specs "github.com/opencontainers/runtime-spec/specs-go"
	++)
	++
	++// WithInsecureSpec sets spec with All capability.
	++func WithInsecureSpec() oci.SpecOpts {
	++ return func(_ context.Context, _ oci.Client, _ containers.Container, s specs.Spec) error {
	++ addCaps := []string{
	++ "CAP_FSETID",
	++ "CAP_KILL",
	++ "CAP_FOWNER",
	++ "CAP_MKNOD",
	++ "CAP_CHOWN",
	++ "CAP_DAC_OVERRIDE",
	++ "CAP_NET_RAW",
	++ "CAP_SETGID",
	++ "CAP_SETUID",
	++ "CAP_SETPCAP",
	++ "CAP_SETFCAP",
	++ "CAP_NET_BIND_SERVICE",
	++ "CAP_SYS_CHROOT",
	++ "CAP_AUDIT_WRITE",
	++ "CAP_MAC_ADMIN",
	++ "CAP_MAC_OVERRIDE",
	++ "CAP_DAC_READ_SEARCH",
	++ "CAP_SYS_PTRACE",
	++ "CAP_SYS_MODULE",
	++ "CAP_SYSLOG",
	++ "CAP_SYS_RAWIO",
	++ "CAP_SYS_ADMIN",
	++ "CAP_LINUX_IMMUTABLE",
	++ "CAP_SYS_BOOT",
	++ "CAP_SYS_NICE",
	++ "CAP_SYS_PACCT",
	++ "CAP_SYS_TTY_CONFIG",
	++ "CAP_SYS_TIME",
	++ "CAP_WAKE_ALARM",
	++ "CAP_AUDIT_READ",
	++ "CAP_AUDIT_CONTROL",
	++ "CAP_SYS_RESOURCE",
	++ "CAP_BLOCK_SUSPEND",
	++ "CAP_IPC_LOCK",
	++ "CAP_IPC_OWNER",
	++ "CAP_LEASE",
	++ "CAP_NET_ADMIN",
	++ "CAP_NET_BROADCAST",
	++ }
	++ for _, cap := range addCaps {
	++ s.Process.Capabilities.Bounding = append(s.Process.Capabilities.Bounding, cap)
	++ s.Process.Capabilities.Ambient = append(s.Process.Capabilities.Ambient, cap)
	++ s.Process.Capabilities.Effective = append(s.Process.Capabilities.Effective, cap)
	++ s.Process.Capabilities.Inheritable = append(s.Process.Capabilities.Inheritable, cap)
	++ s.Process.Capabilities.Permitted = append(s.Process.Capabilities.Permitted, cap)
	++ }
	++ s.Linux.ReadonlyPaths = []string{}
	++ s.Linux.MaskedPaths = []string{}
	++ s.Process.ApparmorProfile = ""
	++
	++ return nil
	++ }
	++}
	Index: sysutils/docker-freebsd/files/patch-vendor_github.com_tonistiigi_fsutil_copy_copy__unix.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-vendor_github.com_tonistiigi_fsutil_copy_copy__unix.go
	@@ -0,0 +1,9 @@
	+--- vendor/github.com/tonistiigi/fsutil/copy/copy_unix.go.orig 2019-06-18 21:30:11 UTC
	++++ vendor/github.com/tonistiigi/fsutil/copy/copy_unix.go
	+@@ -64,5 +64,5 @@ func copyDevice(dst string, fi os.FileInfo) error {
	+ if !ok {
	+ return errors.New("unsupported stat type")
	+ }
	+- return unix.Mknod(dst, uint32(fi.Mode()), int(st.Rdev))
	++ return unix.Mknod(dst, uint32(fi.Mode()), st.Rdev)
	+ }
	Index: sysutils/docker-freebsd/files/patch-vendor_github.com_tonistiigi_fsutil_diskwriter__unix.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-vendor_github.com_tonistiigi_fsutil_diskwriter__unix.go
	@@ -0,0 +1,11 @@
	+--- vendor/github.com/tonistiigi/fsutil/diskwriter_unix.go.orig 2019-02-26 00:29:56 UTC
	++++ vendor/github.com/tonistiigi/fsutil/diskwriter_unix.go
	+@@ -45,7 +45,7 @@ func handleTarTypeBlockCharFifo(path string, stat *typ
	+ mode \|= syscall.S_IFBLK
	+ }
	+
	+- if err := syscall.Mknod(path, mode, int(mkdev(stat.Devmajor, stat.Devminor))); err != nil {
	++ if err := syscall.Mknod(path, mode, uint64(mkdev(stat.Devmajor, stat.Devminor))); err != nil {
	+ return err
	+ }
	+ return nil
	Index: sysutils/docker-freebsd/files/patch-vendor_github.com_tonistiigi_fsutil_stat__unix.go
	===================================================================
	--- /dev/null
	+++ sysutils/docker-freebsd/files/patch-vendor_github.com_tonistiigi_fsutil_stat__unix.go
	@@ -0,0 +1,11 @@
	+--- vendor/github.com/tonistiigi/fsutil/stat_unix.go.orig 2019-06-18 21:30:11 UTC
	++++ vendor/github.com/tonistiigi/fsutil/stat_unix.go
	+@@ -45,7 +45,7 @@ func setUnixOpt(fi os.FileInfo, stat *types.Stat, path
	+ stat.Devminor = int64(minor(uint64(s.Rdev)))
	+ }
	+
	+- ino := s.Ino
	++ ino := uint64(s.Ino)
	+ linked := false
	+ if seenFiles != nil {
	+ if s.Nlink > 1 {
	Index: sysutils/docker-freebsd/pkg-descr
	===================================================================
	--- sysutils/docker-freebsd/pkg-descr
	+++ sysutils/docker-freebsd/pkg-descr
	@@ -1,12 +1,4 @@
	-Docker is an open source project to pack, ship and run any
	-application as a lightweight container.
	+Moby is an open-source project created by Docker to enable and accelerate
	+software containerization.

	-Docker containers are both hardware-agnostic and platform-agnostic.
	-This means they can run anywhere, from your laptop to the largest
	-EC2 compute instance and everything in between - and they don't
	-require you to use a particular language, framework or packaging
	-system. That makes them great building blocks for deploying and
	-scaling web apps, databases, and backend services without depending
	-on a particular stack or provider.
	-
	-WWW: https://github.com/kvasdopil/docker
	+WWW: https://github.com/docker/engine
	Index: sysutils/docker-freebsd/pkg-message
	===================================================================
	--- sysutils/docker-freebsd/pkg-message
	+++ /dev/null
	@@ -1,26 +0,0 @@
	-[
	-{ type: install
	- message: <<EOM
	-Docker requires a bit of setup before usage.
	-
	-You will need to create a ZFS dataset on /usr/docker
	-
	-# zfs create -o mountpoint=/usr/docker <zroot>/docker
	-
	-And lastly enable the docker daemon
	-# sysrc -f /etc/rc.conf docker_enable="YES"
	-# service docker start
	-
	-(WARNING)
	-
	-Starting the docker service will also add the following PF rule:
	-
	-nat on ${iface} from 172.17.0.0/16 to any -> (${iface})
	-
	-Where $iface is the default NIC on the system, or the value
	-of $docker_nat_iface. This is for network connectivity to docker
	-containers in this early port. This should not be needed in future
	-versions of docker.
	-EOM
	-}
	-]

File Metadata

Mime Type: text/plain
Expires: Mon, Feb 9, 9:21 AM (21 h, 2 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 28562654
Default Alt Text: D21570.id61822.diff (53 KB)

D21570.id61822.diffNo OneTemporaryActions

D21570.id61822.diffView Options

File Metadata

Event Timeline

D21570.id61822.diff
No OneTemporary
Actions

D21570.id61822.diff
View Options